[ic] CC numbervisibility ?

[interchange-users@interchange.redhat.com]

> -----Original Message-----
> From: Mike Montoya [mailto:mmm@yosemite.net]
> Sent: Friday, March 01, 2002 2:01 PM
> To: interchange-users@interchange.redhat.com
> Subject: [ic] CC numbervisibility ?
> 
> 
> I can't seem to be able to see the Credit Card numbers in my
> admin interface, nor get them emailed to me for processing
> through my own system. I have a cart running under minivend
> and everything is fine there under the default setup, but
> Interchange's default install seems to drop the numbers.
> I have searched the archives and tried adding the "keep" to
> the CC stuff in profiles.order but that didn't seem to
> change anything.
> 
> I don't need encryption because this is all internal to this
> server.

You know, I think there should be an entire section in the
Interchange docs, right at the start of them saying "Why
you really do need encryption".  This discussion happens
all the time.

You need encryption because of hackers.  You need encryption
because of employees who might get ambitious about doing
some credit card fraud.  You need encryption because you
can loose your merchant account if a CC company finds out
you store the credit card unencrypted at any point in the
ordering process (for as much as 3 years from posts others
have sent).

So when MiniVend became Interchange, it was written to
not allow the CC to be stored unencrypted.  So work with
the encryption.  It's very cool stuff once you understand
it.  Plan on spending about 4 working days learning it
and implementing it, assuming you are working on it full
time.  It's time well spent.

Patrick