[Vtigercrm-developers] marketplace
Alan Bell
alan.bell at libertus.co.uk
Mon Sep 21 19:21:58 GMT 2015
the card number and expiry date may be stored, but the CVV2 must not.
You don't need it for a cardholder not present transaction, it just
helps for instant authorisation, it reduces the risk of chargebacks to
the vendor.
Alan.
On 21/09/15 19:23, cryptic wrote:
> If a user adds their card details to the Marketplace their security code
> (also known as CAV2/CVC2/CVV2/CID), card number and expiry date is retained
> by vTiger.
>
> I was under the impression that sensitive authentication data such as the
> security code must not be stored after authorization (even if encrypted).
>
> See here for further information.
>
> https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf
>
>
>
>
>
>
>
>
> --
> View this message in context: http://vtiger-crm.2324883.n4.nabble.com/Vtigercrm-developers-marketplace-tp17384p17404.html
> Sent from the vtigercrm-developers mailing list archive at Nabble.com.
> _______________________________________________
> http://www.vtiger.com/
More information about the vtigercrm-developers
mailing list