Question about accecting Credit Cards on a website

[Cameron08]

Hi,

I was wondering how sites use ccs on their website, and how it is processed.

I own a website (I won't put a link unless given permission) and accept payments through paypal, but never really thought about accepting credit cards directly and through paypal.

When a customer inputs their credit card is it just sent in text form to the sales rep and he manually puts it in?

For example, take a look at www.teamviewer.com if you there and act like your buying something then go to the next page and it gives you the option to pay through invoice or credit card, invoice is paypal credit card is where you just manually type your cc in. You would just type your cc in where it says cc # then expiration date,etc... when you submit it where does it go?


Reason I ask is I'd like to have the cc option and paypal to save time for customers. Is it hard to do, and I don't want to pay any third party companies for anything.

Thanks much!

-Cam

 

[SrWebDeveloper]

For general tutorial and overview on E-Commerce please refer here:

http://www.online-commerce.com/tutorial.html

The transaction is fully automated, server to server (yours to the bank's or merchant, i.e. Paypal) - this isn't like the old days with a Zon or a credit card slide machine with carbons. It's a fully electronic alternative. Review the tutorial linked above for the big picture of how it all works, then when it comes time to setup your storefront and/or shopping cart, read on...

Most common (not the "best", "easiest" or "cheapest") setup procedure:

Purchase a VPS or dedicated server with a web host manager (WHM) that includes tools to help you setup SSL/TSL for encrypting web pages on port 443 or whatever, tools for setting up the digital certificate for your domain (or piggy back on the webhost's if they permit) and open source solutions for shopping cart which include plugins for electronic transactions via third party merchants. The merchant provides you with an ID and also the servers for testing (called sandboxes) and performing actual transactions. Please note the Directory link in the page I provided above lists many of the most common merchants used in E-Commerce today. Each has different levels of service, APIs and means of integration into your web site if you want to do it manually. Otherwise to simplify transactions many webhosting packages include content management tools such as Joomla, Drupal, and third party E-Commerce packages such as OS-Commerce, Interchange, etc. that all have tools for this specific purpose.

There are a million ways to do this, and I will digress to others to suggest SPECIFIC packages and techniques and just let the conversation flow.


BTW, couple of notes:

Nothing is truly "free" - there is usually a small transaction fee, but with that you get itemized reports at the merchant's web site so you can properly audit your income. Anything is better than PayPal these days in terms of processing fees, but PayPal is still "convenient" for many users. It's up to you to shop around because rates and taxation changes from state to state just like shipping is affected. Hope this gets you started.

SSL = Secure Socket Layer, i.e. when you visit a web site and submit confidential information via an encrypted session. SSL is setup on the web server and associated with a digital certificate that authenticates your ownership.

-jim

 

[angelwatt]

Based on the questions you're asking I wouldn't trust putting any credit card information on your site. This is very sensitive information that needs to be handled with the strictest and securest of methods and should be done by novices because you are unnecessarily putting visitors at risk. Hire a pro to set you up with credit card payments on your site. I'm not trying to be mean, but you can seriously screw things up for people and find yourself in very serious legal issues if you don't do it the right way.

 

[ChicoWeb]

Sr. laid out all the technical specifics. Bottom line, to do it correctly on your site (not paypal, thats pretty straight fotward) you need an SSL Certificate, a gateway and merchant account. They all charge montly fee's. By the time all is said and done, my experience with the couple dozen we've done is it costs 30-50 a month JUST to accept. Then of course you have the 2-3% fee's on top.

By no means should any CC numbers be transfered via email, thats a big no-no and opens yourself up for legal issues. My only advice, make sure you know what you're doing, or hire a professional

 

[blitzkrieg79]

Since you seem to be not only a Macrumors newbie but also an Ecommerce newbie, my advice is simple, just open up an Yahoo store, http://smallbusiness.yahoo.com/ecommerce/ their cheapest plan is around $40 and it includes the shopping cart and credit card acceptance. Of course they also charge a small percentage fee of each transaction sold but I think for a start up company (or just to get your feet wet in ecommerce) it is easy to implement/use and integrated all in one place.

 

[notjustjay]

By no means should any CC numbers be transfered via email, thats a big no-no and opens yourself up for legal issues. My only advice, make sure you know what you're doing, or hire a professional

Not in plaintext. You could encrypt the data using some kind of strong encryption method before mailing, and require the receiver to decrypt before processing the card info.

 

[Cameron08]

For general tutorial and overview on E-Commerce please refer here:

http://www.online-commerce.com/tutorial.html

The transaction is fully automated, server to server (yours to the bank's or merchant, i.e. Paypal) - this isn't like the old days with a Zon or a credit card slide machine with carbons. It's a fully electronic alternative. Review the tutorial linked above for the big picture of how it all works, then when it comes time to setup your storefront and/or shopping cart, read on...

Most common (not the "best", "easiest" or "cheapest") setup procedure:

Purchase a VPS or dedicated server with a web host manager (WHM) that includes tools to help you setup SSL/TSL for encrypting web pages on port 443 or whatever, tools for setting up the digital certificate for your domain (or piggy back on the webhost's if they permit) and open source solutions for shopping cart which include plugins for electronic transactions via third party merchants. The merchant provides you with an ID and also the servers for testing (called sandboxes) and performing actual transactions. Please note the Directory link in the page I provided above lists many of the most common merchants used in E-Commerce today. Each has different levels of service, APIs and means of integration into your web site if you want to do it manually. Otherwise to simplify transactions many webhosting packages include content management tools such as Joomla, Drupal, and third party E-Commerce packages such as OS-Commerce, Interchange, etc. that all have tools for this specific purpose.

There are a million ways to do this, and I will digress to others to suggest SPECIFIC packages and techniques and just let the conversation flow.


BTW, couple of notes:

Nothing is truly "free" - there is usually a small transaction fee, but with that you get itemized reports at the merchant's web site so you can properly audit your income. Anything is better than PayPal these days in terms of processing fees, but PayPal is still "convenient" for many users. It's up to you to shop around because rates and taxation changes from state to state just like shipping is affected. Hope this gets you started.

SSL = Secure Socket Layer, i.e. when you visit a web site and submit confidential information via an encrypted session. SSL is setup on the web server and associated with a digital certificate that authenticates your ownership.

-jim

Thanks Jim I will def look at that tut and see how it works.

Based on the questions you're asking I wouldn't trust putting any credit card information on your site. This is very sensitive information that needs to be handled with the strictest and securest of methods and should be done by novices because you are unnecessarily putting visitors at risk. Hire a pro to set you up with credit card payments on your site. I'm not trying to be mean, but you can seriously screw things up for people and find yourself in very serious legal issues if you don't do it the right way.

Oh absolutely I agree with you. I would not be the one setting this up avoisouly however I am just curious how it would work. I am familiar with SSL and things like that, my web designer would set it up. I most likely will stick to paypal. Thanks for your comments.

Sr. laid out all the technical specifics. Bottom line, to do it correctly on your site (not paypal, thats pretty straight fotward) you need an SSL Certificate, a gateway and merchant account. They all charge montly fee's. By the time all is said and done, my experience with the couple dozen we've done is it costs 30-50 a month JUST to accept. Then of course you have the 2-3% fee's on top.

By no means should any CC numbers be transfered via email, thats a big no-no and opens yourself up for legal issues. My only advice, make sure you know what you're doing, or hire a professional

Thanks for clearing that up. From what I'm hearing it seems best to stay with Paypal...

Since you seem to be not only a Macrumors newbie but also an Ecommerce newbie, my advice is simple, just open up an Yahoo store, http://smallbusiness.yahoo.com/ecommerce/ their cheapest plan is around $40 and it includes the shopping cart and credit card acceptance. Of course they also charge a small percentage fee of each transaction sold but I think for a start up company (or just to get your feet wet in ecommerce) it is easy to implement/use and integrated all in one place.

Hi, I do already have a business it's been up for nearly 3 years. I'm nota big fan of things like stores off sites like ebay stores,yahoo stores,etc.. although it would be a nice extra to do.

Not in plaintext. You could encrypt the data using some kind of strong encryption method before mailing, and require the receiver to decrypt before processing the card info.

That's a possibly, probably if I did accept credit cards I would put up encryption,however when I looked at TeamViewers website there was not any "lock" on my browser to show it's secure so I do not think they had SSL I'm not sure what happens after you put your cc into in the form but maybe afterwards it goes into SSL.










Thanks for all your replies it has really helped me understand, and get to know my possibilities and precautions.

Thanks again and good day,

Cameron Bradford

 

[SrWebDeveloper]

...there was not any "lock" on my browser to show it's secure so I do not think they had SSL I'm not sure what happens after you put your cc into in the form but maybe afterwards it goes into SSL...

You're very welcome for the general advice thus far, but I'm with angelwatt -- make sure in your specific case you have a professional set it all up for you. Your comment above shows the inexperience with how forms and SSL work, no disrespect intended to you personally. Others already stressed the significance of security issues and E-Commerce, I am reinforcing it. Please note you can tell if a page is encrypted if you see https:// in the address bar, the lock icon, or the yellow/blue shaded background color in the address bar. Never fill out any form with personally identifiable information including account numbers unless you know that page is encrypted and the site is trusted (no security certificate warnings about expiry or untrusted).

Your web developer will make sure this is true, of course.

Since you mentioned PayPal, I'd like to add they have numerous techniques for E-Commerce including template based third party (the transaction is handled entirely on their site, not yours), credit card, invoice only, and seamless integration into your site. I strongly suggest you visit the following link which is a Wizard to help you determine which Paypal service is best for you:

https://www.paypal.com/us/cgi-bin/webscr?cmd=_home-merchant (Select "Recommendation Wizard" after the page loads)

That's all I can think of, good luck and thanks for posting!

-jim

 

[Consultant]

GOOGLE THE INFO and read, or
HIRE A PROFESSIONAL if you have no technical knowledge.

 

[Cameron08]

You're very welcome for the general advice thus far, but I'm with angelwatt -- make sure in your specific case you have a professional set it all up for you. Your comment above shows the inexperience with how forms and SSL work, no disrespect intended to you personally. Others already stressed the significance of security issues and E-Commerce, I am reinforcing it. Please note you can tell if a page is encrypted if you see https:// in the address bar, the lock icon, or the yellow/blue shaded background color in the address bar. Never fill out any form with personally identifiable information including account numbers unless you know that page is encrypted and the site is trusted (no security certificate warnings about expiry or untrusted).

Your web developer will make sure this is true, of course.

Since you mentioned PayPal, I'd like to add they have numerous techniques for E-Commerce including template based third party (the transaction is handled entirely on their site, not yours), credit card, invoice only, and seamless integration into your site. I strongly suggest you visit the following link which is a Wizard to help you determine which Paypal service is best for you:

https://www.paypal.com/us/cgi-bin/webscr?cmd=_home-merchant (Select "Recommendation Wizard" after the page loads)

That's all I can think of, good luck and thanks for posting!

-jim

Thanks Jim for that info, I didn't know about all the other ways to see if its encrypted. Thanks again

GOOGLE THE INFO and read, or
HIRE A PROFESSIONAL if you have no technical knowledge.

Hi,

I recall googling, but could not find any useful sources or maybe it was just confusing for me. i do have a "PROFESSIONAL" however, I was interesting in learning how it works just for my own personal education. I was just curious.

Thanks for the feedback.

-Cameron