Hi folks --

One of my clients has asked me to work on an existing Merchant payment module that generates a page with frames as part of the process for connecting to the gateway. I seem to recall reading on the lists that frames are not recommended for Merchant. Can someone tell me the specifics on why?

Thanks --

The only issue with frames is typically that they often make it difficult to convey a sense of security to the shopper since the visible URL has to be secure, as well as all the frames themselves, to get the padlock to show up. So in Merchant, if you frame the store in an insecure URL, you'll typically not have the padlock even though the frame where the credit card is being submitted is perfectly secure. The fix is to make the URL https as well as Merchant and the other frames as well so when checkout time comes, all frames are secure, but then you've got the negative of running everything under SSL which is slower, more of a server load, etc.

We also see dicsonnections with shopping sessions when all the frames are not secure, which again, slows down the store.

Generally, frames are strongly discouraged in e-commerce.