Users - Credit card security code

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Users - Credit card security code

Vinay Agarwal

Would it be OK to add optional securityCode (type id) to the CreditCard entity and the corresponding createCreditCard?

 

Regards,

Vinay Agarwal


 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Users - Credit card security code

David E. Jones

Perhaps... but this is something that needs to be closely guarded.  
Once an authorization is done (succeed or fail) the securityCode  
needs to be auto-cleared. This is enough of an issue with credit card  
providers that we should put any of it in until all of it is in...

-David


On Feb 27, 2006, at 11:09 AM, Vinay Agarwal wrote:

> Would it be OK to add optional securityCode (type id) to the  
> CreditCard entity and the corresponding createCreditCard?
>
>
> Regards,
>
> Vinay Agarwal
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users

 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Users - Credit card security code

Vinay Agarwal
Is the storage of securityCode (the 3-4 digit number either on back or front
of the card) more sensitive than the credit card number itself? If so, would
automatic billing be done without the security code?

Regards,
Vinay Agarwal

-----Original Message-----
From: [hidden email] [mailto:[hidden email]]
On Behalf Of David E. Jones
Sent: Monday, February 27, 2006 10:51 AM
To: OFBiz Users / Usage Discussion
Subject: Re: [OFBiz] Users - Credit card security code


Perhaps... but this is something that needs to be closely guarded.  
Once an authorization is done (succeed or fail) the securityCode  
needs to be auto-cleared. This is enough of an issue with credit card  
providers that we should put any of it in until all of it is in...

-David


On Feb 27, 2006, at 11:09 AM, Vinay Agarwal wrote:

> Would it be OK to add optional securityCode (type id) to the  
> CreditCard entity and the corresponding createCreditCard?
>
>
> Regards,
>
> Vinay Agarwal
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users

 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Users - Credit card security code

David E. Jones
In reply to this post by Vinay Agarwal

Yes, this is considered _very_ sensitive. Storing it is actually not  
allowed outside of the scope of a single transaction. So no, I don't  
think you can use it for recurring payment.

-David


On Feb 27, 2006, at 12:27 PM, Vinay Agarwal wrote:

> Is the storage of securityCode (the 3-4 digit number either on back  
> or front
> of the card) more sensitive than the credit card number itself? If  
> so, would
> automatic billing be done without the security code?
>
> Regards,
> Vinay Agarwal
>
> -----Original Message-----
> From: [hidden email] [mailto:users-
> [hidden email]]
> On Behalf Of David E. Jones
> Sent: Monday, February 27, 2006 10:51 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Credit card security code
>
>
> Perhaps... but this is something that needs to be closely guarded.
> Once an authorization is done (succeed or fail) the securityCode
> needs to be auto-cleared. This is enough of an issue with credit card
> providers that we should put any of it in until all of it is in...
>
> -David
>
>
> On Feb 27, 2006, at 11:09 AM, Vinay Agarwal wrote:
>
>> Would it be OK to add optional securityCode (type id) to the
>> CreditCard entity and the corresponding createCreditCard?
>>
>>
>> Regards,
>>
>> Vinay Agarwal
>>
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.ofbiz.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users

 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users

smime.p7s (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Users - Credit card security code

Vinay Agarwal
Then I won't make any changes to CreditCard entity.

-----Original Message-----
From: [hidden email] [mailto:[hidden email]]
On Behalf Of David E. Jones
Sent: Monday, February 27, 2006 11:40 AM
To: OFBiz Users / Usage Discussion
Subject: Re: [OFBiz] Users - Credit card security code


Yes, this is considered _very_ sensitive. Storing it is actually not  
allowed outside of the scope of a single transaction. So no, I don't  
think you can use it for recurring payment.

-David


On Feb 27, 2006, at 12:27 PM, Vinay Agarwal wrote:

> Is the storage of securityCode (the 3-4 digit number either on back  
> or front
> of the card) more sensitive than the credit card number itself? If  
> so, would
> automatic billing be done without the security code?
>
> Regards,
> Vinay Agarwal
>
> -----Original Message-----
> From: [hidden email] [mailto:users-
> [hidden email]]
> On Behalf Of David E. Jones
> Sent: Monday, February 27, 2006 10:51 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Credit card security code
>
>
> Perhaps... but this is something that needs to be closely guarded.
> Once an authorization is done (succeed or fail) the securityCode
> needs to be auto-cleared. This is enough of an issue with credit card
> providers that we should put any of it in until all of it is in...
>
> -David
>
>
> On Feb 27, 2006, at 11:09 AM, Vinay Agarwal wrote:
>
>> Would it be OK to add optional securityCode (type id) to the
>> CreditCard entity and the corresponding createCreditCard?
>>
>>
>> Regards,
>>
>> Vinay Agarwal
>>
>>
>> _______________________________________________
>> Users mailing list
>> [hidden email]
>> http://lists.ofbiz.org/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users

 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: Users - Credit card security code

BJ Freeman
In reply to this post by Vinay Agarwal
the CC process, is use the 3-4 code to do a Authorization, then store
the Authorization code receive back This is good for 3 days for this
sale. Then use the Authorization to get complete the sale.
any future sales, the customer needs to supply the 3-4 digits.
Some merchant accounts, not gateways, do use the CVV code.

Vinay Agarwal sent the following on 2/27/06 11:27 AM:

> Is the storage of securityCode (the 3-4 digit number either on back or front
> of the card) more sensitive than the credit card number itself? If so, would
> automatic billing be done without the security code?
>
> Regards,
> Vinay Agarwal
>
> -----Original Message-----
> From: [hidden email] [mailto:[hidden email]]
> On Behalf Of David E. Jones
> Sent: Monday, February 27, 2006 10:51 AM
> To: OFBiz Users / Usage Discussion
> Subject: Re: [OFBiz] Users - Credit card security code
>
>
> Perhaps... but this is something that needs to be closely guarded.  
> Once an authorization is done (succeed or fail) the securityCode  
> needs to be auto-cleared. This is enough of an issue with credit card  
> providers that we should put any of it in until all of it is in...
>
> -David
>
>
> On Feb 27, 2006, at 11:09 AM, Vinay Agarwal wrote:
>
>
>>Would it be OK to add optional securityCode (type id) to the  
>>CreditCard entity and the corresponding createCreditCard?
>>
>>
>>Regards,
>>
>>Vinay Agarwal
>>
>>
>>_______________________________________________
>>Users mailing list
>>[hidden email]
>>http://lists.ofbiz.org/mailman/listinfo/users
>
>
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>  
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.ofbiz.org/mailman/listinfo/users
>
 
_______________________________________________
Users mailing list
[hidden email]
http://lists.ofbiz.org/mailman/listinfo/users