Can anyone give some feedback on the HSBC API payments system.
All feedback good or bad appreciated
thanks
Paul

I used to use HSBC secure payments system. I stopped using it as it was too rule bound for my taste. It was designed arround what a bank thinks you want rather than the real world. It works best if you take the money in full imeadiately and dont need to do refunds. It works worst if you want to simply authorise the card and take the money when you dispatch. Especially if you want to split or change an order.

Anyone else had experiece of this payment system?

I have implemented the API in an ecommerce website, it wasnt too difficult, anything specific I can answer or help with?

We use HSBC, far too rigid - moving to PayPal Pro as the interface is user friendly and can handle PayPal and credit cards in one place

I have implemented the API in an ecommerce website, it wasnt too difficult, anything specific I can answer or help with?

Hi, Could you please point me to some kind of developer documentation for integration of HSBC payment API or did you use a 3rd party HSBC payment module?

Best Regards
Omer

Hi, Could you please point me to some kind of developer documentation for integration of HSBC payment API or did you use a 3rd party HSBC payment module?

Best Regards
Omer

Can anyone give some feedback on the HSBC API payments system.
All feedback good or bad appreciated
thanks
Paul

If you do a search for hsbc then you'll find that their ecommerce software is old and unsupported (the original company no longer exists), and as a result when there are issues it takes a while for problems to get fixed. They also have no support team available at the weekend, so when it went bump fairly critically a couple of weekends ago it was a major headache for a lot of business owners. Imho avoid, it is not an api that works well with a lot of systems and is a pain to integrate.

If you want alternative solutions direct from a bank then take a look at the Alliance & Leicester - or better still just implement protx, streamline or worldpay - much better and all are trusted, and have the customer support wehn you need it.

Also as friends of mine found out recently there is only one company whose remote terminal was compatible with hsbc and whose details hsbc could give them so that they could hire one for a trade show - and they were abysmal and the terminal didn't work properly for the entire Good Food Show.

I found the API a PITA to code for to be truthful. Plus it requites execute permissions without hacking it to bits which very few (reads none) hosting companies will give you on a shared server.

Agreed - It can be a real pain in the rear. We had someone contact us this week about it for their osCommerce store, and managed to get it working. But it wasn't exactly easy.

That being said, I've got it working fine on both shared and dedicated servers. It's just a matter of knowing what's possible, and what's not, based upon what the host is offering.

If it were my store, I'd not be using it ;)

There are also issues with it in some browsers, although these may now be rectified (http://www.stuffbysarah.net/blog/2007/04/17/business-roundup/ )

Dedi boxes are easy but you say the host it's on allows you execute perms on the required files?

I use it - it worked out the cheapest and easiest to set up when I started my store - to be honest I'd prefer to change to something like paypal pro but it's more expensive (by my calculations). I have the CPI - takes you off the website to pay, and I like the paypal pro way of keeping you on-site to take the payments. Mine is set up with EKMpowershop so was no hassle to install, but there have been problems, and getting them sorted is not too easy - especially as already mentioned, there is no support at weekends.

Dedi boxes are easy but you say the host it's on allows you execute perms on the required files?

Yup, I've got it working on several shared hosts before. All linux based, and working fine with the hashing program.

I had a right nightmare with it, they don't offer much support for PHP we installed into an Oscommerce website for someone was possibly one of the worst things I ever took on got their in the end but alot of headaches caused.

I use HSBC myself, but I just got a Merchant account number and use protx much easier.

We use HSBC, far too rigid - moving to PayPal Pro as the interface is user friendly and can handle PayPal and credit cards in one place
Far cheaper too and deals with multiple currencies. I always add this to sites either as a main payment vehicle or a secondary if the customer insists on using a known bank system. Protx is another alternative too.

We used their published api or guide, it should be available from them. Its called a CPI integration guide or similar.

In my opinion there is nothing wrong with the implementation they use. The big downside (and it doesn't look like they changed this) is that they require you to install a com dll to do some hashing. This is bizarre we actually called them asking if we could have the code for the hashing algo and they declined (I would have reimplemented in .net and given them the code). If anyone is interested I wrote the HSBC payment module implementation for easywebstore (http://www.easywebstore.co.uk) and if someone wants any help they can pm i can quote a fixed price for any work.

In my opinion there is nothing wrong with the implementation they use. The big downside (and it doesn't look like they changed this) is that they require you to install a com dll to do some hashing. This is bizarre we actually called them asking if we could have the code for the hashing algo and they declined (I would have reimplemented in .net and given them the code). If anyone is interested I wrote the HSBC payment module implementation for easywebstore (http://www.easywebstore.co.uk) and if someone wants any help they can pm i can quote a fixed price for any work.

Its not the implementation that is the problem it is the support. Clear Commerce who wrote the software were bought out by american giant eFunds. eFunds asset stripped clear commerce and there are zero - yes zero support staff in the UK. There has been no development, industry changes etc for a number of years. What this means is that the rules and fraud filters they are using are for fraud types seen a couple of years ago and not the specific patterns affecting merchants trading today. So some transactions that are good will be stopped as they match a 2-3 year old pattern.

Fraud patterns change day to day, week to week, industry to industry. Banks normally do very little fraud screening, black lists is about the sum of it, some times velocity checking. Normally this falls to the processor/psp to have something more advanced in place. If the bank is acting as both acquirer and processor as is the case with some HSBC set ups, then they should have current software to protect you the merchant from fraud.

I kinda feel sorry for HSBC. Efunds buys up their software supplier, does not support it properly or develop it which leave HSBC with basically an unsupported system they cant get off of. eFunds has HSBC by the short and curlies.

I seem to remember we had to install Servlet Server (tomcat) on our server for it to work