Currently I'm processing credit card payments through a payment gateway. My apps uses Rails, hosted on heroku with unicorn.
The unicorn process will timeout after 30 seconds however, so if a gateway transaction hasn't finished in time for whatever reason the request fails leaving the user with an App error and a partially completed transaction.
To overcome this I'd like to use DelayedJob, which I'm already using to handle the transaction as a background process.
One issue that comes to mind however, is that delayed job stores jobs in a table and therefore the credit card info would be temporarily stored unencrypted.
How can I overcome this issue? Or is there a better solution using delayed job?
Could I encrypt the credit card details first before using delayed job and then have delayed job encrypt before processing - although I'm not sure this would be PCI compliant?
Thanks
You could send the request to your processor in a new thread then store the result when they return. This allows the request to finish quickly regardless of your processor's behavior. The page that initiated the thread could then simply say "processing" and force a page reload or check via ajax periodically until the processor returns and the result is stored.
In this setup you are not storing the credit card information in your database or worrying about encrypting / decrypting data. See https://www.agileplannerapp.com/blog/building-agile-planner/rails-background-jobs-in-threads for more information on processing in background threads on Heroku.