Let's say, for the sake of discussion, my client does not want to use the Paypal api for transactions. I have already made a shopping cart. The user submits the items on the shopping cart and their credit card number.
Assuming I'm not using any api, how would I then charge the user's credit card for the items on the shopping cart? I understand that it is complex, just wondering what the general process is like and how to get started.
You're going to need to trigger a bank transaction, so obviously you're going to need to use an API at some level. I think the way to go would be to first learn in some detail how at least one of the popular commercial (by definition?) payment card processing services works, e.g.:
https://paymentvision.com/Payment-Gateway/Payment-Gateway-API.aspx
http://aws.amazon.com/fps/
https://www.firstdata.com/en_us/customer-center/merchants/support/first-data-global-gateway-api-software-landing.html
http://www.authorize.net/
The next step would be to design the "payment processing" subsystem of your PHP application/library around the "backend workflow" (perhaps using a 3rd party PHP library, if one is available), and do some testing.
Then I would plan for a security audit of your code & systems before you actually use it to handle payment card information on behalf of a customer/3rd party.
You can also capture all the card information and use an external payment processor. The problem is that you will be hit with major fees since it will be considered a keyed in and not swiped transaction.
If you don't want/like paypal, don want to use a payment processor like authorize.net, you could look at other options like stripe.com.
Find an payment gateway, such as authorize.net. With payment gateways such as this, your client will need to sign up for a merchant account with a credit card processing agency. You payment gateway can help you with this.
Then, you'll usually get a token or api key that you will use to connect to the payment gateways services. From php, you'll use cURL or fsockopen to connect to them. Securely send your api key, get a response, then send some other required message, get another response, and then send in credit card information and credit card holder information.
There are lots of PHP Libraries to choose from out there for different payment gateways. I'm not suggesting authorize.net, it was just an example. But when you find one you are happy with, and happy with the fees that are associated with processing credit cards, you can either use a prewritten library, or they payment gateway will provide you with and API that will tell you how to integrate with their system.
Payum efficiency proved by 1k+ stars on a GitHub, great comments and a million of downloads. Supports 50+ different payment gateways so you surely find what you need.
Related
I have a website coded in PHP that uses paypal buttons/IPN for subscriptions.
The method is limited and I need to replace it with the REST-API.
What the system needs to do:
Accept new user recurring-payment subscriptions
Be able to change plan pricing for new users
Be able to change plan pricing for existing users
Change subscription plans mid-subscription(If a user upgrades from pro to master the price goes up, and the opposite way it goes down).
The price difference between packages is 5$
Give periodic discounts for a limited amount of months.
The questions:
1.) What is the equivalent of recurring-payments in the PHP-API or REST-API? (I'd rather it auto-charges and notifies my IPN if possible)
2.) How can I automatically refund/charge an additional amount when the user upgrades/downgrades in the middle of a month?
3.) Is there a standalone PHP control-panel that can connect to the paypal API to manage the subscription packages + sales?
Thanks in advance!
If you are looking to use REST APIs, the best place to start is going to be at the REST API docs. For your situation, you can use the vault to set up a recurring payment system. You could also use the future payments API, but you will need to make sure you buy DPRP for your account. Contact PayPal Customer Support to enable DPRP.
With the Vault API, you can just create one time payments over and over with the token you get when storing a credit card.
There is an in-depth walkthrough using the SDK on the PayPal PHP SDK Wiki.
To do refunds, you can use the Refund REST API. All this assuming that you would be writing scripts to detect your user downgrading/upgrading. You would just need to store the amount they are paying each month in your DB.
There are some shopping carts out there that are implementing REST APIs. You might need to google search for something like that.
Hope that helps and gets you started in the right direction!
I've puzzled by this question for quite a while, but never had the need for it. Now I do.
What I currently need is a Credit Card payment option for my website that does not rely on services such as Paypal. I want something like Name.com or Hostmonster.com have. You simply enter you credit card number, expiration date and the three little numbers at the back of the card. How can I achieve the same effect on my website?
I'll be programming the website in PHP.
Answers would be appreciated.
You need to signup to a payment gateway. It's a service that allows you to process credit card payments. I know you don't want to use PayPAL to accept payments, but PayPAL offer two solutions:
PayPAL Payments - That is the button and people pay through PayPAL
PayPAL Payments Pro (Payment Gateway). That is when you use PHP or anything else to connect to PayPAL with the credit card information. The customer never knows you used PayPAL, and they never leave your site.
When choosing a payment gateway these are the four most important things you should consider:
How easy is it to implement (PayPAL has a lot of documentation)
How much is the monthly fee.
How much do they charge per transaction.
How much do they charge to setup an account.
There are other options, and one of the most common is Authorize.net, but the is more setting up and a larger deposit to open an account.
Most accounts will require a background and credit check.
Well, you'll still need to rely on a Merchant Services company for card processing. There are many companies that boast an API that can then be accessed with PHP. One that I have recently learned of is Stripe. However, there are many competitors and you can research other companies further, but companies like Stripe will allow you to generate payments programmatically without having to leave your site to visit the black-box that is PayPal.
Whats the recommended way to do this with Paypal (i've heard they're a nightmare to deal with).
Ideally the user would sign up with credit card details and then i'd process the payments through their banks? Is that how it works? With API's?
Ideally the user would sign up with
credit card details and then i'd
process the payments through their
banks? Is that how it works?
No. In a correctly designed system you never have access to your user's credit card number. It's your payment processor (eg PayPal, MoneyBookers, FastSpring, etc.) that takes care of processing your customer's credit card.
So your customer is taken to the payment processor's site (on a page which can be customized to use your company's logo etc.) and then your payment processor warns you when a purchase a made (for example by calling a specific URL).
With API's?
Yup, PayPal (and MoneyBookers and things like FastSpring) offer APIs for several languages (like Java APIs).
PayPal has a dev environment on which you can test these kind of functionalities, so does MoneyBookers if I recall correctly (also note that sometimes the dev environments are a bit buggy and/or down).
PayPal offers APIs for processing payments. Typically, the user is taken off your page to login into paypal and then paypal calls back to your site with approval/shipping info. The whole point is for the user to shield their credit card info from your site, making things safer.* You can use either the NVP (name-value pair) or SOAP protocol for development. There are also 3rd party libraries to simplify integration.
Check out the API reference here to get an idea:
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_reference
*PayPal does offer a Direct Payment API which allows your site to take credit cards directly and use PayPal as the gateway:
https://www.paypal.com/cgi-bin/webscr?cmd=_dcc_hub-outside
groupon.com is a great example when you register they take your credit card information. once a limited amount of people have purchased a coupon a mass amount of credit cards get charged. what is the best method of doing something like this and at the most safest possible way? one thing that i will be doing is encrypting the credit cards in the db with an encryption method that salts the encryption and that i can unencrypted it to use it when needed. would they possibly have a cron that goes through at a period of time to check and see if the coupon time limit has expired then do a mass charge? i cannot wrap around my head to how something can be written that queues transaction charges to a merchant. i am thinking of either using authorize.net or paypal pro.. what do you think from what ive said?
Don't store the credit card information on your server. It would need to follow PCI DSS security standards:
http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard
There's just no reason for it these days. A large percentage of payment processing vendors provide these services for you. You submit the information and receive back a token that can be used to charge the card at a later time.
Furthermore, you are not allowed to store the CVV code.
I personally work with Paypal as the processor, you need to request reference transactions (this will require a background check, probably credit worthiness related and is not guaranteed to be approved). In this way I can authorize a card ($1 authorization only is common and accepted practice) and later charge the card any amount that is appropriate (in our case we have a payment model similar to pay-as-you-go mobile phones). Upon the first charge or authorization I receive a token that I can late use to charge against the "referenced transaction" (essentially just copying the details from the original txn).
Another really interesting option that we looked into was www.paysimple.com, they now have a new API, an attractive pricing structure, and if memory serves, all of the above features.
Many others exist as well that you can and should research. Do watch out though, some card processing providers don't charge anything for the functionality described above (paypal doesn't), but some charge gobs of money for the service. Look, it's generally readily available info on the sites.
Start reading PCI Compliance and periodical payments parts of the source code of an open source cart like Magento. There is a lot to it, if you want to do it all properly.
I am developing an Ecommerce website and I would like to implement Credit/Debit card processing within the site.
I would like to know if there are any good PHP scripts which fully implement this and the payment gateways that provide this service.
Also the website will have a Money Back guarantee feature in the event of cancelling of orders and so on. So how can this also be implemented using Credit/Debit cards i.e. I want to be able to refund the customers in the event of a cancelled order.
The site/service will be offered in Africa and Paypal isnt present.
Thanks
You need to find someone to process your credit card payments first. eg Paypal or SagePay.
They will provide you with all the documentation on integrating with the payment gateway, and all the ones I have used in the past have included PHP sample code.
Here are some handy links for you...
Paypal Developer Docs
Google Checkout
SagePay (UK credit card
processing)
Update: Since you are trying to offer this service in Africa, I would recommend contacting your local big bank to see what services they offer. All the major banks in the UK and the US offer their own gateways (or point you in the direction of their preferred partner), and I would imagine that would be true everywhere.
http://pear.php.net/package/Validate_Finance_CreditCard