Have your own great idea for a new API feature?

or maybe a suggested improvement to an existing one? Share it and become a god of the developer world.

New Idea

As mentioned in the following post:

 

http://community.developer.authorize.net/t5/Integration-and-Testing/Masked-Expiration-Date-in-Hosted...

 

The card expiry date is masked when returned in the getCustomerProfileRequest.  As the card number is masked, there is no PCI requirement that the expiry date of the card also be masked.  Without the expiry date, it makes it impossible for us to automate the process of notifying our customer's clients that their card will be soon expiring.  The reason for us going this route is to offer an ARB solution managed completely from within our application.  It is imparative for us to have access to this date.

 

The idea is a simple one.  Return the expiry date in the CIM getCustomerProfileRequest unmasked.

 

Thanks.

Status: Delivered

There should be a way to retrieve transaction details by their invoice number. If there is a network failure the only identifying information we have is the invoice number (not the Authorize.net generated transaction id).

 

Using the getUnsettledTransactionListRequest call is a bad choose since it only returns the last 1000 records.

Status: Accepted

Changing to Accepted, also it is now possible to return more than 1000 rows using paging.

Soft Descriptor and Contact Information

Status: Accepted
by jbracken1973 on ‎11-18-2014 08:38 AM - last edited on ‎01-15-2015 11:23 AM by Administrator Administrator

The ability to set the soft descriptors for a transaction. 

 

These are the fields that a customer sees on their statements, it allows for the customer to quickly ID the transactions reducing disputes and customer service.  For obvious reasons I hope.

 

Dynamic Descriptors include:

Business Name

Phone (Best Practices says this should be a Customer service number)

City and/or State

Status: Accepted

We plan to support Soft Descriptors when supported by the processors we connect to, and have plans to add support for TSYS and Global Payments.

Include ACH in Accept.Js

Status: Delivered
by dnsBuffaloNY on ‎10-01-2016 12:26 PM

Accept.Js works great!  It allows my website to capture Credit Card information without that data ever posting back to my servers.  I don't any PCI Compliance headaches.

 

My suggestion would be to enhance Accept.JS to also allow for ACH payments.  That is, have accept.JS allow for the capture of a Routing and Account Number.  It could look like this:

 

var secureData = {}, authData = {}, bankData = {};
	
	bankData.routingNumber = document.getElementById('ROUTINGNUMBER_ID').value;
	bankData.accountNumber = document.getElementById('ACCOUNTNUMBER_ID').value;

	secureData.bankData = bankData;

	authData.clientKey = '6WrfHGS76gHW3v7btBCE3HuuBukej96Ztfn5R32G5ep42vne7MCWZtAucY';
	authData.apiLoginID = 'my_api_login_id';
	secureData.authData = authData;
	
	Accept.dispatchData(secureData, 'responseHandler');

Here's a related communit post.

 

https://community.developer.authorize.net/t5/Integration-and-Testing/Accept-JS-and-ACH/m-p/55887#M30...

 

Thank you for your consideration!

Status: Delivered

For those who don't appreciate my efforts to build suspense and excitement, I'll come right out and say it:

 

We've enhanced Accept.js to be able to return a payment nonce incorporating bank account information (for eCheck) instead of just card information. This payment nonce can then be used in exactly the same way as any card-originated payment nonce.

 

The Accept.js documentation hasn't been updated to reflect this yet, but will in the next couple of weeks. In the meantime, the request works just like documented above. You submit a bankData object instead of a cardData object, and the bankData object contains four required parameters. accountType can be either checking, savings, or businessChecking.

Subscription Transactions?

Status: Delivered
by dnsBuffaloNY on ‎04-12-2017 01:15 PM

Currently, there is no easy way to get a list of transactions for a given subscription id.  To get a list of transactions for a subscription id. I load the subscription to get the customerProfileId and payentProfileId, call getTransactionListForCustomerRequest(customerProfileId, paymentProfileId), loop over the transactions returned in the response, and evaluate if transaction.subscription.id is equal to the subsciptionId I am looking for.  Furthermore, getTransactionListForCustomerRequest() uses paging, so I may need to call that API multiple times to get the collection of transactions for a subscription.

 

I am requesting there be a new API to get a list of transactions for a subscription id.  The new method would implement the standard paging and sorting.

 

See this Community Forum Discussion

 

Thank you for your consideration.

 

Account Updater

Status: Delivered
by Administrator Administrator on ‎10-29-2014 01:55 PM
Status: Delivered

Merchants are now able to add Account Updater to their account in the Merchant Interface.

Support for EMV (Chip and PIN)

Status: Under Review
by paladinlogic on ‎02-11-2015 10:03 AM

We presently use Authorize.net with Iconic, our mobile ERP and point of sale solution for iOS.  As of October 2015, merchants are being required to support Chip and PIN to avoid new liabilities imposed by the major credit card companies (including VISA, which appears to own the company that provides the Authorize.Net service)  It would seem imperative that payment gateways allow for Chip and PIN transactions.  From everything I see--though I hope I am mistaken--Authorize.Net does not yet support Chip and PIN in its AIM interface (even for Card-Present transactions) despite its close ties with VISA.  All of the searching I have done through the forums and developer documentation have not produced any results.

 

We need to be able to develop our Chip and PIN solution now, well in advance of the October deadline.  Please implement this (if it does not already exist) and/or direct us to the documentation on how to pass ARQC (or equivalent cryptogram) data to the Authorize.Net payment gatway to support EMV/Chip and PIN transactions.

Status: Under Review

When creating a customer profile and receiving the E000039 error that tells us there is a duplicate customer profile that already exists it would be useful to get that duplicate profile ID in the response other than inside the error text. While technically possible to pull it out of the error message it would be much easier and less prone to issue if we could get it back somewhere directly, such as the CustomerProfileID filed that already exists on the createCustomerProfileResponse object. 

When a webhook notification is recieved there is no way to trace it back to a customer/event/action.

 

In the case of hosted forms (i.e. Accept Hosted), none of the values (e.g. invoice number) submitted in the request for a form validation token appear in the webhook notification, so there is no way to immediately know what the webhook notification is in regards to.

 

This forces us to always query authorize.net for the transaction details to see what the transaction applies to (e.g. invoice number) and confirm the transaction is completed.

 

I imagine that a webhook notification alone is not especially useful unless it provides access to a correlation token and status. Because these values are small in size and almost definitely required by any merchant software, I feel the very small increase in payload could greatly reduce the need for subsequent queries - saving merchants as well as Authorize.net a lot of extra processing and network traffic.

Status: Accepted

Despite using best security practices to protect passwords, we consider the single form authentication to the Authorize.net portal to be a critical security concern.

 

The concern is especially high with regard to CIM. When CIM is enabled, anybody breaking into the Authorize.net account can do a lot of damage (like creating transactions).

 

We are in 2015 and two form factor authentication is widespread and easy to implement. It does not have to be a full blown 2-factor with MFA devices. A simple solution - for example using a mobile phone access code - would already be a huge improvement over the current system.

 

 

Status: Accepted

Test Opaque Token

Status: Under Review
by mlunn01 on ‎02-15-2017 12:55 PM

It would be great if there was a test token that could be used to test the server side code that transmits the AcceptJs token to the Gateway, similiar to the way one uses test credit card numbers.

Status: Under Review

Level 3 Support Feature request

Status: Accepted
by thill on ‎02-05-2016 09:50 AM

I have just recently wrapped up an integration with Auth.net to our website and erp system using CIM and the Payment Transaction API.  Our system is passing the Level 3 data to Auth.net, but Auth.net doesn't pass this information to the processor.  I was curious about the decision for Auth to hold onto the data and not deliver it to the processors and if this feature is on the roadmap?  I would love to have the L3 data passed around, we could realize an incredible amount of savings from this (fees can be cut by up to half with this information, That's huge!). 

 

If this isn't on the roadmap, please consider adding support for this.

 

Status: Accepted

Hosted solution similar to stripe, coming?

Status: Delivered
by rreynier on ‎08-05-2014 10:41 AM

Currently, to avoid most PCI compliance, the hosted CIM is the suggested solution.  The problem with this solution is that it is very clunky and does not integrate well with any custom interface.  It uses an Iframe solution in which you have no control over the appearance of the form fields.

 

Stripe offers a javascript solution which basically does the same thing as the hosted CIM but allows for the developer to seamlessly integrate the form folds into an existing system.  I was curious of Authorize.net is planning on any sort of similar solution down the road.

 

Thanks!

Status: Delivered

We now offer Authorize.Net Accept.js, a javascript library for accepting payments while reducing PCI scope:  http://developer.authorize.net/api/reference/features/acceptjs.html

Approve Held Transactions via API

Status: Delivered
by andrewskaggs on ‎03-17-2016 05:48 AM

Currently, transactions flagged as suspicious and held for review by the Fraud Detection Suite can only be approved via the Merchant Interface.

 

It would be much more convenient if we were able to approve these held transactions via the API without requiring our admins to log into the Merchant Interface.

ARB subscription details

Status: Accepted
by mandah0520 on ‎01-26-2015 02:02 PM

There needs to be a feature that allows you to get subscription information like when was the last valid payment, all attempt of card processing and whether it failed or went through, etc etc etc. ARB really is tiny with no usefull functions other than create and cancel subscriptions. Even the update is useless with the amount of things u can update about a transaction. So please add some features that gives users some idea of what is going on with their subscription. Is there a better payment processor than authorize.net that does this?

Status: Accepted

Idea: A read-only key that can be generated specifically for the Transaction Details API.

 

Background:

We are developing an app that only uses the Transaction Details API.

Which means we are only reading information.

 

From a liability standpoint, we want to avoid saving a write-capable transaction key.

 

Ideally a separate "read-only" transaction key could be created when a user turns on the Transaction Details API.

Status: Accepted

CIM Customization

Status: Delivered
by whitsell1 on ‎11-18-2014 01:33 AM

Would like to be able to customize the pop up for managing payment profiles. It would be great if the Payment Form Fields configuration checkboxes applied to this, so that for example we could turn off the shipping address. A seperate place to configure this would also be fine.

Status: Delivered

Hi Guys,

      Today We have faced one situatuion in my software for online payment process, i need to process the $102.00 amount using Authorize.net, but We need to get the $100.00 for One Merchant ID and $2.00 (Convenience Fee) for another Merchant ID.

 

Thanks,

Vijay.K

Status: Under Review

Accepted Hosted

BillTo and ShipTo Fields that are submitted through the getHostedPaymentPageRequest are discarded if the BillingAddress or ShippingAddress is not shown on the form.

 

In my opinion, these form fields are redundant for implementations where the customer has already entered this information and do not need to be shown again. It also jumbles and overwhelms the page. What is the benefit or purpose in discarding this information when the fields are not shown?

 

The address details are critical for avs matching among other things. Also, if the customer makes changes to the shipping fields, it is important that those changes sync up on my server, which is no easy task. 

 

Please allow the BillTo and ShipTo information to pass to your system for avs processing, even if the BIlling and Shipping Fields are not shown on the Hosted Form. Thank you

 

 

Status: Delivered