Remote Credit Card storage (probably PayPal) with recurring payments
https://stackoverflow.com/questions/6340893
-
27-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Well, I'm designing an online service that needs subscription in order to be used by the end user. It has a Free basic plan and then the user has several paid plans that are more feature rich.
Subscriptions are monthly or yearly (user's choice).
By client spec, the service should have two paths to handle payments - credit cards processing or PayPal subscriptions. I'm about to handle the PayPal subscriptions, IPN and everything but I have worries about the credit cards. I know how to make charges against CC with PayPal's API and I know very well that I can not store any sensitive information, so my idea is to use 3rd party service to store the credit cards through some secure API and then build a CRON job that will run every day to check if a subscription is about to expire based on some criteria and if so, charge for the next billing period.
Well, I have stored credit cards with Authorize.net in the past for different product. Their API allowed to create user profiles there (for which you obtain internal userid to keep), send a CCs to store (for which you obtain internal cc id to keep) and whenever you wanted you could do a charge against that id through the API. But it was only when the user consciously submitted a form "pay for this with this credit card (last 4 digits retrieved from Authorize.net)" - so charging them with cron job in the background might lead to legal issues, although we would do that only for a service they consciously subscribed for.
In short - I would like to know if having recurring payments with cron job on credit cards stored on remote service is the path to go (if not, please, recommend something). And if it is, I read that PayPal have a service to store credit cards in a way similar to Authorize.net but after extensive research I couldn't find any spec, any docs or any samples on how to do that. Not that I can not do it with Authorize.net but PayPal seems to be technically much better compared to what I remember from Authorize.net.
Solution
Work with the API your payment processor provides; some do have a solution for recurring billing using credit cards. Paypal have this: https://www.paypal.com/pdn-recurring. Not sure about Authorize.Net - quick google found http://www.authorize.net/solutions/merchantsolutions/merchantservices/automatedrecurringbilling/. Generally, in this model you set a billing schedule (e.g. "monthly"), and the payment provider does the rest - no CRON jobs. You do have to deal with a failed payments.
OTHER TIPS
Look at Spreedly Core. It is a secure CC vault that connects to more than 30 gateways - like PayPal, Stripe, Authorize.net etc. It's another option to achieve what you're aiming for.
