CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Pre-installation Questions (Moderator: Dave Greenberg) »
  • Security - Pay by Check?
Pages: [1]

Author Topic: Security - Pay by Check?  (Read 2900 times)

bleimone

  • Guest
Security - Pay by Check?
September 17, 2007, 10:06:16 am
Hello,

I am interested in using CiviCRM as a donation management system. We plan to only accept payment by check and we have another company that we will be submitting the routing number and account number through.

If I plan to use SSL and add two additional options for someone to enter their routing and account number -- will this data be transferred to the site securely?


Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Security - Pay by Check?
September 17, 2007, 11:26:24 am
Yes, it will be transferred securely if all the relevant pages are SSL enabled. Note that view contributions and other pages in CiviCRM are not SSL enabled. You might want to make the entire site SSL.

However, if you are not experienced with security and locking your machine/db down, we'd advise you from storing the routing and account number in the DB.

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

bleimone

  • Guest
Re: Security - Pay by Check?
September 17, 2007, 11:45:28 am
The SSL is a shared SSL and they way I understand SSL is if we point to https site the same page can be access via http (without ssl). How do I make sure a particular page is only accessible via SSL?

If the DB is hosted by a hosting company how do I make sure that its locked down??

Would I be able to have the routing #/ account number to be posted and once it is posted I remove it from the profile (am I able to remove it from the profile)?

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Security - Pay by Check?
September 17, 2007, 12:10:58 pm

You will need to work with a developer to ensure that particular pages are available only via SSL. One alternative it to make ALL of civicrm available only via SSL (so change all the url's in the settings file to https)

With regard to the db and holding account information, i'd advise you to chat with someone knowledgeable about security and can check your setup. I'd be very careful and would think twice before storing bank account information in the db

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

bleimone

  • Guest
Re: Security - Pay by Check?
September 17, 2007, 02:05:46 pm
Okay -- so I think I will try to avoid the capturing of that information.

Another question --- can I set up the donation page so they can choose on the these two ways to make payment:

1) Mail in check
2) Automatic withdrawal (acts the same way as the mail in check option on the front end - doesnt do anything special).

Enter amount of total donation? (can I change the words for the donation box to say something different?)

Once everything is submitted it will tell the user to click another link to set up the automatic withdrawal from another site? (So does it have a thank you page that I can post a link in for the user to redirect themselves?)


Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Security - Pay by Check?
September 17, 2007, 02:25:01 pm

Mail By Check / Pay Later is not available as yet. This has been requested in the past, but so far no one has done the needed development work :(

We expect to add support for it  in a 2.x release.

You can change most of the words displayed to the user by creating a custom version of the templates. You will need to be comfortable with html and creating directories / files to do the needful

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions

bleimone

  • Guest
Re: Security - Pay by Check?
September 17, 2007, 05:54:09 pm
Okay - will be looking forward to that release. This may be what you mean, but I did not want to assume since I didn't ask specifically....  Is there a way to not have ANY payment set up for the donation? So it doesn't say anywhere in the coding that its pay by mail, but because there is no payment system there it will default to that?

Thanks.

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Security - Pay by Check?
September 17, 2007, 06:25:11 pm

Note that a 2.x release will not be out till sometime next year

A contribution page could be non-monetary, in which case there is no credit card processing / transaction / payment processor involved. The amount can also be zero in which case we bypass the payment processor. You might want to play with the various configurations possible on the demo server or your local civicrm install

lobo


A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Pre-installation Questions (Moderator: Dave Greenberg) »
  • Security - Pay by Check?

This forum was archived on 2017-11-26.