A key feature for huge eCommerce companies such as AliExpress, Ebay, and Amazon is a secure way of handling payments, which is essential for their business. If this feature fails, the consequences would be devastating. This applies to industry leaders and Ruby on Rails developers working on eCommerce apps.

Cybersecurity is essential to preventing attacks, and a way to make the transaction process more secure is asking a third-party service to handle it. Including payment gateways in your application is a way to achieve this goal, as they provide user authorization, data encryption, and a dashboard so you can follow transaction status on the fly.

There are a variety of payment gateway services on the web, but in this article, I will be focusing on integrating Stripe and PayPal to a Rails application. To mention a few others: Amazon Payments, Square, SecurePay, WorldPay, Authorize.Net, 2Checkout.com, Braintree, Amazon, or BlueSnap.

How Payment Gateway Integration Works

General representation for transactions involving payment gateways

In general, there will be a form/button in your application where the user can log in/insert credit card data. PayPal and Stripe already make this first step more secure by using iframe forms or popups which prevent your application from storing sensitive user credit card info as they will return a token representing this transaction. Some users also might already feel more confident to process payments by knowing that a third-party service is handling the transaction process, so this can also be an attraction for your application.

After authenticating the user info, a payment gateway will confirm the payment by contacting a payment processor which communicates with banks in order to settle payments. This ensures that the transaction is debited/credited properly.

Stripe uses a credit card form asking credit card number, cvv, and expiration date. So the user has to fill out credit card information in the secured Stripe inputs. After providing this information, your application back end processes this payment through a token.

Unlike Stripe, PayPal redirects the user to the PayPal login page. The user authorizes and selects the payment method through PayPal, and again, your back end will handle tokens instead of user sensitive data.

It’s important to mention that, for these two payment gateways, your back end should ask for proceeding transaction execution through Stripe or PayPal APIs which will give a OK/NOK response, so your application should redirect the user to a successful or error page accordingly.

The intent of this article is to provide a quick guide for integrating these two payment gateways in a single application. For all tests, we will be using sandboxes and test accounts provided by Stripe and PayPal in order to simulate payments.

Setup

Before integrating payment gateways, we will do a setup for initializing the application by adding gems, database tables, and an index page. This project was created using Rails version 5.2.3 and Ruby 2.6.3.

Note: You can check out new Rails 6 features in our recent article.

Step 1: Initialize a Rails application.

Initialize the project by running the project initialization with the rails command with your app name:

rails new YOUR_APP_NAME

And cd in your application folder.