re: Important announcement regarding Patron Edge 3.340

Nicholai Burton — Wed, 05 Nov 2008 00:40:41 GMT

It is true that the info will only exist during the authorization process and will be wiped afterwards. While it is the most secure, I agree that it can potentially put a strain on customer service. As a workaround, there is still the ability in PCCharge to enter the TroutD number to retrieve credit card number and expiration. This number can be gotten from a Credit Card Detail report in PCCharge.

I understand this is not an ideal solution, but removing cards was the path that Blackbaud chose to take in order to reach PA-DSS compliance in time for the PCI-mandated deadline without significantly affecting performance.

re: Important announcement regarding Patron Edge 3.340

John Holm — Tue, 04 Nov 2008 23:09:01 GMT

The lack of credit-card info in the database is a big step for security, but My ticket-sales department will see this as a step-backwards for customer service and functionality. We allow managers to see the full card number on orders so that we can verify with customers what card was charged for an order. Sometimes we don't know who placed the order, and have to do a refund to the same card. We also offer a split-payment service, where we charge the same card for the other half of the total a couple months later.

Is it really true that all credit card info will not exist in the database? If so, that means we will have to store card numbers in a seperate place. Is there a plan to have an option to store the info if PE users wish to (which we do...)?