Hi,
I am obviously very inexperienced with shopping carts so please parden what might be an obvious question - I took over an OScommerce account, basically for maintenance purposes and never realized until recently, that storing the cc#'s in plain text, was very much not what I should have been doing. The store is not a very busy one and I was able to set them up with a direct payment gateway about 3 weeks ago. I am just concerned about the time I had those card #'s out there - there were only about 17 of them and have no reason to believe there was any breach. I have since asked the customer to have someone else take on this account because this is just not my area of expertise obviously - should i be doing anything else?
Thank you so much.
Latest News: (loading..)
0
3 replies to this topic
#2
-
- Community Sponsor
-
- 7,730 posts
- Real Name:Geoffrey Walton
- Gender:Male
- Location:Norfolk, UK (close to the centre of the universe)
Posted 06 May 2008, 12:00
I would delete the numbers as well.
Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
Virus Threat Scanner
My Contributions
Basic install answers.
Click here for Contributions / Add Ons.
UK your site.
Site Move.
Basic design info.
For links mentioned in old answers that are no longer here follow this link Useful Threads.
If this post was useful, click the Like This button over there ======>>>>>.
#4
Posted 09 May 2008, 13:07
Hello Jennifer,
I'm sure you have done the right thing and when you have warned the customer, there is not more you can do. It's then their responsebility to be aware of any suspicion the transactions/draw from their card.
If you would like to know more about fraud and security when reciving online payments, please look at this post: http://forums.oscommerce.com/index.php?sho...=301702&hl=
I'm sure you have done the right thing and when you have warned the customer, there is not more you can do. It's then their responsebility to be aware of any suspicion the transactions/draw from their card.
If you would like to know more about fraud and security when reciving online payments, please look at this post: http://forums.oscommerce.com/index.php?sho...=301702&hl=
Kind Regards,
Thomas Pedersen
ePay Europe
Thomas Pedersen
ePay Europe
