We use BigCommerce (webstore platform) and Authorize.net to process transactions. When a customer orders on our store, the last part of the process is to input their card info, which is immediately processed by Authorize.net. We do not store any credit card information, and Authorize.net does not store any information on our behalf on their servers[snipped for brevity] Although Authorize.net does offer that service (storing customer info on their servers) we do not use it because I personally do not allow any site to store my card info. [bold added by admin for emphasis!]
When the payment is “authorized and captured”, it is then processed as an order by our site. The ‘captured’ mark lets us know their payment has been taken and we can fill the order.
We also receive an email from Authorize.net telling us the payment has been authorized and captured. All this email tells us is the customers name and address, order number and amount, authorization code and transaction ID and if the address and cvv code match the card they entered. They never transmit any card info via email, not even the last 4 digits or exp date.
We can log into our merchant account on Authorize.net if we need to, but even then the only information we can get is the last four digits of the CC number, customer’s name and amount of the transaction. Basically the only thing you can do is issue a refund-you cannot charge the card again or get the card number, so 99 out of 100 times a merchant will not even bother to look at the transaction on Authorize.net. Authorize.net also does automatic settlements or “batches” every day at 3pm or whenever the merchant sets it up to. The merchant receives an email settlement report with total transactions for the day.