AbleCommerce Shopping Cart Software

In the "Configure Security" section in the Admin, it reads:

"When credit card storage is enabled, encrypted card data is saved in the database...."

Is is possible to view the card number and expiration date later
so a refund or other credit adjustment can be make with an order?

I don't see where I can view the number in the Admin. Is it there?
If I can't view it, then why is it saved?

You can view it if you click on the order, Payments, then Show Account Details.

Thank you

Mike718NY wrote:In the "Configure Security" section in the Admin, it reads:

"When credit card storage is enabled, encrypted card data is saved in the database...."

Is is possible to view the card number and expiration date later
so a refund or other credit adjustment can be make with an order?

I don't see where I can view the number in the Admin. Is it there?
If I can't view it, then why is it saved?

The text description on the page is vague. The actual effect of those settings applies only once the payment has been captured. Until a capture is performed, card information is always available.

I have some refunds that I can only issue from the gateway website after a certain period of time expires. It varies with each payment gateway.

The company I work for doesn't want to get a payment gateway immediately, something to do with closing out the month in accounting and we have distributors/dealer orders that get presidence in shipping.I am not for it...

So we will store the credit card info and run it through our onsite terminal, however the CVV or security code of the card is not being stored with the order. Can anyone tell me why this is or how to change it/enable it?

rusackson wrote:...however the CVV or security code of the card is not being stored with the order. Can anyone tell me why this is or how to change it/enable it?

it is a violation of your credit card agreement to accept payment online and store the CVV/CVV2 code. The code validates that the physical card is present, at least in the eyes of the credit card companies. This is why Able doesn't store it.

If you stored those numbers and your site would ever get compromised, you would be in serious legal hotwater both with the credit card company and the issuing bank(s).

Following post may help you, have a look at them
viewtopic.php?f=42&t=7853&p=33272&hilit ... ard#p33272
viewtopic.php?f=44&t=7480

Thanks for posting the links to the corresponding threads... I was searching CVV and security code to no avail...

I now have a firmer foundation to force my company to rethink the tremendous service of a Payment Gateway...

Some card processors will offer a lower fee if the charge is handled through a physical card swipe machine. The belief is this assures them the card is physically present.

However some merchants "cheat" this benefit by hand-entering charge cards into their physical machine despite not having the physical card present. While this reduces their fees, they run the risk of getting caught and getting back-charged or simply having their ability to accept cards revoked entirely.

Payment Gateways offer several features not available with a physical machine. First and foremost is AVS or Address Verification Service. This affords an additional level of security (or frustration depending on your perspective) by confirming aspects of the billing address on the order with what the issuing bank has on file. I can speak with experience that this greatly aids any charge-back issues that will (and I mean will) arise.

For what little they charge on a monthly basis, they are quite worth the expense and effort to configure. Online fraud is a serious problem, and you will get hit with it. Better to be safe than sorry - losing a charge-back costs you double the amount of the order every time it happens.

...and boy does it sting