Guest Posted May 5, 2003 Share Posted May 5, 2003 Apparently California has enacted a law requiring that all e-commerce companies selling in California (all of us) must encrypt any credit card information stored in any database. Does anyone know a plug-in that will enable this sort of credit card encryption? Link to comment Share on other sites More sharing options...
Guest Posted May 6, 2003 Share Posted May 6, 2003 osCommerce does this...its known as MD5 Link to comment Share on other sites More sharing options...
Guest Posted May 7, 2003 Share Posted May 7, 2003 I have just installed today's (May 6) snapshot. Encryption does not seem to be working. When I look directly in the orders table cc_number field, the data is NOT encrypted. What is more, when I view orders remotely, the connection is via http not https. Since I can also view the CC number this way, this means that the CC number is being transmitted over the internet un-encrypted. Link to comment Share on other sites More sharing options...
Guest Posted May 7, 2003 Share Posted May 7, 2003 Encryption will work if you have a SSL certificate and the right path in both your catalog and admin includes/configure.php files HTH The_Bear Link to comment Share on other sites More sharing options...
networkdad Posted May 7, 2003 Share Posted May 7, 2003 Are you using the stock OSC CC.php payment module ? Take the burden off yourself. -Get an SSL Cert (they're cheap!) -Signup for a payment gateway service (2co, bluepay, authorize.net, etc) - Let them handle the burden of storing credit card info.. Good luck ;) Link to comment Share on other sites More sharing options...
Guest Posted May 8, 2003 Share Posted May 8, 2003 In catalog/includes/configure.php, I have ENABLE_SSL = true. Although orders do take place via SSL (and https), the CC number is still stored in the database unencrypted. What configuration paramenters must I set to have the CC number stored in the database in an encrypted format? Link to comment Share on other sites More sharing options...
burt Posted May 8, 2003 Share Posted May 8, 2003 I'm pretty sure that stock Osc does not encrypt CC numbers etc whether using SSL or not. There is a contribution which does do so however, released the other day. Check the contributions area, as I don't personally use it so it might not be exactly what you are looking for. Link to comment Share on other sites More sharing options...
M@rcel Posted May 8, 2003 Share Posted May 8, 2003 If you enter an emailaddress in the cc.php modulesettings in your admin. The creditcardnumbers are only partially stored in your database. The missing digits are emailed to you. Although the part in the db is still not encrypted, it isn't a cc-number anymore without the emailed missing digits. Greetings from Marcel |Current version|Documentation|Contributions| Link to comment Share on other sites More sharing options...
Guest Posted May 8, 2003 Share Posted May 8, 2003 Yeah... my mistake... was something else I had looked at that encrypted the numbers.... sorry for the confusion :oops: Link to comment Share on other sites More sharing options...
Starkness Posted May 27, 2003 Share Posted May 27, 2003 Any word on the cc encryption? Sorry, I am a newbie, and have searched for cc encryption, in the contributions section also, and can not find out whether or not cc encryption will work or not with oscommerce. If someone knows, please give me a link here. Thanks! Starkness Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.