Credit Card Integration – Infor M3

Akhil Bansal
Principal Consultant

From startups to small businesses right through to huge brands, e-commerce is a must to expand your business. Further, according to data compiled by TransUnion from the Q1FY17, the average number of credit cards per person is 2.69.

Combine eCommerce and credit cards together, and you know that to be able to do expand your business, and do business efficiently, you need to integrate credit card payment with your ERP.

Normally payment gateway companies provide a set of APIs that allow to integrate ERP systems or eCommerce platform to securely accept a wide range of credit, debit and alternative payment options.

Doppio Group has broad experience in integrating Infor M3 with different payment gateways. In this blog, I will discuss the key features of integrating payment gateway with Infor M3 for accepting credit card payments.

Credit Card Order Lifecycle:

    • The credit card order lifecycle starts with entering the credit card details at the time of placing an order. Once credit card details are entered, the card is verified with 0 USD, or 1 USD amount. It should be noted that no amount is deducted from the customer’s card at this step.  
    • If the card is not a valid card, then we normally put the order in OIS300 on stop.
    • Once the allocation is complete and order moves to status 33/33, then credit card Authorization is done with the actual amount of the order. Credit card authorization is an approval that the customer has sufficient funds on their card to pay for the transaction. If credit card authorization is successful, the specified amount is held and then deducted from the customer’s credit limit. No money is deducted from the customer’s card at this step.
    • As a good practice, one should confirm if authorization is still valid once the order has been released for picking (order status 44/44). And re-authorize in case authorization has expired.
    • Once an order has been invoiced (order status 77/77), Capture is done. Credit card capture is a request to the payment gateway to add the transaction to the batch for transferring the money from the customer’s card balance to the merchant’s account. It should be noted that at this step, the transfer of funds from the customer’s card has not begun.
    • Normally, the merchant closes the batch every day, and now the Settlement process is underway. Funds now get debited from a customer’s card balance and transferred to the merchant’s bank account. This settlement process typically takes 2 business days.
  • Void operation, and Refund operation might be performed for some orders.

It needs to be noted that depending upon business requirements:

    • Authorization might be done at order status even before allocation (order status 22/22), or after the order is released for picking (order status 44/44).
  • Capture might be done at the time of order entry, or after allocation is complete, or after the order is released for picking.

The integration will be carried out accordingly.

The process discussed above is for one order-one delivery. If an order might have multiple deliveries, it is better to do authorization for each delivery, and capture funds as each delivery gets invoiced.

PCI-DSS Compliance

If anything, then it is PCI-DSS compliant, that integration should be, otherwise the merchant organization is at huge risk. The integration should be to make sure that the customer’s credit card number is not saved anywhere in Infor M3. Once card details have been entered for the order, the card number should be converted into a secure token number, and that token number should be used for the rest of the order lifecycle. In fact, the card number should be securely transmitted to minimize the chances of theft of credit card information. Doppio Group understands the importance of PCI-DSS compliance and makes sure integration comply with it – as such, tokenization is done securely.

SRED Compliance

SRED is an acronym for Secure Reading and Exchange of Data, and it refers to the Point of Interaction (POI) security standard as outlined in the PIN Transaction Security (PTS) requirements of PCI compliance. Doppio Group has designed the integrations to ensure that SRED devices can be used for entering card details.  

Lower Interchange Rates

For commercial cards, providing additional L2/L3 order information can give merchant lower interchange rates, and integration should be done to enable L2/L3 information.  

Key Features of The Integration

  • Integration with Smart Office and H5 client:

Apart from eCommerce orders, a credit card might be used as the mode of payment for orders manually keyed in by customer service team as well. And integration should work for Smart Office/H5 as needed by the customer.

  • International Solution:

You never know when a merchant might start doing business in Canada, or Germany or Spain. And so, integration should be designed such that new countries can be enabled quickly with some configurations, and no change to integration.

  • End to end automated:

A well-designed integration should make sure that the solution is end-to-end automated. No manual interference should be required. Just enter the card details and forget. Integration should handle the rest, till the money is transferred into the merchant’s account.

  • Robust:

A lot happens in ERP in a day. And if integration is not robust, then money mightn’t be captured for a lot of orders without merchant knowing it at all.

A well-designed integration should make sure it is robust enough to handle different scenarios. There should be checks and balances put into place to make sure no order is missed. In case there is some problem with the card, and money can’t be captured for some orders, there should be alerts and notifications for the merchant to know and handle it manually.

Doppio Group Provides Technology Consulting and Implementation Services and Solutions to our Customers.  Please get in touch with Doppio Group for Infor M3 implementation, integrations, and upgrade requirements. info@doppiogroup.com