Hacker News new | past | comments | ask | show | jobs | submit login

That's how it works most of the time, at least in my experience.

Card details are sent to the processor, a token comes back. You then send the token along with any data relevant to the transaction (which items were purchased, tax zones, coupon codes etc), you then verify on the server that inventory exists etc, and then you send the token (which is only a short-lived represention of the credit card number) and then verify the payment went through, and then you go through the bussines process for delivering your product(s).

Then, and only then do you give back a response saying the order has processed, so the UI can alert the user.




this is essentially how stripe's implementation works.

CLient side library handles the CC and token generation. Server side you use that token to call stripes backend to process the payment.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: