ActsAsFlinn

Credit Card Processing with ActiveMerchant

So for anyone interested in Rails based eCommerce I’ll be presenting on the subject at PhillyOnRails this Monday February 26th, at Drexel. I’ll be presenting on Credit Card Processing with ActiveMerchant. So anyone keeping up will know that I’m psyched about the fact that ActiveMerchant 1.0.0 was just released.

Secure Database Storage with Sentry

I’m also going to try to cover Secure Database Storage with Sentry if I have time. This is a controversial subject for eCommerce because you’re not supposed to store certain types of information related to a transaction (for example CVV). Sentry makes asymmetric encryption a cinch. That means you can take super secret information along with an order or transaction and encrypt it for later retrieval by the merchant. All the merchant needs to do to access the secret is provide his private key similar to PGP/GPG or SSH. This beats the heck out of a lot of eCommerce methods.

The very popular PHP based osCommerce production code actually stores full credit card information in the database if you aren’t using a gateway. Of course newer beta versions don’t store the card number in database, but they email them unsecured to the merchant. That sucks.

So you might be saying “who doesn’t use a gateway?” Merchants that don’t ship products automatically or will make order adjustments, or have some other special after order process that has to be manually handled.