I want to build an app that, for personal use and fun, that monitors my credit card transactions daily, and sends me a text based on the transaction.
Exactly what I am doing is not important, I'm asking how to get started to see if my credit card company has a service that would allow me to build an application that would get my daily transactions.
The application would monitor my transactions, via their service, and I would consume the info do what I need to do.
Any help in pushing me in the right direction to see if my credit card company has a service that I could use?
Related
We are considering using voice commands to activate entry to a car park using Alexa.
I have seen that there are costs for using aws iot services and it is based on the number of devices and the number of transactions.
At first I thought that the user would pay this cost through a subscription to a skill that we are developing.
However, we are still not sure how much that subscription would cost.
I have tried to know what the system of some manufacturers of smart lamps that can be controlled with Alexa is like and I have seen that their skills are apparently free on Amazon.
So my question is:
How do they earn money to maintain the aws iot service?
Any comments or suggestions are welcome.
In-skill purchasing lets you sell premium content, such as game features and interactive stories in custom skills. You can offer in-skill products with the following payment models, One-time purchase, Consumable, Subscription. If you want to create in-skill products, more information can be found here: https://developer.amazon.com/en-US/docs/alexa/in-skill-purchase/isp-overview.html
I am working on standing up a mobile app with Google Datastore as backend database. I am debating whether google datastore is right choice for below use cases vs other datastorage options google offers. We are a small team and we don't want to incur lot of operations costs in the initial run. Application will have the following use cases:
User registration and profile which will take user personal identification details like credit cards, bank account , emails,address etc
Various subscription plans like yearly subscription price, monthly subscription price and pay per single service . User will be charged with bank account or credit card set on user profile
Mobile app will be launched within next 2 months and i am expecting at-least 1000 users in first few months
Appreciate your feedback at this stage where we are laying down the foundation of the app
Thank you
Datastore is good to manage user profiles and the use cases that you're referring as well it has free quota amounts and low costs regarding its usage and it'll be a better option compared with Cloud SQL which price and storage capacity is limited to the machine type that you're using. Additionally, as this isn't a technical inquiry, but a solution concern, I suggest posting this on the Datastore Google Groups where ideas regarding the Datastore and other products would be properly exchanged.
Our current setup.
We fully outsource our card processing service to a PCI compliant vendor. The way customers enter their card information is from a web page iframe delivered directly to their browser from the 3rd party vendor.
Our understanding this gives us the green light to use Checklist A because we do not control the page and card data never touches our company network.
My question:
We also have a billing application (on our network) that also has an embedded browser to which a credit card entry page is loaded from the 3rd party (iframe). We use this in case a customer calls us to update their card info.
Our accounting department types the updated card number into the web page (delivered from the 3rd party) and posts the update.
Does this process now exclude us from using checklist A?
Many thanks for responses.
Regards,
Bryan
When your agents key in a customers details they are classified as using a Virtual Terminal:
A virtual payment terminal is web-browser-based access to an acquirer,
processor or third party service provider website to authorize payment
card transactions, where the merchant manually enters payment card
data via a securely connected web browser.
SAQ A is likely not applicable, there is a specialised SAQ that covers this: SAQ C-VT which is for:
Merchants with Web-Based Virtual Payment Terminals—No Electronic
Cardholder Data Storage
This is something you should ask your service provider or a QSA to clarify/help with.
I'd be careful about using SAQ-A as it only applies if:
Your company has no direct control of the manner in which cardholder data is captured, processed, transmitted, or stored;
And, you most certainly can't use SAQ-C-VT as it only applies if:
Your company’s only payment processing is via a virtual payment terminal accessed by an Internet connected web browser;
Consequently, if I were in your shoes, I'd be using SAQ-C. SAQ-C sucks though, so if I were in your shoes, I'd be even more tempted to implement a user login/credit card update form so that customers can update their own credit card numbers, keep your accountants entirely out of the loop, and let you stay at an SAQ-A!!
What options exist to facilitate payments to banks or credit card companies? Are there programmatic APIs for banks that, say, perform the same actions as paypal might? I'm looking for libraries or options that aren't through an existing provider; that could be developed on their own.
Basically, lately I've become interested in ecommerce and I'm wondering how the communication between a website and a bank or credit card company is made.
I've looked around a bit, but I'm not really sure about the terminology in the field; any resources you could point me at, or good books about the subject would be awesome. Thanks!
You get a merchant account with a bank, then sign up with a merchant processor like Cybersource or Litle. The merchant processor provides an webservice API to process authorizations, payments, credits, and voids. You implement the processor's API and then you can do online payments. They act as a go-between for you and the credit card company. You're not likely going to get permission to communicate directly with the credit card's network.
Maybe use this link as a starting point. This is cybersource's API documentation.
I'm implementing a payment system and I'm not sure how to deal with cvv2 codes. Our service offers a two week free trial. We require the user to enter in billing information and we auth their card for $1. Two weeks later we do a separate auth & capture (we can't do a prior_auth_capture because the user can upgrade their plan during their trial). We bill them each month from then on.
How am I supposed to use the cvv2 code in our situation? We're not supposed to store the cvv2 code, so I can only use it with the auth that we initially do. Is it worthing doing this just on the auth still? I don't want the first auth to succeed (because it has the cvv2) and then prior auth + captures to fail because we don't keep it around.
Long story short I'm new at this company and I'm trying to fix their billing problems. International customers in particular are getting payments declined (some, not all). The current system doesn't pass along the name on the card to auth.net nor does it do any sort of address verification, which I suspect is what's giving international customers trouble.
I would think using cvv2 (if it'll work in our situation) and sending the actual name on the card should remedy the issue for international customers. If not then address verification would be the next thing to try? Does this make sense? Sorry if my thoughts are a bit scattered.
Thanks!
Sending the name on the card is useless as it not received nor used by the card processing companies. Also, AVS won't give anyone trouble except for the company who pays the credit card processing bills as their fees will be much higher for not doing it.
With Authorize.Net you should be using their ARB system for recurring payments. Once the subscription is established you don't have to do anything until the subscription runs out or is cancelled. This includes handling CVV and AVS issues. If you choose to use their AIM API for each and every payment then you'll have issues as you'll need to capture the CVV number for every transaction if you wish to perform CVV on those transactions. Of course, CVV is not required to process a transaction, so if you don't submit it the transaction will still go through anyway.
If international card holders are having issues it's more likely because the card is international and higher risk then then AVS or CVV issues. Those two tools are for fraud detection on your end. Not card approval by the processors.