Legal Question

Status
Not open for further replies.
MyOwnDemon

MyOwnDemon

Face Rocker
Jan 28, 2007
3,528
27
48
Iowa
www.sitestomp.com
Just a quick legal question here. One of my design clients has asked me a legal question that I don't know the answer to, so PLEASE... if you know the answer, chime in. :D

I am developing a website for a jewelry store and they want to take credit card payments via their new website.

Would it be legal to just allow the CC data to be submitted via an encrypted online form (like a php form), and then they run the card details PHYSICALLY in their store? The card wouldn't be present, obviously, and I'm not sure if allowing them to submit and process CC data in this method would be legal.

Basically, the Credit Card info would just be simply emailed to them and then they punch it in on their machines manually before filling the order.

Sorry if this sounds kind of noobish, but I don't know much about legal issues.

Thanks in advance!
 


I don't know about the legality of it myself (sorry), but this sounds like a horrible idea. If they want to have credit card sales they need to use a credit card processor. PHP forms are easy to hack and the last thing a bricks and mortor business will want to deal with is stolen identities/fraudulent charges.
 
Yeah, it is a horrible idea, and I told them that so we are looking into better options. Do you know of any recommended CC software I could integrate into the design?

I was looking at charge.com and authorize.net for some ideas.
 
I've used online credit card merchants for ecommerce sites before. Pretty sure, you could use that "in store" method, it's the same as a "telephone order". When you order on the phone, the card isn't present and the number is typed into a computer, so it's the same thing. I don't know about the php stuff, you'd have to make sure the information in encrypted and secured.

With online orders and all the fraud there is, I would not use the telephone order method. For security and fraudulent reasons. With an online order it's much simpler, all the information is verifed (AVS - address, zip code verification to confirm the item is being shipped to the card holder). I'm sure if you explain the fraudulent activity and being a jewelry store they should understand. Most likely they want to use their "in store" setup is since they don't want to pay merchant fees to their online merchant and use their "in store" setup instead and just have to pay one merchant. You could ask them who their in-store merchant is and speak to them to find out if they offer online services.

I would get a credit card merchant and use authorize.net as your gateway. Authorize.net is very simple to work with, and helpful with live chat assistance. I used Welcome to Total Merchant Services - Free Terminal Placement Program for my merchant. Their customer service at that time could be a little better, but besides that didn't have any problems. It doesn't really cost that much, just a hassle with all the paperwork required to open an account. Although you could use any merchant, I'm sure they're all about the same. They just handle the bank transactions, you don't really speak to them after your account is setup. Just get a good gateway, since that's the site you'll be using often to login and check credit card information, settings, and to integrate it into your website, shopping cart, etc..

You could even use PayPal (customers don't have to have a paypal account anymore to pay for purchases), but your transaction fees are going to be much higher than a credit card merchant.

If you have any questions or help setting this up, PM me.
 
  • Like
Reactions: MyOwnDemon
Get a merchant account. There are tons of them out there, and best of all - if you ever get any fraudulent charged they'll usually reimburse you up to a certain point.
 
Illegal, no. Dumb, yes.

All other valid arguments aside, you are usually charged more for processing a 'manual' transaction such as this.

Get a merchant account, pay less.
 
ubaidabcd said:
I've used online credit card merchants for ecommerce sites before. Pretty sure, you could use that "in store" method, it's the same as a "telephone order". When you order on the phone, the card isn't present and the number is typed into a computer, so it's the same thing. I don't know about the php stuff, you'd have to make sure the information in encrypted and secured.

With online orders and all the fraud there is, I would not use the telephone order method. For security and fraudulent reasons. With an online order it's much simpler, all the information is verifed (AVS - address, zip code verification to confirm the item is being shipped to the card holder). I'm sure if you explain the fraudulent activity and being a jewelry store they should understand. Most likely they want to use their "in store" setup is since they don't want to pay merchant fees to their online merchant and use their "in store" setup instead and just have to pay one merchant. You could ask them who their in-store merchant is and speak to them to find out if they offer online services.

I would get a credit card merchant and use authorize.net as your gateway. Authorize.net is very simple to work with, and helpful with live chat assistance. I used Welcome to Total Merchant Services - Free Terminal Placement Program for my merchant. Their customer service at that time could be a little better, but besides that didn't have any problems. It doesn't really cost that much, just a hassle with all the paperwork required to open an account. Although you could use any merchant, I'm sure they're all about the same. They just handle the bank transactions, you don't really speak to them after your account is setup. Just get a good gateway, since that's the site you'll be using often to login and check credit card information, settings, and to integrate it into your website, shopping cart, etc..

You could even use PayPal (customers don't have to have a paypal account anymore to pay for purchases), but your transaction fees are going to be much higher than a credit card merchant.

If you have any questions or help setting this up, PM me.
Click to expand...

Thanks man. Nice response. I will definitely PM you if I need help. +rep
 
MyOwnDemon said:
Thanks man. Nice response. I will definitely PM you if I need help. +rep
Click to expand...


No problem, additional advise: (I'm pretty sure of this, for what I can remember) If you try to authorize a credit card manually on your store terminal or even online (manually), they (store owner) get charged for that, wheather it gets approved or not. With all the fraudulent activity online it's going to be much more of a hassle than they're aware of. Especially with expensive items such as jewelry. I learned the hard way, and ever since I never ship an item unless I'm shipping to the billing address of the card holder. Never had a problem since.

With online merchants, even if you're not sure the item is instock you can set your account to "authorize only" which means the customer won't be charged until you've verified you have the item instock and it's ready to ship. When it's ready to ship, you can go back in your account and approve the authorization.
 
Status
Not open for further replies.
Top Bottom