I'm curious as to whether the payment gateway sends you to the authorize.net web site for credit card entry and then sends back the result to our form for completion of the process.
Question
Question
Has anyone used the authorize.net interface?
Replies
No, it is a drop in UI element on the form. A user would fill out the rest of the form like normal, then see a little embedded section to submit payment information.
Thanks for responding Jared. So the user of the form does not leave our web site but simply enters their credit card info in the embedded section? Do you know if LaserFiche meets the PCI DSS standards?
Correct, the payment block is embedded directly within the form. You can set the payment amount required to some specific value, or calculate it based on other form fields.
The PCI question is a good one, here is the response from our documentation.
PCI Compliance Information
The Payment Card Industry Data Security Standard (PCI DSS) provides a data security framework of industry-recognized controls for handling credit card information.
The Forms Braintree and Authorize.net integrations collect all cardholder data within an Iframe and send it to a third party, so that the Laserfiche Forms Server does not store any cardholder data. This simplifies PCI compliance, as both Braintree and Authorize.net are PCI-compliant frameworks. You should still complete a Self-Assessment Questionnaire (SAQ) for PCI compliance validation. The PCI DSS SAQs provide a framework for evaluating compliance for merchants not required to submit an official PCI DSS Report on Compliance. For more information on completing a self-assessment, please see the PCI Security Standards Council website at: https://www.pcisecuritystandards.org/pci_security/completing_self_assessment
I'm assuming that the gateway will send back an indication as to whether the transaction was approved?
Yes, you get payment status, transaction ID and a handful of other variables set by the payment gateway.
If the payment fails in authorize.net is there a message back to forms as well? We are in the process of testing our integration and can see if a payment is processed but not if it fails