Sure, feel free to hack the following out of the code ... just remove these lines, around line 375:
Code:
array('title' => MODULE_PAYMENT_PAYFLOW_TEXT_CREDIT_CARD_NUMBER,
'field' => substr($_POST['paypalwpp_cc_number'], 0, 4) . str_repeat('X', (strlen($_POST['paypalwpp_cc_number']) - 8)) . substr($_POST['paypalwpp_cc_number'], -4)),
I fundamentally believe it's wrong to do that, because the whole reason for partial card number to be shown on the confirmation screen is simply to remind the customer which card you're about to charge as per their request. I think their concerns are unfounded paranoia. But if that's the kind of clientele you attract, then of course you'll want to avoid their fears in order to capture the sales.
Bookmarks