Encryption Data Manager

Go to the Extensions → All Extensions → Encryption data manager

It is important for an eCommerce site to maintain up to date security for data provided by customers. This is required by customers, industry and PCI standards.
By enabling AbanteCart data encryption you can secure your customer's data from access. Information, such as customer addresses, emails, phone numbers, credit cards, etc. will be encrypted and not readable. The encryption key can be stored securely and prevent access to this data in event of hacking or database attack. 



Requirements

PHP => 5.3 and OpenSSL enabled 
(Contact your server admin or hosting company)



Configuration

Add key storage location path.
Add below lines to /system/config.php file.
define('ENCRYPTION_KEYS_DIR', '/path/to/keys/');
define('DATA_ENCRYPTION_ENABLED', true);
Change path to your specific path on your server and it has to be writable/readable only to web-server
If ENCRYPTION_KEYS_DIR is not provided, default path will be used in /system/keys/ . Important to keep these keys secure! 


Generate New Key

Encryption Data Tools generate a new key with some unique key name provided (no spaces or special characters).    

Important to use only 1 key at the time and add below line to /system/config.php file with key name that will be default
define('DATA_ENCRYPTION_KEYPAIR', 'your_key_name');
This is the key name that will be used for read/write at one given time. 


Encrypt all data

Now you need to run encryption for all the data using new key created at the prior step.
You can do this in Encryption Data Tools of Encrypt Data tab. 


Require login name

Customer emails are encrypted now. To prevent login issues and duplicate accounts, set "Require login name" setting to ON.
The setting is located in Settings → Checkout section
Existing customers will be asked to create unique login name at next time they log in to the account
All customers data is secured now! Start testing!           


Rotate (change) encryption key

Generate a new key pair
- Set new key as default key into the configuration file
- Go to Encryption Usage Tab select new key in Rotate column and click on Encrypt Data button