homepage Welcome to WebmasterWorld Guest from 54.81.170.186
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe and Support WebmasterWorld
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
Simple 'flowchart' explaining gateway, merchant account, etc.
AffiliateDreamer




msg:3973570
 5:49 pm on Aug 17, 2009 (gmt 0)

I am hoping someone can explain to me the various aspects of running an ecommerce store, specifically regarding handling credit carts online.

I want the user to stay on my store, so no redirects to someone elses checkout.

I'm looking for an explanation of a gateway, merchant account? etc.

i.e.

User adds an item to the cart, clicks on checkout. Enters cc information, clicks submit. Data is sent to #*$!x, then to #*$!x, etc.

 

ssgumby




msg:3973576
 5:55 pm on Aug 17, 2009 (gmt 0)

First, google "authorize.net how it works". They have a nice diagram there.

A quick overview.

1. user adds item to cart
2. user clicks checkout
3. user fills out name, addr
4. user selects shipping
5. user enters credit card info
6. user clicks submit
7. cc info is encrypted and set to gateway (auth net is one)
8. gateway sends info to merchant provider
9. merchant provider contacts customers cc company for approval
10. approval comes back to gateway
11. gateway checks address for validity
12. gateway sends response back to cart
13. customer gets a confirmation page

rocknbil




msg:3973845
 3:14 am on Aug 18, 2009 (gmt 0)

I want the user to stay on my store, so no redirects to someone elses checkout.

I don't know why it would redirect to someone else's cart, but from ssgumby's list, you can perform steps 7 through 12 without the visitor leaving your site through what's called silent post (or, one of the names for it.)

To throw a buzzword into the mix, the interface set up by the gateway for you to process transactions is called an API.

On 'nix systems there is a program called curl. What it does is goes out and gets a page, or in this case posts data to a page/location, and acquires a response.

An SSL cert is required for Authorize.net, LinkPoint, NetBilling, and other processors to use curl with their API. It will be rejected and will not respond if you don't "curl" a response over SSL.

So when the customer hits submit, your programming executes a curl command to send the submitted data to the gateway, and gets a response; although other data is returned, the main thing you listen for is the response code (approved, declined, etc.) You will also use other aspects of the response to limit fraud, etc. - billing address/zip match, etc. Based on the response, you return a success response page or return to the form with an appropriate message - never telling them EXACTLY what went wrong, as this reveals info to potential hackers.

curl is supported by most languages since it's executed via command line, I use it n Perl and PHP.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved