Purge Credit Card Numbers [Migration Draft]
ProductCart only saves credit card numbers to the store database, in an encrypted format, in the following scenarios:
If these scenarios encrypted credit card numbers have been stored in the database. The card security code is never saved, as explained here.
ProductCart allows you to take a further step towards protecting your customers’ confidential information by including a feature that deletes selected credit card information from the database.
PCI (protection of cardholder information) regulations require that you eliminate credit card information as soon as you no longer need it for processing an order. Read more about ProductCart & PCI Compliance
In ProductCart, credit card numbers are automatically purged when transactions have been successfully batch processed.
From the Orders menu, select Purge Credit Card Numbers. On the following page, enter a date range and select an order status (if the drop-down is shown). Then, choose which orders you would like to include in the process and click on the Purge Credit Card Numbers button. Note that this action cannot be undone.
We recommend that you periodically purge credit card numbers from the database, when they are not automatically removed. As a rule of thumb, you should purge all credit card numbers that are associated with orders for which your store’s return policy, and therefore the customer’s right to ask for a refund, has expired.
Even after credit card information has been purged, you can still identify which card a customer utilized. That's because when you purge the credit card number associated with an order, ProductCart will keep the first 4 and last 4 digits of the credit card number in the database. The rest of the numbers are replaced with a *.
- When you are using offline credit card processing.
- When you are using a payment gateway that supports batch processing (view a list)
If these scenarios encrypted credit card numbers have been stored in the database. The card security code is never saved, as explained here.
ProductCart allows you to take a further step towards protecting your customers’ confidential information by including a feature that deletes selected credit card information from the database.
PCI (protection of cardholder information) regulations require that you eliminate credit card information as soon as you no longer need it for processing an order. Read more about ProductCart & PCI Compliance
In ProductCart, credit card numbers are automatically purged when transactions have been successfully batch processed.
Manual Purge
From the Orders menu, select Purge Credit Card Numbers. On the following page, enter a date range and select an order status (if the drop-down is shown). Then, choose which orders you would like to include in the process and click on the Purge Credit Card Numbers button. Note that this action cannot be undone.
We recommend that you periodically purge credit card numbers from the database, when they are not automatically removed. As a rule of thumb, you should purge all credit card numbers that are associated with orders for which your store’s return policy, and therefore the customer’s right to ask for a refund, has expired.
Identifying the credit card used
Even after credit card information has been purged, you can still identify which card a customer utilized. That's because when you purge the credit card number associated with an order, ProductCart will keep the first 4 and last 4 digits of the credit card number in the database. The rest of the numbers are replaced with a *.