Credit Card Number Being Stored and Emailed???
-
Hello,
I just ran a test transaction through and I see a couple of serious, serious issues.
The first issue is that the full credit card number is being stored in the Gravity Forms entry data. This is not wanted or desirable for the obvious reasons of PCI compliance and data vulnerability.
The second issue is that the full credit card number is being sent through the confirmation emails. Again, a security issue big time.
In both cases, the MOST that should be stored and emailed is the last 4 digits of the credit card number.
Am I missing something here? Can this be rectified please?
Thank you.
UPDATE: I had forgot to set up the Stripe feed. After setting it up, it worked great. GREAT PLUGIN!
- The topic ‘Credit Card Number Being Stored and Emailed???’ is closed to new replies.