Re: On-line Store, Credit Card donations &dbase

From: GNOME Foundation <director gnome org>
To: sinzui cox net
Cc: gnome-web-list <gnome-web-list gnome org>, luisma gnome org
Subject: Re: On-line Store, Credit Card donations &dbase
Date: 22 Oct 2003 11:56:18 -0400

Hello Curtis,

Thank you for the reply.

On Tue, 2003-10-21 at 21:20, Curtis C. Hovey wrote:
> On Fri, 2003-10-17 at 17:58, GNOME Foundation wrote:

> > Would anyone be interested and have time to work on the webform and the
> > database aspects of this project?
> 
> I'll research it.  As I understand the request: 
> GNOME wants to accept direct donations via CC.  

Yes, donations and sales of merchandise (two separate entry points.)

> The information must be captured.  
> The information must be transmitted and stored securely.
> The info must be validated (CC is mod10).
> The transaction must be approved by the card issuer.
> The donation info from other sources (Paypal) must be captured.

The Paypal and direct credit card transaction data should reside in
the same database with identifying fields as to source of payment and
purpose.

There should also be the option of making manual entries (i.e. for
donations and sales that occur at a trade show or via snail mail.)
Ideally, such write access should be browser based.

> Some parties require reports about the transactions.
> Some parties need a list of donors.

Correct.  We'd want an administrator [read/write] log-in and a data
entry log-in.

> To meet some of the above requirements we need an HTTPS server with a
> certificate from an authority (Verisign or Thawte).  Validation is
> trivial, but authorization requires the assistance of a member org/com,
> or a private arrangement with credit card processing provider.  The
> database with the cc information must also be very secure (the server,
> db, and data must be hardened).  Some reports may require extra trust
> for the member/user to view them.

On Tue, 2003-10-21 at 21:56, Jeff Waugh wrote:

> Luckily, in this case, all of the credit card processing foo is done 
> on the other end (Tim can follow up with the details and company); 

GNOME Foundation has an account with trustcommerce.com.  I can give you
the account information off-line.  We do need to obtain an SSL
certificate before processing with through TrustCommerce.

> we just provide
> information to their service and store the inventory-related  
> information for processing. 

Right.  We do not want to store the credit card information on our
server, just the donor, source of payment/donation and merchandise data.

> Quick'n'easy, and can probably integrate 
> into the current FoG database.

Not so quick as we don't have a FoG database.  Data is currently
maintained in gnumeric.

tim

References:
- On-line Store, Credit Card donations &dbase
  - From: GNOME Foundation
- Re: On-line Store, Credit Card donations &dbase
  - From: Curtis C. Hovey

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]