cancel
Showing results for 
Search instead for 
Did you mean: 

Hosted CIM, validationMode set to none, and automatic ValidateCustomerPaymentProfile transactions

After a frustrating chat with Authorize live support, they directed me here. Hoping someone at Authorize can answer this.

 

Our application uses the CIM XML to manage customer and payment profiles, as well as issue charges, voids, and refunds against those profiles. When we want to add a card on file for one of our members, we call the createCustomerProfileRequest function, passing along <validationMode>none</validationMode> as required on page 21 of the CIM_XML_guide.pdf: "When you call createCustomerProfileRequest, then you must use a value of none (or leave the value blank) if the request does not include any payment profile information."

 

Once the customer profile has been added to CIM, we use the Authorize hosted CIM form to collect the cardholder data. We call getHostedProfilePageRequest to get the token, and use the token to forward to Authorize as specified in the docs. Note that there is no validationMode allowed in this request.

 

When the cardholder data is entered, there is an immediate ValidateCustomerPaymentProfile transaction issued against that CIM payment profile. We didnt ask it to do that, nor do we want it to do that (the point of my question here).

 

The question:

How do we turn off this validation? If we were not using the CIM hosted form, I assume we would call the createCustomerPaymentProfileRequest function, which does take the validationMode element. We are using the hosted CIM so we are not collecting any cardholder data on our servers at all.

 

I think the problem is the hosted form (which we have no control over) is submitting the validation request on its own.

 

Authorize folks -- how can we use the Hosted CIM solution and not run the validation transactions?

 

Your help is appreciated.

 

Tim

sdwebguy
Contributor
26 REPLIES 26

There are multiple validation modes if you're using regular CIM. testMode just does the surface validation and should be free. liveMode runs a credit card transaction and then voids it, so that would generate a transaction fee. Apparently, you're just stuck in liveMode using hosted CIM.

Turns out what Kristine H told me in my chatr with Authorize was not true. No surprise.

 

It appears we ARE being charged 10 cents for each forced validateCustomerPaymentProfile call just because we use the hosted CIM solution.

 

Authorize -- this is now going to be a major issue. Who can we contact to discuss options? This isnt acceptable.

 

Tim

Hey Tim and everyone,

 

I just wanted to confirm again for everyone, yes, you are charged a fee for validationMode if you choose to do the live validation. And yes, right now, there is no way to turn that off when using the hosted option for CIM. I apologize for any misinformation on the fee front.

 

Just so you know, we have passed this thread on to our development teams to let them know of the need to be able to turn off validationMode when using hosted CIM. So thanks for the feedback on that.

 

Again, I apologize for the confusion.

 

Thanks,

 

Michelle

Developer Community Manager

 

Thanks Michelle for mentioning that this feedback was passed to the dev team.  Can you post their response please so your customers can get an idea of the status?  Did they say something like, "Oh yeah, we didn't think of that before.  We'll make that available in the next minor release which is currently scheduled for Feb 15th"?  It would be nice to hear something like that, I'm helping 2 more businesses get setup with hosted CIM now so I'd really like to know.

Unfortunately, Auth.net tends not to give any guidance, road maps, etc on their development plans. It's just a black box (at best).

 

My guess is that they have a tiny development dept that spends too much time on maintenance and too little on new features. Combine that with a very long and tough testing cycle and the result is few and far between software updates from them.

 

Eg, has anyone ever seen a "release" summary from them? I only see the press releases. 

 

Bottom line:  don't count on the new feature appearing anytime soon.

 

Best results I've had have been from talking with the Auth.Net president at trade shows. He often shows up. 

+1 for fixing this in CIM Hosted as soon as possible.

Not sure if there was any solution to this, but we also REALLY need to have a way to control validation on the hosted profile page. I would prefer to have a way to pass something to GetHostedProfilePage through hostedProfileSettings and disable the validation. Unless if there is a strong reason behind the implementation,  I think this is one of those things where every client should decide based on their business needs. In my case it's not acceptable to have one extra $0.00 voided charge on credit card statement as it's confusing for customers and where we all trying to do is to keep customers happy and not think about some mysterious $0.00 charge.

 

Autorize.Net guys ... Can you reveal the plans on this .. Is there anything on roadmap?

Hey everyone,

 

Unfortunately, we can't really comment on exactly what will be released and when. But I can assure you that our dev teams are aware of this request, and we hope to get it resolved in an upcoming release.

 

Thanks,

 

Michelle

Developer Community Manager

After spending much time and $$$ to reprogram all our checkouts, our accounting people came to me after we went live asking about all the extra charges!  Our developer found this thread.  PLEASE FIX! And it would be appropriate to disclose and waive the extra charges until it is corrected!

paulchasnoff
Member

This appears to also affect the iframe inclusion of CIM as well because essentially it's hosted (just in the iframe) as I just got an email from my "test" that a validation transaction had happened for $0.