Is there any way to create a CIM record or an ARB record while processing a DPM transaction in such a way that card holder data never goes through my network?
My payment form HAS to be hosted on my site. And I don't ever need to edit a stored Customer/Credit Card record once it's created, I'll just be doing adds/deletes.
The reason I'm asking this is because I deal with CUSTOM orders a lot, and we'll charge up front for an order, but then the customer asks for a few tweaks, and then we need to charge them an additional $5 or $10 for the adjustments we made. I'd really like to be able to just charge my customer a second time (sometimes 2 weeks after the initial sale) without having to request THEM to make a second payment and provide their CC details again. If there's some way I can acheive this goal, please let me know, there must be something I'm missing.
Ideally, I never want CC info on premises or going through my network. And I need to maintain control of the look and feel of the entire payment experience.
Thanks in advance for your responses!
01-19-2012 11:39 AM
You can create an ARB subscription from a previous payment in your control panel - just go to the settled transaction and click the link. And you should be able to set a single payment for that. If you want to do it automatically, however, and you don't want to increase your PCI exposure, your only choice is hosted CIM, probably with iframe popups.
01-19-2012 06:45 PM
TJ, thanks for responding.
Looks like I'm going to have to compromise and use a hosted CIM.
The ARB on a settled transaction is a great idea for a work around. Unfortunately, ARB subscriptions don't charge in real time, so I'd have a delay in getting the money. It would be quite a hassle to make subsequent transactions work that way.
I'm just hoping I can get the hosted CIM to do the following:
---------------------------------------------------------------------------------------------------------------
1. Only display fields for Credit Card info and Billing Address to create the CIM record on my Payment Form via iFrame
(then after the payment form is submit to authnet and the CIM record is created, I'll charge the CIM record for the initial sale and store a reference to the CIM record)
and
2. Not throw any errors if 2 CIM records (diff cust IDs) have the same CC# and/or Billing Address. I have no desire to let people go back and EDIT their CIM records. I plan on deleting a CIM record after the order is complete on my end, and leaving it open soley to do an additional upcharge if needed.
You don't happen to know if either of those are possible off hand do you? If not, no big deal, I'll be playing with the hosted CIM solution sometime next week.
Thanks for your help,
- Kurt
01-20-2012 08:47 AM
Fields used to determine duplicates:
createCustomerProfileRequest
merchantCustomerId, description, email
createCustomerPaymentProfileRequest
customerProfileId, cardNumber, accountNumber, routingNumber, billToFirstName, billToLastName, billToAddress, and billToZip
createCustomerShippingAddressRequest
customerProfileId, firstName, lastName, address, zip and phoneNumber
So if they enter the same information and the profile is still there, you're going to get a dupe error. However, the existing profile ID will be returned along with the error, and you can choose what to do from there.
01-20-2012 09:48 PM