There is a checkbox PAYMENT__STORE_CREDIT_NUMBERS in livesettings (http://your.site/settings) "Save Credit Card Numbers" "If False, then the credit card will never be written to disk. For PCI compliance, this is required..."
This should be unchecked on a real server except for debugging and it is by default unchecked. I reproduce only what I have read here. Is it OK? On 1 lis, 07:41, digicase <[email protected]> wrote: > Hello, > > I'm about to finish up some work to implement PayPal Payments Pro, but > have a question regarding credit card details. > > From looking at the Satchmo code it looks like the full card number > and CCV are stored in memcache, for 60 minutes? > > I was wondering is it possible to change it so the the card number and > CCV are not saved in memory for so long (15 minutes seems enough time > to read the order details before confirming a payment). I would also > like to delete each row from the table payment_creditcarddetail for > all completed payments so that absolutely no credit card data is left > in the database, especially the key for retrieving card number and CCV > from memcache. > > I am thinking of changing the line in apps/payment/models.py from: > > keyedcache.cache_set(key, skiplog=True, length=60*60, > value=encrypted_cc) > > to: > > keyedcache.cache_set(key, skiplog=True, length=60*15, > value=encrypted_cc) > > Similar for the CCV cache entry. > > I'm not sure how best way to go about removing the rows from > payment_creditcarddetail? Maybe a hook somehow for a completed payment > which will delete the row with a matching orderpayment_id? > > Any advice would be much appreciated, thanks. -- You received this message because you are subscribed to the Google Groups "Satchmo users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/satchmo-users?hl=en.
