Jump to content

how to export credit card numbers

is6com

By is6com
in Using WHMCS

 Share

Recommended Posts

is6com Junior Member

is6com

Posted
Posted

how do we export credit card numbers with the client details

 

e.g..

 

when I try to export the client data via csv, the credit card details are not exported,

 

---

 

reports -> CSV Exports

 

---

 

The following CSV exports of data can be used to export client data into accounting applications.

 

* Clients

* Products/Services

* Transactions

 

---

 

Is there a way to export the credit card details (after pasting the cc encryption hash) for offline storage?

 

this is a very important requirement to ensure that credit card details are not lost due to encryption key loss or corrupt encrypted cc data within mysql

 

---

 

Please advise how to do this,

0
Link to comment
Share on other sites
  • 2 weeks later...
is6com Junior Member

is6com

Posted
  • Author
Posted

The question asks:

 

"Is there a way to export the credit card details (after pasting the cc encryption hash) for offline storage?"

 

---

 

It is perfectly legal to store credit card numbers offline,

 

 

(Just internet storage requires encryption)

 

---

 

The keyword that may have been missed is

 

"offline"

 

This is extremely necessary and should be implemented ,,

 

or is there a php function that we can run (while using the cc encryption hash) to export cc numbers in bulk directly from the mysql backend?

0
Link to comment
Share on other sites
AndrewMKP Senior Member

AndrewMKP

Posted
Posted

Yeah I don't think I would want this as a module at all for my company, if someone broke into my system and could download my clients CC numbers at a click of a button that is a serious security breach!

 

If you want this specifically for you then contact WHMCS direct.

 

At least if my server is breached it is encrypted unlike a piece of paper :roll:

0
Link to comment
Share on other sites
Matt Wade Senior Member

Matt Wade

Posted
Posted
Yeah I don't think I would want this as a module at all for my company, if someone broke into my system and could download my clients CC numbers at a click of a button that is a serious security breach!

 

If you want this specifically for you then contact WHMCS direct.

 

At least if my server is breached it is encrypted unlike a piece of paper :roll:

 

If someone breaks into your server, they can already get client credit cards with the click of a button. All they have to do is look at the file configuration.php, copy the hash, and then go to client accounts and paste it in. Bottom line, if your server is breached, you have a problem.

0
Link to comment
Share on other sites
  • 2 weeks later...
is6com Junior Member

is6com

Posted
  • Author
Posted (edited)

@AndrewMKP - your lack of knowledge and common sense should prevent you from commenting further within this thread,

 

If you get hacked, your cc encryption hash is also hacked as it is stored within configuration.php

 

---

 

The importance of storing credit cards "offline" is EXTREME/VERY HIGH as your business will suffer greatly if you lose all your credit card numbers,

 

---

 

Please refrain from posting your opinion in this post as the thread was not intended to obtain your lack of common sense and business sense opinions,.

 

The post is to obtain a method to extract the credit card numbers in BULK for OFFLINE STORAGE!!!

 

---

 

The "whmcs encryption method" used for encrypting the cc hashes is not PUBLIC and a BULK export method for cc number plain text exporting is essential (note: the bulk export can still ask for the cc encryption hash as if it was decrypting a single cc number),,

 

 

---

 

We are currently manually adding the cc numbers and client data to a OFFLINE storage method and when customers update their cc numbers within whmcs, we still have to manually update our offline database,

 

I am hoping the whmcs creators will add this feature or advise if there is a function in php we can use (with the cc encryption hash) to bulk export the cc numbers

 

---

 

Also,

 

is the cc encryption hash thats stored in the mysql database binary data???

 

---

 

Has any\one tried to export the mysql db with cc encryption hashes and re-import? Is there any issues with that?

Edited by is6com
0
Link to comment
Share on other sites
bubbasheeko Senior Member

bubbasheeko

Posted
Posted

I have to agree with AndrewMKP.

 

WHMCS is capable of doing database backup's everyday....keeping those precious credit card numbers encrypted...the way they should be.

 

Encryption keys can be stored in a secure location...an offline password manager.

 

Corrupted encrypted CC's can be restored from the most recent backup.

 

There may be a reason you need to view a credit card number...that is why you can see the encryption key....but the need for all of them...for 'backup' purposes...blows my mind! WHMCS will most likely never see a function like this introduced. I think you will be stuck doing it manually, one at a time.

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept