Author Topic: How to Accept & store Credit Cards without a processor (manual processing)  (Read 110844 times)

thexman

  • Beginner
  • *
  • Posts: 15
Re: How to Accept & store Credit Cards without a processor (manual processing)
« Reply #45 on: September 28, 2010, 09:57:18 am »
Hi there, I have used this guys system twice now and it just works. Two files to replace and set-up a new payment type and you're away. I works for J1.5 now as well and I have just done this. I hope this is what you were after...

http://forum.virtuemart.net/index.php?topic=14955.0

Cheers, Nick

Xoltic

  • Beginner
  • *
  • Posts: 5
Re: How to Accept & store Credit Cards without a processor (manual processing)
« Reply #46 on: February 04, 2011, 15:02:11 pm »
Hi, i just want to know if this still working.
I'm using Joomla V. 1.5.18 and VM 1.1.6.

Because i need it.
And thnks for the help ^^

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27572
  • Always on vacation
    • Jenkin Hill Internet
Re: How to Accept & store Credit Cards without a processor (manual processing)
« Reply #47 on: February 04, 2011, 15:36:14 pm »
Still works, but if you are using Joomla 1.5.18 then you won't get PCI clearance to store numbers as it has known security risks, as does unpatched VM1.1.6

It is vital to have your server/software validated, as PCI is an absolute requirement for most card merchant services.
Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.6.8.10202 on Joomla 3.9.13 PHP 7.0.33

guida125

  • Beginner
  • *
  • Posts: 11
Hello everybody,

i am a newbie here. I am going to keep this post in my favorites.

My credit card module doesnt work with ps_authorize. I dont have the ID!
But it work with class ps_payment. It seems payments go fine. But is this save? or is it a must i have a SLL in my joomla site?

sorry for this dummie question, but i prefer to clear all my doubts before acting.

Regards,

guida

wendyP

  • Beginner
  • *
  • Posts: 25
I have checked & completed everything exactly as setout by jenkinhill at the start of this topic and my order checkout completion proceeds correctly.  Both the purchaser & vendor emails show only the last 4 digits with the first 12 hidden, the expiry date & CVV code, as expected.  However when I go to the backend to check the order, the order shows ALL of the 16 digits in the account number, the CVV code and expiry date.  I was expecting to see the last 4 digits hidden and to have to put the numbers together via the order and the email msg.  I am concerned this may breach compliance.  Why would this be happening and how do I correct this?

VM Version 1.1.5
Joomla 1.5.22

wendyP

  • Beginner
  • *
  • Posts: 25
OK found my problem... at the same time I was configuring this, my client also had another 'helper' on the case, who had hacked one of the admin files to show all 16 digits in the backend.  The client was unaware that this had been done and was alarmed as she realised she was not in compliance with her merchant.  It has now been returned to original files....  Phew I was tearing my hair out there.

At least I now know what hack to do - even if I wont' be using it, I have learned something.

AH

  • Global Moderator
  • Sr. Member
  • *
  • Posts: 3016
  • VirtueMart Version: 3.6.3
Showing full card details in e-mails is ridiculous, from a fraud perspective!!!

Payment Card Industry Data Security Standard (PCI DSS) is a global security standard set by the PCI Security Standards Council.  It applies to organisations that store, process or transmit cardholder information from any of the globally recognised card schemes, including Visa, MasterCard and American Express.


http://www.paypoint.net/online-payment-guides/getting-pci-compliant/
regards
A

Joomla 3.9.12
php 7.2

kasssim

  • Beginner
  • *
  • Posts: 35
  • Tanzania Safari Spemildt
    • Tanzania Safaris with Bobby Tours
have setup as instructed

but still the field of CREDIT CARD TYPE doesnt show

and i get the error please select credit card type

please help, am using : JOOMLA  1.5.22 AND VIRTUEMART : 1.1.8
Tanzania Safari Spemildt
www.bobbytours.com

paulbarl

  • Beginner
  • *
  • Posts: 11
Is there no extension available for this yet, I'm willing to pay for one

BruceM

  • Beginner
  • *
  • Posts: 3
I am also willing to pay for that. is there any extension? someone know something about it? It is very important to me.

911websiterepair

  • 3rd party VirtueMart Developer
  • Jr. Member
  • *
  • Posts: 253
  • We Can Do It!!
    • Virtuemart Programming and Customization Help - C H E A P !!!
  • Skype Name: mjones1256
our add orders as an admin for a customer does this from the backend only,   and it hides the first 12 credit card numbers as needed,    we would have to make it work from the frontend,   still risky with compliance,  but you guys can have what ever you want.

so, in the backend you can take the order and the cc info and save it for later processing.

how much are you guys willing to pay to have this done,      email me at 911websiterepair.com or support@joomlacache.com          i will see about doing it within your budgets.  it should not be difficult to make it work in the front end.

Best
Mike
joomla components, modules and extensions @ http://www.madeforjoomla.com
joomla development, customizations and repair spemildts, http://www.911websiterepair.com

Virtuemart 2.0 PayPalPro Module
Virtuemart 2.0 Fedex Shipping Module
Virtuemart 2.0 Express Order Module
Virtuemart 2.0 Authorize.net SIM payment module
http://www.VirtuemartMailOrderManager.com

paulbarl

  • Beginner
  • *
  • Posts: 11
Just tell us what you think it will cost to do please. Thing is Virtuemart does lack these things and its annoying, I have a CSCART for instance and it comes as standard, granted this is a paid for cart.

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27572
  • Always on vacation
    • Jenkin Hill Internet
Problem is that in many countries it is extremely difficult to get PCI clearance if you store credit card details on a webserver unless you are a major player like Amazon or Sony  ;)
And it is also prohibited to store the CVV with the card number.

To ensure PCI compliance of VirtueMart it is now preferable for the developers not to include card storage. This does not prevent the individual user of having the option to program or purchase an addon to do it, so they can use a PDQ or Customer Not Present terminal, but that is at their own risk.
Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.6.8.10202 on Joomla 3.9.13 PHP 7.0.33

paulbarl

  • Beginner
  • *
  • Posts: 11
Hi Kelvyn

Thanks for that, thats exactly what I want to do, I don't see the risk if it is on an SSL, are you talking more about the merchant finding out and banning you? This would be a problem

jenkinhill

  • UK Web Developer & Consultant
  • Global Moderator
  • Super Hero
  • *
  • Posts: 27572
  • Always on vacation
    • Jenkin Hill Internet
As part of the contract with the merchant service you are required to undergo PCI checks, and they must be informed if you are storing card data a server. You run the risk of big financial penalties if you get hacked or similar.

Useful information on http://www.homeofficesmallbusiness.com/finance/storing-credit-card-information-online and https://www.pcisecuritystandards.org/

SSL is only related to how you connect to a server, nothing to do with the security of data stored on a server.
Kelvyn

Jenkin Hill Internet,
Lowestoft, Suffolk, UK

Unsolicited PMs/emails will be ignored.

Please mention your VirtueMart, Joomla and PHP versions when asking a question in this forum

Currently using VM 3.6.8.10202 on Joomla 3.9.13 PHP 7.0.33