-
where's my cc
where is my cc module for payment :O
should i use a previous version of zencart i have and use it or are there new lines of code in it?
supplied is a screenshot.
http://www.septictech.com/purchase/i...ncart-nocc.png
http://www.septictech.com/purchase/i...ncart-nocc.png
-
Re: where's my cc
Can't see the screenshot, but if you are looking for the offline/manual credit card option, it has been removed because it does not meet PCI requirements. Your merchant account would probably be in trouble if you tried to use an old version of the module.
-
Re: where's my cc
bummer, so i would have to use a different version till my company uses a different source of payment.
Thanks for your response.
-
Re: where's my cc
There isn't a "different version"...
Your company has a duty of care to its customers, and its service providers. Part of that duty is to ensure that payment can be made as safely and as securely as possible, and in compliance with the terms and conditions of your card provider.
Take immediate and proactive steps to configure a proper gateway.
-
Re: where's my cc
yes of course. thank you for your input
-
Re: where's my cc
I hope I am not coming across as too "forthright".
Let me illustrate why proper payment gateway configuration is important, so that you can go to your company's owners/directors, and explain this issue.
One of the most sensitive and vulnerable areas of eCommerce is the processing of card information. Each year, banks lose hundreds of millions of dollars to online fraud - a lot of it a result of insecure card data capturing systens in online shops. The cost of this means higher bank charges (for everyone) and that pushes up the cost of trading (for everyone).
So the banks have got together and devised more rigorous standards of card processing. ALL merchant banks now have PCI compliance as a Condition of Use in their agreements with online traders.
Reputable gateway services (such as Authorisenet, PayPal, SagePay) meet these standards by default, when the method used by the online retailer takes shoppers out of their site, to the payment gateway site, for card processing.
It IS possible to "embed" card processors on your site, but if you do this, then the server and the site's platform software MUST meet PCI standards.
If an online shop owner "bypasses" these systems, and fraud occurs, the consequences can be devastating to the business owner.
Assume that a hacker gets credit card data off your site, and then uses that to perpetrate massive fraud... let's say, $20,000 worth of fraud.
The bank will do the following:
1. Terminate your card processing facility - yes... even the EPOS facility you have in your "real" shop.
2. Ask you to pay back the $20,000 and all the costs the bank has incurred in locking down the compromised data - perhaps another $50,000 to $100,000...
3. Take legal action against you if you fail to pay up.
This can force a business to close, and depending on the legal persona that operates the company, may put individual people at risk. Your company's owners may be held personally liable for the losses. They could even lose their own personal property to finance the losses and the legal costs incurred.
Not worth the risk.... :no: