topic Re: iOS Device Login with loginID and transactionKey in Integration and Testing

iOS Device Login with loginID and transactionKey

Lucas — Tue, 07 Apr 2015 22:04:40 GMT

Hi All,

We have problem with our iOS implementation for MPOS.

We use the IDTech Shuttle for card present transactions, and we have issue with our login flow. If we use username and password everything works, but the problem occurs when we try to use loginId and transactionKey.

Below is the code example we are using now for login with username and password, can you all give us some insight on how to change it so we can use loginId and transactionKey instead of username and password???

Some sample iOS code would be greatly appreciated.

MobileDeviceLoginRequest *mobileDeviceLoginRequest = [MobileDeviceLoginRequest mobileDeviceLoginRequest];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.mobileDeviceId = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
[AuthNet authNetWithEnvironment:ENV_TEST];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.name = @"authorizeNetUsername";
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.password = @"authorizeNetPassword";
AuthNet *an = [AuthNet getInstance];
[an setDelegate:self];
[an mobileDeviceLoginRequest:mobileDeviceLoginRequest];

Re: iOS Device Login with loginID and transactionKey

RichardH — Tue, 07 Apr 2015 22:32:53 GMT

Hello @Lucas

We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password. This gives you the ability to remotely approve and disable individual devices within the Merchant interface.

A training video is available with more details:

Richard

Re: iOS Device Login with loginID and transactionKey

Lucas — Wed, 08 Apr 2015 10:07:29 GMT

@RichardH wrote:
Hello @Lucas

We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password. This gives you the ability to remotely approve and disable individual devices within the Merchant interface.

A training video is available with more details:
[video removed]
Richard

Hi Richard,

Thank you kindly for your reply! In our current workflow, we use the username and password. From your reply and one other I read, it sounds like this is the recommended method.

The way it functions now is when a new device attempts a login, it lands in the Mobile Device Management list for approval on account.authorize.net.My follow-up question is what do you mean by "remotely" approving and disabling devices?

Regards,

Lucas

Re: iOS Device Login with loginID and transactionKey

RichardH — Wed, 08 Apr 2015 13:04:15 GMT

Hello Lucas,

If device is ever lost or stolen, you can disable it in the Merchant Interface at http://account.authorize.net and it can no longer be used to process transactions.

Richard

Re: iOS Device Login with loginID and transactionKey

Lucas — Wed, 08 Apr 2015 15:23:15 GMT

Got it!! Thanks for the clarification.

Re: iOS Device Login with loginID and transactionKey

hiren43 — Tue, 01 Aug 2017 06:54:44 GMT

But there is a loophole. Apps will be used by employees. So they must not know about the merchant credentials(login and password) else they can misuse it. I still am not able to understand the role of transaction key here. We should be using that instead of merchant's login data.

Re: iOS Device Login with loginID and transactionKey

RichardH — Tue, 01 Aug 2017 12:37:22 GMT

Hello @hiren43

You will need to create additional users with separate credentials for these devices in the Merchant Interface. When creating the users, you can for example specify they are a transaction manager which only allows users to perform transactions but not make changes to the account.

Richard