Authorize.net Start-Up Guide

For more information go to http://support.kastenberry.com

The Merchant Interface is where you access your Authorize.Net account's transactions, account settings, account statements, reports, and additional services.

Find the Merchant Interface sign-in page at https://login.authorize.net, or visit https://www.authorize.net and click SIGN IN, then Merchants.

After you activate your Authorize.Net account using the activation link from your welcome email, you will be signed into the Merchant Interface.

Test Mode

By default, your account is in Test Mode, which enables you to submit test transactions to validate that your Authorize.Net compatible payment solution can connect to the account, without submitting an actual charge.

Work with your payment solution developer to test your connection to Authorize.Net. After your connection is validated, you can disable Test Mode to begin processing live transactions. To disable Test Mode, click the orange banner at the top of the Merchant Interface.

You can also turn on Test Mode to temporarily stop payment processing, if you notice suspicious activity on your account.

To turn Test Mode on or off:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under General Security Settings, click Test Mode.
• Step 4: Drag the slider to Test or Live.

Remember to turn off Test Mode when you are ready to process live transactions.

Transaction Processing Settings

To connect your payment solution to Authorize.Net, generate an API Login ID, a Transaction Key, and a Signature Key (optional), and add these API credentials to your payment solution. The API credentials are unique to your Authorize.Net account and are used to identify and validate the payment solution for transaction processing.

Important: Store the API Login ID, Transaction Key, and Signature Key securely, and do not send them through email. As a best practice, create an Account Administrator user for your web developer, so they can generate the API credentials, and remove the user after the web developer has finished configuring the payment solution.

Important: Do not configure your payment solution to use your Merchant Interface login ID and password. These credentials can only be used to sign in to the Merchant Interface and should not be shared with anyone.

Obtaining Your API Credentials

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Click Settings.
• Step 4: Under General Security Settings, click API Credentials & Keys.
• Step 5: Under Create New Key(s), click New Transaction Key.
• Step 6: Click Submit.
• Step 7: When prompted, request and enter a validation PIN.
• Step 8: Your API Login ID and Transaction Key appear.

After you have created your API Login ID, you may not change it in the Merchant Interface. To reset your API Login ID, contact Customer Support.

Generating a New Transaction Key or a Signature Key

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Click Settings.
• Step 4: Under General Security Settings, click API Credentials & Keys.
• Step 5: Under Create New Key(s), click New Transaction Key or New Signature Key.
• Step 6: Click Submit.
• Step 7: When prompted, request and enter a validation PIN.
• Step 8: Your Transaction Key or Signature Key appears.

Important: Check Disable Old Transaction Key or Disable Old Signature Key if you suspect that your current keys are being used fraudulently, and you need to disable the keys immediately. Otherwise, the previous Transaction Key or Signature Key remain valid for 24 hours to provide time to change the keys in your payment solution.

Security Settings

The following features of Authorize.Net help prevent fraudulent transactions.

Address Verification Service

The Address Verification Service (AVS) is a system provided by issuing banks and card associations to help identify suspicious payment card activity for e-commerce transactions. AVS matches portions of the customer's billing address, as provided by the merchant, to the billing address on file with the issuing bank. Authorize.Net then accepts or rejects the transactions according to the settings that you specify.

The default AVS settings are set to reject transactions when the billing street address or ZIP code do not match the issuing bank's records. International cards typically do not support AVS, and they are typically rejected by default.

Review and configure your AVS settings to suit your business model. Contact your Merchant Service Provider to discuss AVS best practices for your business.

To review and edit your AVS settings:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under Basic Fraud Settings, click Address Verification Service.
• Step 4: Check or uncheck the box next to each AVS response code to indicate that you want to reject or accept transactions with that AVS response.

Click Help in the top right corner if you have questions about the response codes.

Card Code Verification

Card Code Verification (CCV) compares the card code submitted by the customer with the card code on file with the issuing bank. The card code appears at the end of the signature panel on the back of the card, or for American Express cards, on the front of the card just above the end of the credit card number.

Card codes provide extra security against unauthorized credit card transactions. Because card codes cannot be stored in payment solutions, checking the card code helps to ensure that the customer authorized the transaction. You can use CCV to better decide whether to accept or reject credit card transactions.

Contact your Sales Executive to discuss CCV best practices for your business.

To review and edit your CCV settings:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under Basic Fraud Settings, click Card Code Verification.
• Step 4: Check or uncheck the box next to each CCV response code to indicate that you want to reject or accept transactions with that AVS response.

Click Help in the top right corner if you have questions about the response codes.

Daily Velocity Filter

The Daily Velocity Filter is a tool that allows you to specify a threshold for the number of transactions allowed per day. All transactions exceeding the threshold in that day are flagged and processed according to the actions that you specify. It is a useful tool for preventing high-volume attacks that are common with fraudulent transactions.

To configure the Daily Velocity Filter:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under Basic Fraud Settings, click Daily Velocity.
• Step 4: Check Enable Filter.
• Step 5: Under Transaction Velocity Threshold, enter the number of transactions that you expect to process every day.
• Step 6: Under Filter Actions, choose the action that you want to take on transactions submitted after you reach your Transaction Velocity Threshold.
• Step 7: Click Save.

Click Help in the top right corner if you have questions about the filter actions.

Advanced Security

Authorize.Net also provides the Advanced Fraud Detection Suite, a set of customizable, rules-based filters and tools that identify, manage, and prevent suspicious transactions.

For more information on AFDS, click Tools on the main toolbar, then click Fraud Detection Suite.

General Settings

Use the following settings to customize your Authorize.Net account for your business.

Time Zone

Set your Authorize.Net account to use the time zone in which your business is located. Setting the time zone enables transactions, statements, and reports to display timestamps in your local time zone, and ensures that your transaction cut-off time is accurate.

To update the time zone:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under General Information Settings, click Time Zone.
• Step 4: Choose a time zone from the drop-down menu.
• Step 5: Click Submit.

Transaction Cut-Off Time

The Transaction Cut-Off Time setting specifies the daily cut-off time for batched transactions to be submitted to your processor for settlement. Transactions submitted after the cut-off time are sent to the processor after the cut-off time the following day. The default transaction cut-off time is 3:00 p.m. Pacific time.

To update the transaction cut-off Time:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Under General Information Settings, click Transaction Cut-Off Time.
• Step 4: Choose the cut-off time for your business from the hour, minute, and a.m./p.m. drop-down menus.
• Step 5: Click Submit.

Important: Allow up to 24 hours for the transaction cut-off time to update.

User Administration

The User Administration feature enables an account owner to create unique user accounts with distinct login IDs and passwords for employees who need access to the Merchant Interface. You can also customize permissions for each user account to match each employee’s job responsibilities—helping you to keep transaction and account management activities in the Merchant Interface separate and streamlining your transaction management processes. By default, the person who activates your payment gateway account is the account owner. This account will be the only user account until you create additional accounts.

To create additional user accounts:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Account.
• Step 3: Click User Administration.
• Step 4: Click Add User.
• Step 5: Choose the type of user to add from the User Role drop-down menu. The default permissions associated with that role appear.
• Step 6: You can uncheck boxes next to permissions that you do not want the user to have.
• Step 7: Click Next.
• Step 8: Create a login ID for the user. The login ID must be at least six characters long and a combination of letters and numbers. Note that account contacts do not have Merchant Interface access and do not have a login ID.
• Step 9: Enter the user's name, title, and contact information.
• Step 10: Check the types of email notifications for the user to receive.
• Step 11: Click Submit.
• Step 12: When prompted, request and enter a validation PIN.
• Step 13: A confirmation that the user is created appears.
• Step 14: The user receives an activation email at the email address added during Step 9. The email includes a link for activating the user account, verifying user information, and setting a password.

Virtual Terminal

The Virtual Terminal enables you to submit payment transactions manually through the Merchant Interface. Use the Virtual Terminal if you accept payments for mail order/telephone order (MOTO) sales. To submit a payment card transaction for automatic settlement using the Virtual Terminal:

• Step 1: Log in to the Merchant Interface at https://login.authorize.net.
• Step 2: Click Tools.
• Step 3: Under Select Payment Method, click Charge a Credit Card.
• Step 4: Under Select Transaction Type, click Authorize and Capture.
• Step 5: Under Payment/Authorization Information, enter the customer’s payment information.
• Step 6: Optional. Under Order Information, enter the invoice number and a description of the order.
• Step 7: Optional. Under Customer Billing Information, enter the customer's name, ID, company, and billing address. Note that the transaction might be declined with an AVS mismatch if you do not include a billing address and if you use the default AVS settings for your account.
• Step 8: Optional. Under Shipping Information, check Same as information entered in Billing Information, or enter a new address for shipping the order.
• Step 9: Click Submit.

If you use CCV to verify the customer’s card code, click Virtual Terminal Settings at the bottom of the Virtual Terminal, check Card Code in the Required column, and click Submit.