Skip to main content
J Cellini
J Cellini
Inspiring
July 12, 2010
Question

php credit card processing

  • July 12, 2010
  • 2 replies
  • 8122 views

My merchant account company is raising my rates and making me buy new software. I am looking for a different solution and anyone familiar with credit card processing may be able to give me some good advice.

Up until now, I used software that I installed on my computer that would enable me to process transactions over the Internet. My question is: When someone gives me a credit card number, can I process credit cards using a secure page coded with php? I have a dedicated IP, I can get an SSL certificate, and I can sign up with a credit card gateway like Authorize.net. Why would I need a merchant account (who will charge me a percentage of everything I make)?

There are a number of good php credit card processing scripts available. Can I bypass the merchant account company using a php page that will process my credit cards?

This topic has been closed for replies.

2 replies

jon8
jon8
Inspiring
August 5, 2010

unless your running a pci compliant dedicated server for that one website... you are not suppose to be storing any credit card information.  i recommend using a gateway service approved by the merchant account with a virtual terminal and documented api to hook into via any programming language, including php.  best of luck

Lawrence_Cramer
Lawrence_Cramer
Inspiring
August 2, 2010

Hi John...

First - Never, ever, under any circumstances store consumer credit card data in your database. Period. In a shared host environment there is no way to adequately secure it and doing so exposes you, or your client to real legal and liability issues.

Here's a blog post on the tiopic: http://blog.cartweaver.com/index.cfm?newsid=13

You'll notice that this is a fairly old post, and this issue hasn't gotten any less critical.  In fact - note to self "do an updated post on this" - because even a "hold harmless" agreement from the client won't adequately protect you any more. So, just don't do it.

As for gateways - I'd recommend one of the dedicated true real-time processors (frankly I don't think highly of either PayPal Web Payments Pro or Google Check-out, both are "hybrids" that serve to promote their brand on your store - not a truly professional approach)  I would recommend one that is reputable and truly operates in real time and transparently like Authorize Net, PayPal PayFlow Pro, or LinkPoint.

Hope this helps. If you have any other or specific questions let me know I'd be happy to help.

--   
Lawrence Cramer   *Adobe Community Professional*
www.Cartweaver.com
Complete Shopping   Cart Application for
Dreamweaver, available in PHP and CF

Stay updated - Friend, Follow, and Bookmark!
http://www.twitter.com/Cartweaver

http://blog.cartweaver.com
http://www.cartweaver.com/facebook

J Cellini
J CelliniAuthor
Inspiring
August 2, 2010

Lawrence,

I have always been uncomfortable with keeping credit cards for automatic

payments and never have done it. But there a lot of companies (like goDaddy,

hosting companies, cell phone companies, etc.) that keep a credit card on

file and automatically charge it every payment period. They must store that

information in a database. Do you know how they do it and how they secure

that information? They must have several levels of security.

I use Authorize.net for a few of my clients and it's a good gateway to use

(and like you said a reputable company) especially if you are doing shopping

carts. Most third party shopping carts have software that will easily

integrate with Authorize.net. (I will probably end of purchasing

cartweaver-which I have been looking at a long time.)

Like I stated before, most of my clients pay with a check but a few will

give me a credit card over the phone. In this case, my Sam's club merchant

account works well and is an inexpensive solution.

John

N
netartdesign
Participant
August 2, 2010

how is cartweaver better than other 3rd party shoping cart?

Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices