1

Im developing an e-commerce website for someone, i just needed information on whats the best payment gateway method using ASP.NET 2.0?

The second question is an important one, becuase its e-commerce and need to implement a payment control on the website for users to pay by there credit or debit cards, what i wanted to ask is that the site will need https. I have looked on EUKHost a web host and they charge for windows copper server for £39.99, but with https its £89.99. now my client is asking me what i should do becuase he thinks its expensive and needs to look at his budget. So i just wanted to ask HTTPS or without HTTPS?

I would advise him with HTTPS because if a user wants to buy an item and finds out that there is no secure payment on the site then it might push away users from buying items on the site.

I would be grateful if you could give your feedback.

Thanks

redoc01
  • 2,107
  • 5
  • 32
  • 64

4 Answers4

2

I'm surprised that a hosting option is more per month just because it offers an SSL certificate. Most hosting providers charge the same monthly hosting fees. It's up to you to procure an SSL certificate and apply it to your website, which is easy to do. I'd look at other hosting options, unless you are using a hosted e-commerce site. In that case, you are stuck to their hosting rates. If you are buying and deploying an e-commerce package, then you can deploy to whatever servers / hosting providers you wish. From what you said, it sounds like you're developing a solution, so you should have some hosting flexibility.

The best payment gateways should be determined by a matter of factors other than how easy they are to integrate in ASP.NET, because they're all pretty easy to integrate with in .NET. Other factors to consider in order to determine what gateways are the best are: What countries you will accept credit card payments within, what are the merchant rates for online payments, does your client already have a credit card merchant account, what credit cards do they want to support, do they support online payment, etc.

Shan Plourde
  • 8,528
  • 2
  • 29
  • 42
  • The SSL Cert usually requires a dedicated IP. This costs the host $1- $2 per month. So this causes the plan to be more expensive – aron Apr 25 '11 at 14:58
  • You can use the same IP address for a single website and bind it to HTTP and HTTPS. The need for additional IP addresses only comes into play if you require more than one site running SSL on the same server I think. Regardless, the point was that it seemed that the hosting company was charging more than double for the same plan but just with SSL included, which seemed like price gouging. – Shan Plourde Apr 25 '11 at 16:26
1

I would definitely go with HTTPS....I know I wouldn't shop online at a site without it. As for payment gateways, I've developed several ASP.Net eCommerce applications and use Authorize.Net. Never had any problems with them.

Cognitronic
  • 1,426
  • 2
  • 16
  • 29
  • Thanks for the feedback Cognitronic, yeah i have looked into Authorize.Net and will further my research on it and maybe give it a go. Is £89.99 too much or reasonable for purchasing a hosting package with HTTPS? – redoc01 Jan 19 '11 at 16:12
  • Well, i'm not sure what the package consists of, but it sounds about right. I would just shop around a bit. – Cognitronic Jan 19 '11 at 16:15
1

Yes, use SSL (https)

I use USA ePay, they have a nice .Net DLL and they also have SOAP Webservices.

http://wiki.usaepay.com/developer/dotnet?DokuWiki=3f16f463e33e18844c91a7665ab80ada

Using it is as easy as...

private void RunSale()
{
    USAePayAPI.USAePay usaepay = new USAePayAPI.USAePay();
    usaepay.SourceKey = "dgb8otyulg26vm2hYiF8b2q6P7091681";
    usaepay.Pin = "ABA123";
    usaepay.Amount = 2.23;
    usaepay.Description = "A test transaction";
    usaepay.CardHolder = "Joe Schmoe";
    usaepay.CardNumber = "4444555566667779";
    usaepay.CardExp = "0909";

    //For Sandbox accounts set to true
    usaepay.UseSandbox = "false"


    try 
    {
        usaepay.Sale();
        if(usaepay.ResultCode == "A")
        {
            lblStatus.Text = "Transaction approved\n" +
                "Auth Code: " + usaepay.AuthCode + "\n" +
                "Ref Num: " + usaepay.ResultRefNum + "\n" +
                "AVS: " + usaepay.AvsResult + "\n" +
                "CVV: " + usaepay.Cvv2Result;
        } 
        else if(usaepay.ResultCode == "D")
        {
            lblStatus.Text = "Transaction Declined\n" +
                "Ref Num: " + usaepay.ResultRefNum;
        } else {
            lblStatus.Text="Transaction Error\n" +
                "Ref Num: " + usaepay.ResultRefNum + "\n" +
                "Error: " + usaepay.ErrorMesg + "\n" +
                "Error Code: " + usaepay.ErrorCode;
        }


    }
    catch(Exception x) 
    {
        lblStatus.Text="ERROR: " + x.Message;
    }
}

You can get an account Newtek

aron
  • 2,856
  • 11
  • 49
  • 79
1

Yes, you pretty much need https. As for payment gateways, sometimes your client will be dealing with a bank who will recommend one, or they will even have their own. I have found that most providers of internet merchant accounts have their own API's with docs.

I'm not sure why the price of the Https server is so high, I guess they have their reasons. But if you shop around you may be able to find something cheaper. Usually you will have to buy a certificate from a certificate provider, then install it on your server. The hosting company may charge a small fee for enabling https, but the difference in prices above seems to be a bit much, maybe they are providing the certificate as well?

I have used these guys in the past for the certificates: http://www.rapidssl.com/ I find them to be very competitive with pricing.

Matt Elliott
  • 61
  • 3