I have questions which regarding PCI compliance. 0. Would someone able to shed some light on how the credit card logic work?
1. Does it contact the credit card authorize gateway for a small authorize amount and void if success. Then captured the final CC amount at the order picking and shipping manifest process? 2. Does it keep or store the customer Credit Card information on the OFBIZ server? Credit card information such as: PAN, expiration, CVV... 3. If it stored credit card information on the server, does it encrypted before written to the database? 4. If it store the CC information on the server but doesn't encrypted. Does anyone has done this before? Thank you. Tom
