Cybersource Developer Community Cybersource Developer Community

kundankrbharti · ‎01-04-2012

Hi ,

I am working on ARBreateSubscription. I have one doubt, If i am passing wrong credit card information then also i am getting successful response (eg: CreditcardNo - abcdef)

Please find the Successful Request and Response.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="https://api.authorize.net/soap/v1/">
   <soapenv:Header/>
   <soapenv:Body>
      <v1:ARBCreateSubscription>
         <!--Optional:-->
         <v1:merchantAuthentication>
            <!--Optional:-->
            <v1:name>4baAftc42tQv</v1:name>
            <!--Optional:-->
            <v1:transactionKey>7H4Up3N9e92sL9ab</v1:transactionKey>
         </v1:merchantAuthentication>
         <!--Optional:-->
         <v1:subscription>
            <!--Optional:-->
            <v1:name>kundan</v1:name>
            <!--Optional:-->
            <v1:paymentSchedule>
               <!--Optional:-->
               <v1:interval>
                  <v1:length>2</v1:length>
                  <v1:unit>months</v1:unit>
               </v1:interval>
               <!--Optional:-->
               <v1:startDate>2012-03-12</v1:startDate>
               <!--Optional:-->
               <v1:totalOccurrences>5</v1:totalOccurrences>
               <!--Optional:-->
               <v1:trialOccurrences>3</v1:trialOccurrences>
            </v1:paymentSchedule>
            <!--Optional:-->
            <v1:amount>10000</v1:amount>
            <!--Optional:-->
            <v1:trialAmount>10000.00</v1:trialAmount>
            <!--Optional:-->
            <v1:payment>
               <!--You have a CHOICE of the next 2 items at this level-->
               <!--Optional:-->
               <v1:bankAccount>
                  <!--Optional:-->
                  <v1:accountType>checking</v1:accountType>
                  <!--Optional:-->
                  <v1:nameOnAccount>Test Merchant1</v1:nameOnAccount>
                  <!--Optional:-->
                  <v1:echeckType>PPD</v1:echeckType>
                  <!--Optional:-->
                  <v1:bankName>State Bank of America Bank</v1:bankName>
                  <!--Optional:-->
                  <v1:routingNumber>211970026</v1:routingNumber>
                  <!--Optional:-->
                  <v1:accountNumber>566456646546</v1:accountNumber>
               </v1:bankAccount>
               <!--Optional:-->
               <v1:creditCard>
                  <!--Optional:-->
                  <v1:cardNumber>abcdef</v1:cardNumber>
                  <!--Optional:-->
                  <v1:expirationDate>2012-12</v1:expirationDate>
                  <!--Optional:-->
                  <v1:cardCode>123</v1:cardCode>
               </v1:creditCard>
            </v1:payment>
            <!--Optional:-->
            <v1:order>
               <!--Optional:-->
               <v1:invoiceNumber>12345</v1:invoiceNumber>
               <!--Optional:-->
               <v1:description>Total Mall</v1:description>
            </v1:order>
            <!--Optional:-->
            <v1:customer>
               <!--Optional:-->
               <v1:type>business</v1:type>
               <!--Optional:-->
               <v1:id>34244</v1:id>
               <!--Optional:-->
               <v1:email>kundankrbharti1@gmail.com</v1:email>
               <!--Optional:-->
               <v1:phoneNumber>9807656455</v1:phoneNumber>
               <!--Optional:-->
               <v1:faxNumber>08065434544</v1:faxNumber>
               <!--Optional:-->
               <v1:driversLicense>
                  <!--Optional:-->
                  <v1:state>WA</v1:state>
                  <!--Optional:-->
                  <v1:number>01254567</v1:number>
                  <!--Optional:-->
                  <v1:dateOfBirth>1985-02-02</v1:dateOfBirth>
               </v1:driversLicense>
               <!--Optional:-->
               <v1:taxId>234234568</v1:taxId>
            </v1:customer>
            <!--Optional:-->
            <v1:billTo>
               <!--Optional:-->
               <v1:firstName>Kundan1</v1:firstName>
               <!--Optional:-->
               <v1:lastName>Bharti</v1:lastName>
               <!--Optional:-->
               <v1:company>IBM</v1:company>
               <!--Optional:-->
               <v1:address>Sarjapur</v1:address>
               <!--Optional:-->
               <v1:city>Bangalore</v1:city>
               <!--Optional:-->
               <v1:state>Karnataka</v1:state>
               <!--Optional:-->
               <v1:zip>560101</v1:zip>
               <!--Optional:-->
               <v1:country>India</v1:country>
            </v1:billTo>
            <!--Optional:-->
            <v1:shipTo>
               <!--Optional:-->
               <v1:firstName>Kundan</v1:firstName>
               <!--Optional:-->
               <v1:lastName>Bharti</v1:lastName>
               <!--Optional:-->
               <v1:company>IBM</v1:company>
               <!--Optional:-->
               <v1:address>Sarjapur</v1:address>
               <!--Optional:-->
               <v1:city>Bangalore</v1:city>
               <!--Optional:-->
               <v1:state>Karnataka</v1:state>
               <!--Optional:-->
               <v1:zip>560101</v1:zip>
               <!--Optional:-->
               <v1:country>India</v1:country>
            </v1:shipTo>
         </v1:subscription>
      </v1:ARBCreateSubscription>
   </soapenv:Body>
</soapenv:Envelope>

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
   <soap:Body>
      <ARBCreateSubscriptionResponse xmlns="https://api.authorize.net/soap/v1/">
         <ARBCreateSubscriptionResult>
            <resultCode>Ok</resultCode>
            <messages>
               <MessagesTypeMessage>
                  <code>I00001</code>
                  <text>Successful.</text>
               </MessagesTypeMessage>
            </messages>
            <subscriptionId>1265399</subscriptionId>
         </ARBCreateSubscriptionResult>
      </ARBCreateSubscriptionResponse>
   </soap:Body>
</soap:Envelope>

Can you please solve my query why its happening.

Thanks,

Kundan

TJPride · ‎01-12-2012

Subscription intervals can not be changed programmatically. It says so in the documentation. Don't know why you -can- change the interval via your control panel, but there are some things you can do in the control panel that you aren't allowed to do automatically with your software / web site. This must be one of them.

The subscription interval information (subscription.paymentSchedule.interval.length and subscription.paymentSchedule.interval.unit) may not be updated.

If you need varying intervals, however, you can use CIM instead of ARB and then have an automated process on your server generate applicable charges every morning.

View solution in original post

stymiee · ‎01-05-2012

The credit card is not validated when creating a subscription. That's why you should always use the AIM API to either process the first subscription payment or, if the first payment is not to be processed immediately, to verify the card is valid before establishing the subscription.

FYI, you should be doing your own validation on the credit card information before making your API calls. Failed credit card transactions still incur processing fees so sending bad credit card information over that can be prevented is something the programmer should be doing for their client. At the very least the Luhn algorithm should be used on the credit card number, the expiration date should be checked to make sure it isn't expired and the CVV number should be verified that it is the correct amount of digits.

-------------------------------------------------------------------------------------------------------------------------------------------
John Conde :: Certified Authorize.Net Developer (Brainyminds) :: Official Authorize.Net Blogger

NEW! Handling Authorize.Net's Webhooks with PHP

Integrate Every Authorize.Net JSON API with One PHP Class (Sample code included)

Tutorials for integrating Authorize.Net with PHP: AIM, ARB, CIM, Silent Post
All About Authorize.Net's Silent Post

kundankrbharti · ‎01-05-2012

HI,
Thanks for your reply.. I have few more questions...Please answer if you have information on this...

What is the AIM API refered above ?
Are we good to go to validate the credit card number just by using Luhn algorithm?
Is there a predefined API to validate expiration date and CVV number? If not what is the suggested algorith to valudate?

Thanks,

Kundan

TJPride · ‎01-06-2012

AIM is Advanced Integration Method. It's essentially one-time payments, charged internally. It's often used in combination with ARB.

Here's some info on Luhn. I experimented and it works with my credit card numbers. The chances of someone making a random mistake and still making it past Luhn are reasonably low.

http://www.beachnet.com/~hstiles/cardtype.html

Here's some info on card lengths and what the numbers signify. The lengths are the only part you will really care about here:

http://www.merriampark.com/anatomycc.htm

Length + Luhn should be more than sufficient. As for expiration date, you just turn the expiration date into YYYYMM and then do the same thing with the current date and if the current date is greater than or equal to the expiration the card has expired.

See this for the length of CVV:

http://en.wikipedia.org/wiki/Card_security_code#Types_of_codes

kundankrbharti · ‎01-06-2012

Could you please provide me some details about the create subscription. In ARB document i am not getting more about the create subscription. What is the Business requirment of this create subscription. please send me some useful link or docs regarding this.

kundankrbharti · ‎01-06-2012

Thanks for your inputs..

I didnt understand what is the AIM functionality? Who expose this service? How can I get access to it ?

stymiee · ‎01-06-2012

Could you please provide me some details about the create subscription. In ARB document i am not getting more about the create subscription. What is the Business requirment of this create subscription. please send me some useful link or docs regarding this.

I didnt understand what is the AIM functionality? Who expose this service? How can I get access to it ?

Your questions make me a little nervous because they are some of the Authorize.Net's services that you are trying to implement. The documents can be found in the navigation bars above under integration. AIM is the Advanced Integration Method. You can read more About creating subscriptions in the ARB Guide.

You can also read more about validating credit cards in the Authorize.Net blog:

Validating Credit Card Information Part 1 of 3 - Credit Card Numbers

Validating Credit Card Information Part 2 of 3 - Expiration Dates

Validating Credit Card Information Part 3 of 3 - CVV Numbers

-------------------------------------------------------------------------------------------------------------------------------------------
John Conde :: Certified Authorize.Net Developer (Brainyminds) :: Official Authorize.Net Blogger

NEW! Handling Authorize.Net's Webhooks with PHP

Integrate Every Authorize.Net JSON API with One PHP Class (Sample code included)

Tutorials for integrating Authorize.Net with PHP: AIM, ARB, CIM, Silent Post
All About Authorize.Net's Silent Post

kundankrbharti · ‎01-10-2012

Thanks for Reply

As per you we can authenticate credit card validation through AIM api. I gone through AIM_guide but i am not looking anything where i can validate credit card. you have sent javascript code for validate it. Is there any other option for validate the Credit Card. What is difference between ARB and AIM api. I want to use for payment gateway so which one is better for doing payment through credit card.

Thanks,

Kundan

TJPride · ‎01-10-2012

You have only two options for making sure a credit card works, without actually charging a purchase.

1) Check the card format, expiration date before submission.

2) Charge the credit card for $0.01 or $0.00 and then immediately void.

The former can be done with Javascript, also server-side scripting if you're using AIM / ARB. The latter involves a transaction fee. AIM is one-time charging and processes immediately; ARB is subscription charging and you have to wait until at least the next day for the results of the first charge. Most people charge the first payment of a subscription immediately with AIM, and if the card works for that, set up the rest of the subscription through ARB.

kundankrbharti · ‎01-11-2012

Thanks for reply,

I have one doubt if i am updating the subscription its giving following error message.

Update Message Code:::: E00034
Update Message text:::: The interval information cannot be changed.
Subscription Id :::: 0
Result Code ::: ERROR

But if i am updating through https://sandbox.authorize.net/ through my account then its working fine.

can you plesae let me know why i am getting this issue?

Cybersource Developer Community Cybersource Developer Community

ARBCreateSubscription Question