 Online Help |
|
Online Help |
|
|
|
If Encryption is not available in the left navigation area of the administration interface, this indicates that Miva Merchant has not detected OpenSSL on the server. OpenSSL supports security features in Miva Merchant, and should be present. If you do not see the Encryption link, contact your Web hosting company. |
Encrypting payment information secures the credit card data stored with orders. The data is made unreadable so that it can be viewed in your administration interface only after entering a pass phrase.
This is an important security measure to help prevent credit card fraud. By using encryption you ensure that only authorized employees are able to see your customers' credit card information. Encryption would also prevent hackers from reading it even if they were to gain access to your database.
|
|
Note: Your host must support SSL (Secure Sockets Layer protocol) on the server, and it must be available to your store, before you can activate Encryption. |
If you are considering not using encryption check the terms of your agreement with your merchant account provider. Some require that credit card data be encrypted if it is stored on the server.
The encryption key determines what algorithm is used to change the data into unreadable text. Each encryption key you create will not only use a different pass phrase, it will actually encode the data in a different way.
You can specify one or more encryption keys and select any one of them to use as the current key.
Incoming orders will be encrypted using the key that is selected as current at the time the order is placed. If you select a different key as the current key, existing orders in the store remain encrypted by the key that was current when they were received.
If no key is selected as the current key, then no encryption will be in effect for your incoming orders.
Whether encryption is in effect or not, the order and checkout screens in the store appear the same. When using encryption, consider including a comment in the checkout and invoice page headers, assuring shoppers that their credit card information is safe.
To edit page headers, click Pages in the left navigation area. For each page where you want to include a message in the header, click Edit, then select the Header & Footer tab.
The credit card data to be saved with the order, will be encrypted. The actual data varies, depending on how your payment method is configured, but usually includes the credit card account number, name on card, transaction number, and other information specific to the payment method.
General order information, such as the shipping and billing address, items ordered, prices, tax, and shipping, is not encrypted.
The pass phrase is required to create a batch or run batch reports. If unbatched orders exist that use different encryption keys, you will be asked to enter each the applicable pass phrases. Before specifying a new current key, consider creating a batch first. By doing so, you would have only one pass phrase to remember for each batch of encrypted orders.
To see which orders were encrypted with each key, if you have used more than one key, click the Edit button associated with the key, then select the Orders tab to see a list of orders encrypted by that key.
Encryption affects the way data is stored in your Miva Merchant database, on your server. It works in addition to, not in place of, a secure certificate.
A secure certificate, provided by a third party (often through a Web host), protects the data being sent from the shopper's computer to your store, and assures the shopper that you are a legitimate business.
