flyhead Posted January 8, 2009 Share Posted January 8, 2009 We have a new site ready to go live and have a few questions. We have a walk in business that we use Quickbooks for our Merchant Account and would like to continue you process cards the same way we currently do. My question is I have tested orders using my own personnel CC and can not find where the card information is located. We are not concerned that we have a on demand accept/decline internet Merchant Account since out product takes a few days to produce. Many of our current customers give a card number over the phone and we run the card using the method mentioned. -Is there a way to receive the CC number with OSC and process the way we are currently? Information would be deleted ASAP. -If so where can I find the CC info? Thanks Link to comment Share on other sites More sharing options...
markg-uk Posted January 9, 2009 Share Posted January 9, 2009 This is not recommended (and there a lot of threads covering this), you're storing the credit card information in the database. Doesn't matter if you delete it after processing. You will also probably find that your offline merchant account won't allow you processing sales like this. If I found out a shop did this with my details I'd not be too happ :) Get a proper internet merchant account. Link to comment Share on other sites More sharing options...
flyhead Posted January 9, 2009 Author Share Posted January 9, 2009 This is not recommended (and there a lot of threads covering this), you're storing the credit card information in the database. Doesn't matter if you delete it after processing. You will also probably find that your offline merchant account won't allow you processing sales like this. If I found out a shop did this with my details I'd not be too happ :) Get a proper internet merchant account. Mark Thanks for you help. I understand what you are saying. I guess I ask myself and I hope you can help me understand. What is the difference between our 22 year old company taking approximately 50ish transactions a month from people calling us with there CC number for their product and taking it via online? Thanks Link to comment Share on other sites More sharing options...
Dennisra Posted January 9, 2009 Share Posted January 9, 2009 You can do what you are asking about. Don't be scared off. You just need to get educated. http://www.pcicomplianceguide.org/merchants.php http://en.wikipedia.org/wiki/PCI_DSS Link to comment Share on other sites More sharing options...
markg-uk Posted January 12, 2009 Share Posted January 12, 2009 Mark Thanks for you help. I understand what you are saying. I guess I ask myself and I hope you can help me understand. What is the difference between our 22 year old company taking approximately 50ish transactions a month from people calling us with there CC number for their product and taking it via online? Thanks The difference is that the data is stored on your server with the default CC module, I'm not even sure its encrypted by default. Think of it from a buyers point of view, would you want your credit card stored on someone's server that is online? Even the best hosts get hacked one time or another. You can't store the CVV number, which is where the links above come into play. For 50 off, its not worth the hassle getting compliant, just use a gateway which is compliant (if in the UK, something like secpay or protx). Plus you can then also use the verified by visa/mastercard securecode programs (more security). I was in the same boat as you - already had an offline merchant account and wanted to take online orders. It just wasn't worth the hassle using the default module. Best give your bank/merchant account a phone call for pointers :) There might even be a compatible payment module for Quickbooks here Link to comment Share on other sites More sharing options...
flyhead Posted January 13, 2009 Author Share Posted January 13, 2009 The difference is that the data is stored on your server with the default CC module, I'm not even sure its encrypted by default. Think of it from a buyers point of view, would you want your credit card stored on someone's server that is online? Even the best hosts get hacked one time or another. You can't store the CVV number, which is where the links above come into play. For 50 off, its not worth the hassle getting compliant, just use a gateway which is compliant (if in the UK, something like secpay or protx). Plus you can then also use the verified by visa/mastercard securecode programs (more security). I was in the same boat as you - already had an offline merchant account and wanted to take online orders. It just wasn't worth the hassle using the default module. Best give your bank/merchant account a phone call for pointers :) There might even be a compatible payment module for Quickbooks here Mark---Thanks I would look into it. I appreciate your help. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.