Goal: Only have successful purchases show up on a customer's billing statement. I don't want declined authorizations showing up on their billing statement (as seen in an online banking system) as pending. A customer often will accidentally input an incorrect billing address, for example, followed by a correct one. Together, the two attempts, one successful and one not both show up on their billing statement as pending prior to settlement. This can scare the customer as it looks potentially like they will be charged twice.
Details: When I do an AUTH_CAPTURE (via ActiveMerchant's purchase) or an AUTH (via ActiveMerchant's authorize) which is declined and subsequently want to void that authorization (via ActiveMerchant's void) so as not to have it appear on a customer's billing statement as pending (even though it will settle out after a few days), the gateway can't find the transaction to void using the authorization code returned from the authorization or capture method calls on the gateway.
This is specific to the authorize.net AIM gateway.
Please advise.
Thanks!
If I understand your question correctly, I'm not sure there is a way to do what you want.
This is a limitation of the gateway / merchant account system.
I just stayed at a hotel this past weekend, and when I checked in I was warned that an 'authorization charge' would appear on my card and then go away. The hotel situation is similar to what you are dealing with, and I don't think there is a way around it. Gas stations do it, restaurants, hotels, etc.
It's so common that I wouldn't worry about customers being alarmed. You might put a statement on your payment form saying something about an authorization charge - I've done that in the past on projects.
And for the auth.net specifics - I'm pretty sure you cannot void an auth, thus the error you are getting. The auth code returned is used later on to capture the amount, if needed.
Related
I'm integrating Square payment gateway into our system. And want it to support SCA.
In their dev docs it says that I should call verifyBuyer each time I want to charge CoF. Also, "If a challenge is required, Square automatically displays the challenge to the buyer". It's ok for on-session payments. But what about off-session payments, like cars rental service does - without customer online (automatically)?
In their dev docs it says nothing or I'm missing something.
Did anybody face with such case?
Our docs state:
Important
The SCA flow must not be initiated for a card on file transaction where the buyer is not present. In this scenario, do not call the verifyBuyer function. You can still charge the card but be prepared to handle the CARD_DECLINED_VERIFICATION_REQUIRED error.
Basically, don't call verifyBuyer, and don't pass a token to the payment endpoint. The payment could still technically fail, so you should build functionality to handle that.
https://developer.squareup.com/docs/payment-form/cookbook/verify-buyer-on-cof
edit:
tl;dr: you can't.
You have to create a payment method in order to verify it. Creating a sale does NOT invoke verification, even if verification is enabled globally.
original:
I'm reading about credit card verification, which apparently isn't done automatically during Braintree_Transaction::sale(), but I don't see any options to enable verification on calling sale().
Do I really have to implement (at least) two separate API transactions just to verify a credit card?
Ideally I would like to use a single call to ::sale() to perform validation, authorization, and capture.
I have already enabled verification through my control panel, and I'm using test credit card number 4000111111111115 which, is supposed to be declined, but i'm getting successful transactions with it.
Do I have to create a payment method separately in order to perform validation, even if I have global validation enabled?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
To test card verification results, please adjust the amount of your transaction. Because these cards are not linked to real accounts, Braintree cannot make the small authorization charges that are made in production, and instead the API must rely on the amount of the test transaction to dictate the expected response.
In a Production environment, Card verification is triggered by the creation of payment methods, not by transactions. To enable verification, either enable it across all payment methods, or add the verifyCard option to your PaymentMethod::Create call. The response to PaymentMethod::Create in either of these cases will contain a creditCardVerification object if the verification fails for any reason, allowing you to stop the transaction before sale is called.
I am trying to create a new webhook endpoint for my braintree integration. I added an endpoint to the Control Panel. I am using the Python library and created a a bunch of transactions. Also, I manually settled the transaction using the testing gateway. But I do not get a webhook notification. When is the webhook triggered and I=is there a way to trigger it manually?
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
The Transaction -> Disbursed webhook fires when the transaction has settled, and braintree has begun to move funds from their account to yours. While settling the transaction manually in the control panel would start the process, it does not fire the webhook right away.
There isn't any way to trigger this manually, instead braintree has sample payloads and a way to trigger a "Check" webhook in the control panel.
To answer the question in your comment, this type of webhook does not cover voided transactions.
I also asked a similar question to Braintree support, and the answer may be useful for others, even if I decided to go with Stripe (I found stripe much better after all my tests ;).
Question
Hi,
Just integrating Braintree, but can’t find how I’m supposed to get a transaction confirmation (meaning it has correctly been ‘charged’). When I create a ‘transaction.sale’ (including submitForSettlement) I always get (sandbox) a response indicating the status ‘Submitted for settlement’, and the transaction doesn't go to settled until Braintree globally process it (at night, etc.). I also can’t find a related webhook to get payment confirmation (as I currently get using PayPal - IPN).
When/how can I get a payment confirmation so I can then ‘deliver’ the purchased item? By checking your docs, it’s like you can’t get a confirmation until the next day… how does it work exactly?
Thank you!
Answer
Hi Nacho,
Thanks for reaching out!
A Braintree transaction goes through several steps, the second of which is submitted for settlement. This means that the money has begun to move from the customers account, and is the immediate state of a transaction after being submitted; it's not possible to get an immediate 'settled' or 'complete' status on submission. Transactions in this state will generally move to settling, then settled, within 24 hours, although it can depend on your processing bank.
It is very unusual for a transaction to fail when moving from submitted for settlement to settled, as the amount will have been authorised prior to submission for settlement. Authorising a transaction means the funds are put on hold within the customers account, for a certain timeframe depending on payment method, until they are settled. We get an immediate response from the processing bank as to whether an authorisation is successful, which you'll see in the Braintree_Transaction response object.
As such, you can generally rely on the status of submitted for settlement to reflect a valid, successful transaction.
We don't offer webhooks for transactions - instead, our API is designed to give instant feedback via the response object. Because of this, we only provide webhooks for asynchronous events that aren't triggered by an API call (such as billing a subscription or disbursing funds). We encourage our customers to avail of our API responses, in addition to our reporting system and comprehensive search call options, for any extra functionality they require.
If you wanted to pull updated statuses for transactions, such as to confirm a payment has settled, you could use the Transaction.find() API request, pass in the transaction ID and read in the status from the response object. This could easily be run as a script that iterates through the previous days transaction IDs and updates the status of each on a daily basis.
I hope this explains the transaction process with more clarity and offers you some options!
Kind regards,
Braintree
Just in case it helps!
I also asked kind of the same question to Braintree I got the same answer to check the transaction with Transaction::find() and then asked about the possibility of having a transaction not settled after having a SUBMITTED_FOR_SETTLEMENT status, here is the response, very clear and complete:
Hi Alban,
Thanks for reaching out with this question! Happy to help.
Settlement Declined:
In rare cases, a transaction that has been submitted for settlement will reach a status of settlement declined. For sales, this will only occur with a PayPal transaction. For refunds, this can occur with both PayPal and credit card transactions.
This occurs if the processor declined to settle the sale or refund request, and the result is unsuccessful. This can happen for a number of reasons, but the processor settlement response code may have more information about why the transaction was declined. Again, this status is rare, and only certain types of transactions can be affected.
PayPal sale: We recommend checking the settlement status of all PayPal sale transactions before shipping goods or providing services to customers. To reduce these types of declines, submit your PayPal transactions for settlement either upon creation or within 3 days of creation.
PayPal refund: We recommend contacting PayPal for details on refunds that are Settlement Declined.
Credit card refund: Settlement declines can be hard or soft, just as with authorizations. In regions that support an immediate decline response for refunds, we will return Settlement Declined if the processor responds with a hard decline.
Settlement Pending:
This status indicates that the transaction has not yet fully settled. This status is rare, and it does not always indicate a problem with settlement. Only certain types of transactions can be affected.
--> PayPal sale:
If using multiple partial settlements: Settlement Pending is a normal part of the transaction flow. The parent authorization will remain in this status until all child transactions are settled or the authorization expires. See the multiple partial settlement reference for more details.
If not using multiple partial settlements: Almost all Settlement Pending PayPal transactions will settle without intervention, so we always return a successful result. In general, you can expect these to be updated to Settled within a few days as we confirm their status with PayPal. In the rare case we can't settle a Settlement Pendingtransaction, we'll contact you to resolve the issue.
--> Credit card, Android Pay, and Apple Pay sales: You will only see Settlement Pendingauthorizations if you have contacted us to enable a specific API feature that uses this status.
I hope that provides insight, Alban! Let us know if further questions arise.
Best,
xxxxx.
Braintree
As a team we're currently investigating a strange occurrence. It doesn't seem to apply to all orders by any means, but it is affecting a large number of customers based on the logging we've added to the noItems.phtml page.
Please note: I'm not really expecting an answer as I assume this is a problem we have to solve ourselves based on addons, and our server configuration (three servers for loading balancing). However, I am looking for possible ideas and/or whether this is something somebody has come across previously.
What we've done so far, and what we know:
User enters their card details in the SagePay iFrame;
User purchases an item via SagePay -- order is successful;
Some users are sent back to the success page;
Some users don't see the success page (phoned to confirm a handful) but instead return back to the empty basket;
We're still investigating, but we find it ever so strange how a user would return to the empty basket page. We've added logging to the noItems.phtml and we can see that some users are getting assigned another session ID after a successful transaction. This seems to be the problem, but why the user is being assigned another session ID after a SagePay payment isn't easy to comprehend.
Has anybody else experienced a similar issue with SagePay/Magento? And if so, what steps did you take to solve?
Our Sage Pay Support team would be happy to look at the transaction logs (within 72 hours of the transation being submitted) and help you determine the reason for the failed transactions on 0845 111 4455 24/7.
You reply to the Notification URL when you acknowledge receipt of our response. You have 20 seconds to response. You need to send the Status (OK, Error or Invalid), Status Detail and Redirect URL. We then send the shopper back to your Redirect URL.
A few suggestions would be:
If we can't reach your Notification URL, check you have ports 443 and 80 open. Check you don't have a DNS issue.
If you are receiving the notification from Sage Pay to confirm the status of the transaction via the Notification URL. Check the information you are sending is in the correct casing, that it is not empty data and that your website is not spooling and check whether the success/failure URL is a valid landing page.
All our system needs is the Status Deatil, 'Status = ' and 'RedirectURL =' fields with the appropriate values assigned, separated with Carriage-Return and Line-Feeds (as specified in the protocol) . Nothing else is required. The response you send should also be text/plain message, not text/html or any other MIME type.
If the customer is being sent back to an empty basket, check whether your website is doing a job in the background such as writing to a databse, preparing confirmation emails to the back office before sending the customer to the payment page. Test whether your server can handle the amount of transactions coming through from Sage Pay. Or are you truncating the NEXT URL?
Regarding a session ID, each transaction is assigned a unique Sage Pay ID called a VPSTxID which is used to identify the transaction. We can take a look at the transactions you are referring to if you are getting several session IDs to discuss further if you would like.
Sage Pay Support.
Check the action that pushes the user to the success page on successful purchase. Maybe its something like target _parent. Maybe its something where its trying to load the success page in the iframe. Or maybe its timing out on sagepay when trying to redirect.
I have a question and will be grateful if you can help me out with some ideas.
In an online hotel or ticket booking reservation system, normally a user is allocated a specific time to complete their registration / payments etc and during that time the system holds the reservation for that user. If the user is unable to finish their registration during that time the system times out and the user is not allowed to proceed any further. The system unholds the reservation for other users.
My question is, if a user is taken to the payment gateway system (paypal etc) and they spend all of the allocated/hold time on the payment page, and after making a successful payment they return back to the site, will the system still allow them to complete the booking even though the user ran out of his allocated time?
How does this work in a typical booking system?
Many thanks in advance.
If you're using a synchronous connection to a payment gateway, then once the payment process is initiated, the reservation status should be change so something like 'Payment Pending'. If the payment gateway responds with a failure (or you have a timeout), you report it back to the user and it's up to you whether to extend the session time or not.
If you're using an asynchronous connection, like redirecting the user to a PayPal page and waiting for a response back, then you may want to consider an authorization instead of a payment: if the user is redirected back to your site after the session time limit has elapsed, cancel the authorization and notify the user that they took too long and will need to start over. If they're within their time limit, tell PayPal to finalize the transaction and make sure you get your money.
Hope that helps :)
The system should let you pay for the booking, some warning should pop up. If you successfully payed for it, then you may have to present some ticket showing that you paid for it, so the company either refunds your payment or give you the room.
Every bit of that should be thought with anticipation, and that's the kind of work you should matter about, not the way you design the algorithm.
Think about it, what happend if you exceed the deadline to deliver some work.
Your sales algorithm has to have some intelligence. Like a Salesman trying to close a deal.
He'll know it's an old lady and it might take a while, but when she's made up her mind she'll pull through with full payment.
Or He's a cranky old man who will always say the cheque's in the post.
Computers can only take the best guess without meeting or understanding.
So your best guess will based upon past responses and allowing appropriate timeouts.
e.g. monitoring avearge input times for forms on your site. An old man might be simulated bz a slow internet connection.
well with paypal you can do a payment authorize.. This will put the money on hold from the customers paypal account.
After the aothrization it will then be sent back to your system with a transaction id
You can then check if the reservation has timed out yet or not.
If so you can notify the user that it has timed out and that they have not been charged. You then void the transaction with the transaction id to release their funds
If it hasn't timed out, you can then capture the funds.
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_authcapture