Hello,
No Credit card information of any type is sent to OpenSRS. The
functionality as it stands in the reg_system.cgi will e-mail the
information to you, the RSP (via templates/reg_system/message.txt).
If you don't want credit card information or validation:
1) Turn off validation in OpenSRS.conf
2) Remove the fields from the order.html/new_order.html templates
3) Remove the fields from message.txt
Personally, we stripped out all of the default cc information and replaced
it with our own real-time cc processing system.
> why are creditcard numbers and authorization information sent to the
> opensrs? In reg_system.cgi the creditcard and expiration date are sent to
> the opensrs servers but TuCoes does nothing with this data.
>
> I would prefer that my customers CreditCard number and experation date
> were not sent or required to be sent, if you guys aren't charguing the
> card it would be better not to have it floating across the net, and I sure
> don't want the clear text card numbers in some log file that is not
> even secured.
>
> I bet no one even knew their clients card numbers were even being sent
> to the opensrs ;-)
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:18 EDT