PayFlex System -One Click Buy Button Creation

one-click-commercebuy-online-shopping-cart-button
PayFlex Systems is creating a fantastic ecommerce tool to allow people to buy and sell things quickly and hassle-free!
Here is a product demo of our One-click system. In this video, it shows how easy it is for a seller to create a buy button.The seller is prompted with easy to understand and bullet-proof workflow. It produces a piece of code that the seller can paste onto his/her webpage.

See for yourself how easy it is to start selling.

 

PayFlex Systems One-Click easy buying process

one-click-commercebuy-online-shopping-cart-button
PayFlex Systems is creating a fantastic ecommerce tool to allow people to buy and sell things quickly and hassle-free!
Here is a product demo of our One-click system. In this video, it shows a buyer buying a bicycle. They are prompted with easy to understand and bullet-proof workflow. During the entire process there is no confusion. Confusion and doubt is the enemy of online-buying!

See for yourself how easy it is and confidence building the whole buying process is with One-Click Buy.

You can have your cake … and eat it too!

Payments should be easy as pie.  Or should we say … “cake”.

Small shops should be able to sell anything with ease online.

Do you have a one-off product? It’s not wrothwhile enough to set up a merchant account?

Project BeamZinga plans to be your Super Hero. We aspire for our platform to allow accepting merchants through us.  We will take care of the inventory and tracking.  (The boring stuff).

And we will promise to keep it simple. We will process credit card SALE and CREDIT only, just like in real life.

What is BeamZinga?

BeamZinga is our demo website where we put our latest code to test out our platform.

 

We have created our own online shopping portal!

It is in Alpha mode right now. But feel free to click around and even simulate a checkout.  Don’t worry, we won’t be charging any of your credit cards.

BeamZinga is a showcase portal to show how our payment processing workflow works.

 

Please feel free to visit it at www.beamzinga.com. 

 

Jobs

We are looking for talent. Full Stop.

 


August 2014:

 

Development Engineers

We will take care of the infrastructure and the connectivity. You take care of the rest.

Experience with payment processing required.

Java –  J2EE

Deep knowledge of ISO 8583.  If you have to look it up.. :(

Do you know what this means?

iso-8583

 

 

 

Mysql and Postgres integration – SLony Master to Master replication.

Tomcat

Build environment: Jenkins, Chef

If you have what it takes, we’d love to hear from you. email us your linkedin profile or your resume at info@payflexsystems.com

 


 

For February 2015:

Marketing and Sales Guru/Extraordinaire

Can you translate our dry payment lingo into exciting news?

We want people to spread the word that we are making processing simple. And it wouldn’t hurt if you can bring in Sales leads too.

When we fully launch and start accepting payments, we rely on Merchants to sign up. Otherwise our portal page would look really bare and terrible, wouldn’t it?

Deep understanding of Google AdSense and Adwords and Analytics.

MailChimp and Marketo platform.

Can you make this for us?

marketo

Working closely with our vendor partners to make some news

Establishing reseller agreements.

 

 

If you have what it takes, we’d love to hear from you. email us your linkedin profile or your resume at info@payflexsystems.com

October 16 2014: SSL 3 poodle vulnerability

Attention:

“It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.

.. It was discovered that OpenSSL incorrectly handled memory when verifying the integrity of a session ticket. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. (CVE-2014-3567)

In addition, this update introduces support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV). This new feature prevents protocol downgrade attacks when certain applications such as web browsers attempt to reconnect using a lower protocol version for interoperability reasons.”

Notice:

We recommend to all of our affiliates to update their OpenSSL versions immediately and to turn off SSL v3 and use TLS 1.1 and higher. Please note that Payflex system servers have been patched and are no longer accepting SSL v3 connections.

How to test if you have disabled SSL v3?

To check if you have disabled the SSLv3 support, then run (replace “facebook.com” with “yourserver.tld”.)

openssl s_client -connect facebook.com:443 -ssl3

which should produce something like

3073927320:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1258:SSL alert number 40
3073927320:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:

meaning SSLv3 is disabled on the server. Otherwise the connection will established successfully.

Alternatively, you can use nmap to scan server for supported version:

# nmap --script ssl-enum-ciphers facebook.com**
Starting Nmap 6.47 ( http://nmap.org ) at 2014-10-15 03:19 PDT
Nmap scan report for facebook.com (173.252.120.6)
Host is up (0.090s latency).
rDNS record for 173.252.120.6: edge-star-shv-12-frc3.facebook.com
Not shown: 997 filtered ports
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https
| ssl-enum-ciphers: 
|   **SSLv3: No supported ciphers found**
|   TLSv1.0: 

Sept 26 2014: Bash Bug Shellshock vulnerability exposed

Attention to all:
On September 24, 2014. An exploit has been found and publicized about bash (bourne again shell). This shell is implementation is on most linux distributions and unix distributions, as well as Windows cygwin shell program.

Since the notification we have update our gateway with the recommended update. We are not vulnerable to this threat. We recommend to all of our affiliates to update their systems with the latest available patch for this vulnerability.

April 14 2014: HeartBleed OpenSSL vulnerability

Attention: On April 8 2014, OpenSSL libraries have been publicized that a vulnerability exists in certain versions of OpenSSL implementation.

 

Notice: PayFlex Systems is not vulnerable to HeartBleed,  (CVE-2014-0160). Our gateway is not using this implementation version

Notice to our affiliates: It is recommended that SSL certificates be reissued to ensure that your future SSL connections are not prone to man-in-the-middle interception.

For more information please go to:

https://www.us-cert.gov/ncas/alerts/TA14-098A

or

http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0160.html

Sept 10 2014: PHP vulnerability notification

Attention:

It was discovered that PHP did not properly handle certificates with NULLcharacters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

Notice:

We recommedn our affiliates connecting to us by PHP invoking HTTPS (SSL)  POST requests that they patch their systems accordingly.

For more information about which versions of linux bundles are affected please go to:

http://www.ubuntu.com/usn/usn-1937-1/

or

http://www.rapid7.com/db/vulnerabilities/ubuntu-USN-1937-1