Feature Requests
Share ideas, discuss and vote on requests from other users in community
 

Never store credit card information locally when using a tokenized gateway

jclarke shared this idea 5 years ago
Completed

There are two cases in which if you are using a tokenized gateway with WHMCS that you could still be storing credit card information locally instead of at your gateway.

-A new user orders a product and pays with a non credit card gateway such as PayPal.

-They decide they would like to add a credit card to their profile, they do this from the Client Area

-At this point the credit card information isn't tokenized, it is stored locally until the first time the card is used.

-A new user orders a free product and they input credit card details.

-The credit card details are stored locally until the first time the credit card is used.

The underlying issue is WHMCS will only call the storeremote function if the user has at least one invoice set to a credit card gateway.

Comments (39)

photo
1

Hi John, thank you for your reply and for the clear explanation.

Given the capabilities of the "_storeremote" function with the modules listed, we are considering changing from eWay token payments to Stripe. We'll test it out first :)

Thanks!

photo
1

Hi John, that doesnt help at all with my gateway, I use psigate. it is showing that you cant actually think this process through for all gateways apparently making a setting work for some and not others is totally missing the point of this request. Please reopen it to make it work for all gateways as it should as mentioned in my previous post.

photo
1

Hi John,

We'd be pleased to consider feature requests to refactor individual payment gateway modules to use the new _storeremote function to this end.

photo
1

from my understanding psigate does support _storeremote so if you actually properly implemented this feature it should work for all gateways that do, should it not??

also making us disable cc storage cripples us because you can no longer store the last 4 digits of the card in the database making this method useless even if it was one of the few supported gateways you mention.

photo
1

Psigate is a Merchant gateway type, rather than a toksanisation payment gateway type. As a result the full card details need to be stored locally and are passed securely to Psigate when a capture attempt is made.

As a result the Disable Credit Card Storage option will definately need to remain disabled with Psigate or any Merchant type payment gateways.

The different types of gateways are clasified here: http://docs.whmcs.com/Payment_Gateways

photo
1

Hi John, i find it hard to believe you actually believe what you just wrote. That just means those are the only gateways you have bothered to actually get working with tokenization, it's your own classification not something to do with the limits of the actual merchant processor and you know it. Aside from updates done in the client area or admin area not getting tokenized automatically, I've got a script programmed and working that does exactly what you say is not possible while leaving CC storage enabled and tokenizing the credit card. if i can get that last bit solved (programmer is getting hard to pin down now) maybe I could share it with you to roll into your module?

photo
1

Hi John,

If Psigate now offer a tokanised payment solution, that is potentially something we can consider implementing in future. However at this time, the request for such a gateway has received only 2 votes in 3 years: https://requests.whmcs.com/topic/psigate-tokenized-gateway

photo
1

nothing has changed they always have. if I have to wait for more votes on the feature for you guys to actually work on tokenizing all your merchant gateways, ill just give up commenting now do you not do anything proactively without requiring votes? anyway thanks for the reply. Ill make do with the script I have.

photo
photo
1

Hi John,

I have a question..

Consider the situation of using Stripe, 'Disable Credit Card Storage' option enabled, new customer with no previous credit card transactions. Is it supposed to be possible to save credit card details to Stripe without an initial invoice?

I've tried saving credit card details via WHMCS admin, it says that it has saved the details but a token doesn't get stored and the card details don't get saved with Stripe.

Does this functionality only work once a customer has paid their first invoice using the Stripe module?

Thanks!

photo
1

Hi Chris,

One of three things needs to be the case for this to work:

1. The system default payment method is set to Stripe (ie. it's first in the list on Setup > Payments > Payment Gateways) or

2. The client's defualt payment method is set to Stripe (under their Profile tab) or

3. The most recent unpaid invoice has Stripe as the payment method.

photo