360works Plastic Plugin

[Robert Crocker]

I'm looking into using your plugin. I don't see anything about storage of credit cards as how it applies to PCI compliance. Do you work with PNF numbers for storage and charge of recurring charges?

[Smef]

Plastic does not store credit card numbers. PCI compliance will depend on how your database is set up, and if you are storing credit card numbers in fields in your database. Using plastic will not make you database non-PCI-compliant.

[Pacer Print and Packaging]

I added the following script to mask out the credit card number when a successful transaction has been processed.

Set Variable [$CC_Number; Value:Transaction::Card Number]
Set Field [Transaction::Card Number; "************" & Right ($CC_Number;4)]
Set Variable [$CC_Number; Value:0]

 

[Allen Poole]

Using plastic will not make you database non-PCI-compliant.

But using Plastic can help make your practices PCI compliant. For example, if you use Authorize.net as your gateway, Plastic can submit payment card and ACH account numbers to Authorize.net's PCI-complient CIM database in exchange for a token, which is PCI-compliant to store in your database. Plastic then lets you run charges against these tokens, and Authorize.net looks up the corresponding account information in their CIM to complete each transaction.

[kgasman]

On 9/23/2015 at 2:51 PM, Allen Poole said:

Plastic can submit payment card and ACH account numbers to Authorize.net's PCI-complient CIM database in exchange for a token

How do you script the your suggestion to get a "token"

thanks