cancel
Showing results for 
Search instead for 
Did you mean: 

Credit Card Authorization Clarifications

Hi,
 
We want to do a Credit Card Authorization Only transaction using authorize.net API.
Our understanding is to call three APIs.
 
1st API createCustomerProfileRequest which will create a profile id on your end.
2nd API createCustomerPaymentProfileRequest will be for profile creation using Profile Id received from Aurhorize.net through 1st API response.
3rd API createCustomerProfileTransactionRequest will be for CC authorization only using Profile ID and Payment Profile ID received from above two API.
 
As of now we are leaving shipping info as optional.
Please help us with these clarifications.
 
1) Is it mandatory to call 3 APIs for CC authorization alone or is there any other way we can handle CC authorization with just one API?
2) I’m a little concerned with creating a profile each and every time as I do not know if it will fail if the same caller calls back 2 or 3 times.
3) Also not sure how it will react if the same caller calls back but uses a different credit card number. Do we need to perform yet another RTT in this case to update the callers Authorize.net profile. How do we handle it?
 
Thanks
Ricky
Contributor
3 ACCEPTED SOLUTIONS

Accepted Solutions

1)min of 2, 1st is createCustomerProfileRequest, it can use to create both customer profile and payment profile. then the 2nd is createCustomerProfileTransactionRequest

2)If they use the same info, then you would get a duplicate error. http://www.authorize.net/support/CIM_SOAP_guide.pdf page 80

 

3)If the info is different then you can do whatever you want, I would just add a new one and not change the existing one.

View solution in original post

RaynorC1emen7
Expert

http://developer.authorize.net/guides/AIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=4_TransResponse.htm...

3
288
Merchant is not registered as a Cardholder Authentication participant. This transaction cannot be accepted.
The merchant has not indicated participation in any Cardholder Authentication Programs in the Merchant Interface.

View solution in original post

You don't need it, it just a sample data from the XML documentation.

It probably not a valid value, so unless you have it setup with the valid value remove it from your xml.

View solution in original post

8 REPLIES 8

1)min of 2, 1st is createCustomerProfileRequest, it can use to create both customer profile and payment profile. then the 2nd is createCustomerProfileTransactionRequest

2)If they use the same info, then you would get a duplicate error. http://www.authorize.net/support/CIM_SOAP_guide.pdf page 80

 

3)If the info is different then you can do whatever you want, I would just add a new one and not change the existing one.

RaynorC1emen7
Expert

Thank you RaynorC1emen7.

 

Hi,

 

As you said, we did one transaction for both Profile and Payment Profile which worked just fine.

However, when we tried CC auth Only transaction, this is what we got.

 

Sent Data:

 

 <?xml version="1.0" ?>
- <createCustomerProfileTransactionRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
- <merchantAuthentication>
  <name>88DdaX67</name>
  <transactionKey>5Bv7W584Db42UVzp</transactionKey>
  </merchantAuthentication>
- <transaction>
- <profileTransAuthOnly>
  <amount>10.95</amount>
  <customerProfileId>11904868</customerProfileId>
  <customerPaymentProfileId>10930258</customerPaymentProfileId>
- <order>
  <purchaseOrderNumber>PONUM000001</purchaseOrderNumber>
  </order>
  <taxExempt>false</taxExempt>
  <recurringBilling>false</recurringBilling>
  <cardCode>000</cardCode>
  </profileTransAuthOnly>
  </transaction>
- <extraOptions>
- <![CDATA[ x_customer_ip=100.0.0.1&x_authentication_indicator=5&x_cardholder_authentication_value=uq3wDbqt8A26rfANAAAAAP
  ]]>
  </extraOptions>
  </createCustomerProfileTransactionRequest>

 

Received Data&colon;

 

  <?xml version="1.0" encoding="utf-8" ?>
- <createCustomerProfileTransactionResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
- <messages>
  <resultCode>Error</resultCode>
- <message>
  <code>E00027</code>
  <text>This transaction cannot be accepted.</text>
  </message>
  </messages>
  <directResponse>3,1,288,This transaction cannot be accepted.,,P,0,,,10.95,CC,auth_only,test seven,,,,,,,,,,,test@seven.com,,,,,,,,,,,,FALSE,PONUM000001,E262C9B5E9C842D38F47D481CE7BD4B8,,,,,,,,,,,,,XXXX0027,Visa,,,,,,,,,,,,,,,,</directResponse> 
 </createCustomerProfileTransactionResponse>

http://developer.authorize.net/guides/AIM/wwhelp/wwhimpl/js/html/wwhelp.htm#href=4_TransResponse.htm...

3
288
Merchant is not registered as a Cardholder Authentication participant. This transaction cannot be accepted.
The merchant has not indicated participation in any Cardholder Authentication Programs in the Merchant Interface.

The account which I am using is a test account. Do I need to update anything ?

I did check boxes for Visa under Security Settings --> Cardholder Authentication on portal https://test.authorize.net/ and tried a transmission which gave me below error.

 

Received Data;

 

  <?xml version="1.0" encoding="utf-8" ?>
- <createCustomerProfileTransactionResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
- <messages>
  <resultCode>Error</resultCode>
- <message>
  <code>E00027</code>
  <text>The cardholder authentication value is invalid.</text>
  </message>
  </messages>
  <directResponse>3,2,117,The cardholder authentication value is invalid.,,P,2183070809,,,1.00,CC,auth_only,test jjj,,,,,,,,,,,t@t1.com,,,,,,,,,,,,,,5B16493D6C2A5CB892F090FC79A64E7A,,,,,,,,,,,,,XXXX0027,Visa,,,,,,,,,,,,,,,,</directResponse>
  </createCustomerProfileTransactionResponse>

do we really need to pass this info?

<extraOptions><![CDATA[x_customer_ip=100.0.0.1&x_authentication_

indicator=5&x_cardholder_authentication_value=uq3wDbqt8A26rfANAAAAAP]]></

extraOptions>

I just tried delete this tag and the transmission was successful. Not sure about the significance of this tag.

You don't need it, it just a sample data from the XML documentation.

It probably not a valid value, so unless you have it setup with the valid value remove it from your xml.

Thanks once again RaynorC1emen7