Android Question Order and Pay App

Discussion in 'Android Questions' started by davemorris, Aug 15, 2019.

  1. davemorris

    davemorris Member Licensed User

    Hi Guys,

    I am developing a Order and Pay App (allowing users to order and pay for food and drinks on their Phones) - it is not an original idea and there are many working system out there, so I don't think there is a real issue.

    I am aware of several payment systems Stripe, Braintree, Google Pay, Apple Pay etc. There are already several posts discussing them in the B4A forum, however some are dated (2011) and rules are changing all the time.

    Question: I am after some pointers to the latest information and also, more important, implementing it in B4A (also looking at B4I).

    A lot of the information I have found for Android tends to be Java and some .net implementation, but I am not sure if it is a useful to spend time trying to read this information and us it in targeting B4A (I am OK with .net but very poor with Android Java development).

    Kind regards
    Dave
     
  2. Erel

    Erel Administrator Staff Member Licensed User

    It depends on the specific payment method that you want to use. If they provide REST API then you should use OkHttpUtils2 to process it. Another options are: implement the payment with WebView or access the native SDK, if there is one, with JavaObject. These SDKs are usually quite simple to access like this.
     
  3. davemorris

    davemorris Member Licensed User

  4. Erel

    Erel Administrator Staff Member Licensed User

    As I understand the documentation (https://stripe.com/docs/mobile/android/setup) the mobile SDK will only allow you to get a token which you can then send to your server and make transaction from your server.

    You will need to create a wrapper for this SDK.

    Why not use Google in app purchases service instead?
     
  5. davemorris

    davemorris Member Licensed User

    Hi, Erel
    Thanks for the quick response.

    Regarding the Strip mobile SDK - I am trying to go through the documentation to see if it's going to be of any use - I am not impressed with their documentation - its a bit hard work to get to nuts and bolts of the process. Believe it or not, I am working on a C# project (only because I have used .net for years) purely to try to get my head around their API (wish me luck!).

    Anyway going back to B4A and creating a wrapper for the Stripe SDK - the latest post I can find on the subject is https://www.b4x.com/android/forum/threads/create-a-wrapper-library-with-android-studio.82831/ dating from 2017 - it's a tutorial, do you recommend using that post to me started?

    Kind regards
    Dave
     
  6. DonManfred

    DonManfred Expert Licensed User

    Stripe is build opon a REST API.
    No need to wrap any library. You just can use okhttputils2 to communicate with the SDK.

    https://stripe.com/docs/api

    If you provide your app test Token then i can create a example call for you. Or two....
    I don´t like to create a account at stripe as i don´t need it.
     
    Last edited: Aug 19, 2019
    Peter Simpson and Erel like this.
  7. DonManfred

    DonManfred Expert Licensed User

    Here is a small Example using the test token from the documentation.

    Basically it is this code in Activity
    Code:
    Sub Globals
        
    Private EditText1 As EditText
    End Sub
    Sub Activity_Create(FirstTime As Boolean)
        
    'Do not forget to load the layout file created with the visual designer. For example:
        Activity.LoadLayout("Layout1")
        Starter.stripe.GetCharges(Me)
    End Sub
    Sub Stripe_Charges(success As Boolean, result As String)
        
    Log($"Stripe_Charges(${success}, ${result})"$)
        EditText1.Text = result
    End Sub
    and this code in a class which is initialized in starter Service_Create
    Code:
    public Sub GetCharges(TargetModule As Object)
        
    Dim job As HttpJob
        job.Initialize(
    "",Me)
        job.Tag = 
    "GetCharges"
        job.Download(
    $"${sdkurl}/charges"$)
        job.GetRequest.SetHeader(
    "Authorization""Bearer "&apptoken)
        
    Wait For (job) JobDone(j As HttpJob)
        
    Dim result As String
        
    If j.Success Then
            
    Log(j.GetString)
            result = j.GetString
            
    CallSub3(TargetModule, mEventName & "_" & "Charges",True,result)
        
    Else
            result = j.ErrorMessage
            
    'Log(j.ErrorMessage)
            CallSub3(TargetModule, mEventName & "_" & "Charges",False,result)
        
    End If
        j.Release
    End Sub
    the target is set here too to be able to call the class from any activity
     

    Attached Files:

  8. davemorris

    davemorris Member Licensed User

    Hi Guys
    Thanks DonManfred to the advice and code - It good to see, I was of the same opinion to use Http commands (in actual fact Stripe gives examples of API access using Curl - which is easy to convert).

    However, PCI compliance could be a problem, Stripe appear to want you to use their systems. ie taken from

    https://stripe.com/gb/guides/pci-compliance

    The comment concerns me, suggesting that if you don't use their Mobile SDK - your could have problems with PCI. BUT, they do provide the Curl examples which, in my opinion re-enforces DonManfred's post.

    I do wonder what I can get away with, any comments would be appreciated. (I hope this don't end up in a thread talking purely about PCI compliance).

    Kind regards to All
    Dave
     
  9. DonManfred

    DonManfred Expert Licensed User

    I´m not a native english speaker. I don´t know what a "PCI burden" is. Or even PCI compliance.
    It´s not a term i am familar with.

    Edit to add: ok read the link from you. Overviewed it....
     
  10. davemorris

    davemorris Member Licensed User

    Hi DonManfred
    I am sorry for confusing you - I assumed the you were a native English speaker (frankly your posts are so readable that I was totally fooled - keep up the good work).

    Anyway, PCI or the more complete initialism PCI DSS compliance stands for "Payment Card Industry Data Security Standards". It is basically a set of rules (raised by MasterCard, Visa etc) that companies must obey otherwise there can face fines imposed by their Banks. As you can appreciate, there are a lot on business done with cards and loosing the ability to process card payments can bring down a company. Unless you have to work with PCI compliance, it's a complicated subject 1700 pages of documentation! If you can, avoid it like the Plague.

    Having said that, companies like Stripe exist to relieve these Businesses of the burden of PCI by simply acting as a safe and approved repository for personal card information - however, you need to keep within their simplified version of the rules to make it work.

    Still open to an suggestions.

    Kind regards
    Dave
     
  11. DonManfred

    DonManfred Expert Licensed User

    i had a lot of experience posting my 19k Posts in this forum in the last 6 Years :D
    I just have not much experiences in SPEAKING english.

    But i got told my english is very good by @Peter Simpson. :cool:
     
    Erel likes this.
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice