MINICHECK ID PRO™

Team #2

Summer 2008

Instructor

Dr. Kwok-Bun Yue

Mentor

Bruce Brenner

Team Members

Imran Ullah Mohammed

Anjali Satam

Megha Dubey

Team Website: Http://dcm.uhcl.edu/c683808sugp2

Report Version 1.0

Acknowledgements

We take this opportunity to express immense gratitude to our Instructor Dr. Yue and our mentor Mr. Bruce for guiding us throughout the project. They provided us with valuable technical and functional expertise and advice in all aspects of the project. They regularly gave us their precious time to clarify our doubts and motivated us to work hard. Their encouragement was highly instrumental in our execution of an original idea and developing the application.

We would also like to thank Previous Capstone team (spring 2008 Team #2) for providing us with the required information and details which assist us in solving the critical issues. We would also like to thank the Authorize.Net technical support for continuously helping us by providing us with the required technical details.

Abstract

MiniCheck ID Pro™ is an enhancement of the existing architecture of MiniCheck ID™ Software. Previous capstone teams have developed MiniCheck ID™ which is used to scan, parse, process and verify identity cards and checks in Windows environment. This project extends MiniCheck ID™ to MiniCheck ID Pro™, adding the capability to process the credit card transactions using a payment gateway. It will save customer and transaction information for future uses such as informing the customer for the available coupons discount.

When a credit card is swiped with a card scanner, it reads the magnetic stripe in the form of raw data. The raw data is parsed into useful information which appears on the user interface. MiniCheck ID Pro™ is integrated with a payment gateway, Authorize.Net, to allow the merchant to process the credit card transaction. Payment data is submitted to the gateway for real time authorization using Advanced Integration Method (AIM) and returns the response code to the user, which is transformed into useful messages. Thus the merchant can print a receipt to obtain the cardholder’s signature. In case, if the transaction is declined, an error message will be displayed and the merchant can renter the credit card details manually. The entire application is developed into C# and .Net 2.0 frameworks. The application allows the user to process the transaction from any PC with internet using a USB enabled magnetic reader thus turning a computer into the credit card machine.

Table of Contents

1.  Introduction 5

1.1  Problem Statement 5

1.2  Project Scope 6

2.  Design and Implementation 7

2.1  Requirements 7

2.2  System Architecture 8

2.3  Flow Diagram 10

2.4  User Interface design 12

2.5  Software Development Model 13

2.6  Main Functions 14

2.7  Technologies used 15

2.8  Implementation Issues

3.  Features 18

4.  Testing 20

5.  Final Deliverables 20

6.  Conclusion 20

7.  References 21

Appendix A

A.1 Team Roles 22

A.2 Project Timeline 23

A.3 Task Distribution 24

Appendix B 25

B.1 Images of all Scanners implemented in MiniCheck ID Pro™ 25

B.2 Screenshots 26

Appendix C 41

C. 1 Technical terms 41

1. Introduction

1.1 Problem Statement

The previous capstone team in spring 2008 (Team2) developed an application called MiniCheck ID™ where user can scan, parse and validate the Identity cards. Team2 worked with ‘Veris’ third party service provider to verify SSN details, address details and OFAC (Office of Foreign Assets Control) reports. They also integrated devices like the SDK’s of RDM EC7000i, EPSON TM-H6000II, CheckNique and add compatibility for TWAIN scanners to make them work with the existing standalone application and validate the ID’s at the point of sale. MiniCheck ID™ does not support processing of credit cards. MiniCheck ID Pro ™ is an enhancement of the existing application where user could process and validate successful credit card transactions. Thus the application helps to reduce the losses due to the fraud.

Also, MiniCheck ID Pro ™ is developed with the intention of providing special features such as solving the security issues and low hardware device cost.

1.2 Scope

The goal of the project is to integrate full credit card processing capabilities into the MiniCheck ID™ software so the user can connect a card scanner to a personal computer converting it into a credit card machine. Integrating the devices like MagTek USB Mini Card Swipe, USB MagTek Excella STX, and USB E seek M250, USB MICR Image, USB RDM with the MiniCheck ID Pro ™ to process the credit card transactions successfully. We used a third party Payment gateway to process and authorize the transaction.

2. Design and Implementation

2.1 Requirements

1)  Fetching the raw data from the scanner, parsing and converting the data into meaningful messages.

2)  Integrating the application with the third party payment gateway to authorize the transaction by implementing the AIM method.

3)  Study different types of payment gateway to select an appropriate gateway which satisfy the requirements.

4)  Also a comparison study was done between the magtek miniswipe and credit card machine as shown below.

MagTek Mini Card Swipe / Credit Card Machine
Hardware Price / $61.36 / $499.69
Secured / Yes / No
Extra Features / AVS , Fraud Prevention ,
Recurring Billing , E check Processing etc / N/A
Other Costs / $70 / N/A
Total Initial Cost / $131.36 / $499.69

Table 1: Compare Mini Card Swipe and Credit Card Machine [4]

5)  Integrating all the scanners with the MiniCheck ID Pro™ application.

6)  Integrating the application with PC guard.

2.2 Architectural Design

MiniCheck ID Pro™ is integrated with the payment gateway which processes the credit card transactions. The application sends a request to the payment gateway and the payment gateway sends the appropriate the response to the system and the transaction details are stored in the database as shown below in the diagram.


Diagram

2.3 Data Flow

When a credit card is swiped using a card scanner, the raw data obtained is converted to meaning full information. The credentials are passed to the payment gateway which authorizes the transaction and sends the respective response code. The response code is converted into meaningful messages. The user can print the receipt after the transaction. This is explained with the help of a diagram.

2.4 User Interface Design

The application shows four menu options. The first menu item consist of configuration screen which allow the user to select a device to swipe the credit card and display the card holder’s details on the user interface and process the transaction. Edit menu option consists of product purchase, allowing the user to select the product and specify the product quantity. User can enter and update the demographic information like the customer’s address, telephone number; Email Id in demographic information form. User has the option to test the transaction in the test mode before submitting the transaction in live mode in Account settings. The diagram given below explains the flow in detail.

Flow Diagram

2.5 Main Functions

The different functions developed in the application as per the requirements are as follows

1)  Integrating the hardware devices with the MiniCheck ID Pro™ so as to parse the raw data and convert into to meaningful information. The raw data consist of track1 data and track2 data. Track1 data consists of credit card holder’s first name, last name, credit card number and expiration date, Disc data1. Track2 data consists credit card number, service code and Disc data2.

Raw Data

2)  Display the credit card holder’s details on the windows form.

3)  Selecting a payment gateway which fulfills the requirements. After lot of research, team discovered that Authorize.net satisfy all the requirements need by the application. Table shows the comparison done between different payment gateways.

4)  Integrating the application with the payment gateway i.e. Authorize.Net

While integrating with the payment gateway by implementing Advanced Integration Method, a request is sent via ‘http post’ method. Request object is created using the Web Client class, provides common methods for sending data to or receiving data from any local, intranet, or Internet resource identified by a URI. Created objects to store information and receive information from the gateway. These request and response objects are created using class NameValueCollection in .net. This class can be used for headers, query strings and form data. Each key in the collection is associated with one or more values. Multiple values for a particular key are contained in a single String.

5)  Implementing the Advance Integration Method for integrating the application with payment gateway. Essential fields are sent to the payment gateway in the form a request.

Table 3: Values passed to Authorize.Net [1]

6)  Translate the response code received by the payment gateway into useful messages.

7)  Generating the receipt, displaying the customer name, product purchased and the amount.

8)  Integrating all the scanners with the MiniCheck ID Pro™ application.

2.6 Technologies Used.

1)  The application is developed in .NET 2.0 and graphical user interface is developed using windows forms. MS-Access 2003 database is used to store the records.

2.7 Software Development Model

While developing the application, team had to ensure that the application is divided into different phases so that it follows the waterfall model where development is seen as steadily flowing downwards consisting of the phases like requirements analysis, design, implementation, testing and maintenance.

Fig 4.Water fall model [5]

2.8 Implementation Issues

1)  Issues were faced while integrating hardware device ‘USB Miniswipe’ with the application, After doing a research, team found out that while using, comport property should be set open.

2)  After submitting the credentials to Authorize .Net, request message was failed. Later, team realized that sent request consists of credentials for card present protocol but the live account was set up for card not present protocol which does not require ’device type’ field to be passed to Authorize.net.

3)  Application submits the transactions to the payment gateway using the Advanced Integration method. One of the requirements for AIM is have a Secure Socket Layer certificate for secure transaction. Team realized that since the digital certificate should be installed on the client side machine for web based application which itself is major issue to install the certificate on each users’ machine since it is not cost effective. Thus, after discussion with the Authorize.Net Technical support, Mentor and team concluded SSL certificate is not required for successful transaction.

4)  Atalasoft licensee could be issued on one computer, limiting our resources to work on the application.

3. Features:

Team integrated different devices like MagTek USB Mini Card Swipe, USB MagTek Excella STX, USB E seek M250, USB MICR Image, USB RDM with the MiniCheck ID Pro™. Apart from integrating the devices with the application, the other features implemented are as follows. The user can configure or select a product to be purchased from category and subcategory list. If the product already exists in the list, an error is thrown and does not allow the user to add the product. The user can also delete the items from the product and can set product quantity. The user can enter and update the demographic information which is saved into the database. The customer demographic information consists of address1, address2, city, state, zip code, telephone number and email Id. The merchant can upload the company logo on the MiniCheck ID Pro™ form. User can test the transaction in the test mode to make sure that the transaction has been done successfully before proceeding with the live mode, since the test mode is exact replica of live mode.

The other features implemented are the improvement done to the previous team project MiniCheck ID™. Improving the 3rd party info format received from Veris when doing a SSN# verification and Address Verification the response was received in the XML format. Veris has migrated to the new XML version and response could not be received properly. The team studied the new format and reworked to successfully read the XML format. The team also improved the search criteria in the MiniCheck ID™ which permit the user to query the database by age, age range, zip code and sex.

4. Final Deliverables

The final deliverable is an .exe which consists of the entire important document and software required for MiniCheck ID Pro™.

5. Testing:

Software testing is a critical element of software quality assurance and represents the ultimate view of specification, design and code generation. The application was rigorously tested to ensure that output fulfills all the requirements. We performed the performance testing to check if the software worked as per the expectations. We also performed the validation testing and checked for different inputs like testing with different credit cards like visa, MasterCard, discover card. Also the application was tested with different scanners provided by our mentor.

6. Conclusion:

The application is an enhancement of the MiniCheck ID™ which integrates full credit card processing capabilities into the existing application. Users will have great advantage using the application since a card scanner is connected to a personal computer turning a computer into credit card machine which is comparatively cost effective.

It was a great learning experience as it gives the exposure to real time problems. Exposure to third party components, software development kits and hardware devices has been an enriching experience. It also taught us to maintain the team spirit and team coordination among all the team members.

7. References:

1)  Authorize.net, www.authorize.net

2)  Card Present Transaction Implementation Guide , http://www.authorize.net/support/CP_guide.pdf

3)  Ecommerce Payment Gateway Primer, http://www.websitepublisher.net/article/payment-gateway/8

4)  Taming the Beast.net, web marketing and ecommerce tips and tools and resources http://www.tamingthebeast.net/articles2/back-end-ecommerce.htm

By John Conde, Published: 2006-07-10

5)  Software Development Model www.wikipedia.com

Appendix A

A.1 Team Information:

Imran Ullah Mohammed: Team Lead

Role: Team Lead and Programmer

Anjali Arvind Satam

Role: Programmer and Technical Writer