cancel
Showing results for 
Search instead for 
Did you mean: 

iOS Device Login with loginID and transactionKey

Hi All,

 

We have problem with our iOS implementation for MPOS.

 

We use the IDTech Shuttle for card present transactions, and we have issue with our login flow. If we use username and password everything works, but the problem occurs when we try to use loginId and transactionKey.


Below is the code example we are using now for login with username and password, can you all give us some insight on how to change it so we can use loginId and transactionKey instead of username and password???

 

Some sample iOS code would be greatly appreciated.


MobileDeviceLoginRequest *mobileDeviceLoginRequest = [MobileDeviceLoginRequest mobileDeviceLoginRequest];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.mobileDeviceId = [[[UIDevice currentDevice] identifierForVendor] UUIDString];
[AuthNet authNetWithEnvironment:ENV_TEST];
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.name = @"authorizeNetUsername";
mobileDeviceLoginRequest.anetApiRequest.merchantAuthentication.password = @"authorizeNetPassword";
AuthNet *an = [AuthNet getInstance];
[an setDelegate:self];
[an mobileDeviceLoginRequest:mobileDeviceLoginRequest];

Lucas
Member
1 ACCEPTED SOLUTION

Accepted Solutions

Hello @Lucas 

 

We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password.  This gives you the ability to remotely approve and disable individual devices within the Merchant interface.

 

A training video is available with more details:

 

 

Richard

View solution in original post

RichardH
Administrator Administrator
Administrator
6 REPLIES 6

Hello @Lucas 

 

We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password.  This gives you the ability to remotely approve and disable individual devices within the Merchant interface.

 

A training video is available with more details:

 

 

Richard

RichardH
Administrator Administrator
Administrator

@RichardH wrote:

Hello @Lucas 

 

We don't recommend storing the API Login and Transaction key on the mobile device, but instead use the Login ID and Password.  This gives you the ability to remotely approve and disable individual devices within the Merchant interface.

 

A training video is available with more details:

 [video removed]

Richard


Hi Richard,

 

Thank you kindly for your reply! In our current workflow, we use the username and password. From your reply and one other I read, it sounds like this is the recommended method.

 

The way it functions now is when a new device attempts a login, it lands in the Mobile Device Management list for approval on account.authorize.net.My follow-up question is what do you mean by "remotely" approving and disabling devices?

 

Regards,

Lucas

Hello Lucas,

 

If device is ever lost or stolen, you can disable it in the Merchant Interface at http://account.authorize.net and it can no longer be used to process transactions.

 

Richard

Got it!! Thanks for the clarification.

But there is a loophole. Apps will be used by employees. So they must not know about the merchant credentials(login and password) else they can misuse it. I still am not able to understand the role of transaction key here. We should be using that instead of merchant's login data.

Hello @hiren43

 

You will need to create additional users with separate credentials for these devices in the Merchant Interface.  When creating the users, you can for example specify they are a transaction manager which only allows users to perform transactions but not make changes to the account.

 

Richard