I'm working on a project that needs to be have the credit card payment integration, we want to use elavon.com API. One of the requirement states that we need to record the credit card information during order, manually approve/ reject each order & charge the card only when the order has been manually approved. The question is can we do something like this with Elavon? & is it the right approach for this task, as I know there are many security risks with this. I read about getting a token from the API and storing the token instead of storing the credit card information. Any direction/ guidance in this direction is highly appreciated.
Asked
Active
Viewed 201 times
1
-
It's always a bad idea to store the full credit card information. I would store the last 4 digits for reference and the card type, but not the full credit card information. – Elymentree Sep 27 '16 at 16:05
-
Yep, I would do the same, my question was directed more towards the implementation of the architecture. I have got the documentation from elevon, will go through it when i get time. – PehamRaza Sep 30 '16 at 16:11