cancel
Showing results for 
Search instead for 
Did you mean: 

Authorize AIM Double Charge(s)

Let me start by saying we integrated years back (~ 5yrs) with Authorize (AIM) and that integration has mostly been working except for an occasional double charge.  We are now getting double charges MUCH more frequently and have put code in place to prevent form resubmissions but the double charges persist.  We have x_duplicate_window set to two minutes and despite that are seeing, for example, two transactions for the same customer with the exact same timestamp and other information (including our local order id).  I've been unable to replicate the problem on a dev/staging environment and unfortunately Authorize support has been useless.  We process transactions on behalf of clients and for a SINGLE client we had 14 unique transactions double charged (28 total transactions) in a SINGLE day.  Because of how Authorize works I don't have visibility into most of our clients (they haven't enabled the transaction details API) so I can't say how universal this is for the rest of our clients but would truly appreciate suggestions.  How are people preventing double charges on their site?  I'm looking for the high level overview or public code somewhere.  Thanks in advance

 

FWIW: We are still using the old (non-Akamai) URLs.

rob
Contributor
3 REPLIES 3

 

Hi rob,

 

Can you please provide sample transaction IDs for these duplicate charges that you are seeing. If you can please email us at Developer@Authorize.Net with these example transaction IDs and the Payment Gateway ID in question so we can review this for you.

 

Thanks,

Joy

Joy
Administrator Administrator
Administrator

We are currently experiencing the same issue. Has there been a solution identified?

@jeffsocia 

 

With AIM you are passing all the info directly across your server to Authorize, correct? Your issue is related to your application in that case. That is what I would strongly suspect. Your customer may be double clicking the payment button or doing something else. You can use JavaScript to disable the button for a period of 30 seconds after it is clicked.

 

If auth.net's AIM endpoint was double charging people I do think we would have a forum gone wild with posts about it. Could be wrong but that's my intuition.