X-Cart: shopping cart software

X-Cart forums (https://forum.x-cart.com/index.php)
-   Third Party Add-Ons for X-Cart 4 (https://forum.x-cart.com/forumdisplay.php?f=45)
-   -   Authorize.net DPM (PA/DSS Compliant) (https://forum.x-cart.com/showthread.php?t=57792)

Readerm 04-06-2011 12:09 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Have you heard of this: http://www.prnewswire.com/news-releases/63-of-merchant-networks-contain-unencrypted-payment-card-data-in-v...18504204.html?

I really wonder a) who this program can determine compliance/non-compliance if the servers and x-cart in our case are encrypted, and b) what would the results be with this program for DMP. Does anyone have an idea?

gb2world 04-06-2011 09:20 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
The link you referenced is a tool looking for unencrypted credit card information. The best advise is not to store credit card information, encrypted or not, on your server. Using the method being referred to in this thread, Authorize.net DPM with the mod from BSCE, the credit card information is not stored on your server. It does not appear the tool you are referencing is applicable to this method. And if you do not use X-CART to store credit card info on your server (or never have), I don't think it applies in general, but you may check with the vendor to see if it is somehow doing other checks for PCI/Compliance.

---

icnjan 09-11-2011 01:57 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Our server move seems to have broken this add-on...anyone have any weekend quick fixes/ideas?

BCSE 09-12-2011 05:29 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by icnjan
Our server move seems to have broken this add-on...anyone have any weekend quick fixes/ideas?


Drop us an email if you're still having problems. Feel free to place an urgent support ticket if something is urgent like this.

Thanks,

Carrie

icnjan 09-12-2011 07:48 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Thanks, Carrie, I've just submitted the ticket!

BCSE 09-12-2011 08:05 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by icnjan
Thanks, Carrie, I've just submitted the ticket!


No problem. I already replied.

Thanks,

Carrie

icnjan 09-12-2011 04:05 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Just wanted to leave a positive comment about Carrie and her willingness to jump in and help solve our problem!!

BCSE 09-19-2011 05:58 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Glad you figured it out!

Thanks,

Carrie

dmr8448 12-20-2011 01:07 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Any recommendations on what company to use to do compliance scans on your site?

BCSE 12-20-2011 02:28 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
We use McAfee Secure:
http://www.bcsengineering.com/mcafee_secure/

There are others out there but I'm not familiar with them. We've been using these guys for over 7 years.

Carrie

BCSE 12-20-2011 02:33 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Our Holiday present to you $20 off of our Authorize.net DPM module!!

Utilize our Authorize.net DPM module with your AIM account to support you to be PCI Compliant including the new PA/DSS standard! Our Holiday present to you $20 off of our Authorize.net DPM module!! Hurry! Sale ends January 2nd!

Carrie

dmr8448 12-22-2011 08:20 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
So I just got x-carts newest newsletter and they reference two sites using x-cart:

Unemployed Philosophers Guild and Easy Decals Inc.

When you go through the checkout process on both of these it gets to the credit card page and it is just the regular x-cart checkout without using x-payments?

So does that mean they are not PCI compliant? Or are they using something that we don't know about?

cflsystems 12-22-2011 03:21 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
X-Payments shows after you click on 'place order" on the checkout page so unless you tried to place orders on these sites you will not see X-Payments

gb2world 12-22-2011 03:58 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
The merchant's bank is responsible for verification of compliance. I would advise not worrying about what other merchants or banks are doing, but to verify with the compliance officer of the bank that holds your merchant account that you are in compliance. You can send them information about the software you want to use to get their blessing (x-payments, authorize.net DPM, Barintree, etc.) They may have warned you about compliance, then asked you to self access by filling out a questionnaire. It could even be in the small print of something that you signed. They are likely going to do everything to reduce their risk, and not worry about expending extra effort to make sure you comply.

This gives you information about remaining in a state of non-compliance that could put you at risk: http://www.braintreepayments.com/blog/pci-compliance-basics-for-credit-card-secuirty

When you look at someone else's site, you might not have the full picture of any discussions/agreements they have with their merchant account provider. Your best information probably comes from working with your own provider.


---

jcrim 02-12-2013 07:26 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Carrie

I'm a new web store looking to incorporate a payment gateway using Authorize.Net. I currently have authorize.net aim account and my site is functional/products (except for the payment gateway). I deciding if I should pay your third-party module to implement DPM.

When using your BCSE DPM Module on X-Cart 4.5.x... Can you clarify exactly what is needed to be done on the xcart site. My question is 1. Under XCart Admin > Settings > Payments Method. What payment method do I need to setup to be able to use DPM? Do I need to install x-payments (authorize.net aim) method and then install your module (or) use the existing Authorize.Net: SIM method and apply your module to use direct post method?

Is there anything else needed on the xcart side.

Thanks.

Jesse

BCSE 02-13-2013 08:33 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by jcrim
Carrie

I'm a new web store looking to incorporate a payment gateway using Authorize.Net. I currently have authorize.net aim account and my site is functional/products (except for the payment gateway). I deciding if I should pay your third-party module to implement DPM.

When using your BCSE DPM Module on X-Cart 4.5.x... Can you clarify exactly what is needed to be done on the xcart site. My question is 1. Under XCart Admin > Settings > Payments Method. What payment method do I need to setup to be able to use DPM? Do I need to install x-payments (authorize.net aim) method and then install your module (or) use the existing Authorize.Net: SIM method and apply your module to use direct post method?

Is there anything else needed on the xcart side.

Thanks.

Jesse


Jesse,

You can probably get the fastest response via support but I'll try to answer your questions here.

The DPM module uses AIM credentials to communicate. DPM runs over Authorize.net AIM's protocol basically. You can in theory have SIM and DPM running at the same time. If your X-cart does not support AIM then you *can* still use the DPM. Some people get confused on that. Older versions of the DPM just use the settings from AIM, it doesn't actually use the coding in X-cart for AIM.

X-payments isn't required and will not work with the DPM module. The purpose of the DPM module is to help take your shopping cart out of the scope of PCI compliance so X-payments isn't needed (it does the same thing, taking X-cart out of PCI compliance requirements by taking the CC through X-payments instead of X-cart). Most banks accept (not heard of any yet that don't) the DPM module as a viable solution to PCI compliance since X-cart no longer sees/transmits the CC number anymore.

I hope that helps.

Thanks,

Carrie

BCSE 02-13-2013 08:37 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Jesse,

Also our DPM module has it's own place to put the AIM credentials in, if that wasn't clear. So you can't set it up until you purchase it if you have 4.5.x since 4.5.x doesn't include AIM directly in X-cart.

Thanks,

Carrie

Readerm 02-18-2013 01:09 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Hello Jon,

Do you have a PCI/DSS module for connecting with PayFlow?

quietcoolone 03-01-2013 07:26 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Carrie,
I'm interested in this module for my site which is currently 4.4.5 and one of the reasons for not upgrading to 4.5.x is because it does not include (support) AIM .
If i was to purchase and install your module while still running 4.4.5, will there be any issues or conflicts if and when i decide to move up to 4.5.x?
Also i missed the $20 Holiday discount, is there any discount saving coupons available today or in the coming days/weeks? :)

Thanks for your time.

BCSE 03-01-2013 09:09 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by quietcoolone
Carrie,
I'm interested in this module for my site which is currently 4.4.5 and one of the reasons for not upgrading to 4.5.x is because it does not include (support) AIM .
If i was to purchase and install your module while still running 4.4.5, will there be any issues or conflicts if and when i decide to move up to 4.5.x?
Also i missed the $20 Holiday discount, is there any discount saving coupons available today or in the coming days/weeks? :)

Thanks for your time.


Hi Austin,

I'm not sure of any discounts coming up but we do frequently put it on sale. I can drop a hint though to our marketing person and she may do that soon.

This module does *not* require Authorize.net AIM to be integrated into X-cart. I'll try to make that more clear on the website. It just requires an Authorize.net AIM account.

In previous versions prior to 4.5.x it just used the configuration settings in the AIM in X-cart. For 4.5.x and up it uses it's own configuration area.

Let me know if you have questions on that though!

Thanks,

Carrie

quietcoolone 03-01-2013 09:27 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Yes, i do have an Authorized.net AIM account and thanks for clarifying that AIM configuration in 4.5.x is done within your module and in Xcart for previous versions.
I will keep an eye out for future discounts for this item. Hopefully i'm not alone in this :)

Thanks again.

xcel 07-09-2013 03:25 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by BCSE

This module does *not* require Authorize.net AIM to be integrated into X-cart. It just requires an Authorize.net AIM account.

In previous versions prior to 4.5.x it just used the configuration settings in the AIM in X-cart. For 4.5.x and up it uses it's own configuration area.


Carrie,

Thank in advance for your help.

Can the module be used with X-Cart 4.6 without the need for X-Payments? If so, which payment gateway do we choose in X-Cart? The only option I see for Authorize.net AIM is via X-Payments.

Kevin

BCSE 07-09-2013 05:04 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Kevin,

When you install our module into 4.6.x you should see it as an option in the Modules section. I can't remember if it shows up in the payment methods selection. I'm currently out on vacation so it would be best to email us directly if you still have technical questions.

thanks!

Carrie

xcel 07-10-2013 07:00 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Thanks Carrie. I'll do that. Enjoy the rest of your vacation.

BCSE 07-14-2013 12:19 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Thanks Kevin. I'm still out on vacation but wanted to check to see if my team was able to help out.

thanks,

Carrie

BCSE 08-12-2013 12:10 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Currently our Authorize.net DPM and CIM modules are on sale!

http://www.bcsengineering.com/store/onsale.php?MMCF_xfANetAug13

Hundreds of people simplify their PCI compliance using one or both of these modules on their site. PCI compliance can't be achieved by just one factor, but our modules can make it much simpler than using standard on-site payment gateways.

Hurry sale ends next Tuesday, August 20!


Carrie

Barry Jackman 08-21-2013 12:31 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
When the module was installed we tested it and it appeared to work fine. In the last few days it has been giving us the error code when attempting to place an order. I am using X-Cart v4.5.4 and experiencing an "Access Denied" error when using DPM module.

BCSE 08-21-2013 01:19 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Hi Barry,

Did you drop us an email so we can dig into this for you? We'll probably need to look into it some. It's quite odd for it to stop working like that.

Thanks

Carrie

BCSE 08-21-2013 01:30 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Barry,
I found your ticket and just replied just FYI!

Carrie

Barry Jackman 08-21-2013 03:12 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Carrie for checking out the error quickly.

I have updated the support ticket indicating the error still exist along with FTP access.

Thanks

quietcoolone 09-11-2013 12:16 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Finally bought this module and updated store to 4.6.0 and it is working well on the customer end, however in the admin i can no longer "capture" payments. When clicking on the capture button the following error is displayed:
Payment module internal error: the requested action couldn't be completed
I've sent an email to BCSE support, but thought it would make send to add here for anyone to chime in.

Thanks.

BCSE 09-17-2013 06:31 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Hi Austin,

Hopefully my team was able to help out. I've been pretty swamped and haven't been able to review forum posts as frequently as I'd like to.

Drop us an email back to support if you still need help!

Thanks,

Carrie

quietcoolone 09-17-2013 06:37 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Carrie,
After many hours or trying i was finally able to get it to capture, but after each capture i get the following sql error:

[16-Sep-2013 23:42:55] (shop: 16-Sep-2013 18:42:55) SQL error:
Site : https://www.discountcarstereo.com
Remote IP :
Logged as : @discountcarstereo.com
SQL query : SELECT `extra` FROM `` WHERE `orderid` = '300494' LIMIT 1
Error code : 1103
Description : Incorrect table name ''
Request URI: /admin/process_order.php?orderid=300494&mode=capture
Backtrace:
/var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:320
/var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:217
/var/www/vhosts/discountcarstereo.com/httpdocs/include/func/func.db.php:581
/var/www/vhosts/discountcarstereo.com/httpdocs/modules/BCSE_Authorizenet_DPM/func.php:285
/var/www/vhosts/discountcarstereo.com/httpdocs/modules/BCSE_Authorizenet_DPM/process_order.php:22
/var/www/vhosts/discountcarstereo.com/httpdocs/include/process_order.php:51
/var/www/vhosts/discountcarstereo.com/httpdocs/admin/process_order.php:52

any ideas?

Thanks

BCSE 09-18-2013 10:30 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Austin,

Do you have this in a ticket by chance? That's the best way to help as I can then get it to the right person. It may be a feature we need to add.

Thanks,

Carrie

quietcoolone 09-18-2013 10:34 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by BCSE
Austin,

Do you have this in a ticket by chance? That's the best way to help as I can then get it to the right person. It may be a feature we need to add.

Thanks,

Carrie

No ticket, but in email contacts with Gary

BCSE 09-18-2013 10:38 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by quietcoolone
No ticket, but in email contacts with Gary


Hi Austin,

I found the ticket. Looks like Gary's working with you so we can get a programmer in to your system to look at your situation. Sometimes the latest version of X-cart is a real pain to let someone else into the back end. Looks like that's what he's working with you now on.

Once we are able to log in we can probably advise and/or fix.

Thanks,

Carrie

Psychobilly 09-18-2013 12:28 PM

Re: Authorize.net DPM (PA/DSS Compliant)
 
I'm having the "page not found" issue when using this module. This happens when you click the submit button on the checkout page.

Anyone else figure out a fix for this?

I'm using X-Cart 4.6

BCSE 09-19-2013 06:23 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Please check your SSL cert including intermediate certs as well. This happens if the SSL cert isn't installed correctly. Authorize.net will refuse to return to X-cart if this is the case.

Email us though if you still have issues and we can possibly point you to how to show your host that the ssl is an issue.

Thanks,

Carrie

quietcoolone 09-22-2013 02:29 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Quote:

Originally Posted by BCSE
Hi Austin,

I found the ticket. Looks like Gary's working with you so we can get a programmer in to your system to look at your situation. Sometimes the latest version of X-cart is a real pain to let someone else into the back end. Looks like that's what he's working with you now on.

Once we are able to log in we can probably advise and/or fix.

Thanks,

Carrie


Hats off to BCSE for their continued support. The programmer was given access to the back end and took care of the issue.
I would like to make an observation:
In Xcart 4.5.x (and prior versions) the pre-authorized order details page had a "capture" and "decline" button, however the decline button is gone in Xcart 4.6.x
Is it gone because 4.6.x no longer has a built-in Authorize.net module or is it gone because your DPM does not support it? (is it available in X-payment?).
This is the process one would follow in xcart prior to 4.6.x
Processing a Pre-Authorized order

If the order is in Pre-Authorized status, you can either capture the authorized amount or void the authorization.
For PayPal, Authorize.Net, LinkPoint, Sage Pay VSP Direct or NetRegistry e-commerce orders, you can do this using the buttons below the 'Order details' field:
  • To perform the 'capture' action, click the button Capture.
  • To perform the 'void' action, click the button Decline.
After the action chosen by you is successfully completed, the status of the order is automatically updated to Processed or Declined, respectively.

Declining in 4.6.x requires login to authorize.net.

Any ideas?

BCSE 10-03-2013 08:40 AM

Re: Authorize.net DPM (PA/DSS Compliant)
 
Austin,

Glad we could help! Just let us know in your ticket how you want to proceed. Looks like we gave 2 options for this. One as a feature request and one as a quote (immediate need).

Thanks,

Carrie


All times are GMT -8. The time now is 12:06 PM.

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.