Re: Alternative to Authorize.net
This WebDNA talk-list message is from 2002
It keeps the original formatting.
numero = 46149
interpreted = N
texte = Here are some things to consider in your decision to go with any gateway.The Direct Connect Method is the most secure method of exchangingCredit card information and WebDNA 4.5 already supports this capability. Authorize.NetRelay Response or Web Link- will be discontinued in early 2003to Authorize.Net that could mean January 1, 2003.SIM- Simple Integration Method will essentially be a encrypted postThat requires a unique fingerprint which will be a HMAC hashing algorithmGenerated from the Login ID, Transaction Key, and Time Stamp. It will still Require the URL's be set up. FYI the Transaction Key needs to be stored on the Merchants Server once itis generated.The current Direct Connect method is going to be renamed to AIM.Currently you are not required to pass the Password in a transactionHowever the AuthNet default is set to password required mode so for nowUncheck the password required mode after set up. Again, this could change at any minute.Aim - Advanced Integration Method uses SSL direct connect but will requirethePassword to be passed along with every order. At this point you will beusing Authorize.Net v3.1 and you will pass the password and have passwordrequired checked.VerisignPayFlo Link- Verisign recommends switching to PayFlo Pro if you areconcerned about security.Read the link below for a more detailed explanation.http://www.securiteam.com/securitynews/5PP012K60E.htmlPayFlo ProBasically the same as AIM, uses a SSL direct connection to process the orderand response. HINT: This is the most secure way to process orders.Basically they both recommend using a Direct Connection method. With Direct Connect, you can pretty much integrate with any gateway usingthe secure SSL connection.I hope all of this helped rather than confuse things. Please be aware thatthe information above is only valid at the time I wrote it and by the time it reaches the Talk-List, both Verisign andAuthorize.Net might have changed everything.Sincerely,Salvatore D'AnnaSales EngineerSmith Micro Software(949) 360-8587 -----Original Message-----From: Gary Krockover [mailto:gary@garykrockover.com]Sent: Monday, December 09, 2002 10:55 AMTo: WebDNA-Talk@talk.smithmicro.comSubject: Re: Alternative to Authorize.netThat's outstanding, thanks Will.We're thinking of moving over to PayFlow and would need to convert ourcurrent merchant sites from AuthNet to it.PayFlow looks like it works very similar to AuthNet, so that would make thechange much easier.With the current setup that I use for AuthNet, I take the response code thatcomes back to route the visitor to the appropriate page (approved, declined,error) and then take snippets of the response text to match it to a moredetailed message that is returned to the browser. Looks like I could usethe same type of setup with PayFlow.Thanks!GK| OK, I'm using PayFlow Link, and I don't use WebMerchant.|| Basically, with Link, a set of formvariables needs to be passed to| Verisign's secure server. I've listed the ones we pass below. You have| the option of using Verisign's own form (I don't, cause it's cheesy),| or creating your own. Verisign will pass the formvariables you submit| along with an approval number and code, AVS (street and name matching),| and CSC (card security code) match back to whatever url you specify.| I'd say the whole thing is relatively easy to implement, and their| documentation is really quite good. I'd say the only down side is that| it doesn't handle erroneous data very well, in that it insists on| inserting it's own error messages, which are not very helpful. For| instance, if an account number has anything but numbers. I'd prefer it| if they would just pass those errors back to me, and let me deal with| them with WebDNA. But, aside from this minor annoyance, it's great.|| The formvariables I pass look like this:||
||| Good luck, hope this helps...|| -Will|| On Monday, December 9, 2002, at 12:20 PM, Gary Krockover wrote:|| > Will,| >| > Are you using the templates related to PayFlow straight from| > Webmerchant, or| > some variation of those templates or something custom?| >| > How hard was it to implement? Is it much different than AuthNet as| > far as| > the coding goes if you know?| >| > Thanks,| > GK| >| >| > | I use PayFlow Link (from Verisign) and it is absolutely wonderful.| > || > | Not a single processor problem in over a year and a half of use.| > || > | Will Starck| > | NovaDerm Skincare Science| > | http://www.novaderm.com| > | wjs@novaderm.com| > || > || > || > | On Monday, December 9, 2002, at 11:09 AM, Gregg Luhring wrote:| > || > | > Hello,| > | >| > | > Since it seems that Authorize.Net has turned into a nightmare for| > many| > | > of| > | > you. What other payment processors is anyone having luck with? In| > the| > | > WebDNA| > | > StoreBuilder Admin there are choices for PayFlow Pro, CyberSource,| > | > MacAuthorize, AuthorizeNet & CyberCash. I realize CyberCash &| > | > MacAuthorize| > | > are extinct, but what about the other two? Does anyone have| > experience| > | > with| > | > PayFlow Pro or CyberSource? Good Experience?| > | >| > | > Has anyone remained unaffected by the recent changes by| > Authorize.Net?| > | >| > | > Thanks| > | > --| > | > Gregg Luhring
| > | > 3W Design Group, Inc. * http://www.3wdesign.com/| > | >| > | >| > | > -------------------------------------------------------------| > | > This message is sent to you because you are subscribed to| > | > the mailing list .| > | > To unsubscribe, E-mail to: | > | > To switch to the DIGEST mode, E-mail to| > | > | > | > Web Archive of this list is at: http://webdna.smithmicro.com/| > | >| > | >| > | --| > || > || > || > || > | -------------------------------------------------------------| > | This message is sent to you because you are subscribed to| > | the mailing list .| > | To unsubscribe, E-mail to: | > | To switch to the DIGEST mode, E-mail to| > | > | Web Archive of this list is at: http://webdna.smithmicro.com/| >| >| > -------------------------------------------------------------| > This message is sent to you because you are subscribed to| > the mailing list .| > To unsubscribe, E-mail to: | > To switch to the DIGEST mode, E-mail to| > | > Web Archive of this list is at: http://webdna.smithmicro.com/| >||| -------------------------------------------------------------| This message is sent to you because you are subscribed to| the mailing list .| To unsubscribe, E-mail to: | To switch to the DIGEST mode, E-mail to| Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail toWeb Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Associated Messages, from the most recent to the oldest:
Here are some things to consider in your decision to go with any gateway.The Direct Connect Method is the most secure method of exchangingCredit card information and WebDNA 4.5 already supports this capability. Authorize.NetRelay Response or Web Link- will be discontinued in early 2003to Authorize.Net that could mean January 1, 2003.SIM- Simple Integration Method will essentially be a encrypted postThat requires a unique fingerprint which will be a HMAC hashing algorithmGenerated from the Login ID, Transaction Key, and Time Stamp. It will still Require the URL's be set up. FYI the Transaction Key needs to be stored on the Merchants Server once itis generated.The current Direct Connect method is going to be renamed to AIM.Currently you are not required to pass the Password in a transactionHowever the AuthNet default is set to password required mode so for nowUncheck the password required mode after set up. Again, this could change at any minute.Aim - Advanced Integration Method uses SSL direct connect but will requirethePassword to be passed along with every order. At this point you will beusing Authorize.Net v3.1 and you will pass the password and have passwordrequired checked.VerisignPayFlo Link- Verisign recommends switching to PayFlo Pro if you areconcerned about security.Read the link below for a more detailed explanation.http://www.securiteam.com/securitynews/5PP012K60E.htmlPayFlo ProBasically the same as AIM, uses a SSL direct connection to process the orderand response. HINT: This is the most secure way to process orders.Basically they both recommend using a Direct Connection method. With Direct Connect, you can pretty much integrate with any gateway usingthe secure SSL connection.I hope all of this helped rather than confuse things. Please be aware thatthe information above is only valid at the time I wrote it and by the time it reaches the Talk-List, both Verisign andAuthorize.Net might have changed everything.Sincerely,Salvatore D'AnnaSales EngineerSmith Micro Software(949) 360-8587 -----Original Message-----From: Gary Krockover [mailto:gary@garykrockover.com]Sent: Monday, December 09, 2002 10:55 AMTo: WebDNA-Talk@talk.smithmicro.comSubject: Re: Alternative to Authorize.netThat's outstanding, thanks Will.We're thinking of moving over to PayFlow and would need to convert ourcurrent merchant sites from AuthNet to it.PayFlow looks like it works very similar to AuthNet, so that would make thechange much easier.With the current setup that I use for AuthNet, I take the response code thatcomes back to route the visitor to the appropriate page (approved, declined,error) and then take snippets of the response text to match it to a moredetailed message that is returned to the browser. Looks like I could usethe same type of setup with PayFlow.Thanks!GK| OK, I'm using PayFlow Link, and I don't use WebMerchant.|| Basically, with Link, a set of formvariables needs to be passed to| Verisign's secure server. I've listed the ones we pass below. You have| the option of using Verisign's own form (I don't, cause it's cheesy),| or creating your own. Verisign will pass the formvariables you submit| along with an approval number and code, AVS (street and name matching),| and CSC (card security code) match back to whatever url you specify.| I'd say the whole thing is relatively easy to implement, and their| documentation is really quite good. I'd say the only down side is that| it doesn't handle erroneous data very well, in that it insists on| inserting it's own error messages, which are not very helpful. For| instance, if an account number has anything but numbers. I'd prefer it| if they would just pass those errors back to me, and let me deal with| them with WebDNA. But, aside from this minor annoyance, it's great.|| The formvariables I pass look like this:|| ||| Good luck, hope this helps...|| -Will|| On Monday, December 9, 2002, at 12:20 PM, Gary Krockover wrote:|| > Will,| >| > Are you using the templates related to PayFlow straight from| > Webmerchant, or| > some variation of those templates or something custom?| >| > How hard was it to implement? Is it much different than AuthNet as| > far as| > the coding goes if you know?| >| > Thanks,| > GK| >| >| > | I use PayFlow Link (from Verisign) and it is absolutely wonderful.| > || > | Not a single processor problem in over a year and a half of use.| > || > | Will Starck| > | NovaDerm Skincare Science| > | http://www.novaderm.com| > | wjs@novaderm.com| > || > || > || > | On Monday, December 9, 2002, at 11:09 AM, Gregg Luhring wrote:| > || > | > Hello,| > | >| > | > Since it seems that Authorize.Net has turned into a nightmare for| > many| > | > of| > | > you. What other payment processors is anyone having luck with? In| > the| > | > WebDNA| > | > StoreBuilder Admin there are choices for PayFlow Pro, CyberSource,| > | > MacAuthorize, AuthorizeNet & CyberCash. I realize CyberCash &| > | > MacAuthorize| > | > are extinct, but what about the other two? Does anyone have| > experience| > | > with| > | > PayFlow Pro or CyberSource? Good Experience?| > | >| > | > Has anyone remained unaffected by the recent changes by| > Authorize.Net?| > | >| > | > Thanks| > | > --| > | > Gregg Luhring | > | > 3W Design Group, Inc. * http://www.3wdesign.com/| > | >| > | >| > | > -------------------------------------------------------------| > | > This message is sent to you because you are subscribed to| > | > the mailing list .| > | > To unsubscribe, E-mail to: | > | > To switch to the DIGEST mode, E-mail to| > | > | > | > Web Archive of this list is at: http://webdna.smithmicro.com/| > | >| > | >| > | --| > || > || > || > || > | -------------------------------------------------------------| > | This message is sent to you because you are subscribed to| > | the mailing list .| > | To unsubscribe, E-mail to: | > | To switch to the DIGEST mode, E-mail to| > | > | Web Archive of this list is at: http://webdna.smithmicro.com/| >| >| > -------------------------------------------------------------| > This message is sent to you because you are subscribed to| > the mailing list .| > To unsubscribe, E-mail to: | > To switch to the DIGEST mode, E-mail to| > | > Web Archive of this list is at: http://webdna.smithmicro.com/| >||| -------------------------------------------------------------| This message is sent to you because you are subscribed to| the mailing list .| To unsubscribe, E-mail to: | To switch to the DIGEST mode, E-mail to| Web Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail toWeb Archive of this list is at: http://webdna.smithmicro.com/-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://webdna.smithmicro.com/
Sal D'anna
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Protect & InstantSSL (Fixed) (2003)
[WebDNA] ImageMagick troubleshooting (2009)
[WebDNA] WebDNA [sendmail] - fixes and future features (2010)
[OT] Hacked IIS/FTP (2002)
WebDNA Writer Needed (1997)
shipcost (1997)
Applescript, WebDNA, and PDF (1997)
PIXO (1997)
expired beta (1997)
IIS Brain Dead (1998)
WebCat2b15MacPlugin - [protect] (1997)
[item] appears after 'remove last item' ... (1997)
Listserver problem (1997)
MySQL (2003)
Setting up shop (1997)
[Announce]: Web server security and password protection (1997)
[WebDNA] Advice required (2009)
[OT] Adopting out a WebDNA website (2003)
difference between v.6 and v.7, WAS: [WebDNA] v7 thisurl has different behavour (2012)
[blank] (2005)