I am very worry about that I paid 4500USD to Kenny of ctopay for a pharmacy merchant account. His emails is sales-04@ctopay.hk and Kennyyan12@gmail.com


Scam?





But they need I integrate the MD5 in my carts.
Is there anybody can help me about the MD5 problem.
I tried to email Kenny.But he don't know much tech problem.
He let me send emails to custmerservice-06@ctopay.com and tech@ctopay.com.But no body answer.

The merchant account has already actived.
But I can't use.

Is there anybody can help me ?


Following is our email record, is there anybody face the same problem about MD5? Help me.






Kenny,

The MD5 hash is created based upon the specific customer data that is in the cart for that order only. It is a series of numbers that are arranged into a pre-defined code based upon the customer's name, order amount, etc. We use a hosted cart and I cannot create the hash from within the cart. (I would have to pass the data from the cart to a secure page on our servers which would receive the data from the cart, create the hash and then pass everything on to your gateway, none of which I know how to do.) Furthermore, the use of an MD5 hash for this portion of the transaction is absurd because the data being protected is of NO VALUE WHATSOEVER to a hacker/thief. Using an MD5 hash to pass the customer's name, amount of the order, etc. to your gateway is like using an armored car to transport bags of garbage. It simply makes no sense.

DQS, Jr.


Dear Davids,
It is too complicated for me.
The better you can add their MSN, and ask them directly.
The better you can call that phone and ask directly.
I know you means use MD5 to code the information of credit card is no sense ,but I don't know how to work through this problem .
Call them directly....
It is the best way for getting a solution of this question.

Yours,
Kenny


Kenny,

My e-mails to tech support are not being answered.

DQS, Jr.

lol, $4500 for a merchant account when it could be got free or with much less fee and with more friendly technical support.

I am very tried to find a good credit card soluction.

It has a lot of problem.


I am really very tried....

it depend what you are selling, for pharmacy there are some option for merchant account directly with banks in Caribbean region

it depend what you are selling, for pharmacy there are some option for merchant account directly with banks in Caribbean region


You are kidding with me.

It is impossible to get a merchant account with banks directly.

Because the problem of PCI.

Banks can't offer the merchant account to you if you haven't a PCI license.

Don't fake me,please...

I means any directly merchant account from bank, it is a way to fake people for making money.

Please let bad merchant account provider disappear.

You are kidding with me.

It is impossible to get a merchant account with banks directly.

Because the problem of PCI.

Banks can't offer the merchant account to you if you haven't a PCI license.

Don't fake me,please...

you do not know what you are talking about, of course you can get merchant account directly with bank, bank is then providing all required interface

I contacted to their customerservice and got a answer.

Bad!!!



They let me to bulid a new cart system to suit their MD5.

Please inform us on results of your work with them as soon as you start recieving payments.

Whoa there, Cheapscrips. Something is very wrong with what I just read in your post.

First of all, $4500 for a merchant account? No way. It looks to me like you bought a lot more than just a merchant account--in other words, a 'bundled' deal which we have preached for years is always a mistake. In other words, you also probably bought a website design, shopping cart, gateway, AND merchant account all in one package. Now, your problem is to fit the round pegs you bought into the square holes you were provided with. Understand that all of the elements described above are separate elements provided by separate providers, each with their own area of expertise. The reason your merchant service guy can't solve your technical coding problems is the same reason your dentist can't fix your plumbing problem--it's not his area of expertise.

You need to find out who is providing what, and where to find the person in charge of each service provider. Then talk to the appropriate person for the particular issue at hand.

If that fails, then sorry to tell you but the best thing you can do is chalk it up to experience, kiss your $4500 good-bye, and start again from scratch, only this time dealing with a source who (a) knows what he/she is talking about and (b) can guide you to each source while providing step-by-step assistance.

You have just learned the hard way what many others have learned in the past: NeVER deal with bundled solution providers.

AMSPCS


Thank you,but I had worked it out.

Kenny had already metioned you, because your guys contacted him for a reseller program.

But I think you will not accept my websites.

But anyway thank you.

Please inform us on results of your work with them as soon as you start recieving payments.

I had worked out the interface problem. They told me the payout will delay 21 days. But my friend told me, it need almost 2 months.

how to inform you?

Furthermore, the use of an MD5 hash for this portion of the transaction is absurd because the data being protected is of NO VALUE WHATSOEVER to a hacker/thief. Using an MD5 hash to pass the customer's name, amount of the order, etc. to your gateway is like using an armored car to transport bags of garbage. It simply makes no sense.

Er, what? A MD5 hash cannot be used to encrypt or transfer data, it's a one-way digest algorithm to verify data integrity. If you use it with a shared secret key, you can create a secure token to verify a transaction, and I'm guessing that's what they're referring to.

Yes, but the MD5 isn't necessary, it doesn't make sense.
I am still working on this problem.

I am in the same boat. I paid to Suki instead of Keny. the funny things is that it look like they hate each other.
Still do not integrate it, and the ctopay.com is now allmypay.com
We should keep in touch. I am not sure of ctopay, Suki is really lazy answering my emails

Didn't ctopay provide you with docs for integration? Sounds lik your best bet is to hire a coder and have them work on it for you.

I am in the same boat. I paid to Suki instead of Keny. the funny things is that it look like they hate each other.
Still do not integrate it, and the ctopay.com is now allmypay.com
We should keep in touch. I am not sure of ctopay, Suki is really lazy answering my emails

Should be, but I can keep in touch with him.
The MD5 is a big problem for me.
I found a person who said he could fix the cart by myself. (http://www.mals-e.com/).But he maybe ran away.

Didn't ctopay provide you with docs for integration? Sounds lik your best bet is to hire a coder and have them work on it for you.

Yes, they did.
But my cart doesn't fit the MD5 option.
I had hided http://www.mals-e.com/ by myself, but they don't reply me now.

So its CTOpay's fault that your system isn't compatible?

MD5 is a fairly old and robust algorithm so time to update!

I hope you found a solution to your problem. $4500 is a big amount. wow!

21 Delays ?
wow is that really acceptable ?

lol, $4500 for a merchant account when it could be got free or with much less fee and with more friendly technical support.

PSIbill offers high risk merchant accounts?

Forget about PSIbill ,they don't do with our industry.

Yes PSBill does indeed offer high risk merchant accounts.

Unless you are a programmer, stick with PCI compliant Gateways that offer simple API Intergration.

Forget about PSIbill ,they don't do with our industry.


PSBill has solution for high risk including pharmacy. But PSBill doesn't work with controlled substanses from "green" and "yellow" list.

But it really means that they don't do with 99% of pharmacies.

Pharmacy is very challenging to obtain, but, I di have an account approved about 2 weeks ago. It took nealry 4 weeks to obtain approval.

I am in the same boat. I paid to Suki instead of Keny. the funny things is that it look like they hate each other.
Still do not integrate it, and the ctopay.com is now allmypay.com
We should keep in touch. I am not sure of ctopay, Suki is really lazy answering my emails

suki suki 10 dorrar?


No but seriously, a direct bank merchant account is not viable for startup businesses. Even if you do have all relevant licenses, you can get screwed by the massive fees. Your best bet is 3rd party merchant accounts. Try GSPay. They are reliable and have generally good reviews. No setup costs either.

$4500 is a crazy amount for something you could get for free.

Not sure if I would follow your advice. The best is to obtain your own direct MID. Most 3rd party processors, GSPay included hold a reserve of has 5%-20% which is a rolling reserve.

GSPAY will hold 5-10% from turnover for 180 days as security depost.


Example, your doing 500K per month, 10% reserve that equals 50K per month, in 180 days the 3rd party processor has 300K of your money that you have no control over.

If there is a dispute between you and the 3rd party processor you have no options. You don't own the merchant account and you don't have access to your money.

A 3rd party processor is the last option I would obtain.

Just my own two cents worth.

It's not ideal , I never said it was perfect, but unless you are willing to supply a hell of a lot of documentation and pay a lot of money to set it up.

Well

So whats the point ???

Is that to be considered as a scam or not ?

Not sure if I would follow your advice. The best is to obtain your own direct MID. Most 3rd party processors, GSPay included hold a reserve of has 5%-20% which is a rolling reserve.

GSPAY will hold 5-10% from turnover for 180 days as security depost.


Example, your doing 500K per month, 10% reserve that equals 50K per month, in 180 days the 3rd party processor has 300K of your money that you have no control over.

If there is a dispute between you and the 3rd party processor you have no options. You don't own the merchant account and you don't have access to your money.

A 3rd party processor is the last option I would obtain.

Just my own two cents worth.


GSPAY doesn't do with pharmacy.

Thanks for the info regarding GSPAY. My point exactly, pharmacy accounts are quite difficult to obtain. If a company is legit with all proper documents, it is possible to obtain a account, but, the merchant must have their all of their ducks in line.

My payment gateway is working now.
<<snipped>>
It costs me 2 month for this issue.
At the end,Kenny help to to find out a programmer.
I paid extra 90USD.

Hello,

We are the ctopay company. Glad your problem has been solved, if you have problem next time,you can contact us directly by the email customerservice@allmypay.com

Thanks for your support

Ctopay
Service center

His post was posted almost a year ago..........