Forum: Ruby on Rails Credit card handling

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
38a8230ed3d5c685558b4f0aad3fc74b?d=identicon&s=25 Joe Van Dyk (Guest)
on 2006-03-03 19:50
(Received via mailing list)
Are there any articles anywhere that look at how to properly handle
credit card information, the things you need to do to properly store
CC info, etc?

Joe
38a8230ed3d5c685558b4f0aad3fc74b?d=identicon&s=25 Joe Van Dyk (Guest)
on 2006-03-03 20:11
(Received via mailing list)
On 3/3/06, Joe Van Dyk <joevandyk@gmail.com> wrote:
> Are there any articles anywhere that look at how to properly handle
> credit card information, the things you need to do to properly store
> CC info, etc?

Also, can anyone recommend any payment processing services?  Hopefully
that would integrate well with Rails?  I like easy and simple!  :-)

Joe
A7db9ec803b5895ae5f916a74e2db329?d=identicon&s=25 HH (Guest)
on 2006-03-03 20:14
(Received via mailing list)
I would talk with the processor/merchant bank.

If you do plan to store credit card numbers, they will have a specific
security specification that you'll need to follow.

That's one reason that many folks opt not to store the CC numbers
directly
and for places that it's required (subscriptions), they use processor
features that allow them to re-bill w/o the CC number (I know Verisign
offers this).

Cheers.
10c741d575988433e3fcd04133f3c462?d=identicon&s=25 Sebastian Friedrich (Guest)
on 2006-03-03 22:00
(Received via mailing list)
I'm using Payflow Pro (verisign) and it's pretty good. They have a
perl module that I've been using for years. I'm still in the process
of learning Ruby but once i feel comfortable enough i will attempt to
rewrite this module in Ruby (and give it nice integration into
Rails). At this point, of course, i'm nowhere close to doing this but
i will need a functional payflow interface if i'm to port my existing
store front apps into Rails, so it has to happen. If anybody is
interested working on this, or helping out when i'm ready to do it
myself, please let me know, and we should stay in touch. I've been in
touch with one of the head developers of the payflow team and i'll
see if i can get permissions to post the Perl module code, if anybody
wants to take a look. They also might be working in something
themselves. I'll find out.

Sebastian
0e1f913bd7b6e69419fe88c82c9a15ed?d=identicon&s=25 Sean Stephens (Guest)
on 2006-03-03 22:06
(Received via mailing list)
See the below... From the archives...

*********************

Here's a link to the Verisign scripts we used... We customized ours a
bit
but this will get you going.

Graciously provided by Jon at Slantwise Design and posted with
permission
(http://www.slantwisedesign.com), these may make it into some other
format
someday (gem? Plug in?).

Anyway, of course, no warranty with this code, use at your own risk and
really no support - you'll have to get that going on  your own. Payment
processing is not for the faint of heart.

Hope it is helpful.

http://www.liberationmedia.com/payflow_pro.tgz
10c741d575988433e3fcd04133f3c462?d=identicon&s=25 Sebastian Friedrich (Guest)
on 2006-03-03 22:21
(Received via mailing list)
also, If you are planning to sell goods/services with even a medium
fraud risk it's absolutely essential you'll find a service that
offers VerifiedbyVisa/mastercardSecure integration (not all do). This
will free you of pretty much any liability (even if the customer is
not signed up!), so it's well worth integrating. It may also be a
good idea to have a look at PCI Assessment form (this https://
sdp.mastercardintl.com/pdf/758_PCI_Self_Assmnt_Qust.pdf) to see if
your site can comply with PCI standards, which is often required or
at the very least necessary to keep your rates at a good level (this
is regardless if you are storing cc numbers or not).

you'll find lots of info about payflow and payment processing in
general at verisign payflow site: http://www.verisign.com/products-
services/payment-processing/online-payment/payflow-pro/index.html

Hope this helps.
Good luck.

sebastian
10c741d575988433e3fcd04133f3c462?d=identicon&s=25 Sebastian Friedrich (Guest)
on 2006-03-03 22:30
(Received via mailing list)
gotta love that community. is there anything that hasn't been done
yet? of course, i'm a little disappointed, was kinda looking forward
to the challenge. oh well, there's still the task of making this
rails engine/plug-in...

also, comparing their Ruby implementation with the original Perl
module... :).  Ha! goodbye Perl!

Sebastian
C402e1150580c153c1368573f70e7e82?d=identicon&s=25 Cody Skidmore (cskidmore)
on 2006-03-03 22:40
Sebastian Friedrich wrote:
> gotta love that community. is there anything that hasn't been done
> yet? of course, i'm a little disappointed, was kinda looking forward
> to the challenge. oh well, there's still the task of making this
> rails engine/plug-in...
>
> also, comparing their Ruby implementation with the original Perl
> module... :).  Ha! goodbye Perl!
>
> Sebastian

Now, now.  You won't get far flaming out perl monks.  :o)  Better to
recruit them by giving them a better way.

Cody
10c741d575988433e3fcd04133f3c462?d=identicon&s=25 Sebastian Friedrich (Guest)
on 2006-03-03 22:55
(Received via mailing list)
Hey, just two weeks ago i was still defending perl vigorously to
anybody who'd listen. but today - diving head first into the world of
Ruby - i just can't deny the beauty of it all. I'll always remember
Perl fondly - like that very first girlfriend of yours that you'll
still google once in a while....

Sebastian
D2eaa0f268843d5d3f5d92823cf1308a?d=identicon&s=25 Michael Yacavone (Guest)
on 2006-03-04 01:53
(Received via mailing list)
> > Are there any articles anywhere that look at how to properly handle
> > credit card information, the things you need to do to properly store
> > CC info, etc?
> Also, can anyone recommend any payment processing services?  Hopefully
> that would integrate well with Rails?  I like easy and simple!  :-)

I recommend TrustCommercee. They have a Ruby api and an excellent
ope-source back-end product.

<http://www.trustcommerce.com/>

Mike
This topic is locked and can not be replied to.