We know what you want: A proven solution that just works, with all the features you'd expect, from a reputable company that stands behind their product.
Our payment methods are used on thousands of Magento stores, to process billions of dollars a year. We know what we're doing, and we've been doing it a long time. Payment is a fundamental part of your business, and it's a fundamental part of ours too. We'll help you make sure it never becomes a problem.
This module supports all standard payment actions. It also allows customers to save their payment info for future use. This gives returning customers the convenience of stored credit cards and rapid checkout, without breaking PCI compliance.
The first time a customer checks out, they are given a form to enter credit card details. If they choose to save the card, next time they check out they can reuse that card with a single click. Your customers can also view, add, edit, and delete any of their stored payment info through a 'Manage My Cards' interface in their account. All frontend features are also available in the Magento Admin Panel.
- Pay by credit card or ACH (eCheck)*
- Save credit cards (tokens) for reuse
- Add, edit, and delete saved payment data
- Edit orders and reorder, without having to ask the customer for CC info again
- Authorize, Capture, or Save CC Info (without charging) at time of checkout
- Capture funds even after the authorization expires
- Partially invoice orders (including reauthorization on partial invoice)
- Partially refund (online credit memo)
- Send shipping address and line items to Authorize.Net
- Require CCV code when adding a card, or with every purchase
- Validate billing address with Address Verification (AVS)
- Protect against fraud with Advanced Fraud Detection Suite (AFDS) and hold-for-review
- Integrate your systems thanks to Magento API support
- Use a different Authorize.Net account for each website (multi-store support)
- Purchase Recurring Profile products
* This extension has built-in support for ACH processing. ACH is configured as its own payment method, and can be enabled or disabled at will. To process ACH payments, you must apply and be accepted by Authorize.Net. For more info, please see Authorize.Net's eCheck.Net FAQ.
Stored payment info is good for your business and customers.
- It simplifies checkout.
- It encourages customer loyalty.
- It streamlines order management and integrations.
- It lets your staff quickly process orders and billing changes, without needing customers to repeat their credit card info.
All frontend features are available in the admin panel. This means admins can view, add, edit, and delete customers' stored cards, and place orders using them.
When editing an order, you can reuse the payment info, even for guest orders.
This is an Authorize.Net Certified Solution since 2013, listed in Authorize.Net's official certified solutions directory. Our payment modules are used on thousands of Magento stores, and our reviews speak for themselves.
Recurring Profile Support
This version of the extension fully supports Magento's Recurring Profiles. Recurring profiles are Magento 1's approach to recurring billing and subscription functionality.
Purchasing a recurring profile with Authorize.Net CIM looks exactly like a normal checkout, except that customers will have to store their credit card.
All of the normal caveats of recurring profiles still apply: Recurring profiles can only be purchased standalone; and the ability to use coupons and promotions with recurring profiles is limited.
All communication with Authorize.Net is performed with TLS encryption, and no confidential cardholder data is ever stored on your own server. A process called tokenization is used to run transactions with stored payment information. This lets your customers pay with a 'saved' card that's not on your server at all.
We also support Authorize.Net's proprietary Accept.js API. Accept.js allows credit card information to be sent straight from your customers' browsers to Authorize.Net, without touching your web server at all. Instead, Authorize.Net gives us a one-time-use token (nonce) that refers to it. Since your web server never sees the raw credit card number, this improves your website's security and reduces your PCI compliance exposure.
PCI compliance is a complex and multifaceted issue, covering every aspect of your business. We can't guarantee that your business is PCI-compliant. That depends on your server, policies, processes, regular security scans, other payment methods offered, and a lot more. What we can tell you is that this extension will not prevent you from being PCI compliant. We don't store or log confidential cardholder data, or do anything else that would bring you under scrutiny.
The exact PCI scope of this extension depends on your configuration.
- If you enable Accept.js, using this payment method for all credit card transactions may make you eligible for PCI Self-Assessment Questionnaire (SAQ) A-EP.
- If you do not enable Accept.js, this payment method falls under the scope of PCI SAQ D.
For details on the SAQ types and what eligibility means, see "Self-Assessment Questionnaire Instructions and Guidelines (3.2)" (PDF, by PCI Standards Security Council).