But, for the sake of argument Bruce, are you an expert in these matters? On Thu, Jan 27, 2011 at 6:51 PM, Malcolm MacKinnon <[email protected]>wrote:
> Bruce, > > Thanks for your reply, and I would also advise against manually entering > cc's in transaction terminals taken on the internet. Thanks for the > admonishment against it. > > > > > > On Thu, Jan 27, 2011 at 4:53 PM, Bruce Kroeze <[email protected]> wrote: > >> Another thing you've missed in your conclusions is that in every case that >> I know of, you *may not* use a "swipe terminal" such as you are describing >> to manually input credit card numbers taken on the internet. >> >> That's because the companies charge different rates for "card present" and >> "card not present" transactions. It is a different risk for them, so I >> actually (for once) am on their side on this question. >> >> Check your contract and tell me if I'm wrong. I'd love to find an example >> where it is permitted, but ... very unlikely. >> >> Don't do it, you risk civil penalties and at the least losing your >> merchant account. That's a pretty bad penalty! >> >> On Sun, Jan 23, 2011 at 7:51 PM, Malcolm MacKinnon >> <[email protected]>wrote: >> >>> After hours of further review and testing, I think I answered my own >>> questions: >>> >>> 1) Yes, you can store, encrypt, & decrypt credit card numbers, as long as >>> you're PCI compliant. You can't store certain credit card security codes, >>> etc, under any circumstances, however, because the PCI rules prohibit you >>> from doing it. Storing permitted card information is probably not a good >>> idea for most small businesses due to compliance costs, etc. >>> >>> 2) In the admin, when you change the Order Status for a particular order >>> to shipped, an email notification to the purchaser will be sent as long as >>> you've authorized sending them in your site settings. >>> >>> >>> On Sun, Jan 23, 2011 at 12:12 PM, Mac <[email protected]> wrote: >>> >>>> Hi Everyone, >>>> >>>> I have a couple of general questions about Satchmo's payment modules, >>>> and shipiing and tracking capabilities. >>>> >>>> 1) Most modules, such as paypal, capture and store credit card into >>>> off site, so there are no compliance issues. But say, for example, you >>>> have a company that has their own backend accounting system, and >>>> accepts credit cards and runs them through their own merchant >>>> transaction terminals. Assuming all compliance standards are met, one >>>> could use the dummy payment module to capture and encrypt the credit >>>> card data, correct? If correct, how would you decrypt this data to >>>> process it? If not correct, has anyone implemented a custom payment >>>> model solution they might be willing to share (or sell)? >>>> >>>> 2) I see there is a url tracking/(?P<order_id>\d+)/$. I assume you can >>>> use the admin to update the status of an order to shipped first, but >>>> after that is there some kind of built in tracking capability >>>> available? Whenever I test this url, I get a error message: The order >>>> you have requested doesn't exist, or you don't have access to it. >>>> >>>> Any help would be very much appreciated. This is a great project! >>>> >>>> Thanks! >>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Satchmo users" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]<satchmo-users%[email protected]> >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/satchmo-users?hl=en. >>> >> >> >> >> -- >> Bruce Kroeze >> http://www.ecomsmith.com >> It's time to hammer your site into shape. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Satchmo users" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<satchmo-users%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/satchmo-users?hl=en. >> > > -- You received this message because you are subscribed to the Google Groups "Satchmo users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/satchmo-users?hl=en.
