Showing results for 
Search instead for 
Did you mean: 

Auto payment in CIM

Hi I need to know whether auto payment is possible through CIM.

This means i have a requirement like

if the user clicks on pay button the already stored card information on the server should be used to make the payment process instead of prompting the payment details again.

This should be one step process


Yes. CIM stores the payment details and returns a profile ID and payment profile ID(s), which you can store in your database and then later use to charge a transaction. The credit card information does not need to be re-entered unless the card stops working (expires, whatever).


is it legeal to save customerProfileid,CustomerPaymentProfileid and CustomerShipingAddressid  to our database ???

Are these ids are not customer sensitive information??? is PCI standards allows us to do that?? thanks


The profile ID's can not be used to retrieve credit card information and are therefore not protected under PCI security rules.

Hello again,
Thanks for your reply.
I have a following situation.
A user comes in my website my site is integrated with authrize cim module)
He register on my website and enable a option called auto recharge.Auto recharge means a user will set two amounts like lower=10 and upper =100.It means whenever a user credit goes to 10 or below we will auto recharge his account to 100 by using CIM module.
Now the question is how i will do it.Its simple i will send 4 api calls to CIM module.

1)API call for create customerProfileid.By sending user information through api call to CIM module it will return  customerProfileid i will save it in my database)

2) API call for create CustomerPaymentProfileid.By sending user information and customerProfileid  through api call to CIM module it will return  customerPaymentProfileid i will save it in my database) .
3) API call for create CustomerShipingAddressid.By sending user information and customerProfileid  through api call to CIM module it will return  customerShippingAddressid i will save it in my database) .
4) In last i will send these three id to do a transaction.
Now i will set a cron of every 24 hours that will check user upper credit (100)  and lower credit (10) which will set by user as stated earliar.If the user credit is less than lower than i will make a transaction upper(100) of that user by sending an api call (*that api call have customerProfileid ,CustomerPaymentProfileid and CustomerShipingAddressid ids  in order todo a transaction.
Now please tell me is it legal to save the above three ids to my database and do a transaction whenever user reaches his lower limit...


Yes, it is legal. You are only transferring credit card data through your server (I'm assuming regular, not hosted, CIM?), not storing it, and as I stated before, none of the profile ID's are considered protected values. Password security rules still apply, but you don't need to worry about the much more complicated data storage stuff.


I assume you're telling people up front that they will be charged once they go under the 10?

Exactly million thank. :smileyhappy: