How hard is e-Commerce

[Ryan]

I keep having lots of people questioning me about e-Commerce sites. I've never built one and the concept of handling other people's financial transactions seems quite daunting.

My questions are:

(a) are my fears of e-Commerce unfounded?
(b) are there any good people to outsource e-Commerce development work to?


I've done basic e-Commerce setups which just use PayPal as a payment gateway, but I've never tacked anything with straight credit card support and am not even sure how to go about starting.

[Rich Pedley]

Ditto, sort of. Because it is so difficult for the masses to use a shared SSL (quite often with a separate URL/domain) that I have shied away from adding in anything where payment is taken on the site. I only deal with the third party ones, usually they are easier to integrate (did I just say easy?). But that's when integrating a plugin.

If a client needs a large shop we have tended to use Trading Eye, can't recall the non hosted price off the top of my head, that way any issues we can shove back to them...

If a client only wants to sell a few items then any of the wordpress plugins are ok, but as soon as they start talking 100's of items we always suggest a standalone shopping solution.

[Otto]

I have used third party services to take "direct" credit card orders before. It was not difficult to do, as they offered a secure webservice for the task, but basically it was a custom solution.

The trick to e-commerce is that *any* solution is going to be very much customized to your needs. Handling payments can be done any of a thousand ways, and if they're handling the payments in-house, then the client is going to have their own way that they want to do it. On the other hand, if the client doesn't take payments but wants to, then it's going to be heavily customized to whoever their payment processor is going to be.

The only way to go about it, really, is to set up the site and cart and all that, but leave the payments piece open ended. Somehow, you'll collect credit card info and such. Then you will likely need to code up something custom to send that somewhere to get processed.

PROTIP: Don't store the credit card info in the WordPress database, or even on the same box. Relay it to a secure box inside the company for storage/processing, or relay it to your payment processor's systems right then and there, but never save it for later. You're just setting yourself up for failure if you do. Your website is a front-end only. It stores nothing securely. Treat it as such.

How to start: Ask the client who it is that handles their payment processing. If they look at you blankly, then ask them how, exactly, they want to turn the credit card numbers into actual cash money in their account. When you find out who they're using to do this, then start looking at them and seeing if they offer some services that you can use to do the actual charging of the credit cards.