Jump to content

What exactly is involved with using Authorize.net?


Zane

Recommended Posts

The idea is to avoid purchasing SSL

1.png

 

Zane, sounds like your client is going to need to weigh the costs / benefits of using either a 3rd party checkout system and paying their fees or purchasing an SSL.  Which will cost more? 

 

Link to comment
Share on other sites

The client is teeter-tottering on the credit card transaction fee percentage.  Paypal and Google Checkout have a 2.9% + $0.30 fee, while their Merchant is (somehow?) hooking them up with a 1.58% fee.  I went ahead and set up a sandbox account and used the SIM integration method just to check it out.  There are still a few variables I need to figure out, but it seems I may be able to get away with no getting an SSL.  The form action posts to a https address hosted on Authorize.net, which is exactly what I need.

 

Now I just need to make sure I meet the requirements.

Link to comment
Share on other sites

Watch out, having the form on a non-secure page opens yourself up to MitM.

 

If an attacker were to manage to compromise the stream between your webpage and the server's, it's possible to modify the HTML before passing it through, changing your form's action.

 

Though, this form of attack isn't exactly easy unless your client's on weak WiFi when he/she does it.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.