Glossary Item Box

Squirrelcart v3.0.0

Connection Methods

Many payment gateways offer more than one way to connect to them to submit a transaction. These names are always specific to the gateway you are using. In Squirrelcart, there is a "Connection Method" field on each payment gateway record that can be set to control how your store will submit transactions to the gateway you've enabled. In general, we have found 3 different ways that most gateways support. While most gateways do support all three methods, there are some that only support one or 2. We've defined the methods as follows:

 

Server to Server

Website Requirements

This method requires at a minimum that you have an SSL certificate for your website. It also requires CURL OR fsockopen support, and OpenSSL, unless specified otherwise for your particular gateway in "Supported Gateways".

 

Benefits

 

How it Works

Your customer enters payment information on your secure web page, and submits it to your web server. While the customer is waiting for the next page to load, your web server sends payment information to the payment gateway in the background via SSL (Secure Socket Layer). The payment gateway sends the result back to your web server indicating the transaction status. Your web server then uses that information to determine what message to issue to the customer. In this method, the customer never sees the URL for the Payment Gateway in their browser. The customer never leaves your website.

Server to Server

 

 


Client side secure form POST

Website Requirements

SSL Certificate

 

Benefits

 

How it Works

Your customer enters their payment information using a secure form on your website. Your web server verifies all information is filled out, and then prompts your customer to continue to the payment gateway to submit the information. The customer then clicks the continue button and sends their payment information to the payment gateway for processing. The payment gateway then sends the customer back to your website to view the result of the transaction, and the thank you page if the transaction was approved. Depending on the payment gateway, the customer may never see the page on payment gateway web site. Most gateways will instantly redirect the customer to your site. Some will also alternatively load the entire thank you page from your website, and show it to the customer. When this happens, the only indication that the customer is not on your website is the URL in the address bar, as it will show the URL for the payment gateway.

Client Side Secure Form POST

Client side non-secure form POST

Website Requirements

No special requirements.

 

Benefits

Does not require an SSL certificate, CURL, fsockopen, or OpenSSL

 

Disadvantage

Your customer does not remain on your website. While most customers do not mind this, it is better in general to keep the customer on your site if possible. It gives them the sense that the transaction is being handled completely by your company and not a third party.

 

How it Works

This method is used when your website does not have SSL installed. Because of lack of SSL, there is no secure way for your site to gather payment information. The order total is sent via a form POST to a secure URL at the Payment Gateway website. The customer is then presented with a form in which they enter their payment information, and complete the order. Upon completion, most gateways will redirect the customer back to your website. Some may not return the customer, and will leave them at a thank you page at the gateway website.

Client Side Non-Secure Form POST

 

 

 


© 2001-2009 Lighthouse Development. All Rights Reserved.