Virtovo Posted April 8, 2014 Report Posted April 8, 2014 Can we get tokenised only mode supported in Blesta? I'd really like to use stripe; however PCI compliance is not something I want to deal with. Quote
flangefrog Posted April 8, 2014 Report Posted April 8, 2014 Is redirecting to a hosted payment page not an option for you? If I remember right some core changes are required for the Stripe tokenised mode to allow custom JavaScript on checkout. A hosted payment page (I'm pretty sure Stripe can do this) would be pretty easy for a developer to implement and does not need any changes to the Blesta core. Quote
Virtovo Posted April 8, 2014 Author Report Posted April 8, 2014 Hosted payment pages are fine. Which of the CC gateway modules work like this? I do not want to store CC information Quote
flangefrog Posted April 8, 2014 Report Posted April 8, 2014 Any of the gateways under Non-Merchant should be fine - 2Checkout, CCAvenue Payment or Payza (I'm assuming you don't want to use PayPal) Edit: Stripe and Authorize.Net do say they support "Credit Card offsite" so they may already support a hosted payment page mode as well. Quote
Virtovo Posted April 9, 2014 Author Report Posted April 9, 2014 Any of the gateways under Non-Merchant should be fine - 2Checkout, CCAvenue Payment or Payza (I'm assuming you don't want to use PayPal) Edit: Stripe and Authorize.Net do say they support "Credit Card offsite" so they may already support a hosted payment page mode as well. The issue with Stripe is that card details are communicated with the server: http://www.blesta.com/forums/index.php?/topic/2055-stripe-payment-gateway-pci-compliance/ I really need an option that either has a hosted page to enter payment details or passes it directly to the merchant gateway. Do the non-merchant offer this? Quote
flangefrog Posted April 9, 2014 Report Posted April 9, 2014 Ok, I have had a look at the Stripe module and the thread, and it seems the card details are just stored offsite, but still pass through your server. I'm pretty sure all of the Non-Merchant gateways I mentioned use a hosted payment page (as Blesta doesn't support collecting credit card details for Non-Merchant gateways) so you will not be subject to PCI requirements. I haven't used or tested any of those gateways myself though as PayPal is currently the only supported gateway that works in my Country. Quote
Virtovo Posted April 9, 2014 Author Report Posted April 9, 2014 Ok, I have had a look at the Stripe module and the thread, and it seems the card details are just stored offsite, but still pass through your server. I'm pretty sure all of the Non-Merchant gateways I mentioned use a hosted payment page (as Blesta doesn't support collecting credit card details for Non-Merchant gateways) so you will not be subject to PCI requirements. I haven't used or tested any of those gateways myself though as PayPal is currently the only supported gateway that works in my Country. Thanks. Is anyone from Blesta able to confirm the above? Or have an ETA when Stripe might support tokenised only mode (no CC to server). Quote
Tyson Posted April 9, 2014 Report Posted April 9, 2014 Non-merchant gateways take the customer off-site to complete payment, after which the gateway will only notify Blesta that a payment has been made. Neither Blesta nor your server are passed customer payment information. No ETA yet on Stripe tokenization. Michael 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.