A Consultant's View
Prairie Trail Software, Inc. ............................................................. November 2006
Virtual Terminals (the programs that run on a PC but are driven from a host system), have a lot of different technologies behind them, but don't choose a server based on "the best technology".
Every year, indeed every few months, another new technology is announced that will improve everyone's life (or the new improved version is released with needed features and bug fixes). It is not possible to plan a 10-15 year server technology based on today's state of the technology. Instead, the way to plan is to look at technologies that are widely used and supported. When the infrastructure is present to support a technology, it will be around for a while.
At present, three companies offer solutions which are likely to be around for awhile: Sun, IBM, and Microsoft. The alternative is the open source solution of: Linux, Apache, MySQL, and various languages such as Java, PHP, Perl, etc.
At Prairie Trail Software we have selected two technologies: Microsoft, and Open Source. There are lots of people out there who support Microsoft solutions, and there are lots of people who support the various flavors of open source solutions.
What does a Microsoft solution look like? The database is SQL Server. Interactions with the data is done through "stored procedures". A "web service" layer helps to run the business logic, and web pages run on ASP.NET. The structure is built to resist web attacks that are usual in today's world. All this runs on one or more Windows Server systems with IIS.
The open source solution is structured similarly. The database is MySQL (the latest version of which offers "stored procedure" support), the web pages are served through Apache server with TomCat offering "Java Server Pages", and interactions between the database and the web are done through Java.
With our two choices, similar systems may be built on SQL Server and MySQL. Although MySQL can't hold as many records as SQL Server, few business systems actually need that much space.
That's a lot of technical talk, and many a technical person will argue any or all points of our logic. But, that is part of the challenge in selecting system technology; technical people argue point after point while a job is waiting to get done.
We want any system we build to be transferable to any new platform at a future date, and our options have a large support base–-there are a lot more available programmers for Java Server Pages than Hypercom terminals.
If you are looking to offer transactions to merchants through virtual terminals, give us a call to see what we can do to provide a server system.
Web software operates in a very hostile environment, and many programmers do not know how to plan and/or test for hostile actions.
Web software is no longer hacked just by bored adolescents. Today, attacks are performed by professionals with the intent to defraud you. They don't try to bring your server down; rather, they borrow your software or harvest your customers' information– it's much more profitable.
One person was very hesitant about a new system. Previously, he had a web site which allowed his customers to execute some financial transactions. It got hacked, and the perpetrators helped themselves to a lot of free service. Like borrowing your car (and your gas), and returning it without you noticing--until you check the odometer.
Professionals all seek to harvest financial data from your system. Most businesses keep some kind of information on their customers. Years ago, it was common that a business would keep credit card information on file so that customers could come back and charge that card. We can't do that today. Any system connected to the internet can be hacked, infected by a virus, or spied upon.
Programmers, who are not aware of the dangers, design systems that can be successfully attacked. If you have not had any discussions with your program-mers about how the system they are building can be hacked, then it makes good financial sense to hire a web security consultant to go over the design and implementation.
A security audit is far less expensive than having your customer's financial information in the hands of criminals.
.
Dave Randolph,
President, Prairie Trail Software