Another thing you've missed in your conclusions is that in every case that I know of, you *may not* use a "swipe terminal" such as you are describing to manually input credit card numbers taken on the internet.
That's because the companies charge different rates for "card present" and "card not present" transactions. It is a different risk for them, so I actually (for once) am on their side on this question. Check your contract and tell me if I'm wrong. I'd love to find an example where it is permitted, but ... very unlikely. Don't do it, you risk civil penalties and at the least losing your merchant account. That's a pretty bad penalty! On Sun, Jan 23, 2011 at 7:51 PM, Malcolm MacKinnon <[email protected]>wrote: > After hours of further review and testing, I think I answered my own > questions: > > 1) Yes, you can store, encrypt, & decrypt credit card numbers, as long as > you're PCI compliant. You can't store certain credit card security codes, > etc, under any circumstances, however, because the PCI rules prohibit you > from doing it. Storing permitted card information is probably not a good > idea for most small businesses due to compliance costs, etc. > > 2) In the admin, when you change the Order Status for a particular order to > shipped, an email notification to the purchaser will be sent as long as > you've authorized sending them in your site settings. > > > On Sun, Jan 23, 2011 at 12:12 PM, Mac <[email protected]> wrote: > >> Hi Everyone, >> >> I have a couple of general questions about Satchmo's payment modules, >> and shipiing and tracking capabilities. >> >> 1) Most modules, such as paypal, capture and store credit card into >> off site, so there are no compliance issues. But say, for example, you >> have a company that has their own backend accounting system, and >> accepts credit cards and runs them through their own merchant >> transaction terminals. Assuming all compliance standards are met, one >> could use the dummy payment module to capture and encrypt the credit >> card data, correct? If correct, how would you decrypt this data to >> process it? If not correct, has anyone implemented a custom payment >> model solution they might be willing to share (or sell)? >> >> 2) I see there is a url tracking/(?P<order_id>\d+)/$. I assume you can >> use the admin to update the status of an order to shipped first, but >> after that is there some kind of built in tracking capability >> available? Whenever I test this url, I get a error message: The order >> you have requested doesn't exist, or you don't have access to it. >> >> Any help would be very much appreciated. This is a great project! >> >> Thanks! > > > -- > You received this message because you are subscribed to the Google Groups > "Satchmo users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<satchmo-users%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/satchmo-users?hl=en. > -- Bruce Kroeze http://www.ecomsmith.com It's time to hammer your site into shape. -- You received this message because you are subscribed to the Google Groups "Satchmo users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/satchmo-users?hl=en.
