jaydigital Posted February 18, 2013 Posted February 18, 2013 Hi, I have the NYC sales tax contribution installed in a few stores (it was done by a freelance developer some years ago). Now, my client wants to disable it and just add the sales tax to the customer's credit card charge after at first advising them that they are going to do this. So, I would like to disable the contribution, but I also want to be able to turn it back on if the client's plan does not work out the way they expect it to. Is there some way to do this? Thanks, John
Guest Posted February 18, 2013 Posted February 18, 2013 @@jaydigital You should advise your client to hire an experienced osCommerce developer who would first, know how to make all/any changes in osCommerce and then secondly advise is client that it is illegal in the state of New York to process credit card manually unless their site is PCI DSS compliant. Also, an experienced developer would know that they can be held liable if they enable their client to process credit card information manually. Chris
♥geoffreywalton Posted February 18, 2013 Posted February 18, 2013 John I don't think you have an add-on installed for NY Sales Tax, just the tax entries are set up to charge NY Sales Tax where the shipping destination is NY. See http://addons.oscommerce.com/category?search=NY+Sales+tax There is one for tax by zip code that I found So you can just remove the tax entries in the Shop admin. As for adding tax after contacting the customer, providing they are willing to give you their CC details over the phone you can raise a second charge as a not in shop sale, but what you can't do is store the CC details and use those. Storing cc card numbers unless you are PCI DSS compliant is a big NO NO. But best you do your own research and find out how much effort and pain it is to be PCI compliant. HTH G Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile Virus Threat Scanner My Contributions Basic install answers. Click here for Contributions / Add Ons. UK your site. Site Move. Basic design info. For links mentioned in old answers that are no longer here follow this link Useful Threads. If this post was useful, click the Like This button over there ======>>>>>.
MrPhil Posted February 18, 2013 Posted February 18, 2013 Uh, what exactly is the point of this whole exercise? Are they collecting sales tax on sales into NY state? What "contribution" is being used to handle it? Have they shut down their NY nexus and no longer need to collect sales tax? If not, what are they trying to accomplish by adding the sales tax separately? This sounds like they will have to hold onto credit card information, so I second the warnings about being strictly PCI-DSS compliant. Is their current sales tax system not working correctly? I will admit that NY's destination-based sales tax rates is not the easiest thing to automate. The state tells you specifically not to use ZIP codes to determine rates, but then offers no reasonable alternative. They have a web site where you give the full address and they return the general sales tax rate, but AFAIK they don't have an API to it (nor do they return the tax jurisdiction number, so you could handle things besides general sales tax, such as periodic exemptions on clothing and footwear, where the state portion is dropped and the county/city may or may not drop its part). My suggestion is to go with a ZIP code-based determination of the sales tax jurisdiction, as it will properly handle 99.9% of all cases, and take your lumps if someone complains that they were overtaxed (verify the address and refund the excess tax collected).
jaydigital Posted February 19, 2013 Author Posted February 19, 2013 Hi Guys, Thanks for the PCI Alerts and warnings. The client has been advised of the need to become compliant in handling the credit card info they handle. The contribution that is installed is: "New York State Tax By Zip Code" . I think that we will just remove the contribution and they will calculate the sales tax manually before they charge the cards. Just thought there might be a way to avoid removing them one-by-one, just to have them change their minds. John
MrPhil Posted February 20, 2013 Posted February 20, 2013 You still haven't explained what is not working correctly with the contribution, and why they would rather remove it than fix it. Frankly, to go from an automated system to a manual system seems idiotic to me. Are they actually going to make a second charge to the customer credit card, or are they going to collect the CC info, look up the tax, and manually charge the whole thing? Keep in mind that even if they are technically PCI-DSS compliant, if they are planning to use an in-store POS terminal to run the cards that is probably in violation of their contract with the bank (merchant account). Banks insist on higher fees for web transactions because fraud is higher than when you handle the card in-person, and can see the CVV2 code.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.