Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Contribution or method to allow customer to save their credit card for later purchase?

purefusion

By purefusion
in General Support

Recommended Posts

purefusion

purefusion

Posted
Posted

Is there a way to allow customer to save their credit card for later purchase?

This can be input into the store as xxx-xxx-xxx-1234 if necessary, or we are currently using mcrypt.

 

We want to give the customer a choice for convenience.

 

Thanks,

Scott

vasttech

vasttech

Posted
Posted

There is not a contribution for doing this. Enabling this feature will open you up to audits by PCI (Payment Card Industry). I would highly recommend not doing it unless you are on your own dedicated servers in your own data center or at least in their own cages that only trusted employees of your company have access to. Should something happen, even the slightest hack, you are liable for large fines and potential lawsuits. For more info on this and the security requirements behind it see: https://www.pcisecuritystandards.org/

osCommerce Knowledge Base

osCommerce Documentation

Contributions

Guest

Guest

Posted
Posted
Is there a way to allow customer to save their credit card for later purchase?

This can be input into the store as xxx-xxx-xxx-1234 if necessary, or we are currently using mcrypt.

 

We want to give the customer a choice for convenience.

 

Thanks,

Scott

There is another way and is subject to the payment gateway's features. Some of them allow recurring payments (they do explain the protocol with their docs) where you setup a switch and you can bill the same cc ownere on regular periods. Then you deploy a script via a cron-job (or via your regular checkout) and that can charge the customer whenever you and he agreed on. So basically by activating that option you do not even need to keep anything on your store or to complicate things and the customer does not need to re-enter his cc info.

purefusion

purefusion

Posted
  • Author
Posted

Understood, but we don't want to keep the full number in the database. We intend to delete it, but want to leave available a xxxx-xxxx-xxxx-4351 (visa) version for the customer to pick if he originally choose to allow the system to "keep" the number for future orders. The server would not keep the full numbers all the time, just until we take the inital order, at which point it would be converted to the ...xx-4351 (visa) format. FYI, we are simply using the credit card module which encrypts the number in the database until it is removed by the order processor. We aren't using a gateway at this time.

 

I see that there aren't any contributions for this, but I think that would be the ideal method. We have a system locally that can store the credit card numbers if as required, as I'm sure many businesses do. And only trusted employees are able to access this system.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...