Android Question Order and Pay App

davemorris

Active Member
Licensed User
Hi Guys,

I am developing a Order and Pay App (allowing users to order and pay for food and drinks on their Phones) - it is not an original idea and there are many working system out there, so I don't think there is a real issue.

I am aware of several payment systems Stripe, Braintree, Google Pay, Apple Pay etc. There are already several posts discussing them in the B4A forum, however some are dated (2011) and rules are changing all the time.

Question: I am after some pointers to the latest information and also, more important, implementing it in B4A (also looking at B4I).

A lot of the information I have found for Android tends to be Java and some .net implementation, but I am not sure if it is a useful to spend time trying to read this information and us it in targeting B4A (I am OK with .net but very poor with Android Java development).

Kind regards
Dave
 

davemorris

Active Member
Licensed User
Hi, Erel
Thanks for the quick response.

Regarding the Strip mobile SDK - I am trying to go through the documentation to see if it's going to be of any use - I am not impressed with their documentation - its a bit hard work to get to nuts and bolts of the process. Believe it or not, I am working on a C# project (only because I have used .net for years) purely to try to get my head around their API (wish me luck!).

Anyway going back to B4A and creating a wrapper for the Stripe SDK - the latest post I can find on the subject is https://www.b4x.com/android/forum/threads/create-a-wrapper-library-with-android-studio.82831/ dating from 2017 - it's a tutorial, do you recommend using that post to me started?

Kind regards
Dave
 

DonManfred

Expert
Licensed User
Stripe is build opon a REST API.
No need to wrap any library. You just can use okhttputils2 to communicate with the SDK.

https://stripe.com/docs/api

The Stripe API uses API keys to authenticate requests. You can view and manage your API keys in the Stripe Dashboard.

Test mode secret keys have the prefix sk_test_ and live mode secret keys have the prefix sk_live_. Alternatively, you can use restricted API keys for granular permissions.
If you provide your app test Token then i can create a example call for you. Or two....
I don´t like to create a account at stripe as i don´t need it.
 
Last edited:

DonManfred

Expert
Licensed User
Here is a small Example using the test token from the documentation.

Basically it is this code in Activity
B4X:
Sub Globals
    Private EditText1 As EditText
End Sub
Sub Activity_Create(FirstTime As Boolean)
    'Do not forget to load the layout file created with the visual designer. For example:
    Activity.LoadLayout("Layout1")
    Starter.stripe.GetCharges(Me)
End Sub
Sub Stripe_Charges(success As Boolean, result As String)
    Log($"Stripe_Charges(${success}, ${result})"$)
    EditText1.Text = result
End Sub
and this code in a class which is initialized in starter Service_Create
B4X:
public Sub GetCharges(TargetModule As Object)
    Dim job As HttpJob
    job.Initialize("",Me)
    job.Tag = "GetCharges"
    job.Download($"${sdkurl}/charges"$)
    job.GetRequest.SetHeader("Authorization", "Bearer "&apptoken)
    Wait For (job) JobDone(j As HttpJob)
    Dim result As String
    If j.Success Then
        Log(j.GetString)
        result = j.GetString
        CallSub3(TargetModule, mEventName & "_" & "Charges",True,result)
    Else
        result = j.ErrorMessage
        'Log(j.ErrorMessage)
        CallSub3(TargetModule, mEventName & "_" & "Charges",False,result)
    End If
    j.Release
End Sub
the target is set here too to be able to call the class from any activity
 

Attachments

davemorris

Active Member
Licensed User
Hi Guys
Thanks DonManfred to the advice and code - It good to see, I was of the same opinion to use Http commands (in actual fact Stripe gives examples of API access using Curl - which is easy to convert).

However, PCI compliance could be a problem, Stripe appear to want you to use their systems. ie taken from

https://stripe.com/gb/guides/pci-compliance

Stripe significantly simplifies the PCI burden for companies that integrate with Checkout, Elements, mobile SDKs and Terminal SDKs.
The comment concerns me, suggesting that if you don't use their Mobile SDK - your could have problems with PCI. BUT, they do provide the Curl examples which, in my opinion re-enforces DonManfred's post.

I do wonder what I can get away with, any comments would be appreciated. (I hope this don't end up in a thread talking purely about PCI compliance).

Kind regards to All
Dave
 

davemorris

Active Member
Licensed User
Hi DonManfred
I am sorry for confusing you - I assumed the you were a native English speaker (frankly your posts are so readable that I was totally fooled - keep up the good work).

Anyway, PCI or the more complete initialism PCI DSS compliance stands for "Payment Card Industry Data Security Standards". It is basically a set of rules (raised by MasterCard, Visa etc) that companies must obey otherwise there can face fines imposed by their Banks. As you can appreciate, there are a lot on business done with cards and loosing the ability to process card payments can bring down a company. Unless you have to work with PCI compliance, it's a complicated subject 1700 pages of documentation! If you can, avoid it like the Plague.

Having said that, companies like Stripe exist to relieve these Businesses of the burden of PCI by simply acting as a safe and approved repository for personal card information - however, you need to keep within their simplified version of the rules to make it work.

Still open to an suggestions.

Kind regards
Dave
 

DonManfred

Expert
Licensed User
I assumed the you were a native English speaker (frankly your posts are so readable that I was totally fooled - keep up the good work).
i had a lot of experience posting my 19k Posts in this forum in the last 6 Years :D
I just have not much experiences in SPEAKING english.

But i got told my english is very good by @Peter Simpson. :cool:
 
Top