Encrypt credit cards

The best security for credit cards is not to keep them on your site at all.If you are using an electronic gateway, they may only be stored on the bank's computers. However, not all gateways work like this and you may have the credit cards in the local database even if you are using a gateway.

If you are storing credit cards, then we recommend using VPCART encryption.

Xencryptcreditcard

Setting this to Yes tells VPCART to encrypt the credit card information before storing it into the database. It is highly recommended that you leave this option set to Yes to ensure the security of your customer’s data.

Xencryptkey

The key to be used for encryption.

NOTE: In older versions before VPCart 9, this config is located in shop$config.asp file and the key value can be modified.

Since VPCart 9, we have moved this config to basic_configs table for security reason and the value is auto generated by system and should not be updated by merchants manually. Also the basic_configs table is not visible for merchants as this table should not be modified.

In addition, VPCART will automatically remove the credit card details from the order record when the order is processed. We recommend you to regularly mark all orders processed in your administration once they are completed.