Calendar

2010年三月
« 二    
1234567
891011121314
15161718192021
22232425262728
293031  

Translator

相关日志

How online payment processing works

五月 30th, 2009 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 5.00 out of 5)
 Loading ... Loading ...

Online payment processing consists of two principal steps: authorization and settlement. The authorization process verifies that the customer’s credit card is active, and that there is sufficient credit to pay for the transaction. During the settlement process, the customer’s card account is charged and money from the customer’s account is transferred to the merchant’s account.

1. Payment processing authorization

During authorization, a bank verifies that holders of a payment instrument, such as a credit card, have sufficient credit or funds to make a purchase.

  1. Customer decides to purchase online and inputs credit card information.
  2. Merchant’s website receives customer information and sends it to payment processing service.
  3. Processing service routes information to processor.
  4. Processor routes information to bank that issued customer’s credit card.
  5. Issuing bank sends authorization (or declination) to processor.
  6. Processor routes transaction results to payment processing service.
  7. Processing service sends results to merchant.
  8. Merchant decides to accept or reject purchase. (Here, the merchant should take additional precautions to ensure the 8. credit card is not stolen and that the customer actually owns this card.)

image

Click to continue reading

Tags: | Category: System, 财金与投资 | Leave a comment | 194 views

PCI Data Security Standards (PCI DSS)

四月 15th, 2009 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 4.60 out of 5)
 Loading ... Loading ...

写paypal程序有一段时间了。关于电子支付,安全问题非同小可,总是要反复留心。但不管怎么谨慎,按照个人主观标准做的东西总不能保证质量。近日开始系统阅读paypal开发文档,没想到第一课就是PCI DSS(Payment Card Industry Data Security Standards支付卡数据安全工业标准)。有了标准就有质量保证的依据,应该是做电子支付的必修课了。

什么是PCI DSS?

  • PCI DSS是:支付卡数据安全工业标准
    • 按照支付卡行业安全标准委员会(PCI SSC)需求设计
    • 保护持卡人在支付卡欺诈、遗失、偷盗情况下的数据安全规范
  • PCI SSC 管理此标准
  • 支付卡公司执行此标准(如:Visa, MasterCard, DiscoverCard and American Express)
  • PCI DSS适用于持卡人数据存储、处理与传输的全过程 

PCI DSS 目标概略

  • 建设与维护安全网络
  • 保护持卡人数据
  • 维护系统弱点
  • 实行健壮的访问控制
  • 监控与测试网络
  • 维护一个安全策略

遵守PCI DSS

遵守PCI DSS不是一次性目标,它是不断评估与执行的过程。

  • 评估:确定持卡人数据与相关IT设施清单,分析弱点
  • 纠正:修正弱点并保持只对指定数据进行处理
  • 报告:记录所有的行动日志,并通知收单行与有关经营体

PCI DSS 12 Core Requirements

Build and Maintain a Secure Network
Requirement 1 Install and maintain a firewall configuration to protect cardholder data
Requirement 2 Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data
Requirement 3 Protect stored cardholder data
Requirement 4 Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program
Requirement 5 Use and regularly update anti-virus software
Requirement 6 Develop and maintain secure systems and applications

Implement Strong Access Control Measures
Requirement 7 Restrict access to cardholder data by business need-to-know
Requirement 8 Assign a unique ID to each person with computer access
Requirement 9 Restrict physical access to cardholder data

Regularly Monitor and Test Networks
Requirement 10 Track and monitor all access to network resources and cardholder data
Requirement 11 Regularly test security systems and processes

Click to continue reading

Tags: , | Category: Coding, 网站技术, 财金与投资 | Leave a comment | 173 views

给你的blog添加多币种捐赠功能(包括人民币)

十一月 12th, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
 Loading ... Loading ...

要让自己的blog可持续发展,就要让它能养活自己。

前一段时间,做了个WORDPRESS赞助商插件WP-DONATORS,可以支持PAYPAL多币种捐赠、广告位售卖、个人目标赞助,并实现自动汇率换算。它有个后台与PAYPAL API实时沟通,返回付款数据,然后把捐赠人赞助商指定的广告与连接放在“捐赠人云广告位”中展示出来。

接下来是支持更多的后台与币种。首先是人民币,paypal.com不支持人民币,当然想到的是“支付宝”,可是与“支付宝”沟通,他们工作人员说不提供针对个人捐赠功能

无意间发现“贝宝”(就是paypal 中国)最近10月间,更新了他的人民币费用政策,全免。要注意“贝宝”是paypal专门针对中国人民币的业务,不能与paypal.com帐户通用(外币),所以你要专门为“贝宝”注册帐号。注册“贝宝”

立即注册贝宝并开始接受信用卡付款。

正好他们用的是同一个paypal API这样很容易就加上人民币功能。使用时,只要在后台加上“贝宝”帐号就开通RMB。当捐赠人用RMB付款,款额就去“贝宝”帐号,其他币种就去paypal帐号。可以用你的信用卡开通paypal.com外币帐户支持多币种
Sign up for PayPal and start accepting credit card payments instantly.

Click to continue reading

Tags: | Category: WordPress, 网站技术 | 5 comments | 596 views

PayPal 对多币种支持及使用 IPN

十一月 7th, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
 Loading ... Loading ...

Paypal支持接收以下币种

Code Currency
AUD Australian Dollar
CAD Canadian Dollar
CHF Swiss Franc
CZK Czech Koruna
DKK Danish Krone
EUR Euro
GBP Pound Sterling
HKD Hong Kong Dollar
HUF Hungarian Forint
JPY Japanese Yen
NOK Norwegian Krone
NZD New Zealand Dollar
PLN Polish Zloty
SEK Swedish Krona
SGD Singapore Dollar
USD U.S. Dollar

多币种使用 IPN

payment_gross 和 payment_fee:对于非美元付款,这些值是空缺的,所以 IPN 脚本将不把这些金额作为美元处理。

多币种变量:对于非美元付款,IPN 将添加下列多币种变量,mc_gross 和 mc_fee
mc_gross:扣除交易费之前的所收到付款实付币种的全部金额。
mc_fee:与付款相关的实付币种交易费。类似 payment_fee 变量的变量函数(在款项待付等情况下,变量不显示)。
对于租用 IPN,如注册、取消、修改、失败和 EOT, mc_currency 是租费货币,而
非付款货币。

Click to continue reading

Tags: | Category: 网站技术, 财金与投资 | Leave a comment | 732 views

WP-Donators Plugin(WP赞助商插件)

十月 21st, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (30 votes, average: 4.47 out of 5)
 Loading ... Loading ...
Plugin Name: WP-Donators(WP赞助商插件)
Author: Eric Wang
Stable Version: 1.1.1
Author URL: http://www.ericbess.com/ericblog/
Plugin URL: http://wordpress.org/extend/plugins/wp-donators/
Download:http://downloads.wordpress.org/plugin/wp-donators.zip

== Description ==

Monetize your blog!  A lot of features to monetize your blog! Including: Sponsors Box,Text Link ADs,My Target, etc. Supporting  multi-Currency exchange. It’s will support most popular payment interface in future. ParPal Just the first one.

WORDPRESS赞助商插件WP-DONATORS。可以支持PAYPAL多币种捐赠、广告位售卖、个人目标赞助,并实现自动汇率换算。它有个后台与PAYPAL API实时沟通,返回付款数据,然后把捐赠人赞助商指定的广告与连接放在“捐赠人云广告位”中展示出来。

Multi-Currency Support and Exchange
U.S. Dollars,Australian Dollars,British Pounds,Canadian Dollars,Czech Koruna,Danish Kroner,Hong Kong Dollars,Hungarian Forint,
Japanese Yen,Mexican Peso,New Zealand Dollar’,Norwegian Kroner,Polish Zlotych,Singapore Dollars,Swedish Kronor,Swiss Franc,Chinese Yuan(RMB) 

== Features ==

Sponsors Box: Sponsor donate and submit name/URL or TextLink ad. The information of the latest donors are displayed in the cloud. The more a person donations, the bigger their link will be.
Text Link ADs: After Sponsor buy the TextLink Advertising, s/he can leave a TextLink and description on the blog. The more a person payment, the longer their advertising will be.
My Target: It will show what your target is, how much it needs. What’s the progress so far, how much is outstanding. And if someone decide to sponsor money to support the Target, it will provide convenient means of payment.

 == Depend On ==

  • If your haven’t the paypal account so far.Please register paypal account:[PayPal Registration] first.Sign up for PayPal and start accepting credit card payments instantly.
  • PHP5, Openssl,fsock.

Click to continue reading

Tags: , | Category: WordPress | 68 comments | 12,005 views

通过PayPal来美元现钞转换为现汇

八月 25th, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (4 votes, average: 4.00 out of 5)
 Loading ... Loading ...

  中国是汇率管制的国家,居民手中的美元现汇可以转换为美元现钞和人民币现钞,但是美元现钞和人民币现钞却很难转换为美元现汇,今天我介绍一个方法,可以令没有美元的用户也拥有美元现汇的帐户。

  首先要现解释一下美元现钞和美元现汇的区别,在我国,居民外币储蓄存款有两种账户:现钞户和现汇户。现钞指的是外币的钞票和硬币或以钞票、硬币存入银行所生成的存款。现汇是指以支票、汇款、托收等国际结算方式取得并形成的银行存款。外币现钞只能运送到国外才能起到支付作用,在国内法律是禁止其支付的。根据国家外汇管理有关规定,现钞不能随意换成现汇。个人外汇买卖业务本着钞变钞,汇变汇的原则。国家的外汇管理政策也是鼓励持有现汇、限制持有现钞,因为现汇作为帐面上的资金比现钞更便于外汇管理。

  由于美元现汇兑换人民币高于美元现钞,且在流通和交易上都比现钞方便,因此一般都建议美元现汇存款不要轻易支取为现钞,以免让手中的外汇贬值。将手中的美元现钞转换为现汇,也可以使得自己的外汇升值,有个一个方法,可以实现现钞转现汇的功能,实现我们手中的美元现钞“升级”为美元现汇。

  前提条件是,拥有一个招商银行的信用卡,并用这个信用卡开通PayPal.COM的国际帐户
Sign up for PayPal and start accepting credit card payments instantly.

  首先,在PayPal用同名再注册一个帐户,这时候,在银行将美元现钞存入招商银行的信用卡,并用这个卡关联的帐号转一笔美元到另外一个同名PayPal帐号,金额和存入信用卡的相同,之后,在那个帐号里,通过支票或者电汇的方式收款,耐心等待一段时间,支票寄到后去银行托收这张支票,托收成功后,存进去的就是美元现汇,这就实现了美元现钞转换为美元现汇。

Click to continue reading

Tags: | Category: Life | Leave a comment | 1,221 views

PHP Paypal IPN Class

六月 27th, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
 Loading ... Loading ...

NEW VERSION

I rewrite the class, release the Version:1.3.1
v1.3.1 [06.25.2008] – more strict ipn validation,ssl fsockopen(),sandbox option.

Donate for this class development, Thanks!

This free PHP script provides a simple method to interface with paypal and the paypal Instant Payment Notification (IPN) system. It is not a complete system but a single PHP class allowing the PHP developer more control. Included in the zip file is a demonstration PHP script called paypal.php which shows the basic usage of the class.


This class handles the submission of an order to paypal as well as the processing an Instant Payment Notification (IPN). Including the demonstration file, the entire “paypal system” consists of just 2 PHP scripts. Once is the class and one implements the class.

Original Author: Micah Carrick
Website: http://www.micahcarrick.com

UPDATE DESCRIPTION

More Strict IPN Validation: add ipn_status and receiver mail validation.

  • $p->ipn_status //get the ipn validation status detial.

SSL fsockopen():change the fsockopen http(80) to ssl(443) //paypal ipn (80) support unstable.

Sandbox Option:Create a “sandbox” account for a buyer and a seller. This is just a test account(s) that allow you to test your site from both the seller and buyer perspective. The instructions for this is available at https://developer.paypal.com/ as well as a great forum where you can ask all your paypal integration questions. Make sure you follow all the directions in setting up a sandbox test environment, including the addition of fake bank accounts and credit cards.

  • $p = new paypal_class (true); //open sandbox
  • $p = new paypal_class(false); //live use

Click to continue reading

Tags: , | Category: Coding, 网站技术 | One comment | 1,966 views

PayPal IPN 处理程序

六月 15th, 2008 | Eric | 1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 5.00 out of 5)
 Loading ... Loading ...

PAYPAL即时付款通知 (IPN) 是PayPal用于处理实时购买确认和服务器到服务器通信的界面。IPN 发送您收到的PayPal付款的即时通知和确认,并提供有关待付款、已取消或失败的交易状态及其他数据。

IPN可用于管理和自定义各种启用PayPal的API和通信,包括:

  • 自定义网站对客户购物进行实时回复
  • 通过 IPN“转递”变量跟踪客户
  • 为软件下载和其他数码产品分配访问键
  • 自动履行操作
  • 跟踪合作伙伴的销售和佣金
  • 在您自己的数据库中存储交易信息

立即注册PayPal并开始接受信用卡付款。

检索变量

进行了支付之后,PayPal 会向通过 POST 发送给 PayPal 服务器的 notify_url 变量中指定的 URL 发送通知。上面指定的脚本是 paypal_ipn_handler.php,所以请创建这个文件,并像下面这样定义它:

?View Code PHP
1
2
3
4
5
6
7
8
9
10
11
12
13

< ?php
include('includes/user_functions.php');
include('includes/shared_functions.php');
 
// assign posted variables to local variables
$payment_status = $_POST['payment_status'];
$amountDue = $_POST['mc_gross'];
$txn_id = $_POST['txn_id'];
$payment_currency = $_POST['mc_currency'];
$cartid = $_POST['custom'];
$my_email = $_POST['business'];
$email = $_POST['payer_email'];
...

首先,把 PayPal 通过 POST 发送过来的重要变量保存在本地变量中。

验证支付

对支付进行验证的方式是:搜集从 PayPal 发送过来的变量,并通过 POST 重新发送它们。继续定义 paypal_ipn_handler.php,添加以下代码:

Click to continue reading

Tags: , | Category: Coding | Leave a comment | 980 views
Page 1 of 212