Keep it Secret, Keep it Safe
“Keep it secret, keep it safe”
– Gandalf from the movie Lord of the Rings
Just like Gandalf instructed Frodo to carefully guard and protect the ‘One’ ring, merchants are expected to protect their shopper’s credit card information. The Payment Card Industry (PCI) has standards that all of us (merchants, hosting providers, shopping cart vendors) must follow. In fact, there is a validation process that carts like ShopSite have to be independently audited for. Even if you are using a validated application like ShopSite, there are still configuration options that you must use (such as using SSL/https) if you accept credit cards in your cart. For more information on configuring ShopSite to support PCI, see the online help.
Of course, even the most secure manner of entering and storing credit card information is not safe if you allow everyone at work the opportunity to access or print out the information. Even storing the data unencrypted on your pc for later processing is dangerous. The best way to protect a shopper’s credit card is to never have access to it. For example, if you use PayPal Standard, PayPal Express, or Google Checkout, the shopper enters their credit card information directly on PayPal’s or Google’s servers and you never see the credit card information. Even if you log into your merchant account (virtual terminal) on PayPal or Google, you cannot see the shopper’s credit card information.
PayPal and Google are great options for protecting both the shopper and the merchant (see Don’t Tug on Superman’s Cape), but many merchants also want to directly take credit cards with their cart. By default, if you set up a payment gateway like Authorize.Net AIM, ShopSite encrypts the credit card information, which can then be securely viewed in the ShopSite backoffice (merchant interface.) Of course, the shopper’s credit card information can now be accessed, which is what we are trying to avoid. In the ShopSite backoffice, under the Orders tab, click the Security button and then the Credit Card Storage button. From here, you can instruct ShopSite not to store the credit card information. Now, when a shopper securely enters their credit card information in the shopping cart (using SSL), it is sent to the payment gateway without being stored in the ShopSite orders database. Just as you bill for the order in Google Checkout using the virtual terminal, you can do the same thing in your payment gateway’s virtual terminal. And, likewise, you never need to access the shopper’s credit card information.
Note that, from a PCI point of view, entering a credit card directly in your shopping cart does involve your server, even if it is just long enough to send it to the payment gateway. So, your online store does have access to the credit card, if only for a millisecond and you still need to follow PCI guidelines for your server (having your sever scanned for vulnerabilities, etc.)
There are two payment gateway integrations in ShopSite where the credit card information is entered directly on the payment gateway’s server. First, there is Authorize.Net with the SIM api. When the customer goes to enter their credit card, they are clearly taken away from your cart to the Authorize.Net server (similar to PayPal Express) and then returned to your cart once the credit card information has been entered and validated.
The other solution is Braintree, where, to the shopper, it looks like they are entering credit card information into your cart, but it is actually being entered on the payment gateway’s server. In either case, the merchant never has access to the credit card and it never touches the merchant’s server.
Whatever methods you use, you can’t be more secret or safe than not having access to the credit cards in the first place!