Hi everyone, It appears that ofbiz is saving credit card information. While there is sometimes a business need to do this, very often, there is not. For example, with cybersource and verisign, all you need to store is the authorization code. With the authorization code, you can perform settlements, and returns. Of course, there could be an back-office process that runs credit cards, so it would be necessary in that case.
I am bringing this issue up because holding this information is a risk. It would be nice if ofbiz could provide a means by which organizations would be able to opt out of having credit card information stored for their customers. If I am mistaken, or mislead, or off my rocker, please dish me out some punishment! Thanks. Phillip
