Parallels H-Sphere Documentation Administrator Guide

 

Credit Card Encryption

 
 

Related Docs:   Merchant Gateway Manager Adding Merchant Gateways

Last modified: 24 Dec 2007

 

WARNING: This documentation covers Parallels H-Sphere versions up to 3.1. For the latest up-to-date Parallels H-Sphere documentation, please proceed to the official Parallels site.

Normally, credit card numbers are stored in clear text in the H-Sphere database.

The credit card encryption feature will allow you to add security by encrypting all the credit card numbers and to control when the credit card numbers are accessible by the Control Panel. This feature uses Public/Private key encryption technology (RSA Block Asymmetric Algorithm with a 1024bit key). All credit cards will be encrypted with a public key. The public key is always stored in a file on the Control Panel Server. The private key, which will be used to decrypt credit card numbers, will be downloaded by the administrator as a part of the encryption wizard.

WARNING:
1. The private key; is stored in RAM (NOT ON THE DISK!) and must be uploaded every time the control panel is resarted!
2. The permanent copy of the private key should be stored on a secure and safe medium by the administrator. It should not be on any of the H-Sphere servers!
3. If the private key is lost, there is no way for anyone (even for the support staff or programmers) to recover credit card numbers that have been encrypted!

 

Turning On

To turn on credit card encryption:

  1. Log into your admin control panel.

  2. Select CC encryption in the Settings -> Payment Settings menu:

  3. Click the OFF button to start encryption wizard.

  4. Proceed to Step 2 of the wizard to get the form with your private key:

    Copy the private key to your clipboard and also to a file stored in a safe location.

  5. On the wizard's Step 3, enter the private key from the clipboard to the form, and proceed to get your credit cards encrypted:

    Note: The encryption procedure may take a long time, up to an hour or even more, depending on the number of credit cards processed and the server physical configuration.

  6. Now, CC encryption is complete:

    Once the credit cards are encrypted, the private key will be stored in RAM until the Control Panel is restarted or until the key is manually unloaded.

Note: If you restart H-Sphere during the encryption procedure, it would automatically continue after the restart.

 

Loading Private Key

If you have restarted H-Sphere, you need to load your private key, in order to be able to access encrypted data, or in case you need to complete CC decryption.

You would see the following form in the Settings -> Payment Settings -> CC Encryption menu:

To load your private key, insert to the form and enter Submit.

 

Turning Off

To turn off credit card encryption:

  1. Log into your admin control panel.

  2. Choose the Settings -> Payment Settings -> CC Encryption menu and click the ON button to start decryption wizard.

  3. After you choose to decrypt, you would get:

  4. After the decryption process is finished, the CC Encryption menu would look like:

    Click the Unload button to complete disabling CC Encryption.

Important: If you restart H-Sphere during decryption, you would not be able to proceed until you load your private key!

 

If You Lose Your Private Key

If the Private key fails to load, the following issues will arise with users who pay with credit cards:

  • Accounts under plans without credit limit will not be able to add paid resources.
  • If the accounting cron runs when the Private Key is not loaded, accounts whose billing period has ended will be debited regardless of their credit limit. This may put some users over their credit limit.
  • Users who are over their credit limit will not be able to add any resources (including free resources) until the encryption key is loaded.

Related Docs:   Merchant Gateway Manager Adding Merchant Gateways



© Copyright 2017. Parallels Holdings. All rights reserved.