Powered by Magento Commerce 2.4.1

This extension is in our Payment category, and could affect the PCI compliance level of your store. It is the merchant’s responsibility to ensure the proper PCI compliance level of their store, as applicable by PCI regulations. The PCI Self-Assessment is one tool you can use when evaluating Payment extensions and how they may affect your PCI compliance level. For more information on Marketplace policies, please review the Marketplace Terms & Conditions.
extension-logos-full-r2_0001_m2-cim.png

Authorize.Net CIM With Stored Cards

This is an Integration with a Third Party Service. Other charges and fees may be required to use this extension on your Store
TOTAL:
$0.00

Overview

Back to top

Authorize.Net is one of the world's largest payment gateways, serving over 400,000 merchants. Their services allow you to accept payment from your customers, by credit card or eCheck, straight from your website. This extension brings Authorize.Net's Customer Information Manager (CIM) service to Magento 2. Authorize.Net CIM takes payment processing to a whole new level, by allowing your customers to store their payment info on Authorize.Net's secure servers. This gives you and your customers the convenience of stored credit cards, with all the security of Authorize.Net. It also allows us to give you many advanced features that most payment methods aren't capable of.

This module supports all standard payment actions. It also allows customers to save their payment info for future use. This gives returning customers the convenience of stored credit cards and rapid checkout, without breaking PCI compliance.

The first time a customer checks out, they are given a form to enter credit card details. If they choose to save the card, next time they check out they can reuse that card with a single click. Your customers can also view, add, edit, and delete any of their stored payment info through a 'Manage My Cards' interface in their account. All frontend features are also available in the Magento Admin Panel.

 

Account & Pricing

There is no extra fee for the Customer Information Manager service, but you must have an active Authorize.Net account. Authorize.Net's standard account fees are $25/mo and 2.9% + $0.30 per transaction. See here for complete pricing info. Sign up for an Authorize.Net merchant account if you don’t have one already.

 

Features

  • Pay by credit card or ACH (eCheck)*
  • Save credit cards (tokens) for reuse
  • Add, edit, and delete saved payment data
  • Edit orders and reorder, without having to ask the customer for CC info again
  • Authorize, Capture, or Save CC Info (without charging) at time of checkout
  • Capture funds even after the authorization expires
  • Partially invoice orders (including reauthorization on partial invoice)
  • Partially refund (online credit memo)
  • Send shipping address and line items to Authorize.Net
  • Require CCV code when adding a card, or with every purchase
  • Validate billing address with Address Verification (AVS)
  • Protect against fraud with Advanced Fraud Detection Suite (AFDS) and hold-for-review
  • Update stored cards automatically with Account Updater
  • Integrate your systems thanks to Magento API support (REST and GraphQL)
  • Use a different Authorize.Net account for each website (multi-store support)
  • Supports ParadoxLabs Adaptive Subscriptions extension

* This extension has built-in support for ACH processing. ACH is configured as its own payment method, and can be enabled or disabled at will. To process ACH payments, you must apply and be accepted by Authorize.Net. For more info, see Authorize.Net's eCheck.Net FAQ.

 

Convenient

Stored payment info is good for your business and customers.

  • It simplifies checkout.
  • It encourages customer loyalty.
  • It streamlines order management and integrations.
  • It lets your staff quickly process orders and billing changes, without needing customers to repeat their credit card info.

All frontend features are available in the admin panel. This means admins can view, add, edit, and delete customers' stored cards, and place orders using them.

When editing an order, you can reuse the payment info, even for guest orders.

 

Trusted

This is an Authorize.Net Certified Solution since 2013, listed in Authorize.Net's official certified solutions directory. Our payment modules are used on thousands of Magento stores, and our reviews speak for themselves.

 

Secure

All communication with Authorize.Net is performed with TLS encryption, and no confidential cardholder data is ever stored on your own server. A process called tokenization is used to run transactions with stored payment information. This lets your customers pay with a 'saved' card that's not on your server at all.

We also support Authorize.Net's proprietary Accept.js API. Accept.js allows credit card information to be sent straight from your customers' browsers to Authorize.Net, without touching your web server at all. Instead, Authorize.Net gives us a one-time-use token (nonce) that refers to it. Since your web server never sees the raw credit card number, this improves your website's security and reduces your PCI compliance exposure.

 

PCI Compliant

PCI compliance is a complex and multifaceted issue, covering every aspect of your business. We can't guarantee that your business is PCI-compliant. That depends on your server, policies, processes, regular security scans, other payment methods offered, and a lot more. What we can tell you is that this extension will not prevent you from being PCI compliant. We don't store or log confidential cardholder data, or do anything else that would bring you under scrutiny.

The exact PCI scope of this extension depends on your configuration.

  • If you enable Accept.js, using this payment method for all credit card transactions may make you eligible for PCI Self-Assessment Questionnaire (SAQ) A-EP.
  • If you do not enable Accept.js, this payment method falls under the scope of PCI SAQ D.

For details on the SAQ types and what eligibility means, see "Self-Assessment Questionnaire Instructions and Guidelines (3.2)" (PDF, by PCI Standards Security Council).

 

PWA-Ready

Progressive Web Apps are the future, and we're ready for them.

This extension fully supports GraphQL and guest/customer REST APIs, allowing you to build out checkout and customer card management interfaces within your PWA, mobile app, or other 'headless' architecture.

GraphQL requires Magento 2.3.1 or newer.

Complete API documentation is available in our user manual.

 

Documentation

The user manual covers:

  • Installation
  • Configuration
  • Features and usage
  • Common questions and issues
  • Technical info

View: Authorize.Net CIM User Manual (PDF)

 

Quality

We are experienced, certified Magento developers. All of our code is clean, well-documented, and follows all Magento standards and techniques. We make sure to do things the right way.

Our source code is 100% unencoded (viewable source). When you purchase this extension, you get full access to view and modify it any way you need to (within the license terms).

ParadoxLabs is a proud Magento Solution Partner and member of ExtDN, the Magento Extension Developers Network.

 

Support

We pride ourselves on excellent support, but that comes at a price. In order to pay our support staff well, we charge an annual fee for support. Your free purchase gives you free updates for the lifetime of this extension, but does not include support unless you add support services with your purchase (or add it later).

If you think you can handle it without our help, be our guest! If you have trouble, just know you'll need to buy support before we can help.

View our Support Policy

ParadoxLabs has been building and maintaining Magento payment integrations for years. Our integrations process billions of dollars in transactions a year for thousands of stores like yours, and our support is top-notch. Our solutions work for others—they can work for you too.

Our staff are all located in the United States, with an office in downtown Lancaster, PA, open weekdays from 8 AM to 5 PM Eastern Time. Have a question, or want to try it out? Give us a call at 717-431-3330, or email us at sales@paradoxlabs.com.

Technical Specifications

Back to top

Seller profile

ParadoxLabs, inc.

Seller contact

E-mail

Integrator

Authorize.Net CIM

Current Version

4.3.3

Magento platform compatibility

Open Source (CE): 2.0, 2.1, 2.2, 2.3, 2.4

Commerce on prem (EE): 2.0, 2.1, 2.2, 2.3, 2.4

Commerce on Cloud (ECE): 2.2, 2.3, 2.4

Type

Stable Build

Updated

09 November, 2020

Categories

Extensions, Payments & Security, Payment Integration

Supported Browsers

Chrome

Quality Report

Back to top

Installation & Varnish Tests

Passed

Coding Standard

Passed

Plagiarism Check

Passed

Malware Check

Passed

Marketing Review

Passed

Manual Testing

Passed

All tests were conducted on the latest versions of Magento that existed for the compatible release lines at the moment of the extension submission. Latest versions of all other software were used, as applicable.

Release Notes

Back to top

4.3.3:

  • Compatible with Open Source (CE) : 2.2 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.2 2.3 2.4
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Fixed "Credit card number does not match credit card type" on admin checkout.

4.3.2:

  • Compatible with Open Source (CE) : 2.2 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.2 2.3 2.4
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Fixed compatibility issue with Magento 2.4.1 and Klarna 7.1.0 that broke cart and checkout.
    - Fixed CSP policies for Accept.js on checkout.
    - Fixed CVV type validation for stored cards.
    - Fixed exceptions on void preventing order cancellation.
    - Fixed GraphQL not being considered a frontend area, for client IP handling.
    - Fixed stored cards syncing to gateway after refund.

4.3.1:

  • Compatible with Open Source (CE) : 2.2 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.2 2.3 2.4
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Added CSP allowed hosts.
    - Added Magento 2.4 compatibility.
    - Fixed 'Invalid payment data' errors with new ACH info on multishipping checkout.
    - Fixed ability to repeatedly submit checkout while the CC is being tokenized.
    - Fixed admin checkout with total discounted to $0 not allowing submit until refresh.

4.3.0:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Added Authorize.Net Account Updater support.
    - Fixed "Email already exists" error after placing an admin order for a new customer and getting a payment failure.
    - Fixed customer attributes appearing on admin edit on Magento 2.3.
    - Fixed potential false positives in address change detection.
    - Fixed unnecessary Authorizenet module dependency.

4.2.5:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fixed GraphQL ACH checkout.
    - Fixed card association with register-after-checkout flow on recent Magento 2.2/2.3 versions.
    - Fixed Magento 2.3.4 GraphQL compatibility.
    - Fixed OSC compatibility issue with checkout button disabled style.
    - Fixed possible JS error on card management from uninitialized validator.
    - Fixed possible uncaught exception from invalid card billing address.
    - Fixed potential admin card edit issues with AJAX requests failing to update the page.

4.2.4:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fixed a checkout error when Magento is configured with a database prefix.

4.2.3:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Compatible with Commerce on Cloud (ECE) : 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Added GraphQL checkout support.
    - Added store name and URL to transaction info.
    - Changed duplicate transaction window from 15 to 30 seconds.
    - Fixed admin card management issues.
    - Fixed API card create/update with existing payment tokens.
    - Fixed config Accept.js test not obeying the active config scope.
    - Fixed displaying of Accept.js error responses.
    - Fixed potential require.js race condition on card management.
    - Fixed reserved order ID not persisting upon error for customer checkouts.

4.2.2:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fixed 'enter' submitting checkout despite disabled button.
    - Fixed a PHP error on order view with Klarna enabled on Magento 2.3.
    - Fixed checkout validation issues and related conflicts with some custom checkouts.
    - Fixed CVV tooltip on Magento 2.3 checkout.
    - Fixed fraud update for expired transactions.
    - Fixed potential errors on legacy CIM card import when processing incomplete records.

4.2.1:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fixed admin order form validation issues.
    - Fixed admin order submit buttons staying disabled when switching to the 'free' payment method.
    - Fixed deprecated md5_hash references.
    - Fixed error on settings page when changed_paths is missing on older M2 versions.
    - Fixed form validation when CVV is disabled.
    - Fixed fraud update processing of declined transactions.
    - Fixed gateway syncing on REST card create/update.
    - Fixed quality issues for latest Magento coding standards.
    - Fixed unescaped output on configuration page.

4.2.0:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Added Accept.js test to admin configuration.
    - Added CC type detection to all payment forms.
    - Added GraphQL API support for customer card management.
    - Added protection to frontend checkout to help prevent abuse. (Will now block after numerous failures.)
    - Added REST API support for guest and customer card management.
    - Improved (completely overhauled) form processing and validation.
    - Improved codebase by moving common code from gateways into the TokenBase library.
    - Fixed ACH JS error on frontend card management.
    - Fixed errors pulling the wrong message from API response data in certain cases.
    - Fixed handling of duplicate cards within database records.
    - Fixed partially-missing server-side payment validation on account payment save.
    - Fixed possible errors on legacy card import for CIM stored cards with no country or state.
    - Fixed possible unresolvable errors with invalid profile IDs after changing gateway accounts.
    - Fixed server-side CC validator in the absence of Accept.js data.

4.1.4:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Fixed missing billing address on expired transaction recaptures.
    - Fixed template loading on composer installs.

4.1.3:

  • Compatible with Open Source (CE) : 2.1 2.2 2.3
  • Compatible with Commerce on prem (EE) : 2.1 2.2 2.3
  • Stability: Stable Build
  • Description:

    - Updated composer dependency versions for Magento 2.3.
    - Fixed Magento 2.3 compatibility issue in upgrade script.

4.1.2:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2
  • Compatible with Commerce on prem (EE) : 2.0 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Added CC number input formatting.
    - Fixed AFDS 'do not authorize, hold for review' response handling.
    - Fixed API delete not reaching payment gateway.
    - Fixed partial invoicing with reauthorization disabled.

4.1.1:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2
  • Compatible with Commerce on prem (EE) : 2.0 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Updated Authorize.Net certificate authorities for changed sandbox SSL.
    - Fixed incorrect OrderCommand argument with 'save info' payment action.
    - Fixed non-digit characters throwing off last4 numbers on checkout submit with Accept.js.
    - Fixed possible API error with empty or extended-characters-only product names.
    - Fixed possible VirtualType compilation errors.
    - Fixed required indicator when phone number is set to not required.

4.1.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2
  • Compatible with Commerce on prem (EE) : 2.0 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Added support for $0 checkout.
    - Improved currency handling.
    - Improved handling of expiration date when loading cards from CIM.
    - Improved performance of Manage Cards with many cards and orders (thanks Steve).
    - Fixed 'Auto-select' setting on default checkout.
    - Fixed 'Verify SSL' setting on Magento 2.1.9+.
    - Fixed Accept.js nonce handling on payment step AJAX reload.
    - Fixed field validation stripping dashes from addresses.
    - Fixed logging issues in Magento 2.2.
    - Fixed order status handling on 'save' payment action and some other edge cases.
    - Fixed possible card update error with Accept.js in limited circumstances.
    - Fixed possible unserialize address errors on 4.0 upgrade.
    - Fixed possible validation JS errors on CC forms.
    - Fixed shipping address not being sent on reauthorization transactions.
    - Fixed stored card association on post-register checkout.
    - Fixed stored card validation with no expiration date given.
    BACKWARDS-INCOMPATIBLE CHANGES:
    - Changed param type of setMethodInstance() in ParadoxLabs\TokenBase\Api\Data\CardInterface.

4.0.0:

  • Compatible with Open Source (CE) : 2.0 2.1 2.2
  • Compatible with Commerce on prem (EE) : 2.0 2.1 2.2
  • Stability: Stable Build
  • Description:

    - Compatibility fixes for Magento 2.2.
    - Improved API support, particularly for card create/update.
    - Changed DI proxy argument handling for Magento 2.2 compatibility.
    - Changed order status handling for Magento 2.2 compatibility.
    - Changed payment command classnames for PHP 7.1 compatibility.
    - Fixed admin card 'delete' button deleting rather than queuing deletion.
    - Fixed checkout edge case with valid token not being cleared after an Accept.js validation error.
    - Fixed ExtensionAttribute implementation on Card model.
    - Fixed possible PHP error on admin order create in compiled multi-store environments.
    - Fixed possible static content deploy issues with template comments.
    - Fixed REST API permission handling.
    - Fixed restricted order statuses being selectable as payment method 'New Order Status'.

    BACKWARDS-INCOMPATIBLE CHANGES:
    This release adds support for Magento 2.2. It is still compatible with Magento 2.0 and 2.1, but there are some notable code changes from earlier releases. If you have customizations around the extension, these may be significant:
    - Added getAdditionalObject() to ParadoxLabs\TokenBase\Api\Data\CardInterface.
    - Added saveExtended() to ParadoxLabs\TokenBase\Api\CardRepositoryInterface.
    - Added CardAdditionalInterface support to ParadoxLabs\TokenBase\Model\Card::setAdditional().
    - Changed argument type of ParadoxLabs\TokenBase\Api\Data\CardInterface::setExtensionAttributes().
    - Changed paradoxlabs_stored_card 'address' and 'additional' fields from serialized to JSON.
    - Changed Proxy constructor arguments throughout module to inject Proxy via DI configuration.
    - Removed Unserialize constructor argument from ParadoxLabs\TokenBase\Model\Card\Context.

3.1.4:

  • Compatible with Open Source (CE) : 2.0 2.1
  • Compatible with Commerce on prem (EE) : 2.0 2.1
  • Stability: Stable Build
  • Description:

    Added browser CC autofill attributes to form fields.
    Added protection to frontend My Payment Data page to help prevent abuse. (Will now require order history to use, and block after numerous failures.)
    Added settings check for corrupted API credentials.
    Added split database support
    Fixed Accept.js error with CCV disabled.
    Fixed Accept.js load error with JS minify enabled.
    Fixed error on databaseless code generation.
    Fixed potential checkout error loop with Accept.js enabled and an invalid customerProfileId.
    Fixed potential error on reauthorization.
    Fixed validation error on admin checkout with new card.

3.1.3:

  • Compatible with Open Source (CE) : 2.0 2.1
  • Compatible with Commerce on prem (EE) : 2.0 2.1
  • Stability: Stable Build
  • Description:

    Fixed a possible PHP error on card edit.
    Fixed Accept.js not rebinding properly, causing issues on some custom checkouts.
    Fixed admin fraud update button (workaround for a core bug).
    Fixed CCV validation for stored cards with 'Require CCV' enabled.
    Fixed compatibility with Magento Cloud Edition.
    Fixed config scope issue when checking active payment methods in admin.
    Fixed leading-zero issues on CCV input.
    Fixed multishipping checkout when adding a new card with Accept.js enabled.
    Fixed order status being overwritten after invoicing an order.
    Fixed our custom attributes being visible on customer edit form.
    Fixed payment models being shared when running multiple transactions in a single request.
    Fixed possible PHP error on checkout failure.
    Fixed possible PHP error when using specific countries setting.
    Fixed potential checkout JS errors if Accept.js is not configured/enabled.

3.1.0:

  • Compatible with Open Source (CE) : 2.0 2.1
  • Compatible with Commerce on prem (EE) : 2.0 2.1
  • Stability: Stable Build
  • Description:

    - Improved code for Marketplace Level 2 validation.
    - Added Accept.js support.
    - Added 'save info' payment action to save payment info on checkout without authorizing or capturing funds.
    - Changed profile_id, payment_id columns to varchar(32) for better gateway support.
    - Fixed Card model not extending PaymentTokenInterface for Magento 2.1+.
    - Fixed timezone handling in some areas.
    - Fixed shipping address state not matching billing address state (full vs. abbreviation).
    - Fixed a composer dependency for Magento 2.1.
    - Fixed admin card management 'cancel' button, and the form not clearing after error.
    - Fixed card addresses failing to resync/update on checkout.
    - Fixed some forms not allowing resubmit after error.
    - Fixed a card synchronization issue when a checkout error happens after updating billing address.

3.0.3:

  • Compatible with Open Source (CE) : 2.0 2.1
  • Compatible with Commerce on prem (EE) : 2.0 2.1
  • Stability: Stable Build
  • Description:

    - Compatibility fixes for Magento 2.1.
    - Fixed a core bug with Magento failing to apply sort order to transactions, breaking ability to perform online partial captures.
    - Fixed a potential API error.
    - Fixed a card type error on multishipping checkout.
    - Fixed ability to use stored ACH accounts on checkout.
    - Fixed refund transactions being run as unlinked.

3.0.2:

  • Compatible with Open Source (CE) : 2.0
  • Stability: Stable Build
  • Description:

    Initial release - Authorize.Net CIM payment method for Magento 2.x

Support

Back to top

The best place to start if you need help with a specific extension is to contact the developer. All Magento developers have both a contact email and a support email listed.

Contact Vendor

Q & A

Back to top

Reviews

Back to top