PAYMENT FOR YOUR
& ‘STRIPE’ AS AN EXAMPLE
Code4Lib DC Unconference, Aug. 11-12, 2014.
Associate Director for Library Applications and Knowledge
University of Maryland, Baltimore
Health Sciences and Human Services Library
Elements of Online Payment
ACH (Automated Clearing House) payments: Electronic credit
and debit transfers. Most payment solutions use ACH to send
money (minus fees) to their customers.
Merchant Account: A bank account that allows a customer to
receive payments through credit or debit cards. Merchant providers
are required to obey regulations established by card associations.
Many processors act as both the merchant account as well as the
Payment Gateway: The middleman between the merchant and
their sponsoring bank. It allows merchants to securely pass credit
card information between the customer and the merchant and also
between merchant and the payment processor.
Payment Processor: A company that a merchant uses to handle
credit card transactions. Payment processors implement anti-fraud
measures to ensure that both the front-facing customer and the
merchant are protected.
PCI (the Payment Card Industry) Compliance: A merchant or
payment gateway must set up their payment environment in a way
that meets the Payment Card Industry Data Security Standard (PCI
How Online Payment Works
Different payment gateways,
merchant accounts, and
bank accounts are setup to
work together (or not). Your
bank may also be able to
act as the merchant
Stripe acts as both the
payment gateway and
the merchant account.
customer and order
information to Stripe,
Stripe clears the
with the associated
credit card company,
and Stripe puts the
money in your bank
Modify and Enhance
Add Patron & Payment Details.
Allow custom amount for payment.
Change the currency to USD.
Configure the validation for new fields.
(Bootstrapvalidator jQuery Plugin)
Hide the payment form once the charge goes
You create a form on your website that accepts the payment details.
you create an event handler for the form’s submission).
When the form is submitted, the user’s payment details are securely sent to
Stripe via Ajax.
Stripe will confirm that the payment information is valid and return a token
that uniquely identifies that payment information.
a hidden form element and submits the form.
The server-side script (aka, the PHP code) that handles the form’s
submission uses the token to actually process the payment.
So the customer never leaves your site but the payment information never
hits your server: the best of both worlds. (This is the process when all
works well; payment verification errors introduce new processes.)