Hi all,
I want to make sure I collect user input for CIM in line with best practise. Would someone mind sharing their experience?
1) Not all cards have expiration dates so this is an optional field. Should I have a card type dropdown that hides/reveals dynamically required fields such as Card Code and Expiration Date?
2) I have a very strong SSL certificate, but should I also veil the Card Code field like a password field? If yes, are there any other fields that should be treated in this manner?
3) The payment form is hidden if the HTTPS protocol is not being used, as an additional safeguard. (The page forces HTTPS anyhow).
4) Any other tips/pointers?
Much appreciated,
Michael
04-22-2014 06:51 PM
1)that or if you really want to, use this to http://en.wikipedia.org/wiki/Bank_card_number figure out if cardcode and expiration date is required.
2)Do you mean saving it on your database or just * it out on the input?
3)Yes payment form need to be in https
04-23-2014 04:31 AM
1) Thanks, I think I'm being hesitant because I'm not used to so much control over my payment handling!
2) I mean veil the value with *** -> required?
3) Good
Thanks!
04-23-2014 04:38 AM
2)Pretty sure it not required, just use the CC to pay gas bill online last week and it didn't * it out.
04-23-2014 05:16 AM