Blog

At ParadoxLabs, we are always looking for ways to make our products and our clients’ sites better.

Authorize.Net recently released a new API product called Accept.js. This API allows credit card information to be sent straight from your customers’ browsers to Authorize.Net, without touching your web server at all. In its place, Authorize.Net gives us a one-time-use token (nonce) to identify the card. Since the raw credit card number and CCV are never sent to your web server, this improves your website’s security, and reduces your PCI compliance exposure.

Image © 2016 Authorize.Net (used by permission)

We’re proud to announce that as of version 2.3.0, our Authorize.Net CIM payment method for Magento 1 includes full support for Accept.js. We’ve been working closely with Authorize.Net on ways to improve this popular extension, and we’re excited to finally make this a reality.

Since Accept.js sends credit card data directly to Authorize.Net, using our extension and Accept.js for all credit card transactions may make you eligible for PCI Self-Assessment Questionnaire (SAQ) A-EP, rather than the more intensive PCI SAQ D form. For details on the SAQ types and why this is the case, see “Understanding the SAQs for PCI DSS version 3” (PDF, by PCI Security Standard Council).

Accept.js has minimal impact on user experience, and should be compatible with all checkout solutions. The credit card form is still located on your website, using your own templates and styles. The data is tokenized as soon as all credit card fields are completed.

In order to use Accept.js, all you have to do is enable it under Advanced Settings, and enter your Client Key from Authorize.Net.

The Public Client Key is a new API key provided by Authorize.Net explicitly for Accept.js, completely separate from your existing Transaction Key. If you already have one generated, it will be displayed when you go to the associated page in your Authorize.Net account. Otherwise, you will need to generate one.

Note that Accept.js requires SSL on any pages having a payment form (including your admin panel and dev sites). We strongly recommend testing checkout after enabling Accept.js, to ensure everything works as expected.

If you already use our Authorize.Net CIM payment method, with or without Recurring Profiles support, update to the latest release to take advantage of this new feature. Accept.js support is added in version 2.3.0. Log in and download it now!

If you would like to know more about this payment method, more information is just a click away: Authorize.Net CIM Payment Module for Magento 1

If you have any questions, please give us a call at 717-431-3330, or email us at sales@paradoxlabs.com.