Why WSP?

Merchants selling their wares via ecommerce are being introduced to the harsh realities of Payment Card Industry Certification, commonly known as PCI. PCI says that if you touch the cardholder data then you’d better have your act together - getting your PCI act together is non-trivial and certainly not cheap. The pure reality is that merchants just want the money not the data AND the hassle.

WSP provides merchants with a secure, easily configurable solution that keeps cardholder data at arms-length. Here’s the key pieces of functionality you’ll want to explore:

• Security : No need for https certificate
• Fraud Prevention : Reduce charge-backs via CVV2
• Emailed Receipts : Keep your customers happy with emailed receipts
• Purchase Notification: Keep your business people overjoyed with email notification of purchase
• Consistent Look-and-Feel : Make Payment Page look like your ecommerce site.
• Interac Online : Add the newest payment type option for your customers (for Chase Paymentech merchants). No merchant certification needed, just click on a checkbox and you’ve got Interac Online.
• Shopping Cart Integrations : Zencart, osCommerce, Commersus and more.
• Non-Cart Integrations : code snippets for all your popular scripting languages.
• Powerful Payment Management Portal : the rich functionality of Realtime Payment Manager is all part of the WSP solution. Check out RPM’s use of new Web 2.0 technology - sortable columns, amazingly fast data entry, and quick reference field lookups.

The Customer View - How it Works

Online shoppers peruse product offerings on the merchant’s website and select purchases using the shopping cart software of their choice.

Figure 1 shows a simple example of a company referred to as “E-xact Shopping” along with its “Merchant Logo”.

Figure 2 shows the typical process of selecting an item and adding it to a cart

Figure 2

Once a shopper has completed their shopping, the next step is to “Checkout” and verify the selected items and pricing. See Figure 3 below.

Figure 3

All steps in the purchasing process so far have taken place within the confines of the merchant’s e-commerce solution. Establishing an effective user experience is key to business success, thus merchants take great care and ownership of the development of this solution.

Next comes the most important step for a Merchant: charging the customer. This step is also the most critical with respect to security and liability as card-holder data now enters the picture. Any merchant exposure to cardholder data comes with the responsibility of protecting and securing that information. More importantly, that responsibility is directly tied to the strict compliance and certification requirements of the Payment Card Industry (PCI). For most merchants, obtaining a certifiable level of security comes with a significant price tag that also requires levels of technology generally outside of the merchant’s domain of concern. Security now stands directly in the path of success for most merchants with e-commerce offerings.

What’s the solution? Merchants can continue to risk the liability and costs associated with a security breach, eat the costs of obtaining PCI compliance, or use a solution that securely isolates their business from cardholder data and transaction processing.

Figure 4 shows an example of a Payment Page externally hosted by E-xact’s WSP. Company name and logo are user-defined and can be set up and changed in minutes.

Credit card information is now isolated from the merchant domain.

In the example in Figure 4, payment processing begins once the “Checkout” button is clicked. The status of a transaction submitted for processing is always returned on a Customer Transaction Record (CTR). Figure 5 shows an example of a CTR generated using WSP Payment Page.

Figure 5

With a simple click of the “Back To The Merchant Store” button, the customer is returned back to the Merchant’s site. The transaction has been processed securely and merchant liability is significantly reduced within the confines of PCI DSS. WSP Payment Page makes this happen quickly and simply.

Back to Top ^

Merchant - Configuring Your Page

Setting up WSP Payment Page is simple for merchant administrators using the Realtime Payment Manager (RPM). Log in to RPM at https://pos.e-xact.com and at the RPM Home Page, select Web Secure Pay from the right side-bar menu (see Figure 6 below)

This page lists any designed payment pages and also allows Merchants to create new ones from scratch. Many companies will wish to have multiple copies to support languages other than English.

Once the appropriate Payment Page is selected, the Merchant Admin can begin the process of fine tuning the page to meet their needs. See figure 8 below to see the various tabs: General, Appearance, Terminals, Email, Keys and Integration Guide.

• Merchant Logo and default colours
• Order Notification Emails: When a transaction has been completed an email is sent to the specified address informing them of the activity.
• Customer Notification Emails and customized header and footer text for email
• Return to Store Link URL: When the customer clicks on the “Return To Store” button, they are returned to this address in this link.

Back to Top ^

Enabling WSP on your Merchant Web Site

Below is a screencast demonstrating the steps and features of using Web Secure Pay with Zen Cart, a free, open source, e-commerce application:

The screencast below describes how your web developer can easily integrate a solution based on the Ruby on Rails framework.