Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?
Joe
On 3/3/06, Joe Van D. [email protected] wrote:
Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?
Also, can anyone recommend any payment processing services? Hopefully
that would integrate well with Rails? I like easy and simple! 
Joe
I would talk with the processor/merchant bank.
If you do plan to store credit card numbers, they will have a specific
security specification that you’ll need to follow.
That’s one reason that many folks opt not to store the CC numbers
directly
and for places that it’s required (subscriptions), they use processor
features that allow them to re-bill w/o the CC number (I know Verisign
offers this).
Cheers.
I’m using Payflow Pro (verisign) and it’s pretty good. They have a
perl module that I’ve been using for years. I’m still in the process
of learning Ruby but once i feel comfortable enough i will attempt to
rewrite this module in Ruby (and give it nice integration into
Rails). At this point, of course, i’m nowhere close to doing this but
i will need a functional payflow interface if i’m to port my existing
store front apps into Rails, so it has to happen. If anybody is
interested working on this, or helping out when i’m ready to do it
myself, please let me know, and we should stay in touch. I’ve been in
touch with one of the head developers of the payflow team and i’ll
see if i can get permissions to post the Perl module code, if anybody
wants to take a look. They also might be working in something
themselves. I’ll find out.
Sebastian
also, If you are planning to sell goods/services with even a medium
fraud risk it’s absolutely essential you’ll find a service that
offers VerifiedbyVisa/mastercardSecure integration (not all do). This
will free you of pretty much any liability (even if the customer is
not signed up!), so it’s well worth integrating. It may also be a
good idea to have a look at PCI Assessment form (this https://
sdp.mastercardintl.com/pdf/758_PCI_Self_Assmnt_Qust.pdf) to see if
your site can comply with PCI standards, which is often required or
at the very least necessary to keep your rates at a good level (this
is regardless if you are storing cc numbers or not).
you’ll find lots of info about payflow and payment processing in
general at verisign payflow site: http://www.verisign.com/products-
services/payment-processing/online-payment/payflow-pro/index.html
Hope this helps.
Good luck.
sebastian
See the below… From the archives…
Here’s a link to the Verisign scripts we used… We customized ours a
bit
but this will get you going.
Graciously provided by Jon at Slantwise Design and posted with
permission
(http://www.slantwisedesign.com), these may make it into some other
format
someday (gem? Plug in?).
Anyway, of course, no warranty with this code, use at your own risk and
really no support - you’ll have to get that going on your own. Payment
processing is not for the faint of heart.
Hope it is helpful.
gotta love that community. is there anything that hasn’t been done
yet? of course, i’m a little disappointed, was kinda looking forward
to the challenge. oh well, there’s still the task of making this
rails engine/plug-in…
also, comparing their Ruby implementation with the original Perl
module… :). Ha! goodbye Perl!
Sebastian
Hey, just two weeks ago i was still defending perl vigorously to
anybody who’d listen. but today - diving head first into the world of
Ruby - i just can’t deny the beauty of it all. I’ll always remember
Perl fondly - like that very first girlfriend of yours that you’ll
still google once in a while…
Sebastian
Sebastian F. wrote:
gotta love that community. is there anything that hasn’t been done
yet? of course, i’m a little disappointed, was kinda looking forward
to the challenge. oh well, there’s still the task of making this
rails engine/plug-in…also, comparing their Ruby implementation with the original Perl
module… :). Ha! goodbye Perl!Sebastian
Now, now. You won’t get far flaming out perl monks. :o) Better to
recruit them by giving them a better way.
Cody
Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?
Also, can anyone recommend any payment processing services? Hopefully
that would integrate well with Rails? I like easy and simple!
I recommend TrustCommercee. They have a Ruby api and an excellent
ope-source back-end product.
Mike