We have been getting a lot of worried customer emails regarding the recent announcement from Authorize.net that they accidentally sent full credit card numbers back with some transactions on March 21, 2016.
Rest assured, all versions of Site Store Pro are unaffected by this Authorize.net security/compliance issue.
If you are using Site Store Pro with Authorize.net, your online store data is fine and requires no interaction or modification (even if you received the email from Authorize.net alerting you of the March 21st issue).
Site Store Pro does not store any customer credit card or billing data under any circumstances. The only data that is stored from Authorize.net from a credit card transaction postback are the transaction status (approved, failed, pending, etc) and the transaction ID/approval code. The customer’s credit card billing information is not captured on the post back.
Note: Other shopping carts that are saving the last 4 digits of the card transaction from Authorize.net will be effected by this issue but Site Store Pro does not capture or store the “Account Number” field and has never stored it in any version of the cart. If you have other website(s) using a different shopping cart than Site Store Pro and are using Authorize.net, you should contact that shopping cart provider or your cart developer for more information.
If you have any questions about the Authorize.net issue on March 21st, please reply to this message or contact your developer.
More information on Site Store Pro, credit card storage and PCI compliance is available at:
Site Store Pro Support