Hello
I am currently using PayPal to process my orders via CS-Cart. However, people get stuck if they don't have a PayPal account. PayPal says it's the user but I don't think it is. Regardless, I already have an authorize.net account that I use for phone orders. I need someone to add text on my checkout page ALONG WITH THE PAYMENT GATEWAY giving people THE OPTION to pay via PayPal or via credit card (authorize.net).
(Prefer someone on west coast of America for timing.
Thank you
Janet Lancaster
janetatearthslivingclaydotcom
Authorize.net is already in CS-Cart. Go to Administration->Payment Methods->Add Payment and configure the new payment with Authorize.net.
Thank you The Tool. I think I got it implemented. Do you recommend using MD5 Hash?
Thanks again!
[quote name='Jmamelia' timestamp='1362864391' post='157356']
Thank you The Tool. I think I got it implemented. Do you recommend using MD5 Hash?
Thanks again!
[/quote]
Yes
If someone manages to obtain access to your store, NOT using MD5 will allow them to view CC data.
Further, MD5 can be revoked via Authorize.net as a security precaution, allowing you to use a different key
[quote name=‘JesseLeeStringer’ timestamp=‘1362957822’ post=‘157392’]
Yes
If someone manages to obtain access to your store, NOT using MD5 will allow them to view CC data.
Further, MD5 can be revoked via Authorize.net as a security precaution, allowing you to use a different key
[/quote]
Ditto. 
Hello I got a message from a customer writing " I noticed that there is no SSL/TLS protocol (https) when I am logging/logged in. This is a standard online security layer that I would expect when dealing with ordering and sensitive account information." Does this mean that CS-Cart is not secure? Do I need to buy an SSL certificate? Thank you.
[quote name='Jmamelia' timestamp='1363788333' post='158264']Do I need to buy an SSL certificate?
[/quote]
Yes. Even if your payments are processed at a different location, most customers feel better about their general information if they are shopping at a secured site.
Can anyone recommend a certificate provider? Is it very involved to implement? Thank you!
I use Namecheap. If you don't process payments on your site, a cheap SSL will do.
It's a little difficult if you have never done it before but your host should be more than happy to assist.
I am using the authorize.net gateway via CS-Cart Payment Methods. People enter their CC info right on my checkout page. I am assuming this means I am processing payments on my site, right? Thank you for your help!
[quote name='Jmamelia' timestamp='1363874425' post='158373']
I am using the authorize.net gateway via CS-Cart Payment Methods. People enter their CC info right on my checkout page. I am assuming this means I am processing payments on my site, right? Thank you for your help!
[/quote]
You are having to send the customer data to the Authorize.net AIM gateway and it needs to be encrypted before it is sent. That is where the SSL comes in.
If you are using any payment processor that requires the input of credit card info on the customer side, you need to have an SSL installed. I think I mentioned in another post that a dedicated IP address is required for this as well.
You can get SSL certs for around $10-12
[quote][color=#282828][font=arial, verdana, tahoma, sans-serif]If someone manages to obtain access to your store, NOT using [/font][/color][color=red][font=arial, verdana, tahoma, sans-serif]MD5[/font][/color][color=#282828][font=arial, verdana, tahoma, sans-serif] will allow them to view CC data.[/font][/color][/quote]
I am trying to decide if I should turn on MD5. Based on what you said, if I have Remove CC Info selected under Status' is there still a way to see the CC info? In order words, is that information still stored in the database?