Custom Product Cart Upgrade Assistance

 

Our original developer is no longer doing Product Cart work and we are seeking someone to help us with an upgarde to the latest edition of Product cart with the following custom modifications intact.

 

1 - We hold all CC information including CVV so that we can manually review the order for Fraud in the Admin panel and then process.  Then the CVV is cleared after successful charge, per PCI guidelines. (Note: Before I get flamed for security issues, PCI specifically allows you to keep the CVV "for as long as reasonably necessary to process the transaction.")  We do have an issue in that if the Authorization fails due to error in data entry by customer (i.e. invalid card number, incorrect expiration date, or cvv), we have manually edit the Database to reset/correct the card number and would like to be able to edit it through the Payment Information screen and re-submit. [This process also allows us to add/remove items to the order and waive item and/or shipping charges as we frequently do for Active/Reserve Military.]

 

2 - We show a default "Estimated Shipping Cost" for either the item or gross weight as well as API Lookup to UPS and USPS sites for shipping charges.  We also show "Time in Transit" when available.  We have the Estimated Shipping Cost as both a default and fall back as we frequently adjust the shipping costs DOWN as the cost of shipping is lower if items weights are combined vs. their indvidiual ship weights.  We would like to improve/add some custom calculations so that we can avoid having to review each order to make sure shipping charges are as low as possible for the customer.

 

3 - We use a very simple "one page" layout showing the item and its' related accessories in the cart.  We only have ten items for sale.  The two main items display the related eight possible accessories.

 

4 - We are having some problems with Check out and Internet Explorer.  Some customers complain that when they get all the way to "submit" the page just cycles.  This has been reported at various stages of checkout.  When customers use FireFox or Chrome or Safari, there is no issue and checkout completes correctly.

 

If anyone is interested in taking on this project to either tweak our current 4.0 SP4 impelementation with a few fixes (shipping and checkout) or would like to bid on the project for performing the upgrade, please contact me.

 

Our site:  http://www.usregulationbugle.com

 

Thank you,

 

Jason Palmer

Direct Email and Phone numbers can be found at bottom of home page on the web site.

The misunderstanding in your response is that we ONLY STORE the data PRIOR to the Authorization, it is then deleted if successful.  Technically, everyone does the exact same thing, it is just a matter of the "time" that the information is stored. Even purported "Real Time" transactions have to store the data while the payment transaction is in process - until successful.

 

"Sensitive authentication data must never be stored AFTER authorization even if this data is encrypted."

 

Data MAY be stored UP TO THE POINT OF AUTHORIZATION, then MUST be cleared.

 

Hopefully this clarifies the issue. 

 

We have solid physical and human controls so we are not concerned about an unethical staff person running off with customer Credit Card data in its' entirety during the small window when full information is visible to the peson processing the orders.

 

Thank you,

 

Jason Palmer.