Date post: | 06-Apr-2018 |
Category: |
Documents |
Upload: | rey-rahadian |
View: | 225 times |
Download: | 0 times |
of 21
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
1/21
Integrating Electronic Payment
Processing into Web ApplicationsAGA304
Rick Strahl
West Wind Technologieswww.west-wind.com
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
2/21
Rick Strahl Who am I?
President West Wind Technologies
Developer Tools Vendor on Maui, Hawaii
Specialty software development and training
Web and Enterprise Development
Focus on .NET
Microsoft MVP C#
Working with Microsoft tech for 18+ years
Co-Publisher of CoDe Magazine
Author Over 75 magazine articles
Large .NET article white paper archive atwww.west-wind.com/articles.asp
My Web Logwww.west-wind.com/weblog/
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
3/21
What we'll cover
How the Process works Payment flow through the system
How do you sign up?
What does it cost?
Integration into your Site Taking payments on your Web site
Making the process transparent to the user
Application managed shopping cart perspective
Processors Authorize.NET, PayFlow Pro, LinkPoint
PayPal, PayPal Payments Pro
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
4/21
How online Credit Card Processing works
Your Web Applicationtakes orderssends order payment info for processing
Gateway ProcessorGateway Processorprovides Internet based APIprovides Internet based API
sends CC info to processing networkssends CC info to processing networks
(Authorize.NET, Verisign, Linkpoint etc.)(Authorize.NET, Verisign, Linkpoint etc.)
Your Bank AccountYour Bank Account
receives paymentsreceives payments
usually after few business daysusually after few business days
Front End Networkprocesses the actual card
talks to card issuing banksreturns authorization code
(PaymentTech, FirstData, Global Payment, Nova)
Merchant Service ProviderMerchant Service Providerpayment 'escrow' bankpayment 'escrow' bank
receives payments, handles disputesreceives payments, handles disputes
calculates merchant percentagescalculates merchant percentages
(PaymentTech,Wells Fargo,Synergy,AMEX,CardServices etc.)(PaymentTech,Wells Fargo,Synergy,AMEX,CardServices etc.)
AMEX
Diners etc.
Back End Networkprocesses settlements
communicates with merchant bank(PaymentTech, FirstData, Global Payment, Nova)
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
5/21
Who's involved in a Transaction(transaction processing)
Your Web Site Takes the initial order, submits for CC Processing
Receives confirmation or failure and displays result
Handles confirming order and items
Gateway Services
Provide the 'developerAPI' front end and Internet Gateway Pass off to the various processing networks
Front End Network Front end to Card Issuing Banks
Banks authorize and provide transaction detail
Authorization picked up by Gateway
Back End Network Handles settlements of transaction batches
Talks to Card Issuing banks
Holds authorized funds or passes them on to the merchant bank
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
6/21
Who's Involved in the Transaction(payment processing)
Merchant Service Provider Acts as Intermediary bank that receives payment
Splits merchant percentage off, pays CC company and you
Handles operational issues like Fraud, Chargebacks, complaints
Issues statements to you
Your Bank Your regular business bank account
Receives any approved funds after a few days
AMEX, Diner, Discover etc. Directly interface with your bank account
Directly deduct merchant percentages
No 'merchant fees', but higher rates
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
7/21
Paying 'the Man'
You pay each step in the chain Make sure you do your homework
The 'little' charges add up
Gateway Service Monthly access to the Gateway
Usually pretty cheap ($15-$30-$60)
Merchant Service Provider Monthly charge which includes a set number of transactions
Based on per transaction fee (US $.20-.40)
Administration/Statement fee (US $10)
Credit Card Companies Merchant percentage based on transaction
Visa/MasterCard: 2.0-2.5% or3.5-4.0% (bus/int'l) AMEX: Flat 3.5-4.0%
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
8/21
Signing up
Brand new account
Easiest: Sign up with a reseller provider and
let them provide you with gateway and merchant account
Mix and match
Existing bank account
Your bank works with a specific CC Processing Network
When you sign up with a Gateway provider you have
to make sure that the Gateway supports the network
'Big' or local banks often use Nova, FirstData
AMEX, Discover, JCB Diners are separate
Use their own networks and require separate signup
Transfer directly to your bank (no merchant provider)
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
9/21
Pick a Gateway
Lots of Gateways available Many more are resold by resellers
Be careful of resellers they usually add no value!
Some of the most common ones Authorize.Net
Verisign PayFlow Pro
LinkPoint
PaymentNet, SecurePay, WorldPay, iTransact, CyberSource
Compare Rates Rates often vary significantly
Some 'Providers' like Verisign do one-stop setup andprovide both gateway and merchant services as package
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
10/21
Gateway Providers
Authorize.NET Very easy to integrate (AIM)
POST values, comma delimited response
Very fast (2-5 seconds)
Cheap - $15 a month / free setup ($175 cancellation)
Verisign PayFlow Pro COM or C++ based API
Best accessed via COM Interop in ASP.NET
$60 a month / $249 setup
LinkPoint High risk provider
Usually more expensive
Exclusively resold through 3rd party providers Often required by 'big banks' forInternet business
Very tight credit validation causes many card declines
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
11/21
Web Site Integration
Your shopping cart handles shopping experience Users use yourASP.NET cart implementation
Your app adds items, checks out
Your app accepts their user information and CC info
You pass off Credit Card Processing to Gateway Your code fires a call to the Gateway API Gateway processes the Credit Card Transaction
Returns a result code to you
You confirm the order
Success: Display order confirmation page
You send email confirmation, then ship or send download link
Error: If unsucessful you handle error display/management
Different gateways vary in their error messages
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
12/21
Online orOffline Processing?
Online Processing Orders are processed immediately as user works
Immediate feedback to user
If products are electronic immediate 'shipment'
Immediate failure feedback: 90% is invalid user input!
P
otential for fraud
Offline Processing More secure you get a chance to review orders
Required if additional checks need to be performed
Example: Software Updates might require verification
Mix and Match Allow automatic processing for straight items
Hold orders that have 'special' items for verification
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
13/21
Create a Credit Card Processing class
Take CC processing out of the front end! Chances are you will re-use it in multiple places
example: Web app and Desktop app both use CC processing
Chances are you will switch providers over the years
Create a front end class that provides provider abstraction
CC information is fairly uniform across providers You send the same basic set of information
Switching between providers is useful
Class interface simplifies setting up a new provider
ccProcessing Base class Provides the base interface for all properties
Provide specific implmentations for each provider
ccAuthorizeNet, ccPayFlowPro, ccLinkPoint etc.
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
14/21
Credit Card Capture Security
Never, ever redisplay full card to user! You can capture cards and store them
If you need to redisplay always trim off the end or use ****
Ask for card security code Minimize card fraud of stolen CC numbers
Using it often reduces your transaction merchant percentage
Don't hold on to CC numbers
Once processing is done and approved you can get rid of CCs If you need to issue credits ask for the card again from customer
If you do hold on to card numbers, encrypt them
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
15/21
What about PayPal? (standard)
PayPal's not a merchant provider Money transfers into yourPayPal account
But it requires users to have a PayPal account
Good choice for starting out and small businesses
It's a very economical and quick way to get started! No startup fees
Approval process is easy
You only pay a percentage of your sale no other fees!
Appeals to many customers No need to give you a credit card
You don't handle Credit Cards less risk for you
Many people have accumulated PayPalmoney in their accounts
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
16/21
Integrating PayPal (standard)
Disconnected UserInterface Requires you go through the PayPal Web site
Exits your site, goes to PayPal, then returns
Somewhat unprofessional
Non-seamless Integration
Can't be isolated as 'business process'
Can't be made completely generic
Requires mixing UI logic and business logic
Can't be used from a desktop application
Requires HTML interfaces
Auto-validation requires a Web server callback (IPN)
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
17/21
Order FormOrder Formwww.myserver.comwww.myserver.comorderform.aspxorderform.aspx
takes order infocreates own totals
sends info to PayPal
shows completion, butshows completion, butshould not confirm ordershould not confirm order
PayPalPayPalPayment FormPayment Form
www.paypal.com
shows payment Form
redirects to URL on your site
PayPal Payments
redirects to
IPN ConfirmIPN Confirmwww.myserver.comwww.myserver.comPayPalConfirmation.aspxPayPalConfirmation.aspx
nonnon--visual pagevisual pageconfirms order to PayPalconfirms order to PayPalallows you to fulfil orderallows you to fulfil order
HTTP POST
PayPalPayPalIPN ConfirmIPN Confirm
www.paypal.com
internally activated
POSTs to URL on your site
checks confirmationHTTP POST
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
18/21
PayPal Payments Pro
PayPal goes Merchant Services Flat rate for all cards!
Good rates
Higher rejection rates
Awkard Configuration and Testing Requires several separate toolkits
Uses custom SSL implementation
Requires private keys and key installation Documentation is inadequate
Error reporting from server is not end user ready
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
19/21
Summary
Do your homework Check rates and read the fine print in contracts Beware of hidden fees
Test your setup
Test your setup thouroughly before going live Take advantage of test gateways
My recommendation? I use Authorize.NET with MerchantPlus
Good rates, low fees, fast and good customer service
Authorize.NET API is easy to integrate (no setup) And no they don't pay me for this
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
20/21
Resources
Authorize.Net Merchant Plus
Price: $14.95/month + $9.95 Statement Fee, Free setup, $.05 pertransaction + Merchant Percentages/Fees
Verisign PayFlow Pro Direct Signup
Price: $60/month, $249 setup, $.10 per transaction + MerchantPercentages
LinkPoint Available with 'merchant packages'
Available from many bank internet packages
Wouldn't recommend as first choice
PayPal Direct Signup
No startup fees, no monthly fees
Percentages on purchase
8/3/2019 Strahl ASP Connections AGA304 Integrating Electronic Payments
21/21
Resources
Updated Downloads
Updated Slides
30 page Session Notes document ccProcessing Classes
Small Sample Application www.west-wind.com/conferences/Conn_2006_ECommerce.zip