anyone know why Interchange displays the card information like

Payment Method: Credit Card (visa)


Account Number: 42**1111 Expiration: 1/02

when it e-mails you the order? How can you get the stupid thing to send you the full CC info?

Thanks

Hi!
The full CC info is not send for security reasons... :)

Have a great day :)

regards
amar

But the * for 2 digits really is no big deal..

You only have 100 combinations and you can crack it in less than an hour if you have the time and patience

Dr JB the famous cryptographer should see this!

Cheers
Balaji

HUH? I dont want to have to crack customers orders! I need to know the full CC information so that I may proccess there order manually with my physical CC proccessing terminal. I can't find the CC information for orders anywhere in Interchange, and the e-mail it sends has though two **'s. I figured it was for security reasons, but to the administrator?

2 things. First off to one of the other posts, the two **, there are two of them, but its covering a LOT more. 16 numbers in a cc, shows the first 2 and last 4. They show part of it generally so u can verify its them. For example if they call up and you want to verify it, you can ask for the last 4 digests of the number.

The other thing, I heard this here, not sure if it is true, but it is illegal to manually enter cc numbers.

I don't believe it's illegal to manually enter cc if the customer provides you with the number. For security reasons though you don't want to know the persons cc unless you have a secure way to get the number.

To the post, if you really need to know the number then just ask for it by providing a secure way to safely transmit the card to you.

Originally posted by cahostnet
I don't believe it's illegal to manually enter cc if the customer provides you with the number. Most likely that misunderstanding comes from the fact that, if you're using a third party processor like Revecom or Paypal, you are prohibited from entering your customers' data into those forms that are intended for their use. But if you have a merchant account you can do it, and some other accounts that offer what are typically called "virtual terminals" also allow it.

Back on topic, sending credit card numbers through regular email wouldn't be a good idea. I was going to say that it especially wouldn't be a good idea to give the impression that the numbers are being protected by taking orders on a secure page and then emailing the information anyway... but then I noticed that the order page at diatone.net is not a secure page. So I guess that's not an issue.