First, you know that there is a product that is CfMD and PCI-DSS
validated for this right? http://www.redmaple.com Second, you are
sending the request via SOAP 1.1. You need to include the SOAP action in
the HTTP header. That's what it is complaining...