|
Group: Forum Members
Last Active: Wed 18 Dec 2013
Posts: 2,
Visits: 4
|
Looking at the tblKartrisUsers table, there is a field labeled U_Card_SecurityNumber. Is this the 3 or 4 digit PIN for credit cards? If so, this should never be stored in any database and with most providers a security violation if it is stored.
Can you verify this data and give me details on any additional data stored in the database which pertain to payments? I don't want to use/suggest a cart to anyone if it is going to violate security practices and/or PCI-DSS mandates.
|
|
Group: Administrators
Last Active: Wed 18 Nov 2020
Posts: 148,
Visits: 3,450
|
In original versions of Kartris we supported storage of credit card details (that would require PCI compliance at a high level), even though we recommended against this because of the risks involved.
We have not supported this since early versions of Kartris - we now only support third party payment gateways and credit card numbers are never stored in Kartris.
The field you see is most likely a legacy one.
|
|
Group: Forum Members
Last Active: Wed 18 Dec 2013
Posts: 2,
Visits: 4
|
Thank you very much for the prompt response and information. This is very good news.
|