ShopSite Forums

[FredW]

When on has customer registration turned on and they allow the customer to 'save' his payment information, is the credit card information stored according to the way they configure the 'credit card storage' under the "Orders->Security" button?

If so, how does it work when the options have 'Do Not Store Credit cards' and the customer has stored his credit card information? Where is the card data stored then?

Trying to be PCI compliant and can't figure this out.

Fred

[ShopSite Nicole]

When on has customer registration turned on and they allow the customer to 'save' his payment information, is the credit card information stored according to the way they configure the 'credit card storage' under the "Orders->Security" button?

No. The Credit Card Storage option under Orders is different then the option to store payment information for registered customers. Under Orders, that controls if ShopSite will keep the credit card information used on checkout by any customer (registered or otherwise) and display it to you when you go to view the order. So this is a setting for your Orders Database. ShopSite defaults at "Do Not Store Credit Cards" if you are using a payment gateway for real-time credit card processing.

If a registered customer is allowed the choice to have their payment information stored, then ShopSite will display a list of their stored payment options (though it will not show the whole card number) and depending on what they choose, it will fill in the payment information fields for the customer when they go to check out. That information is, I believe, stored as part of the customer registration portion of the ShopSite database. So it will still be stored on your server.

If you go to Orders > Security > Security Status, then you will see that ShopSite "grades" storing payment information as part of orders and in customer registration as two separate categories.