I have encountered this situation with a few clients. More specifically, in cases where an ARB subscription grants access to premium parts of a website, it is not completely validated until sometime later when Authorize.net's servers run their batch jobs to process ARB transactions. If the user enters invalid information, whether maliciously or accidentally, they still gain access to the premium parts of the site. Furthermore, Authorize.net does not notify you in any clear way (that I have seen) that the transaction failed. It probably is included with the end-of-day reports you get, but you would have to explicitly look at every one each day for the failure then go in and manually revoke that user's rights, which is both time consuming and terrible for customer relations.
The solution I have come up with is to submit the first payment as a normal payment transaction through the AIM API so you get an immediate response on the validity of the billing information. Then, if it goes through okay, set up your ARB subscription to start at the next billing cycle, rather than immediately. If the AIM transaction fails, you can inform the user immediately and therefore never give them access in the first place, or perform whatever notification and/or processing your system needs to do.
Recent comments
18 weeks 4 days ago
18 weeks 4 days ago
19 weeks 14 hours ago
20 weeks 1 day ago
21 weeks 5 days ago
23 weeks 4 days ago
24 weeks 1 hour ago
25 weeks 3 days ago
25 weeks 3 days ago
25 weeks 6 days ago