middle eight digits - where are they?

[jenpen]

We have recently upgraded from 139h to 153. Does it handle CC details differently? We are not getting an email with the middle digits.

[jenpen]

OK, got the answer from that handy list of related threads at the bottom of this post. The settings for this email are in the module settings, not the configuration > Email settings. And it was nothing to do with the upgrade, just an email issue that happened around the same time.

[DrByte]

Just to clarify, especially for other readers of this discussion: Modern versions of Zen Cart DO NOT STORE ANY CREDIT CARD NUMBERS, NOR PARTIAL MIDDLE DIGITS, and DOES NOT EMAIL CARD NUMBERS.

If you have that functionality on your site, then you're using a VERY old obsolete version of Zen Cart, or you've copied those dangerous module files from a very old non-pci-compliant version, or you're using an addon which has created the capability.

IT IS NOT (AND NEVER HAS BEEN) SAFE TO STORE OR EMAIL CREDIT CARD DETAILS. Doing that leaves you vulnerable to fraud and theft, and the related financial liabilities per the contract you've signed with your credit card processing service. Be sure you understand the risks you're taking!

[jenpen]

So is there another way to accept CCs on Zen Cart now?

[DrByte]

Yes: You've always had the ability to use a live-processing payment gateway. To do that, you ask your bank which gateways they support, then either use one of the built-in gateways if they're in their list, or a plugin suitable for the required gateway.
That way cards are processed in real-time, and the numbers are never present on your server ... which is much more secure.

Your bank may charge a small additional fee to enable a gateway on your account. On the plus side you won't have to manually key in card numbers anymore!