Page 4 of 4 FirstFirst ... 234
Results 31 to 38 of 38
  1. #31
    Join Date
    Aug 2009
    Location
    North Idaho, USA
    Posts
    1,909
    Plugin Contributions
    1

    Default Re: Authorize.net API with Card on File transactions support thread...

    Success. THANK YOU.

    I learned something today. Not sure exactly what I learned but I do know that I learned something.
    ===============================

    Unchecked the box within the Auth.net account. My logic says the checkbox to require CVV means to always require a CVV and uncheck says (to me), don't require CVV. But who am I but some peon user that has had that account setting for the past 10 years.

    Checkout #1 successful (unchecked the SaveCCinfo box in the OPC screen)
    Checkout #2 successful (checked the SaveCCinfo box in the OPC screen)
    Checkout #3 successful with OPC warning regarding settings changed, try again. That was checkout using saved card. The OPC warning does raise flags with customers checking out as we experienced last weekend. Just submit a 2nd time without changing anything and checkout #3 successful.
    Checkout #4 successful using Amex with 4 digit CVV and save card.
    Checkout #5 successful using "Use Saved Card" and was presented a selection of saved cards.

    Refund/VOIDs from within ZC admin all successful.





    Rick
    ChainWeavers (dot) com

  2. #32
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    1,552
    Plugin Contributions
    3

    Default Re: Authorize.net API with Card on File transactions support thread...

    rick,
    i have verified this error, as well as the solution.

    Name:  Screenshot from 2020-04-27 17-45-35.jpg
Views: 32
Size:  16.9 KB

    storing cvv is not allowed per PCI-DSS.

    if you require the card code as indicated above on your merchant dashboard, you will require the customer to re-enter the CVV number for a stored credit card transaction. currently i am not sending it when charging a customer profile which is why we were receiving the error in the first place.

    right now, i have NOT allowed stored credit cards to require a CVV number, but i will add a configuration switch for it. i will have to make a few code changes.

    removing that item on your dashboard will resolve the error.

    everything that you have stated in red above all makes sense to me.

    i'll have some new code for you soon. but turning that switch off at the bottom of the form on the auth merchant dashboard should resolve this error.... for now.

    best.
    practice #socialdistancing #staysafe
    email is hard....
    help out with the green....

  3. #33
    Join Date
    Aug 2009
    Location
    North Idaho, USA
    Posts
    1,909
    Plugin Contributions
    1

    Default Re: Authorize.net API with Card on File transactions support thread...

    TNX. I hope this exercise has been helpful vs a PIA.

    All is fine on my end & not losing sleep.
    Rick
    ChainWeavers (dot) com

  4. #34
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    1,552
    Plugin Contributions
    3

    Default Re: Authorize.net API with Card on File transactions support thread...

    Quote Originally Posted by RixStix View Post
    TNX. I hope this exercise has been helpful vs a PIA.

    All is fine on my end & not losing sleep.
    please. found a couple of bugs... that's always a positive!
    practice #socialdistancing #staysafe
    email is hard....
    help out with the green....

  5. #35
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    1,552
    Plugin Contributions
    3

    Default Re: Authorize.net API with Card on File transactions support thread...

    rick,
    just to be clear on a few things:

    • i have made the code changes for the problems that you found while implementing this module.
    • it is strictly your choice as to whether you want to send the CVV with every transaction. as indicated by your post above, it is totally configurable on the authorize merchant dashboard. if you think you are more secure by requiring it for every transaction, and changing your setting in the dashboard, that is certainly available and we can make that happen.
    • doing so would require your customer to re-input the CVV on every stored credit card transaction. which i think is a little burdensome on the customer. this is just my opinion.
    • my next version will have all of these corrections in the code. i will hopefully get it up there soon, but i can direct you to the code if you want it sooner.
    • my opinion is that requiring the CVV for the new credit card, not requiring it for the stored credit card, and setting the authorize dashboard so that it is not required is the best balance for security and convenience. that is how you are currently configured.
    • currently, if you want authorize to send or not send the customer an email receipt, that has to be done on the authorize dashboard. we currently can not override that setting within this module.

    if i can answer any further questions or help in any way, please let me know.

    best.
    practice #socialdistancing #staysafe
    email is hard....
    help out with the green....

  6. #36
    Join Date
    Aug 2009
    Location
    North Idaho, USA
    Posts
    1,909
    Plugin Contributions
    1

    Default Re: Authorize.net API with Card on File transactions support thread...

    Thank you for everything. Comments in red

    Quote Originally Posted by carlwhat View Post
    rick,
    just to be clear on a few things:

    • i have made the code changes for the problems that you found while implementing this module. I hope the code changes are for the general good of the world, not just me
    • it is strictly your choice as to whether you want to send the CVV with every transaction. as indicated by your post above, it is totally configurable on the authorize merchant dashboard. if you think you are more secure by requiring it for every transaction, and changing your setting in the dashboard, that is certainly available and we can make that happen. That 'click' setting within Auth.net is most likely a choice blindly made 10 years ago from a suggestion of our original processor. And like many choices made during initial setup, tend to get forgotten over the years until the choice has negative consequences. Thus triggering a widescale hunt.
    • doing so would require your customer to re-input the CVV on every stored credit card transaction. which i think is a little burdensome on the customer. this is just my opinion. Agree
    • my next version will have all of these corrections in the code. i will hopefully get it up there soon, but i can direct you to the code if you want it sooner. Not necessary & I am not losing sleep over this issue.
    • my opinion is that requiring the CVV for the new credit card, not requiring it for the stored credit card, and setting the authorize dashboard so that it is not required is the best balance for security and convenience. that is how you are (were) currently configured. I have unchecked that box within the auth.net account
    • currently, if you want authorize to send or not send the customer an email receipt, that has to be done on the authorize dashboard. we currently can not override that setting within this module. Not sure where this comment came from. We don't have auth.net send any customer receipt. Admin receipts yes, especially when fraud detection filters are triggered.

    if i can answer any further questions or help in any way, please let me know.

    best.
    Rick
    ChainWeavers (dot) com

  7. #37
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    1,552
    Plugin Contributions
    3

    Default Re: Authorize.net API with Card on File transactions support thread...

    version 2.0.1 released.

    addresses both bugs found by @RixStix. changes include:

    • ability to configure sending of CVV for new card and/or card on file transactions separately.
    • addresses issue when order total extends past 2 decimal places.
    • differentiates pop-up window for refunds v voids based on the transaction status; only unsettled transactions can be voided, while one can only refund a settled transaction.
    • more code cleanup, and a few more notes in the documentation.


    best.
    practice #socialdistancing #staysafe
    email is hard....
    help out with the green....

  8. #38
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    1,552
    Plugin Contributions
    3

    Default Re: Authorize.net API with Card on File transactions support thread...

    Version 2.1.0 now released!

    • now allows for separate authorization and capture!
    • continued code cleanup and efficiency
    • no ZC core files or tables modified.


    best.
    practice #socialdistancing #staysafe
    email is hard....
    help out with the green....

 

 
Page 4 of 4 FirstFirst ... 234

Similar Threads

  1. v155 Saving Credit Card Info with Authorize.Net
    By magneto in forum Built-in Shipping and Payment Modules
    Replies: 2
    Last Post: 5 Apr 2018, 06:23 PM
  2. v154 Having Issues With Duplicate Transactions in Authorize.net
    By CSGODeimos in forum General Questions
    Replies: 1
    Last Post: 27 Sep 2017, 02:53 PM
  3. v151 Duplicate transactions authorize.net AIM
    By badarac in forum Built-in Shipping and Payment Modules
    Replies: 9
    Last Post: 9 Aug 2016, 03:52 PM
  4. Replies: 1
    Last Post: 31 May 2006, 05:06 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR