Gossamer Forum
Home : Gossamer Threads Inc. : Custom Modification Jobs :

Shopping Cart

(Page 1 of 3)
> >
Quote Reply
Shopping Cart
It would be great if you guys can make a shopping cart plugin.

Here is a thread with a bunch of great ideas but the project never surfaced.

http://www.gossamer-threads.com/...orum_view_collapsed;

Quote Reply
Re: [Code07] Shopping Cart In reply to
Hello,

There definitely HAS been a lot of discussion within our organisation about creating a shopping cart plugin to Links SQL. However, upon further reflection, it has been determined that a plugin would not be sufficiently secure to satisfy our requirements. The problem is the storage of the credit card information and the customer database, and the fact that most of our clients running Links SQL are on virtual servers rather than dedicateds.

So the consensus within our company right now is to develop a full-featured Web Store that requires a dedicated server, maximizing the security aspect. It will be a high-end product, not a small plugin, the cost is most likely going to exceed US$2000. But nothing has been solidified yet, no feature set written in stone, we're still in the planning stages of this new Web Store.

I hope that this answers some of your questions, please feel free to let me know if you wish any clarifications.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Just curious. After a transaction is processed why would we need to save the credit card numbers?

And can the customer info be saved in the root access area where it is more secure.

Any way to make a scaled down version for customers wih virtual servers. maybe a paypal version where they would handle all of the credit card security.

Thanks Jack,

Ken

Quote Reply
Re: [Code07] Shopping Cart In reply to
Hi Ken,

We are definitely sensitive to the needs of our core clientele, who would like to have store functions on a shared server.

Most definitely, we will explore this issue in much greater detail before solidifying our plans and embarking on this development. A paypal only system would definitely soothe some of our security concerns, but limit functionality of the site, we'll check into this when the time comes.

As for saving customer information, repeat business is much easier to build on than having to chase new clients, making it easier for your previous customers to buy more is always good business policy.

Thank you for bringing up this issue, much appreciated.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Does it make any difference if the shared host has a separate secure server? My host does (westhost) and to us it, you have to fill out a form and are urged to minimize its use. I don't know if this is common practice or if it even makes any difference.

Could the credit card info be stored as an encrypted file with something like pgp?
--
Rob

SW Montana's Online Community
Modular Model Railroading
Quote Reply
Re: [vanderen] Shopping Cart In reply to
Hi Rob,

Yes, it would definitely make a difference when there are two servers involved. We can separate the payment part from the shopping cart portion of the plugin. Makes things a little more complicated, but it is definitely possible.

When we're designing the shopping cart plugin for shared servers, we'll keep this in mind. The one thing that we've seen with "secure" servers though is how insecure some of them really are.

Most likely, what might end up happening is that we'll email the credit card information off to the website owner with PGP encrytion and delete it off the server. This greatly reduces the customer service aspect of the plugin functionality, but it will enhance security, and that is the main concern when dealing with sensitive information like this.

We're not there yet in terms of writing specifications for this plugin nor for the dedicated server full-featured web-store. But we're working on it.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
I note from this discussion that you are concerned about the storage of credit card information of a customer within the Links SQL database...we use Worldpay as our secure payments partner and they store all credit card information on their server and allocate a user name and password to the paying customer so that when they return to make another payment in the future they can recall their information from the Worldpay database...
Quote Reply
Re: [hannahmackenzie] Shopping Cart In reply to
Hi Hannah,

WorldPay would have the expertise to maintain tight security on their servers where they store the credit card numbers. But using them is slightly more expensive than having your own merchant account with the bank and being able to run credit card numbers through your own bank. This difference can become significant when the billings get larger, 1% of a million is $10,000.

To that end, most larger e-commerce sites prefer to have their own payment interface rather than going through a company like WorldPay.

Also, your client will be redirected to the WorldPay site in order to make the payment, and that might impact the trust factor that a client has with you that prompted the client to place an order on your site in the first place. It's a better idea in our opinion to retain that client on our websites than to send them off to another, we've spent a lot of time and money to build a "sticky" website only to send them off at the most crucial stage, when they're inputing their credit card number.

Another issue that comes up is fraudulent orders using stolen credit cards. In our experience, clients can get very creative when trying to scam something using a stolen credit card, and we check thoroughly to ensure that the purchaser is who they say they are, sometimes even picking up the telephone to contact the client before running the transaction through if we've never had previous contact with them. Using a processor like WorldPay takes that control out of your hands.

In short, it makes good business sense to control your user database without handing that hard-earned information off to someone else.

Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O., Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Hi Jack

I totally get what you're saying about customer information, the trust factor and everything - we just tend to use worldpay because they bring with them the complete package - the secure server, the personal information guarantee, protection against fraud etc etc etc...

We would love to take credit card details and process them through our own bank, however, we've found that the banks over here in the UK seem to be fairly reluctant to setup trading accounts for the internet with small upcoming companies like ourselves, and a lot of the banks here don't currently offer such internet processing services. In fact, most of them refer us on to companies such as Worldpay.

Obviously, in the future, we will have a fully fledged accounts department, the technology and financial backing to have a fully functional customer experience: as yet that's a little bit round the corner!!

:-)

Best wishes

Hannah

Quote Reply
Re: [hannahmackenzie] Shopping Cart In reply to
I wish you all the best then Hannah. :)

I have heard of some companies in more restrictive countries setting up divisions in the US to handle the financial side of things because there is no reluctance on the part of the banks in the US to give out merchant accounts to small businesses.

Here in Canada, you need to post a bond in order to be able to run credit card orders through without having the client present. But in the US, no bond is required.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Jack

Thank you for your kind comments.

It is very restrictive in the UK about setting up internet services, but it's getting better and easier to do so all the time. Fingers crossed the UK will catch up with the US and Canada at some point.

Cheers

Hannah
Quote Reply
Re: [hannahmackenzie] Shopping Cart In reply to
Have you tried contacing the UK Online for Business? They will be able to assist you both professionaly and maybe financialy? They're the Governent task force in aiming to help businesses in the UK set up online.

Worth a look!

- wil
Quote Reply
Re: [JackOng] Shopping Cart In reply to
What about instead of storing the CC info, just store the other info, ie: everything except the CC. Personally, I don't like it when sites store my cc info, but I do like when they have my other info on file and it is accessible through a username and password.

I would love to see this plugin Smile

Quote Reply
Re: [Evoir] Shopping Cart In reply to
That might be a solution, to not store the credit card information, but really, email addresses are almost as important, and if someone else on the server can somehow access your contact database and spam them, that is almost as destructive to your site.

We'll be doing a lot more planning on this issue over the coming weeks and will have some more concrete plans for what it is we wish to accomplish. We thank everyone for their input, it does seem that a "skinny" version of the Store for virtual servers might be well-received.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Any news Jack? Wink

Would love to see a skinny cart plugin.
Quote Reply
Re: [Evoir] Shopping Cart In reply to
Hi,

Thanks for expressing your interest, but unfortunately, nothing new to report at this time, although there has been a lot of discussion here and we're definitely thinking about a cart plugin to Links SQL very seriously.

Jack.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
In Reply To:
Hi,

Thanks for expressing your interest, but unfortunately, nothing new to report at this time, although there has been a lot of discussion here and we're definitely thinking about a cart plugin to Links SQL very seriously.

Jack.



If someone said they'd pay you guys to make a skinny version, what would the cost be?

r
Quote Reply
Re: [ryel01] Shopping Cart In reply to
Hi,

We actually started work on it a few weeks ago in response to the discussions in this Forum. I was going to hold it back till we were ready to go and then introduce it with a splash. Wink

Give us about 2 more weeks to polish the system up and I'll make sure that you're the first person with the new Links SQL plus Gossamer's shopping cart plugin.

As for cost, it's not determined yet, but somewhere between US$250 and US$350 would be a good range.

Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O., Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806
Quote Reply
Re: [JackOng] Shopping Cart In reply to
In Reply To:
Hi,

We actually started work on it a few weeks ago in response to the discussions in this Forum. I was going to hold it back till we were ready to go and then introduce it with a splash. Wink

Give us about 2 more weeks to polish the system up and I'll make sure that you're the first person with the new Links SQL plus Gossamer's shopping cart plugin.

As for cost, it's not determined yet, but somewhere between US$250 and US$350 would be a good range.

Jack.



Love your work Jack! I thought you guys must be up to something Laugh. Let me know if you need a bug tester or anything and I'll be glad to help.

r.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
Hi Jack,

What about a third party interface that allows outside users to post products through a secure interface that allows them to post pictures, assign price, assign quantity, etc...? Of course they would have to regoster first before posting any products.

For example, a centralized flea market where people can sell goods through your processing system. The order is generated and sent to the buyer and seller and the product is marked "sold" based on available quantity.

The payment is processed by the site owner and payment is then made to the poster of the product.

Maybe through in a barter interface using GTForums?

Maybe a shipping interface with UPS/FEDex?

OK, now I am going off the deep end. But....

Online Garage Sale! You have to love that! Smile

NOTE: Put me down for one Jack.
Quote Reply
Re: [ryel01] Shopping Cart In reply to
Thanks for the offer,

I will take you up on it as soon as we have a packaged version ready for beta testing.

Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O., Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806
Quote Reply
Re: [Teambldr] Shopping Cart In reply to
It's a good idea and we'll investigate it. Links SQL already has users "owning" their own records, it would require us modifying the shopping cart to recognise orders of products that don't belong to the admin. Problems would arise in regards to handling shipping and what not from the potentially large number of vendors.

Can you check back with me in about 2 weeks?

Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O., Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806
Quote Reply
Re: [JackOng] Shopping Cart In reply to
This is lovely news. Thank you.
Quote Reply
Re: [JackOng] Shopping Cart In reply to
In Reply To:
Thanks for the offer,

I will take you up on it as soon as we have a packaged version ready for beta testing.

Jack.



Sounds good to me.

So know that you've let the cat out of the bag... I guess you were expecting some questions to follow. Wink


Q. Will the simple cart support WorldPay?


regan.
Quote Reply
Re: [ryel01] Shopping Cart In reply to
Hi Regan,

Currently we're only working on paypal and authorize.net but will be expanding it to the other payment processors as we go along. However, no promises, and no timelines at this point.

Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O., Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806
> >