Hi Luke,
On Tue, Feb 18, 2014 at 8:35 PM, Luke Plant <
l.pla...@cantab.net> wrote:
[snipped]
> * "RealMPI". This is an implementation of "3D secure" (also known as
> "Verified by Visa", or "SecureCard") that integrates with "RealAuth". To
> summarise, before authorising a payment using a gateway, you redirect the
> user to a site run by their own bank where they have to put in (part of)
> their password to verify the transaction. They are then redirected to the
> ecommerce site which proceeds with the transaction (after verification etc).
> The motivation is to shift liability for fraud and chargebacks from the
> merchant to the card issuer.
This sounds similar to Stripe.js. From their docs at [1]:
"""
With Checkout, you never have to handle sensitive card data. It's
automatically converted to a token which you can safely send to your
servers and use to charge your customers. In other words, the card
isn't charged on the client-side; we send a token representing the
card data to your server, which you can then charge.
"""
[1]
https://stripe.com/docs/tutorials/checkout#tokens
>
> I would like to add RealMPI to django-merchant, as well as RealAuth. It
> doesn't fit into the 'gateway' model, but, despite the fact that it doesn't
> actually process payments, it does fit into the 'integration' model quite
> well. The only difference is that once it succeeds, the payment hasn't been
> made - rather, you are safe to proceed with the gateway authorisation.
Please check [2] and [3]. You can observe in [2] that we invoke the
gateway to complete the transaction after we have received the
authorization token. So, I think the RealMPI will be a mix of an
integration and the RealAuth gateway and will require the user to
subclass a method to implement his flow. Mentioning this in docs and
having an example should hopefully suffice.
[2]
https://github.com/agiliq/merchant/blob/master/billing/integrations/stripe_integration.py
[3]
https://github.com/agiliq/merchant/blob/master/example/app/integrations/stripe_example_integration.py
>
> Let me know if you think there is a better way to approach this.
>
> Also, my patch will use lxml, as it provides a much nicer way to handle XML
> than minidom.
As long as it is documented, there is no problem with bundling
external dependencies.
Looking forward to your pull request.
--
Cheers
Thejaswi Puthraya
http://thejaswi.info/