Jump to content
Sign in to follow this  
luis_hac

Simple Credit Card number colletion with encription ?

Recommended Posts

I need some help, I currently process credit cards on my local terminal (manually) for my OFF-line Customers. Now that I'm making an online shop I'll like to be able to process my Credit Cards the same way, without having to go to Paypal or the like.

 

I know that OS commerce by default can store the Credit Card number without encryptions (or transposing) the number, which I assume is very insecure.

 

Does any one have a suggestion on how to solve my problem ??

 

All I want is a Payment Module that will store the CC# in a safer way, (eje. CC# 1234-1234-1234-1234 stored like CC# 1245-1234-1234-1234, CC# first 4 digits plus 13 or something like that)

 

Thanks

Share this post


Link to post
Share on other sites

Check the implications of doing this.

 

You need to follow all sorts of "new" rules if you want to store cc details.

 

As a rule of thumb, only the very big and very secure do this now.


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites
I need some help, I currently process credit cards on my local terminal (manually) for my OFF-line Customers. Now that I'm making an online shop I'll like to be able to process my Credit Cards the same way, without having to go to Paypal or the like.

 

I know that OS commerce by default can store the Credit Card number without encryptions (or transposing) the number, which I assume is very insecure.

 

Does any one have a suggestion on how to solve my problem ??

 

All I want is a Payment Module that will store the CC# in a safer way, (eje. CC# 1234-1234-1234-1234 stored like CC# 1245-1234-1234-1234, CC# first 4 digits plus 13 or something like that)

 

Thanks

 

If you're going to store Credit Card details, I highly recommend you read this Blog post: http://pcianswers.com/2007/05/01/encryptio...pci-compliance/

 

In order to be compliant with PCI standards, you MUST encrypt credit card details. Simply performing a mathematical modification to the numbers will not suffice. AES encryption is the way to go, with stringent policies on encryption keys. It's just not worth the risk of the smackdown from processors or card providers in the event of compromise.

Edited by Psilocybeing

Share this post


Link to post
Share on other sites

I see, the reason why I'm wanting to still do the manual transaction is because some of my orders don't ship till a week later, I might have a QC problem with a product and not be able to ship it till a month later, So I don't want the customer mad at me for running his credit card before I ship the product.

 

Any suggestions ??

Share this post


Link to post
Share on other sites

Most of the payment processors gives you the option to authorize a cc payment when the customer shops in your shop and w then after you have shipped the items to the customer you can activate the withdrawal of the funds from his/hers account.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×