topic Re: Auto payment in CIM in Integration and Testing

Auto payment in CIM

priya — Wed, 07 Dec 2011 07:18:49 GMT

Hi I need to know whether auto payment is possible through CIM.

This means i have a requirement like

if the user clicks on pay button the already stored card information on the authorized.net server should be used to make the payment process instead of prompting the payment details again.

This should be one step process

Re: Auto payment in CIM

TJPride — Wed, 07 Dec 2011 10:58:12 GMT

Yes. CIM stores the payment details and returns a profile ID and payment profile ID(s), which you can store in your database and then later use to charge a transaction. The credit card information does not need to be re-entered unless the card stops working (expires, whatever).

Re: Auto payment in CIM

koolhassan4u — Mon, 30 Jan 2012 08:22:08 GMT

is it legeal to save customerProfileid,CustomerPaymentProfileid and CustomerShipingAddressid to our database ???

Are these ids are not customer sensitive information??? is PCI standards allows us to do that?? thanks

Re: Auto payment in CIM

TJPride — Mon, 30 Jan 2012 11:08:02 GMT

The profile ID's can not be used to retrieve credit card information and are therefore not protected under PCI security rules.

Re: Auto payment in CIM

koolhassan4u — Mon, 30 Jan 2012 15:41:34 GMT

Hello again,

Thanks for your reply.

I have a following situation.

A user comes in my website abc.com.(Assume my site is integrated with authrize cim module)

He register on my website and enable a option called auto recharge.Auto recharge means a user will set two amounts like lower=10 and upper =100.It means whenever a user credit goes to 10 or below we will auto recharge his account to 100 by using authorize.net CIM module.

Now the question is how i will do it.Its simple i will send 4 api calls to CIM module.

1)API call for create customerProfileid.By sending user information through api call to authorize.net CIM module it will return customerProfileid i will save it in my database)

2) API call for create CustomerPaymentProfileid.By sending user information and customerProfileid through api call to authorize.net CIM module it will return customerPaymentProfileid i will save it in my database) .

3) API call for create CustomerShipingAddressid.By sending user information and customerProfileid through api call to authorize.net CIM module it will return customerShippingAddressid i will save it in my database) .

4) In last i will send these three id to do a transaction.

Now i will set a cron of every 24 hours that will check user upper credit (100) and lower credit (10) which will set by user as stated earliar.If the user credit is less than lower than i will make a transaction upper(100) of that user by sending an api call (*that api call have customerProfileid ,CustomerPaymentProfileid and CustomerShipingAddressid ids in order todo a transaction.

Now please tell me is it legal to save the above three ids to my database and do a transaction whenever user reaches his lower limit...

Thanks.

Re: Auto payment in CIM

TJPride — Mon, 30 Jan 2012 16:28:59 GMT

Yes, it is legal. You are only transferring credit card data through your server (I'm assuming regular, not hosted, CIM?), not storing it, and as I stated before, none of the profile ID's are considered protected values. Password security rules still apply, but you don't need to worry about the much more complicated data storage stuff.

I assume you're telling people up front that they will be charged once they go under the 10?

Re: Auto payment in CIM

koolhassan4u — Tue, 31 Jan 2012 07:04:09 GMT

Exactly million thank. :smileyhappy: