For the purpose of this testing guide, an access point is anywhere your end-customer may enter a credit card that is used by Advanced Billing.
If you are unsure which method is being used, contact support@maxio.com and they can assist in finding how your customers are signing up or updating their cards. That being said, the development or IT team that worked on your integration will have the most knowledge on which access points your company uses.
Please be aware that this article is related to testing and implementing 3D Secure. We currently support 3DS on the following gateways: Stripe, Braintree, CyberSource, Windcave (Payment Express), Adyen. You can find more information about 3D secure by checking out this help article: Testing & Implementing 3D Secure.
Chargify.js
Chargify.js allows you to collect card information using embedded iframes on your own site. One way of helping you determine if this is being used is by seeing if you have a “Public Key” generated under Config > Integrations > Chargify.js.
Additionally, if your signup or card update page on your own customer-facing site embeds the Chargify.js file, this could indicate that this access point is being used.
API
The API can be used to create and manage subscriptions. Do you have an API key generated under Config > Integrations > API Keys/Chargify Direct?
Bear in mind that API keys generated here may be used not to directly interact with our API, but rather to communicate with a third-party application, such as Salesforce. If you are directly integrated with our API to process signups, there will be code on your server that references this API key, and it is likely that you are not using our Public Signup Pages.
Public Signup Pages / Offer Signup Pages
These are Advanced Billing-hosted pages that are used to create subscriptions. Public Signup Pages allow the customer to fully configure their subscription with products, components, and coupons; Offer Signup Pages are a static signup form that can be sent as an already-configured deal for a particular customer. You can determine if you have any enabled Public Signup or Offer Signup Pages by going to Billing > Public Signup Pages or Billing > Offer Signup Pages. That said, the existence of these pages does not necessarily mean they are being used to signup your end customers; the only way to know for certain would be to determine if these links are embedded in your website.
Another way of determining if they are being used is if your customers are directed to a chargifypay.com domain name as part of the signup process. The URL will resemble the following: https://subdomain.chargifypay.com/subscribe/w3k4sc2jqydk
Self-Service Pages
Self-Service Pages are Advanced Billing-hosted pages used to update credit card information. If you have emails enabled in Advanced Billing, such as signup or renewal emails, they reference an update_url variable, which pulls in each subscriber’s unique service link. Additionally, if your team manually sends payment update request emails from the subscription > Payment Details > Email Customer to Request Payment Update, these emails reference Self-Service Pages by default.
Self-Service Page URLs will be hosted on the chargifypay domain and will contain the subscription ID and your Advanced Billing site’s subdomain. Here is how an example URL would be formatted: https://<subdomain>.chargifypay.com/update_payment/<subscription_id>/f1078bae2f
Billing Portal
The Billing Portal allows customers to self-manage their subscriptions; in particular, if the feature is enabled, they can be used to update the credit card on file.
You can determine if your Billing Portal workflow will be affected by PSD2 by first seeing if the portal is enabled under Config > Settings > Billing Portal. If Billing Portal is enabled, then check to see if “Allow Card Updates” is enabled under the ‘Features’ section.
Invoices
This refers to the public views that customers can use to pay off their open or past due invoices. Steps for verifying whether these URLs are used will vary based on the site’s architecture. See below for more information on which impacts you.
Legacy Statement-based
Click on the “Billing” navigation in your site – if it lists “Transactions” and not “Payments”, your site may be using statement-based invoices. This is referred to as invoice billing and is not enabled by default.
Visit Config > Settings > Invoice Billing to 1) determine if the feature is turned on, and 2) if “Enable Pay by Credit Card Link In Invoice” is turned on.
Relationship Invoicing:
Click on the “Billing” navigation in your site – if it lists “Payments” and not “Transactions”, your site is on Relationship Invoicing.
Do you have invoice emails turned on, particularly for remittance payments, with invoice.url defined in the email template? If you export subscriptions, do any have a payment_collection_method of “remittance”? It’s possible that a member of your team may be manually sending the public URL to customers as needed.