I am working with an individual who is interested in removing a third party credit card processor from the equation. Essentially, he wants users to be able to fill out a simple form on the site, enter their credit card information, and hit send. He then wants to be able to either log in or receive the information in some manner so that he can process the cards manually on his own. What is the best way to do this? What are the steps that need to be taken to set up encryption?
Thanks, I realize that encryption is necessary. However it would not be secure to simply have the information emailed to this man, so he will need to login to a secure backend to see the information, correct?
email is not secure you would need to apply for a ssl certificate, and then install it on your domain. this makes the domain "trusted" allowing you to encrypt information as it is sent to the server. you cannot send cc details over the net in plaintext, as anyone eavesdropping your network could see them. as for the actual process, i will leave that up to someone who knows.
You will need this on the backend: SSL connection required Strong 128 bit Password Encyption Make it only accessible from his IP range. Ect..
You will need to check with your bank about applying for a Merchant Account which would allow you to accept credit card. Since you are doing online, you should opt for the Mail Order or Internet transaction option. After that, you will need to subscribe for a payment gateway option which would provide you the ability to receive payment online.
use SSL (Secure Sesson Layer) which is used by all banks, paypal etc. when you see a SSL, then your url starts with https:// and there is no way to decript the data send by SSL page... so SSL is the higest level of security you can get... this is only the page where they will enter there CC no. but the question is after they enter there CC on your site, where will you store there data? are you going to store there CC no. secure in your server so that even if someone hack into your server, they cant get any info of your customers. i think you need to contact a professional web site disigner for this issue or else you will put your customers info in jeopardy....
Simple Step why are you trying to go for a Page like this . Simply use any payment processor .. You might have to pay some fees but still they are so much secure than what you can develop in future using your SSL certificate
The issue is that he wants to be able to alter the amount he charges the customer based upon the item they get sent. He is in the meat business and if someone purchases an amount of meat, often the cut they receive is not exactly the estimated size and so he needs to manually adjust the price. That's why a third party payment processor (like PayPal) cannot be used. If the form wrote to a database securely, and a script was created to display contents of a database on a secure page, would that work?
It can be a problem if the buyer sees one amount when they pay and then see a different amount on the bill but then again I am not in the meat business so I am not sure about what their customers thinks.
Apparently he wishes to make it clear the maximum price they will be charged on the site and then sometimes adjusts the price down if the cut is not for that expense, I guess. Good point, though.
I am not sure if this would work but maybe what you could have is a tentative order form which the customer can use to place an order for so-and-so cut of meat then your customer can pick the piece of meat and do the actual cost computation then use Paypal Email Invoice option and send that to his customer with the final pricing which they can then pay.