Jump to content
  • 0

Migrating Credit Card Information

RonG

Asked by RonG,

 Share

Question

RonG Newbie

RonG

Posted
Posted

I need to migrate credit card information from UberSmith to Blesta

 

Is it possible that a method exits to export the data from UrberSmith? Has anyone done this type of action before?

 

Failing a simple export, is it possible to upload the information to a gateway processor and then download it back into Blesta?

 

Lastly, does anyone have other thoughts on how to accomplish this task without the need to contact each client and having them reinput their information?

Link to comment
Share on other sites

7 answers to this question

Recommended Posts

  • 0
RonG Newbie

RonG

Posted
  • Author
Posted

The first question is, how is Ubersmith storing card details? Are you able to decrypt the card details? If you can decrypt the card details, then they can be imported into Blesta with some work. We don't yet have an importer for Ubersmith, but there are options available.

 

I do not know how Ubersmith is storing the data. I do not know how to decrypt the information. However, if there are options, then I am interested in learning what options are available?

Link to comment
Share on other sites
  • 0
Paul Community Regular

Paul

Posted
Posted

I do not know how Ubersmith is storing the data. I do not know how to decrypt the information. However, if there are options, then I am interested in learning what options are available?

 

Ultimately a manual import, or a custom importer. If you can determine that Ubersmith is saving your card details (and not a token) then the question is, how are they being stored? Are they encrypted? If so, with what cipher? AES? What is the key? (rhetorical)

 

We have done some importers in the past where "proprietary encryption" aka "caesar ciphers"  :wacko: and other lame methods were used to encrypt data. In those cases, we sometimes had the importer make curl requests to the application to fetch the unencrypted card data from a browser as an admin. That's painfully slow, and not ideal.

 

So the question really is, what's feasible? Are you importing dozens of records, hundreds, thousands? The more records, the more it makes sense to code an importer. We can help with that, but it is likely to be fairly expensive.

Link to comment
Share on other sites
  • 0
JohnZ3701 Newbie

JohnZ3701

Posted
Posted

I know this is an old post, but I thought I would give some headway.

The CCs are saved in the database, and the last 4 are seen by the customer and staff, along with the type and EXP.  At some point, i believe it decrypts this information just to even show us this much, but i could be wrong. It does decrypt this information to run CC's.

Further, in the database is a table with the encrypted code, and an Id back to the current hash being used.  Hashes are automatically updated every so often, with the possibility of more then one at any time being used.  There appears to be maybe 1 master 'salt', to the multiple hashes.  

I'm sure with the correct sequence, unencrypting for the sake of moving and importing elsewhere could be scripted easily.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to question listing
×
×
  • Create New...