Credit Card on File

[Guest Roger Huston]

Hello,

Our store sells products at time of delivery, but as customers use our product they will send them in for testing. At this time we must process another charge on their credit card. Since this secondary charge can be weeks or months later - depending on when they use the product, we need a way for customers to be able to update their Credit Card Info online.

Many stores have the ability to keep CC, or multiple CC information online. Is there a Mod for this? Anyone else done this?

- Roger

[Guest Roger Huston]

On a similar note, how do I access the CC info used for the purchase? I am sure it is encrypted, but I need a way to pull or use this information for later use.

[Guest Roger Huston]

Really, no one has ever needed to access the credit card number for a customer? I find that hard to believe?

[Guest bberman]

Really, no one has ever needed to access the credit card number for a customer? I find that hard to believe?

Don't worry, it's not just you. We just switched to CubeCart and are having the exact same problem.

Is there really no way to do this? Add it to the list of problems with CubeCart...wishing we had never switched to this system. It's like hiring a one-legged dwarf with only 7 fingers to play power forward on your basketball team.

[Guest Roger Huston]

Really, no one has ever needed to access the credit card number for a customer? I find that hard to believe?

Don't worry, it's not just you. We just switched to CubeCart and are having the exact same problem.

Is there really no way to do this? Add it to the list of problems with CubeCart...wishing we had never switched to this system. It's like hiring a one-legged dwarf with only 7 fingers to play power forward on your basketball team.

We use authorize.net. Someone told me I can get the info from them. I hope to test it today. I hope so, otherwise I will have to write something into the gateway to export the information. Eventually, I would love to use Authorize.net CIM module which is designed to do EXACTLY this. It will store and allow customers to update their personal and CC information, but the info is held at Authorize.net. However, even though a lot of people use this service, CubeCart developers have never heard of it.

[Guest bberman]

Really, no one has ever needed to access the credit card number for a customer? I find that hard to believe?

Don't worry, it's not just you. We just switched to CubeCart and are having the exact same problem.

Is there really no way to do this? Add it to the list of problems with CubeCart...wishing we had never switched to this system. It's like hiring a one-legged dwarf with only 7 fingers to play power forward on your basketball team.

We use authorize.net. Someone told me I can get the info from them. I hope to test it today. I hope so, otherwise I will have to write something into the gateway to export the information. Eventually, I would love to use Authorize.net CIM module which is designed to do EXACTLY this. It will store and allow customers to update their personal and CC information, but the info is held at Authorize.net. However, even though a lot of people use this service, CubeCart developers have never heard of it.

So did you figure out a solution for this? We were going to just enable the credit card capture payment gateway under modules, but the one problem with that is the worry that it won't fall under the PCI Compliance guidelines that are supposedly going to be rigorously enforced starting January 31, 2010.

Any advice??? We lost a big order today because our account had never been set up to verify international credit cards. When we called Authorize.net to fix the problem, they then said "Oh, well now you can just rerun the credit card and it should be fine."

Uh, yeah... unfortunately we CAN'T.

[Ausy]

Well surely you can contact the customer and ask them for their card details, I have to do this a lot for repeat telephone orders and the feedback from customers is they are glad no one has a record of their card details. If your customer is serious about a purchase there is no reason they won't spend a little effort to complete a purchase.

[Guest Roger Huston]

Well surely you can contact the customer and ask them for their card details, I have to do this a lot for repeat telephone orders and the feedback from customers is they are glad no one has a record of their card details. If your customer is serious about a purchase there is no reason they won't spend a little effort to complete a purchase.

This is true, but it adds cost overhead to the process which in turn raises the cost of the products. Let me ask you, would you rather do this task manually if you could do it automatically?

- Roger

[Ausy]

This is true, but it adds cost overhead to the process which in turn raises the cost of the products. Let me ask you, would you rather do this task manually if you could do it automatically?

- Roger

Personally I prefer not to have the worry of storing such sensitive information, and certainly a customer should at some stage be informed his details are stored and not just collected automatically. From a customers point of view I also shop online a lot, and quiet often given the chance I choose not to store my card details. I tend to trust stores like Amazon and the like but would be quiet worried doing it with less well known places.

Unless your a major internet store, customers imho prefer as much security as possible. PayPal for example is very successful because customers know they are going to the PayPal website to make transactions, in fact some of my customers insist on using it rather than paying by card although my site is quiet secure.

I also believe that it would be dangerous to have such facilities for storing card details built into shopping carts that quiet frankly any joe blogs can buy and set up in half an hour.

[Guest Roger Huston]

This is true, but it adds cost overhead to the process which in turn raises the cost of the products. Let me ask you, would you rather do this task manually if you could do it automatically?

- Roger

Personally I prefer not to have the worry of storing such sensitive information, and certainly a customer should at some stage be informed his details are stored and not just collected automatically. From a customers point of view I also shop online a lot, and quiet often given the chance I choose not to store my card details. I tend to trust stores like Amazon and the like but would be quiet worried doing it with less well known places.

Unless your a major internet store, customers imho prefer as much security as possible. PayPal for example is very successful because customers know they are going to the PayPal website to make transactions, in fact some of my customers insist on using it rather than paying by card although my site is quiet secure.

I also believe that it would be dangerous to have such facilities for storing card details built into shopping carts that quiet frankly any joe blogs can buy and set up in half an hour.

I agree in principle, but it does depend on your business. We deal entirely with corporate and government agencies which usually do not have corporate paypal accounts. We must take Credit Cards and one day, we will take orders by Invoice.

Also, we will integrate Authorize.net CIM module at some point so no personal information will be stored on our site, it will be stored on Authorize.net servers which I would view more secure than paper sitting in someones file or worse, on someone desktop in an unprotected Excel spreadsheet.

- Roger

[Guest asafisk]

For a small business storing payment card details is a very bad idea. Achieving PCI compliance is very expensive, time consuming, difficult and unnecessary, but it's the only way to go if you must store payments details.

There are of course plenty of alternatives. Most of the payment gateways that CubeCart integrates with are PCI compliant and can store card details for you.

An example, Secure Hosting, can store card details and in the event the customer's card is replaced the new card is used automatically.

Of course to get the payment systems working exactly the way you want may required a custom integration, using an API rather than the standard form submission. Still, hiring a good developer will be way cheaper than getting PCI compliant.

[Guest sunshine5555]

I realize that this is an old topic, but I am revamping my store and moved to CC4 in the mistaken belief that it would be better. Since I cannot process credit cards OFF LINE as I did with CC3 and a mod, I have a MAJOR ISSUE.

I will seriously be looking at other shopping carts in the near future. I will also NOT be recommending this software to anyone as I have in the past.