e-Path Payment Gateway (Australia) New v5 Release

**jumbuck2** · 23 Aug 2008, 02:43 PM

Hi all,

For those who are using the e-Path manual payment gateway (e-path.com.au) ...

If you've been caught out like me with the new version 5 release of the e-Path gateway, e-Path themselves are now providing updated Zen Cart/e-Path payment modules upon request.

The new e-Path v5 modules allow to input your individual gateway com code within the admin during set up (where it really should have been in the first place in my opinion).

I should mention that for me I needed to disable e-Path from the admin, upload new modules, then enable e-Path again from within admin. They don't mention this in their new modules documentation.

They are also providing a statement of declaration of PCI DSS compliance relating to individual gateways which come with a copy of the main PCI DSS compliance confirmation report from McAfee. Neat idea considering all the latest hum-drum over PCI stuff.

Cheers

**miss_u987** · 2 Dec 2009, 05:58 AM

Hi there, Can you guide me how to integrate e-Path with my zen cart.

Also can you give me all files that are needed for integration.

Thanks,

**jumbuck2** · 2 Dec 2009, 09:56 AM

Hi miss_u987,

Each e-Path gateway has their own gateway URL. I believe e-Path hard code your unique URL into the modules.

e-Path provides the modules free, just email them identifying your gateway ID and you'll get them sent to you ready to go.

Cheers

**Ubique17** · 27 Oct 2010, 03:36 AM

Seriously think twice about using e-Path, have been waiting almost 2 months now for my gateway to be activated, let alone get my hands on a Zen module. Communication from these guys is appaling at best, all in all very unprofessional, can't help but wonder what would happen from my customers point of view, how would I even know if my customers weren't even able to get access to the payment module. Would love to be able to provide an alternative, but who? Perfect opportunity going...

**willtech** · 3 Nov 2010, 12:39 AM

Hey, thanks for the heads up about e-path. We will be giving them a big miss now.

Many of our customers Zen Carts were using the Ceon manual payment module with disaster results. Without a dedicated server, dedicated hardware firewall and without full PCI compliance certification from an independant auditor it is illegal to use the Ceon manual payment module. Two of my clients got caught and as their developer I've only just managed to squirm my way out of some major legal trouble by the skin of my teeth, but I had to get rid of the Ceon manual payment choice immediatly on all my customers Zen Carts.

This PCI stuff is really stuffing me amd my customers off big time now. Total bummer about epath, that one looked like the answer.

Thanks heaps for the heads up about them.

Will

**Ubique17** · 3 Nov 2010, 01:05 AM

I'm sure someone out there is using e-Path without dramas - would be a good "balancer" to hear from a successful user. The credit card compliance issue (as well as keeping current with legislation) is a serious matter though, I think the temptation for many small business owners to adopt the "she'll be right" approach is going to bear rather severe implications. Something I'm finding difficult is getting third party / client reference's to suitable gateways, this makes it even harder to find a compatible gateway solution. Starting the process over with another manual gateway (not to venture off topic, but "e-gateway") so fingers crossed.

**willtech** · 3 Nov 2010, 02:24 AM

I have already looked at egateway but have had them ruled out by the powers that be. You can't do it manually and capture the CVV according to Visa. This is about illegal as it gets. I have had this confirmed by Master Card and also my own merchant account bank.

According to the rules as I've been told, the CVV can never (and should never) be in your posession to enter in to a merchant account offline when a card not present payment is made because this means the CVV has been captured, recorded and stored temporarily - 110% illegal under PCI.

After what me and two of my customers have just been through ain't no way am I going to be responsible for suggesting anything illegal again in my life!

Will

**willtech** · 3 Nov 2010, 05:41 AM

Just been told one of my customers has already signed up for e-path yesterday against my advice.

It will be interesting to see what happens now. I'll give feedback.

Will

**willtech** · 9 Nov 2010, 04:05 AM

Hi Ubique17,

What happened to us with e-path turned out majorly different to you but it still took six days to get going.

They followed up with calling my customer by phone for security checks then the gateway was delivered after I sent them some info on the cart. I had them do the integration I mean may as well if its free.

After it was done I got a call from a guy called Shane, who is one of their integrators to follow up to make sure I was OK with their work cause I am the developer. Nice, I have never got a call from Pay Pal, Google Checkout or any other payment gateway in my life so their stocks went up big time.

After checking it out fully I really like e-path. It is a simple and basic sort of service that doesn't do anything special except collect and encrypt cc details to the max via a PCI compliant system for later offline processing.

I only have two small gripes. Their security is a bit over the top and unnecessary for my liking, you have to enter three key passes to get in to the admin and the third key pass is not emailed by e-path, they rang this through and gave it to my customer over the phone, all a bit much, why not just email it?

The other one is if my customer looses key 2 or 3 e-path can't decrypt the cc details collected in their gateway because they don't keep key passes to gateway accounts. This might be great for security but it will cost my customer $55.00 to get another gateway system created if they loose their key passes. Why don't they just keep all customers key passes in the event of them getting lost?

All in all it is exactly what I was madly hunting for and it will be getting all of my zen cart customers using manual offline cc processing out of a huge bind with all this PCI rubbish.

Put me down as a tick for e-path.

**wildchick** · 28 Aug 2011, 10:40 PM

Originally Posted by willtech

Hi Ubique17,

I have already looked at egateway but have had them ruled out by the powers that be. You can't do it manually and capture the CVV according to Visa. This is about illegal as it gets. I have had this confirmed by Master Card and also my own merchant account bank.

All in all it is exactly what I was madly hunting for and it will be getting all of my zen cart customers using manual offline cc processing out of a huge bind with all this PCI rubbish.

Put me down as a tick for e-path.

Doesnt e-path fall under the same problem of collecting cvv and is thus not allowed by visa?
I dont understand why you approve of e-path? or is it just that they atleast are pcicompliant?