Merchant Howto: Difference between revisions
first stab at removing pointless crappy spam |
|||
(34 intermediate revisions by 21 users not shown) | |||
Line 20: | Line 20: | ||
If you are delivering digital goods or services and want to be able to deliver instantly upon payment and/or confirmation, you can use a third-party service such as [[Bitcoin Notify]] to tell your website when a payment has been received. This sort of service requires no significant API implementation - they will simply make a POST to your website or send you an e-mail when a payment has been received on one of your addresses. | If you are delivering digital goods or services and want to be able to deliver instantly upon payment and/or confirmation, you can use a third-party service such as [[Bitcoin Notify]] to tell your website when a payment has been received. This sort of service requires no significant API implementation - they will simply make a POST to your website or send you an e-mail when a payment has been received on one of your addresses. | ||
If you keep Bitcoins off your web server, this ensures your wallet cannot be stolen if your web server experiences a security intrusion. Your risk becomes limited to the possibility that a successful intruder could add his own addresses to your address pool and steal funds from a few incoming orders until you detect the problem, however, this is a relatively controllable risk. | If you keep Bitcoins off your web server, this ensures your wallet cannot be stolen if your web server experiences a security intrusion. Your risk becomes limited to the possibility that a successful intruder could add his own addresses to your address pool and steal funds from a few incoming orders until you detect the problem, however, this is a [[Deterministic_wallet|relatively controllable risk]]. | ||
===Using offchain payment networks=== | ===Using offchain payment networks=== | ||
Line 48: | Line 48: | ||
Do not do this. Give each customer a unique Bitcoin address. | Do not do this. Give each customer a unique Bitcoin address. | ||
See also [[Why Your Business Should Use a Full Node to Accept Bitcoin]] | |||
==See Also== | ==See Also== | ||
* [[In-store Transactions]] | * [[In-store Transactions]] | ||
* [[:Category:Shopping Cart Interfaces|Shopping Cart Interfaces]] | * [[:Category:Shopping Cart Interfaces|Shopping Cart Interfaces]] | ||
* [[:Category:Payment_Processors|Payment Processors]] | |||
* [[Securing online services]] | * [[Securing online services]] | ||
* [[Converter|Bitcoin Javascript Converter]] displays a price in BTCs after converting from USDs. | * [[Converter|Bitcoin Javascript Converter]] displays a price in BTCs after converting from USDs. | ||
* [[How to accept Bitcoin, for small businesses]] | * [[How to accept Bitcoin, for small businesses]] | ||
Line 82: | Line 60: | ||
* [[URI Scheme]] | * [[URI Scheme]] | ||
* [[Promotional graphics]], buttons and logos | * [[Promotional graphics]], buttons and logos | ||
* [https://github.com/cryptoapi/Payment-Gateway GoUrl Bitcoin Payment API] open source php payment api on Github.com | |||
* [[Lazy API]] The lazy (and possibly easiest?) way to accept bitcoin payments on your website | * [[Lazy API]] The lazy (and possibly easiest?) way to accept bitcoin payments on your website | ||
Latest revision as of 16:20, 3 July 2017
It has been suggested that this article is merged with How to accept Bitcoin, for small businesses.
Accepting Bitcoins is easy, and there are several ways to do it.
Manually
- Download a bitcoin client
- When a customer wants to buy something, send them a Bitcoin address where their payment should be sent.
- You can do this by clicking "New.." next to your address in the Bitcoin client and sending that address to the customer.
- When payment comes in to that address, send the goods to your customer. Depending on the value of what you're selling, you may wish to wait until the payment shows Confirmed.
- To issue a refund, obtain from the customer the bitcoin address where the refund payment should be sent. The refund address will likely be different from the address used when the customer sent payment, especially if an EWallet was used by the customer.
Automated
Pre-generating Bitcoin addresses
You can accept Bitcoins on your website without needing to use Bitcoin APIs or third party services if you pre-generate a large number of receiving Bitcoin addresses and store them in a database on your web server, and dispense them one-by-one to customers when they are ready to pay. This way, your web server never actually handles the bitcoins - it simply gives out addresses belonging to a wallet you maintain elsewhere. By using a unique address per order, you will always know which payment belongs to which order. Example of website using this method
To pre-generate addresses, use a tool such as Pywallet (which can generate a wallet.dat file) or Bitcoin Address Utility (which can generate a CSV file). In both cases, you will be generating a list of Bitcoin addresses along with their corresponding private keys. Only the Bitcoin addresses (not the private keys) should be loaded on the web server.
If you are shipping goods manually, you can use the Bitcoin software to check for incoming payments, or alternately consider using Block Explorer or Abe to verify payment when you're about to ship. To make this easy, make your website provide you a full hyperlink that includes the proper receiving address: http://www.blockexplorer.com/address/ADDRESSGOESHERE.
If you are delivering digital goods or services and want to be able to deliver instantly upon payment and/or confirmation, you can use a third-party service such as Bitcoin Notify to tell your website when a payment has been received. This sort of service requires no significant API implementation - they will simply make a POST to your website or send you an e-mail when a payment has been received on one of your addresses.
If you keep Bitcoins off your web server, this ensures your wallet cannot be stolen if your web server experiences a security intrusion. Your risk becomes limited to the possibility that a successful intruder could add his own addresses to your address pool and steal funds from a few incoming orders until you detect the problem, however, this is a relatively controllable risk.
Using offchain payment networks
Off chain networks provides various benefits to Bitcoin, such as instant confirmations and protection against double spending.
Using a third-party plugin
You can use an existing shopping cart interface from a 3rd party to automatically handle all Bitcoin payments on your website. If you want to develop the system yourself, you can utilize the Bitcoin client's JSON-RPC API to automatically accept payments.
Things to note if you build it yourself:
- When a customer orders something on your website it records:
- Bitcoin address that payment should be sent to
- Order details (delivery address etc.)
- Customer's refund address (optional - if you wish you can ask for this later, only in cases a refund is required)
- Payment amount
- When payment arrives, checks that they have paid the correct amount or not, and informs you
- You dispatch the goods to the customer and mark the order as fulfilled
- If you cannot dispatch the goods you mark the order as denied and ask the customer for a refund address (unless you already have it from earlier) to send a refund.
- Forwards the funds to bitcoin address of your choice
Businesses that mail invoices
Does your business send out invoices to customers? Adding one line may make a huge impact for the Bitcoin economy. Perhaps you list it as a payment option just after Visa, MasterCard, and American Express, even if that means your customer must call or e-mail to make a payment. However it is possible to create automated invoices by using known payment systems supporting invoicing, and recurring invoice setup.
Common Errors
It has been observed on occasion that a business funnels all its orders through the same Bitcoin address, and asks people to send some BTC, then send email describing the timing and the amount of the transaction to 'claim' it. This is not secure, since anyone can see the transaction details using a tool such as Block Explorer, and then try to claim someone else's transaction as theirs.
Do not do this. Give each customer a unique Bitcoin address.
See also Why Your Business Should Use a Full Node to Accept Bitcoin
See Also
- In-store Transactions
- Shopping Cart Interfaces
- Payment Processors
- Securing online services
- Bitcoin Javascript Converter displays a price in BTCs after converting from USDs.
- How to accept Bitcoin, for small businesses
- Marketing
- URI Scheme
- Promotional graphics, buttons and logos
- GoUrl Bitcoin Payment API open source php payment api on Github.com
- Lazy API The lazy (and possibly easiest?) way to accept bitcoin payments on your website