Credit Card Info

DKehler · January 12, 2026, 5:56pm

How do others handle holding customer credit card information in Epicor? Are there fields in Kinetic to hold CC info? I cannot find it if there is.

In classic we have a customization that added a TAB to a 2nd Customer Maintenance screen available only to Finance Supervisor and AR Admin. This TAB is a UD Table where AR can enter the information and the click ‘Encrypt’ to hide the data, ‘Decrypt’ when they need to make a payment.

Trying to decide how to move this into Kinetic. If there are already CC info fields in Kinetic i would just make 2 layers of Customer Maintenance. 1 for our AR Admin to see the CC info, and 1 for everyone else so they can’t see it. The downside is this lacks security as the fields would be available through BAQ if someone were to go rogue.

Evan_Purdy · January 12, 2026, 6:00pm

PCI compliance is no joke. So we use an integration provided by someone else, so we don’t have to handle credit card data.

Randy · January 12, 2026, 6:01pm

Epicor has a CC module, I forget it’s new name. Also 3rd parties are available, we use EBiz as our ecom site is using them too.

chaddb · January 12, 2026, 6:05pm

We use eBizCharge. Pass off the PCI compliance to them. Epicor has CRE.

HLalumiere · January 12, 2026, 6:13pm

Do not EVER store CC information directly in Epicor, encrypted or not. God forbid you ever get hacked, you may be making yourself responsible to reimburse any of those cards that get stolen. Could tank a multinational company.

You have to use a payment processor, like Paypal, or EBiz, or whatever. Those will provide a web API to enter credit card securely and generate a cryptographic token that can then be stored into Epicor. When processing payments to the card, you send the token, and the processor has the card info, not you.

Epicor supports Paypal directly through their EPX gateway, for which you needs to install the CRE module on the server. I’m sure they support others too, check with them…

Evan_Purdy · January 12, 2026, 6:19pm

Even taking credit card information requires certain precautions per the PCI compliance docs. Our CSR’s are forbidden from taking credit cards via the phone or entering the info in any way. Customers are sent a link to the Ebiz portal to enter their cc info.

chaddb · January 12, 2026, 6:19pm

Oh yeah. It’s EPX (Epicor Payment Exchange) via CRE on the server.

ScottLepley · January 12, 2026, 6:29pm

Hi Evan. We use EBizCharge, but haven’t been using the webform feature to generate a secure link to send to the customers, as you apparently are doing. Do you need to take any additional steps to synchronize the credit card information between Epicor and EBizCharge, or does the information shown in Customer Maintenance automatically update for you?

Evan_Purdy · January 12, 2026, 6:40pm

We don’t do any manual syncing. You might have to refresh the sales order screen for a newly added credit card to appear, I don’t know. Their support is decent.

chaddb · January 12, 2026, 7:30pm

We were EPX and then switched to EBizCharge seveal years ago now. Ebiz has several customizations you install as part of their solution. You don’t really sync data with them. It’s all based on actions in ERP. You can generate a payment link which sends data to EBiz to make the link. During shipping it makes a call to EBiz to run the card and pass back some data. Their support helps get it installed and up and running.