Hey everyone,

I've been looking at ModernBill for some time now because it has so many pre-packaged features that I need.

I'm thinking of using PSIGate for my payment processor/merchant account and I'm a Canadian business.

The PSIGate rep said that the credit card numbers would be stored on my server in ModernBill, encrypted of course. This makes me nervous knowing that my clients numbers are all in a single database.

I've been using Paysystems for over 2 years but I'm looking for a bigger alternative. I'm concerened in terms of my liability of these cards being on the server and what can be done to prevent anyone from getting them.

Do you recommend a seperate dedicated machine be setup for my company website and billing system? I wouldn't be confortable having them on a shared server.

What are you thoughts and suggestions in this?

Yes, find someone who can give you a dedicated server for modernbill.

Alot of places will give you something for 40-50 bucks a month if you don't need gobs of bandwidth or resources. Its also nice in the event some of your servers go down you have something else you can use to post news on and keep afloat on.

Doesn't really matter if you have the database on a different server or not. If your worried abt the credit card #'s simply don't save them in the database.

ModernBill itself doesn't save them you actually have to enter i think either 'yes' or 'agree' before it does that. If you don't really need the #'s just don't do that and your problem is solved!

With the payment processor I'm looking at, PSIGate, saving them in ModernBill is the only way it works for recurring billing at this time. I'm waiting to see what WHMAutpilot V3 can offer though.

Thanks

recurring bill is another problem...either you'll save #'s or wait for them to offer recurring billing with there own gateway...or you get another gateway. that is all i can think of right now..

I'm using Paysystems now that stores CC numbers on their own servers so it supports recurring. I've seen some hacks around for ModernBill so it supports recurring with Paysystems, maybe I'll stick to that

Your main site should never be on customers shared servers IMO. You are setting yourself up and if you have issues with a server that takes down your primary way of contact for your customers. If their site is down and yours is too how can they get support?

The storing of card numbers is quite encrypted in MB and with their new LEK system it is dual encryption methods to view the cards. Though not foolproof it is quite secure.

But, make sure you have an SSL

ModernBill is pretty secure, definitely make sure you have an SSL, and I suggest you get a dedicated server for modernbill. If people's credit card #'s get viewed by anyone other then them, it could be a major case against you. Always make sure you protect yourself in business.