Clever Geek Handbook

Creation of an online payment processing system

We were asked to create an online payment processing system like Paypal for our national use.

is there an open source version? (so I could study it and maybe improve it)

Are there any books / resources / materials that might be helpful?

How can I take on such a huge task?

+2


source to share


4 answers


First, determine who will handle your credit card transactions, as they can do debit cards as well.

Handling them yourself is a pain, as there are standards that need to be met and you need to pay for this privilege. Unless you will be handling a huge amount of transactions, you are better off using another company that can already handle them.

To get started, just create a system using something like Payflow to do the actual processing.



Once you are done and you have applied PCI standards to protect your credit card data, you may want to look, maybe try to phase out your payment gateway and do it yourself, but that should only be if you determine what you are processing in sufficient volume, that this is associated with additional development costs and resources to do it yourself.

You will need to have a signed certificate to keep your site secure and to make sure you have strong encryption to protect your credit card data and make sure the passphrase or symmetric key is not on your computer but only stored in memory that will never replaced with a hard drive, otherwise someone might steal it if they can copy the hard drive.

http://www.allbusiness.com/sales/internet-e-commerce-securelectronic-transaction/2310-1.html

+1


source


Okay, first you need to have a solid knowledge of how your country handles money in terms of laws (VAT, refunds, etc.), so it might help if you let us know.

Secondly, this is not the product it serves, so you need a staff to support your users. You also need to make deals to process credit cards, electronic checks, etc. And since you are dealing with possible large amounts of money, you also need financial and legal advice (read this E-Gold expression and Wikipedia entry ). You also need to take security seriously, both virtual and physical, so you need to contract with several different teams to independently review and audit your system.



This is a really broad question, I would suggest that you read all of the Wikipedia entries about PayPal and other processing systems, and then explain your exact problem in a little more detail (although you might really want to keep classified as this is a public website).

+1


source


+1 to each @James Black and @eyze for their replies. This is not a minor commitment, and unless you work for any company that is already affiliated with a credit processing network, you have a lot of work and a lot of compliance issues ahead of you. Their answers were good enough that I have nothing to add, but I would like to add this.

We considered working with a company that is already engaged in authorizing credit card transactions, but they work mainly with POS systems and terminals, and not as an Internet gateway. We wanted to use them to process website payments as we use them for our stores. Basically, since they do not function as an internet payment gateway, we will need to write our own payment gateway using them in the background. After weeks of research, we concluded that while this was technically within our reach, and while we know about PCI and other applicable standards, it is best for companies that do it as their core business. We will go with one of the pre-existing gateways.

Also, to answer your specific questions:

  • I don't believe there is open source. The backbone on which credit card processing is performed is so sensitive and so vulnerable to attackers that there is a real need to limit knowledge of the card processing process on a need-to-know basis. (I lost track of the number of unrevealed achievements that were presented to me just to study an idea.)

  • For the same reason, I doubt you will find many books, etc.

If you are working with a company that already processes cards, then you are one step ahead, but if you are trying to break into the business, you will face huge obstacles.

0


source


I would think your teachers want you to learn how to plan, not how to copy, so don't look at a reference implementation instead of learning to think about the problem.

The trick for solving any big problem is breaking it down into small problems.

So do it.

  • Write down what you need to do on paper,
  • draw pictures,
  • find all the individual bits of functionality you need, draw the screens of how they will look,
  • discuss user experience,
  • break things into modules
  • get a job writing

You will also want to check it out and make sure it provides all the functionality you need.

Once you start thinking about the problem with pencil and paper in hand, it becomes very easy, IMHO :)

-2


source






More articles:


All Articles