Posting in the Magento forums has been disabled pending the implementation of a new and improved forum solution which should better serve the community.

For new questions please post at magento.stackexchange.com, the community-run support site for the Magento community. We will be providing updates on the new forum solution soon. For questions or concerns please email community@magento.com.

Magento Forum

Page 1 of 2
How to Delete the credit card detail after processing order from the database
 
cadoworld
Jr. Member
 
Total Posts:  27
Joined:  2008-10-12
 

Hi Everyone, Iwould like to remove delete or alter the payment details of my customer after usiing it. please let me know how to do it without messing with magento system.
Thanks,
phil
glasspebbles.co.uk

 
Magento Community Magento Community
Magento Community
Magento Community
 
Dorgo
Sr. Member
 
Total Posts:  127
Joined:  2008-12-16
 

I would also like this as i have been forced by my client to store CVV2 but want to minimise his risk.

Deleting payment information after processing either as part of marking as Processed or with a cron job.

anyone know the SQL or methods needed?

 
Magento Community Magento Community
Magento Community
Magento Community
 
cherrymount
Jr. Member
 
Total Posts:  10
Joined:  2009-01-10
 

Yes I would also like to learn how this is done. Should my website get hacked I do not wish to put my customers at risk. Can somebody please help us out??

 
Magento Community Magento Community
Magento Community
Magento Community
 
Dorgo
Sr. Member
 
Total Posts:  127
Joined:  2008-12-16
 

I too have been forced by a client to store CVV2.
He wants a degree of manual processing to reduce his fraud risk. Its just how he wants to do things.
I havent found a way to implement Auth-Capture or something like e-path yet...so im stuck with it.

The SQL to delete the card number and CVV2 from all completed orders is all i am after.

 
Magento Community Magento Community
Magento Community
Magento Community
 
shaunp
Jr. Member
 
Total Posts:  28
Joined:  2009-07-29
 

Has anyone figured this out? I’d like to do the same.

 
Magento Community Magento Community
Magento Community
Magento Community
 
JustinZ
Member
 
Total Posts:  36
Joined:  2008-09-17
 

Im looking for this as well

 
Magento Community Magento Community
Magento Community
Magento Community
 
ayasoftware
Jr. Member
 
Avatar
Total Posts:  21
Joined:  2009-06-02
 

Hello,
I have released a new module that allows store owners to delete credit card numbers stored in magento database.

Link here:  Delete Saved Credit Card Numbers

Need help! please do let me know.

 
Magento Community Magento Community
Magento Community
Magento Community
 
bertojhone
Jr. Member
 
Total Posts:  10
Joined:  2010-05-03
 

Oh ya it’s working now.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Isaac Chambers
Member
 
Total Posts:  38
Joined:  2009-07-28
 

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Jeffrey Siegel
Jr. Member
 
Total Posts:  3
Joined:  2008-12-31
 
Isaac Chambers - 24 May 2010 01:44 PM

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

It’s not necessarily illegal to store CVV2 codes, but it does violate your merchant agreement.  A small distinction, I know, as the end result is the same.

 
Magento Community Magento Community
Magento Community
Magento Community
 
Jeffrey Siegel
Jr. Member
 
Total Posts:  3
Joined:  2008-12-31
 
Isaac Chambers - 24 May 2010 01:44 PM

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

 
Magento Community Magento Community
Magento Community
Magento Community
 
abirdd
Jr. Member
 
Total Posts:  20
Joined:  2009-08-31
Canada
 

Jeffrey, Yes, you will be cut out, but you will not be charged in a court of law. therefor it is LEGAL. PCI Standards (if you read their website) is not mandated by governments, but self regulated by institutions.

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

there is a difference between illegal and against policy. One can land you in jail!

 
Magento Community Magento Community
Magento Community
Magento Community
 
thatjonjackson
Jr. Member
 
Total Posts:  1
Joined:  2011-07-14
 

SELECT `cc_number_encFROM `sales_flat_order_paymentWHERE entity_id 17

UPDATE  
`DATABASE_NAME`.`sales_flat_order_paymentSET  `cc_number_enc` =  '' WHERE  `entity_id`=  '17' LIMIT 1 ;

17 would be the order id number found here:

http://www.yourwebsite.com/index.php/admin/sales_order/view/order_id/17/key/1fcd3***

that will replace the encrypted credit card number with a blank space.

hope this helps somebody

 
Magento Community Magento Community
Magento Community
Magento Community
 
xantek
Jr. Member
 
Avatar
Total Posts:  17
Joined:  2011-01-21
United States
 

Found this thread searching for a solution to this same request.  I have just worked out a solution and thought I would share in the hopes that it helps someone.  I used a custom module to rewrite Mage_Sales_Model_Order to override the _setState method which is used to update the status of an order.  I added the following code:

if (self::STATE_CANCELED == $state || self::STATE_CANCELED == $state || self::STATE_CANCELED == $state){
        $_payment 
$this->getPayment();
        
$_payment->setCcNumberEnc($_payment->encrypt('xxxx-'.$_payment->getCcLast4()));
}
 
Magento Community Magento Community
Magento Community
Magento Community
 
sandiegoarms
Jr. Member
 
Total Posts:  5
Joined:  2012-02-16
 
xantek - 29 June 2012 08:59 AM

Found this thread searching for a solution to this same request.  I have just worked out a solution and thought I would share in the hopes that it helps someone.  I used a custom module to rewrite Mage_Sales_Model_Order to override the _setState method which is used to update the status of an order.  I added the following code:

if (self::STATE_CANCELED == $state || self::STATE_CANCELED == $state || self::STATE_CANCELED == $state){
        $_payment 
$this->getPayment();
        
$_payment->setCcNumberEnc($_payment->encrypt('xxxx-'.$_payment->getCcLast4()));
}

Are you willing to share your custom module?

 
Magento Community Magento Community
Magento Community
Magento Community
 
xantek
Jr. Member
 
Avatar
Total Posts:  17
Joined:  2011-01-21
United States
 

The custom modules in question contains other changes than the specific rewrite detailed in my post.  Attached is a copy of the complete model class used to extend Mage_Sales_Model_Order from a CE 1.7 install.  The basic idea is to create your own custom Magento module and use the confix.xml to override the core functionality.

config.xml

<models>
            <
sales>
                <
rewrite>
                    <
order>{NAMESPACE}_Sales_Model_Order</order>
                </
rewrite>
            </
sales>
        </
models>

Unfortunately detailing how to create a custom module is outside the scope of what I can offer at this time.  If your require more specifics let me know and I’ll schedule some time to create a complete wiki on this topic in the coming weeks.

File Attachments
Order.php  (File Size: 2KB - Downloads: 94)
 
Magento Community Magento Community
Magento Community
Magento Community
Magento Community
Magento Community
Back to top
Page 1 of 2