.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Yes. I answered that already, above:
If the storeowner wants to collect payments from his customers, then he/she can certainly set up a live payment gateway for processing transactions in real time ... just like tens of 1000s of other shops already do today.
Zen Cart has always offered the ability to work with multiple gateways out-of-the-box or "off-the-shelf" as you say. There are many additional payment module addons available to communicate with other gateways offered for various merchant account services.
I'm puzzled by the observation that it seems you've been using Zen Cart for several years but haven't any exposure to the concept of using a live gateway? https://www.zen-cart.com/tutorials/i...hp?article=285
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
My apologies for not being clear.
Rest assured we have had extensive discussions with our CPA, Attorneys, and the cc processor to ensure we are doing the "right stuff". I understand you are trying to counsel me to best practices. I appreciate that.
So just to we're 100% clear. I install, host, and configure the software for the client. The client receives the order, ships from their stock, and bills the consumer. Since the physical server is in a seperate location from the client, they've either got to use Authorize.net or the offline cc module.
Right now they do not want to use Authorize.net because their existing brick and mortar business uses a different solution and they do want to have another. We experienced a problem twice where the middle digit email did not reach them, a total of 3 orders. However once they hit the order volumes they expect we could potentially lose a lot more middle digit emails that would require a lot of embarrassing phone calls to the consumers that purchased.
So what I'm looking to assist them with is finding a way to ensure they they do not lose their customers credit-card information. I am NOT going to circumvent the system by storing the whole number. I'm not taking that liability. So how do I help them with this? That's the advice I really need.
Is there an outside solution that I can easily get them the cc information from their store in a more reliable manner? For example, could use us Authorize.net to securely pass the cc information at the point of order execution and still use their existing cc processor?
That's cool ... I'm also mindful that there will be others who come along to read this discussion afterwards too :)
Well ... who are they using as a merchant account service provider? Does that provider offer an online live gateway service? That would be your best solution.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
I'll have to investigate that. presumably integration would require a custom payment module to be built for that?
Perhaps ... it all depends who the provider is and whether a module is already available, or at least something close which can be adapted.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Bookmarks