-2

I was asked to implement simple shopping cart by using postgres and jsp for my school project. While I am implementing the project, a curious question arises in my head that: 1. How can I validate the user's input credit card (master/visa or paypal) when he press submit? 2. How can I maintain security if I want to store the credit card detail into the database?

I have no experience on website development. I am very appreciated if some one can give me some insights of the implementation as well as any hidden issue that I need to watch out related to the security. Thank you!

user228229
  • 661
  • 1
  • 8
  • 10
  • If you're using paypal then you don't handle any of that, paypal does, right? And what good would "validating" a credit card do you if you don't have a credit card service? Obviously the service validates, and that's something you have to pay a credit card company for. – developerwjk Jun 12 '14 at 21:25
  • And if you have no experience in development, you better not even try to store credit cards or process payments yourself. Drop the visa/mastercard idea and go paypal only. – developerwjk Jun 12 '14 at 21:28

1 Answers1

3

Never store credit card details in your database or on your server at all. No reason for that.

PayPal now supports $0 authorizations to verify a credit card with, so you could use that to verify a card is good.

If you need to process future transactions using the same card you can do so with Reference Transactions, where you would just pass in the original transaction ID you got back from the authorization along with the amount to charge. PayPal will process it using the data they have saved on their servers.

Drew Angell
  • 25,968
  • 5
  • 32
  • 51