Many companies may have the need to process credit card payments. You may be building your own shopping cart application or simply allowing your clients to pay their bills over the Internet. Many alternatives, such as WebSphere Commerce, are available, but many carry a large price tag. There are, however, some simple yet very flexible solutions that can solve your credit card processing problems. This tip will focus on a Java API from VeriSign that allows credit card processing along with your own custom logic. The sample scenario is an insurance company that wants to allow its customers to pay their bills electronically over the Internet.
VeriSign's Payflow Pro product overview
VeriSign is an organization focused on providing secure solutions for businesses to conduct transactions electronically. Payflow Pro is downloadable software offered through VeriSign that is fully customizable. It can handle large numbers of transactions but is adjustable to the size and growth of a business. It provides secure handling of sensitive information and automated funds settlement with banking institutions. Payflow Pro also offers direct access to payment processing service via an API, customization of the look and feel to match your personalized Web site, and integration of an application library or run using CGI scripts.
VeriSign provides an installation kit for Payflow Pro that can be integrated into a user's Web site and is used along with a SSL. This software also places total control of the ordering process and information retrieval at the user's Web site. There is also the ability to process manual transactions and run and view several transaction reports.
To process these types of transactions, a merchant ID must be obtained from a business's bank. An application must be filled out and the bank will then complete an account setup, provide the user with account information, which will allow VeriSign Payment Services to configure the Web site for transaction processing.
If you have your own SSL, Payflow Pro costs $59.95 per month with a $249 set up fee. This includes 1,000 transactions per month. If you have more transactions than that, VeriSign charges 10 cents for each additional transaction.
If you do not have an SSL, Payflow Pro can still be installed and used with an additional per yearly charge of $895, which includes a 128 bit SSL.
Processing transaction in WebSphere Studio
The following example shows the setup and sample usage of the API inWebSphere Studio (WDSC 5.1).
Step 1: Create a test account
This will setup and establish a userid and password.
Step 2: Download the Java jar file
After you have an account you can sign on the manager application and download the current Java API. This will contain Javadoc and readme files as well as the actual jar file. Review the readme to ensure you have the most up to date information.
Step 3: Review the instructions
Step 4: Create a new Java class in WebSphere Studio
I called my class "VerisignPaymentManager," but you can use any name. This will be a "wrapper" class to test the VeriSign API.
Step 5: Add the jar file to your classpath as shown below
To run code that uses the API you must have it in your classpath. In this example I added the Versign.jar to the Project that holds my example VerisignPaymentManager class. This allows the API to be found when referenced.
Step 6: Download and reference jcert.jar, jnet.jar, and jsse.jar
For JDK 1.2 and 1.3, make sure that the JSSE jar files are in your classpath as well. The default JVM in WebSphere Studio at the time of this tip was 1.3 so this step is necessary.
JSSE 1.0.2 files jsse.jar, jnet.jar & jcert.jar can be downloaded from: http://java.sun.com/products/jsse/index-102.html
If JDK 1.4 is installed, that step is not necessary, as these files are included in the JDK. These jar files can be referenced using the "Add External jars" button as well.
Step 7: Add sample code
Add code as shown below to complete your sample class.
Variable hostAddress is the Verisign test server. You will need to change the string submitted via the "pn.SubmitTransaction" method. Specifically, make sure you use YOUR userid and password from your VeriSign account for the parameters "USER" and "PWD". For my sample, I used planetj and 7777 for the user and password. You also need to make sure the path to your certificate is set correctly. In the above code I am referencing
"C:downloads�erisignJAVA�erisignpayflowprojavacerts"
path. If your download was placed in a different location, make sure you adjust the parameter. The rest of the parameters can be set as specified in the VeriSign Payment Services Payflow Pro Developer's Guide (PDF).
Step 9: Let'er roll!
You should now be ready to run your sample class. Using WebSphere Studio and the Java perspective, I select "Debug As" Java application. This will invoke the application and allow you to set breakpoints, etc.
After running the code, I got the following message:
"RESULT=126&PNREF=V54A49354704&RESPMSG=Under review by Fraud Service…"
That means it actually worked, but Verisign marked it for review since it was a test account.
Step 10: Production
Obviously this example uses "hard coded" parameters. You will want to enhance your class to allow dynamic runtime parameters and pass in values such as the credit card number, expiration date, name, etc. Those values most likely will come from the UI or a database. With a little additional work, you can be ready for production use.
---------------------------
About the authors: Paul Holm is a former IBM-Rochester WebSphere, Java, and DB2 developer/consultant. He specializes in helping iSeries RPG shops develop Web-based applications. Paul is currently a lead architect for the "WOW" product, which is Query/400 and DFU for WebSphere (aka WebSphere on steriods). Paul can be reached at pholm@planetjavainc.com.
Nicole Jensen is a project and business management specialist for PlanetJ Corp. She leads various WebSphere related initiatives, including business partner relationships and account management.
