Question
I am working on PayZippy payment gateway integration in an e-commerce website. I am new to this type of sensitive transaction. Currently, I am only tracking the "payzippy_transaction_id", "transaction_status" in DB from the Redirect response and rest of the info I am logging in a flat file as a part of request-response logging. Do I need to put all the parameters(e.g. bank_name etc.) sent by Payzippy in DB.
Solution
The response sent by PayZippy as part of Charging Response can be stored in the database without affecting your compliance. Since, you are already logging that in the flat file, you are storing it in your servers any case.
In case of issues, contact PayZippy support and check with the PayZippy Tech team.
OTHER TIPS
It's completely optional. Merchant can choose to not store any of the response values in his DB.
Regards, Team PayZippy
Storing the information in the database will not raise a compliance issue, but DOES expose you to risk. In the case of server breach and data theft (which isn't rare), you may be subject to fines and/or legal charges from the victims or the banks.
Unless you need the bank data for future or analytical use, I suggest you DO NOT store it in your database and store only the transaction id.
https://stackoverflow.com/questions/22677868
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian