WHMCS Stores CC's?

[CaptainBlueBear]

If I have recurring billing and I change my payment gateway from Quantum Gateway to PayPal Website Payments Pro, that will still allow my clients to pay via CC directly on my website I believe.

My main question is will recurring billing charges still be processed?

I think the CC data is stored in WHMCS and so it will work, but before I do this I wanted to check.

Thanks.

 

[TheHostGenie]

Yes, recurring billing will still occur because you can't deactivate that payment method unless you switch each customer's payment method to something besides that method. Otherwise, their recurring billing will continue.

 

[eNetcloud-CEO]

Yes .. there should not be any issues while receiving the recurring payments from client though you changed the payment method , since WHMCS keeps the record in the DB

 

[CaptainBlueBear]

Yes, recurring billing will still occur because you can't deactivate that payment method unless you switch each customer's payment method to something besides that method. Otherwise, their recurring billing will continue.

Oh, this is not what I wanted. But I see now that you're quite correct. I clicked on disable for Quantum Gateway and it says:

You cannot disable a payment gateway that is used by products, addons, domains, invoices or orders in the system

I see I failed to explain the problem here. I have just purchased this business from someone else and the existing clients have recurring billing set up. I know zilch about WHMCS. I know Linux and cPanel and hosting etc. but I never used WHMCS before.

So, eh, what do I do? Must I make myself an account at Quantum Gateway or is there some way to transfer these automatic billing to PayPal Pro? Truth is I don't even know if it's "products, addons, domains, invoices or orders" which are connected to Quantum.

It just happens that I have PayPal Pro for another site of mine, so it's easier.

 

[HostLeet]

Add PayPal Pro or any other gateway you want to use first. Then, stop new customers and existing customers from using the old gateway by disabling it from the order form. Make sure to inform all your clients of the change!

To do this.. First, go into your WHMCS Setup>Payment Gateways and uncheck the "Show on order form" box located in the Quantum Gateway section.. Then, go into Setup>Products/Services and click on any product Group Name to edit it. There you can check or uncheck any payment gateways allowed to be used to purchase any products in that group.

Hope that helps.

 

[handsonhosting]

If you already have an account at Quantum, you need to start using their Quantum Vault setup. This will stop the users entering credit cards directly into WHMCS and will take your server (and software) out of PA-DSS Compliance (part of PCI Requirements of Visa & Mastercard).

With regards to not being able to disable because users are already using the gateway, we had the same type event when we changed gateways about 4 years ago.

Basically if you run an SQL query in your database directly and change the existing gateway to the new gateway for all users, then you can disable the gateway in WHMCS.

Contact Quantum, they'll walk you step by step through this as they do this all the time. If you're lucky (and nice) they'll even do the steps for you

 

[CaptainBlueBear]

Thanks for the answers. The problem is that CVV numbers are not stored and so changing to PayPal Pro SEEMS that it will ruin the established recurring charges, because PayPal will complain that it doesn't have CVV.

So I applied for an account with Quantum. I figure if they will give me an equivalent account, I will just use that and then I'm OK.

Truth is their fees are lower than PayPal Pro.

Thanks.

 

[handsonhosting]

The storing of a CVV number is a strict violation of Visa and Mastercard protocol and you will not only find your merchant account terminated but you will face fines from the credit card companies. The purpose of CVV2 verification is to prove that a card is on hand. The storage of that information will get you in trouble.

When it comes to subscription renewal places, PayPal Pro does have a subscription type system that can be used, but they do not store the CVV2 code either. Quantum Gateway (CDG Commerce) has a feature called Quantum Vault which will store the credit card number for you, but again, CVV2 can not be stored.

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml
10.2.2 CVC 2 Data Storage Standards
Acquirers, merchants, or any agent representative thereof (including TPPs and DSEs), and any POI terminals or devices operated by any such entity, must not store card validation code 2 (CVC 2) data in any manner for any purpose. Issuers should not expect CVC 2 data in recurring transaction Authorization Request/0100 messages.

At its discretion, MasterCard may impose a noncompliance assessment of up to USD 100,000 per each individual violation of this Standard, with a maximum aggregate assessment of USD 500,000 for additional or continuing violations during any consecutive 12-month period.

So unless you have $100,000 for EACH storage of the CVV2 code, and then want to pay an additional $500,000 for EACH continued use of the violation , I highly advise do not store CVV2 codes.

 

[hosthop]

I see you are changing merchant accounts and just wanted to add this...

Merchant accounts and fees, they offer you are just suggestions if you have any kind of volume they will lower your fees. Or tell them company X's rates and see if they will match you to stay with them. Never hurts to ask.

I also see from your other post you are new to the hosting business so welcome aboard!! It is fun, you learn something new everyday, and at the same time do something I hope you enjoy... Good luck and remember there is no bad question unless it's a highly repeated one. Always "google" first...