Re: Encrypting cc_number in uc_payment_credit table.

#1 Tue, 10/30/2007 - 19:29

Posts: 1300
Joined: 08/14/2007

Just FYI, checking the "do not store card numbers, even at checkout" works great for us at the moment. Since it only stores the last four digits of a card, I'm still able to process the payment as well as issue refunds to users when they need it. But I can't remember if that's the default, or if the default is to store the entire number. (It's been a while since I installed UC).

In any case I think if someone is storing the entire number there should be encryption in place; you may even consider encrypting anything that gets stored in the cc_number column.

"Pain don't hurt." - Dalton

Mike Nelson's RiffTrax! www.rifftrax.com

Encrypting cc_number in uc_payment_credit table. By: torgosPizza (16 replies) Tue, 10/30/2007 - 18:49

Encryption of Customer Data By: DeskRocket (11/30/2007 - 00:39)
Yes this is an issue By: deanj200 (11/10/2007 - 16:11)
- Re: Yes this is an issue By: lostcarpark (11/13/2007 - 17:43)
Secure the database By: Lyle (10/31/2007 - 10:02)
Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/30/2007 - 19:29)
- Don't Save CC Numbers, Even at Checkout By: ChrisAlbrecht (11/29/2007 - 12:48)
  - Clearing out CC numbers upon unsuccessful order By: mmwebdev (01/20/2008 - 20:31)
    - Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 00:41)
      - Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/21/2008 - 17:02)
        Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: torgosPizza (01/21/2008 - 17:17)
        Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful order By: Ryan (01/22/2008 - 12:04)
        Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessful or By: torgosPizza (01/22/2008 - 12:40)
        Re: Re: Re: Re: Re: Re: Clearing out CC numbers upon unsuccessfu By: Ryan (01/24/2008 - 10:23)
- Re: Re: Encrypting cc_number in uc_payment_credit table. By: Ryan (10/31/2007 - 09:22)
  - Re: Re: Re: Encrypting cc_number in uc_payment_credit table. By: torgosPizza (10/31/2007 - 12:22)
- Storing CC numbers... By: dougdagaz (10/30/2007 - 21:51)

	Drupalcon DC
	Vote now to learn more about Ubercart in these sessions: Ubercart on Drupal 6 Advanced Ubercart Usage Starting Your Own Ubercart Store

	Ubercart Affiliates
	Find payment and hosting services in our Affiliate Directory that support Ubercart development.

	User login
	Username: * Password: * Create new account Request new password

	Fast Invoicing
	We use and recommend FreshBooks for project time tracking and client invoicing.

Ubercart

Re: Encrypting cc_number in uc_payment_credit table.

Navigation

Drupalcon DC

Ubercart Affiliates

User login

Fast Invoicing