Jump to content
Sign in to follow this  
netstep

Authorize.net Simple Integration Method (SIM) Support

Recommended Posts

Authorize.net SIM payment form is alive and well with no indication of going away.

USAEpay also has a similar hosted payment form.

 

I know "everyone" uses Authorize.net Advanced Integration Method (AIM) but I have several small volume customers who benefit from off-site credit card number collection.

  • No SSL cert required so save $$ every year.
  • No chance of CC# theft liability

Please don't give up on the simple integration method (SIM).

It's working great for my sites!

If some people are interested, I'll be happy to load my updated SIM module with some added features.

 

Which API is best for you? Choose AIM or SIM

 

My Setup: osC MS2.2

Authorize.net Merchant control panel

1. Settings > API Login ID and Transaction Key > Get a transaction key.

2. Settings > Relay Response Response = http://YOURSITE.COM/checkout_process.php

3. Settings > Receipt URL = http://YOURSITE.COM/checkout_process.php

 

Site configs:

SESSION Force Cookie Use = False

SESSION Check SSL Session ID = False

SESSION Check User Agent = False

SESSION Check IP Address = False

SESSION Prevent Spider Sessions = False

SESSION Recreate Session = False

 

Site Module Configs:

Enable Authorize.net Module: True

Login Username: xxxxxxxx

Transaction Key: xxxxxxxxxxxxxxx

Transaction Mode: Production

Transaction Method: Credit Card

Customer Notifications: False

Payment Zone: --none--

Set Order Status: default

Sort order of display.: 0

 

I've found several Authorize.net/SIM threads that helped me sort out my SIM issues:


Sam M. - Seattle

Share this post


Link to post
Share on other sites

Thats all great but I heard that Authorize.net is going to quite supporting that method and requiring everyone to use the AIM. Or I think they were wanting everyone to use the AIM. Can't remember for sure but I remember reading something about it just a while back.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites
Thats all great but I heard that Authorize.net is going to quite supporting that method and requiring everyone to use the AIM. Or I think they were wanting everyone to use the AIM. Can't remember for sure but I remember reading something about it just a while back.

 

I've just been reading about that... They are gonna stop supporting WebLink soon, and everyone will have to go to either SIM or AIM.

 

I think that's correct? :'(

Share this post


Link to post
Share on other sites

Connection Methods: http://www.authorize.net/support/csfaqs/#142134

 

Weblink is going away != SIM that appears to be supported.

 

Enable WebLink

WARNING: By enabling WebLink you are selecting a connection method that submits transaction information by HTTPS form POST to the gateway.

 

Authorize.Net makes no representations or warranties regarding the security or availability of the WebLink service. The WebLink connection method is subject to certain security risks that could cause information to be lost or stolen. You are cautioned not to place undue reliance on WebLink as a secure method of transferring any personal or customer data. Because of security risks, Authorize.Net may, at its sole discretion and at any time, terminate your WebLink account and/or discontinue the WebLink service.

 

Keep in mind that WebLink will soon be discontinued as an accepted connection method. You may need to prepare and plan for migration to either Simple Integration Method (SIM) or Advanced Integration Method (AIM).


Sam M. - Seattle

Share this post


Link to post
Share on other sites
Authorize.net SIM payment form is alive and well with no indication of going away.

USAEpay also has a similar hosted payment form.

 

I know "everyone" uses Authorize.net Advanced Integration Method (AIM) but I have several small volume customers who benefit from off-site credit card number collection.

  • No SSL cert required so save $$ every year.
  • No chance of CC# theft liability

Please don't give up on the simple integration method (SIM).

It's working great for my sites!

If some people are interested, I'll be happy to load my updated SIM module with some added features.

 

Which API is best for you? Choose AIM or SIM

 

My Setup: osC MS2.2

Authorize.net Merchant control panel

1. Settings > API Login ID and Transaction Key > Get a transaction key.

2. Settings > Relay Response Response = http://YOURSITE.COM/checkout_process.php

3. Settings > Receipt URL = http://YOURSITE.COM/checkout_process.php

 

Site configs:

SESSION Force Cookie Use = False

SESSION Check SSL Session ID = False

SESSION Check User Agent = False

SESSION Check IP Address = False

SESSION Prevent Spider Sessions = False

SESSION Recreate Session = False

 

Site Module Configs:

Enable Authorize.net Module: True

Login Username: xxxxxxxx

Transaction Key: xxxxxxxxxxxxxxx

Transaction Mode: Production

Transaction Method: Credit Card

Customer Notifications: False

Payment Zone: --none--

Set Order Status: default

Sort order of display.: 0

 

I've found several Authorize.net/SIM threads that helped me sort out my SIM issues:

 

I would be interested in your SIM contribution. I have been trying to get authorize.net SIM to work for a few days now with no luck. :(


Jp Jakubik

ProPoint Technologies, LLC

ProPoint Technologies - Baltimore Information Technology Solutions for Small to Medium Business

"proactive, professional, & to the Point" IT Solutions.

Share this post


Link to post
Share on other sites

Try AIM, couldn't be any easier.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites

Thanks for your post! I'm now interested in SIM since it looks like the PCI rules will make it very hard to use AIM for small vendors (like us). With SIM all the responsibilities fall on authorize.net. I've used AIM for awhile and it works fine but after going through the PCI questionnaire, I think we'll switch.

 

So is SIM the default authorize.net module in OSCommerce ? I've never seen anyone answer that definitively though from this post, it seems to imply that.

Share this post


Link to post
Share on other sites
Thanks for your post! I'm now interested in SIM since it looks like the PCI rules will make it very hard to use AIM for small vendors (like us). With SIM all the responsibilities fall on authorize.net. I've used AIM for awhile and it works fine but after going through the PCI questionnaire, I think we'll switch.

 

So is SIM the default authorize.net module in OSCommerce ? I've never seen anyone answer that definitively though from this post, it seems to imply that.

 

 

I think you have the two confused. AIM you just upload the module and a couple lines of code in like 2 files. Enter your information in the AIM module in the Admin, and you are set. Your customer never leaves your sit and you can process the transaction instantly on your site. All the responsibilities still fall on authorize.net. With SIM you leave your site to process the transaction and that can cause problems when you leave your site to process transaction.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites
Thanks for your post! I'm now interested in SIM since it looks like the PCI rules will make it very hard to use AIM for small vendors (like us). With SIM all the responsibilities fall on authorize.net. I've used AIM for awhile and it works fine but after going through the PCI questionnaire, I think we'll switch.

 

So is SIM the default authorize.net module in OSCommerce ? I've never seen anyone answer that definitively though from this post, it seems to imply that.

I opened my vanilla osC to check for you and the default is AIM.

Anything that collects CC# on your site is AIM which is convenient and more risky.

I'm swamped right now, but I'll post my updated SIM module soon.


Sam M. - Seattle

Share this post


Link to post
Share on other sites
Try AIM, couldn't be any easier.

 

Yes. AIM is very easy to use. However, AIM puts everything on your site which is very nice, but also includes a bit more risk and the expense of a good SSL cert.

 

SIM puts all the security liability on Authorize.net.


Sam M. - Seattle

Share this post


Link to post
Share on other sites

You can set AIM up not to store CC information in the database if that is your worry. It is good to have an SSL just to put the customers mind at ease and to gain trust. A lot of people look for that and they don't understand or know, or care about AIM or SIM. All they know is they are entering their CC information on a site. AIM just looks more professional and besides SSL are not that much. You can find a handful of 3rd party SSL that are under $100 a year. It takes money to make money and IMO that is a small price to pay if it means making a sale and raising my conversion rate.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites

For EU vendors there is now a set of rules of compliance which have to be fulfilled to be able to use integrated on site payment solution, even if you do not store the cc info.

 

If the US merchant account providers "rules" does change to something along the lines of the ones now being used in the EU, then such compliance will become an issue for those who use integrated on site payment solutions in the US too.

 

Its not as complicated as the full "PCI" compliance, but it does have quite a few conditions which needs to be meet.

Share this post


Link to post
Share on other sites

You bring up a good point and if I remember correctly if you are in the U.S. and accept credit cards I think it is a requirement by the Federal Trade Commission that online marketplaces have to have SSL. So regardless what payment method you use I think you have to have SSL. I could be wrong but I think this was explained to me a couple of years ago when I set up my shop.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites

THe new version for 2.2 that was released on au gust 17th 2007 doesn't work what so ever.

 

I have a fresh install of oscommerce and this new mod is installed second

 

I try to make a test transaction and this script returns this error message after I complete the form at authorize.net

 

Warning: Cannot modify header information - headers already sent by (output started at /home/tthlabel/public_html/store/includes/languages/english/modules/payment/authorizenet_sim.php:1) in /home/tthlabel/public_html/store/includes/functions/general.php on line

 

 

 

This module needs to be updated I believe, If i'm running into this problem on a fresh install obviously something isn't right with it.

 

It still processes the order, but having a crash like that right after you submit cc information is horrible

Share this post


Link to post
Share on other sites
You bring up a good point and if I remember correctly if you are in the U.S. and accept credit cards I think it is a requirement by the Federal Trade Commission that online marketplaces have to have SSL. So regardless what payment method you use I think you have to have SSL. I could be wrong but I think this was explained to me a couple of years ago when I set up my shop.

 

 

I could be wrong but as I recall, the SIM was similar to solutions like 2checkout, where payments are processed on the authnet site so having SSL in that case is irrelevant.

Edited by Bruin_03

Share this post


Link to post
Share on other sites
THe new version for 2.2 that was released on au gust 17th 2007 doesn't work what so ever.

 

I have a fresh install of oscommerce and this new mod is installed second

 

I try to make a test transaction and this script returns this error message after I complete the form at authorize.net

 

Warning: Cannot modify header information - headers already sent by (output started at /home/tthlabel/public_html/store/includes/languages/english/modules/payment/authorizenet_sim.php:1) in /home/tthlabel/public_html/store/includes/functions/general.php on line

This module needs to be updated I believe, If i'm running into this problem on a fresh install obviously something isn't right with it.

 

It still processes the order, but having a crash like that right after you submit cc information is horrible

I have a highly modified osC so I'll install a clean instance and test it.


Sam M. - Seattle

Share this post


Link to post
Share on other sites
I could be wrong but as I recall, the SIM was similar to solutions like 2checkout, where payments are processed on the authnet site so having SSL in that case is irrelevant.

 

You are still transferring sensitive information so a SSL is needed to encrypt the connection between the two. Just because the payments are processed off site doesn't mean someone can not come in back door and if you checkout process is not secure they can intercept the session. Therefor they require all stores accepted credits cards to have SSL through the entire checkout process.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites
You are still transferring sensitive information so a SSL is needed to encrypt the connection between the two. Just because the payments are processed off site doesn't mean someone can not come in back door and if you checkout process is not secure they can intercept the session. Therefor they require all stores accepted credits cards to have SSL through the entire checkout process.

 

SSL is always good idea.

However intercepting basic contact info isn't quite the same as snagging someone's CC info, right?

The A-net payform collects the CC info and doesn't transmit it back to OSC afaik.


Sam M. - Seattle

Share this post


Link to post
Share on other sites

BUG SWATTING: I poked at the module on a fresh osC2.2 and have yet to track down a small bug.

I'll work on it this week and post the update. If someone has a moment to glance at this code you may be able to find the bug.

 

BUG 1:

See "" above the module list.

 

BUG 2: During install/uninstall

Warning: Cannot modify header information - headers already sent by (output started at /home/supernet/domains/netstepcommerce.com/public_html/2.2/includes/modules/payment/authorizenet_sim.php:1) in /home/supernet/domains/netstepcommerce.com/public_html/2.2/admin/includes/functions/general.php on line 22

 

DEMO

Catalog Modules Demo (Will not connect to Authorize.net)

Admin Modules Demo

 

Module file Text Visible

Current Module File

Current Module Language File

Edited by netstep

Sam M. - Seattle

Share this post


Link to post
Share on other sites

Bug two is because of white space at the top of authorizenet_sim.php or at the bottom of general.php ether way you have white space that needs to be removed ether at the top of bottom of those files.

 

 

For bug 1 check your modules.php file for the ""


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites
Bug two is because of white space at the top of authorizenet_sim.php or at the bottom of general.php ether way you have white space that needs to be removed ether at the top of bottom of those files.

Thank you for your help.

I was guessing there were some stray characters or spaces....but there's nothing at the top or bottom of either the module or language file.


Sam M. - Seattle

Share this post


Link to post
Share on other sites
Thank you for your help.

I was guessing there were some stray characters or spaces....but there's nothing at the top or bottom of either the module or language file.

 

It's whitespace you won't see it you need to place your mouse to the end of the file and delete the extra space all the way to the ?>

 

If you still don't see what I am talking about then post the file and I will remove it.


Search the forum and contributions before posting. If that doesn't work, keep looking, then post. The forum is for seeking help and advice NOT for someone to do your work for you. Try to do something on your on, if you are going to run a shop then learn how it works.

Share this post


Link to post
Share on other sites
It's whitespace you won't see it you need to place your mouse to the end of the file and delete the extra space all the way to the ?>

If you still don't see what I am talking about then post the file and I will remove it.

There is no space before or after the PHP tags....thus my confusion.

I truly appreciate any trouble shooting you can offer.

The php.txt files are linked in this post so you can view the code.


Sam M. - Seattle

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×