1ShoppingCart.com, a popular shopping cart provider, has been down for 3 hours and counting...

Since 1ShoppingCart is a centralized system, this means every single merchant using 1shoppingcart is losing leads and sales hand over fist.

Twitter is full with raging customers and no ETA from 1Shoppingcart:



Contact us if you'd like to test drive the SPI shopping cart and experience first-hand, why so many are switching over.

-

This outage is the second major outage for 1ShoppingCart in the last 6 months.

Running a multi-server architecture?

Keeping your server clocks in-sync is very important, especially when using NoSQL databases like Cassandra.

Cassandra attaches a timestamp to every insert operation. If your server clocks fall out of sync, some updates will be dropped, due to one server taking precedence over others.

Even if your servers are all showing the same time right now, it's important to understand that without continually applying corrections, the different clocks will eventually fall out of sync.

How does Global Time Synchronization work?

Public time servers, update their clocks using hardware based on atom's electrons frequency (aka Atomic Clocks).

Your local machines ping the time server repeatedly, applying corrections so that all clocks are in sync.

NTP

NTP (Network Time Protocol) is an Internet protocol used to synchronize the clocks of computers to a global time reference.

FreeBSD and Linux servers come with an NTPD service that automatically adjusts the local clock based on the selected global time server.

To start NTPD on Linux:

To start NTPD on FreeBSD:

Controlling which time server to use is done by updating /etc/ntp.conf. Example:

To configure NTPD to start on boot automatically on Linux:

To configure NTPD to start on boot automatically on FreeBSD:
Add these lines to your /etc/rc.conf file:


View 1 Comment(s)

Building on Dawn's Memcached for PHP sessions post, we've now converted our php-sessions handling from Memcached to Cassandra.

Cassandra supports built-in caching, sharding & replication and scales to infinity, overcoming the shortcomings of the memcached-for-sessions approach.

Click here to download the new dbsession.php and here to download common_cassandra.php

When processing credit card payments, there are several "transaction types" used to identify what action to take with the customer's credit card.

The "transaction type" tells your merchant processor, whether you want to charge the customer's credit card, issue a refund or obtain an authorization code for a specific amount.

People often get confused with all these different transaction types and how they're used, so I wanted to try and clear things up a bit.

With this post, I'll cover the purpose of each "transaction type" and how they're used in the real world.

The same principles apply whether you're processing payments online, offline, using Authorize.net or using any other payment gateway. So it's a good idea to understand how it all works.

Process Flow

Before we dive into transaction types, it will help if we first understand the payment process flow. How money moves from a customer's bank account to yours.

There are lots of tutorials online about transaction types, but I found them all to be way too technical. Here's my attempt of breaking things down, in lamen terms...

Let's meet Dorris.

Dorris is an affluent traveler who loves exotic destinations.

In one of her recent trips to Aruba, Dorris checked-in to the recently renovated Hilton hotel.



The trip was all paid-up in advance, but the guy at the front desk insisted on swiping Dorris' credit card. "This is to cover any incidentals" he said. In other words, help yourself to the minibar. The Cherry Almonds are only $15 a pop...

Dorris hands-over her credit card and the hotel submits an Authorization transaction type, in the amount of $200. The payment gateway responds with a unique authorization code that is saved in the hotel system. Dorris gets her room key and falls asleep as soon as her head hits the pillow. It was a long flight.

A few days later, while shopping at the local market, Dorris suddenly realizes she lost her purse. Credit Cards, driver license and some cash, all gone like dust in the wind.

Dorris gets on the phone with American Express and immediately cancels her credit card. This is the same card she handed to the hotel to cover any potential minibar charges.



A few more days go by. Time flies when you're having fun! It's already Friday and it's time for Dorris to check-out from the hotel.

"I see you have $40 in minibar charges" says the hotel clerk, smiling ear to ear. "We'll go ahead and apply this to the card we have on file. Thank you for staying at the Hilton".

Dorris starts walking towards the door and then she yells "Oh! I lost my card and had to cancel it. I'm sorry".

No problem.

The hotel submits the previously obtained authorization code with a Capture transaction type and the amount set to $40.

Since the authorization was for $200, no matter what happens to the card, how much money is in the account or whether or not the card was canceled. The funds were already reserved and $40 are successfully captured by the hotel's payment gateway.

24 hours later, the transaction settles and funds show up in the hotels' bank account.

There you have it. Now you understand the flow from card authorized to captured to settled.

Transaction Types

Now that we covered the basics, let's drill deeper and review all transaction types:

Authorize (AUTH_ONLY):

Run the card for a given amount and obtain a unique authorization code. The amount will be put on hold and you are guaranteed these funds as long as you use the authorization code in a Capture transaction within 30 days. (How long before an authorization code expires varies by company. Check with your payment gateway)

Customers don't see the authorization as a charge on their statement, but they will see their available funds decrease by the amount you ran the authorization for.

There's an exception here - if the card is a debit card, the transaction will show up in the customer's online statement. Regardless of whether or not the transaction shows up, the rules are the same:

If you don't use the authorization code in a follow-up Capture transaction, the authorization is "dropped", funds returned to the customer's balance and you can no longer use it.

Capture (PRIOR_AUTH_CAPTURE):

Use a previously obtained authorization code to complete the transaction.

The amount captured can be lower than the originally obtained authorization amount (this is useful in cases like our example where you don't know the total order amount ahead of time)

Authorize + Capture (AUTH_CAPTURE)

This type of transaction is a two-step process. It performs an authorization, immediately followed by a capture.

While this is the most popular transaction type, used by the majority of shopping carts, it is very risky and payment gateways strongly discourage using it (see why below)

Refund (CREDIT):

Credit a previously captured amount back to the customer's credit card.

You can only use this transaction type if the original charge occurred in the last 60 days and the card is still active.

When refunding orders, you can do either a full refund or refund a partial amount.

If you need the ability to issue refunds for older orders, contact your payment gateway provider and ask that they enable Extended credit capabilities for your account.

Void (VOID):

Similar to refund, with the only difference that you are refunding a transaction that took place today (it didn't Settle yet).

When voiding a transaction, you can only void the full amount of the order.

If you need to credit back a portion of the order, wait a day until the payment settles, then issue a refund.

What's wrong with the AUTH_CAPTURE transaction type

The Authorize + Capture transaction type implements the two operations automatically in one call.

To understand why this transaction type is so risky, you need to understand what happens behind the scenes, when a customer is ready to buy and clicks the "Checkout now" button on your website.

The shopping cart software sends a request to your payment gateway, passing the customer's credit card information, amount to charge and transaction type.

The shopping cart software then waits a few seconds to receive an acknowledgment from the payment gateway, indicating the operation completed successfully.

Now, consider something happens along the way and for some reason, the confirmation never comes back. It could be a network issue, timeout, bug or any number of things.

In case your shopping cart software doesn't receive the confirmation back, it assumes the payment did not complete. It is however possible that the payment completed successfully, customer charged, but a timeout occurred before the confirmation message was sent.

While not common, these cases easily lead to duplicate charges (customer will try to place an order again), with the shopping cart system showing a single charge and the customer's credit card statement showing he was charged twice.

To avoid this, always run an authorization first, save the authorization code and then run a capture.

Even if a timeout error occurs, the user will never be double charged. Attempting to capture funds twice using the same authorization code, is not possible.

How SoftwareProjects is using transaction types

When capturing payments:

We always use an Authorization transaction type, followed by a Capture transaction.

You can configure the authorization amount to be higher than the captured amount, to accommodate business models similar to the hotel example.

Note: If your payment gateway is setup to send you email notifications on each action, you will probably see two separate emails per each charge. This is normal. You'll notice the transaction ID in the two emails is the same.

We recommend turning off your payment gateway email notifications and using the shopping cart daily report as a way of keeping track of how well your business is doing.

When issuing refunds:

The system automatically picks a Void or Refund transaction type depending on whether the order was placed today or at an earlier date.

View 4 Comment(s)

Affiliate Summit Las Vegas is the largest gathering of affiliates, merchants and pay-by-performance networks.



SoftwareProjects is sending a small team of rainmakers to meet and network. We'd love to buy you a beer!

When: January 9-11, 2011
Where: Wynn Las Vegas

We will be blogging live from the event, covering session highlights here on SoftwareProjects.com

If you'd like to get together and learn why 3,000 businesses in 14 countries rely on SoftwareProjects when it comes to Shopping Carts, Product Launches, PPC, Email Marketing and Software Development, please drop a comment here or email us to setup a meeting.

See you in Vegas!

Free introductory webinar that covers the basics of Microsoft AdCenter and how you can drive traffic to your site from msn.com and yahoo.com.

Agenda

* An overview of advertising on Bing and Yahoo! Search with the Microsoft Advertising adCenter platform.
* Tips for setting up search, content, and mobile advertising campaigns.
* Bidding and budgeting best practices.
* Guidance on selecting keywords that will give your ads a better chance of reaching your target audience.

Date: Thursday, November 18, 2010
Time: 10:00 A.M. Pacific Time
Duration: One hour
Cost: Free

Signup here: https://swrt.worktankseattle.com/web...5/preview.aspx