On Mon, May 5, 2014 at 3:21 PM, anon <akemerof...@hotmail.de> wrote: > Thanks a lot for the detailed break down of the things I have to care about. > I am thinking more about using a payment gateway, since it is the easy way > out. > It is easy, but it comes with a price.
On that score, you will need accounts both at the gateway and at a processing bank. You might need to see if your chosen bank deals with the gateway(s) you're interested in, or if your chosen gateway can help with getting an account at one of the processing banks they deal with. Some gateways see that kind of service as part of the benefits they provide to the merchants they serve. But that too comes at a price. I just recalled reading recently about Amazon's payment services. They certainly run a vault, but you'll have to check whether or not they offer vault services to the merchants they serve. One of the things I noticed is that they require the merchant to have an account at a US-based bank, into with they ACH their settlements ot the merchant. That may be useful to you, or it may be a deal breaker. But it is worth checking out since their rates are among the lowest I have seen anywhere (though Paypal seems competitive too - but then, I don't know whether Paypal provides vault services). I don't normally recommend other businesses, but if you deal with one of the banks that NMI deals with, you should check out NMI. They are one of the best gateways in the business, and quite reasonable (and I know they support everything you need). NB: I do not have any connection with NMI, so you could regard this as a recommendation from a company that is striving to compete with NMI. ;-) Seriously, they are nice guys, so give them a call and see what they can do for you. You would have to integrate them into your shopping cart/billing system, but their API is one of the best documented, cleanest and simplest APIs I have seen in this business. Good luck, Ted > On 05.05.2014 04:09, Ted Byers wrote: >> >> OFBiz does have some support for subscriptions, but I am not the one >> to tell you how much of what is required is supported out of the box. >> >> What I am curious about, though, is the problem of ensuring PCI compliance >> with a recurrent billing, or rebilling, business model. Ensuring the >> safety of customer payment information is not a trivial task >> (basically, if you do it yourself, you have to establish a vault that >> can not be accessed by any machine other than the machine that runs >> the program that determines what accounts need to be rebilled and when >> - that means that I would see a segmented LAN, with three sets of >> non-routable IP address: 1 for the machines running OFBiz and it's >> database, a second for the vault, and which ignores all traffic coming >> from the first, or from the internet, and a third which includes the >> machine running the rebill engine that reads the relevant rebill data >> from OFBiz's database, and payment information from the vault, and >> then submits the payment to the payment processor). >> >> I would ask you to what extent are you, or have you, deployed anything >> like a vault for customer payment information, or are you going to go >> that route? You could seek out payment gateway's that will tokenize >> your customer's payment information, so you can use their gateway to >> support rebilling, but that comes with a non-trivial cost. But for >> many, that is a viable option. And, there are third party vault >> service providers. >> >> And I would ask the OFBiz gurus to what extent is commercial >> subscription supported out of the box, or would I be correct that all >> of this pretty much must be developed de novo? >> >> Cheers >> >> Ted >> >> >> >> On Sun, May 4, 2014 at 6:03 PM, anon <akemerof...@hotmail.de> wrote: >>> >>> Hello everyone, >>> I have a small application in grails that I would like to port to ofbiz >>> to >>> take advantages of things like billing, payment and other things. But >>> before >>> I set out to do it, I was wondering if there was an example in ofbiz of >>> an >>> application where users can subscribe to different plans like "basic", >>> "professional", "enterprise" with recurring billing, so I can see whether >>> the switch is worth it. >>> Thanks for your help. >> >> >> > -- R.E.(Ted) Byers, Ph.D.,Ed.D.
