[thelist] Re: Shopping Sites, Credit Cards

SP internetracer at yifan.net
Mon Jul 1 17:22:00 CDT 2002

If you are using your own merchant account and processing through a company
like authorized.net then you have complete control over your customer's
data.  This means you can store the customer's credit card numbers on your
database before sending it over to a processor to verify.  This isn't
recommended since you have to make sure your system is secure.

-----Original Message-----
From: thelist-admin at lists.evolt.org
[mailto:thelist-admin at lists.evolt.org]On Behalf Of Kathy Long
Sent: July 1, 2002 1:29 PM
To: thelist at lists.evolt.org
Cc: Chesna Blazick; Sim
Subject: [thelist] Re: Shopping Sites, Credit Cards


To set matters straight about the storing of cc numbers at Gateway, I called
B of A to get the facts. I'm not sure how they handled this a year ago which
is when we got our gateway, but at present:

They do NOT make cc numbers available to their vendors.
They are NOT visible or available in the sales history screen - the only
thing the merchant can see there is the type of credit card number used.
They DO keep credit card numbers in THEIR system accessible by B of A only.

I suspect Authorize-net is the same because of my client's inability to
retrieve a cc number from them for a transaction he received, but I did not
research that one as well to verify.

So, it looks like that, at least, the B of A gateway is a good one to
recommend for security.

Thanks for sharing your PayPal explanations. Those are really good ideas and
I hope you don't mind me using them. PayPal is sometimes the only affordable
solution for small vendors (though I often tell my clients you probably can
NOT afford to get a merchant account), and these explanations can certainly
lend to the success of their online sales. I was really happy to hear PayPal
has worked for you and will pass that info onto my clients when the need


> Message: 13
> Date: Sun, 30 Jun 2002 20:37:53 -0600
> To: thelist at lists.evolt.org
> From: Keith <cache at dowebscentral.com>
> Subject: Re: [thelist] Re: Shopping Sites, Credit Cards
> Reply-To: thelist at lists.evolt.org
> At 02:17 PM Sunday 6/30/2002, Kathy wrote:
>> because it seems to contradict my personal experience with the B of A
>> gateway.  We recently tried to retrieve the cc number of one of our
>> customers and were told, "Sorry. We don't store those numbers."
>> I'm curious. What gateways do you know of that do that? Perhaps they are
>> ones that I should not recommend.
> I had a B of A shopping cart using a B of A merchant account that I used
> until 6 months ago. The credit card numbers were displayed in the admin's
> sales history screen. I've never used Authorize.net. Things may have
> changed in those 6 months but federal and state laws defining who owns the
> transaction would have had to change also (VISA could of course do that
> overnight if they wanted to).
> I do hope you are right!!  It would give smaller sites using third party
> gateways an advantage over sites who can afford to run their own gateways.
> And a major advantage over telephone-order type sales where the card
> is of course given to a faceless voice (I smell web design
> opportunities....). Please let us know what you find out. If the rules
> changed they changed to protect the cardholders and websites should be
> passing that along to instill confidence.
> FWIW here's a paragraph I use on my sites (a bit more than "it doesn't
> matter who I am..." )
> <quote>
> For Your Protection: Payment for download of (REMOVED) is processed
> PayPal, the largest, most secure payment exchange on the Internet. Your
> credit card number and billing information will be transmitted directly to
> PayPal secure servers for authorization. Your credit card number and
> billing information are NEVER revealed to (REMOVED) or it's parent company
> (REMOVED) at any time. Paying for your order through PayPal makes your
> online purchase as safe as using an ATM. Paying through PayPal is the
> safest way to make any online purchase.
> </quote>
>> a nightmare because of their member login requirement and ended up with
>> giving up. What good is a secure payment processing system if your buyers
>> give up trying?
> I totally agree! That stupid signup crap made sense when PayPal was
> strictly person-to-person exchanges. But 90% of their revenue comes from
> website sales now and it makes no sense to force people to enter any extra
> keystrokes when they're ready to pay. I try to diminish the consumer's
> with the following statement next to the PayPal button:
> <quote>
> If you have never purchased with PayPal before you will be asked to "Sign
> Up". Sign up registers your credit card number and billing information
> PayPal so you can join 16 million other shoppers buying on over 40,000
> websites without having to submit your credit card information again.
> </quote>
> Keith

For unsubscribe and other options, including
the Tip Harvester and archive of thelist go to:
http://lists.evolt.org Workers of the Web, evolt !

More information about the thelist mailing list