Member Avatar for john8wong

I saw new group buying websites like Groupon, Socialbuy or Livingsocial popping up all over the place.

I'm thinking of starting a Groupon like service in my area - the problem I have is I've not figured out how the backend online payment is handled- as visitors credit card are only charged if X number of prescribed people buy a product by a certain time.

Does anyone know how the backend of the credit card processing is done - does Groupon keep all our credit card details and then bill us when the deal tipped or is this handled by the e-payment company? How can we ensure that the credit card details are not stored in an intemediary like Groupon - as it may end up being taken away by a disgruntled employee and sold to the highest bidder?

Can Paypal or Escrow handle the back end processing for Groupon type of business?

Jo

  • 5 Contributors
  • 4 Replies
  • 264 Views
  • 5 Months Discussion Span
  • Latest Post Latest Post by pandarin
Member Avatar for isocial

every site owner save users card details , but they cannot use it.
i suggest you to customize your script not to save the card details .
you can contact these guys to do that agriya.com/groupon-clone

Edited by jay 11 because: removed hyperlink but left URL for reference
Member Avatar for thomasgaga

Groupon.com didn't keep the information of the customers just lik paypal.
I think you can study the interface of the credit card. It is so simple.
Also you can use paypal. Paypal can use credit card payment. Please refer to SNIP

Edited by jay 11 because: removed link
Member Avatar for sherps

There are several options with varying complexity. One, with the payment services that I'm familiar with, you can authorize the card number for the purchase amount which gives you a transaction id. You can then save the tx ID, purge the in-flight CC data objects from your app and just refer to the tx ID that you have to actually execute the bill phase of the TX. You can also use that tx ID to issue a refund if you ever need to. We passed purchasing card industry (PCI) compliance at the level we were required to with this approach, although we had to have the app servers firewalled (of course) and in a seperate DMZ and other controls around them, even though we never persisted the CC data.

The other option that I'm familiar with is tokenization. Several payment gateways and partners are offering a processing service by which your credit card data form post is handled externally by another service, the data passed to the payment processor and you just get a token that is used to identify that collection of data. That totally removes you from PCI scope and you never have the personally identifiable data OR the credit card data, in-flight or persisted. These services are generally pricey and vary with the amount of traffic.

Member Avatar for pandarin

John8Wong,
I am going through the same process to open a Groupon type website in Asia. I was thinking of using Paypal but after talking to them a few times it is not really clear if they handle the "delay" payments required by the model. It would be great if you can share any additional information you might have collected in the last months. Thank you very much.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.