Encryption Data Manager

Go to the Extensions → All Extensions → Encryption data manager

  1. Please install Encryption Data Manager extension to enable encryption in your store.
  2. Backup your code and database before encryption!

It is important for an eCommerce site to maintain up to date security for data provided by customers. This is required by customers, industry and PCI standards.
By enabling AbanteCart data encryption you can secure your customer's data from access. Information, such as customer addresses, emails, phone numbers, credit cards, etc. will be encrypted and not readable. The encryption key can be stored securely and prevent access to this data in event of hacking or database attack. 



Requirements

PHP => 5.3 and OpenSSL enabled 
(Contact your server admin or hosting company)

Do not confuse SSL data encryption with signed SSL certificates (HTTPS) used for browser access to sites       



Configuration

Add key storage location path.
Add below lines to /system/config.php file.
define('ENCRYPTION_KEYS_DIR', '/path/to/keys/');
define('DATA_ENCRYPTION_ENABLED', true);
Change path to your specific path on your server and it has to be writable/readable only to web-server
If ENCRYPTION_KEYS_DIR is not provided, default path will be used in /system/keys/ . Important to keep these keys secure! 


Generate New Key

Encryption Data Tools generate a new key with some unique key name provided (no spaces or special characters).    

Important to use only 1 key at the time and add below line to /system/config.php file with key name that will be default
define('DATA_ENCRYPTION_KEYPAIR', 'your_key_name');
This is the key name that will be used for read/write at one given time. 


Encrypt all data

Now you need to run encryption for all the data using new key created at the prior step.
You can do this in Encryption Data Tools of Encrypt Data tab. 


Require login name

Customer emails are encrypted now. To prevent login issues and duplicate accounts, set "Require login name" setting to ON.
The setting is located in Settings → Checkout section
Existing customers will be asked to create unique login name at next time they log in to the account
All customers data is secured now! Start testing!           

Keep Key in a secure location with restricted file permissions for root and Apache (web server)
2. Backup your keys in some remote secure location. Lost keys will cause loss of all data
3. There is no key expiration management.
4. Search or look up by encrypted user data will not work (search by address, phone number, etc. will not work)
5. Once data is encrypted there is NO undo and extension cannot be disabled.
These need to be accounted for in key management procedures       


Rotate (change) encryption key

Generate a new key pair
- Set new key as default key into the configuration file
- Go to Encryption Usage Tab select new key in Rotate column and click on Encrypt Data button 

Need help configuring, supporting or extending functionality, contact www.abantecart.com forum or paid support