It is important for eCommerce site to maintain up to date security for data provided by customers. This is required buy customers, industry and PCI standards.
By enabling AbanteCart data encryption you can secure your customers data from access. Information, such as customer addresses, emails, phone numbers, credit cards, etc. will be encrypted and not readable. Encryption key can be stored securely and prevent access to this date in event of hacking or database attack.

Requirement: PHP => 5.3 and openSSL enabled
(Contact your server admin or hosting company)
NOTE: Do not confuse SSL data encryption with signed SSL certificates (HTTPS) used for browser access to sites

Important! Backup your code and database before you start!
For security keep backup of unencrypted data out of your server!

1. Configuration:
Add key storage location path.
Add below lines to /system/config.php file.

define('ENCRYPTION_KEYS_DIR', '/path/to/keys/');
define('DATA_ENCRYPTION_ENABLED', true);

Change path to your specific path on your server and it has to be writable/readable only to webserver
If ENCRYPTION_KEYS_DIR is not provided, default path will be used in /system/keys/ . Important to keep these keys secure!

2. Generate New Key:

in Encryption Data Tools generate new key with some unique key name provided (no spaces or special characters).

Important to use only 1 key at the time and add below line to /system/config.php file with key name that will be default
define('DATA_ENCRYPTION_KEYPAIR', 'your_key_name');
This is the key name that will be used for read/write at one given time.

3. Encrypt all data:
Now you need to run encryption for all the data using new key created at prior step.
You can do this in Encryption Data Tools of Encrypt User's Data tab. Just follow the steps for "data encryption" process

4. Require login name:
Customer emails are encrypted now. To prevent login issues and duplicate accounts, set "Require login name" setting to ON.
Setting is located in Settings -> Checkout section
Existing customers will be asked to create unique login name at next time they login to the account

All customers data is secured now! Start testing!

NOTES:
1. Keep Key in secure location with restricted file permissions for root and apache (webserver)
3. Backup your keys in some remote secure location. Lost keys will cause loss of all data
3. There is no key expiration management.
4. Search or look up by encrypted user data will not work (search by address, phone number, etc. will not work)
5. Once data in encrypted there is NO undo and extension can not be disabled.
These needs to be accounted for in key management procedures

5. Migrate encryption key (optional):
This process currently is not automated, but possible with below steps
- Generate new key pair
- Set new key as default key into configuration file
- Create and run custom script to decrypt data with original key and encrypt and write with new key.

Need help configuring, supporting or extending functionality, contact www.abantecart.com for forum or paid support