The Foxy forums are on the move!

We're in the process of moving our forums over to a new system, and so these forums are now read-only.
If you have a question about your store in the meantime, please don't hesitate to reach out to us via email.

offline processing

cbatoulicbatouli Member
in Help edited October 2009
With our store, we are going to need to do offline processing, and there is no way around this (this store will only be used for certain types of customers ordering certain things, and we don't want to have to go multiple locations to manage recurring credit card charges).

We are PCI compliant (certified by a 3rd party).

My question is, is there any way to verify/validate the credit card and still do offline processing? Authorize only and then actually have access to the actual credit card numbers to input into our own system?

Maybe not authorize, but test that it is a valid card, or at least that it fits the proper algorithm?
Comments
  • brettbrett FoxyCart Team
    The offline processing still does do basic card validation, so a customer can't just enter something that's categorically incorrect. It doesn't authorize though.

    What you could do is get a live gateway and set it to auth-only, then void out the auths every day (ideally via a script to automate it).

    So, either of those should work fine. Does that help? Or do you have a more involved idea?
  • Thanks, Brett.
    The only reason I am asking, is that I tested out something on your fake store, and I was able to enter a number that didn't fit any sort of algorithm (only that it was 16 digits). It went through, but that is probably because it is a fake store?

    My other question is that if we set up to do authorize only, we can still view credit card numbers though Foxy? We already have a couple different merchant accounts, but you can only view partial credit card numbers there.
  • brettbrett FoxyCart Team
    What fake number did you enter? I'd be interested to see.

    You can view CC#s in the FC admin _if_ your store is PCI compliant, but if you're doing a real gateway, users can opt _not_ to save their card info. FoxyCart will respect their choice. So you could try to force that checkbox to ensure that the card #s are saved and accessible. The offline processing method does save the CC#s, but not the CSC (since that's just in flagrant violation of PCI DSS).

    Make sense?
  • OK, this is a little weird.

    Yesterday I was able to get a transaction to go through using the 4+15x1 cc number (order number 573400).
    I also ordered a free product in a separate order which worked (changed the donation box to 0).

    I thought that I was able to get something to go through using another cc number, but I never got the receipt, so maybe it didn't (the cc was a bunch of 1s with a 4 in the middle instead of the beginning).

    Today I am unable to order something with the 4+15x1 number. I get the following:

    Error: There was an error processing your credit card: An error occurred during processing. Please try again. (Response Reason Code: 261)


    Any ideas why this would happen? Or am I completely insane?



    And our accounting system is set up to store cc data for future use, so we have no field to put in csc anyway.
  • Which test gateway are you using? (In the portal, STORE->payment section.)

    Depending on the gateway, different card/price/address data can trigger various different checkout success/failure results.
  • I am not testing my own store, I was ordering from the foxycart.com example store. Or did I misunderstand the question?

    thanks
  • Ahh, that makes more sense. :)

    If you want to do some testing in a real environment, other than not being able to move the gateway into live mode, you can signup for a store here: https://admin.foxycart.com/admin.php?ThisAction=SignUp -- this is probably a better option for credit card testing. (You can actually use the PayFlow Pro gateway for sandbox testing too, with your own credentials. Payment is only required to change to a live gateway or offline processing.)

    About the update in the other thread as well.
  • OK, I am now able to submit fake orders to the FC example store, using the 4+15x1 cc. Don't know why it wasn't working earlier.

    I still can't use other fake credit card numbers (which I guess is a good thing). I don't know why I thought I was able to yesterday.
  • lukeluke FoxyCart Team
    If you did a $0 order it bypasses the gateway completely, so that might have been it. Some stores have legitimate reasons for $0 orders, but if you're concerned about price spoofing, please give this faq a read.
  • Actually, I did test a $0 cart, because this is something I am going to need to do. It displayed something like "No payment necessary" or something and didn't give the option to enter cc data. It was some other time this happened.

    But I am probably just remembering wrong, and only think an order went though when it didn't (because I didn't get a receipt, now that I looked for one.)
  • brettbrett FoxyCart Team
    Fwiw, the 4+15x1 card number is used for testing Auth.net and some others. PayPal doesn't accept it (I don't think), but they use 4242424242424242. But in either case, if the CC field is displayed it will be doing some basic validation like making sure the card starts with a valid number and contains the appropriate number of digits. There's actually more that will be going on in our next release, as it will detect the card type (non-credit debit v credit), though offhand I'm not positive if that will apply for all gateways or not.
Sign In or Register to comment.