Dr Dre Posted November 20, 2008 Share Posted November 20, 2008 Is it possible to do offline credit card transactions.. Where the credit card info is emailed to the site owner via email in the order email via ssl encryption.. then the owner of the site would then charge the card ? Link to comment Share on other sites More sharing options...
♥geoffreywalton Posted November 20, 2008 Share Posted November 20, 2008 Transmitting cc info and then storing it is a big no no!!!! Talk to your cc processor and they will tell you the regulations in this area. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>. Link to comment Share on other sites More sharing options...
Dr Dre Posted November 20, 2008 Author Share Posted November 20, 2008 how about a call to confirm order... and they give their credit card info over the phone ? Link to comment Share on other sites More sharing options...
Forestshopkeeper Posted November 20, 2008 Share Posted November 20, 2008 how about a call to confirm order... and they give their credit card info over the phone ? The credit card payment option allows you to collect credit card info on the site. The outer 8 digits are transmitted with the order under your ssl encryption. The inner 8 digits are sent by seperate email. This is set up in the control panel. I recommend the CVV2 contribution to collect CVV information and then delete it from the db once you have processed the card. I also recommend immediate and permanent deletion of the inner 8 digits once you processed the card. In this way, you never have the entire cc number transmitted at one time and it is not stored on your server or computer. This has worked for me. Jim Link to comment Share on other sites More sharing options...
Dr Dre Posted November 20, 2008 Author Share Posted November 20, 2008 Jim, Can you explain this a little better... Is it that you are saying that i should install the "credit card" module in the modules section ?? Link to comment Share on other sites More sharing options...
satish Posted November 20, 2008 Share Posted November 20, 2008 split cc number setting will split cc number say the number was 123456789abcdefg then in db you have 1234********defg and thru email you get 56789abc. So at no time the complete numebr is in data abse hence is safew. Once You have processed delete the center 8 digits email. Satish Mantri Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does. Link to comment Share on other sites More sharing options...
Forestshopkeeper Posted November 20, 2008 Share Posted November 20, 2008 Jim, Can you explain this a little better... Is it that you are saying that i should install the "credit card" module in the modules section ?? On your admin panel, go to modules Then go to Credit card install if necessary set it to split the CC number and give it an email address to send the extra order info to. Hope that helps Jim Link to comment Share on other sites More sharing options...
WoodsWalker Posted November 20, 2008 Share Posted November 20, 2008 Hi Andre! Although it's perfectly possible to do as Satish and James suggest (I started out intending to do it this way myself), please be aware that you will almost certainly be in breach of the merchant agreement you have with your credit card processor, and will also be risking the security of your customers' information! Sorry to be the bearer of bad news, but better safe than sorry. Information is power! Here's a post where I outline the situation, with added links for more info. Post #1335341 Best wishes, ~Wendy Link to comment Share on other sites More sharing options...
WoodsWalker Posted November 20, 2008 Share Posted November 20, 2008 Oops, I missed your second post, Andre. :) Yes, it's fine to have the customer call to confirm the order (or you call them), and get the cc# that way. I even think there are contributions for this... I looked around, and just saw this one Order logging before payment processing which might be modified to suit your needs. Or perhaps someone else knows of a better one? Best wishes, ~Wendy Link to comment Share on other sites More sharing options...
Dr Dre Posted November 20, 2008 Author Share Posted November 20, 2008 so there isnt any safe way to do this ?? hrm... what about phone in to confirm order ? Link to comment Share on other sites More sharing options...
Forestshopkeeper Posted November 20, 2008 Share Posted November 20, 2008 Hi Andre! Although it's perfectly possible to do as Satish and James suggest (I started out intending to do it this way myself), please be aware that you will almost certainly be in breach of the merchant agreement you have with your credit card processor, and will also be risking the security of your customers' information! Sorry to be the bearer of bad news, but better safe than sorry. Information is power! Here's a post where I outline the situation, with added links for more info. Post #1335341 Best wishes, ~Wendy I have discussed this with my Merchant Services Provider and they have no problem as long as I do not store CC numbers on the computer. The CVV are destroyed as soon as validated and the middle 8 digits destroyed as soon as processed. The outer 8 digits of the CC are useless without the middle. If you are small like I am, the gateways would make more than I do because they get paid whether I process anything or not. If they were not so greedy, I would consider using them as well. Thanks Jim Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.