Information to be stored in payment gateway integration


The application I’m working on at the moment required a payment gateway integration.

So we need to analyze which ‘Credit Card Information’ can be stored in the local database of the application, with or without encryption.

Also which information cannot be stored in the application’s database at all.

If any one have idea about the above please let me know.

Thank you.


They have a risk control management system and can filter almost 90% of illegal or fraud transactions from credit card. ECPSS is the partner of Trust Wave in Asia Pacific area and therefore can screen fraudulent transactions and offer reliabe services to collect payment via credit cards online.

By storing the data, there’s a lot more
you can do with creative marketing.

For example, trial periods at 1 price
and 1 time period and then recurring
billing on a different schedule and a
different price.

For example: $1 trial for 14 days and
then $29 per month afterwards.

It’s also great for membership applications
so you can control the upgrades and

Rangz, do you really need to store Credit Card Information?

I agree with the question above. If you can avoid it it’s better not to store CC info. Let the processors deal with the technical complexity and legalese of doing so safely.

The secure answer is NONE.

Here’s how you do it the correct way:

>> Cart on 1 server

>> Credit card processing on a 2nd server

>> Credit card storage on a 3rd server.

Will others disagree?

Maybe … but call the folks at RackSpace
if you want to speak with real experts in
this field that deal with this daily and across
a broad spectrum of customers and

PCI compliance is a loaded gun waiting to
shoot $10,000 bullets. I don’t know anyone
that wants to be anywhere near the line of

Try to search for “PCI Compliance”. I think that is what you are looking for.