When using the Agoracart off-line gateway there are two methods to recover the credit card number to complete the transaction. Without encryption Agoracart splits the number into two parts. One part is E-Mailed to the appropriate Merchant E-Mail address and the other part resides in the store manager's order log file. This is done for security reasons and the store's default code must not be hacked to over-ride this process.

   The second method is to use encryption to send the purchase details, including the complete credit card number to the appropriate E-Mail address where the contents of the E-Mail must be decrypted to gain access to the information.

   While the second method is the most secure and convenient method it is only as secure as your security habits allow. Doing things like not running an anti-virus program and not keeping it updated and not running a decent firewall, removing the credit card information from the encrypted E-Mail and pasting it into a text or data file, not using high security formatted passwords and having your system remember your GnuPG password among other things, can get you into big trouble in any one of those areas. Think I'm paranoid? Just drop your firewall for a day or so with cable or DSL and see what happens. You can read in the news about computers with confidential information being compromised, stolen and employees stealing client data that puts a company's identity and their client's identity at risk, quite frequently.
Being paranoid about security is a very good thing so be diligent and learn as many aspects concerning security as you can get your hands on. It is your responsibility to protect your customer's confidential data at all times and at all costs!
After running the credit card purchase through your terminal, online merchant service or by phone successfully then copy all purchase information from the email to your accounting program EXCEPT THE CREDIT CARD NUMBER. Then delete the email. There is no reason for you to keep the credit card information. In addition, you maybe violating the terms of your merchant account and/or the terms of the credit card company itself by retaining the number, which, makes you personally liable for any damages. At the vary least you may loose your ability to run transactions with any given credit card company and/or merchant service.

The overall process can look quite intimidating. Take your time and follow the directions one-step at a time and you'll be fine.

   The first part of this tutorial covers the Acquisition And Installation Of GnuPG followed by Creating GnuPG Keys Part One then Creating GnuPG Keys Part Two and finally Creating GnuPG Keys Part Three.
Your public key will be the key of interest, which, should be used only for the purpose of administering your store. Your private key is another story. Nobody but you should have your private key. Your private key, public key and your revocation certificate with your password, E-Mail and your "name" should be all gathered into one place and backed up to a removable medium such as Floppy, CD, DVD, Zip or what have you. The data should be encrypted with a secure program using a secure password and the destination should be made un-writeable after transfer to avoid having the data accidentally erased. Furthermore, the diskette or whatever should be placed in a very safe place to prevent loss due to any circumstance. Always keep this group for emergencies or restoration and always keep all instances of this group under high encryption.

   The second part of this tutorial will cover exactly how to set up the Agoracart manager to allow for encrypted E-Mails. You should check with your hosting company to be sure that GnuPG is set up and enabled for your hosting account. You should also get the server path to gpg so you don't have to guess at the path

   The third part of this tutorial will cover the integration of Mozilla Thunderbird with GnuPG. The method I outline here is, in my opinion, best because you will learn the process for key generation in GnuPG and have a reference for exporting keys as well as other GnuPG DOS command functions. Thunderbird allows for a point and click solution but you will be better served by learning how to use GnuPG at the system level.

DISCLAIMER

   This tutorial has been tested and is as complete as possible on the first publication. There maybe some important facts and typos overlooked. There also maybe some additional information that could be added to make this tutorial more complete. Please E-Mail CartSolutions.net with suggestions.
CartSolutions.net and the author of this tutorial cannot control how the information contained herein is used. Therefore, CartSolutions.net and this tutorial's author cannot guarantee the fitness or usability of the information contained in this tutorial. By following the instructions contained within this tutorial you AGREE TO HOLD CARTSOLUTIONS.NET AND THE AUTHOR OF THIS TUTORIAL HARMLESS FOR ANY AND ALL DAMAGES THAT MAY ARISE FROM THE USE OF THIS INFORMATION.
Since this tutorial covers changes to your computer’s operating system you are advised to back up your system’s data and programs prior to making any changes in relation to this tutorial. It is also recommended that you make notes of what you changed and where on your operating system as the changes are made. Take notes of the original values before making any changes as well.
The information contained in this tutorial and all data and information contained within the cartsolutions.net domain is © Cartsolutions.net 2006. No part of this tutorial maybe copied or distributed without the express permission of CartSolutions.net. Please link to us instead. Thank you.