The Authorize.net payment module is a way for you to accept electronic and credit card payments on your website. It is a wholly owned subsidiary of Visa.
Authorize.net supports the use of MivaPay.
Payment modules can be found by clicking Settings in the lower left corner, then clicking Modules.
On the page that opens, you can narrow the module options by clicking the drop down in the “Type” box and then clicking Payment.
In the Authorize.Net box, click the Install button.
After the module is installed, the Payment Settings page opens to the Authorize.Net tab.
In the tab, the credentials for your Authorize.net account must be entered.
Login ID: The Login ID for your Authorize.net account.
Public Client Key: This is not required, unless you are using Accept.js. (See below)
Transaction Key/Confirm Transaction Key: Enter the Transaction Key from your Authorize.net account.
Mode: If the installation is for your main website, set this to Production. If not, set it to Sandbox.
Transaction Data: Starting with the 10.07 release, Level II and III Payment Data can be sent, including item level and tax/purchase order data. Visa/Mastercard will give merchants discounts on interchange fees for passing this data on certain transactions, lowering overall interchange fees.
The next three sections are optional.
Duplicate Window Duration: When your website sends a request (authorize/void/capture/refund) to Authorize.net, the admin starts a timer. If an identical request is sent (same card number, same order number, same order total) within the duration, in seconds, set in this field, the first request is kept and the following requests are considered duplicates and are ignored.
Transaction Description: This is the generic text that accompanies transactions for your website.
CVV2 Message: This text will appear on your website during checkout when a customer enters their credit card information. Merchants usually use this section to describe the purpose of the CVV2 field.
Charge Method: This determines how a payment is processed.
These settings also affect when orders are manually created in the admin.
Store Entire CC Number (Requires Encryption): If the box is clicked, the customer’s entire credit card is attached to the order. If the box is unclicked, only the last four digits of the customer’s card are attached to the order.
Test Mode: You must click this box if you want to run test card transactions. You must also set your Authorize.net account to test mode.
Available Payment Methods: Clicking the box next to the various payment methods makes them available on your website.
Electronic Debit is an eCheck product from Authorize.net that allows customers to pay by entering their checking account information on your website.
When a customer chooses to use Electronic Debit, and then clicks Continue to Payment, a box opens where they can enter their banking information to do an Electronic Funds Transfer (ETF) to pay for their items.
Clicking the box next to Display CVV2 Field does just that for the respective payment method.
Require CVV2 in Administrative Interface: This options affects manually created order in the Miva admin. If this option is enabled, you must enter a CVV2 number in the Authorize dialog box when you create or edit the order. If this option is not enabled, the CVV2 field will still be displayed, but it can be ignored.
Authorize.net customers can also use the front end API from Authorize.net called Accept.js. By using this, a customer’s credit card never is physically “touched” by their Miva server, which allows the merchant to complete an SAQ-A-EP for PCI compliance.
When a site uses Accept.js, when a customer types in their credit card number, it is sent to Authorize.net, which then tokenizes it and sends back a token to Miva, which is then submitted to the Miva server to authorize payment.
If you plan to use Accept.js, you must generate and enter a Public Client Key from Authorize.Net.
To do this, navigate to your Authorize.net account, log in, and then navigate to Account>Settings>Security Settings>General Security Settings>Manage Public Client Key. Once you have the key, enter the key in the appropriate box as indicated above.
Once the key is added, Miva will automatically use it to output the correct Accept.j2 code during runtime so your site uses the new User Interface. There is no visual indicator that your site is using the latest Accept.js code. The easiest way to confirm if the site is using the code is to navigate to the last step of the checkout process (OPAY) and view the page source code. Look for the line highlighted below.
The Production URL is: https://js.authorize.net/v1/Accept.j2.
While adding the Public Client Key is optional, and the Authorize.net integration will work without it, it is strongly recommended to be used, for the additional security benefits your site has as indicated above.