Credit Card Number Being Stored and Emailed???

  • Resolved WebEndev

    (@munman)


    11 years, 2 months ago

    Hello,

    I just ran a test transaction through and I see a couple of serious, serious issues.

    The first issue is that the full credit card number is being stored in the Gravity Forms entry data. This is not wanted or desirable for the obvious reasons of PCI compliance and data vulnerability.

    The second issue is that the full credit card number is being sent through the confirmation emails. Again, a security issue big time.

    In both cases, the MOST that should be stored and emailed is the last 4 digits of the credit card number.

    Am I missing something here? Can this be rectified please?

    Thank you.

    UPDATE: I had forgot to set up the Stripe feed. After setting it up, it worked great. GREAT PLUGIN!

    http://wordpress.org/extend/plugins/gravity-forms-stripe/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Thread Starter WebEndev

    (@munman)

    11 years, 2 months ago

    UPDATE: I had forgot to set up the Stripe feed. After setting it up, it worked great. GREAT PLUGIN!

    sweetcera

    (@sweetcera)

    11 years, 1 month ago

    What version of WordPress are you using your Stripe Add On in Gravity Forms?

    Thread Starter WebEndev

    (@munman)

    11 years, 1 month ago

    3.5.1

    But this was a mistake on my part. I had not set up the Stripe feed, as noted in my previous post.

    All is well now.

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Credit Card Number Being Stored and Emailed???’ is closed to new replies.