Solved

How do I accomplish integrated online payment via Chase Orbital (Paymentech) for a PHP website?

Posted on 2009-04-14
1
4,278 Views
Last Modified: 2013-11-29
I have a client that is a non-profit childrens' shelter, their website is a custom handcoded simple PHP/mysql brochureware site, this is their current page for ONLINE DONATIONS set up to use paypal:

http://www.jpkids.org/index.php?n=4&s=20

We've staged how we'd like to do integrated online donations through Chase Orbital (Paymentech), who they bank with and already do non-web donation transactions with:

http://www.jpkids.org/index.php?n=4&s=20&test
(click make a one-time donation)

I've done integrated payment using Trust Commerce's tclink.php, which made it pretty easy.  Get an SSL certificate, gather up the card number, name, expdate, CVS, send it off, get a code back.  NOT A HUGE DEAL - I guess because Trust Commerce was nice enough and php-friendly enough to provide the tclink.php API (if "API" is what that's called, forgive my ignorance here - I'm not a heavy-duty programmer).

The Chase Orbital route however so far looks worse than revising Tax Code.  There is no PHP API, which is sort of shocking to me, and as I google and search for code examples or others in the same situation, all I find are expired project bids on rent-a-coder.com and getafreelancer.com.

I understand (I think) that I would use PHP to output XML (which I've done to create google sitemaps), and then access the XML gateway URL using https protocol, with a non-authenticated SSL session, Chase has my IP registered.  I have no idea how to do this last part though.  Also, there are like 50 pages of XML elements defined in the "Orbital Gateway Interface Specification 4.3.pdf" doc (attached).  No code examples... I feel like they don't want normal people to interface with them, like you have to be a professional programmer or subcontracted by them or something.

I suppose if this should be do-able and it's not as hard as it looks, I'd love to hear it.  But I think I'm also just looking for some bigger picture business-advice:

We're talking about a non-profit who wants to accept donations through their website.  Should they really be expected to pay thousands of dollars to outsource a PHP API for Chase's Orbital gateway??  If Chase is so huge, shouldn't they have the resources to provide this themselves?  Am I missing something here?  Is there an easier route?  Should I just bid to find a programmer for my project, but am I basically asking for a PHP API for Orbital?  Why has no one already done this, or is it out there and I'm not finding it?  Why doesn't Chase provide this from the beginning?  Are they un-friendly to PHP, or just generally unfriendly?  I just keep thinking I can NOT possibly be the first person who needs this, and no-need to reinvent the wheel...

I'd really appreciate some insight and advice from anyone who's familiar with my predicament.  

Thanks so much in advance for your time,
Alan
Orbital-Gateway-Interface-Specif.pdf
0
Comment
Question by:centerforward
1 Comment
 
LVL 29

Accepted Solution

by:
coreybryant earned 500 total points
Comment Utility
Looking at the osCommerce package for this gateway and reading Paymentech's Intregration Library, it seems they are limited in what they provide you as far as an API.  As you have suggested, they have the XML API which seems you might need to use if you want to rely on AVS and other security features (this comes from reading the osCommerce contribution).  You might take a look at that one to see if it helps direct you.
Unfortunately, Chase Paymentech was partnered with First Data for years, and they relied more on YourPay, a version of LinkPoint (First Data Global Gateway) until Chase Paymentech split.  It looks like their gateway they rely on is not up to par just yet.  
If you merchant has not received a merchant account yet, consider another payment processor.  If the merchant has a merchant account, you might see if Chase Paymentech is still selling / using the First Data Global Gateway (sorry, I cannot remember - when they split, Chase was still relying some on YourPay (YourPay was basically their brand name for LinkPoint)).
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now