Cybersource Developer Community Cybersource Developer Community

Hi,

Here's a link to the PDF that the eCheck/Authorize.net underwriters forwarded to us:

http://iteachtexas.com/Files/eCheck-Merchant-Compliance-Education.aspx

And here's something else from Authorize.net with slightly different (and more vague) language (check page 19):

http://www.authorize.net/files/echecknetuserguide.pdf

Thanks for any help! I'm really puzzled by what this is asking for. It just doesn't seem correct/proper.

They can't possibly mean an actual screenshot. I'm guessing some idiot at Cybersource wrote screenshot when the real requirement is just information retention. From the Authorize.net pdf:

All authorizations must be retained by the merchant for two (2) years after the
completion of a transaction, the completion of a final recurring transaction or after the
revocation of payment authorization... For authentications made over the telephone or via the
Internet, the merchant must retain a copy of the authorization and a record of the
authentication.

It says "record", not "screenshot". Images are for physical checks, not eChecks.

Thanks for the response. Yes, I was thinking it couldn't be possible either.

But it does state this, and when I spoke with someone in their underwriting department he seemed to confirm this. I'm still waiting to speak with someone else about it, though. So without anything else more concrete, I'm kind of stuck.

But if this is not the way complicance is achieved, there must be a somewhat common way that it IS achieved. So can anyone point me to some good working examples of eCheck payments implementation that passes Authorize.net's 'interpretation' of NACHA compliance??? Does anyone actually do eCheck payments???

Thanks!

If you browse down through the posts far enough, you should find some about eCheck. Not many - but enough.

OK, I've searched these forums for 'eCheck NACHA' and 'eCheck compliance'. Nothing. All the threads I read are about getting the form setup properly or getting it to work with a testing environment (we're not even to that stage yet).

The frustrating thing is that this is where the Authorize.net people said we would have to search for help, as they were not able to give any more specific help here. But I would guess anyone using eCheck with Authorize.net had to get the same compliance request that we did, as they say it's a national standard. So either every other person just got it and I'm completely lost here, or we got a crazy standard that nobody else has to adhere to.

Puzzling...

I want to let you know that I don't have a solid answer for you at the moment, but I've reached out to our underwriting team internally to see if I can find the original source of language you are being given.  I do understand the technical impracticality of taking a screenshot of your customer's screen, so I'll be sure to let you know as soon as I have some more information.

Hi,

I have the same question, is there any update or detail documentation regarding this?

I have called the support desk and was told that the screenshot requirement is taken care by the authorize.net api and nothing needs to be implemented on the web application form or process page. Is this statement valid?

The Authorize.Net API definitely does not obsolve you from following the NACHA requirements, it certainly does not retain any screenshots.  Unfortunately, the only advice that I Can provide in regards to the wording is that it is wording provided by NACHA themselves and not something that was written by Authorize.Net.