Visit eSec Payments Gateway Website Visit SecurePay Website
     

Software FAQs

With which browsers do the Payment Gateway Interfaces work?
The Payment Gateway Interfaces work with SSL-enabled browsers. This browser set includes most versions of Netscape Navigator and Microsoft Internet Explorer. The Integration Interface is intended for use in a server-to-server environment and while it may also be accessed by an SSL-enabled browser, this use is not directly supported.

Which platforms are supported by the Payment Gateway Interfaces?
The Payment Gateway Interfaces are supported by Windows 95/98/NT/2000/Me, most UNIX variants, OS/2 and Macintoshes.

Does my web site have to be located on a particular server?
No, your Web site can be located anywhere on the Internet making implementation simple and efficient.

Does a customer need any specific software?
No, all a customer requires to make a purchase from a site enabled with Payment Gateway is a Java or SSL-enabled browser, such as Netscape Navigator or Microsoft Internet Explorer.

When can goods or services be safely provided to customers?
In a Web-based payment system, such as eSec's Payment Gateway, it is difficult for the Web site's purchasing system to establish the origin of the information that is passed to it as part of the authorisation result. It is in fact possible for a determined and unscrupulous customer to fake an authorisation result in an attempt to obtain goods without payment.
This potential exploit may be addressed in one of two ways, depending upon the actual business model being used by the merchant. Each authorisation result from the Payment Gateway includes a digital signature that is not forgeable, and a transaction report detailing all the transactions processed by the Payment Gateway on behalf of a given merchant is delivered by email once per day or per week at the merchant's option.
If the merchant is shipping physical goods or in some other way providing goods or services more than 24 hours after receiving the authorisation result from the Payment Gateway, it may be sufficient to simply reconcile the results received against the transaction report--the two should match and all matching purchases may be then finalised.
If, however, the merchant is providing goods or services immediately upon receiving the authorisation result, such as delivering software online or providing access to a restricted site, etc., then the digital signature included with the transaction response should be verified. This is the task performed by the Checksig application. Checksig must be installed on the merchant's server for it to be effective. Checksig is optional in the sense that it is not necessary for the proper operation of the Payment Gateway. Whether to use Checksig should be determined by analysis of the risk involved in not using Checksig from the business perspective.

The cookies used by my shopping software are not working. What's wrong?
The Payment Gateway interfaces do not directly support the passing of information through mechanisms such as cookies or session variables. Such a facility may be incorporated in a future release of eSec's Payment Gateway.

 
eSec Home | Overview | Advantages | Enhanced Security | Products Overview | Getting Started | Pricing | Partners |
SSL Interface | Integration Interface | Merchant Login Website | Merchants FAQ | Customers FAQ | Software FAQ |
Code Integration Interface | SSL Interface | checkSig Interface |
Redirect Interface Model | Proxy Interface Model | Direct Interface Model | VbV/SecureCode Interface Model |
Logos | Security | Contact Us