Forum: Ruby on Rails Credit card handling

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Joe Van D. (Guest)
on 2006-03-03 20:50
(Received via mailing list)
Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?

Joe
Joe Van D. (Guest)
on 2006-03-03 21:11
(Received via mailing list)
On 3/3/06, Joe Van D. <removed_email_address@domain.invalid> wrote:
> Are there any articles anywhere that look at how to properly handle
> credit card information, the things you need to do to properly store
> CC info, etc?

Also, can anyone recommend any payment processing services?  Hopefully
that would integrate well with Rails?  I like easy and simple!  :-)

Joe
HH (Guest)
on 2006-03-03 21:14
(Received via mailing list)
I would talk with the processor/merchant bank.

If you do plan to store credit card numbers, they will have a specific
security specification that you'll need to follow.

That's one reason that many folks opt not to store the CC numbers
directly
and for places that it's required (subscriptions), they use processor
features that allow them to re-bill w/o the CC number (I know Verisign
offers this).

Cheers.
Sebastian F. (Guest)
on 2006-03-03 23:00
(Received via mailing list)
I'm using Payflow Pro (verisign) and it's pretty good. They have a
perl module that I've been using for years. I'm still in the process
of learning Ruby but once i feel comfortable enough i will attempt to
rewrite this module in Ruby (and give it nice integration into
Rails). At this point, of course, i'm nowhere close to doing this but
i will need a functional payflow interface if i'm to port my existing
store front apps into Rails, so it has to happen. If anybody is
interested working on this, or helping out when i'm ready to do it
myself, please let me know, and we should stay in touch. I've been in
touch with one of the head developers of the payflow team and i'll
see if i can get permissions to post the Perl module code, if anybody
wants to take a look. They also might be working in something
themselves. I'll find out.

Sebastian
Sean S. (Guest)
on 2006-03-03 23:06
(Received via mailing list)
See the below... From the archives...

*********************

Here's a link to the Verisign scripts we used... We customized ours a
bit
but this will get you going.

Graciously provided by Jon at Slantwise Design and posted with
permission
(http://www.slantwisedesign.com), these may make it into some other
format
someday (gem? Plug in?).

Anyway, of course, no warranty with this code, use at your own risk and
really no support - you'll have to get that going on  your own. Payment
processing is not for the faint of heart.

Hope it is helpful.

http://www.liberationmedia.com/payflow_pro.tgz
Sebastian F. (Guest)
on 2006-03-03 23:21
(Received via mailing list)
also, If you are planning to sell goods/services with even a medium
fraud risk it's absolutely essential you'll find a service that
offers VerifiedbyVisa/mastercardSecure integration (not all do). This
will free you of pretty much any liability (even if the customer is
not signed up!), so it's well worth integrating. It may also be a
good idea to have a look at PCI Assessment form (this https://
sdp.mastercardintl.com/pdf/758_PCI_Self_Assmnt_Qust.pdf) to see if
your site can comply with PCI standards, which is often required or
at the very least necessary to keep your rates at a good level (this
is regardless if you are storing cc numbers or not).

you'll find lots of info about payflow and payment processing in
general at verisign payflow site: http://www.verisign.com/products-
services/payment-processing/online-payment/payflow-pro/index.html

Hope this helps.
Good luck.

sebastian
Sebastian F. (Guest)
on 2006-03-03 23:30
(Received via mailing list)
gotta love that community. is there anything that hasn't been done
yet? of course, i'm a little disappointed, was kinda looking forward
to the challenge. oh well, there's still the task of making this
rails engine/plug-in...

also, comparing their Ruby implementation with the original Perl
module... :).  Ha! goodbye Perl!

Sebastian
Cody S. (Guest)
on 2006-03-03 23:40
Sebastian F. wrote:
> gotta love that community. is there anything that hasn't been done
> yet? of course, i'm a little disappointed, was kinda looking forward
> to the challenge. oh well, there's still the task of making this
> rails engine/plug-in...
>
> also, comparing their Ruby implementation with the original Perl
> module... :).  Ha! goodbye Perl!
>
> Sebastian

Now, now.  You won't get far flaming out perl monks.  :o)  Better to
recruit them by giving them a better way.

Cody
Sebastian F. (Guest)
on 2006-03-03 23:55
(Received via mailing list)
Hey, just two weeks ago i was still defending perl vigorously to
anybody who'd listen. but today - diving head first into the world of
Ruby - i just can't deny the beauty of it all. I'll always remember
Perl fondly - like that very first girlfriend of yours that you'll
still google once in a while....

Sebastian
Michael Y. (Guest)
on 2006-03-04 02:53
(Received via mailing list)
> > Are there any articles anywhere that look at how to properly handle
> > credit card information, the things you need to do to properly store
> > CC info, etc?
> Also, can anyone recommend any payment processing services?  Hopefully
> that would integrate well with Rails?  I like easy and simple!  :-)

I recommend TrustCommercee. They have a Ruby api and an excellent
ope-source back-end product.

<http://www.trustcommerce.com/>

Mike
This topic is locked and can not be replied to.