Redundant Credit Card Processing Solution? 86
RokaMoka asks: "As I type this, I'm on hold with Verisign Payment Services, our (only) merchant services provider. I run several e-commerce sites, and how shall I say... 'tis the season. At the moment, VPS is totally down, and I am losing thousands of dollars per hour. Does anyone have any experience in designing and supporting e-commerce solutions with multiple vendors for CC processing? What other networks are out there, and what has been the customer experience with them? What should the strategy be, load-balance or fail-over?"
SLA (Score:4, Informative)
Do you have a service level agreement? If not, you might want to look into negotiating one.
Authorize.net (Score:3, Informative)
Authorize.net [authorize.net]
Do it yourself... (Score:4, Informative)
This may be the only option. At a very high level, this would require two things. First that you have a merchant account with the various CC companies. Depending on what kind of business you are in, this could be very easy, or very hard. More difficult would be the software itself. You "talk to" the CC company through one of a few Processor networks.. And those networks only allow certified systems to talk to them, and getting a system certified is, I suspect, close to impossible.
Fortunatly, there are more then a few libraries/servers. RedHat once had such a system, and based on their referral, I once played with MCVE, from Main Street Software [mainstreetsoftworks.com]. I left the job before anything came of the project; I diddnt go very far with it, but it was infinitly better then a Java system, whose name I dont remember, that I also played with (Dammit, its Java. I should be able to run it under Linux just fine, asshats.)
MCVE bindings are included in stock PHP, which I think is a reasonable vote of confidence.
While doing it yourself would not really remove the SPOF, it would bring it under your control. While the system you build may be technically less secure then one of the third-party-processors, it would also be a smaller target. Your own system wouldnt be effected by a vendetta DDOS against a TPP.
I think, in the grand scheme of things, that the politics of getting merchant accounts with the CC companies would be easier then the technical implementation.
Re:Authorize.net (Score:2, Informative)
Having said that, 99.0% of the time they're up, and their support is ok.
Paypal is my backup (Score:4, Informative)
It's true that there are some regions and/or users who are unable or unwilling to use paypal. However there are also some users who would prefer to use it when given the chance. So they cancel each other out in my opinion.
Paypal is easy to set up and they have an automatic notification system that you can hook into to fufill all your needs.
Re:Do it yourself... (Score:3, Informative)
Linkpoint [linkpoint.com] integrates nicely with PHP and many other platforms. Its fairly easy to get set up with merchant account do the CC processing yourself. The fees are much lower that way as well.
Paypal works well (Score:2, Informative)
I also like authorize.net they are very reliable and good tech support.