andar pci compliance set-up, with cybersource · telecheck, or rbs worldpay atlanta, or cybersource...
TRANSCRIPT
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 1 - Revised: August 29, 2017
Table of Contents Introduction ................................................................................................................................................................2
Requirements .............................................................................................................................................................2
Notes ..........................................................................................................................................................................3
Set-Up Instructions .....................................................................................................................................................4
Step 1 - Order CCAP ................................................................................................................................................4
Step 2 - Upgrade Andar ..........................................................................................................................................4
Step 3 - If Using ACH / e-Checks .............................................................................................................................5
Step 4 - Communicate with CyberSource ...............................................................................................................5
Step 5 - Create your CyberSource Merchant ID (login Information) ......................................................................7
Step 6 - Create a Secure Acceptance Profile for each Merchant ID .......................................................................8
Step 7 - SA Profile Payment Settings ................................................................................................................... 11
Step 8 - SA Profile Security .................................................................................................................................. 15
Step 9 - SA Profile Notifications ........................................................................................................................... 16
Step 10 - SA Profile Customer Response Pages ................................................................................................... 18
Step 11. SA Profile Activation. ............................................................................................................................ 19
Step 12 - CyberSource API Keys File – Generate and Download ......................................................................... 21
Step 13 - Andar’s CyberSource Settings .............................................................................................................. 22
Step 14 - CyberSource Menu Review .................................................................................................................. 27
Step 15 - Andar PCI Compliance System Preferences ......................................................................................... 27
Step 16 - Andar CyberSource System Preferences .............................................................................................. 28
Testing ..................................................................................................................................................................... 30
Step 17 - Enter Test Transaction(s) via Andar ..................................................................................................... 30
Step 18 - If possible, Enter a Test Transaction via e-Pledge (or i-Attend) ........................................................... 30
Step 19 - Clean-up after Testing .......................................................................................................................... 31
Going Live ................................................................................................................................................................ 31
Step 20 - Tell CyberSource You are Ready to Go Live. ........................................................................................ 31
Step 21 - Set up the CyberSource Live Business Center ...................................................................................... 32
Step 22 - Set Up the Andar Production Database ............................................................................................... 33
Step 23 - Restart the Andar Services ................................................................................................................... 33
Step 24 - Enter Real Payment Transactions in Production .................................................................................. 34
PCI Compliance Verification - Remove Existing Credit Card and ACH Data ............................................................ 34
Step 25 - Complete Andar’s PCI Compliance Set-up ........................................................................................... 34
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 2 - Revised: August 29, 2017
Miscellaneous .......................................................................................................................................................... 35
Step 26 – CyberSource Verification Report ......................................................................................................... 35
Step 27 - Update Billing Schedules ...................................................................................................................... 36
Step 28 – e-Pledge Web Options ......................................................................................................................... 36
Post Set-Up .......................................................................................................................................................... 36
Introduction
This document is for Andar customers who want their Andar database to be PCI Compliant, and want to process
credit cards and electronic checks (ACH) using CyberSource. In Andar, PCI Compliance means personal credit
card and bank account information are no longer stored in the Andar database (in the Transactions and Billing
Schedules). This document provides instructions for setting up both CyberSource and Andar. In addition to
Andar, customers are required to obtain the following CyberSource products: Simple Order API and Secure
Acceptance SOP.
Once Andar is PCI Compliant, Andar uses CyberSource as a Gateway for electronic payments. Credit Card
(and/or ACH) information is sent through the Gateway (CyberSource) to your Payment Processor, allowing
payments to be deposited into your Bank Account. The personal Credit Card (and/or ACH) information does not
get physically stored within Andar. Instead, that information is captured by CyberSource.
Note: If you want to be able to process electronic checks in a PCI-Compliant Andar database, CyberSource
requires that you use one of the following electronic payment processors: Chase Paymentech Solutions, or
TeleCheck, or RBS Worldpay Atlanta, or CyberSource ACH Service. (There might ultimately be multiple parties in
the mix, including CyberSource, your Payment Processor, your Bank, and possibly another intermediary party –
to ensure that the payment data flows all the way from your donor to your bank.)
If a donor wants to set up recurring payments (i.e., monthly credit card charges), Andar tells CyberSource to
assign the donor a Subscription ID. The donor’s payment information is encrypted and stored in CyberSource’s
database, and the Subscription ID is passed to Andar and stored in the donor’s account profile (in the Bill
Schedules sub-tab). On a regular basis, you then run a job in Andar (a pre-authorized payment generation job)
that tells CyberSource to charge the card that is identified by the Subscription ID. Andar tells CyberSource how
much to charge, and when to charge it. The payment is processed “on demand”.
Requirements
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 3 - Revised: August 29, 2017
1. A bare minimum of Andar release 2014.02.01 is required, but it is Strongly Recommended that Andar be at
the most current release (2017.02.01, at the time of this document revision). It is often necessary to make
program revisions in Andar when working with third-party vendors (such as CyberSource). Therefore, using
the most current version of Andar is important.
2. Your organization must establish an account with CyberSource, utilizing their Simple Order API product, and
their Secure Acceptance SOP product.
3. You must provide information to CyberSource about your Payment Processor (this is typically who you pay
for processing donors’ credit cards and/or electronic checks). CyberSource and your Payment Processor
have to be able to connect electronically in order to get the donor’s money into your bank account. Contact
CyberSource to get this connection established. This must be done before you can go Live with
CyberSource.
4. Set-up is required – both from the CyberSource website and from within Andar. Please follow the
instructions in this document to complete the set-up. Note: The set-up might takes days to complete, or it
might take weeks.
5. Once your CyberSource account has been properly established, schedule at least a 4-hour time-frame when
you can (temporarily) stop processing payments in Andar, and when you can stop your AndarWeb Tomcat
service. This is to prevent payments from being entered via e-Pledge and/or i-Attend while you are setting
up and testing CyberSource. (4 hours is only an estimate – a minimum estimate.)
6. If you use Andar’s Security feature, make sure that the appropriate Groups of Users have authority
to submit payment verifications to CyberSource. Go to Andar Main Menu > System Administration
> Security > Authority Maintenance > Special Authorities and set up the authority called Allow CC
and ACH authorization submission.
Notes
1. It is highly recommended that you use an Andar Test database to start setting up PCI Compliance and
CyberSource, if at all possible. Use the CyberSource Test Business Center (server) for testing (as opposed
to their Live Business Center). This will allow you to test everything before you Go Live with CyberSource -
without any consequence to your production data. Once you have successfully tested the use of
CyberSource in your Andar Test database (using the CyberSource Test Business Center), then you will
basically repeat the steps to set up CyberSource and PCI Compliance on your Andar Production database
(using the CyberSource Live Business Center) – to Go Live.
2. The CyberSource Secure Acceptance product connects the user directly to a CyberSource web page, so the
user can enter the credit card or electronic check information. CyberSource requires that an e-mail address
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 4 - Revised: August 29, 2017
be submitted for the donor. That might mean that you will refuse to process a donor’s credit card payment
until you know his e-mail address. Or, it might mean that you will choose to enter a place-holder e-mail
address (like [email protected]) in order to process the donor’s payment (if you absolutely must
process the card in Andar, and no real e-mail address is known for the donor). (Helix does not recommend
the practice of putting fictitious data in any database.)
3. CyberSource’s Secure Acceptance feature includes some options that Andar does not require. This
documentation focuses on the items / answers that Andar does require. Extra CyberSource options such as
Payer Authentication and Verbose Mode are not required by Andar. Decisions about whether or not to use
them are up to you. Similarly, you may or may not require address verification or card verification numbers.
(See CyberSource’s documentation / support center for additional information about these and other
options.)
Set-Up Instructions
Step 1 - Order CCAP
Order Andar’s CCAP module from Helix. When Helix sends you the new CMC Configuration code, apply
it in Andar – to indicate that you are licensed for CCAP.
Note: When Helix creates a license code for a Test environment, a license for CCAP is typically not
included. Therefore, if you are planning to use a Test environment of Andar for testing your
CyberSource set-up, you may need to ask Helix to create a new license code for that Test environment
– one that includes a CCAP license.
If you do have a Test environment, and it includes a license for CCAP, you must be certain that any / all
CyberSource Settings records have a checkmark in the box titled “Use CyberSource Test Server”. See
Step 13 – Andar’s CyberSource Settings.
Step 2 - Upgrade Andar
Ensure you are up to date on Service Packs. At a minimum, your Andar version must be at least
2014.02.01. Andar version 2017.02.01 or higher is definitely preferred. Depending on your Andar
version, there may be some Andar Hot Fixes that must be installed.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 5 - Revised: August 29, 2017
Step 3 - If Using ACH / e-Checks
To use the CyberSource Electronic Check Services (also known as automated bank withdrawals,
eCheck, e-check, ACH / Automated Clearing House), CyberSource documentation says you must
register with one of the following processors:
• Chase Paymentech Solutions **
• CyberSource ACH Service
• RBS WorldPay Atlanta
• TeleCheck
** Note: Chase Paymentech Solutions is the only one of these that supports Canadian Dollars for
Canadian bank accounts. If Canadian, and if you want to process e-checks within Andar, contact
[email protected] and arrange for Chase Paymentech to be your e-check
processor in conjunction with CyberSource. (TeleCheck is the product that Chase PaymenTech uses for
handling ACH with Canadian banks.)
Andar includes some System Preferences that will allow you to process credit cards electronically, even
while using a non-Andar method for processing e-checks / ACH. (See System Preferences > Finance >
CyberSource > ACH Processing.)
Step 4 - Communicate with CyberSource
Log onto Helix’s online Support Center (www.andar360.com), and go to the “Support Center” page,
and click on the link for the CyberSource Sign-Up Form. Complete and Submit it. When submitted, the
Sign-Up Form is automatically sent to CyberSource, and one of their associates will contact you. If you
don’t hear from CyberSource within a couple of business days, feel free to contact them directly.
CyberSource Account Executives include the following people, and are assigned based on customer
location:
• Robert Gok. For US customers in WI, IN, OH, PA, NJ, MI, NY, VT, NH, ME, MA, CT, RI, and for
Canadian customers in ON, QC, NB, PE, NS, and NL. Phone: 650-432-4856 or 650-445-8211. e-
Mail: [email protected].
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 6 - Revised: August 29, 2017
• Kavon Mohsen. For US customers in MT, WY, CO, NM, TX, OK, MO, IL, IA, MN, ND, SD, NE, and
KS. Phone: 650-437-4969 or 650-432-4662. e-Mail: [email protected].
• Doug Molseed. For US customers in AZ, UT, ID, HI, WA, OR, NV, and CA, and for Canadian
customers in MB, NT, NU, AB, BC, MB, SK, and YT. Phone: 650-432-4632 or 650-863-9776. e-
Mail: [email protected].
• Joe Murray. For US customers in DE, MD, WV, KY, AR, LA, TN, VA, NC, SC, GA, AL, MS, and FL.
Phone: 650-554-9948 or 650-432-4304. e-Mail: [email protected].
In your conversation with CyberSource, you will need to provide them with additional information – so
they can set you up with the necessary CyberSource features.
Specifically address the following Conversation Points with CyberSource:
1. Tell them you need their Simple Order API product. (This product enables Andar to share
information with CyberSource without a user actually seeing the CyberSource web page. It is used
when you run Andar’s pre-authorized credit card payment generation, and when you update credit
card expiry dates on Andar Billing Schedules.)
2. Tell them that you also need their Secure Acceptance SOP product. (This product enables Andar to
open a CyberSource Checkout web page – to allow a user to enter credit card and/or ACH banking
information.)
3. If you use Canadian Dollars (instead of US Dollars), tell CyberSource. (Stress this fact to them,
because there is a setting that they have to change. There have been multiple instances where this
was overlooked by CyberSource, and it led to delays and frustration.)
4. Tell them if you want to be able to process Credit Card payments.
5. Tell them if you want to be able to process e-Checks (ACH / payments via personal bank account
withdrawals).
6. If you want to allow your donors to authorize future recurring payments, such as monthly
payments via credit card, tell CyberSource you want to use Recurring Billing / Subscriptions. (In
Andar, these are referred to as pre-authorized payments. A donor might give you authorization,
saying “charge my card monthly”. Each month (or week, or day), you run a job that tells Andar to
identify the people whose cards should be charged at that point in time. That job creates
envelopes and payment transactions, and sends those payment requests to CyberSource, “on
demand”. CyberSource will only process the future payments when specifically prompted by Andar
(as opposed to CyberSource initiating the payments without further input from you or Andar).
6.1 If asked, you do not need to pre-authorize a credit card in order to set up a Subscription.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 7 - Revised: August 29, 2017
7. Tell them you want to be able to run reports from CyberSource’s website.
8. If you use different bank accounts for different Campaign Accounts, then you need multiple
Merchant Logins for CyberSource – one for each bank / campaign account. If you have multiple
Merchant Logins for CyberSource, you also need CyberSource’s Subscription Sharing feature.
9. Before you can Go Live with CyberSource, you must have provided them with your Payment
Processor’s name and contact information – and possibly more. Depending on who you use for
Payment Processing purposes, CyberSource will require specific sets of information to ensure
CyberSource can connect electronically to your Payment Processor (i.e., Merchant ID (MID),
Terminal ID (TID), etc.). CyberSource may ask you to contact your Payment Processor and find out
what processing platform they are on, and to get a VAR Sheet that outlines all of the specs. See the
following CyberSource link for more information, or contact their support department at 800-709-
7779:
http://www.cybersource.com/support_center/implementation/merchant_bank_info/processorspe
cs.php
It may take as little as one day, or it may take several days (or possibly weeks) for CyberSource to
get the connection set up with your Merchant Bank / Payment Processor. Start this information
exchange sooner rather than later. Andar is not involved in this exchange.
Step 5 - Create your CyberSource Merchant ID (login Information)
1. CyberSource lets you create your own Merchant ID information (for your organization) by
completing CyberSource’s Registration page (http://www.cybersource.com/register).
1.1 Do this for each desired Merchant Login. (See Conversation Point 8, above.)
1.2 Make sure your Merchant ID resembles your organization’s name. (You may set up
different “User” ID’s that resemble your personal names, but the “Merchant” ID should
resemble your organization’s name.)
2. CyberSource should then set up your account in Test mode (not Live mode yet, and not Evaluation
mode). That means donors’ credit cards will not actually be processed. CyberSource will then wait
for you to tell them when you’re ready to “go live” (after you have completed your testing).
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 8 - Revised: August 29, 2017
Step 6 - Create a Secure Acceptance Profile for each Merchant ID
IMPORTANT: You will need to perform Steps 6 through 12 for each different Merchant ID that you
have set up in CyberSource (Step 5 above). If you have more than 1 Merchant ID, you will ultimately
have more than one Secure Acceptance Profile in CyberSource.
Log in to CyberSource Test Business Center - https://ebctest.cybersource.com (for setting up a profile
in their test server). (Later, you will use the CyberSource Live Business Center -
https://ebc.cybersource.com - to set up the profile in their live server.)
When creating a Secure Acceptance Profile in the Test Business Center, we recommend appending the
letter T (or the word Test) to the end of your desired Profile Name and Profile ID. Later, when creating
a Profile in the Live Business Center, omit the appended letter(s).
1. In CyberSource, go to Tools & Settings > Secure Acceptance > Profiles.
2. Click the Create New Profile button.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 9 - Revised: August 29, 2017
3. Complete the Create Profile page (also known as the General Settings page) to create a new
Secure Acceptance profile.
3.1 In the Profile Information section:
3.1.1 Name – Make up a Name for your Profile ID (perhaps your organization’s name
or abbreviated name – or the campaign name). As a best practice, add the letter
T (or the word Test) to the end if you are setting up a Profile in the Test Business
Center. (Do not use your personal name here.)
3.1.2 Description – Provide a meaningful description for this Profile – it’s for your own
use when you (or your co-workers) are looking at your Profiles in CyberSource.
3.1.3 Integration Method – select Silent Order Post. VERY IMPORTANT.
3.1.4 Company Name – Provide the name of your organization.
3.2 In the Contact Information section:
3.2.1 Name – Enter the first and last name of your staff person who is responsible for
overall payment processing. If needed, CyberSource will contact this person.
3.2.2 Email – Enter the e-mail address of your staff person.
3.2.3 Phone Number – Enter the phone number of your staff person.
3.3 In the Added Value Services section:
3.3.1 Payment Tokenization – Yes, select this. VERY IMPORTANT.
3.3.2 Decision Manager – Yes, select this. VERY IMPORTANT.
3.3.3 Enable Verbose Data – You may leave this checkbox empty.
3.3.4 Generate Device Fingerprint – You may leave this checkbox empty.
3.4 Click Create when finished.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 10 - Revised: August 29, 2017
4. It may take a few seconds, but you will then see a Profile Home page, from which you will access
other details of your newly-created Profile. Go through each of the items (Payment Settings,
Security, Notifications, and Customer Response Pages), as detailed in the steps below.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 11 - Revised: August 29, 2017
Step 7 - SA Profile Payment Settings
1. From your Profile’s Home Page, click on the Payment Settings item.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 12 - Revised: August 29, 2017
2. In the Card section, click the Add/Edit Card Types button. The Add/Edit Card Types window will
appear, displaying a list of possible credit card types.
3. Select the checkboxes next to each of the card types that you will accept, and then click the Update
button.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 13 - Revised: August 29, 2017
3.1 Next to each of your selected card types, click the pencil icon to specify the currency you
support for that card type (i.e., USD – United States: Dollar, or CAD – Canada: Dollar).
3.2 You may leave the Payer Authentication checkbox empty (above the Currencies section).
3.3 Move the desired currency to the right side of the screen (to the Enabled panel), and click
Update.
4. In the Automatic Authorization Reversal section, decide whether or not you want CyberSource
Secure Acceptance to perform automatic authorization reversals in the event of AVS or CVN
failures. An automatic reversal releases the reserved funds held against a customer’s card.
4.1 Fails AVS Check. If you select this, then CyberSource will perform an automatic authorization
reversal on each transaction that fails the Address Verification System check.
4.2 Fails CVN Check. If you select this, then CyberSource will perform an automatic authorization
reversal on each transaction that fails the Card Verification Number check. To be able to enter a
CVN on the Checkout page, see the “Card Verification Number (CVN)” field in Andar (System
Preferences > Finance > CyberSource > Checkout Page Field Entry section). The System Preference
titled Card Verification Number (CVN) allows you to choose “Entry is mandatory” or “Entry is
optional” or “Field not displayed”.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 14 - Revised: August 29, 2017
5. In the eCheck section, if you wish to allow CyberSource to process ACH / e-check payments, select
the eCheck payments enabled checkbox. (Reminder: Andar has system preferences related to
ACH payments – use them if you do not wish to process ACH through Andar/CyberSource.)
5.1 Click the pencil icon to see the Edit Electronic Check Settings page, and select the currency
for eCheck payments. Move the desired currency to the right side of the screen (to the
Enabled panel), and click Update.
6. Click Save at the bottom of the Payment Method window when done.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 15 - Revised: August 29, 2017
Step 8 - SA Profile Security
For your new Secure Acceptance Profile, complete the Security screen.
When creating your Security Key in the Test Business Center, we recommend appending the letter T to
the end of your Key Name. Later, when creating your Security Key in the Live Business Center, leave
the letter T off the end of the Key Name.
1. From your Profile’s Home Page, click on the Security item.
2. Click Create New Key.
2.1 Key Name.
2.1.1 Although your Key Name can be anything, you should not use the same Key Name in
a Test environment as in a Live environment. (Consider adding an extra letter – such
as T – to the end of Key Name that you create in the CyberSource Test Business
Center.)
2.2 Signature Version – use the default value - Version 1.
2.3 Signature Method – use the default value - HMAC-SHA256.
2.4 Click Generate Key.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 16 - Revised: August 29, 2017
3. Additional fields will be added to the window. Your generated Access Key and Secret Key will be
displayed. The window will automatically close in 30 seconds.
3.1 Later, you will return to this window, and copy and paste these keys into Andar’s
CyberSource Settings. For now, though, close the window (if it hasn’t already closed).
4. Click Return to Profile home.
Step 9 - SA Profile Notifications
1. From your Profile’s Home Page, click on the Notifications item. All of the options on this screen are
optional.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 17 - Revised: August 29, 2017
2. Merchant Post Email. If you wish to receive an e-mail whenever a connection is made between
Andar and CyberSource, select this checkbox, and enter the e-mail address of your intended
recipient. A technical-in-nature e-mail will be sent to that e-mail address for each transaction that
is processed, including payment information, return codes, and more. (The e-mail is not very user-
friendly, but perhaps it will be helpful initially.)
2.1 You may specify which digits of the donor’s card number you would like to see displayed in
the e-mail.
3. Email Receipt to Customer. If you would like your donor to automatically receive an e-mail when
his payment is processed by CyberSource, select this checkbox.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 18 - Revised: August 29, 2017
3.1 Caution: If you select this option, keep it in mind when you are creating Test Transactions.
If you enter a real individual’s account on the test transaction, they will receive this e-mail.
3.2 The e-mail will be sent to the e-mail address on the CyberSource payment info window (the
checkout page). CyberSource requires an e-mail address for the payer / donor, regardless
of whether or not you choose this option.
3.3 Sender's Email Address and the Sender's Name. The e-mail that is sent to the donor will
appear to have come from this Sender.
3.4 Send a copy to. If you would like CyberSource to send a copy of the Customer’s e-Mail
Receipt to an e-mail address within your organization, select this checkbox, and provide the
e-mail address of the selected recipient. This e-mail will include additional transaction
response information that did not appear on the payer / donor’s e-mail.
4. Display Notification Logo. If desired, your organization’s logo can be included in the e-mail
notifications. To enable this feature, select this checkbox, and upload your logo.
5. If desired, visit CyberSource’s Support Center for more information about Custom e-mail receipts.
6. Click Save when done.
Step 10 - SA Profile Customer Response Pages
For your new Secure Acceptance Profile, complete the Customer Response Pages screen.
After payment verification is complete at CyberSource, CyberSource typically redirects the user to the
URL that is indicated on this Transaction Response Page. This would be the Andar / e-Community URL
that receives the payment results from CyberSource, and updates the payment results on the Andar
database.
Andar / e-Community, though, will actually override this URL. Andar’s programming will automatically
provide a new URL in real-time to instruct CyberSource what page to show next.
1. From your Profile’s Home Page, click on the Customer Response Pages item.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 19 - Revised: August 29, 2017
2. Since the Hosted by you field is mandatory, enter http://127.0.0.1:30000
3. Click Save when done.
Step 11. SA Profile Activation.
Activate your new Secure Acceptance Profile. The profile cannot be used (payments cannot be
processed) until it has been activated.
1. From your Profile’s Home Page, click the Promote to Active button. Otherwise your Profile will
remain an Inactive Profile (unusable).
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 20 - Revised: August 29, 2017
Note: When you select Tools& Settings > Secure Acceptance > Profiles, you see a screen of all profiles
that have been created – including separate lists for Active Profiles vs. Inactive Profiles. Click on a
profile to work with it.
Only Inactive profiles can be edited, so you may (at some time) need to Deactivate a profile (in order to
make changes to it).
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 21 - Revised: August 29, 2017
IMPORTANT: Repeat Steps 6 through 11 for each of your CyberSource Merchant ID’s / Accounts (if
you have more than one).
Step 12 - CyberSource API Keys File – Generate and Download
Log in to the appropriate CyberSource Business Center website (Test or Live) using the appropriate
Merchant ID. (As previously stated, for each Merchant ID, you will do this step from the CyberSource
Test Business Center the first time, and later from the CyberSource Live Business Center.)
1. From the CyberSource Business Center, go to Account Management > Transaction Security Keys
2. Click on the link for Security Keys for the Simple Order API, and follow the on-screen instructions
to Generate a Certificate Request.
3. Download the generated file, whose name is something like: <merchantID>.p12 (where
<merchantID> is your CyberSource Merchant ID). (Note that this key file is only valid for 2 years.
At that point, you will need to download a new one and replace this one.)
4. Save the <merchantID>.p12 file in the Andar database server, in the base folder for the appropriate
environment – such as Production.
4.1 If your database is hosted elsewhere – such as with UPIC or UWITC – THEY may need to
save this file in the appropriate place(s) for you.
4.2 When this file is stored on the server, it does not also have to be stored on each client
machine (user desktop).
4.3 If you do not have an Andar Test database, and you are therefore using the Andar
Production database for testing purposes, then you will store the .p12 file once for testing.
Then, Andar will access this file during your testing. Once you have finished testing, and you
are setting up for Live use, you will REPLACE the .p12 file that you downloaded from
CyberSource’s Test Business Center with the .p12 file that you downloaded from
CyberSource’s Live Business Center.
4.4 Be absolutely sure that you had authority to write this file to your database – be sure the
time-stamp on the file proves you now have the most current version.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 22 - Revised: August 29, 2017
5. Additionally, if your organization uses Andar’s e-Pledge or i-Attend module, save the .p12 file
wherever Tomcat is installed. This might be on the on your web server or on your database server
– depending on how Tomcat was installed for your organization. The path would typically be
something like this: Tomcat859\servers\AndarWeb8\<MerchantID>.p12. This should be the in
same directory as your AndarParm.txt file (for the web). (Again, double-check the time stamp on
the file, to make sure you now have the most recent version.)
6. It may be necessary to Restart your Andar service and your Andar web service (sometimes the .p12
files get stored in cache, and you want to make sure the newest versions are being used).
Step 13 - Andar’s CyberSource Settings
Sign on to Andar Training Database (the first time), and update its CyberSource Settings - using
information (Keys) from the CyberSource Test Business Center.
You will ultimately do this two times for each of your Merchant IDs. The second time, you will sign on
to Andar Production Database, and update its CyberSource Settings – using information (Keys) from
the CyberSource Live Business Center.
Note: If you do not have an Andar Training database, then you will use your Andar Production
database twice (per Merchant ID). The first time, set up Andar Production to Use the CyberSource
Test Server. Then, after successfully testing, set up Andar Production to use the CyberSource Live
Server.
It is IMPORTANT that the API Keys File Path includes the Name (or IP Address) of the Andar Database
Server (as opposed to simply a drive letter such as C or D).
1. From Andar Main Menu (on your Andar database server), go to Finance > Accounts Receivable >
ACH/Credit Card Management > CyberSource Settings. (Add one record for each Merchant ID.)
1.1 Campaign Account – Your first record should use “All Campaigns” as the Campaign
Account. In this record, think about the Merchant ID that will be used most regularly, and
complete the other fields with this ID in mind.
1.1.1 If you have multiple Merchant ID’s, you will add addition records here. For those
records, identify the specific Campaign Account that corresponds to the
Merchant ID.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 23 - Revised: August 29, 2017
1.1.2 If you have 2 Merchant ID’s – perhaps one for your Local Annual Campaign, and
one for your SECC – set up the “All Campaigns” record to refer to your Local
Annual Campaign. Set the API Keys File Path and the Secure Acceptance
information that pertains to the Local Annual Campaign (using the “All
Campaign” record. Add another record for the “SECC” . On this second record,
set the API Keys File Path and the Secure Acceptance information that pertains
to the State Employees Campaign (SECC). (You would only need 2 records in this
situation. You would not need a third record that specifically names the Local
Annual Campaign.)
1.2 Merchant ID – Enter your CyberSource Merchant ID. (This is the ID you use when you log
into CyberSource Business Center.)
1.3 API Keys File Path – Browse to the location where you previously (permanently) stored the
API Keys file (the <MerchantID>.p12 file). (You should find it in the Andar database server,
in the base folder for the appropriate environment – such as Production.)
1.3.1 Once the record(s) has been added, the path to the *.p12 file should indicate the
actual server name. It should not use mapped drive letters. Instead of looking
like “M:\andar\Production\filename.p12”, it should look more like
\\servername\andar\Production\filename.p12 (WITH SUBSTITUTIONS for the
real server name and folder names and .p12 file name).
1.3.2 If you do not have an Andar Test database, and you are therefore using the
Andar Production database for testing prior to using it for live data, then you will
have stored the .p12 file once for testing. Then, Andar will have accessed that
file during your testing. Once you have finished testing, and you are setting up
for Live use, you will REPLACE the existing .p12 file that came from
CyberSource’s Test Business Center with the new .p12 file from CyberSource’s
Live Business Center. It might also be necessary to restart your Andar services.
1.3.3 Remember that this key file is only valid in CyberSource for 2 years. At that
point, you will need to download a new one and replace this one.
1.4 HOP Settings (HOP.jsp File Path) – Leave this section empty. Eventually, Helix will remove
this section from the screen.
1.5 Secure Acceptance Section – This information comes from the CyberSource website > Tools
& Settings > Secure Acceptance > Profiles, click on your Profile to see its Home Page.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 24 - Revised: August 29, 2017
1.5.1 Profile ID – Look in the General Settings screen for your Profile to recall your
Profile ID. (Be careful to read the Profile ID, NOT the Name.) Copy and paste
the Profile ID from the CyberSource screen into the Andar screen.
1.5.2 Access Key – Look in the Security screen for your Profile, and click on your
Security Key to see its details (the screen only displays for 30 seconds). Copy the
complete contents of the Access Key field from the CyberSource page, and paste
the whole thing into the Access Key field on the Andar CyberSource Settings
record.
1.5.3 Secret Key – Still looking at the Security Key details in CyberSource, copy the
complete contents of the Secret Key field from the CyberSource page, and paste
the whole thing into the Secret Key field on the Andar CyberSource Settings
record.
1.6 Depositor – If using Andar’s feature to automatically create Deposits for payments that are
processed by CyberSource (or PayPal), supply the account number of the Depositor
1.7 Deposit Bank – If using Andar’s feature to automatically create Deposits, supply the account
number of the Deposit Bank.
1.8 Bank Account Number – If using Andar’s feature to automatically create Deposits, supply
the bank account number.
1.9 Click Import.
2. Add a separate record for each additional Merchant ID. Remember that each different Merchant
ID has its own API Keys File and Secure Acceptance Profile. (On each subsequent record, be specific
when choosing a Campaign Account – as indicated previously.)
3. New fields will become available when you Update one of these records. This is important after
you’ve completed testing – when you’re setting it up for Live use.
3.1 Use CyberSource Test Server. When you are simply testing the CyberSource connections
process, this checkbox should be Selected (turned ON).
3.1.1 Once all of your testing is complete, and CyberSource says you’re “live”, and you
have set up both Andar and CyberSource to be live, this checkbox should be empty
(not selected).
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 25 - Revised: August 29, 2017
3.1.2 Note: When you initially ADD a record into this CyberSource Settings list, this
checkbox is turned ON by default. When you UPDATE a record, then you have the
ability to change this.
3.2 API Target Version – this will be selected for you, based on the API Key File that you are
using.
3.3 Log API Activities – By default, this is On (selected). Leave it On. This impacts the ability to
Remove Subscriptions from an account profile Billing Schedule sub-tab.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 26 - Revised: August 29, 2017
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 27 - Revised: August 29, 2017
Step 14 - CyberSource Menu Review
Review the CyberSource menu options (inside their Business Center). Make sure you see a menu item
called Recurring Billing (along with Home, Support Center, Tools & Settings, Transaction Search,
Reports, and more). If Recurring Billing is not an option, then you will not be able to successfully use
Andar’s Pre-authorized Credit Card and Pre-authorized ACH features. (In the past, CyberSource has
sometimes forgotten to enable that feature for some of our customers.)
Step 15 - Andar PCI Compliance System Preferences
In Andar, set up the System Preference to Enable PCI Compliance. Switch it from Disabled to Enabled
(pending verification).
1. In Andar, go to System Preferences > Finance > PCI Compliance > Enabled (pending verification) >
Apply.
2. If transaction-entry is in progress at the preference is selected (Compliance is enabled), it could
conceivably make that transaction’s entry act oddly – the user might possibly see 2 screens for
entering credit card info. It’s unclear. For that reason, you may choose to stop entering payment
transactions in Andar until you have finished setting up the system preference – and you may
choose to stop the AndarWeb service until you have completed the setup.
3. Once you have chosen Enabled (pending verification) on the System Preference screen, complete
the following options from that screen:
3.1 Currency – US Dollars or Canadian Dollars
3.2 Preferred Billing Contact – The CyberSource web page (where credit card / e-check
information is entered) also requires an Individual’s name. In the event the payment being
entered is for a Corporate Gift (with no individual account number on it), this pecking order
will be used to determine the individual whose name will be placed on the CyberSource
web page.
3.3 Preferred Billing Address – Pecking Order to use to display an address for the individual on
the CyberSource web page.
3.4 Ignore Address Verification Service (AVS) check results – When a credit card payment is
submitted to CyberSource, the card-issuing bank performs an address verification. If the
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 28 - Revised: August 29, 2017
address for the payment does not match the bank’s records, the payment request will be
declined. Check this box to ignore the address verification results and allow payments with
address mismatches. Leave this box empty if you will absolutely require a matching
address.
3.5 Preferred Billing Phone Number – Pecking Order to use to display a phone number for the
individual on the CyberSource web page.
3.6 Preferred Billing e-Mail – Pecking Order to use to display an e-mail address for the
individual on the CyberSource web page.
Step 16 - Andar CyberSource System Preferences
Set up additional System Preferences specifically related to CyberSource.
1. In Andar, click System > Preferences > System Preferences > Finance > CyberSource
2. Bypass CyberSource for ACH payments and billing schedules. Do not offer ACH and Pre-
authorized ACH pledge type via e-pledge. Select this option if you do not wish to process ACH (e-
checks) through CyberSource – but you do wish to process credit cards through CyberSource. (The
assumption is that you have a different method for processing ACH – if you offer it at all.)
3. Disallow ACH payment and subscription request submission when the authorization method is
not specified. Select this option if you process ACH through CyberSource, and if your Processor
uses PaymenTech - because PaymenTech requires / mandates that the Authorization Method be
provided for ACH processing (such as TEL for telephone authorization, or WEB for internet
authorization).
4. Allow generating Credit Card payment when no Subscription ID is specified in the billing
schedule. Not typically recommended. If you are at a stage where you process some pre-
authorized credit card payments OUTSIDE of Andar, select this option. It allows you to run the Pre-
authorized Credit Card Payment Generation job to automatically create the A/R envelope for
payment transactions – without sending those transactions to CyberSource. New Andar customers
might turn this option on for their first year of Andar’s use – but then turn it off once you’re
processing all credit card payments through Andar/CyberSource.
5. Allow generating ACH payment when no Subscription ID is specified in the billing schedule. Not
typically recommended. If you are at a stage where you process some pre-authorized ACH
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 29 - Revised: August 29, 2017
payments OUTSIDE of Andar, (but you want brand new pre-authorized ACH payments to be
processed through Andar,) select this option. It allows you to run the Pre-authorized ACH Payment
Generation job to automatically create the A/R envelope for payment transactions – without
sending those transactions to CyberSource. New Andar customers might turn this option on for
their first year of Andar’s use – but then turn it off once you’re processing all ACH payments
through Andar/CyberSource.
6. Alert recipient e-mail. If, due to some security issue, a payment is processed on CyberSource’s
Test environment when it was supposed to be processed on their Live environment (or vice-versa),
Andar will send an e-mail to the e-mail address specified here. Enter the e-mail address of
someone who should be alerted in the case of CyberSource security problems (someone who will
follow-up on the payment verification). See project 69529 in the Support Center for additional
details.
7. Alert sender e-mail. In the event an e-mail is sent to the above e-mail address (for this type of
situation), what would you like to see as the Sender’s e-mail address? Consider using something
like the following: “CyberSource Environment Mismatch Alert” [email protected].
8. Payment request issue. This is the e-mail template that will be used for the e-mail alert /
notification that is sent when a payment request transaction is sent to an incorrect server.
9. Subscription request issue. This is the e-mail template that will be used for the e-mail alert /
notification that is sent when a subscription request is sent to an incorrect server.
10. Card Verification Number (CVN). With CyberSource Secure Acceptance, you may optionally choose to
honor / require matching of the Card Verification Number. Use this field to dictate whether the Checkout
page should contain a field for that number, and to dictate whether a number is optional or mandatory.
11. Phone Number (for ACH only). With CyberSource eCheck payments, it is possible that your payment
processor requires phone numbers that match what is on file with the bank. Use this field to dictate
whether the Checkout page should contain a field for that number, and to dictate whether a number is
optional or mandatory.
12. Driver License Number and State (for ACH only). With CyberSource eCheck payments, it is possible that
your payment processor requires a driver license number and state that match what is on file with the bank.
Use this field to dictate whether the Checkout page should contain fields for that information, and to dictate
whether it is optional or mandatory.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 30 - Revised: August 29, 2017
Testing
Step 17 - Enter Test Transaction(s) via Andar
WHILE YOU ARE IN THE TESTING PHASE, go into Andar and create an envelope for the purpose of
testing payments through CyberSource. Add test transactions into that envelope.
It is recommended that you enter a test transaction for every credit card type that you plan to allow.
Following are some card numbers you may use for testing (use any Name, and any valid Expiration
Date):
Visa – 4111 1111 1111 1111
MasterCard – 5555 5555 5555 4444
American Express – 3782 8224 6310 005
Discover – 6011 1111 1111 1117
If you plan to use e-checks / ACH, you may use the following data for testing:
Account Number: 4100 (any number between 4000 and 6000)
Routing Number / Bank Transit Number: 121042882
Account Type: Checking
Authorize: select an option, such as TEL – telephone authorization
1. Create a fully paid credit card pledge.
2. Create a to-be-billed credit card pledge (pre-authorized payment / subscription). Later, try to
update the credit card expiry date from the Billing Schedule record in Andar (to test the API).
3. Before closing or cancelling the envelope, display the transactions in Andar to see the results that
were returned from CyberSource.
4. Log into CyberSource Business Center, and go to Transaction Search > General Search, and look for
your test transactions there.
Step 18 - If possible, Enter a Test Transaction via e-Pledge (or i-Attend)
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 31 - Revised: August 29, 2017
WHILE YOU ARE IN THE TESTING PHASE, if you have e-pledge (or i-Attend), and IF the AndarWeb
service can be started for TESTING without being available for actual donors, test that approach as
well. (Note, if you do not have a Testing website, and if you have some actual e-pledge or i-Attend
registrations in process, then you will not be able to test the use of credit cards from the web – it
would be unwise to test the web, because a “real” payment might be entered by someone else while
Andar was connected to CyberSource’s Test Business Center.)
To test the web:
1. Create a test web envelope for a test company (or possibly for your own organization, if you are
not in the process of running your internal campaign).
2. Log into the web as an employee from the test company.
3. Enter two test pledges – one Fully Paid Credit Card, and one Pre-authorized Credit Card.
4. As above, look at the transactions inside Andar screens.
5. As above, look at the transactions inside CyberSource.
Step 19 - Clean-up after Testing
1. If you entered any test transactions through your Andar Production database (perhaps because you
don’t have an Andar Test database), cancel the test envelope(s) in Andar.
2. If you tested any pre-authorized payments (in an Andar Production database), double-check the
Billing Schedules for the donors that you used for testing. Either delete the Billing Schedules, or
update the Billing Schedules and use the button to Remove Subscription. You do not want to leave
any fake / test Subscription ID’s in your Production database.
Going Live
Step 20 - Tell CyberSource You are Ready to Go Live.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 32 - Revised: August 29, 2017
Once you are satisfied that everything is working out okay in the TESTING phase, then contact
CyberSource and tell them you’re ready to go “live”.
1. Log in to CyberSource’s Live Business Center (https://ebc.cybersource.com).
2. Click on Support Center.
3. Create an e-Ticket.
4. Type “Go Live Request” on the Summary line.
5. Submit it.
6. Wait for CyberSource Support to respond.
CyberSource will not let you go Live until you have supplied them with all the necessary information
about your Payment Processor – and they have set up a connection with that Payment Processor. This
typically includes you sending them a VAR Sheet of information about your bank and your payment
processor.
Step 21 - Set up the CyberSource Live Business Center
Log in to CyberSource’s Live Business Center (https://ebc.cybersource.com), and repeat the steps to
set up CyberSource. That includes Step 6 through Step 12 (outlined below for convenience).
1. Create a Secure Acceptance Profile (General Settings).
2. SA Profile Payment Settings.
3. SA Profile Security.
4. SA Profile Notifications.
5. SA Profile Customer Response Pages.
6. SA Profile Activation.
7. API Keys File Download.
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 33 - Revised: August 29, 2017
Step 22 - Set Up the Andar Production Database
Log in to your Andar Production database, and add the CyberSource Settings record(s), as detailed in
Step 13 above (Andar’s CyberSource Settings – outlined below for convenience).
1. Go to Andar Main Menu > Finance > Accounts Receivable > ACH/Credit Card Management >
CyberSource Settings.
2. If you do not have an Andar Test database, and you previously did your testing by using the Andar
Production database, delete all of the CyberSource Settings records that were created for testing
purposes.
3. Add new CyberSource Settings records (one for each Merchant ID).
3.1 If your Andar version is not 2014.03 or higher, then refer to project # 82385 for a Hot Fix
that is related to the HOP.jsp file path requirement.
4. Update each new CyberSource Settings record to turn OFF the checkbox titled Use CyberSource
Test Server.
When everything is finished, all of the CyberSource Settings records in an Andar Test database should
have a checkmark in the box titled Use CyberSource Test Server – and all of the CyberSource Settings
records in an Andar Production database should NOT have a checkmark in that checkbox.
Step 23 - Restart the Andar Services
If you previously stopped the Tomcat AndarWeb service (so e-pledge and i-Attend were temporarily
disabled), then Start that service now.
It is also wise to restart the Andar Production service and the Andar Training service. This is to ensure
that when Andar connects to CyberSource behind-the-scenes, it is using the most recent version of the
Simple Order API Key (*.p12 file).
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 34 - Revised: August 29, 2017
Step 24 - Enter Real Payment Transactions in Production
Once live, we highly recommend you immediately enter a fully-paid credit card pledge – just to be
certain everything is set up properly between Andar, CyberSource, and the Merchant Bank / Payment
Processor. Check the results on all 3 systems.
PCI Compliance Verification - Remove Existing Credit Card and ACH
Data
Step 25 - Complete Andar’s PCI Compliance Set-up
In System Preferences, finalize the task of making Andar PCI Compliant. This may be done in both the
Andar Test database (if you have one) and in the Andar Production database.
1. Make sure you have a current, complete Andar backup. The next task is going to change your
donors’ Billing Schedules.
2. System Preferences > Finance > PCI Compliance. This screen currently says PCI Compliance is
“Enabled (pending verification)”. There are two Run buttons within this screen.
3. Transfer credit card and ACH information from Andar billing schedules into CyberSource
subscriptions > Run. This job searches for credit card information in Andar’s Billing Schedule
records, using additional criteria supplied by you. CyberSource creates Subscription ID’s for those
donors, and the Subscription ID’s replace the credit card info on the Billing Schedules.
3.1 Run this job only for the campaigns/years that you are still billing / collecting. You do not
need to have Subscription ID’s on Billing Schedules for campaigns that you are no longer
collecting.
3.2 Running this job will produce a report. Review that report to make sure there are no
problems – cases where the Billing Schedules were not converted into Subscriptions in
CyberSource.
3.3 Fix any problems, and re-run this job until there are no errors. “Fixing” problems might
entail any of the following:
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 35 - Revised: August 29, 2017
3.3.1 Deleting Billing Schedules from donor account profiles for particular campaign years
(if they are no longer necessary for billing the donor or for processing pre-authorized
payments),
3.3.2 Supplying e-mail addresses for donors (CyberSource requires e-mail addresses in
order to create Subscription IDs),
3.3.3 Obtaining current credit card info (if the existing card has expired before the donor
has completely paid his pledge), or
3.3.4 Updating Billing Schedules from donor account profiles – to remove the Pre-
authorized Payment Type - thus setting the donor up to receive billing statements (if
you are unable to obtain current credit card data, and the donor has a balance due).
4. Make sure you have a current, complete Andar backup. The next task is going to change your
donors’ Billing Schedules as well as Transactions.
5. Remove all credit card and ACH information from the Andar database > Run. This job
permanently removes any remaining credit card or bank account information still stored in Andar’s
Billing Schedules and/or Transactions. Only run this job once you are confident that Andar has
CyberSource Subscription IDs on all necessary Billing Schedules.
6. In System Preferences, confirm that your Andar database is now PCI Compliant. Instead of
“Enabled (pending verification)”, the 2nd radio button on this System Preference screen will simply
show “Enabled”.
Miscellaneous
Step 26 – CyberSource Verification Report
Occasionally, the payment verification task will not complete as expected. The security files for
CyberSource might have expired; or the internet connection between the user and CyberSource might
drop; or the communication between Andar and CyberSource might fail. Andar might still contain the
transaction record, but it might not be updated. The “CyberSource Authorization Decision” on the
transaction might say “Verifying”.
In order to be informed of this situation, schedule the CyberSource Verification Report to run on a
regular basis. When / if the report indicates that Andar includes transactions that still say “Verifying”,
Andar PCI Compliance Set-Up, with CyberSource
Andar Release: 2017.02.01 - 36 - Revised: August 29, 2017
refer to the Andar Support document titled “CyberSource – Tackle Verifying Transactions” for
instructions.
Step 27 - Update Billing Schedules
If you formerly had a manual procedure for identifying pre-authorized-payment donors, and you did
not previously store their credit card or bank account information inside Andar, then Create
Subscriptions for those donors (from their Finance tab > Billing Schedule sub-tabs).
If a donor’s Billing Schedule record includes a Pre-Authorized Payment Type, and a CyberSource
Subscription ID, then Andar will be able to automatically process payments for that donor whenever
you run the Pre-authorized Credit Card Payment Generation job from Andar’s Main Menu.
Step 28 – e-Pledge Web Options
If you are using e-pledge, consider adding the General web option titled “CyberSource checkout –
number of attempts allowed”. If the user attempts an online payment that gets denied, the normal
behavior is for the pledge to be immediately deleted. The donor has to restart the pledge process in
order to try again. With this web option, the donor can be sent back to the CyberSource checkout
page (without canceling the original pledge), where he can attempt to provide different payment
details.
Post Set-Up
If you are allowing donors to say “Charge my card in installments to pay my pledge”, then you are using
Andar’s “Pre-authorized Payment” feature. Refer to Andar’s Help documentation for running the
following jobs:
• Pre-authorized Credit Card Payment Report
• Pre-authorized Credit Card Payment Generation
Similarly, if you allow installment payments via e-check / ACH, you will need to run these jobs:
• Pre-authorized ACH Payment Report
• Pre-authorized ACH Payment Generation
See the Glossary item “Pre-authorized Payment” in Andar’s Help.