Contributors mailing list archives
contributors@odoo-community.org
Browse archives
Re: Backend processing of credit card payment
by
Open Source Integrators, Maxime Chambreuil
You bring a good point here Raphael. I double-checked PCI-DSS requirements and not storing CC info is not enough.
Thanks!
Maxime Chambreuil Project Manager / Consultant Ursa Information Systems 1450 W Guadalupe Road, Suite 132 Gilbert, Arizona, 85233 Office: 1-855-URSA ERP x 710 1-855-877 2377 x 710 Mobile: 1-602-427-5632 |
On Fri, Jul 22, 2016 at 11:37 AM, Raphaël Valyi <rvalyi@akretion.com> wrote:
Hello Maxime and others,Recently I made a POC to integrate ActiveMerchant from Shopify with Odoo https://github.com/activemerchant/active_merchantIt supports Authorize and dozens of other gateways as you can see in the doc and it's very mature and well maintained.I mostly copied the decorator design pattern from the Spree ecommerce for that (because ActiveMerchant implements the gateways logic without forcing a persistence technology which is exactly what we want when using it from Odoo). Then I wanted to expose a REST API via Grape and consume it from Odoo backend using a 50 lines json client,Well the POC was working great but at Akretion we froze the dev effort here because we start thinking it would be hard to enforce the PCI DSS compliance. As except for Stripe, the customer card number would end up transiting on our server which would force us to enforce the PCI-DSS.So technically this a very elegant solution, but how do you see the PCI-DSS compliance in your use case? PCI-DSS means both technical rules to enforce like not storing customer card details in clear text (easy) but also infrastructure and bureaucratic obligations which seems much more costly to enforce. If you see ways to work around the PCI-DSS here I would be glad to contribute this...In the meantime, at Akretion we came back to the "integration" logic much like Odoo does that is letting the customer do the payment on the provider website directly (even if may look integrated).Note: we also were reluctant to use Odoo PaymentTransaction object here and may favor the OCA payment objects instead which we trust more and have their workflow more integrated.,On Fri, Jul 22, 2016 at 1:08 PM, Maxime Chambreuil <mchambreuil@ursainfosystems.com> wrote:Hello,We, at Ursa, received couple requests to provide a way to process credit cards for customer payment using payment acquirer like Authorize.net or Paypal. This is specific to the backend, you may not be using the website and still want to accept CC payment.First, I wanted to make sure there is nothing already existing out there.Second, I would like to share with you the functional specification attached and request any comments or feedbacks.We are thinking of launching a crowdfunding campaign to provide:
- a first module with the foundation and all the acquirer agnostic stuff for 5,000 $US
- the authorize.net integration for an additional 5,000 $US
- the paypal integration for an additional 5,000 $US
Modules would respect OCA standards and include documentation.Any interest? Can I count on your financial contribution?Thank you!
Maxime Chambreuil
Project Manager / Consultant
Ursa Information Systems
1450 W Guadalupe Road, Suite 132
Gilbert, Arizona, 85233
Office: 1-855-URSA ERP x 710
1-855-877 2377 x 710
Mobile: 1-602-427-5632_______________________________________________
Mailing-List: http://odoo-community.org/groups/accounting-28
Post to: mailto:accounting@odoo-community.org
Unsubscribe: http://odoo-community.org/groups?unsubscribe--_______________________________________________
Mailing-List: http://odoo-community.org/groups/contributors-15
Post to: mailto:contributors@odoo-community.org
Unsubscribe: http://odoo-community.org/groups?unsubscribe
Reference
-
Backend processing of credit card payment
byOpen Source Integrators, Maxime Chambreuil-
Re: Backend processing of credit card payment
bySerpent Consulting Services -
Re: Backend processing of credit card payment
byOpen Source Integrators, Maxime Chambreuil -
Re: Backend processing of credit card payment
byOpen Source Integrators, Maxime Chambreuil -
Re: Backend processing of credit card payment
byOpen Source Integrators, Maxime Chambreuil -
Re: Backend processing of credit card payment
bySerpent Consulting Services