Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Credit Card Security Code


TimMack

Recommended Posts

I am using Paypals Virtual Terminal feature to process credit cards manually. I am using the "CREDIT CARD" payment module on my site, however there is no option to submit the Credit Card Security Code (the numbers located on the back of the credit card). I need these numbers in order to process the credit card manually on PayPal. The Credit Card module on OS only asks for cardholder name, credit card number, and expiration date. Is there a simple way to add a field so that people can enter their security code?

Link to comment
Share on other sites

search to contribution section for CVV

 

However why are you risking card security doing it manually - why not install the correct modules and process the payments automatically?

Link to comment
Share on other sites

I am currently using the PayPal module and 2checkout. I just signed up for the Website Payments Pro but havent installed them yet. I like the Credit Card option on OS because the customer never leaves the site after entering the credit card info. I like 2Checkout, however I hate the fact that the customer has to leave my site to process the credit card, then click a link to come back to my site. Sometimes the customer doesnt see the link-back link and I dont get a detail of the order.

 

I have an SSL certificate.

 

I am curious... does anyone else use the Credit Card module and process the cards manually?

Link to comment
Share on other sites

  • 1 month later...
I am currently using the PayPal module and 2checkout. I just signed up for the Website Payments Pro but havent installed them yet. I like the Credit Card option on OS because the customer never leaves the site after entering the credit card info. I like 2Checkout, however I hate the fact that the customer has to leave my site to process the credit card, then click a link to come back to my site. Sometimes the customer doesnt see the link-back link and I dont get a detail of the order.

 

I have an SSL certificate.

 

I am curious... does anyone else use the Credit Card module and process the cards manually?

Link to comment
Share on other sites

 

I am curious... does anyone else use the Credit Card module and process the cards manually?

 

I would be very careful, have you had a professional security audit done ?.

 

The probelm is that the credit card module is storing all the customers credit card details "Unencrypted" in your database.

On top of that, the default installation of oSCommerce is very very insecure.

 

There is a lot of mis-information on the internet and in these (and other) support forums, which is downright dangerous to anyone doing online e-commerce. The instructions I see from people saying thing like "Just change all your directory and file settings to 777" make me cringe. Doing this one thing totally opens up your installation to be hacked, and yet it is a commonly given instruction to "fix" things. (It'll fix things allright, but not the way you would want if you only knew !.)

 

Anyway ... my point is, if you don't need peoples credit card details, then you don't want them, the risk is totally unnecessary, and with the oSc credit card module and the standard install, the risk would be considered very high.

 

If you are on any kind of shared hosting, you shouldn't be doing any e-commerce that involves storing of personal details, and **Especially** credit card details.

Link to comment
Share on other sites

search to contribution section for CVV

 

However why are you risking card security doing it manually - why not install the correct modules and process the payments automatically?

 

Hi!

 

Ive searched under contribution section for CVV, and I did not see anything on how to add that box, only that its a problem for a lot of people. Do you know where exactly it tells how to overcome the fact that the CC module does not have a box for adding the security code. Or, for that matter, as everyone mentions the unencrypted data part, what are the alternatives. I am new to this, so I guess i dont instinctively know what my options are for payments. Thanx!

 

Lisa

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...