How and where are credit card numbers stored? Does storing them in your software on our server comply with all PCI and CISP requirements? Thanks
When you import data there is an option for CC#s. Why? Where is it stored? Is it compliant with CISP/PCI regulations?
I've checked PCI standarts and aMember complies with almost all of them but several about logging (which we will implement). However, there are many network/administrative rules that small merchants never follow. For example - database server must be separate and behind the firewall. Firewall must be correctly configured and so on. In any case - storing credit cards is FOR BIG COMPANIES with professional staff. Small companies with one rented server, or specially on a shared hosting - PLEASE use PayPal or 2Checkout.com or something like that for recurring billing. I will write special note to the next version of aMember.
It is stored in encrypted form. It is needed only for recurring billing, and only for several payment processors.
Hi , thnx a lot I had a simillar problem and question about the storage of the credit card numbers.... and you saved me a lot of trouble with the informaition about the small companies better use paypal. I want to recommended this two sites that i like a lot tone+zone, star+polyps so thnx again - keep up the good work!