TimMack Posted February 26, 2007 Share Posted February 26, 2007 I am using Paypals Virtual Terminal feature to process credit cards manually. I am using the "CREDIT CARD" payment module on my site, however there is no option to submit the Credit Card Security Code (the numbers located on the back of the credit card). I need these numbers in order to process the credit card manually on PayPal. The Credit Card module on OS only asks for cardholder name, credit card number, and expiration date. Is there a simple way to add a field so that people can enter their security code? Quote Link to comment Share on other sites More sharing options...
Guest Posted February 26, 2007 Share Posted February 26, 2007 search to contribution section for CVV However why are you risking card security doing it manually - why not install the correct modules and process the payments automatically? Quote Link to comment Share on other sites More sharing options...
TimMack Posted February 27, 2007 Author Share Posted February 27, 2007 I am currently using the PayPal module and 2checkout. I just signed up for the Website Payments Pro but havent installed them yet. I like the Credit Card option on OS because the customer never leaves the site after entering the credit card info. I like 2Checkout, however I hate the fact that the customer has to leave my site to process the credit card, then click a link to come back to my site. Sometimes the customer doesnt see the link-back link and I dont get a detail of the order. I have an SSL certificate. I am curious... does anyone else use the Credit Card module and process the cards manually? Quote Link to comment Share on other sites More sharing options...
cliffr Posted April 6, 2007 Share Posted April 6, 2007 I am currently using the PayPal module and 2checkout. I just signed up for the Website Payments Pro but havent installed them yet. I like the Credit Card option on OS because the customer never leaves the site after entering the credit card info. I like 2Checkout, however I hate the fact that the customer has to leave my site to process the credit card, then click a link to come back to my site. Sometimes the customer doesnt see the link-back link and I dont get a detail of the order. I have an SSL certificate. I am curious... does anyone else use the Credit Card module and process the cards manually? Quote Link to comment Share on other sites More sharing options...
cliffr Posted April 6, 2007 Share Posted April 6, 2007 I am curious... does anyone else use the Credit Card module and process the cards manually? I would be very careful, have you had a professional security audit done ?. The probelm is that the credit card module is storing all the customers credit card details "Unencrypted" in your database. On top of that, the default installation of oSCommerce is very very insecure. There is a lot of mis-information on the internet and in these (and other) support forums, which is downright dangerous to anyone doing online e-commerce. The instructions I see from people saying thing like "Just change all your directory and file settings to 777" make me cringe. Doing this one thing totally opens up your installation to be hacked, and yet it is a commonly given instruction to "fix" things. (It'll fix things allright, but not the way you would want if you only knew !.) Anyway ... my point is, if you don't need peoples credit card details, then you don't want them, the risk is totally unnecessary, and with the oSc credit card module and the standard install, the risk would be considered very high. If you are on any kind of shared hosting, you shouldn't be doing any e-commerce that involves storing of personal details, and **Especially** credit card details. Quote Link to comment Share on other sites More sharing options...
Guest Posted April 12, 2007 Share Posted April 12, 2007 search to contribution section for CVV However why are you risking card security doing it manually - why not install the correct modules and process the payments automatically? Hi! Ive searched under contribution section for CVV, and I did not see anything on how to add that box, only that its a problem for a lot of people. Do you know where exactly it tells how to overcome the fact that the CC module does not have a box for adding the security code. Or, for that matter, as everyone mentions the unencrypted data part, what are the alternatives. I am new to this, so I guess i dont instinctively know what my options are for payments. Thanx! Lisa Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.