Author: Jim Conners
Rating: 10.0
Ecommerce takes many forms including one item stores and full blown catalogs. An increasingly more prevalent form of ecommerce is subscription based websites. These sites charge their subscribers a regularly scheduled recurring fee in exchange for access to content and services not available to the general public. Some examples of businesses that use a subscription model are:
Handling recurring billing such as those used above requires storing a user's credit card information as each scheduled transaction must be processed as its own independent transaction from previous ones. This means whomever is handling the transactions must deal with all security issues such as those laid out in the Payment Card Industry (PCI) Data Security Standard known as CISP. The complexity of this standard is laid out in our article Visa's CISP Data Security Standard Explained. Ideally, a business would find a solution that would mean they don't have to worry about these security issues and would ideally make managing recurring transactions easy and seamless.
That is where the Authorize.Net® Automatic Recurring Billing (ARB) API comes to the rescue. The ARB feature offered by Authorize.Net stores the customer's credit card information within their own CISP compliant network so you don't have to. It also allows for the scheduling of payments to occur so you don't have to manually process the payments yourself.
In February, 2023 Authorize.Net released a new API to allow websites to communicate with their ARB system seamlessly much like the Advanced API allows transaction to be processed immediately "behind the scenes". This means merchants no longer had to manually establish ARB accounts which frequently required them storing this information on their website. This helped to eliminate the potential risks, and certain CISP violations, associated with storing credit card data.
As we did with in our article Integrate the Authorize.Net Payment Gateway with PHP, we will explore the Authorize.Net ARB API with the following goals in mind:
Not only do we not want to have our customers leave our website during payment, but we don't want to have to do any extra work when setting up a recurring billing account. This means we want our system to take payment and establish a recurring billing account seamlessly for our customers and for us.
Taking payment is challenging enough as we saw in Integrate the Authorize.Net Payment Gateway with PHP. We simplified the process tremendously with the code we created in that article. We don't want establishing a recurring billing account to be any more challenging.
Not all ecommerce websites will want to establish recurring billing accounts. In fact, most won't. We will want to make sure our code is modular and can be added to our checkout process only when needed.