English 中文(简体)
Credit Card processing without Google Checkout / Amazon / Paypal
原标题:

If I would like to process payments directly without going through Google / Amazon / Paypal, how would I go about that? Is there a Java API or some reference implementation that shows how to do such a thing or is it really that large and complicated that I need to choose a provider such as Google or Amazon?

I currently use Google Checkout as the implementation is fairly straightforward and I can easily generate reports with whatever information I want. If I implemented the solution internally, I would have direct access to all that information anyway.

最佳回答

I have never used Google Checkout or PayPal API for processing payments. If there is a way you can get around touching any part of the credit card information and outsourcing to their web interfaces, you would want to unless there is a distinct reason why and I will explain below.

There are some considerations you must take before rolling your own credit card payment gateway.

First, will this be used for in-house only? Meaning, will it be for non-commercial, in-house use? The reason I ask is because if this is intended to be a commercial product, then you will have to undergo PA-DSS certification (formerly PABP or Payment Application Best Practices). This is because VISA has mandated to their acquirers and merchants to only use PA-DSS/PCI compliant software. Therefore, it forces the software developers to develop compliant software. To be officially certified and on the PA-DSS list, you will have to pay a hefty fee to an outside auditor such as Verizon Business Cybertrust to become fully PA-DSS compliant. To give you a rough figure, it will probably cost you around $15,000 for an audit.

This all is dependent on how your application and environment is structured. We use ICVERIFY (which is now owned by First Data) for Credit Card processing. ICVERIFY 4.0.3 is on the approved list. Since our applications touch Track1,2,3, PAN, exp date, etc of the Credit Card, we also had to get approved. Boom - there goes 15K and a yearly listing fee with the PCI Security Council.

Our applications interface with ICVERIFY through their REQ-ANS file interface and it is very simple. It is not expensive and can work with multiple clients at the same time. I recommend you use ICVERIFY if you decide to go this route.

If there is no reason for you to process credit cards through your application or server, then I suggest you outsource the credit card processing to PayPal, Google, or some other larger entity and just get the confirmation message that the fee was processed successfuly. This will make your life much easier if you have this capability.

问题回答

You ll need a provider no matter what.

You have two options:

  • Use a system like Google/Amazon/PayPal.
  • Use a processor like Authorize.net.

The upside of Google etc. is that the initial costs are minimal. You pay only per transaction, they handle most of the process, etc. They re effectively middlemen between you and a merchant account. The downside is that the per-transaction costs are higher.

If you re doing lots of transactions, a genuine processor like Authorize.net will be a better deal, as for a monthly fee (and having set up your own merchant account instead of piggybacking on another company s) you get lower per-transaction costs. You also have more control over the process, including handling fraud prevention as you see fit.

Stripe has a Java library to accept credit cards without going through a third party provider: https://github.com/stripe/stripe-java

Check out the documentation and FAQ, and feel free to drop by our chatroom if you have more questions.

Take a look at jPOS. They offer an AGPL-licensed open source community edition as well as a professional edition with some sort of commercial license.

You should consider reading the PCI Data Security Standard specification and ISO 8583 before processing or storing any credit card information on your own.





相关问题
Spring Properties File

Hi have this j2ee web application developed using spring framework. I have a problem with rendering mnessages in nihongo characters from the properties file. I tried converting the file to ascii using ...

Logging a global ID in multiple components

I have a system which contains multiple applications connected together using JMS and Spring Integration. Messages get sent along a chain of applications. [App A] -> [App B] -> [App C] We set a ...

Java Library Size

If I m given two Java Libraries in Jar format, 1 having no bells and whistles, and the other having lots of them that will mostly go unused.... my question is: How will the larger, mostly unused ...

How to get the Array Class for a given Class in Java?

I have a Class variable that holds a certain type and I need to get a variable that holds the corresponding array class. The best I could come up with is this: Class arrayOfFooClass = java.lang....

SQLite , Derby vs file system

I m working on a Java desktop application that reads and writes from/to different files. I think a better solution would be to replace the file system by a SQLite database. How hard is it to migrate ...

热门标签