PC SOFT

WINDEVWEBDEV AND WINDEV MOBILE
ONLINE HELP

Home | Sign in | English UK
New WEBDEV 24 feature!
  • This lesson will teach you the following concepts
  • Securing the information and the pages via TLS/SSL
  • Overview
  • Implementing secure transactions via the TLS/SSL protocol
  • Transactions secured by TLS/SSL in a WEBDEV site
  • Secure payment
  • Overview
  • System for secure payment in a WEBDEV site
Lesson 7.3. Secure transactions and payment
This lesson will teach you the following concepts
  • Securing the information and the pages via TLS/SSL.
  • Secured payment.

Estimated time: 15 mn
Previous LessonTable of contentsNext Lesson
Securing the information and the pages via TLS/SSL

Overview

By default, the data exchanged between the computer of Web user and the Web server is not protected. This data flows in clear on the network.
Several systems can be used to secure the data. A common system consists in using the TLS (Transport Layer Security) / SSL (Secure Socket Layer) protocol. The information is not longer exchanged via the HTTP protocol but via the HTTPS protocol (for example : https://customers.mywebdevsite.com/customers).

Implementing secure transactions via the TLS/SSL protocol

To implement secure transactions via TLS/SSL, you must install a certificate on the Web server and configure the Web server.
Two different methods can be used to get a certificate:
  1. A purchase beside a certified organism.
  2. The generation of a self-signed certificate.

Transactions secured by TLS/SSL in a WEBDEV site

The secure mode is implemented when displaying the page that requires to be secured (page for entering the credit card number for example).
All you have to do is call SSLActive in the browser code of the button that opens this page.
As soon as the secure page is opened, all actions will be performed in secure mode (which means encrypted), regardless of the objects used (link, table, looper, clickable image, ...).
See the help about SSLActive for more details.
Secure payment

Overview

Most of the business sites allowing the Web users to perform an online purchase are using a system for online payment by credit card.
The secure payment is an essential feature for an e-commerce site. The payment solution must reassure the Web user (the "customer") and must guarantee the payment to the business site.
The data exchanged during this transaction must be secured (via the SSL protocol that was described in the previous paragraph for example).
Several payment solutions are available (PayBox, ATOS, CyberMut, CyperPaiement, SPPlus, ...).
The principle for secure payment may slightly change from a provider to another one but it is overall the same:
  • 1 to 4. Preparing the order on the e-commerce site: the Web user places his order on the site. During the payment operation, the e-commerce site transfers the information used to identify the order (vendor number, invoice amount, etc.) to the payment operator.
  • 5 to 7. Typing and checking the credit card number: the user types his credit card number in a page for secure payment. The data transmission is protected via SSL to ensure the confidentiality of data. The business site does not know the credit card number typed by the Web user.
  • 8. Back to the e-commerce site: the payment operator indicates to the e-commerce site whether the payment was validated, canceled or refused.

Caution!

Important : this domain evolves very quickly. Before implementing a payment solution, always check the latest solutions proposed by the different providers!

System for secure payment in a WEBDEV site

General steps
In most cases, the following operations must be performed when implementing a solution for secure payment:
  1. Request a development kit from the payment operator (PayBox, ATOS, SIPS, CyberMut, ...).
  2. Contact the payment operator to establish a contract for remote sales. At this step, the bank provides a vendor number.
  3. Contact the payment operator to establish a contract specifying the parameters for the remote sales contract.
  4. Implement the business site.
Using the component supplied with WEBDEV: "Secure Payment component"
Several components used to perform online payment are supplied with WEBDEV. The "Secure payment" component includes several modes for secure payment. The "Secure payment" component is supplied with its source code and with a use example.
  • To open the example for using the "Secure payment" component:
    1. Display the WEBDEV home page (Ctrl + <).
    2. Click "Open an example".
    3. In the search area, type "Payment".
    4. Click the link corresponding to the "WW_SecurePayment" example: the corresponding project is automatically opened in the editor.
    5. In the project explorer, select the "Example" configuration.
    6. You can test this example.
Previous LessonTable of contentsNext Lesson
Minimum version required
  • Version 24
Comments
Click [Add] to post a comment