Hi All,
We have problem with our iOS implementation for MPOS.
We use the IDTech Shuttle for card present transactions, and we have issue with our login flow. If we use username and password everything works, but the problem occurs when we try to use loginId and transactionKey.
Below is the code example we are using now for login with username and password, can you all give us some insight on how to change it so we can use loginId and transactionKey instead of username and password???
Some sample iOS code would be greatly appreciated.
MobileDeviceLoginRequest *mobileDeviceLoginRequest = [MobileDeviceLoginRequest mobileDeviceLoginRequest];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.mobileDeviceId = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
[AuthNet authNetWithEnvironment:ENV_TEST];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.name = @"authorizeNetUsername";
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.password = @"authorizeNetPassword";
AuthNet *an = [AuthNet getInstance];
[an setDelegate:self];
[an mobileDeviceLoginRequest:mobileDeviceLoginRequest];
Solved! Go to Solution.
โ04-07-2015 03:04 PM
Hello @Lucas
We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password. This gives you the ability to remotely approve and disable individual devices within the Merchant interface.
A training video is available with more details:
Richard
โ04-07-2015 03:32 PM - edited โ04-07-2015 03:32 PM
Hello @Lucas
We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password. This gives you the ability to remotely approve and disable individual devices within the Merchant interface.
A training video is available with more details:
Richard
โ04-07-2015 03:32 PM - edited โ04-07-2015 03:32 PM
@RichardH wrote:Hello @Lucas
We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password. This gives you the ability to remotely approve and disable individual devices within the Merchant interface.
A training video is available with more details:
[video removed]
Richard
Hi Richard,
Thank you kindly for your reply! In our current workflow, we use the username and password. From your reply and one other I read, it sounds like this is the recommended method.
The way it functions now is when a new device attempts a login, it lands in the Mobile Device Management list for approval on account.authorize.net.My follow-up question is what do you mean by "remotely" approving and disabling devices?
Regards,
Lucas
โ04-08-2015 03:07 AM
Hello Lucas,
If device is ever lost or stolen, you can disable it in the Merchant Interface at http://account.authorize.net and it can no longer be used to process transactions.
Richard
โ04-08-2015 06:04 AM
Got it!! Thanks for the clarification.
โ04-08-2015 08:23 AM
But there is a loophole. Apps will be used by employees. So they must not know about the merchant credentials(login and password) else they can misuse it. I still am not able to understand the role of transaction key here. We should be using that instead of merchant's login data.
โ07-31-2017 11:46 PM - edited โ07-31-2017 11:54 PM
Hello @hiren43
You will need to create additional users with separate credentials for these devices in the Merchant Interface. When creating the users, you can for example specify they are a transaction manager which only allows users to perform transactions but not make changes to the account.
Richard
โ08-01-2017 05:37 AM