Credit Card processing without Gateway - Looking for Developer
PermalinkI have two clients who still prefer to enter client credit card numbers manually (without CVV code, of course).
Can any developer build something like that and give me a quote?
Thanks!

nobody answered so far.
Let me know if you are more lucky.
THX
To create an analogy, suppose I want to send you some money. So I order an armoured security truck and guards (secure cert). They come to my house and collect the money, but they cant take it directly to you, so they take it to the mall and leave it in a cardboard box in a corner of the car park. A few hours later, you are ready for the money, so you order up another armoured security truck and collect the box from of money from the pile of boxes that various people have left for you in the car park.
You and I both think we are safe sending money, because all we see is the armoured security trucks. But the money is actually left for several hours in a corner of the mall car park that is becoming well known as a parking place for money.
So, is your web server a corner of the mall car park? Or is it a bank vault or safe in your own office? Who has access to it, both physical and over the web? Who do you trust to have access to all those credit card numbers? What happens to backup data (which also has the numbers in it)?
Creating a payment add-on that can ask for credit card numbers is fairly straight forward. Its just a form on an https page. As is providing a means for you to read them back later. But if you are storing them on a server at a typical ISP on a shared hosting plan, who are you kidding?
good point.
I know a shopping cart company that is actually able to store the info securely and handle the order process: Mal's Ecommerce at
https://www.mals-e.com/index.php....
Are you able to write a plugin for that?
Thanks!
(I have not used it).
Mal's allows several payment processors or collect CC data only.
Thx
I do work for alot of financial companies, their core processors and even worked for a bank for a decade. I am all too aware of merchant processing and what could go wrong. Running a company of my own I have had to do alot of things to take credit cards to process them outside of companies like Paypal. We are talking Lawyers, agreements, liability insurance and on and on.
With that said, keep in mind, if you key CC info, your rates are higher because your risks of chargebacks and fraud are higher. Another thing is you HAVE to be completely PCI compliant when taking and/or storing CC info on any website.All it takes is a breach of info on a card holder that processed through you (whether you were the cause of the breach or not) for your to start being looked at and if you can't provide the info they need for their investigation, your looking at major fines that could ruin you as a sole prop or even a corporation.
My advice as a consultant, be sure all your angles are covered. This is not to discourage you but before you pay a developer to write something like this, make sure your liability is as minimal as possible. My other advice, its sometimes easier to just use a company like Paypal or your clients merchant processor as the gateway and keep all data off your or your clients servers.
Mal's is definitely PCI compliant. That's why I would use it.
Maybe I should start a new thread with a different headline.
Thx
You may have dealt with PCI compliance before but if you have not, there is alot more to it than what some companies tell you on the Internet.
Just be sure to look into that thoroughly. I glanced abit but didn't see much information available without having to sign up first. Thats usually a red flag to me. Not knocking them at all, just always leery.
Best of luck.
BTW they do store data.
Thx
Do you know any other PCI/bullet proof alternative?
Thx
sfsdfsfsfsf
<a href="http://www.laugh-islife.blogspot.com/">Comedy Videos</a>
Storing the cvv code also.
On 12/23/2012 12:21 AM, concrete5 Community wrote: