Reply
Member
Posts: 9
Registered: ‎11-17-2015

Customer Profile - authenticate user?

I'm integrating Accept Hosted into my website. For various reasons, I need to use Customer Profiles. I also want to allow guest checkout (i.e. no need to login).

 

The ANET system returns a Customer Profile ID if a customer's email address matches an exsiting profile. But how can I prevent someone from faudulenty using someone else's email and charging an associated Payment Profile? Is the only protection to require that the card code be entered?

 

I can build an account system on my end that stores Customer Profile IDs and requires password authentication to access Payment Profiles, but then it is no longer a "guest checkout".


Is there a better solution for this?

 

Thanks!

Posts: 2,473
Topics: 54
Kudos: 189
Blog Posts: 66
Registered: ‎12-05-2011

Re: Customer Profile - authenticate user?

Hello @jm_dgsdev

 

Typically we see implementations where customer profiles are used only after the user has authenticated to the system and a customer profile is associated to that specific user.  

 

For guest checkout, we would not recommend using customer profiles but instead perform a one-time transaction.

 

Richard


Build modern websites and mobile applications without increasing PCI burden using Authorize.Net Accept
Highlighted
Member
Posts: 9
Registered: ‎11-17-2015

Re: Customer Profile - authenticate user?

[ Edited ]

Thanks Richard.

If that's the case and I can't use Customer Profiles for guest checkout, I'm brought back around to my previous problem regarding addresses and sales tax:

 

https://community.developer.authorize.net/t5/Integration-and-Testing/Accept-Hosted-and-Sales-Tax-cal...

 

It seems like every solution leads to another problem.

How can I allow guest checkout, caculate sales tax, and include address information with the transaction?