Advanced orders WCPayments plug-in security

The WCPayments plug-in delegates the encryption and storage of sensitive data in the database to the Payment Plug-in Controller.

The plug-in does not have any access control. It grants the accesses permitted by the event-driven payments subcomponent and the Payment Plug-in Controller. The plug-in uses the WebSphere Commerce user ID and encrypted password to connect to WebSphere Commerce Payments. The user ID is defined in the WCPayments plug-in deployment descriptor.

The plug-in can be configured to use a secure (SSL) or non-secure connection to WebSphere Commerce Payments. You can configure usage of SSL in the WCPayments plug-in deployment descriptor.

Feedback