I need to be able to capture credit card details over the phone and store securely in an Access database. The requirement is to then create an extract file containing credit card details, amount and to be sent to a bank. If the same customer calls again weeks later, there is a need to be able to re-use the same credit card. Any suggestions for how best to do this? Can it be done within Access only or do I need to consider some external service to which I should interface?
Storing Credit Card details
- Thread starter ChislePip
- Start date
GinaWhipp
AWF VIP
- Local time
- Yesterday, 21:12
- Joined
- Jun 21, 2011
- Messages
- 5,899
Others may disagree but I would NOT do this in Access unless I was using a backend with some serious security. So, yes I would look into some external service. I would them log in to some website that handles these types of transactions. You do not want to be responsible should their information get stolen.
- Local time
- Yesterday, 20:12
- Joined
- Feb 28, 2001
- Messages
- 30,498
Gina beat me to it. Access is made for a small office environment where domain-level security might not be available. In a stand-alone or small network situation, Access is very visible and not that difficult to "crack" - so I would not want fiduciary or financial or health-related data sitting on an Access-style back end. An active database server (ORACLE, SQL SERVER, MY SQL, SYBASE, ...) usually has better security and can be used with an Access front-end.
arnelgp
..forever waiting... waiting for jellybean!
- Local time
- Today, 09:12
- Joined
- May 7, 2009
- Messages
- 20,363
There is no need for you to store any info or get any service from anywhere, get the name of the user anr immediately surrender the card to the bank.
Is
If same customer call, tell her/him the card is in the bank.
Is
If same customer call, tell her/him the card is in the bank.
There are very strict rules about storing credit card details.
www.pcisecuritystandards.org
Official PCI Security Standards Council Site
A global forum that brings together payments industry stakeholders to develop and drive adoption of data security standards and resources for safe payments.
www.pcisecuritystandards.org
- Local time
- Today, 02:12
- Joined
- Jul 9, 2003
- Messages
- 17,510
I seem to recall that if you have the ability to take credit card payments you are not allowed to store credit card details, that is one of the terms of service / conditions. If you break that condition, you could lose the ability to take credit card payments.
Last edited:
Minty
AWF VIP
- Local time
- Today, 02:12
- Joined
- Jul 26, 2013
- Messages
- 10,670
@Uncle Gizmo I believe that is correct.
The only place you need them is when you are processing the sale, and that should only be done "live" with the cardholder on the end of the phone.
(In a past life, we had trade customers who didn't care and told us to just take payment using the details we had "remembered" as soon as the job was done, rather than trying to contact them.)
The only place you need them is when you are processing the sale, and that should only be done "live" with the cardholder on the end of the phone.
(In a past life, we had trade customers who didn't care and told us to just take payment using the details we had "remembered" as soon as the job was done, rather than trying to contact them.)
