Capture card method
Some people want to capture their own credit card numbers to run
through a terminal as a quick and easy way to get their online
store going. For this we provide Capture Card, however please be
aware that the fact that you are responsible for your customers
credit card details makes this far from simple and we strongly
advise using one of the online credit card processors unless you
are fully aware of all security issues involved.
We strongly advise using ASPEncrypt for extra security. Check
with your host if it is available. You will need a SSL certificate,
either your own or shared from your host.
Please follow the capture
card wizard below for set up instructions
Capture Card Wizard
IMPORTANT NOTE
To reduce security risks set the automatic deleting of credit
card information to a workable minimum level - we would suggest
that 2 days is more than ample time. This setting can be found
on the main admin page. You can also manually delete the credit
card
information
from your database by hitting the "delete" button. We
strongly advise that you delete the credit card information as
quickly as possible to reduce the security risks. It is also imperative
to keep up to date with the latest updaters which
are released at regular intervals.
Troubleshooting
Here
is a list of possible error messages and the resolution:
This page contains both secure and non secure items. Do you want
to display the nonsecure items?
Make sure all of the images used on the thanks.asp and cart.asp
have been uploaded to the secure server
The name on the security certificate is invalid or does
not match the name of the site
The certificate you reseive on the ASP Encrypt site is a personal
certificate that only you will see or use. The SSL certificate
that you want to install on your site is different and should be
obtained from a certified issuing authority like thawte.com or
verisign.com
How do I view the orders on separate computers using just the
one personal certificate?
What you need to do is export the personal certificate from Internet
Explorer and install the certificate in internet
explorer on the other PC.
In Internet Explorer go to
Tools -> Internet Options -> Content -> Certificates Click
on the certificate and choose "Export...".
Click "Next"
Click "Yes, export the private key"
Keep the defaults on the next page of the .PFX format with strong
protection.
Type and confirm a password.
Choose a filename keeping the default .pfx file extension.
Click Next then "Finish".
To import the certificate in another browser go to Tools -> Internet
Options -> Content -> Certificates Click "Import..."
Browse to the location of the file you saved then click "Next".
Type the password you used when you saved the certificate and check
the box "Mark this key as exportable..." then click "Next".
The "Personal" certificate store should be selected,
leave that and click "Next".
Click "Finish".
Windows Vista Users
You will need to get the personal certificate on an XP
machine and then import it to your Vista computer following the
steps above. Then go to
Tools -> Internet Options -> Security
...you'll see a checkbox "Enable Protected Mode". If
you uncheck that then restart IE you should be able to see the
CC numbers.
Add
the site to the "Trusted Sites" tab and disable protected
mode there rather than making this lower security setting for
all sites.
Object doesn't support this property or method: 'Msg.EncryptText'
This is probably due to the version of ASPEncrypt
that is installed. Ask your host for the version number they
are running as the capture card method requires a minimum of
2.0. The upgrade to the latest version should be free.
Error ! Cannot invoke Persits ASPEncrypt -
Sorry, there seemed to be an error !"
This would suggest that the component ASPEncrypt is not installed
on your server. Check with your host and if it's not available
then follow the wizard for using the capture card method without
ASPEncrypt.
Troubleshooting checklist
I can get a card to process on the secure server I've
established. When I try to read the number by accessing the control
panel, I
get an error message that says "You appear not to be on a
https server..."
There seems to be some hosts which use some kind of proxy system
for shared SSL space, and that confuses the checks for server SSL.
If you are absolutely sure that you are on a secure server, then
set
nochecksslserver=true
...in your vsadmin/includes.asp file.
I don't receive the credit card details in my confirmation email
but can view them through the control panel
Credit card numbers are not sent via email for security reasons
- they can only be viewed over a secure connection in your admin
orders page.
I can't see the credit card details in the orders admin page
Make sure you are viewing the orders page over a secure https connection.
I don't get to see the credit card details when I download the
orders csv file
This is not possible if you are using ASPEncrypt as the information
is encrypted and cannot be downloaded.
Why does the credit card information disappear when it
was working before and I have a personal certificate correctly
installed?
The certificate may have expired:
Open internet explorer and then go to . . .
Tools -> Internet Options -> Content -> Certificates -> Personal
. . . and look in the "Expiration" column.
Please do read our guide here on credit
card fraud.
|
