authorize.net magento 2.x payment module · 2018-09-25 · sep 17 2018 authorize.net global payment...

Sep 17 2018 Authorize.Net Global Payment Management for Magento 2.x 1

Authorize.Net Magento 2.x Payment Module

User Guide

Revision 1.0.1

September 17, 2018


Contents

Document History ............................................................................................................................................................... 4

1. Introduction ...................................................................................................................................................................... 5

2. Authorize.Net Installation ........................................................................................................................................... 5

3. Authorize.Net Configuration ...................................................................................................................................... 6

3.1. Configuration Wizard ........................................................................................................................................ 6

3.1.1. Merchant Keys .................................................................................................................................................. 7

3.1.2. Store Base Currency ....................................................................................................................................... 7

3.1.3. Accept.js Public Client Key ........................................................................................................................... 7

3.1.4. Credit Card Payments .................................................................................................................................... 7

3.1.5. Visa Checkout ................................................................................................................................................... 7

3.1.6. Webhooks Signature Key ............................................................................................................................. 7

3.1.7. PayPal Express .................................................................................................................................................. 8

3.1.8. eCheck ................................................................................................................................................................. 8

3.2. Manual Configuration ....................................................................................................................................... 8

3.2.1. General ................................................................................................................................................................ 8

3.2.2. Visa Checkout ................................................................................................................................................... 9

3.2.3. PayPal Express ............................................................................................................................................... 11

3.2.4. Credit Card ...................................................................................................................................................... 12

3.2.5. eCheck .............................................................................................................................................................. 13

3.2.6. Centinel 3D Secure by Cardinal .............................................................................................................. 13

3.2.7. Webhooks ....................................................................................................................................................... 14

3.2.8. Save Configuration ...................................................................................................................................... 16

4. Advanced Fraud Detection Suite ........................................................................................................................... 16

5. Activating Centinel 3D Secure by Cardinal ........................................................................................................ 18

6. Webhooks ...................................................................................................................................................................... 19

7. Order Management .................................................................................................................................................... 20

7.1. Overview ................................................................................................................................................................ 20


7.2. Capture Payment .............................................................................................................................................. 22

7.3. Void Authorization ........................................................................................................................................... 24

7.4. Refunds .................................................................................................................................................................. 24

7.5. Partial Refunds and Captures ..................................................................................................................... 25

7.5.1 Refunds offline (Credit Memo) ................................................................................................................ 25

7.5.2 Capture offline (Capture Offline) ............................................................................................................ 26


Document History

Revision Date Changes

1.0.1 Sep 17, 2018 Updated 2. Authorize.Net Installation steps.

Added minor details to 3.1.1. Merchant Keys, 3.1.6.

Webhooks Signature Key, and 7. Order Management

fields table.

1.0.0 Jun 27, 2018 Initial Release


1. Introduction

The purpose of this manual is to guide a user through the installation and configuration

settings and the general use of the Authorize.Net Payment Module Extension for the Magento

2.x ecommerce platform.

Following are the features offered by this extension:

Visa Checkout

PayPal Express

Credit Card

eCheck

Centinel 3D Secure by Cardinal

Fraud Detection

2. Authorize.Net Installation

Authorize.Net Magento modules installation requires composer.

Important! Before you begin installation, create a backup of your current installation

files and database.

Install the module in your Magento root directory:

composer require authorizenet/magento-module-authorizenet

After the Composer installation process is finished, upgrade your database structure:

bin/magento setup:upgrade

Some Magento installations can have incompatible libraries installed, resulting in the error below:

PHP Fatal error: Uncaught Error: Class

'Symfony\\Component\\Yaml\\Yaml' not found


This conflict can be safely resolved by changing one of the shared libraries, run the following

command in Magento installation directory:

composer require --update-with-dependencies

symfony/dependency-injection:'~3.3.30' && composer update

3. Authorize.Net Configuration Before configuring the payment module, log into your account and navigate to the

Payment Methods section, by following these steps:

1. Log into your Magento Admin Panel.

2. Navigate to Stores -> Configuration.

3. Identify the Sales section in left navigation.

4. Identify the Payment Methods in Sales and select Authorize.Net.

3.1. Configuration Wizard

Instead of manually setting up the Authorize.Net extension, you can run the Authorize.Net

Configuration Wizard, which will take you through a systematic configuration.

Authorize.Net Configuration Wizard


3.1.1. Merchant Keys

The wizard requires your Authorize.Net merchant account Login ID and Transaction Key. Which will

allow loading necessary data from the merchant account automatically, thus configuring the

extension in a simple systematic manner.

It will try to load necessary data from your merchant account automatically.

You can register for a free Authorize.Net sandbox account for testing during development of the

website before going to production stage. To apply for sandbox account, follow this link --

https://developer.authorize.Net/hello_world/sandbox/.

3.1.2. Store Base Currency

This step will check if your Magento Base Currency matches the currency of your Authorize.Net

account.

3.1.3. Accept.js Public Client Key

This step configures an Accept.js client key automatically, using an API, and allows you to verify the

key. If you have not done this previously, you may be required to log into your Authorize.Net

account and configure this key.

3.1.4. Credit Card Payments

In this step, you can enable credit card payments for your store and select accepted credit card

types.

3.1.5. Visa Checkout

Visa Checkout is a quick and secure PCI DSS-compliant payment method. In this step, you can

enable it and input your Visa Checkout API Key. You can setup Visa Checkout API Key within your

Authorize.Net account merchant interface.

3.1.6. Webhooks Signature Key

Signature Key verifies the integrity of Webhooks messages. Webhooks are “push notifications”. Any

action or change performed on your Authorize.Net account will synchronize to your store. It allows

you to keep your orders up to date with Authorize.Net transactions.

Your signature key can be obtained from the Authorize.Net merchant interface. If you have

previously entered a signature key, you can enter that value here. If you lost your existing signature

https://developer.authorize.net/hello_world/sandbox/

https://developer.authorize.net/api/reference/features/webhooks.html


key or you have never established one, you can generate a new key by following the steps below.

1. Log in to the Authorize.Net merchant interface and navigate

to Account > Settings > Security Settings > General Settings > API Credentials & Keys

2. Make sure to select the box for “Signature Key”. It is not necessary to check the box to

disable the existing key immediately unless your existing key has been compromised.

3. Answer your security question and click submit.

4. Your new signature key will be displayed on the screen. This value should be entered into

the module configuration and stored securely, as it is not possible to view it again.

Note: If you are already using your signature key in another application, it is important to update

that existing application with your newly generated key.

3.1.7. PayPal Express

Enable or disable PayPal Express checkout with Authorize.Net.

3.1.8. eCheck

Enable or disable acceptance of eChecks in your store.

3.2. Manual Configuration

3.2.1. General

Stores > Configurations > Sales > Payment Methods > Authorize.Net > General

General section allows you to configure general parameters related to your Authorize.Net

account. For example, login ID and transaction key. In addition, you can enable debug logging

and sandbox mode.

General

Configuration

Input Field

Description

Debug Select Yes from the drop-down menu to enable Authorize.Net API

request logging. Log file is stored in

%MAGENTO_ROOT%/var/log/anet.log.

Sandbox Mode Select Yes from the drop-down menu to indicate that you are using an

Authorize.Net developer sandbox account.

https://account.authorize.net/


General

Configuration

Input Field

Description

Login ID Enter your Login ID from your Authorize.Net merchant account.

Transaction

Key

Your transaction key is obtained from within the Authorize.Net interface. If

you have previously generated a transaction key, you can enter that value

here. If you have lost your existing transaction key or you have never

established one, you can generate a new key by following the steps below.

1. Log in to the Authorize.Net merchant interface and navigate

to Account > Settings > Security Settings > General Settings > API

Credentials & Keys

2. Make sure to select the box for “Transaction Key”. It is not necessary

to check the box to disable the existing key immediately unless your

existing key has been compromised.

3. Answer your security question and click submit.

4. Your new transaction key will display on the screen. This value

should be entered into the module configuration and stored

securely as it is not possible to view it again.

Note: If you are already using your transaction key in another application, it

is important to update that existing application with your newly generated

key.

Client Key Enter your Accept.js client key here.

To generate the Client Key:

1. Log in to the Authorize.Net merchant interface and navigate to

Account > Settings > Security Settings > General Security Settings

> Manage Public Client Key.

Signature Key Enter your signature key here. You can obtain signature key per

instructions given in Configuration Wizard Signature Key section.

3.2.2. Visa Checkout

Stores > Configurations > Sales > Payment Methods > Authorize.Net > Visa Checkout.

Visa Checkout section allows you to configure parameters related to accepting Visa Checkout

payments through your Authorize.Net account. For example, enable, title, action, and API key.


https://developer.authorize.net/api/reference/features/acceptjs.html



Visa Checkout

Configuration Input Field

Description

Enabled Choose Yes from the drop-down menu to enable Visa

Checkout for this account.

Title Enter the title that will display when you show Visa

Checkout as a payment option.

Visa Checkout API Key Enter your Visa Checkout API key.

To obtain your API Key:

1. Log in to the Merchant Interface and navigate to

Account > Digital Payment Solutions.

2. In the Visa Checkout section, click Sign Up.

3. The next page contains personal and business

information. Click the Edit button to edit this

information.

4. In the “Additional Business Information”, enter

information directly in the text fields.

5. Check the box to confirm that you have read and

accept the Additional Services Addendum.

6. Click I Agree.

7. You will receive a Visa Checkout API key, which

you can use when placing the Visa Checkout

button on your website.

Payment Action Click the drop-down menu to choose the order in which

you would like to authorize or authorize and capture

your payments.

See Authore.Net Payment Transaction for a detailed

explanation about the transaction types.

Payment From Applicable

Countries

Click the drop-down menu to select countries for which

you will make this payment type available.

Enable Visa Checkout button

on Product Page

Select Yes from the drop-down menu to enable a Visa

Checkout button on the product page.

Enable Visa Checkout button

in Cart

Select Yes from the drop-down menu to enable a Visa

Checkout button on the shopping cart.

https://developer.authorize.net/api/reference/features/visa_checkout.html


https://developer.authorize.net/api/reference/features/payment_transactions.html#Transaction_Types


Visa Checkout


Description

Remove Requirement for

Phone Numbers on Visa

Checkout Orders

Select Yes from the drop-down menu to remove the

phone number requirement from Visa Checkout orders.

Sort Order Enter a number to indicate the order in which you would

like Visa Checkout to appear.

3.2.3. PayPal Express

Stores > Configurations > Sales > Payment Methods > Authorize.Net > PayPal Express.

PayPal Express enables you to configure parameters related to accepting Paypal payments through

your Authorize.Net account. For example, enable, title, action, and API key.

PayPal Express

Configuration Input

Field

Description

Enabled Select Yes from the drop-down menu to enable

PayPal Express.

Title Enter the title to display when presenting PayPal

Express as an option.

Payment Action Choose the order you would like for authorize or

authorize and capture your payments. See

Transaction Types for detailed explanation about the

difference.

Payment From

Applicable Countries

Select from the drop-down menu the countries from

which you will accept payment using PayPal Express.

Sort Order Enter a number to indicate the order in which you

would like PayPal Express to appear.

https://developer.authorize.net/api/reference/features/paypal.html




3.2.4. Credit Card

Stores > Configurations > Sales > Payment Methods > Authorize.Net > Credit Card.

The Credit Card section allows configuring parameters related to accepting Credit Card payments

through your Authorize.Net account. For example, enable, title, action, API key, vault, and CVV.

Credit Card

Configuration

Input Field

Description

Enabled Select Yes from the drop-down menu to enable credit card

processing.

Title Enter the title to display when presenting credit card as an

option.

Payment Action Choose the order you would like for authorize or authorize

and capture your payments. See Transaction Types for

detailed explanation about the difference.

Payment From

Applicable

Countries

Select from the drop-down menu the countries from which

you will accept payment using credit card.

Credit Cards Types Choose the card brands you support from the menu.

Enable Vault Select Yes from the drop-down menu to enable this

payment method for Vault, which enables your customers

to securely store their payment information for later use.

Require CVV for

Vault on Frontend

Select Yes from the drop-down menu to enable CVV for

Vault on the front end.

Require CVV for

Vault on Backend

Select Yes from the drop-down menu to enable CVV for

Vault on the back end.

Enable 3D Secure

Card Validation

Select Yes to enable strong customer validation through

Cardinal Commerce.

Sort Order Enter a number to indicate the order in which you would

like credit card to appear in the payment methods list.

https://developer.authorize.net/api/reference/features/credit_card_tutorial.html

https://developer.authorize.net/api/reference/features/credit_card_tutorial.html



3.2.5. eCheck

Stores > Configurations > Sales > Payment Methods > Authorize.Net > eCheck

The eCheck section allows you to configure parameters related to accepting ACH/eCheck

payments through your Authorize.Net account. For example, enable, title, action, and vault.

eCheck

Configuration Input

Field

Description

Enabled Select Yes from the drop-down menu to enable eCheck for

this account.

Title Enter the title that will display when eCheck is presented as

an option.

Payment From

Applicable Countries

Select from the menu the countries from which you will

accept eCheck payments.

Order Agreement Enter a customized message that will be displayed to your

customers who place eCheck orders.

Enable Vault Select Yes from the drop-down menu to enable this payment

method for Vault, which enables your customers to securely

store their payment information for later use.

Sort Order Enter a number to indicate the order in which you would like

eCheck to appear in the payment methods list.

3.2.6. Centinel 3D Secure by Cardinal

Stores > Configurations > Sales > Payment Methods > Authorize.Net > Centinel 3D Secure by

Cardinal

The Authorize.Net extension includes the ability to enable Centinel 3D Secure by Cardinal. In

order to make use of this feature, you must have an established account with Cardinal

Commerce in addition to your Authorize.Net account.

https://developer.authorize.net/api/reference/features/echeck.html


Centinel 3D Secure by Cardinal


Description

Test Mode Choose No for production environment.

API ID Obtain from Cardinal Commerce.

Org Unit ID Obtain from Cardinal Commerce.

API Key Obtain from Cardinal Commerce.

You can obtain the test credentials from this URL.

3.2.7. Webhooks

Webhooks are “push notifications”, any action or change performed with the order in

Merchant Portal will be synced with your store. It allows you to keep your orders up to date

with Authorize.Net transactions.

1. Webhooks Status - lists registered Webhooks.

2. Webhooks Payloads - lists pending and processed Webhooks with their payloads.

To setup Webhooks for your store:

1. Obtain Signature Key as described in Webhooks Signature Key section.

2. Click Webhooks Status button, then Register Webhooks:

Register/Delete Webhooks

Webhooks Configuration

https://developer.cardinalcommerce.com/try-it-now.shtml




A success message with the list of registered Webhooks will be shown:

To delete your store’s Webhooks:

1. Click Webhooks Status button.

2. Select and Delete Webhooks.

Success message with the list of unregistered Webhooks will be shown:

Configure Webhooks notification email at Stores > System > Configuration > General > Store

Deleted Webhooks

Registered Webhooks

Webhooks Notification Email



Email Addresses > Authorize.Net Notification Email.

The Webhooks notification email notifies the administrator of unresolved webhook events. See

Webhooks Notification Email for details.

3.2.8. Save Configuration

Click Save Config to save your changes.

4. Advanced Fraud Detection Suite

Authorize.Net provides you with an ability to detect suspicious transactions in automatic mode

and manage flagged transactions via the extension.

The first step is to define fraud filters and actions in Authorize.Net merchant interface. Default

settings include the most common fraud rules. For more information about the Advanced Fraud

Detection Suite, log into the merchant interface, navigate to Advanced Fraud Detection Suite,

and click the Help link.

Save Config Button


When a suspicious transaction is detected, one of the following actions is applied depending on

the configuration:

1. Accept

2. Authorize and Hold

3. Do not Authorize and Hold

4. Decline

When either Authorize and Hold / Do not Authorize and Hold is triggered, only the following

actions are allowed on Order View page. The status of order is “Suspected Fraud”:

Fraud Detection Suite Settings

Available Actions for Suspicious Orders


If you accept the payment, then the transaction is released from hold and authorized (if not yet

authorized). Denying payment will immediately close the order and notify Authorize.Net

gateway that you declined the transaction. Transactions held with the status “Do not Authorize

and Hold” are not checked against the processing network until you approve the transaction, so

it is possible that they can still decline when you choose to Accept the Payment.

5. Activating Centinel 3D Secure by Cardinal

Authorize.Net supports Cardholder Authentication (CA) for Visa and MasterCard.

Follow the next steps to enable 3D Secure in your store:

1. Enable CA in the Authorize.Net Merchant Portal.

2. Configure Centinel 3D Secure as described here.

3. Enable 3D Secure Card Validation as described here.

A cardholder who is enrolled into 3D Secure may be prompted for additional

verification prior to order placement.

After verification, the order will proceed as usual.

For more information on Centinel 3D Secure by Cardinal, you can visit

https://www.cardinalcommerce.com/

3D Secure Verification Popup Window


https://www.cardinalcommerce.com/


6. Webhooks

Webhooks are “push notifications”: any action or change performed with the order in

Merchant Portal will be synced with your store. It allows you to keep your orders up to date

with Authorize.Net transactions. See Webhooks section for configuration details.

Webhooks module provides detailed log of all registered payloads for

troubleshooting/debug purposes.

NOTES:

Magento system cron must be configured for proper Webhooks queue processing. Please

refer to Magento documentation in order to get cron setup instructions.

Webhook status is changed from “pending” to “processed” or “failed” after processing.

Failed status does not always mean that something is wrong.

If your Authorize.Net account has multiple magento/other ecommerce software instances

connected to it, your current setup will receive webhook events for all of them. The module

will try to find transactions matching only the current instance. All other webhook payloads

will have “failed” status.

Webhooks Payload Processing Log


https://devdocs.magento.com/guides/v2.2/config-guide/cli/config-cli-subcommands-cron.html


7. Order Management

7.1. Overview

Orders placed with any of Authorize.Net’s payment methods have an additional information

block, containing gateway transaction details. These details vary from method to method. Below

is the example of transaction details submitted with credit card enrolled to 3D Secure:

The table below describes the fields. Refer Authorze.Net sandbox testing guide for response code

values.

Payment

Information Field Description

Transaction ID The ID of the Authorize.Net transaction.

Credit Card Type The type of credit card.

Credit Card Number Masked PAN of credit card.

Gateway Transaction Details

https://developer.authorize.net/hello_world/testing_guide/


Payment

Information Field Description

AVS Response Code A code and description that indicate the Address Verification Service

(AVS) results returned by the processor for a transaction.

Auth Response Code A code assigned to the transaction by the card issuing bank indicating

its authorization status.

cvvResultCode The result code of Address Verification System for transaction.

cavvResultCode

Cardholder authentication verification response code can be one of the

following:

Blank or not present -- CAVV not validated.

0 -- CAVV was not validated because erroneous data was submitted.

1 -- CAVV failed validation.

2 -- CAVV passed validation.

3 -- CAVV validation could not be performed; issuer attempt

incomplete.

4 -- CAVV validation could not be performed; issuer system error.

5 -- Reserved for future use.

6 -- Reserved for future use.

7 -- CAVV failed validation, but the issuer is available. Valid for U.S.-

issued card submitted to non-U.S acquirer.

8 -- CAVV passed validation and the issuer is available. Valid for U.S.-

issued card submitted to non-U.S. acquirer.

9 -- CAVV failed validation and the issuer is unavailable. Valid for U.S.-


A -- CAVV passed validation but the issuer unavailable. Valid for U.S.-


B -- CAVV passed validation, information only, no liability shift

Enrolled Indicates whether 3DS was used for this transaction.

CAVV Cardholder Authentication Verification Value

ECIFlag

Electronic Commerce Indicator (ECI). The ECI value is part of the 2 data

elements that indicates that the transaction was processed

electronically.

PAResStatus

Payer Auth response status code.

Y: the password is correct.

N: the password is incorrect.

U: it is not possible to validate the password. For example, failure of an

ACS system component such as the cardholder database.

A: Proof of authentication attempt was generated.

SignatureVerification Verified by Visa and MasterCard SecureCode.

XID 3-D Secure transaction ID.

FSDFilterAction Action of triggered AFDS filter.

FDSFilters List of triggered AFDS filters with actions.


Order View page shows available actions for current order. These actions depend on status and

transaction type. Below is an example of Authorize Only order actions:

7.2. Capture Payment

Authorize-only orders are only paid when capture the authorized amount is completed. To do

so, identify the invoice action at the top of Order View page and click on it. It is important to

choose Capture Online to actually capture authorized amount:

The extension supports capture once. The extension will get all items to create invoice.

Available Order Actions

New Invoice Page


Order Totals

The extension also supports partial payment captures. You can adjust item quantities and create

partial invoices. Once you have created partial invoice, pay attention to order totals. You will see

Total Due field indicating the amount not captured yet:

Partially Captured Order Totals


7.3. Void Authorization

Authorize-only orders have Void and Cancel, along with other available actions at the top of Order

View page.

Void will void authorization, but you will still be able to invoice the order offline and ship. The order

will not display the void function when the order has been settled.

Cancel will close the order after voiding such that you will not be able to do anything with it later.

7.4. Refunds

To create a refund, go to invoices:

Select the appropriate invoice and then click Credit Memo at the top of Invoice View page. The

extension supports partial refunds, you can adjust amount by Adjustment Fee and Adjustment

Refund fields. See Magento documentation for further details.

Order Invoices List


Click Refund after all adjustments. A credit Memo will be created, and the amount will be refunded.

NOTE: Clicking Credit Memo at the top of Order View page will create an offline refund.

NOTE: Refunds are possible only for already settled transactions, Authorize.Net settles transactions

once every 24 hours. All attempts to refund unsettled transaction will lead to a gateway error.

7.5. Partial Refunds and Captures

If Webhooks have been configured, transactions modified directly within Authorize.Net (not from

within Magento) will be detected by this extension. However, external partial captures and

refunds will not automatically update a transaction status within Magento because there is no

way to determine which items were captured or refunded to create an invoice or credit memo in

Magento.

In such cases, you need to create a partial refund and capture using offline mode magento.

7.5.1 Refunds offline (Credit Memo)

Credit Memo (refunds)

New Credit Memo


7.5.2 Capture offline (Capture Offline)

Creating invoice

The module sends notification emails to the address configured in General section when they are

successfully created.

authorize.net magento 2.x payment module · 2018-09-25 · sep 17 2018 authorize.net global payment...

Documents