I did a search on this form but I wasn't able to find my question. I am looking to possibly use Modernbill for billing. I have an SSL connection and use Authorize.net.
1. Suppose I wanted to store users CC info in the database encrypted. When a user signs up, will the information automatically be encrypted or am I required to run something to encrypt it manually?
2. If I did store CC information, would it be more secure to process batches manually opposed to automatically and storing my key in a file?
3. If I chose to do monthly billing and I had the system automatically generate invoices via a cron job, (assuming CC numbers were stored), is it an easy process to process credit cards for processing?
4. Overall, how easy is the system to use once it's setup? Does it require much maintenance once setup as far as billing?
5. Would I be able to specify when to charge the card after the invoice is sent out? Will accounts automatically be paid and the user get an invoice stating so when a charge is successful?
1. With ModernBill, by default I believe it is set to encrypt this data automatically.
2. Yes, it would be much more secure to run your batches manually vs. storing the key in a file. Otherwise, if the file key were to be compromised, this could also potentially lead to the card data also being subsequently compromised.
3. Yes, generally speaking. See more on #4.
4. Once you have ModernBill setup, it should be fairly straightforward from that point on. However, keep in mind that setting up MB is not a trivial process based upon what I've been told by MANY Web hosts. Once it is setup, it seems to do a great job but there is a definite learning curve and process required for the initial installation & configuration.
5. Yes, this can be setup with ModernBill.
Best of luck with your new billing system setup!
CDGcommerce.com - Trusted Merchant Account Solutions since 1998
Many thousands of successful, growing businesses benefit from our expertise every day. You can, too!
We help merchants to eliminate gateway costs, reduce & mitigate fraud and achieve streamlined PCI compliance. Learn more today at http://www.cdgcommerce.com - we look forward to helping your business grow!
Just want to make a note on #1, by default MB does NOT store CC information, you have to set that to agree, and if you use thier new LEK encryption option and store the data, it will then automatically encrypt the card for you. If you do NOT use the LEK, you will have to manually encrypt each time new CC details are entered.
like Chris said it would be more secure to not use the cronjob that process batches since it needs your encryption key or pin number (if using LEK). But than can get to be a hassle, unless you don't mind going in once a day and manually running batches.
Modernbill is very easy to setup, just follow the manual they have and thier forums are very good as well. Most things are simple to follow, a few things can be a little confusing to newcomers of it.