Integration with Authorize.Net Through the API Plug-in
MYOB Acumatica offers three payment plug-ins for implementing integration with Authorize.Net. For a comparison of the features of the plug-ins, see Means of Integration with Authorize.Net.
In this topic, you will read about the details of integration for the Authorize.Net API plug-in. You will also learn how to set up and test a connection to Authorize.Net with the plug-in.
Integration Details
The plug-in uses Authorize.Net API to submit transactions to the payment gateway. The plug-in provides PCI DSS–compliant integration with Authorize.Net. It supports encrypted storage of your credentials that are used to connect to the processing center server. Sensitive credit card information is not stored in the Acumatica ERP database. Instead, the system sends customer credit card details to the processing center through an encrypted channel.
Integration with Authorize.Net also requires that you have a valid SSL certificate and that your website is capable of initiating both client- and server-side SSL connections.
Support of Multiple Currencies
Authorize.Net supports multiple currencies. You select the currency to be used for processing transactions when you set up the merchant account. Thus, you need to make sure that all accounts involved in the processing of payments are denominated in the currency you have specified in Authorize.Net for your merchant account. For each currency, you need to apply for a separate merchant account with Authorize.Net and configure a dedicated processing center in MYOB Acumatica.
Authorize.Net-Hosted Form
You may use either an MYOB Acumatica form or an Authorize.Net-hosted form to fill in customers' credit card details. The value of the Allow Direct Input check box on the Processing Centers (CA205000) form defines which form will be used to fill in customer credit card details as follows:
- Cleared: An Authorize.Net-hosted form is used.
- Selected: An MYOB Acumatica form is used.
For details, see To Add a Credit Card Through an Authorize.Net Form.
Support of Fraud Detection Services
The plug-in supports fraud detection services enabled in the Authorize.Net Merchant Interface when a user adds a new credit card for a customer by using the Authorize.Net hosted form.
For example, if you turned on the address verification service provided in the Authorize.Net Merchant Interface, after you have integrated MYOB Acumatica and Authorize.Net, the address will be verified by this service when a user adds a new credit card for a customer by using the Authorize.Net-hosted form.
Validation Modes
The plug-in supports the following validation modes that you set up on the Settings tab of the Processing Centers (CA205000) form:
- Test Mode: With this mode, which is recommended for use in a test environment, the credit card data will be sent to the processing center without it being validated there; a test transaction will not be generated.
- Live Mode: With this mode, which you must select if you are setting up a production environment, the credit card data will be sent to the processing center, which will generate a test transaction to validate the customer profile. The processing center will create a test transaction with the 0.00 amount and then void it automatically.
For details, see To Configure the Authorize.Net Processing Center with the API Plug-in.
Support of CVV Verification
Users can configure the Enhanced CCV Handling Filter in the Authorize.Net Merchant Interface to turn on CVV verification. In this case, a transaction with a CVV code not matching the CVV code stored in the processing center's settings will be declined by Authorize.Net.
For CVV verification to be turned on for a processing center, on the Settings tab of the Processing Centers (CA205000) form, Live Mode must be selected for the VALIDATION setting in the table.
Update of Expiration Dates
The plug-in supports the retrieval of unmasked expiration dates from Authorize.Net. By using the Update Expiration Dates button on the Processing Centers (CA205000) form, you can retrieve expiration dates for customer payment methods for which these dates were not specified.
Record Maintenance
When you add a credit or debit card for a customer account for the first time by using MYOB Acumatica, Authorize.Net returns the following:
- Customer Profile ID: The identifier that is associated with the customer account. Its main purpose is to link multiple payment profiles (credit or debit cards) with a single customer entity.
- Payment Profile ID: The identifier that is associated with the customer payment method. This identifier is used for storing sensitive payment information with Authorize.Net in a secure and PCI-compliant manner.
When you add another credit or debit card for this customer account, MYOB Acumatica includes the customer profile ID of the customer in the request sent to Authorize.Net, and in return receives only the new payment profile identifier that has been linked to this customer profile identifier.
By using these two identifiers, MYOB Acumatica and Authorize.Net synchronize the changes of the customer payment method in both systems. You can edit the details of a payment method by using the Customer Payment Methods (AR303010) form and the Authorize.Net Merchant Interface tools.
You can control the synchronization of the deletion of profiles by using the Synchronize Deletion check box on the Processing Centers (CA205000) form as follows:
- Cleared: With this setting, when a user deletes (in MYOB Acumatica) a customer payment method that is registered with Authorize.Net, the payment method information is not deleted from the Authorize.Net server.
- Selected: With this setting, when a user deletes (in MYOB Acumatica) a customer payment method that is registered with Authorize.Net, the payment method information is automatically deleted from the Authorize.Net server.
Restriction for the Number of Payment Methods
Authorize.Net restricts the number of payment profiles for a customer profile, it allows up to ten payment profiles for a single customer profile. If you have customers who uses more than ten credit or debit cards to pay for your goods or services, you select the Create Additional Customer Profiles check box on the Preferences tab of the Processing Centers (CA205000) form.
With the check box selected, each time the number of payment profiles exceeds 10 for a customer profile in Authorize.Net, the system creates an additional customer profile to be associated with the respective customer account in MYOB Acumatica. For example, when you add a credit or debit card for a customer account, the system checks whether the number of payment profiles for this customer exceeds 10. If it does, the system creates an additional customer profile for this customer at Authorize.Net. The system associates the next nine payment profiles with the additional customer profile for the customer.
Integration Setup
To start processing payments from customers with Authorize.Net, you should perform the following steps:
- You sign up with Authorize.Net. You apply for a payment gateway account and a merchant
account if you do not have these accounts. A merchant account is an agreement with a
merchant bank that you use to accept payment by credit and debit card. Authorize.Net
provides you with the login credentials to the Authorize.Net Merchant Interface. You sign
in to the Merchant Interface, and create your account API login ID and transaction key.
The processing center will use these two values to authenticate you and ensure that you
are authorized to submit transactions. For details, see the Authorize.Net
official site.Note: You can also create a sandbox account at Authorize.Net to test payment processing. For details, see API Plug-in Test Mode.
- You make sure that the Authorize.Net Payment Plug-In feature is enabled on the Enable/Disable Features (CS100000) form.
- You configure the Authorize.Net processing center in MYOB Acumatica. Tip: If your company works with one-time customers (those that are configured as a no-name customer in MYOB Acumatica), we recommend configuring the Authorize.Net processing center with the following settings on the Preferences tab of the Processing Centers (CA205000) form:
- Create Additional Customer Profiles: Selected
- Maximum Credit Cards per Profile: 1
For details, see To Configure the Authorize.Net Processing Center with the API Plug-in.
- Optional: You create a vendor account for Authorize.Net by using the Vendors (AP303000) form, and specify the accounts (and subaccounts) for recording any fees and charges applied by the center for processing your credit card transactions.
- You create a payment method for each bank operator whose cards you are going to process (such as Visa, Mastercard, or American Express), and associate payment methods with the Authorize.Net processing center. You can then use these payment methods as templates to create customer payment methods. For details, see To Add a Payment Method for Payment Processing.
- You collect credit and debit card details from your customers, and create customer payment methods for all customers whose payments you want to process with Authorize.Net. For details, see Configuring Customer Payment Methods.
- You test payment processing with Authorize.Net, as described in the next section.
Authorize.Net Test Mode
After initial setup, your Authorize.Net account is placed in test mode by default. In test mode, Authorize.Net does not process transactions and always returns a successful response. Thus, a test payment never gets charged.
The MYOB Acumatica plug-in is configured to use the live connection URL by default. Namely, the TESTMODE parameter is set to 0.
To switch test mode off, log in to the Authorize.Net Merchant Interface, and switch off test mode.
API Plug-in Test Mode
You can create a sandbox account at Authorize.Net to test payment processing. The sandbox account provides the same Merchant Interface as a live merchant account does. You generate the API login and transaction key in the Merchant Interface. Then you configure a processing center by using the generated login and transaction key, and you change the value of the TESTMODE parameter to 1. With this setting, the plug-in will use sandbox URL for connection.