I need to set up a payment solution within one of our Rails apps using the ActiveMerchant library. Although this question is highly subjective, what are people experiences with the major gateways out there (BrainTree, Authorize.net etc)?
It must:
handle recurring payments.
have the ability to credit a persons account.
have the ability to void a payment.
have a way to store the users payment details (such as Authotize.nets CIM).
Cheers
ActiveMerchant is great, but there are a few issues I've discovered while working with it for the past year or so.
First, while some gateways maybe be 'supported' - not all functionality may be included. See the feature matrix to be sure the gateway you choose is fully supported -
http://wiki.github.com/Shopify/active_merchant/gatewayfeaturematrix
I've had to add additional functionality to gateways a few times.
Second, keep in mind that additional gateways may be 'supported' by applying a simple patch. Many people, myself included, have submitted support for additional gateways that are awaiting approval by Cody and crew. Most of these gateway patches are production tested and ready to go.
https://jadedpixel.lighthouseapp.com/projects/11599-active-merchant/tickets
Your problem probably relates more to your business and the fees the service will charge you than ActiveMerchant itself.
If you find yourself wanting a gateway not supported by AM you can write the support yourself or pay some AM developer to do it.
For a good explanation on fees and issues regarding Payment Gateways, refer to this post:
What's the best online payment processing solution?
Another great post about payment processors that you could read is:
Payment Processors - What do I need to know if I want to accept credit cards on my website?
Related
I have the Nuxt (Vue2) application with Braintree DropIn implementation. Everything works except the stored cards. I would like to activate the card which was used as the last one on DropIn load. Actually the active card is the one which was stored as the first one. How can I achieve this. It should be simple but I don't see anything about it in documentation.
Thanks for any help.
I think you did not fill out the annual Self-Assessment Questionnaire.
You must fill out a Self-Assessment Questionnaire (SAQ) annually to help you determine if your payment processing setup is PCI compliant. The SAQ includes a series of yes-or-no questions for each applicable PCI DSS requirement.
for more about this check out the documentation
I am integrating payment module for the first time. I want to integrate paypal payment in my app. For this I see multiple options but I can't decide which one is better.
1) integration with Paypal (Difficult one)
2) PayPal-Ruby-SDK
3) Stripe (Looking Easy)
Which one is better? I want to use stripe but is it support paypal ? It is available in every country?
Please guide me and don't ask to search on google.
NOte : Better meanz easier to implement
The question on 'better' is very subjective. Some facts: cost to you in time & cost in you per transaction. Depending on the country Stripe & Paypal take different amounts. I believe (in the uk) Stripe is cheaper (https://stripe.com/gb/pricing), 1.4% + 20p compared to paypal which I believe starts at 3.4% + 20p.
However for a developer, the bigger cost is the cost to build & maintain. My subjective experience on this (having implemented both previously) is the stripes documentation is easier and faster to integrate into your app.
Please note: Stripe does not o(as far as I know) support paypal payments. If you need this, you will need to use Paypal or Braintree (a paypal company: https://www.braintreepayments.com). Braintree is an all in one payments processor (similar charges to paypal), however they are currently offering the first £30k free (it may have country restrictions on that offer).
What are the options I have as ruby on rails coder to easily integrate a payment merchant into my application. A nice API or gem integration so its just "plug and play" without to much hassle and the below options. This would fit most small startups site's I guess. So what do you use or what is advisable?
I know active merchant but its to much hassle to integrate with all kinds of payment solutions from different bankings. I need the best option for Europe now it would be nice if its support USA to but if this would add extra costs then then the europa one should favor.
Criteria:
International payment processing preferrable
Pay by CreditCard, bank account, SMS, calling phone numbers
Recurred billing, option to have billing extended automatic every month if user grants this
Country's
Europe ( main target for the next year )
United states/ etc ( would be nice if the gateway implements option for US payments also)
Pricing plans:
only pay for each transaction
pay low fee( not more than 5 dollar each month ) and have lower pay per transaction
I look for a compare, a excel sheet with all those services would be nice but a lot of time to produce and update so I thought lets ask fellow coders here for some up2date advice! thx
Some I found so far:
https://stripe.com
As far as international providers go, you do have some good options. Braintree is currently in Beta for Europe and will fully launch to everyone very soon. If you'd like to try it out sooner, then you can request to be part of the beta process here: https://www.braintreepayments.com/tour/international You'll be able to process over 100 currencies from anywhere in the world.
I want to pay my users(share profit) automatically every month using PayPal.
I read a lot about PayPal and all features. I need to configure sending payments depends on some statistics from my database.
I'm using Rails and will appreciate all any help !
Can I rewrite or change something in recurrung bills gem to pay my users ?
There are several scheduling gems for this purpose:
https://www.ruby-toolbox.com/categories/scheduling
If you are using a payment gateway such as paypal, they have support for reccuring billing. Most payment services support this. I don't know if it is possible to set up a timer like you describe in the question, but I would definitely not rely on it. What about performance and what if your app goes down?
Take a look at activemerchant and this railscasts episode.
Maybe this paypal documentation is helpful too.
On the PayPal product family, take a look at Adaptive Payments. One of the features is the ability to do what's called Implicit Payments. Essentially this feature givves you the ability to programmatically send money out of your own account, to pay somebody else.
You simply need to write the script to determine the receiver's email address, the amount you want to send them, and make the API call with that information.
Check out page 25:
https://cms.paypal.com/cms_content/US/en_US/files/developer/PP_AdaptivePayments.pdf
Although it's probably easier to write your own API call (It's basically and HTTP POST request, with some additional headers), you could probably tweak the ActiveMerchant library to do it for you.
What credit card information am I allowed to store while still being PCI compliant if I am relying on braintree for payment processing?
The reason I am asking is because, as a simple optimization, if a customer has already bought something from my store with a credit card, I can show them the last 4 digits of their credit card, and the card type, without having to make an API call to BrainTree. I'd have to make the call if they wanted to change the card or make a purchase, but for that one page, I wouldn't.
Question is, am I allowed to store:
the last 4 digits of the credit card
and the card type
and possible the cardholder name
Or where is there a list of PCI compliance "do's and don'ts" I can check out?
Yeah, it's fine to store those things.
Check out the PCI Quick Reference Guide for a brief overview of what you should and shouldn't do.
As has already been said, it's ok to store that data.
Regarding "dos and don'ts", it would be worth it to check out the Open Web Application Security Project (owasp.org). In particular, look at their OWASP guide (available here http://prdownloads.sourceforge.net/owasp/OWASPGuide2.0.1.pdf?download) on how to develop secure web applications. They cover PCI compliance and best practices starting on page 53.
I would use something like attr_encrypted gem to protect that data in the database (see https://github.com/shuber/attr_encrypted).