ACCEPTING ONLINE PAYMENT FOR YOUR LIBRARY & ‘STRIPE’ AS AN EXAMPLE Code4Lib DC Unconference, Aug. 11-12, 2014. Bohyun Kim Associate Director for Library Applications and Knowledge Systems University of Maryland, Baltimore Health Sciences and Human Services Library Twitter: @bohyunkim Website: http://bohyunkim.net
30
Embed
Accepting Online Payment for Your Library and ‘Stripe’ as an Example
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
ACCEPTING ONLINE PAYMENT FOR YOUR LIBRARY & ‘STRIPE’ AS AN EXAMPLE
Code4Lib DC Unconference, Aug. 11-12, 2014.
Bohyun KimAssociate Director for Library Applications and Knowledge SystemsUniversity of Maryland, BaltimoreHealth Sciences and Human Services Library
Elements of Online Payment ACH (Automated Clearing House) payments:
Electronic credit and debit transfers. Most payment solutions use ACH to send money (minus fees) to their customers.
Merchant Account: A bank account that allows a customer to receive payments through credit or debit cards. Merchant providers are required to obey regulations established by card associations. Many processors act as both the merchant account as well as the payment gateway.
Payment Gateway: The middleman between the merchant and their sponsoring bank. It allows merchants to securely pass credit card information between the customer and the merchant and also between merchant and the payment processor.
Payment Processor: A company that a merchant uses to handle credit card transactions. Payment processors implement anti-fraud measures to ensure that both the front-facing customer and the merchant are protected.
PCI (the Payment Card Industry) Compliance: A merchant or payment gateway must set up their payment environment in a way that meets the Payment Card Industry Data Security Standard (PCI DSS).
Different payment gateways, merchant accounts, and bank accounts are setup to work together (or not). Your bank may also be able to act as the merchant account.
Stripe acts as both the payment gateway and the merchant account. Your website communicates the customer and order information to Stripe, Stripe clears the payment information with the associated credit card company, and Stripe puts the money in your bank account.
Process You create a form on your website that accepts the payment
details. You include a Stripe JavaScript library on the page. You write a JavaScript function that watches for the form
submission (i.e., you create an event handler for the form’s submission).
When the form is submitted, the user’s payment details are securely sent to Stripe via Ajax.
Stripe will confirm that the payment information is valid and return a token that uniquely identifies that payment information.
The JavaScript function that handles the Ajax response stores the token in a hidden form element and submits the form.
The server-side script (aka, the PHP code) that handles the form’s submission uses the token to actually process the payment.
So the customer never leaves your site but the payment information never hits your server: the best of both worlds. (This is the process when all works well; payment verification errors introduce new processes.)