- π Learning Outcomes
- TT: How to Get Paid
- Background
- Activity: Technical Decision Making - 30 min
- Resources
By the end of this lesson, you should be able to...
- Describe and design the simplest possible checkout workflow.
- Describe the complexities of designing a market place like Uber or Airbnb.
- Implement a simple checkout workflow using Stripe.
Eventually you gotta get paid...
And there enters paywalls or "payment services" like Stripe and Braintree.
Why do we use a service? Why not role our own?
The answer to this is we use services to make sure our data is PCI Compliant - the set of standards and regulations for the secure storage and usage of credit card information. In order to be PCI compliant on your own you'd have to do a lot of extra work. So instead of doing this in house, we use payment services or payment processors.
In order to keep a user's credit card data secure, third-party payment services follow a clever pattern. Let's look at the flow of requests and responses required to securely store credit card data and use it.
- Client sends CC data and public access token to service
- Service responds with single use token or nonce unique to this transaction, customer, card, and subscriber's public and private access tokens.
- Client sends nonce to server
- Server uses nonce and their private token to handshake with service and make transaction, customer, etc.
- Form into groups of 6
- Come up with an imaginary use case for your app. You can either be a:
- E-commerce
- Marketplace
- Something new and weird that you decide on.
- Now decide on which payment gateway your app will use. Stripe? Braintree? Another?
- List their pro's and con's.
- How can you come to a consensus?
What process did you and your team follow to come to a conclusion. Did everyone finally agree? What were the requirements and pros and cons of each?