OFBiz › OFBiz - Dev

Re: Clearing credit card data after capture

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

2 messages Options

Tim Ruppert

Re: Clearing credit card data after capture

I'd probably put the configuration on the product store - or in the payment.properties file. The store because that's where you configure when to do the capture - payment.properties because many of the processors might not support being able to.

Cheers,
Tim
--
Tim Ruppert
HotWax Media
http://www.hotwaxmedia.com

o:801.649.6594
f:801.649.6595

----- "Scott Gray" <[hidden email]> wrote:

> Hi All,
>
> I plan to add a configuration option to clear credit card data once
> there are no more auths pending against it. When I say clear the data
>
> I mean remove the expiry date and credit card number except for the
> last 4 digits.
>
> Any thoughts on where this should be configurable/how it should be
> implemented? I think the card clearing logic may have to be specific
>
> to the gateway being used, e.g. authorize.net needs you to keep the
> last 4 digits for refunds but others may not.
> I'm thinking perhaps I could add a new product store payment service
>
> type enumeration record, something like PRDS_PAY_CLEAR_DATA and the
> defined service would run after the capture and release services.
>
> Recurring billing is the other thing I'm not sure about, I guess I'd
>
> need to leave the card data alone in that case but I've never worked
>
> with recurring payments so I'm not sure how I would detect if the card
>
> is being used for them.
>
> Any thoughts would be appreciated.
>
> Thanks
> Scott
>
> HotWax Media
> http://www.hotwaxmedia.com

Scott Gray-2

Re: Clearing credit card data after capture

Thanks Tim,

If I'm not wrong I think the payment.properties file is deprecated in
favor of PaymentGatewayConfig and the PaymentGateway* entities. I
could put the flag on the ProductStore entity but if I did it would
probably need to perform the same function regardless of the processor
being used.

If I put a flag on the applicable PaymentGateway* entities, then the
service to clear the card data would need to be called from within the
capture and release implementations for each processor. I could call
the service asynchronously to avoid affecting the outcome of the
transaction being processed. I think I prefer this method of the two.

Regards
Scott

On 5/06/2009, at 6:09 PM, Tim Ruppert wrote:

> I'd probably put the configuration on the product store - or in the
> payment.properties file. The store because that's where you
> configure when to do the capture - payment.properties because many
> of the processors might not support being able to.
>
> Cheers,
> Tim
> --
> Tim Ruppert
> HotWax Media
> http://www.hotwaxmedia.com
>
> o:801.649.6594
> f:801.649.6595
>
> ----- "Scott Gray" <[hidden email]> wrote:
>
>> Hi All,
>>
>> I plan to add a configuration option to clear credit card data once
>> there are no more auths pending against it. When I say clear the
>> data
>>
>> I mean remove the expiry date and credit card number except for the
>> last 4 digits.
>>
>> Any thoughts on where this should be configurable/how it should be
>> implemented? I think the card clearing logic may have to be specific
>>
>> to the gateway being used, e.g. authorize.net needs you to keep the
>> last 4 digits for refunds but others may not.
>> I'm thinking perhaps I could add a new product store payment service
>>
>> type enumeration record, something like PRDS_PAY_CLEAR_DATA and the
>> defined service would run after the capture and release services.
>>
>> Recurring billing is the other thing I'm not sure about, I guess I'd
>>
>> need to leave the card data alone in that case but I've never worked
>>
>> with recurring payments so I'm not sure how I would detect if the
>> card
>>
>> is being used for them.
>>
>> Any thoughts would be appreciated.
>>
>> Thanks
>> Scott
>>
>> HotWax Media
>> http://www.hotwaxmedia.com

smime.p7s (3K) Download Attachment