Home

Cardbox

  
Cardbox > Solutions > Uses of Cardbox ...

Universalis - lightweight e-commerce

Universalis is a web site that supplies psalms, prayers and readings from the Catholic Liturgy of the Hours, changing every day according to the liturgical calendar and the location of the reader. The content may be accessed free of charge from the Universalis web site, but the company also sells downloads that enable the user to have the whole content of Universalis on his laptop or palmtop, without needing to connect to the web each day.

This is a low-volume business, with only a few sales a day, which means that it is perfectly practical for each sale to be checked and authorised by a human being. Consequently a form of "lightweight" e-commerce is possible, without sophisticated programming. In fact, apart from a single Cardbox macro, no programming at all is involved.

The product

The product that is actually being sold is a registration code that converts the downloadable Universalis software from a trial version into a full, unlimited version. This is done to minimise the possibility of returns on the grounds of incompatibility or unsuitability. Stern warnings at the start of the purchase page emphasize that the purchaser should try the software first and buy it only if it works and is suitable.

The purchase process

Payments are processed through Worldpay, and the actual purchase is done through Fastcart, a free shopping cart service designed for use with Worldpay.

  1. Pressing "Buy Now" on the Universalis purchase page sends the customer to the Universalis page on Fastcart.
  2. Fastcart lets the customer choose which products he wants to buy (in the case of Universalis there is only one available product) and gets the customer's name, address, and contact details. It calculates the total cost and sends the purchaser to Worldpay so that payment can be collected. Worldpay is told the customer's contact details and the total amount of payment required.
  3. Worldpay gets the customer's credit card details and contacts the purchaser's bank for authorisation. It only authorises payment: it does not actually charge the customer's card.
  4. If the payment is authorised, Worldpay sends notifications to the customer and to Universalis by email. It also notifies the Fastcart site, which also sends emails to both the customer and Universalis.

The customer can feel confident about security against on-line fraud, because neither Fastcart nor Universalis ever see the credit card details. Moreover, the customer's card has not yet been charged.

The manual step

At intervals, someone checks the emails that Universalis has received. On normal working days this is done every few hours; over weekends there may be a gap of a couple of days. The acknowledgement email that the customer receives warns him of this; and of course the customer's card has not yet been charged.

The email from Fastcart contains all the information that is needed to process an order. The operator logs into the Worldpay site and pastes into it the reference number that came in the Fastcart email. Once Worldpay has shown the details of the transaction, pressing the "Complete" button will complete the transaction and charge the customer's card.

The operator returns to the email from Fastcart and copies it to the clipboard, then runs a special macro in Cardbox.

The Cardbox macro:

  1. Finds the next unallocated Universalis serial number.
  2. Calculates a registration code for it.
  3. Creates a database record with the customer's full details and the calculated registration code.
  4. Creates and sends an email that contains a receipted invoice, the registration code, and instructions for installing it.

After that, there is nothing more to be done. The customer receives and installs the registration code. Once a week, Worldpay transfers the total receipts to the Universalis bank account.

Suspicious transactions and fraud

This system is well protected against fraudulent transactions because no card can be charged and no codes can be sent out until a human being has looked at the transaction and decided that it should be accepted.

Worldpay checks various aspects of the transaction it is processing - for instance, address, country, and card security code. It reports the results of its checks and also gives an overall recommendation as to whether the transaction should be accepted. The recommendation is purely advisory. In some cases Universalis is stricter than Worldpay (for example, Universalis will never accept a transaction with an invalid security code). On the other hand, it is sometimes possible for a human being looking at a transaction to decide that it is entirely legitimate even though Worldpay's automated systems are worried about it.

A semi-automated system is also protected automatically against certain other kinds of frauds. For instance, some thieves will use an e-commerce site as a validation service to ensure that the cards they have stolen have not yet been blocked. To a business that knows the kinds of customers it has and how they behave, this sort of attack will stand out instantly.

Lightweight to heavyweight

This is a lightweight approach to e-commerce. It costs next to nothing to implement and requires no custom programming beyond a single Cardbox macro. It is not suitable for a site that sells thousands of items a day, but it is not intended for that sort of site.

There are many applications of e-commerce where the volumes are small and will remain small, and those are the sort of applications that can benefit from this approach.

What if volumes grow to the point where processing transactions is taking up too much time each day? Automation can be increased step by step, until the only human intervention required is a single "go/no-go" decision for each sale. (This means extending the Cardbox macro so that it reads emails for itself and enters the Worldpay website automatically).

If volumes grow still further, a completely different solution is required, in which most decisions are delegated to an automated system. This is a completely different field and will require more planning, more expenditure, and constant supervision. But by then there should be the revenues around to pay for that investment.

The Universalis macro

This macro is activated by the menu command Special > Process Order. Before using this command, the operator must have copied the contents of the Fastcart email to the clipboard.

x=Split(ClipboardText,vbCrLf)

For i=LBound(x) To UBound(x)
 If Left(x(i),16)="Transaction ID: " Then tid=Mid(x(i),17)
 If Left(x(i),17)="Customer Details:" Then
   fldNA=x(i+2)
   fldAD=x(i+3) & vbCrLf & x(i+4) & vbCrLf & x(i+5) & vbCrLf & x(i+6)
   fldCO=x(i+7)
   fldTE=x(i+8)
   fldEMAIL=x(i+9)
  Exit For
   End If
 Next

 If tid="" Then
   MsgBox "The clipboard text is not in the proper format:" & vbCrLf & vbCrLf & ClipboardText
   Halt
   End If

fldSer=Database.NextIndexTerm("SERIAL","",cbxFindTermBackwards + cbxSearchNumbers)
fldSer=fldSer+1
Run "RegistrationCode.exe"," -calc " & fldSer
reg=ClipboardText

AddRecord
Fields("DATE")=DateFromCardbox(Date)
Fields("SERIAL")=fldSer
Fields("REGFMT")=reg
Fields("REG")=Replace(reg,"-","")
Fields("WORLDPAY")=tid
Fields("NA")=fldNA
Fields("AD")=fldAD
Fields("CO")=fldCO
Fields("TE")=fldTE
Fields("EMAIL")=fldEMAIL
SaveRecord

Function StripMailtoPrefix(Email)
 If Left(Email,7)="mailto:" Then
   StripMailtoPrefix=Mid(Email,8)
  Else
   StripMailtoPrefix=Email
  End If
 End Function
    
 
Function SendOneMessage(Email,Subject,Fulltext)
 Set x=EmailSender("Universalis Publishing <universalis@cardbox.com>",...)
 x.Subject=Subject
 x.Message=Fulltext
 x.Send Email
 SendOneMessage=True
 End Function

txt="INVOICE AND REGISTRATION CODE" + vbCrLf + vbCrLf
d=DateFromCardbox(Fields("DATE"))
d=Day(d) & "-" & MonthName(Month(d),True) & "-" & Year(d)
txt = txt & "Date: " & d & vbCrLf & vbCrLf
txt = txt & Fields("NA") & vbCrLf & fldAD & vbCrLf & Fields("CO") & vbCrLf & vbCrLf
txt = txt & "Thank you very much for ordering a registration code for Universalis." & vbCrLf & vbCrLf
txt = txt & "Your registration code is " & Fields("REGFMT") & ". "
txt = txt & "For full instructions on how to enter the code, please follow the appropriate link from http://www.universalis.com/n-download.htm." & vbCrLf & vbCrLf
txt = txt & "Your credit card has been charged with £30.00." & vbCrLf & vbCrLf

emailaddr=EmailNameAndAddress(Fields("NA"),Fields("EMAIL"))

SendOneMessage emailaddr,"Your Universalis registration code",txt

The macro does the following:

  1. It scans through the clipboard text, finds the transaction details, and stores the details it needs.
  2. It finds a new serial number and calls an external program to generate the registration code.
  3. It creates a new Cardbox record containing all the details.
  4. It creates the text of an email to the customer.
  5. It sends the email.

To create something like this, you would need to be able to write Cardbox macros, or have access to someone who is familiar with VBScript; but this is a lot less complex than full-blown web site programming.

© 2016 Martin Kochanski
"Cardbox" is a registered trademark.		  Top of page