We have implemented the Accept Payment Hosted Paypage in order to take advantage of the lower PCI requirements. In 99% of payments, the process works great. Our customers are able to process their cards and the system responds, via the communicator, with correct response information.
In 1% of the cases, the process is somehow interrupted. The communicator is not able to send the response information correctly. There are no errors raised within the system and the payment information is then not able to be completed in our software. The missing payments are not identified until either a reconciliation is completed, or we are notified that someone did not get a receipt or information regarding the sale.
We were able to identify one issue related to security software called Kaspersky. There is a component within that software that actually takes over the payment process. It notifies the user and then opens a 'secured' browser window and presents the user with a payment page. The user is able to complete the payment and are presented with the stock Authorize summary page. This new browser window breaks the communication back to us and we never see the actual payment.
Is Authorize aware of this? Is there a suggestion on how to mitigate this?
When we used the old Accept process with the Nonce Token, we never ran into this issue as the payment was not processed until the nonce was passed in after the card capture. Would it be possible to implement the Nonce Process with the Hosted Paypage? This would allow the payment to only be processed if the Nonce was submitted for processing.
There is also the case where a browser may crash or the connection may faulter. These both could also cause the iframe communication to be interrupted.
Are biggest concern is that the 1% failures do not induce confidence. Missing payment information makes our customers leary. We are interested in any suggestions to bring the payment processing to 100%.