Are there any articles anywhere that look at how to properly handle credit card information, the things you need to do to properly store CC info, etc? Joe
On 3/3/06, Joe Van Dyk <joevandyk@gmail.com> wrote:> Are there any articles anywhere that look at how to properly handle > credit card information, the things you need to do to properly store > CC info, etc?Also, can anyone recommend any payment processing services? Hopefully that would integrate well with Rails? I like easy and simple! :-) Joe
I would talk with the processor/merchant bank. If you do plan to store credit card numbers, they will have a specific security specification that you''ll need to follow. That''s one reason that many folks opt not to store the CC numbers directly and for places that it''s required (subscriptions), they use processor features that allow them to re-bill w/o the CC number (I know Verisign offers this). Cheers.> From: Joe Van Dyk <joevandyk@gmail.com> > Reply-To: <rails@lists.rubyonrails.org> > Date: Fri, 3 Mar 2006 10:49:07 -0800 > To: <rails@lists.rubyonrails.org> > Subject: [Rails] Credit card handling > > Are there any articles anywhere that look at how to properly handle > credit card information, the things you need to do to properly store > CC info, etc? > > Joe > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails
I''m using Payflow Pro (verisign) and it''s pretty good. They have a perl module that I''ve been using for years. I''m still in the process of learning Ruby but once i feel comfortable enough i will attempt to rewrite this module in Ruby (and give it nice integration into Rails). At this point, of course, i''m nowhere close to doing this but i will need a functional payflow interface if i''m to port my existing store front apps into Rails, so it has to happen. If anybody is interested working on this, or helping out when i''m ready to do it myself, please let me know, and we should stay in touch. I''ve been in touch with one of the head developers of the payflow team and i''ll see if i can get permissions to post the Perl module code, if anybody wants to take a look. They also might be working in something themselves. I''ll find out. Sebastian On Mar 3, 2006, at 12:49 PM, Joe Van Dyk wrote:> Are there any articles anywhere that look at how to properly handle > credit card information, the things you need to do to properly store > CC info, etc? > > Joe > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
See the below... From the archives... ********************* Here''s a link to the Verisign scripts we used... We customized ours a bit but this will get you going. Graciously provided by Jon at Slantwise Design and posted with permission (http://www.slantwisedesign.com), these may make it into some other format someday (gem? Plug in?). Anyway, of course, no warranty with this code, use at your own risk and really no support - you''ll have to get that going on your own. Payment processing is not for the faint of heart. Hope it is helpful. http://www.liberationmedia.com/payflow_pro.tgz On Mar 3, 2006, at 2:00 PM, Sebastian Friedrich wrote:> I''m using Payflow Pro (verisign) and it''s pretty good. They have a > perl module that I''ve been using for years. I''m still in the > process of learning Ruby but once i feel comfortable enough i will > attempt to rewrite this module in Ruby (and give it nice > integration into Rails). At this point, of course, i''m nowhere > close to doing this but i will need a functional payflow interface > if i''m to port my existing store front apps into Rails, so it has > to happen. If anybody is interested working on this, or helping out > when i''m ready to do it myself, please let me know, and we should > stay in touch. I''ve been in touch with one of the head developers > of the payflow team and i''ll see if i can get permissions to post > the Perl module code, if anybody wants to take a look. They also > might be working in something themselves. I''ll find out. > > Sebastian > > > On Mar 3, 2006, at 12:49 PM, Joe Van Dyk wrote: > >> Are there any articles anywhere that look at how to properly handle >> credit card information, the things you need to do to properly store >> CC info, etc? >> >> Joe >> _______________________________________________ >> Rails mailing list >> Rails@lists.rubyonrails.org >> http://lists.rubyonrails.org/mailman/listinfo/rails >> > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails
also, If you are planning to sell goods/services with even a medium fraud risk it''s absolutely essential you''ll find a service that offers VerifiedbyVisa/mastercardSecure integration (not all do). This will free you of pretty much any liability (even if the customer is not signed up!), so it''s well worth integrating. It may also be a good idea to have a look at PCI Assessment form (this https:// sdp.mastercardintl.com/pdf/758_PCI_Self_Assmnt_Qust.pdf) to see if your site can comply with PCI standards, which is often required or at the very least necessary to keep your rates at a good level (this is regardless if you are storing cc numbers or not). you''ll find lots of info about payflow and payment processing in general at verisign payflow site: http://www.verisign.com/products- services/payment-processing/online-payment/payflow-pro/index.html Hope this helps. Good luck. sebastian On Mar 3, 2006, at 1:13 PM, HH wrote:> I would talk with the processor/merchant bank. > > If you do plan to store credit card numbers, they will have a specific > security specification that you''ll need to follow. > > That''s one reason that many folks opt not to store the CC numbers > directly > and for places that it''s required (subscriptions), they use processor > features that allow them to re-bill w/o the CC number (I know Verisign > offers this). > > Cheers. > >> From: Joe Van Dyk <joevandyk@gmail.com> >> Reply-To: <rails@lists.rubyonrails.org> >> Date: Fri, 3 Mar 2006 10:49:07 -0800 >> To: <rails@lists.rubyonrails.org> >> Subject: [Rails] Credit card handling >> >> Are there any articles anywhere that look at how to properly handle >> credit card information, the things you need to do to properly store >> CC info, etc? >> >> Joe >> _______________________________________________ >> Rails mailing list >> Rails@lists.rubyonrails.org >> http://lists.rubyonrails.org/mailman/listinfo/rails > > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
gotta love that community. is there anything that hasn''t been done yet? of course, i''m a little disappointed, was kinda looking forward to the challenge. oh well, there''s still the task of making this rails engine/plug-in... also, comparing their Ruby implementation with the original Perl module... :). Ha! goodbye Perl! Sebastian On Mar 3, 2006, at 3:06 PM, Sean Stephens wrote:> See the below... From the archives... > > ********************* > > Here''s a link to the Verisign scripts we used... We customized ours > a bit > but this will get you going. > > Graciously provided by Jon at Slantwise Design and posted with > permission > (http://www.slantwisedesign.com), these may make it into some other > format > someday (gem? Plug in?). > > Anyway, of course, no warranty with this code, use at your own risk > and > really no support - you''ll have to get that going on your own. > Payment > processing is not for the faint of heart. > > Hope it is helpful. > > http://www.liberationmedia.com/payflow_pro.tgz > > On Mar 3, 2006, at 2:00 PM, Sebastian Friedrich wrote: > >> I''m using Payflow Pro (verisign) and it''s pretty good. They have a >> perl module that I''ve been using for years. I''m still in the >> process of learning Ruby but once i feel comfortable enough i will >> attempt to rewrite this module in Ruby (and give it nice >> integration into Rails). At this point, of course, i''m nowhere >> close to doing this but i will need a functional payflow interface >> if i''m to port my existing store front apps into Rails, so it has >> to happen. If anybody is interested working on this, or helping >> out when i''m ready to do it myself, please let me know, and we >> should stay in touch. I''ve been in touch with one of the head >> developers of the payflow team and i''ll see if i can get >> permissions to post the Perl module code, if anybody wants to take >> a look. They also might be working in something themselves. I''ll >> find out. >> >> Sebastian >> >> >> On Mar 3, 2006, at 12:49 PM, Joe Van Dyk wrote: >> >>> Are there any articles anywhere that look at how to properly handle >>> credit card information, the things you need to do to properly store >>> CC info, etc? >>> >>> Joe >>> _______________________________________________ >>> Rails mailing list >>> Rails@lists.rubyonrails.org >>> http://lists.rubyonrails.org/mailman/listinfo/rails >>> >> >> _______________________________________________ >> Rails mailing list >> Rails@lists.rubyonrails.org >> http://lists.rubyonrails.org/mailman/listinfo/rails > > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
Sebastian Friedrich wrote:> gotta love that community. is there anything that hasn''t been done > yet? of course, i''m a little disappointed, was kinda looking forward > to the challenge. oh well, there''s still the task of making this > rails engine/plug-in... > > also, comparing their Ruby implementation with the original Perl > module... :). Ha! goodbye Perl! > > SebastianNow, now. You won''t get far flaming out perl monks. :o) Better to recruit them by giving them a better way. Cody -- Posted via http://www.ruby-forum.com/.
Hey, just two weeks ago i was still defending perl vigorously to anybody who''d listen. but today - diving head first into the world of Ruby - i just can''t deny the beauty of it all. I''ll always remember Perl fondly - like that very first girlfriend of yours that you''ll still google once in a while.... Sebastian On Mar 3, 2006, at 3:40 PM, Cody Skidmore wrote:> Sebastian Friedrich wrote: >> gotta love that community. is there anything that hasn''t been done >> yet? of course, i''m a little disappointed, was kinda looking forward >> to the challenge. oh well, there''s still the task of making this >> rails engine/plug-in... >> >> also, comparing their Ruby implementation with the original Perl >> module... :). Ha! goodbye Perl! >> >> Sebastian > > Now, now. You won''t get far flaming out perl monks. :o) Better to > recruit them by giving them a better way. > > Cody > > -- > Posted via http://www.ruby-forum.com/. > _______________________________________________ > Rails mailing list > Rails@lists.rubyonrails.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
> > Are there any articles anywhere that look at how to properly handle > > credit card information, the things you need to do to properly store > > CC info, etc? > Also, can anyone recommend any payment processing services? Hopefully > that would integrate well with Rails? I like easy and simple! :-)I recommend TrustCommercee. They have a Ruby api and an excellent ope-source back-end product. <http://www.trustcommerce.com/> Mike