enigma1
msg:4422590 | 11:25 am on Feb 28, 2012 (gmt 0) |
It may not be a good solution even if a gateway was providing a token back to you in this context. Visitors could submit the same information using different case letters, whitespace in the various fields, may have a different start/end date for their cards than the previous time they tried to buy something etc.
So from what I understand you need to generate a non-reversible token from some of the fields the customer submits as billing/shipping info after doing some field refinement. And then use the token for identification.
|
Daldain
msg:4422705 | 4:56 pm on Feb 28, 2012 (gmt 0) |
I should have been more clear, I would like a token on the CC number only. This way there would be no confusion as to what it encompasses.
|
rocknbil
msg:4422711 | 5:11 pm on Feb 28, 2012 (gmt 0) |
How about creating a one-way encrypted hash of some sort and using that as your token? I presume you're doing a silent post, you'd create the hash at that point and store only the hash and being a one-way hash, can't be stolen. (reasonably, ANYTHING is possible.)
Next time an account cc comes in, if the hash matches, it's the same card.
|
Daldain
msg:4422803 | 8:24 pm on Feb 28, 2012 (gmt 0) |
We would certainly be able to create a one-way hash if we accepted the CC number on our end. However we would prefer a 3rd party hosted gateway to gather the CC data so that we won't have to go through the hassle of monthly PCI compliance.
|
paladin
msg:4424219 | 5:58 pm on Mar 2, 2012 (gmt 0) |
Have you looked at Gate2Shop?
|
|
