vungoctan Posted December 31, 2002 Share Posted December 31, 2002 Hi u guys, How do u think that we should encrypt the number in the cc field in the order table...if we can see it through phpMyAdmin, and somebody else al so can see & do freud now your turn, thanks for your efforts Link to comment Share on other sites More sharing options...
Guest Posted December 31, 2002 Share Posted December 31, 2002 My client dont accept cc but from what i read in the forum .... when customers do put cc # part of the cc# comes in an email and the other part is in the database !! Link to comment Share on other sites More sharing options...
dreamscape Posted December 31, 2002 Share Posted December 31, 2002 if someone is able to gain access like that to your database, then I'm afriad you have bigger problems than just CC#'s being stolen. The only thing necessary for evil to flourish is for good men to do nothing - Edmund Burke Link to comment Share on other sites More sharing options...
Guest Posted December 31, 2002 Share Posted December 31, 2002 in order to have the cc# split you need to specify the email address to have the middle part of the cc# to be sent to in the cc payment module in admin. It is advisable to have some sort of encryption on your email with the cc# in it. cheers barry Link to comment Share on other sites More sharing options...
TB Posted January 3, 2003 Share Posted January 3, 2003 Are you serious! Does the CC information get stored in my database! :? :? If so... How do I stop this from happening and what will be the effects of it? Why does it need to be stored there? Cheers, Tony "The price of success is perseverance. The price of failure comes much cheaper." Link to comment Share on other sites More sharing options...
Guest Posted January 3, 2003 Share Posted January 3, 2003 if you specify a split email address in the cc module then the cc number gets stored in the database with the middle 8 digits x'ed out 4000XXXXXXXX0002 the middle eight are not stored but sent to you via email when the order completes the checkout process. other info such as the expiry date are stored but without the cc number are pretty useless. For peice of mind as soon as you have collected the information from the email and the admin with regard to the cc details and have manually processed the payment i would delete the cc information from you database to keep in line with your privacy policy, thus minimising the effect of any unscrupulous individuals. cheers barry Link to comment Share on other sites More sharing options...
Snowman Posted January 3, 2003 Share Posted January 3, 2003 Im working on encryption of the CC numbers for the CVV for cc.php module at the moment. I plan to make the module either encrypt the whole number or encrypt the part of the number that is stored in the database. Of course storing you CC in a database is asking for trouble, but heaps do it...and even some of the big guys...(paysystems, amazon and others) Link to comment Share on other sites More sharing options...
Guest Posted January 3, 2003 Share Posted January 3, 2003 steve that sounds great, when do you estimate you'll have that ready? just so i can look out for it. cheers barry Link to comment Share on other sites More sharing options...
Snowman Posted January 3, 2003 Share Posted January 3, 2003 Literally doing it as i type this.. :lol: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.