Prestashop Module: Moneris Payment Gateway Canada
A Canadian Merchant Gateway for PrestaShop
This is a Prestashop module that allows you to accept credit cards directly on your website using the Moneris Payment Gateway API Integration (formerly eSelectPlus). Supports Verified By Visa and MasterCard SecureCode.
Moneris is a credit card processor for Canadian businesses and Prestashop stores in Canada. Sign up here.
- All transactions are encrypted.
- Customer payment information is never stored.
USER FRIENDLY DESIGN
- Payment information is validated as the customer types — check-marks appear next to the payment fields to signal a valid credit card number, expiry date, and CVV.
- Credit card logo appears inside the credit card field as soon as the module detects the type of card being typed.
- Credit card logo becomes highlighted when the module detects the type of card used.
- Credit card number is automatically formatted with the correct spacing between digits depending on the card type.
- Informative errors. Users will be able to instantly discover what went wrong if a problem occurred, with error messages like “Your credit card is expired.” or “Your credit card has been flagged as lost or stolen.“, etc.
- Comes installed with French translations that users will see when they visit the French version of your website.
- Supports Verified By Visa, MasterCard SecureCode, Address Verification and CVV validation to help prevent charge-backs.
- When an order fails validation (Address Verification, Card Digit Validation), the order gets flagged with a “Suspicious” order status that only you can see. The reason for the suspicious flag is given as an order message and you decide if you wish to ship the order.
- Protect against malicious bot attacks and stolen credit card testers with support for Google reCAPTCHA and features to limit repeat failed payment attempts.
- reCAPTCHA v2 Checkbox: The customer must click a checkbox below the credit card field, and potentially complete a puzzle/challenge, to identify themselves as a human before being allowed to complete their purchase.
- reCAPTCHA v3: Invisible to the customer. reCAPTCHA tracks a customer’s behaviour on your website and gives them a score between 0.0 and 1.0 (1.0 is human, 0.0 is a bot). You can configure the module to reject orders from customers of a certain score, or accept their order and flag it with a “Suspicious” order status.
LIMIT FAILED PAYMENT ATTEMPTS
- Choose how many failed attempts a customer is allowed to make.
- Choose how long they are timed-out from trying again after they have attempted too many times.
- If the customer has 5 attempts remaining, the customer is shown a message indicating how many more attempts they have before they are timed-out.
- Once a customer is timed-out, they are shown a message indicating how many minutes remaining in their time-out.
- A Canadian Moneris Payment Gateway account (https://www.moneris.com/en/Products-Services/Online/Ecommerce).
- An SSL certificate as per Moneris’ mandatory requirements.
- Your webserver must support at least PHP 5.4
- Login to your Moneris account: https://www3.moneris.com/mpg/index.php
- Click Admin > Store Settings and copy the API Token (if there is none, generate a new one).
- Paste API Token in the module’s configuration, and enter your Store ID.
- 2.0.9 (2021/08/03)
- Module updated from 3D-Secure 1.0 to 3D-Secure 2.0 (Verified by Visa/MasterCard SecureCode). IMPORTANT NOTICE: “Effective October 2021, the majority of issuers will no longer support 3DS 1.0. As a result, you will lose liability shift protection for most of your transactions. Effective October 2022, key card brands and Moneris will no longer be supporting 3DS 1.0. As a result, any authentications submitted will receive an error response.”
- To use 3D-Secure, your server’s “SameSite” cookie parameter must be set to “None” and “Secure” cookie parameter must be set to “true”, otherwise customers will be unable to checkout when 3D-Secure is enabled (the user will be logged out and cart will be cleared).
- 2.0.8 (2021/04/27)
- NEW: Redesigned credit card form with a more modern and responsive design.
- NEW: Support for Google reCAPTCHA on the credit card form to help against bot attacks (requires Google reCAPTCHA account with API keys).
- NEW: Option to limit the amount of declined credit cards a customer can attempt in order to prevent bots from spamming stolen credit cards.
- NEW: Option to timeout a customer who is spamming declined credit cards for a configurable amount of minutes. The customer can resume placing their order after the timeout has elapsed.
- NEW: Credit card logo appears inside the credit card field as the user is typing their card number.
- NEW: Credit card field automatically formats card number with the proper spacing for the card they are typing.
- Added option to hide credit card logos above the payment form.
- Added missing French translations.
- Added workaround for missing order messages created by the module
- Removed AJAX card processing in PrestaShop 1.6 for security purposes.
- Fixed checkmark not showing up when expiry date was current year.
- Add button label configuration option for PS 1.6
- Add missing acceptable AVS value for certain cards that were being flagged as fraudulent
- FIX AVS “Street Name” issue
- FIX CVD and AVS issues when VBV is enabled
- FIX Order ID for store names with special characters
- Fix deprecated constructors in PHP 7
- Add convert to CAD/USD option
- Add Convert to CAD configuration option
- Add more FR translations
- Updated for full Prestashop 1.7 compatibility.
- Credit card form and transactions are more consistent across different themes/sites.
- Transaction error messages are now integrated into theme notifications.
- Added check to make sure the CAD currency exists.
- Added debug mode for developers & support.
- Restyled CSS for new checkout page.
- Removed AJAX transactions for more consistency with new checkout page.
- FIX Verified by Visa now functions correctly after a Moneris update.
- NEW Option to reject previously declined credit cards.
- Payment button now disables while a transaction is in progress, button text changes to “Sending…”
- FIX detection of Discover cards
- FIX label & title configuration bug
- FIX number format bug
- FIX conversion bug in some cases when converting to CAD
- Fix syntax bug on older PHP versions
- Added AVS and CVD checks
- Added new Order Status “Supsicious” for suspicious AVS orders
- Added card payment details
- Added config field for Form Title
- Added config field for AJAX processing
- Updated module from procedural PHP to MVC
- Fixed most/all warnings and notices for undefined variables/indices in dev mode
- Added ability to select and deselect credit card logos
- Fixed credit card validation errors when user has JS disabled
- Changed BO interface to Prestashop 1.6
- Fixed all French translations
- Added ability to hide CVV code field
- Made database value names consistent
- Added ability to submit a checkout button label in all languages
- Improved expiry date checkmark
- Added many new error response messages when payment fails
- Fixed addCSS and addJS errors
Disclaimer: I am not responsible for the overall security of your website. This module only works in HTTPS, but if you modify the code to ignore this restriction, it is at your own risk.