In the digital age, businesses are increasingly moving away from traditional payment methods such as checks and cash, and adopting electronic payment methods for B2B transactions. Electronic payments offer numerous advantages over traditional payment methods, making them an ideal choice for businesses looking to streamline their payment processes and improve cash flow. What are the benefits of electronic payments for B2B transactions? Faster payment processing Electronic payments are processed much faster than traditional payment methods. With electronic payments, the payment is transferred directly from the payer's bank account to the payee's account, eliminating the need for physical checks or cash. This significantly reduces payment processing time, allowing businesses to receive payments faster and improve cash flow. Increased convenience Electronic payments offer increased convenience for both the payer and the payee. With electronic payments, businesses can make and recei...
As PCI rules and regulations get tougher and tougher desktop applications that accept credit card payments are finding it difficult to comply. Lately we have worked with several clients to bring their desktop application up to PCI DSS standards. There are a couple of options to consider when faced with this problem.
Option 1
Rewrite the software in accordance with the PCI DSS rules and regulations. This usually entails going through the cost of an audit, and then making the necessary changes to the software. By the way this will have to be repeated every year. Usually the changes are not minor, but are time consuming, invasive changes, that require manpower and know how to complete.
Option 2
Divorce the credit card payments section of the application and have it use a vendor service. For example gym membership software that has three sections, Payments, Members, and Reports. The Payments tab allows payments to be made for members. This Payments section would actually load an SSL encrypted web page that is already PCI secured. See the screen shot below, the area within the red box is actually a web page embedded into the desktop application.
The best part about this solution is that after the transaction is complete a token is sent back to the desktop application which can be used in place of a credit card number for next time. When the customer needs to make another payment simply send the token (saved in the desktop application) along with the amount.
Since the desktop application no longer stores or transmits credit card data directly PCI scope is greatly reduced, allowing for a easy way to comply. This is a great service that saves software companies large and small a great deal of money and headache.
Option 1
Rewrite the software in accordance with the PCI DSS rules and regulations. This usually entails going through the cost of an audit, and then making the necessary changes to the software. By the way this will have to be repeated every year. Usually the changes are not minor, but are time consuming, invasive changes, that require manpower and know how to complete.
Option 2
Divorce the credit card payments section of the application and have it use a vendor service. For example gym membership software that has three sections, Payments, Members, and Reports. The Payments tab allows payments to be made for members. This Payments section would actually load an SSL encrypted web page that is already PCI secured. See the screen shot below, the area within the red box is actually a web page embedded into the desktop application.
The best part about this solution is that after the transaction is complete a token is sent back to the desktop application which can be used in place of a credit card number for next time. When the customer needs to make another payment simply send the token (saved in the desktop application) along with the amount.
Since the desktop application no longer stores or transmits credit card data directly PCI scope is greatly reduced, allowing for a easy way to comply. This is a great service that saves software companies large and small a great deal of money and headache.
Comments
Option 2 seems easy and interesting.. however, there seems to be a disconnect in the data flow for me.. if u could help - Once the secure webpage is opened by the desktop application. The user enters the payment details in that web page . The webpage then contacts the gateway to tokenize the card and get a reference number. How is this token sent by to the desktop application from the browser ? OR Do you mean, that the browser should be loaded from within the desktop app. and then it internally communicates with the desktop app via applet or objects ?