How to test credit card interactions?
After reading this answer, I wonder if there's a way to get a "testing" credit card number. One that you can experiment with but that doesn't actually charge anything. ...
credit-card
Best way to prevent duplicate use of credit cards
We have a system where we want to prevent the same credit card number being registered for two different accounts. As we don't store the credit card number internally - just the last four digits and expiration date - we cannot simply compare credit card numbers and expiration dates. Our current idea is to store a hash (SHA-1) in our sys...
Limiting impact of credit card processing scripts/bots
I'm involved in building a donation form for non-profits. We recently got hit by a fast round of low dollar submissions. Many were invalid cards, but a few went through. Obviously someone wrote a script to check a bunch of card numbers for validity, possibly so they can sell them later. Any ideas on how to prevent or limit the impact of...
What kind of damage could one do with a payment gateway API login and transaction key?
Currently, I'm in the process of hiring a web developer who will be working on a site that processes credit cards. While he won't have the credentials to log into the payment gateway's UI he will have access to the API login and transaction key since it's embedded in the application's code. I'd like to be aware of all the "what if" scen...
What is the best way to validate a credit card in PHP?
Given a credit card number and no additional information, what is the best way in PHP to determine whether or not it is a valid number? Right now I need something that will work with American Express, Discover, MasterCard, and Visa, but it might be helpful if it will also work with other types. ...
What are some best practices for handling sensitive information?
I'm currently creating an application for a customer that will allow them to automatically bill their customers credit cards. I'm curious as to what are some best practices to safely store and access the credit card information, and for that matter, any other sensitive information, like social security numbers, account numbers and so ...
Credit Card processing library that handles many merchant gateways?
Looking for a c# library that interfaces to multiple merchant gateways. Should at minimum be able to handle PayPal and authorize. ...
Whats the best way to offer credit card payment on your website?
I want to offer credit card payment on my website and was wondering whats the best (or prefered) way to do so? I know I could use Google checkout, paypal, etc. but this is not what i am looking for. I am looking for a simple basic CC payment which supports all the different credit cards only. ...
Storing credit card details
I have a business requirement that forces me to store a customer's full credit card details (number, name, expiry date, CVV2) for a short period of time. Rationale: If a customer calls to order a product and their credit card is declined on the spot you are likely to lose the sale. If you take their details, thank them for the transacti...
Credit Card Payment Solutions for Desktop Applications
There are a whole raft of questions regarding payment processors for web applications but I haven't seen one yet for desktop applications. What are your experiences? Perhaps to put this into a little context, the requirements: Should be customisable Should be available in Australia at least, if not world wide (less critical). No stora...
Accept credit card/echeck payments
I bill customers monthly for a service and would like them to be able to go to my website and pay by credit card or echeck. I can do an integration with Authorize.net/ach direct/paypal/etc, but if there is something open source or some sample code to start with, it would be much easier. I basically need the user to enter a name or numb...
ActiveMerchant: How to authorise cards when using gateways that do not support the void operation?
I am working on the billing component of a Ruby on Rails application using ActiveMerchant. The payment gateway we have chosen is PaymentExpress. Code examples I am seeing such as the one below, use authorize() and void() to test the validity of a card: def test_card! auth_response = gateway.authorize(100, card) gateway.void(auth_re...
Non-US credit cards with Amazon Flexible Payment Service?
Does Amazon FPS allow me (in the US) to take credit card payments from outside the US without creating an Amazon account? ...
Generating Valid Credit Card Track2 Data for Testing
I have test cards from my payment processor but I do not have enough to do load testing , thus I need to generate card numbers and track data I can use through their test gateway. ...
Storing Credit Card Information
Can I store my users' credit card's expiration date & last 4 digits? The reasons for this is so we can notify the user that their card is about to expire and that they should change their account over to their new card. Storing the last four digits will allow the user to identify what card they have stored with our system. ...
Checking for valid credit card numbers.... lots of syntax errors.
At this point I'm fairly certain the code will run properly once I clear up all syntax errors. However I'm not really sure how to do this as I am not entirely familiar with Java. Any help is appreciated. Thanks for your help everyone I'm now using NetBeans. I'm seeing lots of errors but I'm not sure how to fix th...
What is the best way handle credit card subscriptions on a website?
I'm designing a site using ASP.NET and I would like the content to be subscription based. For the most part, everything will be charged to a credit card every month. I know I can store the CC in the database but is there another more secure solution to this? This isn't a giant project so I need some solution that's simple, quick, se...
Security review: client credit card# stored on server but with one time pad encryption stored in client cookie.
I'm writing a system where, as usual, the client is asking for a convenience "remember your credit card details" option. I've told them that this is in all likelihood a no-go. However, I did have a good idea (tm) just now, and seeing that Good Ideas in Encryption(tm) are actually Bad Ideas (tm), I thought I'd put it up for review here a...
Low cost online payment processing solution for public schools?
Via a website, my local school Parent Teacher Association would like to enable parents to sign-up for various activities and pay for these activities via credit card. In my initial research, there seems to be a pretty high fee (~2%) per transaction. Since the PTA is a non-profit, are there any low cost option or solutions that provide ...
Credit Card Duplicate Transactions
What's the best way to prevent a user from making duplicate credit card transactions? Be it by clicking the submit button too many times, or by navigating back from the receipt page and clicking the submit button again. ...