I was given the task of creating a registration page for recapturing an upcoming church Design-wise, name, gender, phone number , Fields for email and grade. For the end user, we need to enter our credit / debit card information and it has been charged for the return.
After a few searches I found out that it provides a good service (37 signals like them). The bottom side is that there is no clue about implementing this type of system on my site. Therefore, we are using a service for a merchant account. I also got
my question , do I have to do something else? I've always heard about https, but I do not know that I should implement anything. What safety measures should I keep? Should credit card numbers be stored as plain text or encrypted in the database? Has anyone used Braintree and what can I expect from a merchant account?
Edit: I was looking at the PHP documentation code and was lost on:
BrainTrC configuration :: environment ('sandbox') ; Braintree_Configuration :: MERCHANTID ('your_merchant_id'); Braintree_Configuration :: publicKey ('your_public_key'); Braintree_Configuration :: privateKey ('your_private_key'); I'm guessing that the environment is set up on the sandbox for testing, but has you been given a merchant after you created the account? Besides, I do not know what a public or private key is.
Rent someone to experience e-commerce this. If you do not know what https is, then you should not pay sensitive information like credit card numbers or processing payments.
Do not store credit card information in a database. This is the implication of a poor implementation huge and its life can really be wasted.
There is a bad idea for many reasons that lists many places on the interwab. Being one of the most commonly quoted, it is actually, in fact, very bad idea
, by the way, is a secure version of the http protocol and allows HTTP traffic to be encrypted among customers (usually Not always on a browser and server). It is implemented by anyone's establishment.
Your best bet is to use a merchant account and payment gateway service, in this way you put them in handling sensitive data.
Before you read and proceeded Disclaimer, I wrote those articles.
Comments
Post a Comment