Designing an iOS Payments SDK for Security

WePay iOS Server Calls

At WePay, we think about security as our most important product. Security isn’t a background concern - it’s the product that has to be absolutely, 100% solid before any other products can be shipped. That philosophy has guided us towards figuring out the right way to construct an iOS SDK for the WePay API

Since releasing the WePay API in 2011, we’ve received continual requests to make integrating the WePay API into a mobile application even easier. The WePay API has always been language agnostic - companies have baked it into their iOS apps for quite some time. Our foremost concern has been developing an iOS SDK that enforces security best practices.

Marketplaces and Money Transmitter Licenses

*This post is an abridged version of a presentation given at the Law Seminars International “Mobile Payments Law” conference on November 22, 2013.

An “online marketplace” is a website that facilitates transactions between third party buyers and sellers, rather than between customers and the website itself. eBay was an early pioneer in this business, followed by Amazon Marketplace, Etsy, and a host of others.

Marketplaces occupy an ambiguous place in the supply chain for goods and services. Marketplaces connect buyers and sellers. They differ from online stores, which buy and sell in their own names. Some marketplaces maintain their distance from the supply chain and provide little more than passive hosting services for online advertisements. Other marketplaces curate buyers and sellers, deliver digital goods, or guarantee buyer satisfaction. Many marketplaces provide payment services so that buyers can pay sellers on the website.

Picking the Right Partners: LessAccounting

LessAccounting

Since our launch in 2010, WePay has offered one of the simplest online invoicing products around. We paired it with other easy-to-use tools that helped individuals, non-profits, and small businesses collect money online. Along with invoices, we offered a donations tool, an events tool, a small e-commerce tool, and a mobile virtual terminal.

With the launch of WePay’s API in the summer of 2011, we’ve come to realize that partners can often create more streamlined, compelling products than we can. For WePay, it started with crowdfunding. WePay’s donations tool, while a fantastic piece of engineering, just doesn’t have the same functionality as world-class fundraising products like GoFundMe, StayClassy, or Fundable.

WePloy – WePay’s Deployment Tool

Welcome to WePay’s engineering blog. Over on the main WePay Blog there are a lot of fun posts about organizing ski trips, deadbeat roommates and other such gems. Here we are not going to talk about any of that. This will be dedicated to (hopefully) interesting solutions to technical problems. The first thing we are going to attack is deploying code, and specifically PHP code, although the tool we wrote could be used to deploy any type of code.

Deploying web apps doesn’t tend to be very difficult, at least not on the surface. You copy your new files to your document root and off you go. However, there are actually a lot of things potentially wrong with that approach.