Results 1 to 3 of 3
  1. 24 Jun 2010, 12:54 AM #1
    purelife
    purelife is offline New Zenner
    Join Date
    May 2010
    Posts
    8
    Plugin Contributions
    0

    Default Are credit card information ever stored on the cart/server host?

    Are credit card information ever stored on the cart/server host? I can't find a setting in the admin or in manual about an option to store or not to store credit card information. i tested virtuemart and there was a part to uncheck mark the store credit card information.

    Does zen cart have something similar?

    I just checked out a few carts that talk about PCI Compliance on their website description. Does zen cart have any of these features?

    CS-Cart
    ----------------
    Cardholder data protection in CS-Cart is provided for both offline and online payment methods. In case of offline order processing cardholder data is encrypted with the Blowfish algorithm and stored to the CS-Cart database. After the order is processed, the credit card information can be deleted automatically.

    If the order processing is carried out online, double protection is possible. In addition to the Blowfish encryption, data can also be encoded with the certificate-based encryption during transmission over networks, as CS-Cart supports SSL certificates of all types.



    Avactis Cart
    ------------

    Cardholder and card data stored in database is encrypted by RSA algorithm. Private key is located at store administrator’s local computer only.

    Cardholder and card data collected during checkout is encrypted by Blowfish algorithm. Secret key is passed using HTTPS encryption only.

    In order to view credit card data, store administrator has to upload his private key from his local computer.

    After key upload the data is decrypted and displayed, while the key is instantly deleted. All these operations are performed over an HTTPS connection to make data interception impossible
  2. 24 Jun 2010, 01:06 AM #2
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,373
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: lp Are credit card information ever stored on the cart/server host?

    Quote Originally Posted by purelife View Post
    Are credit card information ever stored on the cart/server host?
    If you are using the latest version of Zen Cart (presently v1.3.9), then the answer is no.
    That is, using unaltered Zen Cart code, there is NO credit card PAN storage happening anywhere.

    If you customize the code to store PAN information, or add addons which do store it in some way, then that's something you need to address yourself and report on your PCI Compliance self-assessment.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
  3. 24 Jun 2010, 01:51 AM #3
    Kim's Avatar
    Kim
    Kim is offline Obaa-san
    Join Date
    Jun 2003
    Posts
    33,715
    Plugin Contributions
    0

    Default Re: lp Are credit card information ever stored on the cart/server host?

    Just curious ... you indicated in one of your first posts that you were using PayPal Pro. If that is the case, why are you so interested in PCI compliance?
    Please do not PM for support issues: a private solution doesn't benefit the community.

    Be careful with unsolicited advice via email or PM - Make sure the person you are talking to is a reliable source.
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. v150 how to directly show credit card information on the payment information page?
    By lina0962 in forum Built-in Shipping and Payment Modules
    Replies: 3
    Last Post: 11 Mar 2014, 03:33 PM
  2. Credit card outer digit not being stored on Database
    By edgecrusher in forum Built-in Shipping and Payment Modules
    Replies: 8
    Last Post: 24 Apr 2009, 10:54 AM
  3. does offline credit card processing verify the information?
    By tarynhipp in forum Built-in Shipping and Payment Modules
    Replies: 3
    Last Post: 13 Apr 2008, 09:48 PM
  4. My client wants to Store Credit Card numbers encrypted in the database on the server
    By infocom in forum Built-in Shipping and Payment Modules
    Replies: 14
    Last Post: 30 Mar 2008, 12:32 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR
Content and Graphics Copyright (c) 2003 - 2024 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC