Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Simple Credit Card number colletion with encription ?


luis_hac

Recommended Posts

I need some help, I currently process credit cards on my local terminal (manually) for my OFF-line Customers. Now that I'm making an online shop I'll like to be able to process my Credit Cards the same way, without having to go to Paypal or the like.

 

I know that OS commerce by default can store the Credit Card number without encryptions (or transposing) the number, which I assume is very insecure.

 

Does any one have a suggestion on how to solve my problem ??

 

All I want is a Payment Module that will store the CC# in a safer way, (eje. CC# 1234-1234-1234-1234 stored like CC# 1245-1234-1234-1234, CC# first 4 digits plus 13 or something like that)

 

Thanks

Link to comment
Share on other sites

Check the implications of doing this.

 

You need to follow all sorts of "new" rules if you want to store cc details.

 

As a rule of thumb, only the very big and very secure do this now.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

I need some help, I currently process credit cards on my local terminal (manually) for my OFF-line Customers. Now that I'm making an online shop I'll like to be able to process my Credit Cards the same way, without having to go to Paypal or the like.

 

I know that OS commerce by default can store the Credit Card number without encryptions (or transposing) the number, which I assume is very insecure.

 

Does any one have a suggestion on how to solve my problem ??

 

All I want is a Payment Module that will store the CC# in a safer way, (eje. CC# 1234-1234-1234-1234 stored like CC# 1245-1234-1234-1234, CC# first 4 digits plus 13 or something like that)

 

Thanks

 

If you're going to store Credit Card details, I highly recommend you read this Blog post: http://pcianswers.com/2007/05/01/encryptio...pci-compliance/

 

In order to be compliant with PCI standards, you MUST encrypt credit card details. Simply performing a mathematical modification to the numbers will not suffice. AES encryption is the way to go, with stringent policies on encryption keys. It's just not worth the risk of the smackdown from processors or card providers in the event of compromise.

Edited by Psilocybeing
Link to comment
Share on other sites

I see, the reason why I'm wanting to still do the manual transaction is because some of my orders don't ship till a week later, I might have a QC problem with a product and not be able to ship it till a month later, So I don't want the customer mad at me for running his credit card before I ship the product.

 

Any suggestions ??

Link to comment
Share on other sites

Most of the payment processors gives you the option to authorize a cc payment when the customer shops in your shop and w then after you have shipped the items to the customer you can activate the withdrawal of the funds from his/hers account.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...