Businesses and organizations offer WiFi in many ways — sometimes included for free with other charges, and sometimes paid separately by the hour, voucher, or mobile payment. This article introduces how WiFi services can be provided and paid for, including using credit cards for access.
The trend for businesses to charge for the Internet service
Many hospitality businesses provide free WiFi Internet for guests and visitors. The Internet service is not actually ‘free’ but is an operating cost that is added to the service charge.
Business are finding that they’re cost for providing the WiFi Internet service for guests and visitors has increased substantially for three reasons, more people are using the service, people now carry more then one WiFi device, and people are demanding faster Internet speeds for video streaming, gaming and data heavy social media apps. The following factors are responsible for significantly higher costs.
- Upgrading the WiFi infrastructure to cope with more users and faster data speeds, and extend the areas of coverage.
- Upgrading the Internet connection from a slow DSL to a fast fiber connection.
- Where fiber is not available upgrading DSL to an expensive satellite service.
- More support required as people with little know-how ask for help to use their mobile devices with the WiFi.
Hotels and motels that provided free WiFi now provide low-speed free WiFi and charge for premium WiFi with faster speeds. Campgrounds and RV parks that provided free WiFi have switched to paid only WiFi.
There are two popular methods to charge for the WiFi.
- On-line credit card payment, purchase the Internet access that is required, this is called pay-on-demand.
- Print and sell vouchers with access codes to connect to the Internet, this is popular with the campgrounds and RV parks that have a store on the premises.
Guest Internet controllers can charge for the Internet access
Guest Internet controllers have been installed by many hospitality businesses since 2010 to manage the WiFi service provided for guests, with important features that are listed.
- Share one Internet connection between many people while avoiding overloading the service.
- Add up to four Internet connections to provide guests with faster Internet.
- Prevent abuse of the service, block devices that have viruses.
- Provide reports about the use of the service.
Guest Internet controllers and the Guest Internet cloud service also provide the tools to charge for the Internet service. These include:
- Print vouchers for sale
- Credit card billing using a PayPal business account
- Integration with any billing platform using the Cloud REST API
Credit card billing using PayPal has been in use by Guest Internet for the past ten years, using the PayPal SOAP API. However PayPal is planning to discontinue the use of the SOAP API with new business accounts and offers only the REST API. The issue of a Guest Internet controller using the PayPal REST API vs. the SOAP API is legal rather than technical and is an issue regarding compliance with the Payment Card Industry Data Security Standard (PCI DSS). The SOAP interface is convenient for a product like Guest Internet because the user is passed to the PayPal website and so the cardholder information is not requested or held on the Guest Internet controller. The PayPal REST API interface requires the card holder information to be requested and put in a JSON packet on the Guest Internet controller, which means that the Guest Internet product becomes a point of sale terminal and has to comply with the requirements of PCI DSS, and the person using the Guest Internet controller must provide the annual documentation of PCI compliance. PCI DSS requires that any gateway that holds credit card information must be installed behind a firewall. The Guest Internet controller is customer facing and does therefore not comply with the PCI DSS requirements for data security of the payment gateway.
Aware of the eventual migration of the PayPal API and that it will become unsuitable as a credit card processing Interface, the engineers at Guest Internet developed a REST API interface for the Guest Internet cloud that can be easily integrated with any payment gateway, and importantly, the payment gateway can be safely installed behind a firewall.
To enhance security, the 3rd party-billing gateway has no communication with the Guest Internet controller or the Guest Internet Cloud regarding the cardholder information.
Guest Internet is very concerned with the security of cardholder information and so the payment process is designed to ensure that the customer’s credit card information will not be exposed to the Internet. In addition, communication between the 3rd party billing gateway and both the controller and the cloud is encrypted.
The Guest Internet Cloud REST API has been used by software companies and by installers of Guest Internet products to implement the payment of Internet access. By far the most popular application for the Cloud REST API has been for the implementation of Mobile Money (MoMo) payment systems for Internet service providers in many of the countries in Africa, and used daily by hundreds of thousands of users. The Cloud REST API has also been used with credit and debit card payment gateway implementations.
The remainder of this document explains for the programmer how the system works, and how to implement a payment gateway for any type of transaction, with any payment processor, anywhere in the world.
Overview of the transaction process for an Internet access purchase
Guest Internet provides customers with a cloud service for remote monitoring and management of a single WiFi service controller or for a group of controllers. Payment systems can be integrated with the Guest Internet cloud using the cloud REST Application Program Interface (REST API). The result of this integration is that an Internet user who wishes to purchase Internet access using a credit card when connected to a Guest Internet controller can do so via the Guest Internet login page.
The network infrastructure that is required to implement credit card billing is shown in the next diagram. Each location where people will access the Internet requires a Guest Internet controller to manage access to the Internet. Each Guest Internet controller communicates with the Guest Internet cloud and is part of a cloud group. A payment gateway host server has to be programmed for the credit card billing application. Customization is required for the Guest Internet login page, which displays the Internet access options offered to the user. Each payment processor has a unique API interface for the payment gateway host. The gateway host is programmed for the payment processor that is chosen. The gateway host server communicates with the Guest Internet cloud API to request access codes when a payment has been accepted.
Any Guest Internet controller can be installed at the location where the Internet services is provided, all Guest Internet controller products have the cloud management feature.
The sequence of events that occur when a user purchases Internet access is listed below.
- Connect the user device to the WiFi.
- Open the browser and see the login page.
- Select a payment, duration and data speed option from the list.
- The user request is sent to the gateway host.
- The user makes the payment via the gateway host using the mobile device.
- The gateway host communicates with the payment processor via the API to request the payment.
- When the payment receipt is confirmed the gateway host communicates with the Guest Internet cloud via the API to request an access code that corresponds with the purchase made by the user. If the payment is declined then a message is displayed on the Guest Internet login page.
- The access code is sent to the gateway host by the GIS cloud.
- The gateway host can send the code to the users phone via SMS message.
- The gateway host displays the code on the users browser page.
- The user can connect to the Guest Internet page any time using the code.
- When the code is enter to the Guest Internet controller login page it authenticates the code with the GIS cloud.
- After authentication the user is connected to the Internet.
- The user can use the code many times until the duration of the code expires.
Process steps for the Internet purchase transaction
The system diagram presented on the following page illustrates the process to charge credit cards to obtain access to the Internet. The box shown as 'resellers gateway host’ is the software that is coded and hosted by a software company or installer. To maintain the compliance requirements set out in the PCI DSS document, the gateway host server is installed behind a firewall.
The gateway host has three interfaces
o Receive the customer’s request via the Guest Internet controller custom login page to purchase access to the Internet, then gather the cardholder information and format as required by the payment processor API, this may be a REST API where the cardholder data is prepared in a JSON packet
o Communicate the payment request to the credit card payment processor via the API, and receive the answer that the payment was accepted or rejected.
o Upon acceptance of the payment communicate with the Guest Internet Cloud REST API using a JSON packet to request an access code that is appropriate to the customers purchase request. The access code is then passed back to the Guest Internet controller login page. Optionally the access codes can be sent via an SMS server to the users mobile device.
o When the payment request is declined then the appropriate message is passed back to the Guest Internet login page
o Optionally, the gateway host can also maintain a transaction report and make this accessible to the business owner via a periodic email message.
The Guest Internet REST API accepts a code request for either a single controller or a group of controllers. There is no limit to the number of controllers that can be included in a group. It is therefore possible to build a nationwide WiFi network where all credit card charges are processed by one gateway host for thousands of locations. Such a large-scale Internet service provider network is operational in several countries in Africa to provide Internet for rural communities. In the case of installations in Africa, payments are made using Mobile Money (MoMo) rather then using credit cards, however the payment process is identical.
The users procedure to purchase Internet access using a credit card
The process of purchasing Internet access is identical for both credit/debit cards and for Mobile Money (MoMo). Mobile Money is a popular credit payment method to purchase products and services used throughput Africa.
The Internet purchase procedure is shown in the following screens. The Guest Internet partner FlexiConnect prepared the screens shown for illustration purposes.
STEP 1: Connect to the WiFi, open a new browser tab and open the login page.
STEP 2: See the purchase options for Internet access. Select the service required then click the purchase access code button.
STEP 3: Enter the cardholder information on the keypad to initiate the authorization process then click the ‘send' button.
STEP 4: After the transaction is successfully completed and payment made the Internet access code is shown on the mobile device screen, and is also sent as a text message to the mobile device. The user can login to the Internet at any time until the duration of the code expires.
Credit card processor API example: Authorize.net
The user payment interface can be implemented with any payment processor that provides an application program interface (API) for integration with 3rd party payment collection systems.
Authorize.net is a popular payment processor for integration with credit card charge systems because it offers a broad range of API programming options that suit different programming skills. The Authorize.net programmer’s reference provides API programming examples in six programming languages. The API reference page is shown in the figure below.
https://developer.authorize.net/api/reference/index.html
Interface with the Guest Internet Cloud REST API
All Guest Internet controllers can be managed via the Guest Internet cloud service. An important feature of the cloud service is to generate and authenticate access codes for a single controller, or for a group of controllers.
The Guest Internet Cloud REST API interface information is provided online at this link.
https://demo.guest-internet.com/api/#
The Cloud REST API information page is shown in the following figure. The following pages explain the features of the Cloud REST API.
The Cloud REST API is used to generate, check and remove access codes that are authenticated by a controller or by a group of controllers. There is no limit to the number of controllers that can be added to the group.
A credit card billing system will present the card information to the credit card processor and upon success will then request the Cloud REST API to generate an access code corresponding to the purchase. When the code has been generated it is received as a response from the API and forwarded to the purchaser. After generation the code us used by a controller or group of controllers to authenticate the user onto the Internet when that code is presented via the login page.
In addition to generating codes the API can also create codes and request that the codes are saved for authentication. The type of code can include a MAC address. A subscriber system does not charge for Internet access on-demand but charges a monthly subscription for a service. The subscriber management system can register the MAC address of the customers connection, this might be the MAC address of a wireless CPE configured as a router in the case of a Wireless Internet Service Provider (WISP). On non-payment of the subscription the subscriber management system can call the API to delete the MAC access preventing further Internet access by the customer.
The Cloud REST API has five functions
1. Add a code to a gateway or group
2. Add multiple codes to a gateway or group
3. Remove code(s) from a gateway or group
4. Check a code on a gateway or group
5. View all codes on a gateway or group
The REST API is accessed via a HTTPS call, the URL and cloud encryption key provided for the Guest Internet customer for the call.
Call examples are provided for two languages, Curl and JavaScript. Consult the Instruction page for additional information.
The code examples references a JSON packet that is prepared with the parameters that are passed with the call, and returned from the call.
The parameters are passed in a JSON packet for sending requests and receiving replies.
JSON request parameters
Name: Value:
"test": Do not add code to gateway if set to 1. Just send a reply with JSON expected for request
"code": Code to create or update. Random code is created if not provided
"mac": MAC address to auto-login
"number": Number of random codes to create. Ignored if 'code' or 'mac' is provided
"users": Number of (concurrent) users allowed. 1 user allowed if number not set. 'Unlimited' allows unlimited users
"time": Duration of code (in minutes). Starts at first login unless 'start' is provided. Ignored if both 'start' and 'end' are provided
"start": Valid from 'YYYY-MM-DD HH:MM:SS'. 00:00:00 is used if HH:MM:SS is not provided. Ends after 'time' if 'end' not provided
"end": Valid from 'YYYY-MM-DD HH:MM:SS'. 23:59:59 is used if HH:MM:SS is not provided. Starts now or 'time' before end if no 'start'
"downspeed": Download speed limit in Kbps. Can also be set to 'default' or 'unlimited'.
"upspeed": Upload speed limit in Kbps. Can also be set to 'default' or 'unlimited'
"downlimit": Download data limit in MB. Can also be set to 'default' or 'unlimited'
"uplimit": Upload data limit in MB. Can also be set to 'default' or 'unlimited'
"email": Email address to send new code. Used to notify user of login code and instructions
JSON packet examples are shown below
1. Add a code to a gateway or group
2. Add multiple codes to a gateway or group
3. Remove code(s) from a gateway or group
4. Check a code on a gateway or group
5. View all codes on a gateway or group
JSON reply keys
Name: Reply:
"error": JSON error or missing data, request cannot be completed
"info": Array of problems with request, e.g. code not found
"codes": Array of code objects, e.g. Codes added or viewed
"removed": Array of removed objects, e.g. Codes removed
An example of a JSON reply is given below for the request ‘Add a code to a gateway or group’. The online instruction also shows the JSON format for the API reply of the other four API functions.
Next Steps
The purpose of the billing gateway is to implement the following.
- Display the Internet service offers and charges.
- Request the cardholder information.
- Communicate the cardholder information with the charge to the payment processor API and wait for the response.
- If payment is accepted; Request the appropriate access code from the Guest Internet cloud API and present the access code to the customer.
- If payment is declined; present a message to the customer that the payment request was declined.
The following development procedure lists the steps to prepare your billing gateway to charge Internet users via credit cards.
First prepare the infrastructure and determine what services will be offered.
- Choose your payment processor, this may be with a bank that the client prefers, verify that the API will meet the requirements to submit the gateway transactions.
- Select and purchase a Guest Internet gateway controller for the application.
- Create a cloud account using the gateway controller then create a cloud group and add the controller to the cloud group.
- Select the preferred method of hosting the billing gateway; this might be a shared server in a data center, or a cloud service such as AWS. The server should have the LAMP stack pre-installed.
- Define with the customer what Internet services are to be offered, based on cost, duration of access, maximum download and upload speeds, etc. See the manual information for the parameters of access codes.
The software coding steps are listed below for the billing gateway.
- Code a custom login page for the Guest Internet controller using HTMS, CSS and JavaScript to implement the service offering and transfer the user to the billing gateway.
- On the billing gateway, code the Web server page to input the cardholder data then format for the card processor gateway.
- Send the cardholder data plus the charge to the credit card processor API.
- See the response from the credit card processor API.
- Payment is accepted: call the Guest Internet cloud API to request the access code for the controller or for the group, then post the access code on the Web server user screen.
- Payment is rejected: Post a message on the Web server user screen, “the payment was declined”.
- Process completed.
Reference information
The Guest Internet cloud REST API is documented at this link.
https://demo.guest-internet.com/api/
The reference to create a custom login page with the payment options is described in the product manual, page 122. Open the manual using this link.
https://www.guest-internet.com/pdfs/GIS_product_manual_(English)_1.1.24.pdf
The credit card processor will provide examples of their API call. Here is an example from Authorize.net at this link.
https://developer.authorize.net/api/reference/index.html
Summary of Guest Internet product characteristics
Guest Internet controller features
Guest Internet products are compatible with all types of wireless access points and all managed and unmanaged network switches, including PoE and non-PoE switches.
Allow only authorized access to the Internet service; an open service with many people connected will make it slow for everyone and prevent people connecting and connected people will get disconnected.
Brand the WiFi login page and advertise additional business services.
Control access to the WiFi Internet service by providing login codes; set duration of access, set data speed per user to share the Internet bandwidth, set data volume and number of devices per code.
Auto login using a device MAC address to permit products such as TV's to connect to the Internet.
Several methods to charge for the Internet service are available if required.
Print vouchers with access codes, up to 10,000 at one time.
Point of sale terminal software for Internet cafes.
Block selected websites and block website categories after login.
Allow selected website access before login.
Block some Torrent protocols to reduce the sharing of copyrighted files illegally.
Increase Internet speed by adding more ISP connections with dual WAN providing load balance and fail-over (Available with the GIS-R6/T10/R20 and R40 only)
Block user computers that have viruses, such as DDoS, that will slow the network data speed for all users.
Protect the business computers and PoS with a PCI DSS compliant firewall to prevent access from the public WiFi network.
Monitor the WiFi service for failure, monitor the ISP service, the Guest Internet controller and wireless access points for failure, get an immediate alert if any problem occurs
The free Guest Internet cloud service provides information about the WiFi Internet use from any location, the service includes remote access to Guest Internet controllers, device status and network performance reports.
VLAN configuration permits one WiFi network to be used for both guests and staff, where guests and staff are isolated, dual use saves cost (available only with the Pro series of products, GIS-R10/R20/R40)
Guest Internet access code parameters; Codes control the user access to the Internet;
Select one of four code types: random, custom, description, MAC address
If code is random, specify the number of codes to generate, up to 10,000
Duration that the access code can be used before it expires.
Maximum download and upload data speed permitted for the code.
Optional maximum download and upload data volume permitted for the code.
Optionally allow the access code to be stopped and started to extend the time that it can be used.
Optional start date and time after which the access code can be used.
Number of devices that the access code can be used with, default is 1 device to prevent code sharing
Guest Internet methods to charge for use of the Internet
Credit card payment using a PayPal business account (Not available with the GIS-R2)
Print vouchers with access codes for sale
Point of sale terminal using the GIS-TP1 (Not available with the GIS-K7)
Download access codes for custom printing, e.g. print scratch-off cards
Custom billing API for 3rd party payment systems, e.g. Mobile Money, credit card processors,
API Integration with subscription systems, e.g. Boingo,
API Integration with business management systems, e.g. property management systems (PMS), reservation systems
2-tier billing; free low speed and charged high speed
3-tier billing; time limited free low speed service, access code entry, and paid high speed (available only with the Pro series of products, GIS-R10/R20/R40)
Guest Internet Free cloud management
Free cloud management account with every Guest Internet controller
Manage one controller or many controllers
Group management of controllers
Group code generation
Cloud API for 3rd party billing and management applications
Monitor the performance of each controller
Monitor the performance of Internet connections, identify network congestion issues
Reports showing users and usage
Failure monitoring of each site, the ISP connection, the controller and wireless access points connected to the controller
No additional charges after product purchase
After purchasing the product there are no other charges.
Free on-line support, free software upgrades, free cloud service
Contact us for more information about using Guest Internet products in your business
Guest Internet makes advanced products for guest and community WiFi
Please contact:
support@guest-internet.com