Lou1234 Posted October 4, 2021 Share Posted October 4, 2021 Hi, My friend, also my working partner asked me to find a module which can help him process the payment of his customer's order at the POS. I made a tour around the Addons Marketplace and found this module: https://addons.prestashop.com/en/point-of-sale-pos/6270-manual-credit-card-processing-offline-payment.html#overview However, when I studied its process, I found it confusing, as there was a note like this in the module description: "To make this process secure, only the first digits are saved to the database while the last digits and the security code are sent to a specific email address so that the complete credit card number is never stored on a single computer. Anyway, you can also configure to save all digits in database." It means that when the customer pay for an order, he/she needs to provide all the card's information (Card numbers, expired date, CVV) so that the shop owner can use them to process the payment on the hardware terminal gateway. Nevertheless, it also means that the shop will have the ability to store all the card information in the database and can possibly make illegal purchase from the customers' cards. How can this module prevent this risk? As I see no countermeasure for this except for PCI compliance which prevents bad guys who hack the store and steal the card information. But what will happen if the bad guy is the store owner or the salesperson of the store? Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now