Enables Client Side Encryption for Braintree payments processing with Spree
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is even with tfitts:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
app
config
lib
script
spec
.gitignore
.rspec
Gemfile
LICENSE
README.md
Rakefile
Versionfile
spree_braintree_cse.gemspec

README.md

SpreeBraintreeCse

This gem adds Braintree's client-side encryption technology to spree's payment systems.

Obtain your client-side encryption key from Braintree and configure your it in the admin panel. (Configuration -> Payments)

The credit card number and the verification code will be encrypted. The real number and code with never hit your server. The encrypted value will pass through your sever, but you have no way of reading this value even you wanted to. Braintree uses an asymetic cypher. Only Braintree's servers can decrypt the number. You can read more on Braintree's blog and in their documentation

In most cases, this encryption is sufficient to obtain PCI compliance.

Example

Add spree_gateway and spree_braintree_cse to your Gemfile and encryption will be enabled

   gem 'spree_braintree_cse'
   gem 'spree_gateway', :git => "https://github.com/spree/spree_gateway.git", :branch => '1-3-stable'

You may have to add the following to your rails config.

   config.assets.precompile += %w( store/braintree-1.1.1.min.js)

Dependencies

This gem depends on spree 1.3.x and spree_gateway

Copyright (c) 2013 [Doug Bradbury], released under the New BSD License