I have a question about the authorize gateway and the ios integration. Will this only work for merchants that have registered their mobile devices to accept payments or can a merchant develop an app that customers can download and submit payments from any mobile device?
Reason why I'm asking is because when integrating the authorize with our app, its asking to register or mobile devices before we can start accepting payments.
Please help.
Solved! Go to Solution.
02-17-2012 11:15 AM
I could be wrong, but I think the API requires all devices to be registered. I'm theorizing it's used for card present situations where you want to take credit card orders through your cell phone. You could try integrating via a web site and just have your app pop up a web browser window, or you could have your app communicate to a web site that communicates to Authorize.net.
02-17-2012 12:21 PM
I could be wrong, but I think the API requires all devices to be registered. I'm theorizing it's used for card present situations where you want to take credit card orders through your cell phone. You could try integrating via a web site and just have your app pop up a web browser window, or you could have your app communicate to a web site that communicates to Authorize.net.
02-17-2012 12:21 PM
It seems like you've tried this web browser window method. A question about Authorize.net Simple checkout form. Is it able to accept custom fields and then return those fields back? This was I can use that form without having to rebuild a form in the app and it'll be SSL secure.
Do you have any experience with the security of APP -> Authorize.net using AIM method? Is it secure or is there an SSL like feature for apps?
Thanks you've been helpful enough with your last response.
02-17-2012 12:41 PM
To be honest, my experience with apps is minimal at best. I'm mostly a site designer and programmer. I'm sure there's a way to open an SSL connection and do a post, however - it's such a basic communication method. Since Authorize.net's AIM method requires doing that very thing, you might try digging through the iPhone SDK and finding the communication portion of the code.
On Simple Checkout - it's very simple. There are no customization features to speak of, and if you want to do that sort of thing, your best bet is to set up SIM or DPM on your web site, and just send whatever non-secure info you already have from your app (amount being paid, name, address, phone number, whatever) to get things started, using POST or a query string in the URL depending on how much control you have over the browser. If using SIM, you'll then have the form auto submit to Authorize.net using Javascript, where the customer can fill out any remaining info (the list of fields can be customized in your Authorize.net control panel), and if using DPM, you'll prefill the appropriate fields on your custom form.
I wish I knew what the official guidelines for cell phone security are / will be. One would think that if the consumer is making a payment using an app on his own phone, he's responsible for its security just like if he were using a web browser on his personal computer, and you're only responsible for the security of the communication stream and the web site on the other end, but who knows? Mobile payment is relatively new and there doesn't seem to be a simple set of guidelines I can reference.
Yes, the ready-made IOS code is secure. It just requires registering every phone, which doesn't sound like what you need.
02-18-2012 01:31 AM