Credit Card Security Problems

[Lanelle]

I'm having a random problems with security for credit cards. If 2 people are checking out at the same time, the software is populating the credit card data for person 1 with the credit card data for person 2. This has happened a couple of times and is becoming a problem.

 

Any help would be greatly appreciated.

 

Lanelle

[kgt]

You won't get any help unless you tell us which module you're using, what contributions you have installed, how often this has happened, etc.

[Lanelle]

I'm using osCommerce 2.2-MS2. I've installed some reporting contributions. Here are the contributions I have on the site:

 

Products Viewed

Products Purchased

Customer Orders-Total

Monthly Sales/Tax

Monthly sales

Stats clients

Monthly Sales/Tax

Customers/Products

 

Please let me know what other information you need.

 

Thanks,

Lanelle

[Lanelle]

I'm using osCommerce 2.2-MS2. I've installed some reporting contributions. Here are the contributions I have on the site:

 

Products Viewed

Products Purchased

Customer Orders-Total

Monthly Sales/Tax

Monthly sales

Stats clients

Monthly Sales/Tax

Customers/Products

 

Please let me know what other information you need.

 

Thanks,

Lanelle

 

This problem has happened only a couple of times. We don't get that much traffic.

 

Thanks,

Lanelle

[kgt]

Which credit card module/processor are you using?

 

Also, make sure you are using mysql to save sessions. In includes/configure.php:

 

define('STORE_SESSIONS', 'mysql');

[Guest]

and also check your sessions settings. osc admin->configuration->sessions->Prevent Spider Sessions.

 

If that switch was left to false means spiders are indexing your urls with sessions appended. If that's the case switch it to true and install something like the session regeneration so customers during login get a separate session id.

 

http://www.oscommerce.com/community/contributions,4112