Can we POST to Authorize.net and have customers enter all their CC data there?

  • Profile Image
    Presscats
    Asked on April 19, 2013 at 01:06 PM

    I got the first version of our form finished and my business partner nearly had a meltdown.  Since we aren't using SSL the form data, including the CC info was going in the clear to Authorize.net which is dangerous.

    I know I can buy an SSL certificate for my website and use the SSL version of the forms to increase security but this too is not enough for my business partner.  We have another system for online ordering that takes all the order data and POSTs a total out to Authorize.net and redirects customers to their site for secure payment, then redirects them back with the appropriate Accept or Decline notification.  Is there any way to do something like this with your system?  To create an order with a subtotal then instead of having them input the CC info on our page, send them with their subtotal and order ID to Authorize for payment?

    There seems to be several ways Authorize.net could accomodate this...

    http://developer.authorize.net/api/simplecheckout/

    http://developer.authorize.net/api/dpm/

    http://developer.authorize.net/api/sim/

    Thanks for your help on this, I really like what I see so far and hope this can be a workable solution for us.

  • Profile Image
    jonathan
    Answered on April 19, 2013 at 01:38 PM

    Hi,

    To create an order with a subtotal then instead of having them input the CC info on our page, send them with their subtotal and order ID to Authorize for payment?

    I am not sure if what you are looking for is this one. In our Authorize.Net payment field, there is a property that allows "Authorize Only", set this to YES and it will allow your transaction to have options stated on this article http://www.authorize.net/support/merchant/
    Submitting_Transactions/Credit_Card_Transaction_Types.htm

     

    Please inform us if this not sufficient to what you need.

    Thanks.

  • Profile Image
    Presscats
    Answered on April 19, 2013 at 02:29 PM

    I'm sorry I wasn't clear.  What I object to is the entry of credit card data on our web page.  What I would like to happen is to have all the product selection details available but none of the Payement details.  Keep everything from "Select your options to check out" all the way to "Total" but remove all the Credit Card and Billing info.

    Then when they click submit they are sent to Authorize.net to complete their payment there.  We don't want to have any responsibility for credit card data, PCI compliance, etc.  We use Authorize.net because they do all that for us.

  • Profile Image
    Mike_T
    Answered on April 19, 2013 at 02:39 PM

    We do not have such integration with the Authorize.Net.

    However, you can have completely secure Authorize.Net payment form with us. We do have the SSL option on our forms, and our Authorize.Net integration is completely valid and secure, it is based on their official API. When you accept credit card information on the form it is being forwarded to their service, so we do not store any sensitive billing information on our servers.

    Note: There is no need in purchasing additional SSL certificate for your website when you use our SSL form.

    Please feel free to contact us if you need any further assistance.

  • Profile Image
    andrewsalumni
    Answered on March 31, 2014 at 09:45 PM

    Although you use SSL and all that because the payment data is done on your website you are in scope to adhere for PCI complience.. sadly.. The only real way to NOT have PCI  issues is to send users to their site for payment entry and then take them back like paypal does.

  • Profile Image
    Cesar
    Answered on March 31, 2014 at 11:33 PM

    Thank you for your input. Your statement is correct, as we do not have PCI compliance. Nevertheless, our payment tools function with API's provided by PCI compliant online payment services.

    We do not process the information, it is transmitted securely according to set standards by the payment service to their servers, via SSL. We do not store the payment details on our end.

  • Profile Image
    redpalm
    Answered on September 23, 2015 at 11:54 AM

    I'm running into the same issue as Presscats and would prefer to have the same functionality.  You currently do this with Paypal, why not with Authorize.net?

    With Auth.net, I can integrate their DPM with a WooCommerce Shopping cart and put all the credit card info at auth.net.  Why can't JotForm pass the same info?

    The reports in JotForm are much cleaner then WooCommerce, so I would prefer to stay with JotForm, just because of this.

  • Profile Image
    Boris
    Answered on September 23, 2015 at 01:55 PM

    Hi redpalm.

    In order to better address your concern and possibly raise it as a feature request, I have moved your post to a new thread:

    http://www.jotform.com/answers/668863

    We will be supporting you there, shortly. Thank you.