aerosmith Posted January 23, 2008 Share Posted January 23, 2008 Can anyone point me in the right direction when it comes to masking cvv2 in the database, I can't seem to locate any contribution for this. Greatly appreciate your time. Quote Link to comment Share on other sites More sharing options...
♥toyicebear Posted January 23, 2008 Share Posted January 23, 2008 (edited) Can anyone point me in the right direction when it comes to masking cvv2 in the database,I can't seem to locate any contribution for this. Greatly appreciate your time. You are not alowed to store cvv2 at all... (that also goes aplies even if it is masked or encrypte) Edited January 23, 2008 by toyicebear Quote Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce - Commercial Support Inquiries - OSC 2.3+ How To To see what more i can do for you check out my profile [click here] Link to comment Share on other sites More sharing options...
aerosmith Posted February 1, 2008 Author Share Posted February 1, 2008 You are not alowed to store cvv2 at all... (that also goes aplies even if it is masked or encrypte) Not exactly an answer to the question. There is obviously some contribs that let you aquire cvv2 numbers. And not all Merchant Services are the same, IPC compliant or not, If your merchant service lets you receive cvv2 numbers but no longer then 24hrs then there should be something that can delete the cvv2 upon request. Or masking once the order is complete. Has no one ever made or found something that will mask cvv2 and cc numbers that actually works? Quote Link to comment Share on other sites More sharing options...
dynamoeffects Posted February 1, 2008 Share Posted February 1, 2008 (edited) I'm not aware of one, but you can probably make something out of the one of the credit card masking contributions. However, toyicebear is correct in that you are not allowed to store Visa and Mastercard CVV2 numbers ever, not even encrypted and buried 10' in the ground. You're violating your merchant agreement by doing so and if your database is compromised, you will be liable and be subject to obscenely high fines by Visa/MC as well as possible legal action. This is not the call of your merchant account provider but directly from Visa/MC and is applicable to anyone processing those cards. I assure you that we are not exaggerating. Edited February 1, 2008 by dynamoeffects Quote Please use the forums for support! I am happy to help you here, but I am unable to offer free technical support over instant messenger or e-mail. Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.