Quote Originally Posted by BarbBayne
They have a page on their site that you re-direct the customer to ( that you can customize ) that collects customer, payment and credit card info then another page on their site that will return the result of the transaction that you can also customize and link back to your site. When you redirect the customer to this first page, you can also have some of the fields pre-filled with customer data that you may have collected on your site.
Now they did not mention anything about https - even though it is not credit card info but probably just name and address - should this be sent securely?
If it is just name / address, that is dependent on what you want. It does not need to be but it cannot help. SSL wil slow your site down some because of the encryption but it should not be noticeable.
Quote Originally Posted by BarbBayne
I was thinking that rather than get set up with the extra expense of having https, that I would try this type of solution, I think it would probably be cheaper. The only thing that bothers me is the transmition of data between my site and their site. Is this common? Do many other people do it this way? Do I have to worry?
Quote Originally Posted by Corey Bryant
Everything should be transmitted using HTTPS. You will post information to the electronic payment gateway (LinkPoint, Verisign's Payflow, Authorizenet.com) and they will post information to the transaction processor (First Data / Nova) and they will either authorize the transaction or post to the issuing bank and then give you the answer back if the transaction was approved or not.
The credit card data is what needs to be entered on an SSL page and posted to an SSL page. The other information, some consumers have a problem understanding the difference since a lot of them have been taught to look for the secure icon. If they do not see it - run away. And some people might do that once that start the check out process and do not see the secure icon. Will having the SSL site on your website hurt? Probably not. Will not having it hurt? Probably.

There is no right or wrong answer to these question entirely - some people prefer SSL on the entire check out process to protect the consumer and some do not. What do you as the merchant want to do / protect?