FACTA (“The Fair and Accurate Credit Transactions Act”), a law which resulted in a wave of class-action lawsuits (See the Multichannel Merchant article ‘Fear FACTA‘ for more info), stats among other things that a merchant cannot print the expiration date of a customer’s credit card number on any sort of receipt.

Users deploying Magento within the US should be aware of the fact that the default email templates send the last 4 digits of the customer’s credit card number and the expiration date of the customer’s credit card in the order confirmation, invoice and other related emails.

Luckily it’s a fairly simple fix – you’ll need to edit one of your template files on your server, which if you’re using the default template will be located at app/design/frontend/default/default/template/payment/info/cc.phtml

You’ll want to remove line 31, which reads:

<?php echo $this->__(‘Expiration Date: %s/%s’, $this->htmlEscape($this->getCcExpMonth()), $this->htmlEscape($this->getInfo()->getCcExpYear())) ?>

Many stores will also want to remove the previous line, which includes the last 4 digits of the customer’s credit card number in the emails sent to the customer. That line is:

<?php echo $this->__(‘Credit Card Number: xxxx-%s’, $this->htmlEscape($this->getInfo()->getCcLast4())) ?><br />