April 6th, 2009, 05:53 AM
Accepting debit/credit card payment
It would be great if you can help me with some suggestions. I have integrated paypal payment module for my client's e-commerce php web-site. Now they want an option to receive payments directly, without using paypal or any third party provider. So that will take user card details charge maoney later. Now, i ahven't done this kind of functionality before (without using any third party provider). I can surely save the card information in the database through a form. But what happens next? How can I/they credit the momey from buyer's bank? Do they need to have any legal permission from any authorities? Do I need to add any php module? Any advise would be a great help.
April 6th, 2009, 08:01 AM
Essentially unless your client is a bank they can't process the payment without using a third party. You have to be an acquirer to charge credit cards without using a third party which is not something you can get unless your primary business is moving money around (ie: a bank). You also would have to get an acquirer agreement with each credit card provider that you want to be able to charge (ie: mastercard, visa, discover, etc.) and I would guess that this involves massive (think thousands at least) of dollars in licensing fees per license.
You can take the user's credit card number and charge it later with most payment gateways. For Paypal you need to sign up for the Paypal pro service which allows you to collect the details from the user on your website and send them to Paypal using an API. See the paypal website for more information.
Actually the licensing fees for each type of card is probably in the $100k+ range. Setting up a site that doesn't use any third party to process payments and goes directly to the credit card provider would likely require a budget in the high hundred thousands to low millions.
Since your client doesn't know this I believe I can safely assume that they are not a bank or financial institution and as such wouldn't be eligible for these licenses even if they did have the money.
You can store credit card details and charge them at a later date, but you can't bypass a third party.
Last edited by E-Oreo; April 6th, 2009 at 10:27 AM.
April 6th, 2009, 08:34 PM
That's probably not too far from the truth.
Originally Posted by E-Oreo
I used to work for National City Bank's data center as a web developer: the process to submit card payments directly to Visa international took months to setup, and was no doubt expensive.
They flew 2 network engineers out from CompuServe to setup what they called a "VAN" (Value Added Network).
The networking protocol was X.25, and the modems were extremely expensive.
Plus I had to sign an NDA to receive the developer docs from VISA; it took a month just to receive them and another month to realize that they had sent obsolete documentation.
The documentation is the same used by those that program the firmware for Point of sale terminals.
If you think 3rd party API's are difficult, then wait until you have to develop a POS system that speaks X.25 natively.
You have no developer support or toolkits, and the certification process is rigorous to say the least.
X.25 flow control and error checking is completely implemented in software - LRC error checking is used, and multiple signal handlers need to be defined to handle the mandatory 8 second global timeout window enforced by VISA.
This was by far one of the most difficult assignments I have ever faced: not for the faint of heart or those with no systems programming experience.
You need to get a "merchant account" to accept credit cards ... these are set up by 3rd parties. In the US it's almost impossible to get turned down ... all you need is a Tax ID number, and a bank account. My buddy Tom at www.USA-merchantaccount.com can set you up ... tell him Mike from frapple sent ya ... good luck!