WEBVTT 00:00.000 --> 00:03.510 Okay, so now we've implemented payments into our application. 00:03.510 --> 00:08.190 And in this particular section we've taken a look at taking payments of course using stripe. 00:08.190 --> 00:12.990 And the reason that we're using stripe is due to PCI compliance regulations. 00:12.990 --> 00:18.960 Really we cannot demonstrate setting up a system that meets PCI compliance. 00:18.960 --> 00:24.480 That's not for us on this training course or the size of the application that we're building here. 00:24.480 --> 00:30.960 And for an e-commerce store of this size, then we're simply not going to be able to justify the cost 00:30.990 --> 00:38.580 of meeting PCI compliance regulations in order to take and store payment card details from a customer. 00:38.610 --> 00:43.020 And we also took a look at strong customer authentication, which is the European standard for taking 00:43.020 --> 00:48.960 payments, which relies on two of the three things something they know, like a password, something 00:48.960 --> 00:54.330 they have, like their phone and something they are like their fingerprints. 00:54.330 --> 00:59.340 And unless you know that you're only ever going to take payments within the US and Canada, then you 00:59.340 --> 01:02.340 might as well use that approach to set it up. 01:02.340 --> 01:06.990 And we've also taken a look at secrets and where to store them when it comes to publishing. 01:07.140 --> 01:12.180 Then we can provide that secret information directly onto the platform that we're publishing, so it 01:12.180 --> 01:18.000 remains in a secure location and cannot be accessed from anyone that doesn't have access to our platform, 01:18.000 --> 01:24.910 where we're deploying our Application so frequently asked questions, then 2.9% is robbery. 01:24.940 --> 01:28.210 Stripe charge 2.9% per transaction. 01:28.210 --> 01:30.400 There must be a cheaper option. 01:30.430 --> 01:36.730 Well, even if we did take payment cards directly on our application, then we're still going to face 01:36.730 --> 01:38.890 a charge from the credit card companies themselves. 01:38.920 --> 01:45.820 They impose a charge of around about 1.5% per transaction, and the smaller the business, the higher 01:45.820 --> 01:46.600 that charges. 01:46.630 --> 01:52.000 And typically that's just the cost of doing business when it doesn't involve taking cash payments. 01:52.000 --> 01:58.990 The only way to really make that free is to take cash or the equivalent of cash in some way. 01:58.990 --> 02:05.590 But if we want credit cards payments, which customers do prefer to use because of the protections they 02:05.590 --> 02:12.370 get from using their credit card, then there is going to be a cost imposed whichever method we approach, 02:12.370 --> 02:18.580 and there would be a certain size of business where it would make sense to transition to taking payments 02:18.580 --> 02:19.510 directly. 02:19.510 --> 02:23.140 But that's not something that we'd cover on this training course. 02:23.140 --> 02:27.550 So it's better just to use the payment provider like stripe, for instance. 02:27.580 --> 02:32.080 That takes care of all of the PCI compliance stuff, so we don't have to. 02:32.110 --> 02:37.420 So now that we have payments in place up next, we're going to further enhance our application by being 02:37.420 --> 02:39.370 able to create an actual order. 02:39.370 --> 02:41.170 And that's coming up next.