gavin_creative Posted September 1, 2009 Share Posted September 1, 2009 Hi guys, I am shortly going to be integrating osCommerce 2.2 with the new SagePay Direct module for the first time - has anyone installed this yet? If so do you have any advice, or any obvious pitfalls that I may face? Cheers :) Quote Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted September 1, 2009 Share Posted September 1, 2009 Hi Gavin.. I have worked closely with John Fitchett at Sage Pay on the new modules. The new modules are certified and are recommended to use in a production environment. Kind regards, Quote , osCommerce Link to comment Share on other sites More sharing options...
gavin_creative Posted September 1, 2009 Author Share Posted September 1, 2009 Hi Harald, Sorry if this sounds a bit silly, but is it possible to perform testing using the SagePay Direct osCommerce module without having the Private IP & SSL setup? I am in the process of getting this setup but waiting for this to be setup by one of other technical guys and wondered if I can maybe run this in Simulator mode for the time being? Thanks, Gav Quote Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted September 1, 2009 Share Posted September 1, 2009 Hi Gavin.. It should be possible to test the module in Simulation mode without an SSL certificate. The IP address of your setup must however be entered in your Sage Pay Merchant Account settings. Here is the test credit card number that can be used: Card Type: VISA Card Number: 4929000000006 CV2: 123 Kind regards, Quote , osCommerce Link to comment Share on other sites More sharing options...
gavin_creative Posted September 1, 2009 Author Share Posted September 1, 2009 Thanks Harald! I will give that a whirl, you have been most helpful it is very much appreciated! :) Quote Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted September 1, 2009 Share Posted September 1, 2009 Hi Gavin.. Please note that the Sage Pay Form, Sage Pay Server, and Sage Pay Direct payment modules have been updated to v1.1, which you should update to. http://addons.oscommerce.com/service/sage_pay Kind regards, Quote , osCommerce Link to comment Share on other sites More sharing options...
playazclubz Posted September 2, 2009 Share Posted September 2, 2009 Nice one Harald! Thanks again :-) Quote Link to comment Share on other sites More sharing options...
gavin_creative Posted September 17, 2009 Author Share Posted September 17, 2009 Hi Gavin.. It should be possible to test the module in Simulation mode without an SSL certificate. The IP address of your setup must however be entered in your Sage Pay Merchant Account settings. Hi Harald, this 'Sage Pay Merchant Account' - would I be right in saying this is within Sage Pay's own site rather than the osCommerce administration section? Quote Link to comment Share on other sites More sharing options...
♥ecartz Posted September 17, 2009 Share Posted September 17, 2009 Hi Harald, this 'Sage Pay Merchant Account' - would I be right in saying this is within Sage Pay's own site rather than the osCommerce administration section?Not Harald, but I can answer this: yes, that's in the settings on the Sage Pay site. You are essentially giving it a whitelist of IPs that can process payments on your account. Apparently Sage Pay will reject payment requests from other IPs. When you sign up for a simulator account, they should send you a link to the simulator which you can use to change settings, etc. Quote Always back up before making changes. Link to comment Share on other sites More sharing options...
Guest Posted October 6, 2009 Share Posted October 6, 2009 Hello My concerns with this system are to do with PCIDSS compliance. If you are not holding or passing any credit card details anywhere then you are ok. If you are using this direct Sagepay module then you will have to pass the sensitive credit card data to Sagepay. Unless you are 100% sure that your site coding and SSL is water tight then there is always a chance you will have problems. If you once have a leak of data and the relevant people deem you as un-compliant, then you are in line for harsh penalties such as massive fines or the inablity to process card online in future. I noticed this module is certified... what exactly does that mean? what are the benefits of that? Am I right to have these concerns about using the Direct version of Sagepay or am I paranoid? I would personally prefer customers not to leave my site as they do using Sagepay Form & Server but maybe that is a safer option and gets around the hurdles put up by the PCIDSS rules? Thoughts anyone? Quote Link to comment Share on other sites More sharing options...
Guest Posted October 6, 2009 Share Posted October 6, 2009 Hello My concerns with this system are to do with PCIDSS compliance. If you are not holding or passing any credit card details anywhere then you are ok. If you are using this direct Sagepay module then you will have to pass the sensitive credit card data to Sagepay. Unless you are 100% sure that your site coding and SSL is water tight then there is always a chance you will have problems. If you once have a leak of data and the relevant people deem you as un-compliant, then you are in line for harsh penalties such as massive fines or the inablity to process card online in future. I noticed this module is certified... what exactly does that mean? what are the benefits of that? Am I right to have these concerns about using the Direct version of Sagepay or am I paranoid? I would personally prefer customers not to leave my site as they do using Sagepay Form & Server but maybe that is a safer option and gets around the hurdles put up by the PCIDSS rules? Thoughts anyone? The SagePay server module loads the payment pages within an iframe on your site, so the customer does not actually leave your site, but their payment info is still input directly onto sagepay hosted pages. It therefore only has the same PCI audit requirements as the form module whilst giving a similar feel to the server module (although not quite as slick) Quote Link to comment Share on other sites More sharing options...
John_SagePay Posted October 6, 2009 Share Posted October 6, 2009 Hi, Please see this post: - http://www.oscommerce.com/forums/topic/346355-sage-pay-and-pci/ Many thanks, John. Hello My concerns with this system are to do with PCIDSS compliance. If you are not holding or passing any credit card details anywhere then you are ok. If you are using this direct Sagepay module then you will have to pass the sensitive credit card data to Sagepay. Unless you are 100% sure that your site coding and SSL is water tight then there is always a chance you will have problems. If you once have a leak of data and the relevant people deem you as un-compliant, then you are in line for harsh penalties such as massive fines or the inablity to process card online in future. I noticed this module is certified... what exactly does that mean? what are the benefits of that? Am I right to have these concerns about using the Direct version of Sagepay or am I paranoid? I would personally prefer customers not to leave my site as they do using Sagepay Form & Server but maybe that is a safer option and gets around the hurdles put up by the PCIDSS rules? Thoughts anyone? Quote Link to comment Share on other sites More sharing options...
yodataco Posted June 10, 2010 Share Posted June 10, 2010 Hello. I urgently require someone to install the newest version of Sagepay direct correctly onto my Cre Loaded store, fresh install 6.4.1 I have installed the latest version but it is not passing all the data properly so Sagepay have advised. I am using One Page Checkout... I know this is an OsCommerce forum, but you guys understand it better than anyone. I will PAY for someone to fix this - As long as the price is reasonable. Please PM me if you want the work with a price and timescale, if the price is good we can start right away. Thanks Quote Link to comment Share on other sites More sharing options...
opus_uno2001 Posted June 16, 2010 Share Posted June 16, 2010 Forgive me Harald but I couldn't find my answer on the forum.. Is Sage Pay Direct for integrating realtime payments with the Sage Software like Peachtree with the Sage Co. transaction server?? I am assuming that it is, but can you confirm this for me. example: http://www.peachtree.com/productsServices/acceptCreditCards/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.