Discussions

Any interest in a manual credit card contrib module?

I know of zencart sites are using a manual credit card payment method where part of the credit card is saved on server and part is emailed to attempt PCI compliance and yet allow merchant to type in card number into their virt or other terminal/swiper.

YES, they should pay another monthly gateway fee to have the processor store the credit card.. But mostly they are low volume or have some legacy reason they want to manauly enter the numbers. I would beg you not to get into a flame thread here saying it should not be done, enough of those threads exist on zencart. The fact is that some merchants do this and once they get volume may be talked into switching. And this is a feature they require along with a method for check by mail that would prevent consideration of migration to drupal commerce.

Is there any interest in a contribution module to do this? If so I thought this thread may seed interest and discussion.

Example of a zencart contribution that is active and used:
http://www.zen-cart.com/index.php?main_page=product_contrib_info&product...

Posted: Jun 12, 2011

Comments

sjk413 on June 15, 2012

I have a client in exactly this situation. I assumed there would be a module in commerce using this method, but I haven't found anything so far.

My drupal knowledge is still basic, I know a reaonable amount of security stuff/php though and would be willing to help if someone could outline some basic things that might need coding.

sjk413 on June 15, 2012

Ok, So how about a public key private key combo, public key is stored on the server, private key is stored on an offline workstation and canbe used to decrypt the data before use on the terminal

joshmiller Josh Miller on June 15, 2012

The best answer here is that you don't want the responsibility of that data, period. Find a payment gateway that offers the storage capability and work through it with the payment gateway's module to use an API to keep that data secure and off your server.

We're not talking about just an SSL and some reasonable security issues. This is easily a $10,000/month server problem if you are truly interested in solving it.

veganline on October 24, 2012

Not integrated with Drupal, but Mals-e commerce takes orders on a secure remote-hosted shopping cart and can get the card details to paypal, nochex, skrill, or the shopkeer's counter for processing on a payment machine, all with some kind of nod to PCI initials. The system is usually used a bit like Paypal payment buttons, added to a plain text site, but was invented before paypal was available over here and allows more options.