Payment Processing Models
This article outlines the architectural methods OPS-COM uses to handle financial transactions. Its primary purpose is to help administrators understand the differences between integrated gateways and hosted payment pages, ensuring secure and compliant transaction routing. This guide is intended for OPS-COM administrators.
UsingSetup and Configuration
Selecting and configuring a Gatewaypayment processing model is a foundational step in your system setup. Because the configuration steps vary significantly by provider, you must configure your specific merchant account settings within the system.
For detailed setup instructions regarding your specific provider, please refer to the dedicated wiki articles for your processor (e.g., TouchNet (uPay) Hosted Payments, Moneris Hosted Paypage, or Bambora Checkout).
Understanding the Processing Models
ThisOPS-COM issupports beingdifferent phasedarchitectures outfor asprocessing user payments, though the methodindustry standard heavily favors hosted solutions for handlingsecurity payments.reasons.
Using Hosted Payments
This is the preferred and industry-standard method for handling payments within the OPS-COM platform.
Key Information Displayed / Process Flow:
-
The user confirms their cart items and initiates the checkout process in OPS-COM.
-
The system directs the user away from OPS-COM to the payment provider's secure hosted payment page.
-
The user supplies their sensitive payment details directly to the payment provider. No payment details are exposed to or captured by OPS-COM.
-
The payment provider processes the transaction and sends a secure notification back to OPS-COM.
-
OPS-COM receives the notification, marks the transaction as complete, and updates the user's profile accordingly.
Using a Gateway
This legacy method involves handling the payment data flow more directly through the application.
The Gateway model is actively being phased out as a method for handling payments. Organizations still using a direct gateway should plan to migrate to a hosted payment solution to maintain security standards.
Best Practices and Considerations
-
Prioritize Hosted Payments: Organizations should always utilize Hosted Payments for new setups. This model drastically reduces your organization's PCI compliance scope because sensitive credit card data never touches your local network or the OPS-COM servers.
-
Audit Legacy Systems: If your organization has been using OPS-COM for many years, review your current payment configuration to ensure you are not relying on a deprecated gateway model.
Need help migrating from a legacy gateway to a modern hosted payment provider? Contact the OPS-COM support team to discuss your transition plan and ensure uninterrupted payment processing.
