Documentation You are here: start » gateways

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
gateways:start [2017/04/26 07:02]
127.0.0.1 external edit
gateways:start [2020/03/12 20:38] (current)
marija [Card Verification and Subsequent Auth+Captures]
Line 2: Line 2:
 <WRAP tip round 60%> <WRAP tip round 60%>
 //**Need a gateway?​**//​ //**Need a gateway?​**//​
-We've partnered with a company we trust to serve US merchants. Please [[hello@foxycart.com|contact us]] and we'll connect you. The plans are 2.9% + 30¢/​transaction with no monthly, setup, or contract. There'​s also a 2.2% + 25¢ plan as well.+We've partnered with a company we trust to serve US merchants. Please [[hello@foxycart.com|contact us]] and we'll connect you. The plans are 2.9% (as low as 2.7% depending on your sales volume) ​+ 30¢/​transaction with no monthly, setup, or contract.
 </​WRAP>​ </​WRAP>​
  
Line 11: Line 11:
  
 ===== Supported Gateways & Other Payment Methods ===== ===== Supported Gateways & Other Payment Methods =====
-{| class="​clouds"​ 
-|- 
-| style="​width:​57%;​ padding-right:​3%"​ | 
 ---- datatable gateways ---- ---- datatable gateways ----
-cols    : name, %pageid%+cols    : name, %pageid%, supports-3dsecure
 headers : Gateway Name, Link headers : Gateway Name, Link
-max     : ​100+max     : ​200
 filter ​ : type=gateway filter ​ : type=gateway
 sort    : %pageid% sort    : %pageid%
 ---- ----
-| + 
-//**Filter Gateways by Supported Country**// +==== Filter Gateways by 3D Secure Support ==== 
-\\ Country codes below are according to [[wp>​ISO_3166-1_alpha-2|ISO 3166-1 alpha-2]]. <wrap tip>''​GB''​ is the ''​UK''</​wrap>,​ and Greece is ''​GR''​ and not ''​IL''​.+ 
 +Click below to see which gateways support 3D Secure. 
 +---- datacloud ---- 
 +field : supports-3dsecure 
 +min : 1 
 +limit : 300 
 +filter ​ : type=gateway 
 +---- 
 + 
 +==== Filter Gateways by Supported Country ​==== 
 + 
 +Country codes below are according to [[wp>​ISO_3166-1_alpha-2|ISO 3166-1 alpha-2]]. <wrap tip>''​GB''​ is the ''​UK''</​wrap>,​ and Greece is ''​GR''​ and not ''​IL''​.
 ---- datacloud ---- ---- datacloud ----
 field : countries field : countries
Line 30: Line 38:
 filter ​ : type=gateway filter ​ : type=gateway
 ---- ----
-|} 
  
  
Line 60: Line 67:
 An important but often misunderstood piece of credit card processing is the relationship between "​authorization"​ and "​capture"​. The easiest way to explain it is by using a gas station as an example. You drive up to the pump and insert your credit card, at which point the card is "​authorized"​ for (let's say) $75. This authorization checks with your bank to make sure you have the funds, just like a normal transaction,​ but //​doesn'​t yet charge the card// ("​capture the funds"​),​ since the final dollar amount is unknown. Once you have finished pumping and the final transaction amount is known (say, $45.03), the system issues a "​capture"​ for $45.03. The first part is an "​authorization only", or "​auth-only",​ transaction. The second part is the capture. An important but often misunderstood piece of credit card processing is the relationship between "​authorization"​ and "​capture"​. The easiest way to explain it is by using a gas station as an example. You drive up to the pump and insert your credit card, at which point the card is "​authorized"​ for (let's say) $75. This authorization checks with your bank to make sure you have the funds, just like a normal transaction,​ but //​doesn'​t yet charge the card// ("​capture the funds"​),​ since the final dollar amount is unknown. Once you have finished pumping and the final transaction amount is known (say, $45.03), the system issues a "​capture"​ for $45.03. The first part is an "​authorization only", or "​auth-only",​ transaction. The second part is the capture.
  
-(Another option would be for the gas station to authorize a small amount like $1 just to make sure that it's a valid card, then upon completion clear that auth and issue an auth+capture for the full amount in one go.)+(Another option would be for the gas station ​(or any merchant) ​to authorize a small amount like $1 just to make sure that it's a valid card, then upon completion clear that auth and issue an auth+capture for the full amount in one go. That approach can be sub-optimal,​ though, as a $1 charge might go through fine, but a $75 charge might fail for insufficient funds. This approach also requires storing payment information in one way or another, which can lead to its own challenges.)
  
-The other, much more common way to process transactions is to do the authorization and capture at the same time, referred to as an "auth/capture"​ or "​auth/​capture"​. Imagine buying groceries: You go to checkout, the total charge is determined, and your card is charged (both auth'd and captured at the same time).+The other, much more common way to process transactions is to do the authorization and capture at the same time, referred to as an "auth+capture"​ or "​auth/​capture"​. Imagine buying groceries: You go to checkout, the total charge is determined, and your card is charged (both auth'd and captured at the same time).
  
 Where things get confusing is on the proper usages of an auth-only transaction. It is often thought of as a way to accept pre-orders or to handle trial billing periods. While you //could// use an auth-only to handle these types of charges, it might not be a great idea for a few reasons. Where things get confusing is on the proper usages of an auth-only transaction. It is often thought of as a way to accept pre-orders or to handle trial billing periods. While you //could// use an auth-only to handle these types of charges, it might not be a great idea for a few reasons.
   * Authorizations effectively "​hold"​ the amount authorized. So if you auth $300, that $300 is unavailable to the customer even if you haven'​t captured the funds. (If you don't capture and the auth expires, the funds will be released back to the customer, but in the meantime they may have overdrafted their account.)   * Authorizations effectively "​hold"​ the amount authorized. So if you auth $300, that $300 is unavailable to the customer even if you haven'​t captured the funds. (If you don't capture and the auth expires, the funds will be released back to the customer, but in the meantime they may have overdrafted their account.)
-  * Authorizations don't last forever. 3 days is probably as far as you'd want to go under normal circumstances,​ and 30 days appears to be the upper limit, though the exact details will depend on your gateway, and perhaps ​variety ​of other factors.+  * Authorizations don't last forever. 3 days is probably as far as you'd want to go under normal circumstances,​ and 30 days appears to be the upper limit, though the exact details will depend on a number ​of factors, including the card type (Visa, MasterCard, AmEx, etc.).
 A better use of auth-only transactions would be to handle expected variations in product delivery or final charges. For example, if your shipping charges vary by factors that FoxyCart cannot account for, or products may not be available regularly, you may want to auth-only then adjust the final transaction amount before capturing the funds. Important to note, however, is that you can never capture //more// than you've initially authorized when using a traditional gateway. Some gateways allow you to capture only as much as has been authorized, while others (([[https://​cms.paypal.com/​us/​cgi-bin/?​cmd=_render-content&​content_ID=developer/​howto_admin_authcapture|PayPal]]'​s authorization & capture functionality)) may allow you to capture up to a certain percentage of the authorized amount, but not more than a certain dollar amount higher. A better use of auth-only transactions would be to handle expected variations in product delivery or final charges. For example, if your shipping charges vary by factors that FoxyCart cannot account for, or products may not be available regularly, you may want to auth-only then adjust the final transaction amount before capturing the funds. Important to note, however, is that you can never capture //more// than you've initially authorized when using a traditional gateway. Some gateways allow you to capture only as much as has been authorized, while others (([[https://​cms.paypal.com/​us/​cgi-bin/?​cmd=_render-content&​content_ID=developer/​howto_admin_authcapture|PayPal]]'​s authorization & capture functionality)) may allow you to capture up to a certain percentage of the authorized amount, but not more than a certain dollar amount higher.
  
 In most situations we strongly recommend doing an auth+capture. If you do have specific requirements that necessitate auth-only processing we encourage you to test thoroughly and keep up to date on any changes your gateway may make that impact that functionality. In most situations we strongly recommend doing an auth+capture. If you do have specific requirements that necessitate auth-only processing we encourage you to test thoroughly and keep up to date on any changes your gateway may make that impact that functionality.
  
 +==== Card Verification and Subsequent Auth+Captures ====
 +Foxy support (for some gateways) the ability to verify a card with a $0 or $1 auth. (Check with your processor for the correct value to use. If you pass the wrong value, you can be hit with a small authorization misuse fee, or it can just error.) Verifications are useful for situations like...
 +
 +  * Free trials on a subscription,​ where you want to charge the customer 7 days in the future but need to make sure their card is valid first.
 +  * Pre-orders. (This is a bigger topic, but it's a valid use case.)
 +  * Accepting transactions where you might need to adjust the final charge //upwards// (ie. charge //more// than was displayed to the customer on the checkout).
 +
 +There are some downsides, though:
 +
 +  * If you've selected //Enabled, always and only verify//, you need to capture every verified transaction manually (or build an API integration,​ which is definitely the better approach if you have any sort of volume). Otherwise, it will verify only $0 transactions (for example, where the transaction has future subscription start dates and are not charged on the first transaction date).
 +  * Just because a card verified doesn'​t mean it'll work for the full amount, so you'll need to also build robust procedures or automated handling of errors.
  
 +This approach is generally only recommended for advanced users who have very, very specific workflows.
 ==== Gateway Errors and What To Do About Them ==== ==== Gateway Errors and What To Do About Them ====
 Payment errors are a fact of e-commerce life, but fear not: They'​re typically easy to understand once you know what you're looking for. Please read our [[:​primer:​errors|primer on payment processing errors]], because knowing is half the battle. Payment errors are a fact of e-commerce life, but fear not: They'​re typically easy to understand once you know what you're looking for. Please read our [[:​primer:​errors|primer on payment processing errors]], because knowing is half the battle.

Site Tools