Processing Payments

So far, we've looked at how a customer goes about browsing the electronic storefront and selecting items for purchase. The product catalog application and the shopping cart application take care of this process. Let's now focus on the checkout process and how customers pay for their purchases.

Finalizing the Order

Once a customer has finalized the selection of items she wishes to purchase, the payment processing system captures the order details from the customer's shopping cart. The system also asks for extra information to complete the order, such as shipping address, mode of shipment, method of payment, and so on. At this point, the customer is given the option of revising the order if necessary.

Method of Payment

Customers have several options for making payment. Credit cards and debit cards are the most popular methods of payment in almost all retail shopping, be it physical or electronic. All electronic payment processing systems can handle payment by credit card and check.

Verification and Fraud Protection

Payment processing systems communicate with the payment gateway to verify the authenticity of the customer's method of payment for the purchases. In the case of credit cards, the payment gateway validates credit card numbers and expiration dates, verifies ownership, and determines whether the credit balance covers the amount of the purchase, and the like.

At the electronic storefront site, the payment processing system keeps a detailed log of all transactions so that they can be reconciled when payments are settled with the financial institution. Maintaining transaction logs is mandatory in most cases, and they should also be closely guarded. An attacker's gaining access to the transaction log database would pose a huge security risk involving customers' identities and payment instruments, which could then be used in fraudulent schemes.

Order Fulfillment and Receipt Generation

Once the payment is processed successfully, the payment system application in the electronic storefront confirms the order acceptance and generates a receipt for the customer. Nowadays, such applications have the ability to e-mail receipts to customers and notify them of the initiation of shipment, with a tracking number for use with the delivery agency so that the customers can track their shipments themselves.