secure payments

The Authorize.Net integrations for WooCommerce were among some of the earliest plugins we built at SkyVerge. At that time, Authorize.Net had several different APIs that allowed you to do different things: the AIM API handled directly processing payments, the CIM API handled securely tokenizing saved methods, the DPM API handled embedded payment forms, and the SIM API handled off-site transactions.

As a result of all of this separation, there were 4 different extensions to do different types of payment processing for your WooCommerce store. While this ensured that a merchant could use the exact feature set they needed, it also meant it was confusing to know which plugin to choose, and as developers, we had a lot of duplicate code to maintain (the basic plugin structure and transaction handling was pretty consistent).

The Authorize.Net team has made amazing progress over the past couple of years to unify their APIs and improve their payment processing offering as a whole. Today, there’s just “Authorize.Net API” for payment processing, so we’re streamlining our integration, too! We’re happy to say that, going forward, we’ll be working on a single unified WooCommerce Authorize.Net gateway.

This plugin takes all of the best parts of the AIM, CIM, and SIM integrations our team had built, rolling them up into one plugin. Over the next couple of months, we’ll be migrating all WooCommerce sites to this new unified extension.

How to upgrade

Existing CIM plugin users have just seen this as a version 3.0 upgrade, so you’re probably using the unified plugin already!

For AIM and SIM users, we’ll need a couple additional steps. First, over the next month, we’re working with the team to add subscriptions for the unified plugin to your account (to match, then replace, your current plugin subscription).

When this process is completed and every WooCommerce Authorize.Net merchant has a subscription for the unified plugin, we’ll begin to roll out updates for AIM and SIM users. This update will offer a one-click migration: when you upgrade, you’ll be asked to migrate, and when you’re ready, the new plugin will be installed, activated, and connected to It will migrate all settings and transaction information seamlessly, so with a single click, you’ll be ready to move forward with the latest and greatest from Authorize.Net!

Payment form improvements

If you’ve already been using the CIM extension and upgraded to Authorize.Net version 3.0, the great news is you may already see these features. Check out what you can now do as of version 3.0 below.

Easier setup

In older versions of our plugin, you could enable Accept.js from Authorize.Net to improve the security of your payment forms (meeting SAQ A-EP levels of PCI compliance). There was a setting for this because it required extra configuration in your Authorize.Net account.

No more! Authorize.Net has made this configuration available via their API, so Accept.js can come standard for all stores. When you connect to Authorize.Net, the plugin automatically configures Accept.JS, so the inline payment form security is improved transparently. As a result, you’ll see we’ve removed these Accept.js settings in the plugin.

WooCommerce Authorize.Net connection settings (credit card)
Credit card connection settings

Improved security

Speaking of improvements, you’ll also see a new type of payment form for credit cards! When you upgrade, you might be interested in checking out the new lightbox payment form from Authorize.Net. This form meets the highest standards of PCI compliance (SAQ A), so you can maximize security by switching to the lightbox credit card form rather than the inline form. Here’s a snapshot of what it looks like at checkout:

Using eChecks as well? We’ve also added a new eCheck form with increased security. You can now enable a hosted eCheck form that meets SAQ A levels of compliance, or continue with the inline form, which now meets SAQ A-EP compliance, too.

WooCommerce Authorize.Net connection settings (echecks)
eCheck connection settings
A quick note: the hosted eCheck form does not yet support saved payment methods! If you want to enable tokenization, you should use the inline eCheck form.

If you switch to the hosted eCheck form, your customers will not be presented with payment fields at checkout.

WooCommerce Authorize.Net Hosted eChecks 1

Instead, these are securely embedded in the payment page following checkout for your customers to complete payment.

WooCommerce Authorize.Net Hosted eChecks 2

Don’t want to change your payment experience? That’s okay, too! The inline payment forms that have always been present will still be available, and you can leave your settings untouched to continue to use them.

WooCommerce inline credit card form
Inline credit card form
WooCommerce Authorize.Net Inline echeck form
Inline echeck form

For the future

Our first priority now is to migrate all existing Authorize.Net merchants on WooCommerce to use the unified plugin. Once everyone is using a single codebase, we can upgrade the Authorize.Net experience faster without duplicating work! We’re already at work with Authorize.Net to plan the next evolution of this integration.

Have any questions about the upgrade or the new plugin? Check out our updated documentation, or feel free to reach out to our team with questions.

Published by

Beka Rice

Beka leads product direction for SkyVerge and technical documentation. She spends a lot of time on research and interviews, but likes to write so she has an excuse to spend more time jamming out to anything from The Clash to Lady Gaga.

Chase Wiseman

Chase is a WordPress engineer at SkyVerge, most often found mastering payment gateways and other integrations with WooCommerce. He builds new plugins, maintains existing ones, and helps support WooCommerce merchants.


  1. If we are currently using CIM with Accept.js and WooCommerce Subscriptions, will all our current customer data and subscriptions automatically be migrated to the updated plugin? Are there any additional steps that we need to configure the new plugin?

    • Hey Chino! Great question — if you’ve already been using the CIM plugin, the version 3.0 upgrade needs no migrations. Since CIM was the only plugin that worked with WooCommerce Subscriptions, we kept the saved payment method and subscription handling exactly the same. Upon upgrading to version 3.0, all settings are preserved, and all subscriptions will process normally! The only thing I’d recommend doing is checking out the new lightbox checkout in case you want to give it a try. πŸ™‚

  2. Hi.
    We upgraded to version 3.0.0 but immediately we started getting Accept.js Error: payment nonce is missing. so we had to downgrade to version 2.10.2
    We also tried in our sandbox on test mode but the checkout form give the following error:
    An error occurred, please try again or try an alternate form of payment. and the log show this error in the accept.js Response:
    [code] => E_WC_21
    [text] => User authentication failed due to invalid authentication values.

    Don’t we need to input the public key to accept to validate correctly?
    We see this input field was taken away from the plugin settings.

  3. It’s just a gateway, right? Yes, but that gateway better be solid, and better function with utmost security and ease of use. This one does. I had some questions about handling a sequence pretty specific to our business (not crazy specific, but not common at all) and I got some quick, effective help from the support team. This makes me look forward to paying their fees each year. There are a number of options, this one checks all the boxes.

    • Thanks so much for the kind words, Carl! We’re big Authorize.Net fans ourselves, so we love that they make it easy to support many of these useful features. πŸ™‚

  4. Hi, I’m wondering if your newest plugin supports 3d secure? I’m looking for a solution to activate 3d secure, and not sure if your plugin has it.

    • Hey Lee! Great question — ANet doesn’t have a native 3D Secure integration. They do work with Cardinal Commerce for 3DS, but it does not meet 3DS v2 standards, so it’s not something on our radar just yet. We are looking to add 3DS to our CyberSource plugin before September of this year (when many EU merchants need it), so I’d recommend checking CyberSource out, as it’s from the same team.

  5. Quick question, I need to change API credentials depending on billing country or currency, is there a hook that I can call to do this with this plugin? …or perhaps a hook for changing the environment from production to test (then I can store alternative API creds in the test fields)?

  6. I have a WordPress website with a custom checkout process. I want to call the plugin like in the developers API documentation but from within WordPress. How do I do that? A simple click on a button to launch the credit card form example would be all I need to get me going and then I can work the rest out. Many thanks for your help!

    • This isn’t going to be purely JS like their developer docs examples, as we’d need to be sure the plugin scripts as well as the Woo cart data are available. I haven’t done this myself, but at a first glance, I would make sure you filter woocommerce_is_checkout to true on your custom page to ensure this data is loaded / available, then have a look at the /includes/Payment_Form.php file in our plugin, as you should be able to render the credit card form using: wc_authorize_net_cim()->get_gateway()->render_payment_fields()

Hmm, looks like this article is quite old! Its content may be outdated, so comments are now closed.