Results 1 to 7 of 7
  1. #1
    Join Date
    Aug 2006
    Location
    Kirkland, WA
    Posts
    79
    Plugin Contributions
    2

    Default CyberSource – Checkout process with too many pages.

    In test mode at CyberSource, credit card (visa, mc) transactions are going through the checkout process and, the following CyberSource Business Center Order Search displays the accepted order.
    What seems inappropriate is the number of pages (4) required to complete the checkout process and the not secure connection used to transmit the credit card number.

    Here is the checkout page sequence:

    ZenCart Step 1 of 3:
    • Checkout shipping information
    • Not secure (http)

    ZenCart Step 2 of 3:
    • Checkout payment information (including credit card number)
    • Not secure (http)

    ZenCart Step 3 of 3:
    • Checkout confirmation covering the previously captured information
    • Not secure (http)

    CyberSource HOP (Hosted Order Page):
    • The HOP page containing: order total amount, credit card info, billing info, shipping info. as well as a BUY button.
    • Secure (https)

    The following page is the ZenCart “Thank You for your order” page to inform the customer that the order as been received.

    It seems that Step 2 of 3 as well as Step 3 of 3 are two not secure steps too many.

    I could not find any reference to this subject in the ZenCart Forum.
    Am I missing a parameter somewhere to correct this situation?

    Environment:
    ZenCart v1.3.0.1
    ZenCart > Admin > Modules > Payment : only the cs module is installed and active.
    CyberSource Business Center > Settings > Account Info: HOP is selected.
    ZenCart Host: no SSL certificate installed or shared.

    Thanks for your help,

    deBeaujeu

  2. #2
    Join Date
    Aug 2005
    Posts
    52
    Plugin Contributions
    0

    Default Re: CyberSource – Checkout process with too many pages.

    Someone correct me if I'm wrong - I believe you need to obtain a security certificate and activate SSL.

    The first three steps are standard Zen procedure for all checkout methods, and should be properly secured behind https.

  3. #3
    Join Date
    Aug 2006
    Location
    Kirkland, WA
    Posts
    79
    Plugin Contributions
    2

    Default Re: CyberSource – Checkout process with too many pages.

    Thank you Holgate for taking the time to respond to my post.
    It seems that using CyberSource to process ZenCart transactions is not a very popular subject.
    When a payment module is supported by contributors only, as opposed to the Developers, popularity and support take a plunge.

    I have ordered a SSL Certificate, as you suggested, and will be back at testing the payment gateway tomorrow, but this time I will include both CyberSource and Authorize.net. Authorize.net is “trying harder” and offers a free Testing Account for developers.

    At first, I had in mind to use the CyberSource HOP (Hosted Order Page) and thus avoid the installation and cost of a SSL Certificate. CyberSource documentation is very clear in that respect. The HOP resides on their Web server and is presented to the merchant customer in a secure manner (https) in order to capture credit card information.
    It looks like ZenCart was built to work with its own secure environment. I am not ready to modify any portion of the system to support a payment gateway HOP. In any case, it will look more professional with the secure connection integrated into ZenCart.

    From previous ZenCart Forum threads/posts, I noticed that you are currently using CyberSource with SSL on a retail store in production. Which connection method are you using: Silent Order Post or Simple Order API? Did you customize the ZenCart system in any way?

    Thanks for your help,

    deBeaujeu

  4. #4
    Join Date
    May 2006
    Location
    Texas
    Posts
    565
    Plugin Contributions
    4

    Default Re: CyberSource – Checkout process with too many pages.

    Hi deBeaujeu,

    I worked with a client and set up their zencart to be used with Cybersource. It was a few months ago, but I'm *pretty* sure we used Silent Order Post for it

    As far as the secure connection goes, you will also need to enable the secure connection in your configure files once you install the SSL certificate. The two files you need to modify after installing the SSL are:

    includes/configure.php
    admin/includes/configure.php

    and set ENABLE_SSL to true for catalog, and admin if you want SSL admin logins. The variable name starts with something like that, I can't remember offhand what it is

    You will not need to modify your hop file to include the SSL stuff.. right now you should be OK but all you need is an SSL certificate as its required when accepting credit card payments off your own site

    The only thing I dislike about the Cybersource module is that you see it submitting the information to the Cybersource servers.. its got that small 1/2 second page thats refreshed and it appears to be blank. The linkpoint and Authorize.net modules do not have this (that i'm aware of.. i haven't noticed it on my linkpoint one anyway)

    Hope this helps!

  5. #5
    Join Date
    Aug 2005
    Posts
    52
    Plugin Contributions
    0

    Default Re: CyberSource – Checkout process with too many pages.

    Mine was going to be just a HOP script setup.. I still haven't moved to a live shop yet, after dropping service with UltraCart. The main issue holding me up is the payment gateway and my (seemingly futile) allegience to BOA. I've been burned a couple times with bogus verification #'s, and shipped product automatically because CyberSource captured the transaction. Starting to lose hope for CyberSource programmers to provide code that addresses CVS/CVV issues. Today's call was answered with another ambiguous response, "it's on the list", "maybe next quarter"... whatever. Time to shop for another gateway. I guess I'd rather stick with Zen then BOA's merchant program.

    Also remaining patient as Zen continues to improve with each version (hey - look at that... another release today!), and trying to hold out for Absolute's mod - "Multiple Stores with One Checkout" before throwing in the time for active sales.

  6. #6
    Join Date
    Aug 2006
    Location
    Kirkland, WA
    Posts
    79
    Plugin Contributions
    2

    Default Re: CyberSource – Checkout process with too many pages.

    Thanks for your feedback.
    Test transactions, submitted with the Silent Order POST method (with SSL), seem to be processed and recorded properly on the CyberSource Business Center database. Using the Business Center Search function, I could not detect any major anomalies.

    The available CyberSource testing environment is not allowing all transaction types to be tested, but the hand shaking between ZenCart and CyberSource appears to be working as expected.

    One transaction type I could not test was the case of a valid card number resulting in a declined authorization. There are 2 orders showing a 1 penny difference between the ZenCart Order Total and the Business Center Transaction Search Details (i.e. ZenCart $223.42, CyberSource $223.41).
    I have an open ticket with CyberSource on these 2 anomalies.
    Also, the CVV verification is not performed in test mode. I am planning to carefully read the CVS/CVV issues on thread=38848. Thanks Holgate on this one.

    Thanks getyourgamehere. Your suggestion made updating the configuration.php files easy. Out of the 4 CyberSource payment Module files, only one had to be modified to accommodate SOP. I had to change one line in /included/modules/payment/cs.php to connect properly (around line 50-60): $this->form_action_url = 'https://orderpagetest.ic3.com/hop/ProcessOrder.do';
    No modification to HOP.php.

    With such positive test results so far, I am going forward with the CyberSource SOP Connection.

    I spent one day testing with Authorize.net AIM but had a persistent problem (transaction cannot be processed). In any case, this subject should be covered in a different thread/post.

    Thanks for your help,

    deBeaujeu

  7. #7
    Join Date
    Aug 2006
    Location
    Kirkland, WA
    Posts
    79
    Plugin Contributions
    2

    Default Re: CyberSource – Checkout process with too many pages.

    This post is to more or less bring an end to this thread. The Zen Cart store I was working on is now LIVE and processing credit card transactions as expected.
    I have used Zen Cart payment module v1.04 to support the CyberSource Payment Gateway.

    I have unwisely spent a lot of time on the CyberSource HOP connection method as you can read from previous posts. Just before I was about to quit, I tried another connection method offered by CyberSource: SOP (Silent Order POST). It was configured, tested and working in a few days.
    According to CyberSource documentation, SOP is a customized implementation of the Hosted Order Page used as an http POST API. The order process remains unchanged, but the customer sees your own custom order, receipt and error pages. You also need an SSL Certificate install on the store server.
    Should you have no choice, like in my case, where the customer already had a signed agreement with Bank of America and CyberSource, I would suggest using the SOP method as your best selection. Also, all passwords needed for user’s as well as merchant admin logins will be sent through a secure connection (SSL). This is not the case if you use the standard CyberSource HOP connection method.
    Read very carefully the CyberSource Silent Order POST User’s Guide downloaded from the CyberSource Web site: https://www.cybersource.com/support_...nt_order_post/
    Do not expect much from CyberSource Tech Support. I have experienced condescendence and contempt. They just do not care about you the customer. The phone service is useless. E-mail contact provides better results.
    Here are my suggestions:

    1. Obtain the Payment Module v1.04
    Download from http://www.motwo.com/cybersource_v1.04.zip (unknown contributor)
    The payment module v1.04 package contains 4 php files and 1 Readme.txt file.
    The HOP.php was included in the package as an example and is not usable for your test.
    You will have to obtain a newly generated version from the CyberSource Business Center.
    You need an open account with CyberSource. I beleive CyberSource also offers temporary test accounts for developpers.
    Be careful in installing the files in the proper Zen Cart host directories. Use the same directory structure as found in the zip file.

    2. Obtain a newly generated version of HOP.php
    This file is a library of 19 php functions as well as your private/public key set.
    Without a newly generated key set you will be denied access to the CyberSource server and unable to submit test transactions. At or near line 166, you will need also to enter your CyberSource account number “function getMerchantID() { return “vxxxxxxx”; }”
    “vxxxxxxx” is your CyberSource account number.
    To obtain the new HOP.php go to the CyberSource Business Center.
    From the left bar menu:
    Settings >> HOP Security >> go down to the Generate Security Script and select the PHP programming language button, then click Submit.
    Save the downloaded file (HOP.php) on your local client to later upload to Zen Cart host.

    3. Install the cs module in Zen Cart Admin
    Go to Zen Cart >> Admin >> Module >> Payment
    Be careful here, since you have 2 “Credit Card” modules listed under the column titled Modules.
    Only the one with “cs” under the next right column is needed. All other modules should be left in the non active mode.
    Select the proper cs module and click “+Install” in the upper right box.
    The Login Username is your CyberSource Account no. (vxxxxxxxx).
    Transaction mode is “test”
    Transaction method is “Credit Card”
    If you cannot see the cs module in the list of modules, it means that one or more of the 4 php files are not uploaded in the proper directory on the Zen Cart host server.

    4. Install a SSLCertificate on the Zen Cart Host
    You may also be required by your host provider to obtain a dedicated IP address.

    5. CyberSource and Zen Cart settings
    CyberSource Silent Order POST User’s Guide provides suggested Business Center settings.
    Zen Cart settings are entered through the Admin function.
    Leave your CyberSource account in test mode until all your test scenarios are completed and you are ready to go LIVE.

    Best of luck,

    deBeaujeu

 

 

Similar Threads

  1. 1.3.8 too many redirects at checkout when using FEC addon
    By anaxagoras in forum All Other Contributions/Addons
    Replies: 2
    Last Post: 1 Mar 2012, 07:24 PM
  2. Too many items in cart? Or is it too many attributes?
    By CabinetGuy in forum Managing Customers and Orders
    Replies: 16
    Last Post: 23 Aug 2011, 07:13 PM
  3. So Many Steps For Checkout Process / Sign Up and Checkout????
    By jeffory23 in forum Built-in Shipping and Payment Modules
    Replies: 3
    Last Post: 5 Oct 2009, 04:51 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR