WHCMS 6.1 - eWay changes

[MattN]

Hi,

 

I read with excitement today (been reviewing implementing WHMCS to move away from Plesk-Billing due to uncertainty of its future), that WHMCS has a new 'PCI free' ability with eWay....

 

see this post : http://forum.whmcs.com/showthread.php?105738-Version-6-1-Release-Candidate-Now-Available

 

I am very curious to know how this works, both from a host's perspective, but also the clients.

 

I am very keen to implement WHMCS and eWay (and I believe that this feature will be the thing that tips me over the edge!) - my only issues are that with the current implementations of the eWay modules in WHMCS (even version 6.0x) we are still responsible for PCI-DSS compliance... Does this new module allow clients to update/change their credit card info, from the client interface, and but transact directly with eway seamlessly? (and just store the necessary tokens) oh please, tell me it does!

 

Or can you point me to some documentation about this feature within WHMCS?

[WHMCS Andrew]

Hey Matt,

 

With the current eWay modules, they are standard CC modules and do store card details encrypted in WHMCS.

 

The new module does not store the card details at all in WHMCS, and the card details do not touch your WHMCS installation.

 

From an Admin point of view, you will see the card type, the last four digits and the expiry date which are returned to WHMCS after making the payment. You will also see the client's token as generated by eWay when the payment is made. This will appear on the Credit Card popup in the Admin area, and also on the invoice in the admin area when editing.

 

From a client point of view, they will see a form to fill in their details exactly as they do now, the different being that the on submit, it immediately goes to eWay's servers to be processed. The form is client side, and the post is immediately made - there is no processing of the full card number and details in your WHMCS install - to eWay. eWay process the payment - in their words, it is a https://eway.io/api-v3/#transparent-redirect - and advise your install whether the payment has been successful or not and the client is returned to the invoice accordingly.

 

For recurring payments, the client will then not need to do anything, and the invoices will process automatically as they would with any other credit card invoice. An admin can also request a payment from an invoice in the admin area at any time, again like any other normal credit card payment.

 

A client can also change their card details from the client area at any time after making their first invoice payment. The form again will post directly to eWay's servers.

 

I hope I have answered the questions you had about this module, but if I have missed anything, or you have any further questions, please post them here and I will be happy to answer them for you.

[brianoz]

Andrew,

 

Is there any facility to move existing credit card numbers into the token storage system, rather than asking the client to re-enter card details that they already have stored?

 

Cheers,

Brian