-----Original Message-----
From: Gary [mailto:gwp...@ptd.net] 
Sent: Wednesday, May 20, 2009 8:48 AM
To: php-general@lists.php.net
Subject: [PHP] Accepting Credit Card Payments

Sorry, the first postssss were put in the wrong place...

Not sure this is a direct PHP question, however I know I will get some
answers here.  I have a customer that I am bidding a small project for.
They want to be able to accept credit card payments for enrollment into a
class. Their customer will fill out a form and pay via CC on the site.  Is
this something that I should just look to the host for whatever shopping
cart they have or is there an easy to administer software package that I
should look into. Or since it is a one item cart, is this something that I
could code?

Thanks for your help.


Your choices in the US are either use a service like PayPal or to call
around and find a merchant service that will approve an account for this
activity. The second requires transaction records for the past x years or
possibly they may ask for your tax returns for the same period. They also
will want to know what your average monthly sales are using CC's and how
many charge backs you have. Charge backs are bad.  The second MAY be had
through the clients bank and they should start there. Since this is a
virtual product, nothing tangible is being sold, it is considered high risk
and this will limit the companies you can get a merchant account from.

The first requires the client to register with PayPal and to go through
their verification process. PayPal bought Verisign's PayFlow Pro years ago
and as such now offers a more professional option than just the old

If the client doesn't have a huge revenue stream yet then PayPal may be
their best bet to get started. 

Once you have settled on the merchant account you then need to determine if
you need an SSL, normally if you are applying for a "regular" merchant
account they will want to see an active SSL on the site they are approving
the account for BEFORE they approve you.

Lastly, even though I find PCI compliance to be just this side of worthless,
you still should look into it and do your best to make sure the site will at
least pass the test. Let me clarify my negative statement by saying that
everything that is required in the PCI compliance and DSS I was already
doing as a matter of what I considered to be common sense. 

Marc Hall 

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

__________ Information from ESET Smart Security, version of virus signature
database 4089 (20090519) __________

The message was checked by ESET Smart Security.


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to