angel17846 Posted January 21, 2005 Share Posted January 21, 2005 I am working on my first online store for a very good client. She has a merchant account that allows for "Card Not Present" transactions. She is allowed to manually punch the credit card information in online with the merchant account's "virtual terminal". I have already talked directly to her merchant account provider. She wants a way for me to let them shop on her site, submit their order with their credit card information, then send the entire order to her to process. I'm scared about this because, although she will have an SSL certificate, I will still be working on a shared server. What is the best way to handle this? Send encrypted through email? Save in a database (sounds risky)...??? Any help is appreciated. Angel Link to comment Share on other sites More sharing options...
dakatone Posted January 22, 2005 Share Posted January 22, 2005 Ugh, manual entry. :-" Well, osCommerce come with standard Credit Card payment modules that allow for the e-mailing of the credit card numbers X'd out in the administrator's area. This, coupled with an SSL (even shared), is good protection. Presuming only she can access the mail box where the e-mail is sent, only she can see and thus use (properly) the credit card information. I have had numerous colleagues do this and as long as her Privacy Statement is valid and applicable, she should be fine. Ruhl Link to comment Share on other sites More sharing options...
angel17846 Posted January 22, 2005 Author Share Posted January 22, 2005 Ugh, manual entry. :-" Well, osCommerce come with standard Credit Card payment modules that allow for the e-mailing of the credit card numbers X'd out in the administrator's area. This, coupled with an SSL (even shared), is good protection. Presuming only she can access the mail box where the e-mail is sent, only she can see and thus use (properly) the credit card information. I have had numerous colleagues do this and as long as her Privacy Statement is valid and applicable, she should be fine. Ruhl <{POST_SNAPBACK}> Yes, manual entry. She is only saving a few bucks a month by doing this too, so I am really discouraging her. Also, if she decides to change to real-time processing later, her merchant account provider (Quickbooks), doesn't support osCommerce shopping carts. I would rather just stick to a gateway and let them worry with the major security issues. Thanks so much for your help! Angel Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.