Merchant Account Services Blog

Recently Authorize.Net released their API for their new Customer Information Manager (CIM) feature of their payment gateway. This feature is a boon for merchants who wish to store credit card information or do recurring billing in different amounts or varied schedules.

The main features of this new service are:

• PCI Compliance

  Remove the specter of PCI compliance from your ecommerce website by letting Authorize.Net handle the storing of sensitive information for you. Because your customers’ information reside on the Authorize.Net servers you do not have to worry about encrypting and protecting sensitive data. Not only do not have to worry about PCI compliance but your website is no longer an inviting target for hackers who want to steal this information from you.

• Process Irregularly Priced Recurring Billing Charges

  The Authorize.Net Automated Recurring Billing System is great for businesses that charge a fixed amount each billing period. But it does not work if you have a varying amount to charge during each billing period. CIM allows your website to handle the varying billing amounts and CIM will handle the storage of the billing information and processing of the recurring transaction. Now your recurring payments can be completely automated.

• Process Irregularly Scheduled Recurring Billing Charges

  Do you need to charge your customers on a recurring basis but the schedule is not consistent? With CIM you can store the credit card and billing information with Authorize.Net and only need to handle the actual scheduling of the payments. This allows you to automate the entire process reducing your costs and time spent processing payments.

• Create A “One Click” Checkout

  Creating a quick and easy checkout system is an important feature of any successful ecommerce website. Allowing your customers to store their data so they do not have to enter it again the next time they make a purchase can make shopping at your online store more appealing then your competitors’. With CIM you can provide this functionality for your customers and increase customer satisfaction and loyalty.

Naturally we created our own class to access their CIM API. This API, as well as the potential functionality of this service is complex, but here are a couple of examples to get you started in using this new service.

Here’s how to create a new CIM account:


try
{
require_once("AuthnetCIM.class.php");

$cim = new AuthnetCIM();
$cim->setParameter('company', 'Fake Cpmpany');
$cim->setParameter('cardNumber', '4111111111111111');
$cim->setParameter('expirationDate', '2008-12');
$cim->setParameter('firstName', 'Joseph');
$cim->setParameter('lastName', 'Faker');
$cim->setParameter('address', '100 Main Street');
$cim->setParameter('city', 'Townville');
$cim->setParameter('state', 'NY');
$cim->setParameter('zip', '12345');
$cim->setParameter('country', 'US');
$cim->setParameter('phoneNumber', '111-111-1111');
$cim->setParameter('faxNumber', '222-222-2222');
$cim->setParameter('shipFirstName', 'Joseph');
$cim->setParameter('shipLastName', 'Faker');
$cim->setParameter('shipCompany', 'Fake Cpmpany.');
$cim->setParameter('shipAddress', '100 Main Street');
$cim->setParameter('shipCity', 'Townville');
$cim->setParameter('shipState', 'NY');
$cim->setParameter('shipZip', '12345');
$cim->setParameter('shipCountry', 'US');
$cim->setParameter('shipPhoneNumber', '333-333-3333');
$cim->setParameter('shipFaxNumber', '444-444-4444');
$cim->setParameter('description', 'Monthly Membership and stuff again' . time());
$cim->setParameter('merchantCustomerId', 'user04');

$cim->CreateCustomerProfile();
$profile_id = $cim->getProfileID();
}
catch (AuthnetCIMException $e)
{
$debug = $e->getTrace();
die(”Exception occurred: ” . $e->getMessage() . “. File: ” .
$debug[0][’file’] . ” on line ” . $debug[0][’line’]);
}


Here’s how to add a new profile to that new account:


$cim->setParameter('customerProfileId', $profile_id);
$cim->setParameter('firstName', 'Joseph');
$cim->setParameter('lastName', 'Faker');
$cim->setParameter('address', '100 Main Street');
$cim->setParameter('city', 'Townville');
$cim->setParameter('state', 'NY');
$cim->setParameter('zip', '12345');
$cim->setParameter('country', 'US');
$cim->setParameter('phoneNumber', '111-111-1111');
$cim->setParameter('faxNumber', '222-222-2222');
$cim->setParameter('cardNumber', '4111111111111111');
$cim->setParameter('expirationDate', '2009-12');

$cim->createCustomerPaymentProfile();
$payment_profile_id = $cim->getPaymentProfileId();


Here’s how to add a shipping address to that account:


$cim->setParameter('customerProfileId', $profile_id);
$cim->setParameter('firstName', 'Joseph');
$cim->setParameter('lastName', 'Faker');
$cim->setParameter('address', '101 Main Street');
$cim->setParameter('city', 'Townville');
$cim->setParameter('state', 'NY');
$cim->setParameter('zip', '12345');
$cim->setParameter('country', 'US');
$cim->setParameter('phoneNumber', '111-111-1111');
$cim->setParameter('faxNumber', '222-222-2222');

$cim->createCustomerShippingAddress();
$address_id = $cim->getCustomerAddressId();


Here’s how to process a transaction with that new account:


$cim->setParameter('amount', '1.00');
$cim->setParameter('shipAmount', '1.00');
$cim->setParameter('shipName', 'UPS');
$cim->setParameter('shipDescription', 'UPS Ground');
$cim->setParameter('customerProfileId', $profile_id);
$cim->setParameter('customerPaymentProfileId', $profile_id);
$cim->setParameter('customerShippingAddressId', $address_id);
$cim->setParameter('cardCode', '123');
$cim->setLineItem('12', 'test item', 'it lets you test stuff', '1', '1.00');

$cim->createCustomerProfileTransaction();
echo 'approval code: ' . $cim->getAuthCode();


Hopefully this is enough to get you started in accessing the Authorize.Net Customer Information Manager API. You can be sure an article will follow that will go into further detail about using this feature and API.

They offer two distinct APIs for using this new service. One uses their new XML API and the other uses SOAP. You can download the XML PDF or SOAP PDF of their integration guide from your control panel. You can find an example of PHP code using the SOAP API in their developer section of their website. So far there is no code for the XML API.

You can download a beta version of our Authorize.Net Customer Information Manager Class here. It is written in PHP 5 but can easily be converted to PHP 4 (but why would you want to?). This class has not been tested in a production environment yet so it may be buggy. If you find a bug please report it here so we can update it accordingly.

One this that bothered me about the Authorize.Net ARB subscription functionality is that there was a three year limit on subscriptions. In other words, all subscriptions would expire at most three years and you could not set it to be longer. This was true whether you used their ARB API or set the subscription up manually. The only way to accommodate longer subscriptions was to change the subscription length somewhere down the road after a portion of the subscription has transpired. If you had a large number of subscriptions you would need to create some sort of automated system to use the ARB API to update your subscriptions as they came close to expiring or else you risk losing revenue from those subscriptions.

Fortunately Authorize.Net actually listened to their users and removed this restriction. Now open ended subscriptions can be created both manually and through the ARB API. To do this through the API simply set the ‘totalOccurrences’ parameter to be ‘9999′. This applies to all subscription lengths.

Here is the email sent out by Authorize.Net:

At Authorize.Net, we do our best to listen and act on the feedback we receive from our merchants. As a result, we are pleased to announce that we have removed the three year restriction for all Automated Recurring Billing (ARB) subscriptions. You can now create subscriptions with an End Date that occurs more than three years after the Start Date, or with no set End Date at all. Once created, the payment gateway will submit payments for each ongoing subscription until you either cancel or modify the subscription to specify an End Date. Ongoing subscriptions can be created manually in the Merchant Interface by selecting No End Date under the Subscription Duration, or by entering “9999″ in the Ends After field. To turn an existing subscription into an ongoing subscription, you can update the subscription information using the same process. For more information, please see the Merchant Interface Online Help Files, available by clicking Help at the top of any Merchant Interface page. You can also create and update your subscriptions automatically using an Application Programming Interface (API). For more information, please see the ARB API Developer Guide.

Here is a link to the updated guide: Authorize.Net ARB Implementation Guide

As we saw in our previous posts Building a Recurring Billing System and Building a Recurring Billing System Part 2: Storing Information, and Building a Recurring Billing System Part 3: Updating the Credit Card we can combine the Authorize.Net ARB API to build a powerful subscription system. In part three we discussed how we would update a customer’s credit card through our own interface. In this part we will create a need to use the functionality discussed in our last post.

The Authorize.Net ARB system allows for us to establish subscriptions that will not expire for up to three years. However, it is possible a customer’s credit card will expire before their subscription is complete. Unfortunately Authorize.Net will not inform us of this until after the credit card has been declined. So our system will need to track expiring credit cards for us.

Fortunately this is easy to do and can be completely automated to boot. In part two we discussed what information we wanted to store. One piece of information we decided to store was the expiration date of the customer’s credit card. This was done specifically so we could keep track of expiring credit cards. How we use it is very straight forward. We will write a cron job that looks for credit cards that within the next 30 days. If we find any we will send those customers an email letting them about the impending expiration of their credit card and invite them to use the page we created in part three to update their credit card information. This is nice because it is all automated!

Sample code this might look like this:


$link = mysql_connect('mysql_host', 'mysql_user', 'mysql_password')
or die('Could not connect: ' . mysql_error());

mysql_select_db('my_database') or die('Could not select database');

$query = 'SELECT * FROM my_table';

$result = mysql_query($query) or die('Query failed: ' . mysql_error());

while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$to = $row['email_address'];
$subject = "Update your subscription!";
$body = "Time to update your subscription.
Go to http://www.domain.com/update.php.";
mail($to, $subject, $body);
}

mysql_free_result($result);

mysql_close($link);


So far we have created a way for customers to update their subscription and an automated tool to inform them of the expiration of their credit card that invites them to use this tool. Next we will have to deal with the three year limit of the Authorize.Net ARB system.

Technorati Tags: Authorize.Net, payment gateway, recurring billing