This project is not covered by Drupal’s security advisory policy.
Commerce Payment Onsite provides payment gateways for capturing on-site the credit card details for online store payments. It currently provides a payment gateway and a payment method type that stores users' card details enrypted in the database taking advantage of functionality provided by the Encrypt module.
Please note that storing credit card details on your server is a major PCI liability and it should only be done when there is no alternative.
Differences with the Card On File module
Card On File does not store the full card details. Payment authorization and capture is meant to happen via a 3rd party external payment gateway. The purpose is to store enough information to allow users to reuse a card in future purchases, always via integration with the external payment gateway.
Payment Onsite stores the full credit card details instead, encrypted. Store managers would then be able to use them to authorize and capture payments using their own process and tools. This is sometimes a requirement for stores that use legacy systems.
Configuration
Configuration options per payment gateway include the encryption profile to use for encrypting card details, the credit card types accepted, and which credit card details are mandatory e.g. expiration date and card verification value sometimes are not depending on the accepted card types.
Supporting organizations:
Sponsored initial development
Project information
Seeking new maintainer
The current maintainers are looking for new people to take ownership.- Project categories: E-commerce
8 sites report using this module- Created by krystalcode on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
