June 7th, 2003, 07:47 AM
Credit Card Form
I am learning ASP. I want to know how to make a form for payment through Credit Card.
Does anyone know the right procedure in doing this form? Do we have to build our own algorithm or do we pay Verisign for the service?
If I need to create my own, could you cite me examples or Web sites with this kind of tutorials. What are the common security issues in Credit Card payment form?
June 7th, 2003, 12:22 PM
You really, really, really want to use a PSP (Payment Service Provider).
Although your customer might be really keen on typing the credit card numbers in their PDQ (UK Credit card payment machine supplied by banks) machine, this is neither secure, nor allowed.
Apparently most UK merchant accounts don't allow internet payments, even if they're ok for phone, mail order and in-person transactions. This is just the banks trying to screw more money out of you.
On the other hand, *loads* of people do it and get away with it, I don't think the banks mind too much (they still take their commission)
I would strongly advise that you fully research all alternatives before resorting to making your own page which stores credit card numbers.
Storing CC numbers is asking for trouble.
Not any different from any other web form (hence all the stuff already on here in the Web forum will probably apply), but the penalty for failure is much worse, and you are much more of a target.
What are the common security issues in Credit Card payment form?
If you write a vulnerable message board, it could sit there for years with an easy hack available, and probably noone will touch it. If you accept credit cards, people are liable to have a go.
I hope if you do this, you have a competent web host for your NT box running ASP.