Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

(Newbie) Security worry - please advise.


Recommended Posts

Hi, I'm sorry I suck at osCommerce. I'm trying!

I'm just really pushed for time and can't get all the relevant information into my skull quick enough! :)


I've got a client that has a (NatWest) Streamline Merchant Account, so it made sense to upgrade that to include an internet merchant option on that a/c rather than open another one. So I've advised them to follow that path and also open an a/c with SecPay (I've spoken to both these 3rd parties on the phone and read their websites in depth) as I am happy that they will provide the required services.


My only issue is I have little idea on how to integrate osC to SecPay (although I'll sort it out eventually) and therefore I'm concerned that there may be security issues that I'm not as yet aware of.


I've seen other carts that have secure areas for 'My Account'. Is this necessary?

I mean, obviously it's password protected but I don't need to have it SSLed or anything mad like that do I?


I just need to know if there's anything I'm missing out on big time - this client is going to be doing a lot of business over the internet and I need to get this right first time and preferably by last week - ain't it always the way ;)


Sorry if I'm being a bit obtuse but I'm stuck for time and the docs here are sketchy at best.





Link to comment
Share on other sites

If a customer is putting credit card information into your website, you'll need SSL. If your credit card processor sees that you're running credit cards without SSL, they will not be happy with you. osCommerce has this built in - take a look at your configure.php file.


There's also a payment module in the stock osCommerce setup to deal with SECPay. I don't know how well it works, but it's at least a base.

Chris Dunning

osCommerce, Contributions Moderator Team


Please do not send me PM! I do not read or answer these often. Use the email button instead!


I do NOT support contributions other than my own. Emails asking for support on other people's contributions will be ignored. Ask in the forum or contact the contribution author directly.

Link to comment
Share on other sites

Hmm, I think most of my point was I am under the impression that SecPay handle all the payment gubbins. When I click yes to confirm order, I'm taken to a secure page on the SecPay website and therefore do not enter any CC details on my site.


The reason for the question was to merely discover if there were any other areas in osCom that require a high level of security. Bearing in mind, the only payment options that are likely to be provided are SecPay and pay by cheque...



Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...