litany against fear

coding with spice ¤ by nick quaranto

Payment Processing with ActiveMerchant Notes

published 19 Nov 2008

Part of my series of notes from the Professional Ruby Conference. See them all here.

This is a talk by Cody Fauser from Shopify.

Why use it? Need money from customers to survive. Started very small and eventually morphed into Shopify. Shopify had to deal with tons of little idiosyncraies with how different clients wanted to interact with different payment gateways, so they extracted out this logic to make it easier.

All they wanted to do was charge money and not worry about the payment gateways. Just send the order form and ActiveMerchant handles the rest. Roughly 50% of Shopify’s gateways use PayPal Website Payments Pro. All of the gateways just WORK. Very easy to tell when it’s the provider’s problem because they have a lot of clients and can tell when they break.

The goal: A simple, uniform API. Another important thing is interpreting the results that come back from the gateways. AM takes care of abstracting all of the messy handling away for you. AM is essentially a universal translator. The alien languages = payment gateway’s APIs. Our language = Ruby.

Terminology:

  • Cardholder: person you want $ from
  • Authorization: Verifies & reserves funds on card
  • Capture: Makes authorization for settlement
  • Settlement: transfers authorized amount to your bank
  • Sale/Purchase: authorization/capture combined
  • Address Verification Service: Fraud protection mostly.
  • Card Security Code: 3/4 digit code on the back of a credit card. More fraud protection since sites are forbidden from saving it
  • Payment velocity: Keeps transaction history to keep track of scammers. They keep a hash of the credit card info and check it if the card is submitted again

Authorization process takes a long time (4 seconds) and you need to be able to have enough Mongrels to handle. For the other end of the process, settlement takes a few days for the banks to deposit the money. Showing off some code now about how AR works. They use integers for cents instead of worrying about floats and rounding errors. Very simple, clean code. The difference between choosing merchants is as simple as picking the right gateway class for the merchant. The rest of the code to interact with the gateway is the same.

So, the benefits: it’s pretty damn simple overall. Rich credit card object that has plenty of validation and helpful methods that do pretty much anything and everything you need. (card.display_number => XXXX-XXXX-XXXX-1337 for example) AM takes the response from card security code checks and puts it in a form where you don’t have to think about it. The community has grown substantially…it’s open source! Most of the gateways have been implemented outside of Shopify. The project is very extensible and the development time for new gateways it quite low. It’s production ready code. Well tested, high quality code.

code (2) gaming (3) git (9) internet (5) prorubyconf (25) railsconf (17) ruby (10) windows (3)