88guy Posted November 2, 2008 Posted November 2, 2008 I spent a lot of time setting this thing up and, now, it's completely unclear to me if it will work with credit cards. I have already Googled my head off, searched here, etc. I've read conflicting things and it's not clear to me what's going on with the credit card "thing"... I found an Oscommerce info page (lost the link) that said to go to Configuration > Credit Cards - and that menu item doesn't even exist on my cart. There is an option to enable credit cards but it says that it isn't for a "production server". I've got it set up with the USPS and Paypal, but, it seems a bit of a waste if you can't take a credit card on a secure host. I've got the following version installed: 07/03/2007 osCommerce Online Merchant 2.2 RC1. Here's the page I saw - in the "Knowledge Base" - like I said, I don't even have the sub-menu to which this refers: http://www.oscommerce.info/kb/osCommerce/A...nfiguration/235 Just noticed that page is dated 2005....argh. Did they remove this???? Could someone tell, succintly, how - or whether or not - Oscommerce works with credit cards? And if it does, why are none listed... Do I need to download something? I work in a store and we have a terminal/merchant account to use the credit cards info. Thanks for any clues.....
88guy Posted November 2, 2008 Author Posted November 2, 2008 I spent a lot of time setting this thing up and, now, it's completely unclear to me if it will work with credit cards. I have already Googled my head off, searched here, etc. I've read conflicting things and it's not clear to me what's going on with the credit card "thing"... I found an Oscommerce info page (lost the link) that said to go to Configuration > Credit Cards - and that menu item doesn't even exist on my cart. There is an option to enable credit cards but it says that it isn't for a "production server". I've got it set up with the USPS and Paypal, but, it seems a bit of a waste if you can't take a credit card on a secure host. I've got the following version installed: 07/03/2007 osCommerce Online Merchant 2.2 RC1. Here's the page I saw - in the "Knowledge Base" - like I said, I don't even have the sub-menu to which this refers: http://www.oscommerce.info/kb/osCommerce/A...nfiguration/235 Just noticed that page is dated 2005....argh. Did they remove this???? Could someone tell, succintly, how - or whether or not - Oscommerce works with credit cards? And if it does, why are none listed... Do I need to download something? I work in a store and we have a terminal/merchant account to use the credit cards info. Thanks for any clues..... Crazy - I ask a fundamental question about the operation of this cart and virtually no one replies - another poster (today) posts a question about why this particular forum "loads slow" on her computer and a hubbub of activity ensues surrounding her query - people speculating about her browser and ISP, etc. I've got 1996 Dodge Dakota and it's not getting the mileage that the manufacturer has suggested for combined freeway/city driving? Can anyone tell me what might cause this.....????? By the way, I just changed the spark plugs. I anticipate that this will generate a flurry of excitement and considerable input from the community...
♥geoffreywalton Posted November 2, 2008 Posted November 2, 2008 Annoying isn't it but you get what you pay for. Maybe your problem didn't interest them. The "online documentation" is probably for the "upcoming" version which has been on its' way for years. Try Modules >> Payment. You can install modules to take cc payment through any number of merchants. Taking cc details and processing them throuch your terminal is really a no no especially on a shared server. Google for the pci conditions, big fines if take cc details, email them on or record them in any way shape or form if you do not adhere to the rules. anyway you have to download a contribution for your merchant or if you use PP download and use the paypal IPN contribution. Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>.
88guy Posted November 2, 2008 Author Posted November 2, 2008 Annoying isn't it but you get what you pay for. Maybe your problem didn't interest them. The "online documentation" is probably for the "upcoming" version which has been on its' way for years. Try Modules >> Payment. You can install modules to take cc payment through any number of merchants. Taking cc details and processing them throuch your terminal is really a no no especially on a shared server. Google for the pci conditions, big fines if take cc details, email them on or record them in any way shape or form if you do not adhere to the rules. anyway you have to download a contribution for your merchant or if you use PP download and use the paypal IPN contribution. Thanks a lot - I confess, after I posted I had done some further reading and became aware of the fact, if I've understood everything correctly, that there are legal issues surrounding credit card usage on the net with something like a stock oscommerce setup. I did finally learn that it requires an association with a third party deal, a module of some sort - if I understood it all correctly. What I don't get is this: if I simply enable the credit card option it appears in the checkout and correctly recognizes Visa, Master Card, etc. I tested it with my own Visa and a dummy MasterCard (using the correct numerical syntax). I guess my final question is this: while there are legal ramifications if one were to use this thing in the way that it works, out of the box, it does send you the proper data....correct? In other words, while there's no menu to add particular types of cards it seems to know what they are...right? And I do understand that there are legal issues regarding the operation of oscommerce in this way... By the way - I am under the gun, financially, and really appreciate your answer. I've got someone who want to buy this site, I'm 57 and kinda slow, and there's a lot to absorb here for an old man. Thanks very much...
scream_zone Posted November 14, 2008 Posted November 14, 2008 Hi Guy, Can I ask if you ever figured out how to implement credit card payment? I am currently developing a site for a shoe store and credit card payments will be the only method of payment. I've spent hours trying to figure this out but it has't been much use. I notice alot of contributions regarding Authorize.Net so if thats the way to go then who knows. Cheers.
WoodsWalker Posted November 14, 2008 Posted November 14, 2008 It's strange that 88guy didn't get more replies to his initial question - it's a popular subject around here - but then again he posted in the wee small hours and didn't wait very long... Here's how I would break down the answer: 1) The technical side in osCommerce. Yes, the resident ("not for production use") credit card payment module that comes with osCommerce "knows" what credit card numbers are and can transmit them. Sounds very simple, and it is. The module that came with my version even allowed the option of automatically splitting the cc# - one part remaining on the server and the other transmitted to the merchant via email. This was only considered "secure enough" about ten years ago, so please read on! 2) Merchant Accounts. The legitimate and legal way to accept cc#s is to use a payment gateway and/or merchant account. Authorize.net is one such company. The merchant's existing bank probably also offers merchant accounts that allow for SECURE internet transmission of cc#s. Note that a merchant account that does not specifically include e-commerce transactions usually specifically prohibits the processing of any transactions originating on the internet. If one signs up for an "e-commerce" merchant account, the software ("payment modules") to link the merchant and shopping cart with these payment options are usually available from the companies themselves, and often from the contributions section here on the osC Forum. With most of the legitimate e-commerce setups, the cc# never sits on your own server. Depending on the exact gateway system used, you may or may not need PCI-certification for your site (that is, if the system transfers the customer to a page on the financial service provider's site to enter his or her cc#, then your own site will likely not need PCI-certification). 3) Security and legalities. Not that I can tell anyone what to do, but if I could, I would say "NEVER TRANSMIT CC#S OVER EMAIL IN ANY FORM". This will breach any merchant agreement in existence - even agreements that allow for internet commerce. Fines and penalties are heavy, and the banks are very serious about this. Imagine if a hacker gains access to your server (it happens every day). If cc#s are on your server, bingo, he's got them. It's not good enough to delete them once you've processed them. Even if the cc# have been delivered to you "split" between email and the server, he could easily have access to both halves now. Cutting corners in this way not only exposes you to fines and penalties if caught, but is irresponsible towards your customers, who have trusted you with their information. 4) References and more info from the forum: "How to Take Credit Cards Manually" http://www.oscommerce.com/forums/index.php?showtopic=202604 "CC processing and PCI compliance" http://www.oscommerce.com/forums/index.php?showtopic=273891 "PCI compliance process" http://www.oscommerce.com/forums/index.php?showtopic=300165 Hope this helps. It's not so hard doing it the secure way. :) ~Wendy
scream_zone Posted November 14, 2008 Posted November 14, 2008 Many thanks for that Wendy. Now I have something to work on.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.