Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Security CC code


s4michi

Recommended Posts

Hi everybody,

 

I've read manuals and webs but I'm still lost in all the world related with osCommerce. So I hope you guys can help me out with some guidelines.

 

I'm updating the store (so, I didnt have to do all the installation process) and one of the things I would like to update is related with the payment.

Once the customer select the item and is doing the check-out, she is asked for the Credit Card information (CC owner, CC number and CC expiry date) but not for the 3 digits security number on the back of the CC.

 

Basically, without that number we would need to call each customer and confirm it over the phone which is not the best option, I am trying to set it up but I do not really know how to.

 

In osCommerce the modules active in payments are:

- Credit Card (Not For Production Use)

- Payflow Link

 

 

Any idea of what/how to do it?

 

I appreciate you all the time and help.

 

Best,

Link to comment
Share on other sites

If you do choose to use the credit card feature, this contribution allows the capture of the CVV. However, be aware that the capture and storage of Credit Card information requires the store owner to be PCI compliant and even this does not limit the liability of storage of this information.

 

 

http://addons.oscommerce.com/info/2954

 

 

 

Chris

Link to comment
Share on other sites

This module is not intended to be used with real credit cards from real customers. It is only for demonstrating concepts. You should not be trying to use it.

 

Thank you for the information. What module should I use?

Link to comment
Share on other sites

Chris, thank you for the information.

Right now I cannot install any addon.

Who would process your credit cards once you capture the information? That is who you should start with. If you do not yet have a credit card processor then you need to find one. I would search for one that has a drop in module (that they support) that you can use. It is simply a couple of files you upload to specific places to your site, then configure and start using. No code changes or contributions to add.

 

One of my shops use USA ePay that provided the drop in module. Works great.

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

- Credit Card (Not For Production Use)

This module is not intended to be used with real credit cards from real customers. It is only for demonstrating concepts. You should not be trying to use it.

 

correct, but majority people can't be bothered to read and think about security and usage this module.

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

Who would process your credit cards once you capture the information? That is who you should start with. If you do not yet have a credit card processor then you need to find one. I would search for one that has a drop in module (that they support) that you can use. It is simply a couple of files you upload to specific places to your site, then configure and start using. No code changes or contributions to add.

 

One of my shops use USA ePay that provided the drop in module. Works great.

 

The credit cards would be process manually amd client would be charged from our phisical stores where we have all the sales point that any store has.

I am trying to find out what a "drop in module" is but i am not sure yet. Also. I can not change any code or add any file outsite of OsCommerce.

Even I go to Admin>Tools>File Manager is says: The requested URL /shop/admin/file_manager.php does not exist.

Link to comment
Share on other sites

correct, but majority people can't be bothered to read and think about security and usage this module.

 

I'm trying to read as much as possible but I completely new to anything related with OsCommerce, programing and even English is not my language.

Also the store was built and I was told it worked but have no privilage to change anything on it other than the basic options you can manage from OsCommerce Admin page.

 

I know that is annying to ask always the same questions but I just couldnt find any answer to it in the forums/manuals I was able to see so far.

 

Thank you.

Link to comment
Share on other sites

The credit cards would be process manually amd client would be charged from our phisical stores where we have all the sales point that any store has.

I am trying to find out what a "drop in module" is but i am not sure yet. Also. I can not change any code or add any file outsite of OsCommerce.

Even I go to Admin>Tools>File Manager is says: The requested URL /shop/admin/file_manager.php does not exist.

First, talk to your processor. If you are not yet set up to do online transactions then your agreement with them will have to be amended. Online transactions (card not present) present a different level of risk for the processor and therefore they will want to talk about that...

 

A 'drop in' module is one that is a set of files that you simply add to your store directory in the right place and osC will recognize it and it will work, without having to make any code changes.

 

As for your file manager...it's good that it does not work. It is a security rish to have it there anyway. Read the security forum topic "How to secure my site" (Link in my signature.)

Edited by mdtaylorlrim

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

First, talk to your processor. If you are not yet set up to do online transactions then your agreement with them will have to be amended. Online transactions (card not present) present a different level of risk for the processor and therefore they will want to talk about that...

 

A 'drop in' module is one that is a set of files that you simply add to your store directory in the right place and osC will recognize it and it will work, without having to make any code changes.

 

As for your file manager...it's good that it does not work. It is a security rish to have it there anyway. Read the security forum topic "How to secure my site" (Link in my signature.)

 

 

Hi.

Thanks for all the help but there are still many details I dont understand.

I was checking this http://www.authorize.net/solutions/merchantsolutions/pricing/ . By having that the payment would be processed directly on the website? I also the option of Authorize.net Credit Card AIM and Authorize.net Credit Card SIM, which one would this be?

Also, related with the merchant account, is it a free account or does it carry fees with the bank?

 

Sorry for all the basis questions but I dont even have time to find out more about it.

 

Thank you.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...