Authorize.net transaction failed but order is creating at admin backend with cancel status

[edwinchandra]

Preconditions

1. Magento Version 2.1.7
2. PHP 7.0.16

Steps to reproduce

1. Add product in cart and go to checkout
2. Fill all the information and use authorize.net as payment method.

Expected result

1. If Authorize.net transaction get failed order should not be created in backend.

Actual result

1. If credit card payment get failed order are creating at backend with cancel status and in order details view it shows "Gateway error: This transaction has been declined." under Order Total section below submit comment button.

[joni-jones]

Hi, @edwinchandra, please enable debug mode for Authorize.net and provide request and response transaction details. Also, please, provide a response from transact.dll action (you need to catch response from browser's network log during place order flow on the payment step).

[edwinchandra]

Here is debug log. I have replaced sensitive information with XXXXXX or xyz.

[2017-07-27 01:16:03] main.DEBUG: array ( 'request' => array ( 'x_version' => '3.1', 'x_delim_data' => 'FALSE', 'x_relay_response' => 'TRUE', 'x_test_request' => 'FALSE', 'x_login' => '****', 'x_method' => 'CC', 'x_relay_url' => 'https://www.xyz.com/authorizenet/directpost_payment/response', 'x_type' => 'AUTH_CAPTURE', 'x_fp_sequence' => '40098', 'x_invoice_num' => '1000009544', 'x_amount' => 50.43999999999999772626324556767940521240234375, 'x_currency_code' => 'USD', 'x_tax' => '0.00', 'x_freight' => '17.94', 'x_first_name' => 'John', 'x_last_name' => 'Doe', 'x_company' => '', 'x_address' => '1025 S 4th Street', 'x_city' => 'Greenville', 'x_state' => 'Illinois', 'x_zip' => '62246', 'x_country' => '', 'x_phone' => '1234567890', 'x_fax' => '', 'x_cust_id' => '', 'x_customer_ip' => '127.0.0.1', 'x_customer_tax_id' => '', 'x_email' => 'xyz@gmail.com', 'x_email_customer' => '0', 'x_merchant_email' => '', 'x_ship_to_first_name' => 'John', 'x_ship_to_last_name' => 'Doe', 'x_ship_to_company' => '', 'x_ship_to_address' => '1025 S 4th Street', 'x_ship_to_city' => 'Greenville', 'x_ship_to_state' => 'Illinois', 'x_ship_to_zip' => '62246', 'x_ship_to_country' => '', 'x_po_num' => '', 'x_fp_timestamp' => 1501118163, 'x_fp_hash' => 'c8dbbca188cb55f0673f363a80c8ceff', ), ) {"is_exception":false} [] [2017-07-27 01:16:05] main.DEBUG: array ( 'response' => array ( 'x_response_code' => '2', 'x_response_reason_code' => '2', 'x_response_reason_text' => 'This transaction has been declined.', 'x_avs_code' => 'U', 'x_auth_code' => '000000', 'x_trans_id' => '60601234560', 'x_method' => 'CC', 'x_card_type' => 'Visa', 'x_account_number' => 'XXXXXXXX', 'x_first_name' => 'John', 'x_last_name' => 'Doe', 'x_company' => '', 'x_address' => '1025 S 4th Street', 'x_city' => 'Greenville', 'x_state' => 'Illinois', 'x_zip' => '62246', 'x_country' => '', 'x_phone' => '1234567890', 'x_fax' => '', 'x_email' => 'xyz@gmail.com', 'x_invoice_num' => '1000009544', 'x_description' => '', 'x_type' => 'auth_capture', 'x_cust_id' => '', 'x_ship_to_first_name' => 'John', 'x_ship_to_last_name' => 'Doe', 'x_ship_to_company' => '', 'x_ship_to_address' => '1025 S 4th Street', 'x_ship_to_city' => 'Greenville', 'x_ship_to_state' => 'Illinois', 'x_ship_to_zip' => '62246', 'x_ship_to_country' => '', 'x_amount' => '50.44', 'x_tax' => '0.00', 'x_duty' => '0.00', 'x_freight' => '17.94', 'x_tax_exempt' => 'FALSE', 'x_po_num' => '', 'x_MD5_Hash' => 'XXXXXXXXXX', 'x_SHA2_Hash' => '', 'x_cvv2_resp_code' => 'N', 'x_cavv_response' => '', 'x_test_request' => 'false', 'controller_action_name' => 'directpost_payment', 'is_secure' => '1', ), ) {"is_exception":false} [] [2017-07-27 01:16:05] main.DEBUG: cache_invalidate: {"method":"POST","url":"https://www.xyz.com/authorizenet/directpost_payment/response","invalidateInfo":{"servers":["[object] (Zend\Uri\Uri: http://127.0.0.1:80/)"],"tagsPattern":"((^|,)catalog_product_312(,|$))"},"is_exception":false} [] [2017-07-27 01:16:05] main.DEBUG: cache_invalidate: {"method":"POST","url":"https://www.xyz.com/authorizenet/directpost_payment/response","invalidateInfo":{"servers":["[object] (Zend\Uri\Uri: http://127.0.0.1:80/)"],"tagsPattern":"((^|,)catalog_product_312(,|$))"},"is_exception":false} [] [2017-07-27 01:16:49] main.DEBUG: cache_invalidate: {"method":"POST","url":"https://www.xyz.com/authorizenet/directpost_payment/place/","invalidateInfo":{"tags":["dropship_order"],"mode":"matchingAnyTag"},"is_exception":false} [] [2017-07-27 01:16:49] main.DEBUG: cache_invalidate: {"method":"POST","url":"https://www.xyz.com/authorizenet/directpost_payment/place/","invalidateInfo":{"servers":["[object] (Zend\Uri\Uri: http://127.0.0.1:80/)"],"tagsPattern":"((^|,)catalog_product_312(,|$))"},"is_exception":false} []

[joni-jones]

This is expected behavior, the order is canceled because Authorize.net gateway declines transaction on their side.

'x_response_code' => '2',
'x_response_reason_code' => '2',
'x_response_reason_text' => 'This transaction has been declined.',

In other case, customer and stores administrator don't know what is happened.

[edwinchandra]

Yes but I have concern here if payment get failed why order created at backend. It should not be created at backend.

[joni-jones]

It's one of the requirements that the order should be created, that's why it is not a bug. We laid this behavior during Authorize.net payment implementation and do not have plans to change it.

But you always can customize built-in solutions for your own purposes.

[lombmartgh]

Hello joni-jones, I created an order in Magento 2.1.7, I'm using Authorize.Net CIM. When I view the order on back office, I see the trasaction ID, so I assume that the transaction is well done.

I'm testing to cancel an order, but when I try to cancel the order I get the fallowing error:

Invalid payment data provided. Please check the form and try again.

Do you have any idea or clue about this error? Thanks.

[MoizSadiq]

Hi joni-jone,

Regarding the same issue opened by 'edwinchandra', we tried to make custom built-in solution to handle this issue but we are coming across some issues, and stop the order from being created. Is it possible if you could guide us on making customization and successfully stop the order from being created if the Authorize.net transaction fails?

[ianfp]

@joni-jones After 5 failed attempts at paying with a credit card, the "Recent Orders" section of customer's account dashboard now shows only failed attempts at the current order, and none of their actual recent orders.

Also, how do I distinguish between an order that was canceled because of CC failure, and an order that was canceled later for other reasons? I can look at the order comments in the admin panel, but if I'm writing a REST API client that needs to make the distinction, that's pretty inconvenient.

The point I'm trying to make here is that creating and canceling an order for every CC failure seems like pretty undesirable behaviour to me. While I realize that there are code-level reasons for this, from my perspective (and the customer's), a failed order attempt is not a canceled order -- it's an order that never happened.

Perhaps we need a different status for order attempts whose CC auth failed, to distinguish them from actual cancelations and filter them from the "Recent Orders" list.

[AirmanAJK]

This is a feature, not a bug. In fact, it is useful to know who is making credit card attempts but getting declined.

The way the authorize.net direct post method works is that once the order is submitted, the order is saved in Magento. After this, the form submission to authorize.net is made. Authorize.net then makes an independent web request back to the web server with response details. If the response is a declined transaction, Magento cancels the order, reactivates the quote that was used to submit it, and clears out the order_increment_id field so it can make fresh attempt if the user tries to submit again.

You could argue that the order should be deleted rather then canceled, but as I said above, it is useful to know if customers are having problems. We reach out to anyone who has multiple failed attempts and gives up. It's typically due to a bad billing address.

[ianfp]

@AirmanAJK After a few months of getting used to Magento 2, I do see the validity of your point -- that it is useful to have a record of failed transactions. But it was a jarring transition from Magento 1 and AIM -- one of many unpleasant surprises when upgrading to Magento 2.

That being said, I think my complaints are still valid, that 1) the customer's order history gets filled with failed orders, and 2) it is difficult to distinguish between CC failures and orders that were manually canceled for other reasons.

[Ctucker9233]

@AirmanAJK I agree with @ianfp. Even if this is a feature and not a bug, would it not be useful for the customer and merchant to be able to distinguish the outcome of the transaction? Simple tags like "canceled by customer" or "Transaction Declined" would do the trick.

[ianfp]

Hey, all! I just ordered a computer from System76, and I think the way they handle this is really great -- perhaps something Magento could emulate.

When my card was first declined, my order wasn't canceled -- instead, the status was "Awaiting payment". Attached to the order was a record of my failed payment. Then, when I fixed my card info and successfully paid, the order status was updated to "Processing" (or something like that) and a second payment record (a successful one) was attached to the order.

The point is: Make payment attempts (successful or not) child records of the order in a many-to-one relationship. Don't force the customer to re-create the order just because a payment failed.

What to you think?

[andrewizotov]

Hello Guys , yes this is expected I mean when order has canceled status , but what about the email with "pending" order status ? I think customers must not receive an email when order was canceled . but I got an email with information "Hello your order beeing processed " . how can I fix it ? Thanks

[miteshdhaduk]

Hello All, I also faced this type of issue. In Magento2.2.2, the order is placed using the authorize.net payment method. But the order is not paid and also one order is created in the backend.

Does anyone fix this?

[miteshdhaduk]

@edwinchandra Please reopen this issue.

[hareshpatel]

hello all i have same issue in stripe payment card_declined but in admin order place so can you please help me how can stop order place in backend . ones payment is sucess than please order .

[aagasi]

Hi @joni-jones I'm also facing this issue on a 2.4.3 project. I wonder, did this change in the latest Magento version? Thanks