Bespoke Shopping Cart

Hello All,

Our company will be selling a seasonal service where we charge a one time flat fee for the administration of this service.

I am currently in the process of integrating a new payment system into our site for our marketing push in March. Currently we are using a Paypal Website Payments Standard account to handle the credit card payments. However, through my bank I was able to get a much better rate using their merchant account company which their plan also includes the payment gateway.

Running through the company’s online help section, it looks like I send them from our site the various elements from a form as the user is redirected to their site to virtually swipe their card. Then I get the results back much like Paypal’s IPN system to a kind of behind the scenes script that takes the variables sent and does what I need it to do MySQL-wise.

I hadn’t really looked into shopping carts until now, but from my research it looks to me like the last function of the transaction a shopping cart performs is to send variables to the payment gateway page needed for the processing company to process the payment. (Aside from the users billing data which would be entered on the gateway page.)

Since we are only really selling one product, couldn’t I just make a simple form that sends the required variables to the gateway? Or is there something I’m overlooking?

From the shopping carts I’ve checked out and the processors site, it looked as though that was basically what the shopping carts did. I understand they do a heck of a lot more if you have more than one item. But in our case, I’d rather just build a form and stick it in as opposed to trying to integrate a shopping cart into our site and customize its looks.

Is there a security issue I am overlooking?

Is my interpretation of the process off?

Any insight would be appreciated.

Thank you in advance.

You can build an order form and have it communicate directly with the payment gateway. Thing is… it doesn’t stop at the order from.

You’ll also have to build an admin area (e.g. order management section to see all the customer data) and if you’re storing credit card details - you’ll need to encrypt them and become PCI compliant.

So at the end of the day, it comes down to the lesser of two evils (skinning the cart or building everything from scratch).

Thank you for the reply.

I already have the customer admin section built and operational as well as a system to track the purchases where I am currently using Paypal.

I will not be storing any credit card information.

So it sounds like I should be all set with the basic order form.

Thank you.