slic535 Posted April 5, 2015 Share Posted April 5, 2015 I am trying to use the card capture but it wont show the credit card details anywhere. where do I find them at? I am using 5.2.14 Quote Link to comment Share on other sites More sharing options...
bsmither Posted April 5, 2015 Share Posted April 5, 2015 CC5214 should be of a recent-enough version that if you are not accessing your admin site under SSL protocol, then CC will not give you those details. Can you confirm you are accessing admin under https protocol? I would believe you have SSL as any customer would want that when they are entering their card info. If all is as above, there should be a tab "Card Details" when viewing the Order Summary for any given order. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted April 5, 2015 Share Posted April 5, 2015 Hi You dont have a SSL certificate installed, so credit card details will not be displayed - this is a basic form of security. Do you realise the security and PCI implications of using this payment gateway to store card details like this - configuring an SSL is the first of a great number of security steps you will need to undertake in order to use this ! Ian Quote Link to comment Share on other sites More sharing options...
slic535 Posted April 5, 2015 Author Share Posted April 5, 2015 no I don't have ssl hooked up. I see the part it says card details but it only shows view under ssl. so if I get the ssl it will show it to me correct? Quote Link to comment Share on other sites More sharing options...
bsmither Posted April 5, 2015 Share Posted April 5, 2015 Actually, my previous reply is not true as stated. If a Card Capture was successful, there would be encrypted details of the card used in the database table CubeCart_order_summary, `offline_capture` field. If there was data recorded there, it would show in the Card Details tab. If you are not under https, then the tab would still be there, but show "View under SSL". It's a basic form of security, but easily programmed around -- if you want to assume the risks of doing that. Quote Link to comment Share on other sites More sharing options...
slic535 Posted April 5, 2015 Author Share Posted April 5, 2015 how do we do it? credit cards are secured by the card companies. could I not erase the card data after use? Quote Link to comment Share on other sites More sharing options...
bsmither Posted April 5, 2015 Share Posted April 5, 2015 "credit cards are secured by the card companies" That is wrong and incorrect thinking in so many ways. Yes, I believe there is a link to have CubeCart delete the card data from the database. Quote Link to comment Share on other sites More sharing options...
havenswift-hosting Posted April 6, 2015 Share Posted April 6, 2015 It's a basic form of security, but easily programmed around -- if you want to assume the risks of doing that.Brian - I know you are trying to be helpful and by-passing the requirement is a very easy code change, but I strongly believe offering a solution is wrong, especially to somebody that obviously doesnt understand the security and PCI implications of using this gateway in the first place. how do we do it? credit cards are secured by the card companies. could I not erase the card data after use?How can the credit card details be secured by the card companies - you are storing them in your own database. Yes, there is a way to erase the card details but you are capturing them and storing them, it makes no difference for how long. You are using this method already on live stores and as you dont have a SSL then undoubtedly you have also not bothered with PCI validation either in which case you have opened yourself up to HUGE fines and lawsuits if any data is stolen Ian Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.