Hi, I am working on an ecommerce kond of platform where users will have there own currency (like most of the online games have, PUGBM , CODM) people can send that currency to other people, buy products with that currency or withdraw that to real money in their bank. For that client provided a design of multiple payment methods for a user. Some points are clear to me after some research
NEVER save credit card information on our server
This is why I am asking this question
User can have more than one payment gateways to withdraw to.
Like we have many websites/apps which support Google pay + credit cards + bank account.
So how I should store user's provided credit card info and where.
If I have to store it in Stripe. Do my Users need to create account of stripe as well???
Am I able to show how many cards a user is carrying?? and where this information will be saved??
The designs client provided have these methods: Visa, Master card, American express and Paypal.
@markjgrr if you are using Stripe, you'd create the Stripe customer using their API and then save the stripe customer id on your Customer table in Laravel during your process to take their first payment.
All card info is saved at Stripe's end and you can call their API to get details of Cards, expiry / last 4 digits etc.
as it'll give you a massive insight into card processing and the Stripe API.
For a quick start, you can also use Laravel Cashier which has a big chunk of the functions you need already set up
https://laravel.com/docs/8.x/billing
We just postponed the development of this feature after explaining how dangerous for users and for owner is to store CC info in database like that. We will resume in a week or so. Till then I am following your recommended series and will inform you once I succeed. Thanks a lot.
@worldwayii Well how about you read the previous replies if you’re going to bump an 11-month old thread…?
The short answer is: don’t unless you have a legal department and want to go through PCI compliance. Use a payment gateway like Stripe that handles payment information for you.
@worldwayii Like @markjgrr did above, learn this stuff well, the legalities before programming anything. If you follow your payment gateways instructions, you should be good to go. But a programmer can't be a payment gateway.
Notice I told @markjgrr they did very good by doing some research first. So start there with some research and perhaps view some laracasts videos on accepting payments.
@worldwayii Sorry I just logged in this week and found your comment.
We used laravel cashier's way to use Stripe which then used the preferable way. that is to add cards in Stripe vault.
When you add cards in stripe's vault it returns reference (payment method ID) to that card. then if you want to make payments you will then use that payment method ID and send a charge request along with other required/optional parameters (for details you can read Stripe's API or Laravel Cashier docs). So in the end even you wont know what was the original CC numbers, you can only see last 4 digits, expiry date, card type and other small details.
