Hi
We have received communication from Secpay: copied below. Does anyone know if the osCommerce system fall into this category, i.e.: is it mandatory that it received 5 digits back from Secpay or will four digits be OK?
If this is likely to be a problem, which is the module that is likely to need changing.
Many thanks
Jerry
Dear SECPay Merchant
In order to comply with the latest Payment Card Industry Security Standards SECPay will be changing the card reference arrangements with effect from 17th February 2006.
SECPay will be shortening the card reference ID from the last five digits of the card number to the last four digits. This is a mandatory change based on international best practice for card data security.
This change should effect less than 1% of SECPay merchants.
For merchants that have configured their integration to accept only a five digit call back, they will need to change this call back script to accept four digits rather than five. Merchants can make this change at any time before the implementation of the call back change on the 17th February 2006.
What this means.
For most SECPay merchants that are using the standard SECPage connections there is no need for action as the standard call scripts will be unaffected by this change.
The only merchants that may be affected are those that use a direct connection to SECPay and have configured the call back scripting to only accept five digit card references, and those performing scheduled repeats.
Unfortunately, SECPay cannot identify which merchants have configured their integration in this way. If you are in doubt, we suggest that you should contact the web or systems developer that configured your system and make them aware of the changes.
Regards
SECPay Support
