Versions Compared

Old Version 49

changes.mady.by.user Seth Petry-Johnson

Saved on

compared with

New Version 50

changes.mady.by.user Seth Petry-Johnson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

LearningBuilder can collect payments from end-users in many different ways. Adding integrations for gateways not listed here is generally possible with minor innovation.

See also: Payment and E-Commerce Features

Table of Contents

Overview

LearningBuilder itself does not handle credit card transactions. Instead, it integrates with a variety of payment processing systems to handle those transactions.

...

For more information on establishing a merchant gateway, see below.

Supported Gateways

Payflow Pro

PayPal offers multiple payment products, but the only one that is both PCI compliant and fully supported by LearningBuilder is Payflow Pro.

For more information on the other PayPal offerings, see PayPal Payment Gateways

This service uses PayPal as the Payment Gateway but uses a third party payment processor. This interface is the result of PayPal's purchase of Verisign, which first developed the Payflow Pro product. PayPal now uses it for advanced interfaces that use other payment processors. Payments and refunds are both functional, and are supported in both the Secure Post and Hosted Pages iFrame Checkout configurations.

Info

Required Configuration: LearningBuilder requires that the client’s PayPal account be configured for Hosted Pages with the “Silent Post” feature enabled.

See /wiki/spaces/DOCS/pages/2598207574 for details.

Warning

As of February 2021, using this gateway in “Secure Post” mode is disallowed by policy because it is not PCI-compliant. The “Secure Post” mode will be removed in an upcoming release.

Note

Versions of LearningBuilder prior to 11.0.1 are at risk of allowing duplicate payments or improper error handling. Please be sure you are using an up-to-date version of the software.

Authorize.Net

Authorize.Net is an alternative gateway to PayPal. LearningBuilder supports the PCI-compliant Three-Step Handshake checkout mode.

Note

Refund processing is not supported in LearningBuilder.

Warning

As of February 2021, using this gateway in “Secure Post” mode is disallowed by policy because it is not PCI-compliant. The “Secure Post” mode will be removed in an upcoming release.

Note

Versions of LearningBuilder prior to 11.0.3 are at risk of allowing duplicate payments or improper error handling. Please be sure you are using an up-to-date version of the software.

Moolah

Moolah is an alternative gateway which is focused on Non-Profit organizations. The support of this gateway was introduced in LearningBuilder 8.10 and is only functional in the Three-Step Handshake Checkout Mode.

Note

Versions of LearningBuilder prior to 11.0.4 are at risk of allowing duplicate payments or improper error handling. Please be sure you are using an up-to-date version of the software.

USAePay

USAePay provides a number of payment solutions. Currently, LearningBuilder supports the "Two-Step Client-Side" mode only for this gateway.

Note

Versions of LearningBuilder prior to 11.0.4 are at risk of allowing duplicate payments or improper error handling. Please be sure you are using an up-to-date version of the software.

Alabama Interactive

Alabama Interactive is a payment gateway used by licensing agencies in Alabama. It offers both a “Hosted Pages” and “Hosted Pages iFrame” option, but LearningBuilder only supports the “Hosted Pages” mode at this time.

Info

Required Configuration: The client’s gateway account must be configured to use the “Postback Service” feature to prevent unrecorded payments in LearningBuilder. For more information, see the configuration page.

Note

Unlike Payflow Pro, Alabama Interactive does not have a way to guarantee against unrecorded payments. If an error occurs while notifying LearningBuilder of a successful transaction, they will retry a set number of times and then send an email.

We recommend using one of the other gateways instead that offer more robust protections against unrecorded payments in LearningBuilder.

Note

Please use LearningBuilder version 11.0.1 and greater in the 11.0.x LTS Release Branch series. Previous versions of LearningBuilder are at risk of allowing duplicate payments or improper error handling.


Gateway / feature support matrix

Info

Legend:

(error) - Gateway does not support the feature

(minus) - Gateway supports the feature, but the LearningBuilder integration does not

Vendor / Gateway

App Config value for PaymentGateway

Checkout Modes
(see below for details)

Supported Features
(follow links for details)

Full
Refunds

Partial
Refunds

GL
Codes

Discount
Vouchers

Tenant-Specific
Settings

Responsible Party ‘Pending’ Payments (aka Bulk Employer Payments)

Organization ‘Bulk’ Payments

(Legacy) Learning Plan Task Payments
(warning) No new LB instances should use this feature, regardless of gateway support

Payflow Payments Pro
(deprecated)

PayPal

(warning) Secure Post

(minus)

(minus)

(error)

(minus)

(minus)

(tick)

(tick)

(tick)

Payflow Pro

PayflowPro

(warning) Secure Post

(tick) Hosted Pages IFrame

(tick)

(tick)

(tick)

(tick)

(Added with 10.0 Release)

(tick)

((warning) Secure Post Only)

(tick)

(tick)

(tick)

Moolah

Moolah

(tick) 3 Step Handshake

(tick)

(minus)

(error)

(minus)

(minus)

(tick)

(tick)

(tick)

Authorize.Net

AuthNet

(warning) Secure Post

(tick) 3 Step Handshake

(minus)

(minus)

(error)

(tick)

((warning) 3-Step Handshake)

(minus)

(tick)

(tick)

(tick)

USAePay

USAePay

(tick) 2 Step Client-Side

(tick)

(tick)

(error)

(minus)

(minus)

(tick)

(tick)

(tick)

Alabama Interactive

AlabamaInteractive

(tick) Hosted Pages

(error)

(error)

(error)

(minus)

(minus)

(tick)

(tick)

(minus)

Checkout Modes

Many payment gateways support multiple “checkout modes”, each offering a different user experience or feature set.

...

Method

App Config value for

CheckoutMode

Description / PCI Compliance

Secure Post

SecurePost

Payment forms are hosted by LearningBuilder. Payment card data is transmitted to LearningBuilder, which then submits the payment transaction to the gateway. 

Warning

This mode is not PCI compliant and is disallowed by policy in 10.6.0 and later. It will be removed from the software in a future version.

Hosted Pages

HostedPages

When the user begins checkout, their browser is redirected to the payment gateway’s website. The credit card form is hosted by the gateway and the entire transaction occurs externally to LearningBuilder. The user is redirected back to LearningBuilder after the transaction is complete.

Tip

This approach is secure because LearningBuilder is entirely removed from the checkout process and has no opportunity to collect or transmit payment card data.

The main drawback to this approach is that the payment gateway’s checkout form often does not look exactly like LearningBuilder, resulting in a disjointed user experience.

On the other hand, innovations made by the gateway to their checkout experience (such as adding support for new payment types) can be immediately available to end users without requiring changes to LearningBuilder.

Hosted Pages
+ iFrame

HostedPagesIFrame

This is similar to Hosted Pages, except that instead of redirecting the user to a 3rd-party checkout process, the 3rd-party checkout form is displayed in an iframe within LearningBuilder.

This often results in a more seamless user experience because the user never leaves the context of the LearningBuilder site.

Tip

This approach is secure because the credit card form is hosted by and submitted to the payment gateway. LearningBuilder is not involved in the collection or processing of credit card data in any way.

2 Step Client-Side

TwoStep

In this mode, the checkout process is implemented within LearningBuilder except for the credit card processing. When the user submits the form containing credit card data, the form submits directly to the payment gateway which handles the transaction and then redirects the user back into LearningBuilder.

Info

This mode provides a mostly seamless checkout experience, except that LearningBuilder cannot display a “checkout confirmation” page after the credit card data is entered but before processing the transaction. The card data is submitted directly to the gateway, so the confirmation page, if any, must be handled by the gateway as well.

Tip

This approach is secure because the credit card form, though hosted by LearningBuilder, is submitted directly to the gateway for processing. Credit card data is not submitted to or transferred by LearningBuilder in any way.

See the USAePay documentation for more information

3-Step Handshake

ThreeStep

After the user enters their credit card information, LearningBuilder submits that data directly to the payment gateway as a background post. The user’s browser does not navigate away from LearningBuilder.

The gateway securely stores the credit card data, without processing a transaction, and returns a token that can be used to reference those saved credentials at a later time.

The user then finishes the checkout process in LearningBuilder, which includes a “checkout confirmation” page. Once the user confirms their intent, LearningBuilder makes a second background post to the gateway. This post includes the transaction details (amount, etc) plus the token that was received earlier. The payment gateway then uses the stored card data to complete a transaction.

Info

This approach provides a seamless user experience without sacrificing security. It is the recommended approach for many customers.

Tip

This approach is secure because no credit card data is submitted to or processed by LearningBuilder in any way. The credit card data is submitted directly to the gateway, which then gives LearningBuilder a secure, one-time-use token for referring to those credentials at a later time. This token cannot be used to “reverse engineer” or compromise the card details.

For more information on this methodology, see this link

PCI Compliance

As of 10.6, LearningBuilder does not support any payment gateways or checkout modes in which payment card data is transmitted to or processed by LearningBuilder. In order to maintain PCI compliance, LearningBuilder cannot have anything to do with credit card details.

...

  • FirstName = "MissingId": This will result in an Approval but no Transaction ID

  • FirstName = "Decline": This will result in a Declined status.

  • FirstName = Anything else: This will result in an approval.

Testing a payment gateway integration

Info

Testing payment gateway settings

If you append "Fake" to the end of the PaymentGateway app config value, the system will simulate connecting to the gateway without actually doing so. This is useful when testing in a non-production environment.

Known Issues / Observations

Info

This document outlines known issues, outstanding items, or extra notes as they relate to most or ALL payment gateways. For gateway-specific documentation, refer to Payment Gateway-specific documentation.

Payment Features in LearningBuilder

Child pages (Children Display)