Jeremy
|
Posted: 01/09/2002, 8:36 PM |
|
Hello all. I am trying to setup an https post on an html form and was wondering how secure it is if I have SSL running on the web page that I take in the credit card, then just post it to the authorizenet server and get a response back? The main difference here between mine and a lot of others is that they link to a web payment form on authorize.net site. I don't want to link, I just want to post...wait a few seconds...and get a response and read it. Is this in some way unsecure? Thanks.
Jeremy
|
|
|
Andrew B
|
Posted: 01/09/2002, 9:21 PM |
|
Since your users connect to you through SSL it is fine.
The only real way to do this is to use a custom COM or other type object to do the transaction. Otherwise there is not really a way to get a response back from authoriz that you can relate to the user who placed it. The way verisign works in this regard is that they post back to a specified page the transaction details, which you can then relate to a specific transaction.
Did authorize.net supply you with a custom object that you can use (or a web service)?
|
|
|
Jeremy
|
Posted: 01/10/2002, 9:44 AM |
|
Authorizenet supplies a few java/asp examples of the object script code and the form. I really don't want to do this because I don't have control of the server and don't know if the correct software is installed by the people that are running my hosting. I would rather just use SSL and do a post and get a reply...but that's just me. I figured since people were using this object method, the post method was unsecure in someway. Thanks for the help. Jeremy
|
|
|
|