Subscriptions, recurring orders


https://forum.kartris.com/Topic2353.aspx
Print Topic | Close Window

By stringerbell - Sun 8 Sep 2013
It'd be nice to be able to charge for certain products, either digital or physical, in a periodic basis.

Our store needs to sell educational material that have to be charged in a recurring monthly basis, to the customers that subscribe to it.

There should be a way for the customers to subscribe by themselves and be able to cancel/modify at any time.

Also, there should be a tool in the backend that could be run manually or automatically, that processes and authorizes all the subscribers' stored credit card info with the payment gateway (we use Authorize.net's AIM) and generates a report that would allow us ship the goods for the successfully processed subscriptions.

We plan to build this functionality by ourselves, but in the meantime we have to have our customer fill and sign a paper application with all their billing info, and then process each order one by one the first day of the month, which is a daunting task given the growing number of subscribers we have.

Thank you very much
By Mart - Mon 9 Sep 2013
There are security concerns about storing credit card details within the database. We consider that Kartris is very secure (we're not aware of any successful hack on a Kartris store, and certainly not aware of any vulnerabilities, either now or in the past that could be used to attack a store). Security is a primary concern for us and we know a fair bit about it.

If you are storing credit card details your credit card provider will almost certainly have issues with that. You'd need to have a much stricter PCI DSS audit than if you don't store credit card details and solely rely on a third party provider.

If I had a project that required recurring billing I'd be looking to get the payment gateway to do the heavy lifting on that. I know Worldpay pretty well and that certainly has the ability to do recurring payments (or installments). I believe Paypal does too and I suspect many of the others do. You'd still need to modify Kartris to support this, as you'd need to carry details of the recurring billing to the checkout and then pass it to the third party gateway, but at least you'd avoid the audit issues from your payment provider that you'd incur if you chose to save credit card details (and avoid making your store more attractive to attackers).

If you were going to store credit card details, you'd certainly want to implement some kind of strong encryption regime, with keys not stored in the server (so perhaps a manual process you undertake monthly where you enter a key that decrypts the card details in memory and processes them)
By stringerbell - Mon 9 Sep 2013
Hello Mart, thank you for your quick response.

I apologize that I couldn't make myself clear on how the credit card's info would be managed.

In our case that information will be stored and safeguarded at Authorize.net, as we're using their ARB feature (Automated Recurring Billing) for managing the monthly billing process. We don't have plans of storing such sensitive information at our side.

However, we'd still need Kartris to communicate in some ways to Authorize.net's ARB through the ARB API, and allow the customers to modify/cancel their subscriptions.

Best regard.
By Mart - Mon 9 Sep 2013
Ah, sounds like you know what you're doing.

Would be interested in knowing when you have that modification working, sounds like it might be something that would appeal to other users too.
By djjohnson - Sat 3 May 2014
Did you ever get Authorize.net ARB implemented?
By Paul - Sun 4 May 2014
No, but if it is just an extra flag to send across, I've posted a link to the source code in your other thread... it may be something you can add to that easily. We'd certainly appreciate any code modifications if you're willing to make them available for the benefit of other users.
By djjohnson - Mon 5 May 2014
Really its more than just adding an extra flag. That implementation only marks it as reoccurring billing and you have to manually change it in the Anet Portal, and lacks the ability to specify the time period reoccurring billing. You have to implement ABS to accomplish this. I have already started on the ARB Plugin and will gladly share it soon as I have it done. I'm thinking sometime late this week or early next week. As far as getting the plugin into Kartris how is that done? Because I will need to add a couple more form fields to collect data for the time period to bill for I.E. (one time, monthly, quarterly, yearly or custom)
By Paul - Mon 5 May 2014
Installing a plugin is simple. You just copy it's folder into the plugins folder, and then go to the back end payment and shipping gateways page and it should appear - if not refresh it. This is then installed.

In terms of passing extra information with a version of a product, we have an expandable system in place - the object config.

If you find the table tblKartrisObjectConfig and view the records, you can see that there are a number of settings which apply to either products or versions. When you edit a product or a version, there is a tab 'object config' with fields where you can add values for these settings.

You can add a new record to the table, such as

K:version.recurringbillingdetails

When you view a version in the back end for editing, you will see this new setting and a text box on the the object config tab. You'll need to figure out a consistent way to put data in, e.g.

once
monthly
quarterly
yearly

or some other value (custom)

It's probably good if possible to store exactly what you'd want to pass to the payment system, if it's just a single field value.

You can retrieve object config values easily in code, see the ObjectConfigBLL.vb in the App_Code/BLL folder. The 'GetValue' function at the bottom let's you retrieve a value by passing in the name of the value (K:version.recurringbillingdetails) and the parent ID (the db ID of the version in this case).

You'd need to write the code to pull these values for each item in the order, but this should at least give you the tools to add the data to items in the back end, and retrieve it.
By djjohnson - Tue 6 May 2014
How are errors / exceptions handled in the Kartris Plugins API? Do I just have to throw an exception and will auto log it or what do I need to do? I.E.

(Throw New Exception("Error processing currency (PaymentSenseCurrencies.XML) " & strCurrencyCode & " : " & errorVariable.Message))

That is the only error / exception handling I seen in the Kartris Plugins API is why I ask.
By djjohnson - Wed 7 May 2014


You can retrieve object config values easily in code, see the ObjectConfigBLL.vb in the App_Code/BLL folder. The 'GetValue' function at the bottom let's you retrieve a value by passing in the name of the value (K:version.recurringbillingdetails) and the parent ID (the db ID of the version in this case).

You'd need to write the code to pull these values for each item in the order, but this should at least give you the tools to add the data to items in the back end, and retrieve it.


Ok I have the new records added to tblKartrisObjectConfigm and I understand how to get the values. Where should I populate these new values? In the Order Object (It is a compiled .dll) or the BasketView.vb. I'm not really sure where to go from here. Also, I would like to add a checkout button on the BasketView.ascx soon as a product is added to the cart, any suggestion on that?

I would also like to thank you for your patience...I will catch on quick soon as I understand a few more processes.....