Magento

Hi Everyone, Iwould like to remove delete or alter the payment details of my customer after usiing it. please let me know how to do it without messing with magento system.
Thanks,
phil
glasspebbles.co.uk

I would also like this as i have been forced by my client to store CVV2 but want to minimise his risk.

Deleting payment information after processing either as part of marking as Processed or with a cron job.

anyone know the SQL or methods needed?

Yes I would also like to learn how this is done. Should my website get hacked I do not wish to put my customers at risk. Can somebody please help us out??

I too have been forced by a client to store CVV2.
He wants a degree of manual processing to reduce his fraud risk. Its just how he wants to do things.
I havent found a way to implement Auth-Capture or something like e-path yet...so im stuck with it.

The SQL to delete the card number and CVV2 from all completed orders is all i am after.

Has anyone figured this out? I’d like to do the same.

Im looking for this as well

Hello,
I have released a new module that allows store owners to delete credit card numbers stored in magento database.

Link here:  Delete Saved Credit Card Numbers

Need help! please do let me know.

Oh ya it’s working now.

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

Isaac Chambers - 24 May 2010 02:44 PM

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

It’s not necessarily illegal to store CVV2 codes, but it does violate your merchant agreement.  A small distinction, I know, as the end result is the same.

Isaac Chambers - 24 May 2010 02:44 PM

FYI,

It\’s illegal to store CVV2 codes as it is not in compliance with the PCI security standard mandated by all credit card companies. If the credit card company finds out you are storing CVV2 codes they can charge you fines and penalties and cut off your merchant account.

Jeffrey, Yes, you will be cut out, but you will not be charged in a court of law. therefor it is LEGAL. PCI Standards (if you read their website) is not mandated by governments, but self regulated by institutions.

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

there is a difference between illegal and against policy. One can land you in jail!

17 would be the order id number found here:

http://www.yourwebsite.com/index.php/admin/sales_order/view/order_id/17/key/1fcd3***

that will replace the encrypted credit card number with a blank space.

hope this helps somebody

Found this thread searching for a solution to this same request.  I have just worked out a solution and thought I would share in the hopes that it helps someone.  I used a custom module to rewrite Mage_Sales_Model_Order to override the _setState method which is used to update the status of an order.  I added the following code:

xantek - 29 June 2012 09:59 AM

Found this thread searching for a solution to this same request.  I have just worked out a solution and thought I would share in the hopes that it helps someone.  I used a custom module to rewrite Mage_Sales_Model_Order to override the _setState method which is used to update the status of an order.  I added the following code:

if (self::STATE_CANCELED == $state || self::STATE_CANCELED == $state || self::STATE_CANCELED == $state){
        $_payment = $this->getPayment();
        $_payment->setCcNumberEnc($_payment->encrypt('xxxx-'.$_payment->getCcLast4()));
}

Are you willing to share your custom module?

The custom modules in question contains other changes than the specific rewrite detailed in my post.  Attached is a copy of the complete model class used to extend Mage_Sales_Model_Order from a CE 1.7 install.  The basic idea is to create your own custom Magento module and use the confix.xml to override the core functionality.

config.xml

Unfortunately detailing how to create a custom module is outside the scope of what I can offer at this time.  If your require more specifics let me know and I’ll schedule some time to create a complete wiki on this topic in the coming weeks.

Order.php  (File Size: 2KB - Downloads: 54)