Please could anyone with experience of providing ecommerce solutions give me a general understanding of how the ĎStandardí credit card payments work on the internet from a development point of view? Iím a junior developer (php/mysql/xhtml) and was trying to put together my first website that can take credit cards for bookings. And I have absolutely no experience of doing this. I have built everything up to the point of Ďenter your card information belowí Ė but then have no idea where to go after that? I have all the variables collected in my submit script, but I donít what Iím supposed to interact them with in order to get a confirm or denial. I want something official, not a home written script that could be subject to flaws.
Trying to research this is bemusing me, Iím looking at payment gateways, worldpay, verisign, commerce software, merchant accounts, verification scripts etc etc! I donít know what to do.
What I want to accomplish is this:
- The user is all the time on my site and never leaves to another payment site
- I have a shared ssl certificate with my hosting for the security of the users form.
- If the credit card details are wrong after submitting, I want my form to come back and say so immediately, (not phone you later)
- And if the credit card details are correct, I would like the payment to go through straight away.
- I donít want to give percentages per transaction, like paypal, as this would force me to adjust my prices. I would rather purchase or build the system now to collect 100% of price thereafter.
The system I want is exactly like the bigger shop sites out there. e.g.
Order confirm > User Details > Card Details > Payment Confirmed/Denied.
I am competent in php but donít know what to do architecturally to get what I want - and to conform to what is legal and secure and sensible. What services or scripts do I have to acquire? What do the e-commerce infrastructure/systems of the big shop sites look like? Like Tesco, Staples, Wallmart etc.
If anyone can help give me this lesson, it will be much appreciated!
Please don't take this the wrong way but you don't have any idea how this all works do you...
1. YOU DO NOT WANT there CC INFORMATION stored on your server! Remember and never for get it. your only asking for trouble. That's the IDea behind a payment gateway. Large companies can afford to keep the infomation as they have a larger budget for security and IT support to keep your infomation safe... At least Safe most of the time. OH And not to mention your shared certificate really isn't worth much when you find out how to use it... and the address change will send up a red flag in some secure settings.
2. About percentages to the processor... TOUGH LUCK Getting that one! All processors want a cut. Plain and simple no getting around that. PayPal believe it or not is accually a great deal for low volume customers like most websites are. Your going to have deal with that one and realize it's a cost of doing business.
3. there is a ton of infomation out there on how to create a payment gateway... the best route might be to go and decide on a company like Authorize.net and they will supply you with some help to get your gateway created to work with their system.
Ok, let me give a scenario so people can give me a specific solution that I can learn from. And Yes, I have never built an ecommerce site before nor seen one run on a server ever! So it is completely new territory to me.
Say I am a web design/dev company. Down the road to us there is a 300 room Luxury Hotel, 4 stars, with over $1 million revenue per year. They have NO web presence. I want to offer them one with their own bespoke online booking system. What should I do? What will the system look like? Will it use paypal? (I donít think so, because Iíve never seen any company offer a big business a paypal store solution). And I donít want to store the CC details in a SQL database on the hosting server either. So how?
How would you guys make the pitch toward them and what would you offer?
Well on the chances getting a 4 star - 300 room Luxury hotel after pitching they use Paypal to take payments good luck!
I completely understand where youíre at; sadly none of us are born with knowing this information! So let me share what I know... However with how my week has been please allow for a little jabbing from me.
With a client who you know already takes credit cards you would never consider making that your main payment method. What you would do is tell them "to contact there processing company and request the information to access there Payment Gateway system" This takes all the hard work off of you for sometime as its dependant on them to make this happen and get you the information you need to make the site work.
IF they do not take Credit cards currently you have a couple major issues to over come...
1. Why do they not take credit cards - many many answers here some reasonable others are not
2. Do they need to take credit cards in there daily business - Heck I've been in this business a long time and I have no need for a credit card machine at my office. Online it's almost required.
3. Are they going to understand what youíre trying to get them to do... Most business owners have no desire to do things a new way!
Paypal is the solution you'll use in most of the cases where they do not already accept CC. Because of cost per transaction is rather low, when your considering startup fee's, monthly fee's, per transaction costs, and monthly percentages of sales.
I tell clients who are either just starting up or don't do CC's already is lets do paypal for a while until see what the sites going to do in sales.
I'm going to stop for now as this is a lot to read and I may have gotten off track somewhere and someone will have to get be back on track