Ok, so now that it's (mostly) done it's time for me to give you guys a little head's up on what the update today was.
First, though, an apology: There was no blog posting announcing the downtime associated with this scheduled update. Or, rather, there was but I got caught not paying attention. I have a couple staging sites where I have other copies of SweepsU.com up and running so I can test various things before I deploy them on the production site. I'd posted a blog warning on one of the staging sites thinking that I'd posted it on the production site and didn't notice until I brought everything back up today. So - my sincerest apologies, hopefully that will not happen again.
So, to business: A few months ago we received notice that the company we use to process our credit card billing was raising prices between 200-400%(!!). As a small business the value we get for our dollar is very important to us and this pricing put them very much out of the range we felt was a reasonable value. They offered to grandfather us for 90 days while we acquired another provider and migrated our application so I immediately put my nose to the grindstone and began the transition.
Today is just short of 3 months later and I've deployed the changes necessary to process payments through our new provider. In normal day-to-day use you shouldn't really notice anything different. However, there are some significant improvements to the system in general:
- We are now MUCH less tightly coupled with our billing provider. Historically I've had to touch base with the billing provider on every request to insure appropriate authorization. Now, I maintain ALL subscription information and only communicate with the billing provider when a charge is made.
- We now provide the interface for the transaction. Previously when you purchased a SweepsU.com subscription you were forwarded to the providers page to actually make the purchase. Now everything resides here and we're in control/responsible for that experience.
- Security: When you take credit cards for purchases you are subject to PCI compliance. The method with which our new provider processes transactions completely eliminates (well, for all practical purposes) any PCI compliance issues for us. Through some very cool tricks SweepsU.com NEVER sees your credit card information, it is sent directly from your browser - very securely - to our billing provider before you submit the transaction to us. At the end of the day this is MUCH more secure, safe and convenient for you - and us. The provider then gives us a 'token' that is submitted with your purchase request that we use to process the transaction. This means your sensitive information is being sent back and forth half as much as is traditional meaning significantly less risk for you.
- With the need to completely gut and recreate the billing system it was natural to continue to make the necessary changes to SweepsU.com's infrastructure to move us forward toward the very cool things we have planned next (more info forthcoming). At this point everything is pretty much where I need it to be and my next task is to begin working on new features and the future of SweepsU.com - it's going to knock your socks off!
Thank you all for your patience and continued support!
Gerald & Gwen