I'm stumped. I'm not so sure what is the answer to that question. I'll do some research in Google and get back to you if I got an anything. You should email the people at iPage as they probably could give you help..
Transmitting cc info and then storing it is a big no no!!!!.
Talk to your cc processor and they will tell you the regulations in this area...
How about a call to confirm order... and they give their credit card info over the phone ?
The credit card payment option allows you to collect credit card info on the site. The outer 8 digits are transmitted with the order under your ssl encryption. The inner 8 digits are sent by seperate email. This is set up in the control panel..
I recommend the CVV2 contribution to collect CVV information and then delete it from the db once you have processed the card. I also recommend immediate and permanent deletion of the inner 8 digits once you processed the card. In this way, you never have the entire cc number transmitted at one time and it is not stored on your server or computer. This has worked for me..
Can you explain this a little better....
Is it that you are saying that I should install the "credit card" module in the modules section ??..
Split cc number setting will split cc number.
Say the number was.
Then in db you have 1234********defg.
And thru email you get 56789abc..
So at no time the complete numebr is in data abse hence is safew..
Once You have processed delete the center 8 digits email..
On your admin panel, go to modules.
Then go to Credit card.
Install if necessary.
Set it to split the CC number and give it an email address to send the extra order info to..
Hope that helps.
Although it's perfectly possible to do as Satish and James suggest (I started out intending to do it this way myself), please be aware that you will almost certainly be in breach of the merchant agreement you have with your credit card processor, and will also be risking the security of your customers' information! Sorry to be the bearer of bad news, but better safe than sorry. Information is power!.
Here's a post where I outline the situation, with added links for more info..
Oops, I missed your second post, Andre..
Yes, it's fine to have the customer call to confirm the order (or you call them), and get the cc# that way. I even think there are contributions for this....
I looked around, and just saw this one.
Order logging before payment processing.
Which might be modified to suit your needs. Or perhaps someone else knows of a better one?.
This post has been edited by.
: 20 November 2008, 21:10..
So there isnt any safe way to do this ??.
Hrm... what about phone in to confirm order ?
I have discussed this with my Merchant Services Provider and they have no problem as long as I do not store CC numbers on the computer. The CVV are destroyed as soon as validated and the middle 8 digits destroyed as soon as processed. The outer 8 digits of the CC are useless without the middle..
If you are small like I am, the gateways would make more than I do because they get paid whether I process anything or not. If they were not so greedy, I would consider using them as well..
Is it possible to do offline credit card transactions.. Where the credit card info is emailed to the iPage site owner via email in the order email via ssl encryption.. then the owner of the iPage site would then charge the card ?