Split Credit Card Emails

[gayleamy]

I keep finding threads discussing the inherent insecurity of the offline processing module - which I completely understand, and will be getting my client to a payment gateway as soon as they can set it up with their merchant account provider.

However, I also seem to be reading that it's only the middle 8 digits of the CC which should be being sent to the admin email with each order - but I'm receiving both that Email, and the copy of the confirmation sent to the customer; which contains the first and last four digits. Therefore, all 16 digits are being Emailed.

I've tried to turn-off some of the Emails in the Admin (Config > Email Options > Send Copy of Order Confirmation Emails to - I've erased the address here), and I'm still getting both. I'd like to cut that down to just the middle eight Email, so that they can then log-in to admin, check the new order, and see the other 8 digits... This seems much more secure - albeit for a temporary, overall insecure method...

Any thoughts of how to do this? (There was another thread about this posted back in July, but the guy came up with a solution and... Didn't post what it is.)

Thanks!

[DrByte]

You can set two different email addresses, and you can turn one off altogether:

Admin->Modules->Payment ... edit the settings of the Offline CC module, and specify the desired email address.

Admin->Configuration->Email Options ... set the email address for "Extra Order Confirmation Emails Address", or change the "Extra Order Confirmation Emails Status" to 0 to turn it off altogether.

[gayleamy]

Sorry I left this for so long without saying: Thank you for your reply and help!

Exactly what I needed.

[stride-r]

or change the "Extra Order Confirmation Emails Status" to 0

Is this option available on ver 1.3.8? If so, mine doesn't have it. Of course, I do have the "Extra Order Confirmation Emails Address" setting ...but I do not see a status toggle associated with this.

[stevesh]

I don't think there's a switch - it's just whether or not you enter an email address when configuring the payment module.

[DrByte]

or change the "Extra Order Confirmation Emails Status" to 0

Is this option available on ver 1.3.8? If so, mine doesn't have it. Of course, I do have the "Extra Order Confirmation Emails Address" setting ...but I do not see a status toggle associated with this.

My bad. There's no switch. Just leave the email address blank if you want to disable it.

[stride-r]

My bad. There's no switch.

LOL - no problem. I just though my admin was missing something. ;-)