Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

Why isn't CC information stored in an encrypted format?


Recommended Posts

Credit card information is stored in a non encrypted format in the database. Should anybody hack the server and do a SQL dump they would have all the credit card numbers on the server?


If orders are viewed in the admin section of OS Commerce that data would be passed in an unencrypted format, so a packet sniffer could grab it, right?


Anybody have any suggestions on this?


Link to comment
Share on other sites

Quite simple actually: don't use the credit card module.


Use paypal, 2checkout, authorize.net, any number of solutions out there that allow you to take credit cards without risking your customers cc numbers like this.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...