| Chris Chambers 2004-03-31, 9:28 am |
| Hi all,
I've only been developing web sites for a couple of years, and I've
implemented e-commerce solutions on just three occasions. It normally
involves collecting a minimal ammount of info, - the order, the name,
address etc., and posting these details to the solution providers url. THEY
then take the credit card details etc., do the checking and banking, and
then return the user to my site. Easy.
I've just started a new site, and the solution the client wants me to use
reqires me to do the following:
Take ALL the details: name, address, and credit card details,
Perform a MOD10 check on the card ( check it's real ),
create an XML document with these details,
encrypt this with base64 encryption,
then encrypt this with URL encryption,
and then send this to their system as a url variable.
Question, - is this a usual way to do things? It doesn't seem a very easy or
secure way to me. ( Although I've had to install SSL on my server ). I've
run a week over deadline already, and I've blamed the delay on this
solution. I'd like to know if this is fair of me.
Any comments are welcome.
TIA
Chris.
|