By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
429,564 Members | 810 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 429,564 IT Pros & Developers. It's quick & easy.

encrypted e-mails from script/cgi

P: n/a
zn
If I place a form for product ordering on my website, what scripting
technology or CGIs can I use to encrypt the e-mail sent to my e-mail
account with the order information?

Thanks.
Jul 23 '05 #1
Share this Question
Share on Google+
30 Replies


P: n/a

"zn" <zn@zn122.edu.invalid> wrote in message
news:Xn*******************************@216.196.97. 131...
If I place a form for product ordering on my website, what scripting
technology or CGIs can I use to encrypt the e-mail sent to my e-mail
account with the order information?


Dear God. I hope you're not planning on having customers' credit card
information emailed to you. That is extremely insecure and dangerously
irresponsible.

Get a payment gateway to handle this stuff.
--
-Karl Core
Please Support "Project Boneyard":
http://www.insurgence.net/info.aspx?...&item=boneyard
Jul 23 '05 #2

P: n/a
Els
Karl Core wrote:
Dear God. I hope you're not planning on having customers'
credit card information emailed to you.


I seriously doubt God is planning on having customer's credit
card info emailed to Him <g>

--
Els http://locusmeus.com/
Sonhos vem. Sonhos vão. O resto é imperfeito.
- Renato Russo -
Now playing: Twarres - She Couldn't Laugh
Jul 23 '05 #3

P: n/a
Els wrote:
Karl Core wrote:

Dear God. I hope you're not planning on having customers'
credit card information emailed to you.

I seriously doubt God is planning on having customer's credit
card info emailed to Him <g>


I wouldn't put it past the Pope though...

NM
Jul 23 '05 #4

P: n/a
Els
News Me wrote:
Els wrote:
Karl Core wrote:
Dear God. I hope you're not planning on having customers'
credit card information emailed to you.


I seriously doubt God is planning on having customer's
credit card info emailed to Him <g>


I wouldn't put it past the Pope though...


...or send it to the Wailing Wall..
http://www.aish.com/wallcam/Place_a_...n_the_Wall.asp

--
Els http://locusmeus.com/
Sonhos vem. Sonhos vão. O resto é imperfeito.
- Renato Russo -
Now playing: Twarres - I Need To Know
Jul 23 '05 #5

P: n/a
zn
"Karl Core" <ka**@NOSPAMkarlcore.com> wrote in news:cs6tee$fe0$1@ngspool-
d02.news.aol.com:

"zn" <zn@zn122.edu.invalid> wrote in message
news:Xn*******************************@216.196.97. 131...
If I place a form for product ordering on my website, what scripting
technology or CGIs can I use to encrypt the e-mail sent to my e-mail
account with the order information?


Dear God. I hope you're not planning on having customers' credit card
information emailed to you. That is extremely insecure and dangerously
irresponsible.


Can you read? Is there a CGI/Scripting technology that will encrypt the e-
mail? If the data in a form is encrypted in something like PHP, how useful
would that e-mail be to someone else?
Jul 23 '05 #6

P: n/a
rf
"zn" <zn@zn122.edu.invalid> wrote in message
Dear God. I hope you're not planning on having customers' credit card
information emailed to you. That is extremely insecure and dangerously
irresponsible.


Can you read? Is there a CGI/Scripting technology that will encrypt the e-
mail? If the data in a form is encrypted in something like PHP, how useful
would that e-mail be to someone else?


And how usefull would it be to the email client you send it to?

You should be using HTTPS and a secure server side process, not email.

--
Cheers
Richard.
Jul 23 '05 #7

P: n/a
zn
"rf" <rf@.invalid> wrote in
news:gd*******************@news-server.bigpond.net.au:
"zn" <zn@zn122.edu.invalid> wrote in message
> Dear God. I hope you're not planning on having customers' credit
> card information emailed to you. That is extremely insecure and
> dangerously irresponsible.
Can you read? Is there a CGI/Scripting technology that will encrypt
the e- mail? If the data in a form is encrypted in something like
PHP, how useful would that e-mail be to someone else?


That was supposed to read PGP.
And how usefull would it be to the email client you send it to?

You should be using HTTPS and a secure server side process, not email.


The server already is configured for https. How do you define secure server
side process? Are you referring to having php write to a database?

Thanks.
Jul 23 '05 #8

P: n/a
rf
"zn" <zn@zn122.edu.invalid> wrote
"rf" <rf@.invalid> wrote in
news:gd*******************@news-server.bigpond.net.au:
And how usefull would it be to the email client you send it to?

You should be using HTTPS and a secure server side process, not email.


The server already is configured for https. How do you define secure

server side process? Are you referring to having php write to a database?


I am now totally lost. You originally talked about sending the data vie
email. To quote:

"the e-mail sent to my e-mail account"

Once again, if you encrypt an email (however you do it) what is the email
client going to make of it?

And, if you are processing it on a server somewhere, why do you *need* to
email it anywhere?

Perhaps if you re-state exactly what you are doing and intend to do.

--
Cheers
Richard.
Jul 23 '05 #9

P: n/a
In article <Ae*******************@news-server.bigpond.net.au>,
"rf" <rf@.invalid> wrote:
"zn" <zn@zn122.edu.invalid> wrote
"rf" <rf@.invalid> wrote in
news:gd*******************@news-server.bigpond.net.au:

And how usefull would it be to the email client you send it to?

You should be using HTTPS and a secure server side process, not email.


The server already is configured for https. How do you define secure

server
side process? Are you referring to having php write to a database?


I am now totally lost. You originally talked about sending the data vie
email. To quote:

"the e-mail sent to my e-mail account"

Once again, if you encrypt an email (however you do it) what is the email
client going to make of it?

And, if you are processing it on a server somewhere, why do you *need* to
email it anywhere?

Perhaps if you re-state exactly what you are doing and intend to do.


Chances are your email client doesn't have this feature unless you have
one of the PGP enhancements for email You just have to know how to
decrypt it. Since the email is coming from a known source which you
have control over, you can set this up. I have

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #10

P: n/a
zn
"rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
server.bigpond.net.au:
"zn" <zn@zn122.edu.invalid> wrote
"rf" <rf@.invalid> wrote in
news:gd*******************@news-server.bigpond.net.au:
> And how usefull would it be to the email client you send it to?
>
> You should be using HTTPS and a secure server side process, not email. >


The server already is configured for https. How do you define secure

server
side process? Are you referring to having php write to a database?


I am now totally lost. You originally talked about sending the data vie
email. To quote:

"the e-mail sent to my e-mail account"

Once again, if you encrypt an email (however you do it) what is the

email client going to make of it?

And, if you are processing it on a server somewhere, why do you *need* to email it anywhere?

Perhaps if you re-state exactly what you are doing and intend to do.


I have read references to off-the-shelf "commerce servers" that can e-
mail encrypted credit card orders for off-line processing in the office
using traditional credit card swipe machines. Supposedly, after the
consumer places the order, the e-mail is sent to the company and they
process the order. At the company, there has to be a way to decrypt the
encrypted e-mail message (PGP? or is there another system of sending
encrypted e-mail).

Basically, I'm trying to find a way to accept a small amount of daily
orders over the web at my company. I'd like to do something simple like
having a form with a submit button, which when clicked would submit the
data to us. We're not far enough along knowlege-wise right now
(obviously!) to setup something with online credit card processing. And
right now we'd like to avoid stepping into having to setup something
MySQL based.

Sorry about not being clearer and my earlier hasty response.

Thanks.
Jul 23 '05 #11

P: n/a
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
"rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
server.bigpond.net.au:
"zn" <zn@zn122.edu.invalid> wrote
"rf" <rf@.invalid> wrote in
news:gd*******************@news-server.bigpond.net.au:

> And how usefull would it be to the email client you send it to?
>
> You should be using HTTPS and a secure server side process, not email. >

The server already is configured for https. How do you define secure

server
side process? Are you referring to having php write to a database?


I am now totally lost. You originally talked about sending the data vie
email. To quote:

"the e-mail sent to my e-mail account"

Once again, if you encrypt an email (however you do it) what is the

email
client going to make of it?

And, if you are processing it on a server somewhere, why do you *need*

to
email it anywhere?

Perhaps if you re-state exactly what you are doing and intend to do.


I have read references to off-the-shelf "commerce servers" that can e-
mail encrypted credit card orders for off-line processing in the office
using traditional credit card swipe machines. Supposedly, after the
consumer places the order, the e-mail is sent to the company and they
process the order. At the company, there has to be a way to decrypt the
encrypted e-mail message (PGP? or is there another system of sending
encrypted e-mail).

Basically, I'm trying to find a way to accept a small amount of daily
orders over the web at my company. I'd like to do something simple like
having a form with a submit button, which when clicked would submit the
data to us. We're not far enough along knowlege-wise right now
(obviously!) to setup something with online credit card processing. And
right now we'd like to avoid stepping into having to setup something
MySQL based.

Sorry about not being clearer and my earlier hasty response.

Thanks.


Well, I'd start reading some books. Start with the O'Reilley articles
(http://www.ora.com) on e-commerce and security.
http://www.oreilly.com/catalog/websec2/index.html might be a good place
to start.

I suspect the credit card terminals use an encryption scheme that's know
to the server with which they connect. The server decodes and processes
the transaction and sends the email to the vendor. There's no need to
do something like this at all. Your approach of trying to do encrypted
email is a case in point--a little knowledge is a getting in the way of
solving this business problem.

What we did to charge credit cards our site was to start by setting up a
merchant account with a clearing house to process credit card
transactions. They gave us access to their secure web site to do
"virtual terminal" transactions by entering the credit card information
by hand from US mail orders. Customers were sent email confirming the
charge if they supplied it to us.

Using the clearing house's very complete technical specs, we created a
form which collects information from the customer from the secure web
server offered by our ISP. The form, when the customer submits it, runs
a perl script that contacts the clearing house (also using SSL web
connection) and submits a form with the various fields filled in
collected from the customer's form. The clearing house takes it from
there, verifying and emailing the customer (and us) of the transaction.

Others have suggested setting up an e-commerce module to do this. That
would work as well. The key to the encryption is the SSL server, which
is doing the encryption you asked about. You need to revisit your idea
of "rolling your own" encrypted email and do this right from the start.
If you don't have skills to do that, hire them or delay the project
until you can do it yourself.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #12

P: n/a
zn
Michael Vilain <vi****@spamcop.net> wrote in
news:vi**************************@news.giganews.co m:
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
"rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
server.bigpond.net.au:
> "zn" <zn@zn122.edu.invalid> wrote
>> "rf" <rf@.invalid> wrote in
>> news:gd*******************@news-server.bigpond.net.au:
>
>> > And how usefull would it be to the email client you send it to?
>> >
>> > You should be using HTTPS and a secure server side process, not

email.
>> >
>>
>> The server already is configured for https. How do you define
>> secure
> server
>> side process? Are you referring to having php write to a database?
>
> I am now totally lost. You originally talked about sending the data
> vie email. To quote:
>
> "the e-mail sent to my e-mail account"
>
> Once again, if you encrypt an email (however you do it) what is the

email
> client going to make of it?
>
> And, if you are processing it on a server somewhere, why do you
> *need*

to
> email it anywhere?
>
> Perhaps if you re-state exactly what you are doing and intend to
> do.


I have read references to off-the-shelf "commerce servers" that can
e- mail encrypted credit card orders for off-line processing in the
office using traditional credit card swipe machines. Supposedly,
after the consumer places the order, the e-mail is sent to the
company and they process the order. At the company, there has to be a
way to decrypt the encrypted e-mail message (PGP? or is there another
system of sending encrypted e-mail).

Basically, I'm trying to find a way to accept a small amount of daily
orders over the web at my company. I'd like to do something simple
like having a form with a submit button, which when clicked would
submit the data to us. We're not far enough along knowlege-wise right
now (obviously!) to setup something with online credit card
processing. And right now we'd like to avoid stepping into having to
setup something MySQL based.

Sorry about not being clearer and my earlier hasty response.

Thanks.


Well, I'd start reading some books. Start with the O'Reilley articles
(http://www.ora.com) on e-commerce and security.
http://www.oreilly.com/catalog/websec2/index.html might be a good
place to start.

I suspect the credit card terminals use an encryption scheme that's
know to the server with which they connect. The server decodes and
processes the transaction and sends the email to the vendor. There's
no need to do something like this at all. Your approach of trying to
do encrypted email is a case in point--a little knowledge is a getting
in the way of solving this business problem.

What we did to charge credit cards our site was to start by setting up
a merchant account with a clearing house to process credit card
transactions. They gave us access to their secure web site to do
"virtual terminal" transactions by entering the credit card
information by hand from US mail orders. Customers were sent email
confirming the charge if they supplied it to us.

Using the clearing house's very complete technical specs, we created a
form which collects information from the customer from the secure web
server offered by our ISP. The form, when the customer submits it,
runs a perl script that contacts the clearing house (also using SSL
web connection) and submits a form with the various fields filled in
collected from the customer's form. The clearing house takes it from
there, verifying and emailing the customer (and us) of the
transaction.

Others have suggested setting up an e-commerce module to do this.
That would work as well. The key to the encryption is the SSL server,
which is doing the encryption you asked about. You need to revisit
your idea of "rolling your own" encrypted email and do this right from
the start. If you don't have skills to do that, hire them or delay
the project until you can do it yourself.


Thanks for all of the details! The clearing house method sounds like a
great way to go. Do you know the name of a clearing house off the top of
your head?
Jul 23 '05 #13

P: n/a
zn
zn <zn@zn122.edu.invalid> wrote in
news:Xn*******************************@216.196.97. 131:
Michael Vilain <vi****@spamcop.net> wrote in
news:vi**************************@news.giganews.co m:
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
"rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
server.bigpond.net.au:

> "zn" <zn@zn122.edu.invalid> wrote
>> "rf" <rf@.invalid> wrote in
>> news:gd*******************@news-server.bigpond.net.au:
>
>> > And how usefull would it be to the email client you send it to?
>> >
>> > You should be using HTTPS and a secure server side process, not
email.
>> >
>>
>> The server already is configured for https. How do you define
>> secure
> server
>> side process? Are you referring to having php write to a database?
>
> I am now totally lost. You originally talked about sending the data
> vie email. To quote:
>
> "the e-mail sent to my e-mail account"
>
> Once again, if you encrypt an email (however you do it) what is the
email
> client going to make of it?
>
> And, if you are processing it on a server somewhere, why do you
> *need*
to
> email it anywhere?
>
> Perhaps if you re-state exactly what you are doing and intend to
> do.

I have read references to off-the-shelf "commerce servers" that can
e- mail encrypted credit card orders for off-line processing in the
office using traditional credit card swipe machines. Supposedly,
after the consumer places the order, the e-mail is sent to the
company and they process the order. At the company, there has to be a
way to decrypt the encrypted e-mail message (PGP? or is there another
system of sending encrypted e-mail).

Basically, I'm trying to find a way to accept a small amount of daily
orders over the web at my company. I'd like to do something simple
like having a form with a submit button, which when clicked would
submit the data to us. We're not far enough along knowlege-wise right
now (obviously!) to setup something with online credit card
processing. And right now we'd like to avoid stepping into having to
setup something MySQL based.

Sorry about not being clearer and my earlier hasty response.

Thanks.

Well, I'd start reading some books. Start with the O'Reilley articles
(http://www.ora.com) on e-commerce and security.
http://www.oreilly.com/catalog/websec2/index.html might be a good
place to start.

I suspect the credit card terminals use an encryption scheme that's
know to the server with which they connect. The server decodes and
processes the transaction and sends the email to the vendor. There's
no need to do something like this at all. Your approach of trying to
do encrypted email is a case in point--a little knowledge is a getting
in the way of solving this business problem.

What we did to charge credit cards our site was to start by setting up
a merchant account with a clearing house to process credit card
transactions. They gave us access to their secure web site to do
"virtual terminal" transactions by entering the credit card
information by hand from US mail orders. Customers were sent email
confirming the charge if they supplied it to us.

Using the clearing house's very complete technical specs, we created a
form which collects information from the customer from the secure web
server offered by our ISP. The form, when the customer submits it,
runs a perl script that contacts the clearing house (also using SSL
web connection) and submits a form with the various fields filled in
collected from the customer's form. The clearing house takes it from
there, verifying and emailing the customer (and us) of the
transaction.

Others have suggested setting up an e-commerce module to do this.
That would work as well. The key to the encryption is the SSL server,
which is doing the encryption you asked about. You need to revisit
your idea of "rolling your own" encrypted email and do this right from
the start. If you don't have skills to do that, hire them or delay
the project until you can do it yourself.


Thanks for all of the details! The clearing house method sounds like a
great way to go. Do you know the name of a clearing house off the top

of your head?


I'm responding to my own post ... now that I've heard some of the lingo,
I found some info on Google. Here's a link:

http://www.elsop.com/wrc/in_card.htm
Jul 23 '05 #14

P: n/a
zn wrote:
zn <zn@zn122.edu.invalid> wrote in

Thanks for all of the details! The clearing house method sounds like a
great way to go. Do you know the name of a clearing house off the top


of
your head?

I'm responding to my own post ... now that I've heard some of the lingo,
I found some info on Google. Here's a link:

http://www.elsop.com/wrc/in_card.htm


The first three links in the content on that page are dead. Maybe it's
badly out of date?

--
Michael
m r o z a t u k g a t e w a y d o t n e t
Jul 23 '05 #15

P: n/a
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
Michael Vilain <vi****@spamcop.net> wrote in
news:vi**************************@news.giganews.co m:
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
"rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
server.bigpond.net.au:

> "zn" <zn@zn122.edu.invalid> wrote
>> "rf" <rf@.invalid> wrote in
>> news:gd*******************@news-server.bigpond.net.au:
>
>> > And how usefull would it be to the email client you send it to?
>> >
>> > You should be using HTTPS and a secure server side process, not
email.
>> >
>>
>> The server already is configured for https. How do you define
>> secure
> server
>> side process? Are you referring to having php write to a database?
>
> I am now totally lost. You originally talked about sending the data
> vie email. To quote:
>
> "the e-mail sent to my e-mail account"
>
> Once again, if you encrypt an email (however you do it) what is the
email
> client going to make of it?
>
> And, if you are processing it on a server somewhere, why do you
> *need*
to
> email it anywhere?
>
> Perhaps if you re-state exactly what you are doing and intend to
> do.

I have read references to off-the-shelf "commerce servers" that can
e- mail encrypted credit card orders for off-line processing in the
office using traditional credit card swipe machines. Supposedly,
after the consumer places the order, the e-mail is sent to the
company and they process the order. At the company, there has to be a
way to decrypt the encrypted e-mail message (PGP? or is there another
system of sending encrypted e-mail).

Basically, I'm trying to find a way to accept a small amount of daily
orders over the web at my company. I'd like to do something simple
like having a form with a submit button, which when clicked would
submit the data to us. We're not far enough along knowlege-wise right
now (obviously!) to setup something with online credit card
processing. And right now we'd like to avoid stepping into having to
setup something MySQL based.

Sorry about not being clearer and my earlier hasty response.

Thanks.


Well, I'd start reading some books. Start with the O'Reilley articles
(http://www.ora.com) on e-commerce and security.
http://www.oreilly.com/catalog/websec2/index.html might be a good
place to start.

I suspect the credit card terminals use an encryption scheme that's
know to the server with which they connect. The server decodes and
processes the transaction and sends the email to the vendor. There's
no need to do something like this at all. Your approach of trying to
do encrypted email is a case in point--a little knowledge is a getting
in the way of solving this business problem.

What we did to charge credit cards our site was to start by setting up
a merchant account with a clearing house to process credit card
transactions. They gave us access to their secure web site to do
"virtual terminal" transactions by entering the credit card
information by hand from US mail orders. Customers were sent email
confirming the charge if they supplied it to us.

Using the clearing house's very complete technical specs, we created a
form which collects information from the customer from the secure web
server offered by our ISP. The form, when the customer submits it,
runs a perl script that contacts the clearing house (also using SSL
web connection) and submits a form with the various fields filled in
collected from the customer's form. The clearing house takes it from
there, verifying and emailing the customer (and us) of the
transaction.

Others have suggested setting up an e-commerce module to do this.
That would work as well. The key to the encryption is the SSL server,
which is doing the encryption you asked about. You need to revisit
your idea of "rolling your own" encrypted email and do this right from
the start. If you don't have skills to do that, hire them or delay
the project until you can do it yourself.


Thanks for all of the details! The clearing house method sounds like a
great way to go. Do you know the name of a clearing house off the top of
your head?


We used http://merchant.authorize.net/ The office manager contacted her
bank, I think, and they gave her this reference. Check with your bank
to see if they have a vendor they prefer since the clearinghouse is
depositing the funds electronically into your bank account. It takes
the member banks a couple days to actually do the wire transfer of
funds. I suspect this delay or "float" will go away soon from a recent
TV News segment in our area.

There's a lot of "vetting" or verification that has to happen to set
this up. The initial setup cost was $500 plus a percentage of the
charges processed through their site. There's other security measures
involved that show that this industry has been at it for a long time
(relatively).

It wasn't until we had problems during a pledge drive that we ran into
the clearing house's transaction limits. Because the clearing house is
essentially providing a loan of the funds to your bank account, they
typically limit the total amount processed per month. It's easily
increased with a call to their terrific customer support people.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #16

P: n/a
zn
Michael Vilain <vi****@spamcop.net> wrote in
news:vi**************************@news.giganews.co m:
In article <Xn*******************************@216.196.97.131> ,
zn <zn@zn122.edu.invalid> wrote:
Michael Vilain <vi****@spamcop.net> wrote in
news:vi**************************@news.giganews.co m:
> In article <Xn*******************************@216.196.97.131> ,
> zn <zn@zn122.edu.invalid> wrote:
>
>> "rf" <rf@.invalid> wrote in news:AeJFd.117916$K7.40059@news-
>> server.bigpond.net.au:
>>
>> > "zn" <zn@zn122.edu.invalid> wrote
>> >> "rf" <rf@.invalid> wrote in
>> >> news:gd*******************@news-server.bigpond.net.au:
>> >
>> >> > And how usefull would it be to the email client you send it
>> >> > to?
>> >> >
>> >> > You should be using HTTPS and a secure server side process,
>> >> > not
>> email.
>> >> >
>> >>
>> >> The server already is configured for https. How do you define
>> >> secure
>> > server
>> >> side process? Are you referring to having php write to a
>> >> database?
>> >
>> > I am now totally lost. You originally talked about sending the
>> > data vie email. To quote:
>> >
>> > "the e-mail sent to my e-mail account"
>> >
>> > Once again, if you encrypt an email (however you do it) what is
>> > the
>> email
>> > client going to make of it?
>> >
>> > And, if you are processing it on a server somewhere, why do you
>> > *need*
>> to
>> > email it anywhere?
>> >
>> > Perhaps if you re-state exactly what you are doing and intend to
>> > do.
>>
>> I have read references to off-the-shelf "commerce servers" that
>> can e- mail encrypted credit card orders for off-line processing
>> in the office using traditional credit card swipe machines.
>> Supposedly, after the consumer places the order, the e-mail is
>> sent to the company and they process the order. At the company,
>> there has to be a way to decrypt the encrypted e-mail message
>> (PGP? or is there another system of sending encrypted e-mail).
>>
>> Basically, I'm trying to find a way to accept a small amount of
>> daily orders over the web at my company. I'd like to do something
>> simple like having a form with a submit button, which when clicked
>> would submit the data to us. We're not far enough along
>> knowlege-wise right now (obviously!) to setup something with
>> online credit card processing. And right now we'd like to avoid
>> stepping into having to setup something MySQL based.
>>
>> Sorry about not being clearer and my earlier hasty response.
>>
>> Thanks.
>>
>
> Well, I'd start reading some books. Start with the O'Reilley
> articles (http://www.ora.com) on e-commerce and security.
> http://www.oreilly.com/catalog/websec2/index.html might be a good
> place to start.
>
> I suspect the credit card terminals use an encryption scheme that's
> know to the server with which they connect. The server decodes and
> processes the transaction and sends the email to the vendor.
> There's no need to do something like this at all. Your approach of
> trying to do encrypted email is a case in point--a little knowledge
> is a getting in the way of solving this business problem.
>
> What we did to charge credit cards our site was to start by setting
> up a merchant account with a clearing house to process credit card
> transactions. They gave us access to their secure web site to do
> "virtual terminal" transactions by entering the credit card
> information by hand from US mail orders. Customers were sent email
> confirming the charge if they supplied it to us.
>
> Using the clearing house's very complete technical specs, we
> created a form which collects information from the customer from
> the secure web server offered by our ISP. The form, when the
> customer submits it, runs a perl script that contacts the clearing
> house (also using SSL web connection) and submits a form with the
> various fields filled in collected from the customer's form. The
> clearing house takes it from there, verifying and emailing the
> customer (and us) of the transaction.
>
> Others have suggested setting up an e-commerce module to do this.
> That would work as well. The key to the encryption is the SSL
> server, which is doing the encryption you asked about. You need to
> revisit your idea of "rolling your own" encrypted email and do this
> right from the start. If you don't have skills to do that, hire
> them or delay the project until you can do it yourself.
>


Thanks for all of the details! The clearing house method sounds like
a great way to go. Do you know the name of a clearing house off the
top of your head?


We used http://merchant.authorize.net/ The office manager contacted
her bank, I think, and they gave her this reference. Check with your
bank to see if they have a vendor they prefer since the clearinghouse
is depositing the funds electronically into your bank account. It
takes the member banks a couple days to actually do the wire transfer
of funds. I suspect this delay or "float" will go away soon from a
recent TV News segment in our area.

There's a lot of "vetting" or verification that has to happen to set
this up. The initial setup cost was $500 plus a percentage of the
charges processed through their site. There's other security measures
involved that show that this industry has been at it for a long time
(relatively).

It wasn't until we had problems during a pledge drive that we ran into
the clearing house's transaction limits. Because the clearing house
is essentially providing a loan of the funds to your bank account,
they typically limit the total amount processed per month. It's
easily increased with a call to their terrific customer support
people.


I checked with our bank and they use Cybersource. And there are plenty of
directions about how to integrate their software into our webpages. It
all looks relatively easy. I'm hoping that because we already have a
credit card reader through them that it is an easy, and less expensive
than $500, to switch to their online system.
Jul 23 '05 #17

P: n/a
zn
Michael Rozdoba <mr**@nowhere.invalid> wrote in
news:41**********************@news.zen.co.uk:
zn wrote:
zn <zn@zn122.edu.invalid> wrote in

Thanks for all of the details! The clearing house method sounds like
a great way to go. Do you know the name of a clearing house off the
top


of
your head?

I'm responding to my own post ... now that I've heard some of the
lingo, I found some info on Google. Here's a link:

http://www.elsop.com/wrc/in_card.htm


The first three links in the content on that page are dead. Maybe it's
badly out of date?


Sorry about that ... I was actually busy looking over the list of
merchants. I'm sure that there are other sites too ... I haven't had time
to look yet.
Jul 23 '05 #18

P: n/a

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Xn*******************************@216.196.97.131> ,

[snip]
Others have suggested setting up an e-commerce module to do this. That
would work as well. The key to the encryption is the SSL server, which
is doing the encryption you asked about.


The site https://www.scaiecat-spa-gigi.com
can be already accessed over a https protocoll.
What would I need more to let customers pay even by credit cards?
What does a customer when he or she uses a credit card on the internet?
Does he fill in some data which he could send by an encrypted form (via
SSL)?
How does the database recognize whether the data which are sent this way are
the right one?
What would I need do after receiving these data in order to get the money on
a bank account?
How much does Visa for example charge approximately to process a payment?

--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/sv...or-italien.php
Jul 23 '05 #19

P: n/a

"Luigi Donatello Asero" <ja**************@telia.com> skrev i meddelandet
news:M6*******************@newsb.telia.net...

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Xn*******************************@216.196.97.131> ,

[snip]
Others have suggested setting up an e-commerce module to do this. That
would work as well. The key to the encryption is the SSL server, which
is doing the encryption you asked about.


The site https://www.scaiecat-spa-gigi.com
can be already accessed over a https protocoll.
What would I need more to let customers pay even by credit cards?
What does a customer when he or she uses a credit card on the internet?

What does a customer do when he or she uses a credit card on the internet?

Does he fill in some data which he could send by an encrypted form (via
SSL)?
How does the database recognize whether the data which are sent this way
are
the right one?
What would I need do after receiving these data in order to get the money
on
a bank account?
How much does Visa for example charge approximately to process a payment?

--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/sv...or-italien.php


Jul 23 '05 #20

P: n/a
In article <j8*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Luigi Donatello Asero" <ja**************@telia.com> skrev i meddelandet
news:M6*******************@newsb.telia.net...

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Xn*******************************@216.196.97.131> ,

[snip]
Others have suggested setting up an e-commerce module to do this. That
would work as well. The key to the encryption is the SSL server, which
is doing the encryption you asked about.


The site https://www.scaiecat-spa-gigi.com
can be already accessed over a https protocoll.
What would I need more to let customers pay even by credit cards?
What does a customer when he or she uses a credit card on the internet?


What does a customer do when he or she uses a credit card on the internet?


Seems like you joined us in the middle of this discussion.

That's totally dependent on the site where they use their card. You
question is ambiguous. So I'll give an ambiguous answer. The credit
card is either accepted and the charge goes through right then or it's
held until the order ships and _then_ the card is charged. Or the card
is declined and the user is notified immediately. What happens to
accomplish the credit card charge varies with the clearing house that's
accepting the charge.

Does he fill in some data which he could send by an encrypted form (via
SSL)?
The user fills in a secure page (via SSL) to collect the data. The web
page has to then process the data. This can be either immediate or
delayed. What the site does with this data is up to that site. Your
question is to general to answer beyond this.
How does the database recognize whether the data which are sent this way
are the right one?
If you mean the database on the site that's collecting the customer's
credit card #, the web server/web browser use SSL, which ensures this is
accurate. If you mean the clearing house's database, that's their
problem, not yours. Why are you worried about it?
What would I need do after receiving these data in order to get the money
on a bank account?
You submit the data to a credit card clearing house. They've already
done stuff like take a blood sample, have your family "under 24 hour
"surveillance", know what color car you drive, and checked your bank
accounts. The clearing house does a direct deposit of the funds (minus
a transaction fee and monthly service charge) directly into your bank
account. That's usually immediate if you request it. If there's a
problem, like a customer complaint or the clearing house finds the card
was stolen or there's a problem, they do a charge back against your
account and withdraw the money. If there's insufficient funds, they
start using the information they gathered about your to "collect" the
funds. So be sure to keep sufficient funds in the bank and a close eye
on your family. You don't want to be receiving "parts" of one of them
in the mail until you've paid up. ;) [I'm kidding about the ransom and
parts--but they _will_ find you unless you "drop off the grid"]
How much does Visa for example charge approximately to process a payment?


This depends on the clearing house, the volume on the account, and your
credit rating. Check with your bank to find the one they use.

Some people don't want to have to do this so they use PayPal. Some
people think PayPal is evil incarnate and do other things. The trouble
is is that if you want to charge credit cards, you have to do something
like this. There's no legal way around it, AFAIK.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #21

P: n/a

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <j8*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Luigi Donatello Asero" <ja**************@telia.com> skrev i meddelandet
news:M6*******************@newsb.telia.net...

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
> In article <Xn*******************************@216.196.97.131> ,
[snip]

> Others have suggested setting up an e-commerce module to do this. That > would work as well. The key to the encryption is the SSL server, which > is doing the encryption you asked about.

The site https://www.scaiecat-spa-gigi.com
can be already accessed over a https protocoll.
What would I need more to let customers pay even by credit cards?
What does a customer when he or she uses a credit card on the
internet?
What does a customer do when he or she uses a credit card on the internet?

Seems like you joined us in the middle of this discussion.

Yes, but I tried to read what you wrote in the posts which the participants
of this thread wrote lately.
I hope that I am welcome..
That's totally dependent on the site where they use their card. You
question is ambiguous. So I'll give an ambiguous answer. The credit
card is either accepted and the charge goes through right then or it's
held until the order ships and _then_ the card is charged. Or the card
is declined and the user is notified immediately. What happens to
accomplish the credit card charge varies with the clearing house that's
accepting the charge.

Given that I already have site which is accessible over https, would I need
a clearing house to accept
a payment by credit cards or would that be only an option?
Could I process payment by credit cards on the website
https://www.scaiecat-spa-gigi.com instead of letting customers pay on the
site of the clearing house as you seem to suggest in your answer? Does he fill in some data which he could send by an encrypted form (via SSL)?


The user fills in a secure page (via SSL) to collect the data. The web
page has to then process the data. This can be either immediate or
delayed. What the site does with this data is up to that site. Your
question is to general to answer beyond this.

Could I not get payments directly on the site
https://www.scaiecat-spa-gigi.com instead of making use of a clearing house
as you suggested?
Someone mentioned an e-commerce module to do this.
How does the database recognize whether the data which are sent this way
are the right one?


If you mean the database on the site that's collecting the customer's
credit card #, the web server/web browser use SSL, which ensures this is
accurate. If you mean the clearing house's database, that's their
problem, not yours. Why are you worried about it?

I am not looking at the problem as someone who would pay but as someone who
would get the payment by credit cards
I am building the site https://www.scaiecat-spa-gigi.com myself.
I
What would I need do after receiving these data in order to get the money on a bank account?


You submit the data to a credit card clearing house. They've already
done stuff like take a blood sample, have your family "under 24 hour
"surveillance", know what color car you drive, and checked your bank
accounts. The clearing house does a direct deposit of the funds (minus
a transaction fee and monthly service charge) directly into your bank
account.


How much does Visa charge as transaction fee and monthly service charge?
Do they charge these fees only if the payment is processed through a
clearing house or not?

That's usually immediate if you request it. If there's a problem, like a customer complaint or the clearing house finds the card
was stolen or there's a problem, they do a charge back against your
account and withdraw the money. If there's insufficient funds, they
start using the information they gathered about your to "collect" the
funds. So be sure to keep sufficient funds in the bank and a close eye
on your family. You don't want to be receiving "parts" of one of them
in the mail until you've paid up. ;) [I'm kidding about the ransom and
parts--but they _will_ find you unless you "drop off the grid"]
How much does Visa for example charge approximately to process a
payment?
This depends on the clearing house, the volume on the account, and your
credit rating. Check with your bank to find the one they use.
Who pays the fee? Those who buy a product or those who sell it?
Some people don't want to have to do this so they use PayPal. Some
people think PayPal is evil incarnate and do other things. The trouble
is is that if you want to charge credit cards, you have to do something
like this. There's no legal way around it, AFAIK.

What does "AFAIK" mean?

--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/sv...a-sicilien.php

Jul 23 '05 #22

P: n/a
In article <FT*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <j8*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Luigi Donatello Asero" <ja**************@telia.com> skrev i meddelandet
news:M6*******************@newsb.telia.net...
>
> "Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
> news:vi**************************@news.giganews.co m...
> > In article <Xn*******************************@216.196.97.131> ,
>
>
> [snip]
>
> > Others have suggested setting up an e-commerce module to do this. That > > would work as well. The key to the encryption is the SSL server, which > > is doing the encryption you asked about.
>
> The site https://www.scaiecat-spa-gigi.com
> can be already accessed over a https protocoll.
> What would I need more to let customers pay even by credit cards?
> What does a customer when he or she uses a credit card on the internet?
What does a customer do when he or she uses a credit card on the
internet?

Seems like you joined us in the middle of this discussion.

Yes, but I tried to read what you wrote in the posts which the participants
of this thread wrote lately.
I hope that I am welcome..


No problem. Come on in. The water's fine.
That's totally dependent on the site where they use their card. You
question is ambiguous. So I'll give an ambiguous answer. The credit
card is either accepted and the charge goes through right then or it's
held until the order ships and _then_ the card is charged. Or the card
is declined and the user is notified immediately. What happens to
accomplish the credit card charge varies with the clearing house that's
accepting the charge.

Given that I already have site which is accessible over https, would I need
a clearing house to accept
a payment by credit cards or would that be only an option?
Could I process payment by credit cards on the website
https://www.scaiecat-spa-gigi.com instead of letting customers pay on the
site of the clearing house as you seem to suggest in your answer?


Yes. You need a credit card clearing house setup to bill credit cards.
Many don't want to do this, so they use PayPal or it's EU equivalent.
Then the process involves the customer "sending" you money via PayPal an
and you "receiving" it. You need to have a verified merchant account if
the volume is over a certain amount per month and PayPal takes some "off
the top" as they make the funds available to you immediately like the
clearing house. They also have direct access to your bank account.
Could I not get payments directly on the site
https://www.scaiecat-spa-gigi.com instead of making use of a clearing house
as you suggested?
Someone mentioned an e-commerce module to do this.
Since you have to deal with banks who tend not to trust people very
much, I would tend to doubt it. If you manage to find a bank that will
process your transactions without a clearing house, they probably won't
deposit the funds immediately and require a 10-14 day "hold" period on
the deposit just like a cheque/check. This is what the clearing house
is giving you--immediate access to the money from the charge. And they
charge you for this service accordingly.
I am not looking at the problem as someone who would pay but as someone who
would get the payment by credit cards
I am building the site https://www.scaiecat-spa-gigi.com myself.
I understand that and I'm answering as someone who set this sort of
thing up on a site. I think you should use PayPal or some equivalent.
That won't get you away from having some service have access to your
bank accounts, but if you setup an account _only_ for PayPal, that's all
the money they'll have access to. Only keep the minimum in the account.

Here's a warning: http://www.paypalsucks.com/faqs.shtml

How much does Visa charge as transaction fee and monthly service charge?
Do they charge these fees only if the payment is processed through a
clearing house or not?
I don't know. You'll have to check with your bank, as I recommended
earlier. They will tell you of the fees. I don't see that part of it.
Our clearing house charges a monthly fee based on the total cash
transactions. I think they absorb the fee Visa charges. Also as an
added feature for the non-US customers of our site, the clearing house
does currency conversion. It's a pain to take cheques written in EU or
$Canadian to a US bank. So, we encourage the non-US customers to use a
credit card.
What does "AFAIK" mean?


http://www.urbandictionary.com/defin...term=AFAIK&r=f

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #23

P: n/a

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <FT*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:

[Snip]
Seems like you joined us in the middle of this discussion.

Yes, but I tried to read what you wrote in the posts which the participants of this thread wrote lately.
I hope that I am welcome..


No problem. Come on in. The water's fine.
That's totally dependent on the site where they use their card. You
question is ambiguous. So I'll give an ambiguous answer. The credit
card is either accepted and the charge goes through right then or it's
held until the order ships and _then_ the card is charged. Or the card is declined and the user is notified immediately. What happens to
accomplish the credit card charge varies with the clearing house that's accepting the charge.

Given that I already have site which is accessible over https, would I need a clearing house to accept
a payment by credit cards or would that be only an option?
Could I process payment by credit cards on the website
https://www.scaiecat-spa-gigi.com instead of letting customers pay on the site of the clearing house as you seem to suggest in your answer?


Yes. You need a credit card clearing house setup to bill credit cards.
Many don't want to do this, so they use PayPal or it's EU equivalent.

Well, I suppose that the best thing would be to offer so many good payment
alternatives as possible. Then the process involves the customer "sending" you money via PayPal an
and you "receiving" it. You need to have a verified merchant account if
the volume is over a certain amount per month and PayPal takes some "off
the top" as they make the funds available to you immediately like the
clearing house. They also have direct access to your bank account.
Could I not get payments directly on the site
https://www.scaiecat-spa-gigi.com instead of making use of a clearing house as you suggested?
Someone mentioned an e-commerce module to do this.


Since you have to deal with banks who tend not to trust people very
much, I would tend to doubt it. If you manage to find a bank that will
process your transactions without a clearing house, they probably won't
deposit the funds immediately and require a 10-14 day "hold" period on
the deposit just like a cheque/check.


I already offer customers the chance of paying a ware, for example shoes,
by cash on delivery. If a customer should pay to me with this system, I
would do not get the money at once either...
I assume that banks want to be sure that the customer really wants to buy a
certain article before they pay. What about signing contracts online by
using the so-called qualified electronic signatures or any kind of
electronic identity card?
They could write the number of this card on a form which is encrypted and
sent to a database over https couldnīt they?
The form could also be sent to the bank so that it could see that the
customer wants to buy a certain article.
This method could be interesting if the customer wanted to to buy a program
to download for example or a password and he or she did not have any chance
of paying online. In Sweden you can also send payment orders online. How is
that in other countries?

--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/de...e-italien.html

Jul 23 '05 #24

P: n/a
In article <Ow*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <FT*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:

[Snip]

I already offer customers the chance of paying a ware, for example shoes,
by cash on delivery. If a customer should pay to me with this system, I
would do not get the money at once either...
I assume that banks want to be sure that the customer really wants to buy a
certain article before they pay. What about signing contracts online by
using the so-called qualified electronic signatures or any kind of
electronic identity card?
They could write the number of this card on a form which is encrypted and
sent to a database over https couldnīt they?
The form could also be sent to the bank so that it could see that the
customer wants to buy a certain article.
This method could be interesting if the customer wanted to to buy a program
to download for example or a password and he or she did not have any chance
of paying online. In Sweden you can also send payment orders online. How is
that in other countries?


I personally would be suspicious of a site that didn't accept my credit
card, allowing me to "charge it back" if I'm dissatisfied by the service
rendered. This is one reason I'm leery of PayPal. You're proposing
something that probably won't go over very well here in the U.S.
Whether it's workable in the EU is your gamble. Just because someone
signed a contract and then breaks it, what are you going to do? Sue
them? If they're in the U.S., that would be a problem of jurisdiction.
I think money is the only thing that will "talk" here, but what do I
know.

You're going totally outside the banking system and really on your own.
I'd read up on network security to setup this sort of system or hire
someone to do it for you.

Good luck with your venture and however you decide to set it up.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #25

P: n/a

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Ow*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <FT*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:

[Snip]

I already offer customers the chance of paying a ware, for example shoes, by cash on delivery. If a customer should pay to me with this system, I
would do not get the money at once either...
I assume that banks want to be sure that the customer really wants to buy a certain article before they pay. What about signing contracts online by
using the so-called qualified electronic signatures or any kind of
electronic identity card?
They could write the number of this card on a form which is encrypted and sent to a database over https couldnīt they?
The form could also be sent to the bank so that it could see that the
customer wants to buy a certain article.
This method could be interesting if the customer wanted to to buy a program to download for example or a password and he or she did not have any chance of paying online. In Sweden you can also send payment orders online. How is that in other countries?


I personally would be suspicious of a site that didn't accept my credit
card, allowing me to "charge it back" if I'm dissatisfied by the service
rendered.


I am not offering customers to pay by credit cards at the moment.
I am considering to offer it as one of the alternative way of payments in
the future
I personally do not like sites which offer only accept credit cards as
payment system....
I
This is one reason I'm leery of PayPal.
So, you are leery of PayPal? I was under the impression that you liked it
and you were suggesting to use it because not everyone likes
paying by credit cards.

You're proposing something that probably won't go over very well here in the U.S.
Firstly, I am not interested in the market in the USA at the moment, because
I do not know enough about the legislation in that country and
a general rule says that the law of the country where consumers come from
is the one to be applied when you sell on the internet.
I am interested in market in the EU, instead, so far, however, not to all
countries in the EU either, due to lack of knowledge of the national
legislations in this field.
Whether it's workable in the EU is your gamble. Just because someone
signed a contract and then breaks it, what are you going to do? Sue
them? If they're in the U.S., that would be a problem of jurisdiction.
I think money is the only thing that will "talk" here, but what do I
know.
I was suggesting to show banks signed contracts in order that they would
accept to process credit cards or other forms of payment without a delay of
14 days without the use of a clearing house and to prevent you to get in
trouble in case the customer should deny that he or she wants to buy the
ware or the service which you charged him or her for.

You're going totally outside the banking system and really on your own.
I am trying to do something different: I am trying to show different
alternatives. E-commerce has not developed yet, so much at least in the EU.
By comparison, one might count the number of little firms which sell online
and the ones which sell in the traditional way in the EU and in the USA. Do
you have any figures about that?
I'd read up on network security to setup this sort of system or hire
someone to do it for you.

Do you know titles of books or adresses of websites which deal with these
subjects, which you would recommend?
( they may be in many languages but preferably in english, or italian or
swedish or german because I know these languages better than other ones at
present)
I can suggest to visit the website http://www.ebusinesslex.net
to everyone who is interested in e-commerce in the EU.
Good luck with your venture and however you decide to set it up.

Thank you. The same to you.
--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/de...e-italien.html



Jul 23 '05 #26

P: n/a

"Luigi Donatello Asero" <ja**************@telia.com> skrev i meddelandet
news:eH*******************@newsb.telia.net...

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Ow*******************@newsb.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
> In article <FT*********************@newsc.telia.net>,
> "Luigi Donatello Asero" <ja**************@telia.com> wrote:

[Snip]

I personally would be suspicious of a site that didn't accept my credit
card, allowing me to "charge it back" if I'm dissatisfied by the service
rendered.

I am not offering customers to pay by credit cards at the moment.
I am considering to offer it as one of the alternative way of payments in
the future
I personally do not like sites which only accept credit cards as
payment system....
--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/de...e-italien.html
Jul 23 '05 #27

P: n/a

Luigi Donatello Asero wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
You're going totally outside the banking system and really on your
own.
I am trying to do something different: I am trying to show different
alternatives. E-commerce has not developed yet, so much at least in

the EU.

You have to be careful with this, there are a number of regulations in
place which you would have to comply with. Even if you come up with a
technically viable solution you might find yourself stymied if you
cannot find one that fulfils the rules and regulations of the financial
services industry.

If you have a merchant account I suggest you speak with the people with
whom you have the account to discuss what approach they are going to be
happy with. Then you can look at technical options for that approach.
--
Nic

Jul 23 '05 #28

P: n/a

"NicHughes" <ni*******@mailandnews.com> skrev i meddelandet
news:11**********************@c13g2000cwb.googlegr oups.com...

Luigi Donatello Asero wrote:
"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...

You're going totally outside the banking system and really on your

own.

I am trying to do something different: I am trying to show different
alternatives. E-commerce has not developed yet, so much at least in

the EU.

You have to be careful with this, there are a number of regulations in
place which you would have to comply with.


Of course there are.
And as I tried to point out, it seems to me that a solution which is based
on letting customers pay by credit cards without letting customers sign a
contract they should pay for, is riskier.

Even if you come up with a technically viable solution you might find yourself stymied if you
cannot find one that fulfils the rules and regulations of the financial
services industry.

I did not say anything against fulfilling the rules and regulations of the
financial services industry.
If you have a merchant account I suggest you speak with the people with
whom you have the account to discuss what approach they are going to be
happy with. Then you can look at technical options for that approach.

What do you mean by "merchant account"?
I have wares on sale on the webbsite.
It is the webbsite of my own one-man business!

--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/it/svezia.html




Jul 23 '05 #29

P: n/a
In article <Ah*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"NicHughes" <ni*******@mailandnews.com> skrev i meddelandet
news:11**********************@c13g2000cwb.googlegr oups.com...

If you have a merchant account I suggest you speak with the people with
whom you have the account to discuss what approach they are going to be
happy with. Then you can look at technical options for that approach.

What do you mean by "merchant account"?
I have wares on sale on the webbsite.
It is the webbsite of my own one-man business!


Most banks here in the U.S. offer "personal" accounts with a small
monthly fee (or no fee if the balance is kept above a certain amount).
There's also "business or merchant" accounts with higher service fees
and more services, including the ability to process electronic payments,
typically through a credit card clearing house I've described earlier.

What people do here in the States in your case is either setup a bank
account with a credit card clearing house or go "outside" the banking
system and use a service like PayPal which sprang up because people
didn't want to spend money to become a merchant. eBay/PayPal takes care
of all of this for it's small business owners.

What you seem to be saying is that you don't like either of these
alternatives and want to "do you own thing". That's fine, but
ultimately you're going to have to find a way to accept some sort of
monetary transaction through your web site. The established ways of
doing this are using SSL connections to credit card clearing houses or
though the PayPal API.

You could just give out "Luigi lira" and start your own barter economy.
You'll have to figure out the technical details for yourself on this
problem. The "way it's done" doesn't seem to fit or suit you.

Good luck.

--
DeeDee, don't press that button! DeeDee! NO! Dee...

Jul 23 '05 #30

P: n/a

"Michael Vilain" <vi****@spamcop.net> skrev i meddelandet
news:vi**************************@news.giganews.co m...
In article <Ah*********************@newsc.telia.net>,
"Luigi Donatello Asero" <ja**************@telia.com> wrote:
"NicHughes" <ni*******@mailandnews.com> skrev i meddelandet
news:11**********************@c13g2000cwb.googlegr oups.com...

If you have a merchant account I suggest you speak with the people with whom you have the account to discuss what approach they are going to be happy with. Then you can look at technical options for that approach.

What do you mean by "merchant account"?
I have wares on sale on the webbsite.
It is the webbsite of my own one-man business!


Most banks here in the U.S. offer "personal" accounts with a small
monthly fee (or no fee if the balance is kept above a certain amount).
There's also "business or merchant" accounts with higher service fees
and more services, including the ability to process electronic payments,
typically through a credit card clearing house I've described earlier.

What people do here in the States in your case is either setup a bank
account with a credit card clearing house or go "outside" the banking
system and use a service like PayPal which sprang up because people
didn't want to spend money to become a merchant. eBay/PayPal takes care
of all of this for it's small business owners.

What you seem to be saying is that you don't like either of these
alternatives and want to "do you own thing". That's fine, but
ultimately you're going to have to find a way to accept some sort of
monetary transaction through your web site. The established ways of
doing this are using SSL connections to credit card clearing houses or
though the PayPal API.


Customers in Sweden can already pay transfering money to Bankgiro and
Postgiro.
The numbers are on the website.
Customers can transfer money to Bankgiro and Postgiro on the internet if
they have a deal with some bank.
Customers who want to buy a ware coming from Sweden and some other countries
( for example Germany and Italy) can also pay a ware, for example shoes,
by cash on delivery.
The website https://www.scaiecat-spa-gigi.com can also be shown over a
https protocoll.
The main point is that I am trying to offer so many way of payments as
possible because different customers can prefer different way of payments
and at the same time find a solution to sign contracts online. Thatīs why I
am considering to buy a certificate for qualified electronic signatures.

You could just give out "Luigi lira" and start your own barter economy.
You'll have to figure out the technical details for yourself on this
problem. The "way it's done" doesn't seem to fit or suit you.

Good luck.

Thank you. The same to you.
--
Luigi ( un italiano che vive in Svezia)
https://www.scaiecat-spa-gigi.com/de...n-italien.html

Jul 23 '05 #31

This discussion thread is closed

Replies have been disabled for this discussion.