to accept Credit/Debit Card payments over the internet for inputting into a Manual/Offline Card Processing System.
Allows gathering of the following information:

o Card Holder's Name
o Card Type
o Card Number
o Expiry Date
o CVV Code
o Start Date (Switch/UK Maestro/Solo/American Express Only)
o Issue Number (Switch/UK Maestro/Solo Only)

Please Note: The CVV code and middle digits of the credit/debit card number are sent in an e-mail to the store owner. This means that the full details don't need to be stored on the server and is by far the most secure way to collect Card Details for manual/offline processing. The rest of the details can be accessed at all times through the "Orders" section of the Admin.
Okay, let's get this straight. In most cases collecting information online and then running it through an EPOS terminal in an offfline 'bricks and mortar' shop will put the shop owner in violation of the agreement they have entered into with Mastercard/Visa. You can end up with a visit to your shop, your EPOS terminal ripped out and be blacklisted for life from using thir services again.

Secondly, under current UK legislation and under Mastercard/Visa T's and C's you are not allowed to store credit card information in an online environment unless:
1. The card details are stored on a separate server, used only for that purpose, and which can only be accessed by the ip address of the store collecting the information.
2. The company storing the data will have to submit to an annual security audit, carried out by trained industry professionals experienced in security audits (the cost will run into 000's of pounds a year.

This is why, in the UK at least, the use of Credit Card modules on websites, to collect card data for manual processing, is a thing of the past.

In the case of a complaint from a customer about a fraudulent transaction on their card from a website collecting and storing card details the hosting company can end up with that whole server being seized.

Vger