Processing payment in an online store. Part II

Part II of this article describes how payment is processed when an order is placed by a customer in the frontend of a Shop-Script store. (Part I describes the mechanism of credit card processing via payment gateway in an online store and payment gateways setup in a Shop-Script store)

Paying by credit card in an online store is implemented by passing credit card information between Shop-Script and payment gateway servers. Shop-Script does not process payment; it creates a connection with payment gateway according to the instructions provided by a payment gateway provider. Order information is then put together and forwarded to payment gateway, where the actual transaction is done. Once payment is processed, gateway sends transaction response (accept or decline) back Shop-Script store, where it becomes available to the customer who placed the order.

Depending on the gateway which will be processing the payment, payment is performed in one of the two following ways:

• credit card details are entered in a storefront before order is saved
• credit card details are entered on a payment gateway secure site after Shop-Script saves order information

Following is detailed description of both ways of payment:

Providing credit card details in a Shop-Script storefront
The picture below shows a Shop-Script storefront where credit card information is entered during checkout process (on the example of Authorize.Net AIM module):

Details are then collected by Shop-Script and sent to payment gateway (which was associated with this payment type in the store’s backend) for processing, along with other necessary details (merchant account, id, etc.). Once transaction is complete, the payment gateway sends its response (accept or decline) to Shop-Script server. This response becomes immediately known to customer during checkout. If his/her payment was accepted, the order is saved and he/she can then proceed with checkout.

This way of checkout processing is supported by the following payment modules in a Shop-Script store: Authorize.Net AIM, PayPal Payflow Pro, CHASE Paymentech, NetRegistry, eProcessingNetwork, LinkPoint/YourPay API, SkipJack, TrustCommerce, Streamline eSolutions, and USA ePay (new modules are continuously added to the list).

NOTE: Since transaction information is passed between servers, a store requires an SSL certificate, which performs connection with additional level of security. Read more about system requirements for setting up payment modules.

Providing credit card details on the website of a payment gateway
In this case an order is saved when a customer clicks Place Order button in the storefront, and the following page is displayed: (the picture below shows Authorize.Net SIM module):

A customer is then taken to the page of a payment gateway, where he/she enters credit card data and receives the response (accept or decline). This method does not require SSL certification to be installed in a store, since credit card information is entered on the payment gateway website, which already has SSL connection. Some of the payment gateways that support this processing method are 2checkout, Authorize.Net SIM, CCAvenue, GSPay, LinkPoint/YourPay Connect.

Which of the two methods is better?
Both methods described above provide secure and quick way to perform credit card payment and do not differ in actual payment processing. The difference is visible to customers only – whether an order is saved after transaction is complete or before. It is up to a merchant to select his/her preferable way and corresponding payment gateway.