Payment Gateways problem: 3rd party vs Merchant vs Token

[interspace]

We have our own payment system (Tranzila) that complies to standards of our country, so we have to use it.

 

We've successfully developed interfaces to Tranzila both 3rd party and Merchant. But we're not sure that with your existing API it's possible to achieve what we need. I'll try to explain:

 

When our customer orders some product there should be a checkup if there already any card details.

 

If no CC details present then the customer should have the only choice of 3rd party Gateway that will lead him to our PCI-DSS secured payment page. After the payment our system returns a token that will be stored in WHMCS for future usage.

 

If CC details (token) present then the customer should have the choice between using the stored details or submitting a new CC number. Obviously if he wants to use some new CC then again the only option is 3rd party Gateway. But if he chooses to use the stored details then the Merchant method should be invoked but with only the token option since we can't allow him to enter CC number in area that not complies to PCI-DSS.

 

So far we have noticed the following facts (please correct me if I'm wrong):

 

f1) It's possible to save a token only with _storeremote function.

f2) The _storeremote function is available only with _capture (Merhcant) enabled gateway.

f3) The _storeremote function isn't available in _link (3rd party) enabled gateway.

f4) The _storeremote function isn't available from callback part of _link enabled gateway.

f5) Recurrent payments are available only with _capture function.

 

Please confirm if the above is correct.

 

Hence, the following questions:

 

q1) What may be done to invoke _storeremote function from the callback part of _link enabled gateway? (purpose: store token)

q2) If the q1 purpose is achieved - will the _capture enabled gateway be able to make recurrent payments with tokens stored by _link gateway?

q3) What may be done to invoke _storeremote function of _capture gateway from the callback of _link gateway? (purpose: transfer token from callback to _storeremote if q1 is impossible)

q4) What may be done to invoke _storeremote function of _capture gateway from direct http socket post request? (purpose: our payment system will return all needed parameters/values including token directly to _capture enabled gateway along with the regular response to the _link callback).

 

If q1-q4 aren't possible we may consider (unwillingly though) writing token along with other required parameters from callback directly to the database. We've found that the token is stored in the 'tblclients' table as 'gatewayid'.

 

q5) Where an expiry is stored?

q6) Which fields should be put into the database from the callback along with token and expiry?

 

Detailed answers to the above questions will be very helpful. Please kindly advise.

 

Thank everyone in advance!

[aamche]

I've been looking at this as well. It doesn't look like that WHMCS supports this as at 5.2.5.

 

It may be that this functionality could be achieved using the API (localAPI), and possibly a hidden capture mechanism. Either way, it's probably not easy/obvious.

[aamche]

Looks like if you leave both _link and _capture function in, then in the client area it will use link on invoices, in the admin area you can use capture.

 

Although this doesn't won't work correctly everywhere, e.g. checkout still shows capture.