New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
whmcs offline cc payment
NetBizPartner
Member
in General
Hi everybody, I'm having issue regarding offline payments. have no previous experience with whmcs.
I was able to generate invoice, for testing purposes I have entered my credit card credentials, and it appears in unpaid invoices section. after that I have no idea, how it's going to work in real life. how should i proceed this information, how should i pass this info to actual processing center (as i know, i need to get billing service from bank).
if anyone can instruct me in step by step manner, or point to such a link, will be very much appreciated. Thanks in advance.
Comments
You should process it manually or using PayPal Pro api
yes, I know that it should be processed manually, that's what i do not know.
Any reason not to use Stripe, Skrill, Braintree, etc. to process the payment?
yes, in my country, Stripe, Skrill, Braintree and even paypal are not widely used:-(
thats why i need to find out how to manually process offline credit card payments.
Erm, I'm not entirely sure how you're going to go through the PCI compliance process with that.
I'm not going to store processing data, i was told that I can somehow pass this data to pci compliant processing center and need to find out how.
there are banks, offering billing services to small entrepreneurs like me.
just need to know how to handle this data and pass to bank.
As soon as the data touches your servers, you're liable for it. This is why many companies hand off to third parties to deal with that
You will need to find a payment processor in your country with a WHMCS module to handle this (likely one built in, there's a large selection) or develop your own.
Stripe.js (or checkout) or the paypa handoff/iframe solution are likely the best options. If they're not available you need to find something similar that is
but there are so many small hosting companies, accepting credit cards and using whmcs, don't think all of them are pci compliants.
They will use a payment provider that takes that headache away from them.
Regardless of what they do "him doing something naughty means its ok for me right?" is not a defence.
Have a look at the penalties for non-compliance and see if its worth it https://www.pcicomplianceguide.org/pci-faqs-2/#15
A lot of companies accept them, they also don't store the data on there servers either. Which is why the 3rd party comes into play.
want to do everything legally, just looking for method, they are using offline credit card, i never said, they are breaking laws.
+1. PCI compliance is a real headache and expensive in case of certification.
Ideally you should go with a tokenized payment gateway, where instead of the clients' card details, a unique token/payment reference is stored for authorization thus removing PCI compliance liabilities.
@mailcheap it's not removing. The moment it touches your server you're equally responsible for the safeguarding of these data. It's just easier as you're not storing them.
Yes, generally as a merchant/provider you're responsible for ensuring the security of all data entrusted to you; but considering PCI DSS is not legally enforceable, the responsibility (& major liability) of storing the actual card details itself is shifted to the payment processor when using tokenization. So there is no additional liability for the provider (even in case of a data breach).
It is legally enforceable, every merchant account contract makes you agree to these rules.
My bad; it seems tokenization providers like Braintree do make you agree to PCI DSS in their ToS; good thing is the major liability that goes with storing the actual card details is still avoided. That is a legal nightmare unto itself.
Overall, OP should definitely consider tokenization for faster rollout, easier compliance and much reduced liability than storing and processing actual credit card details.
Pavin.
While it's already been mentioned multiple times, you're going to need a WHMCS plugin written so that the client interfaces with your credit card merchant via JavaScript (credit card info never touches your servers). Your WHMCS install should then deal ONLY with the token generated by your merchant.
http://docs.whmcs.com/Payment_Gateways#Supported_Gateway_Modules
There are tons of gateway modules available in WHMCS. Does your country not use any of these?
I have just found out that i can use this:PayPal Website Payments Pro.
Thank you for being so helpful! Cheers!
Try it first you will get : country not supported error