Hello all :)
This isn't exactly a programming question (and I really hope it doesn't have to go in that direction, or my issues will only worsen), but hopefully I am still welcome because after reading around here I really think you could help me immensely.
I was reading the guide: "Create a New Subscription from a Previous Transaction" and it states:
"Note: The payment processing associations that regulate electronic check transactions require that you have the appropriate authorization from the customer to submit a recurring eCheck.Net transaction to the payment gateway."
What sort of appropriate authorization do I need to have/prove?
Our service has a monthly fee and we're looking to set this up through Authorize.
We need a way for clients to setup the Subscription themselves without using our servers and subjecting us to PCI requirements. We're a very small company and this is not something we'd prefer to have on our plate.
So the idea was to perhaps charge the first month through the Simple Checkout page hosted on Authorize's server, and then use the "Create a New Subscription from a Previous Transaction" feature to create a new subscription from that Simple Checkout transaction.
Is this the best option? There are services like Chargify out there that handle a lot of the coding for you but not only are they getting ready for another 30-40% price increase, but I'm really not comfortable setting us to be dependent on yet another company.
I'm just looking for the most sane solution for accepting standard monthly charges.
Thank you SO much for any assistance you can provide. I really look forward to your response.
Sorry to double post but I passed the threshold for being allowed to edit my previous message.
We also have the option of using WHMCS.com which as support for Authorize.net CIM http://docs.whmcs.com/Authorize.net_CIM
However, I imagine we'd still have some PCI complaince issues to worry about as opposed to everything being hosted on Authorize.
Please note that payment authorization from customer for recurring transactions is only relevant to eCheck transactions and not credit cards. If you wish to use eCheck.Net to accept recurring transactions for goods or services on a regular basis I would suggest that you check page 12 of the Echeck.Net User Guidelines. With regards to your question about using WHMCS.com, your best option is to contact your Merchant Service Provider to find out how using this option would affect PCI requirements.
Thank you so much for your response.
I'm a little confused, I cannot do recurring payments without eCheck? I'm confused with home many of these extra services I need to sign up for, there is the CIM, the ARB, and now perhaps eCheck.
I'm just looking to allow our customers the ability to pay a flat monthly fee on a recurring basis, I seem to have a lot of trouble doing this with Authorize.net so I must be doing something wrong :)
With PayPal I give them a subscription button and we're done.
Automated Recurring Billing (ARB) works for both credit card and eCheck transactions but the authorization from customer for recurring transactions is only required for eCheck. Authorization requirements are determined by NACHA for all ACH (eCheck) transactions. That is why they are different from credit card authorization requirements.
I see I am only looking to do the recurring payments through credit card. What would you do in my position?
Thanks soo much!
Unfortunately, that isn't something that has a definitive answer. It is ultimately going to have to be your decision if you would rather automate the system and have more PCI obligations, or manually handle it and minimize PCI. I do think it is important to remember that, as a merchant, you can never "eliminate" PCI. Even if you never directly touch the card numbers, you will still have to complete at least a PCI questionnaire.