How to enable Credit Card Validation in WooCommerce for Authorize.Net CIM Gateway

Notice: By using the latest FraudLabs Pro for WooCommerce and WooCommerce Authorize.Net CIM Payment Gateway plugins, the credit card details will be captured automatically without following the steps below.

Credit card information is highly sensitive data and should be protected from unauthorized access. Due to this reason, it is understandable that neither the payment gateway plugin nor WooCommerce is going to expose this information to a 3rd party integrator, like us, to read and process, even for a very good reason – to perform the fraud validation. This is why you might have noticed an N/A value for all credit card related fields in our fraud validation results.

Credit card information is one of the key elements in fraud detection. Obviously, you would want the best fraud protection possible, therefore one might wonder, is there a workaround to this limitation? The answer is yes. It involves some minor editing to the payment gateway file, and the modification is payment gateway specific. In this tutorial, we will guide you with step-by-step instructions to edit the Authorize.Net CIM payment gateway to enable the credit card validation. Below are the modifications to be done:

$("body").on( "change", "input[id=wc-authorize-net-cim-credit-card-account-number]", function() {
    var cc = $('input[id=wc-authorize-net-cim-credit-card-account-number]').val();
    var flp_ccbin = cc.substring(0,7);
    flp_ccbin = flp_ccbin.replace(/\s+/g, '');

    var flp_cchash = cc.replace(/\s+/g, '');

    var getUrl = window.location;
    var baseUrl = getUrl .protocol + "//" + getUrl.host + "/" + getUrl.pathname.split('/')[1];
    $.post(baseUrl + '/wp-content/plugins/fraudlabs-pro-for-woocommerce/flp_cc.php', {flp_cc_bin: flp_ccbin, flp_cc_hash: flp_cchash});
});

What we did here:

  • Read the credit number from the user input
  • Extract the 6 digits Credit Card BIN
  • Hashed the entire credit card number using SHA-1(refer flp_cc.php)
  • Save them into session object for later validation (refer flp_cc.php)
    Note: The flp_cc.php file is located in the fraudlabs-pro-for-woocommerce plugin folder.

The above logic will convert the plain credit card number into an irreversible hashed string for the fraud validation. Neither us nor the 3rd party will be able to read the plain credit card number from the hashed string. Below are the steps to enable the fraud validation for the payment gateway.

Note: The following guide is based on WooCommerce Authorize.Net CIM Gateway version 2.6.1 with WordPress version 4.8.1.

  1. Get the WooCommerce Authorize.Net CIM Gateway at https://woocommerce.com/products/authorize-net-cim/.
  2. Go to the Settings page of Authorize.Net CIM and disable the “Tokenization” option.
    Note: This guide is not workable for this option so it must be disabled.

    Authorize.Net CIM Settings Page

  3. Save the settings.
  4. Edit the wc-authorize-net-cim.min.js file which is located in the wordpress/wp-content/plugins/woocommerce-gateway-authorize-net-cim/assets/js/frontend/ folder.
  5. Copy the code provided above and paste it 1 line before window.wc_authorize_net_cim_credit_card_accept_js_handler = new WC_Authorize_Net_CIM_Credit_Card_Accept_JS_Handler();
  6. Done.
     

Disclaimer of Warranty
THE MODIFICATION IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE FRAUDLABS PRO BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE MODIFICATION OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Was this article helpful?

Related Articles