You are here: Home / Dog Blog / Archives

Payment Services - Rigid Junk

Tuesday 4 January, 2005 (11:40AM GMT)

I'm working on a project that needs to take credit-card payments online. For a short-term, relatively small project such as this, opting for a payment "bureau" service such as those offered by WorldPay or PayPal seems to me to be the obvious choice (I'm coming from a UK-based standpoint - maybe it's different elsewhere). There's no need for your own internet merchant account - they do it all for you - the customer is taken to a secure web page hosted by the payment service provider, they take the customer's money and then they pay it to you, after taking a cut, of course. So, relatively easy to set up and hassle free to administer.

But the big problem I have is when it comes to the payment pages you have to use - the supplied HTML is rigid junk.

"Rigid" because the level of customisation over these pages extends to adding your own image (Oooo!) and even, if you're lucky, selecting your own background colour (Oh monsieur, with these options you are really spoiling us!). Some do actually allow you to apply some form of includes, but the untouchable stuff is still very rigid and, well, junk...

"Junk" because not only are these pages invariably full of font tags and tables used for layout, accessibility considerations are nowhere to be found. Labels? Alt text? Wassat? This isn't really acceptable in any situation, let alone one for a company trying to promote said standards and accessibility initiatives.

What I don't understand is why they can't give more control to the developer - it's not like these are aimed at non-technical consumers - the rest of the seller's website had to be developed in the first place. Why isn't there a simple option whereby you can make your own HTML page and just slot in the necessary form fields with the right names thereby allowing greater control over consistent design, table-free layout, lean HTML and, perhaps more importantly, accessibility considerations? I don't see where the problem would lie for the payment service provider. They can still securely host the payment page, they can even enforce some kind of brand placement or required wording for all I care - all I want is control over the structure of the underlying code.

There are various options that give you more control over things when you get your own internet merchant account (which is easier said than done), with a number of services offering payment "gateways". Unfortunately, these still involve the necessity of using their rigid junk HTML. The ultimate option, and the traditional e-commerce route, does give you complete control over your code, but it involves installing server-side software and collecting and processing the credit card details yourself, which just aint feasible for small-scale projects.

Applying credit-card acceptance to websites from scratch is new to me and, frankly, the options and processes are overwhelming and frequently baffling. One unfortunate conclusion that I seem to have reached however is that small-scale e-commerce and web standards just don't mix.


Comment 1

One of the reasons I used to use Atomz for search was the wonderful amount of customisation it allowed you to do. Every single bit of code on that page was yours to play with.

That's how things should be.

So said Andrew on Tuesday 4 January, 2005 at 1:13PM GMT.

Comment 2

Better yet would be for them to create an RPC like setup - where you post the info to their secure web address and just get back a 'yes' or 'no' answer. You very rarely need any more than that.

So said Richard@Home on Tuesday 4 January, 2005 at 1:54PM GMT.

Comment 3

Here, Here! Good Points!

So said Brent O'Connor on Tuesday 4 January, 2005 at 2:01PM GMT.

Comment 4

Its all total crap and so are alot of these commerce sites. Web Standards hello!

So said Tom on Tuesday 4 January, 2005 at 11:34PM GMT.

Comment 5

I can kind of understand why they are rigid. If they allowed you to include your own css or html, you could make the page display inaccurate information, and charge people more money than they think they are being charged. Rather than risk enabling fraud, Paypal plays it very cautious with what you are allowed to customise.

I can't forgive the junk so easily, though.

So said rrh on Wednesday 5 January, 2005 at 1:51AM GMT.

Comment 6

I would recommend , a UK Payment service provider whose payment templates can be customised and uploaded to their https space.
I use them for

see for details, and yes they have decent phone and email support.

So said David Pladgeman on Wednesday 5 January, 2005 at 7:10AM GMT.

Comment 7


I totally agree with this problem. Have any of you open-source folks ever tried any of Microsoft's products? Ever looked under the hood of Visual Studio.NET or Frontpage, or the new Sharepoint product suites? Wow, what a mess...its all nasty non-compliant HTML done up in what looks like version 3.2 , with mixed case, missing attributes, tabbed code,a nd bad code thats patched together with center and font tags and all kinds of proprietary crap. Its a mess, and Im shocked that so many vendors and so-called experts at programming and software development as a whole have such little respect or even training in markup languages? I think there is allot of people that take for granted front-end code and assume because the browsers today support slop, that they can get away with it in their products. Its worse when you buy a ecommerce products like Storefront or use online realty services like CDX , that claims all this customization with their commerce products when their product like many is just a mess of html tables and garbage thats pretty much ugly and pretty much useless. Its taking our teams (and clients) hundreds of hours just to gut the front-end code in these ecommerce and Sharepoint and .NET products just to get them to work with an ounce of good CSS and markup, and the time it takes to dance around in Microsoft web-based products exceeds the cost of implementation.....its bad folks!

So said Stormy on Friday 7 January, 2005 at 4:48AM GMT.

Comment 8

I think 'rrh' who suggested it's a way to thward fraud might have been on to something - 3rd party payment gateway / transaction services are the ones holding all the liability cards, it's entirely within their right to be completely anal about preventative measures. The potential for a service to be abused with phishing would be massive, if the account holder can customise every bit of html then they could provide submission to other services, duplicate submission to alternate scripts etc.

I'm quite amazed anyone would bother (or could justify???) spending "hundreds of hours" implementing cleaner html/css when there are little or no benefits to be had for wasting even a single hour on it. Microsoft is hardly to blame either, I had to recently complete a site someone had written in Dreamweaver - it was a tragic mess of crap, one page had the same image map defined 9 TIMES. At the end of the day if an ide is used then a compromise has been made, regardless of whether it's MS or anyone else.

So said Ben on Thursday 7 July, 2005 at 2:09PM GMT.

See Also

^ Top

SiteGround: Fast, reliable, recommended hosting.