paws Posted March 30, 2008 Posted March 30, 2008 Hi All I am using OsCommerce for the first time and I find it great so far and these forums have been great debugging etc. I am just about finished testing and am going live. However I am concerned when testing my site that a user can login on a public computer and access the site, input all there details and make a purchase and log off. Then the next person to do the same and inputs their credit card details gets the last persons digits in the form? Any idea how to prevent this from happening? Many thanks
♥toyicebear Posted March 30, 2008 Posted March 30, 2008 For security if you wish to collect cc info manualy you need to be PCI compliant. Read more here.... Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce - Commercial Support Inquiries - OSC 2.3+ How To To see what more i can do for you check out my profile [click here]
paws Posted March 30, 2008 Author Posted March 30, 2008 Thanks for the link is this something I should ask my webhost? They set p the space and the SSl for the site?
♥toyicebear Posted March 30, 2008 Posted March 30, 2008 Thanks for the link is this something I should ask my webhost? They set p the space and the SSl for the site? Hi if you are on a shared server hosting you will not be able to be PCI compliant, so you should not collect cc info at all. Sign up for and use a payment gateway to process your cc payments. (something like authorize.net) Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce - Commercial Support Inquiries - OSC 2.3+ How To To see what more i can do for you check out my profile [click here]
paws Posted March 30, 2008 Author Posted March 30, 2008 Thanks for the link is this something I should ask my webhost? They set p the space and the SSl for the site? wow.. that's not good... so they conned me into buying SSL even though I can't legally take CC numbers :( I should ask for a refund!! my client has a EFTPOS terminal where he wanted to manually process the cards without going through a gateway which takes a larger percentage of money and is slower.. I will have to look more into this. I really appreciate your comments! Thanks
♥toyicebear Posted March 30, 2008 Posted March 30, 2008 wow.. that's not good... so they conned me into buying SSL even though I can't legally take CC numbers :( I should ask for a refund!! my client has a EFTPOS terminal where he wanted to manually process the cards without going through a gateway which takes a larger percentage of money and is slower.. I will have to look more into this. I really appreciate your comments! Thanks You should still have ssl to ensure that other customer info inputed is done so in a secure mather. Basics for osC 2.2 Design - Basics for Design V2.3+ - Seo & Sef Url's - Meta Tags for Your osC Shop - Steps to prevent Fraud... - MS3 and Team News... - SEO, Meta Tags, SEF Urls and osCommerce - Commercial Support Inquiries - OSC 2.3+ How To To see what more i can do for you check out my profile [click here]
Recommended Posts
Archived
This topic is now archived and is closed to further replies.