CardPointe payment processing tokenizes sensitive data, safeguarding your customers from a data breach and lessening the burden of PCI compliance.
Businesses that use CardPointe can offer their customers the ability to checkout with a saved card on file, with sensitive data being stored on CardPointe’s servers and not the business’s systems. The CardPointe plugin supports the WooCommerce Subscription extension.
Click here for more information.
Please note that WooCommerce (v4.0+) must be installed and active.
The latest version of WooCommerce (v5.5.2) is supported.
The WooCommerce Subscriptions extension (v3.0.x) is fully supported.
PHP should be (v7.1+)
Please note that ReCaptcha key are required to use this plugin
You must contact your sales agent to receive the account credentials specifically for this plugin to work. Those credentials are different than what is provided for the Virtual Terminal. Refer to Fiserv’s WooCommerce Support page for more details.
Security Best Practices
While not required, it is strongly recommended that you configure your site to meet the following security best practices:
Secure your checkout page with an SSL (secure socket layer) certificate.
As of version 3.3+, recaptcha is built in and required in live mode, and you must configure your WooCommerce > Payments settings to include ReCapthca keys.
Version 3.3.3 of the plugin includes the following new settings to help prevent fraud and carding events carried out by malicious scripts and bots:
Maximum Credit Card Attempts
This setting limits the number of authorization attempts for a given payment card. Once the limit is exceeded, the card will be banned from use on the plugin. Must be a value from 3 (default) to 5 attempts.
Banned cards are displayed in the Currently Banned Card Tokens list. To re-enable a banned card token, you can select it and click Delete Selected Tokenized Card(s) to remove it from the list. The default setting is 3 attempts.
This setting limits the number of payments a cardholder can attempt to make in a given amount of time. The default setting requires a minimum of 3 seconds between payments.
Maximum order attempts
This setting limits the number of attempts to submit a payment for a given order. Must be a value from 3 (default) to 10 attempts.
See Configuring the WooCommerce Plugin for more information.
Additionally, we strongly recommend using the iFrame tokenization method for capturing customer payment card numbers. Select Enable IFRAME API on the WooCommerce> Settings >Payments tab to enable the Hosted iFrame Tokenizer on your checkout form for an additional layer of security. See Advanced Tokenization Settings for more information.
Note: If the security of your webpage becomes compromised, Fiserv reserves the right to disable your CardPointe merchant account.
First, make sure you have obtained ReCaptcha V2 keys for your site, from https://www.google.com/recaptcha/admin/
Please see https://www.google.com/recaptcha/about/ for more info.
Log in to your WordPress Dashboard and navigate to WooCommerce > Settings > Payments.
Select the “Manage” button, next to the CardPointe payment method.
Select the “Enable Google ReCaptcha on Checkout” option and fill in your ReCaptcha Keys
It is recommended that you install an SSL certificate on your site for the checkout page, however the plugin does not require it.
Yes. When you sign-up for a merchant account with CardPointe you will receive credentials for a sandbox account as well as a live account.
You may need to request that your hosting provider open certain ports. Specific instructions will be provided when you activate your CardPointe account.
For further info or support, contact your Fiserv sales agent.
Yes, we support v2.5.x of the Subscriptions extension. We highly recommend that you use v2.5.x+ for best results.
We support all WooCommerce currencies except the Ukrainian Hryvnia.
Yes. Define WC_CC_ADVANCED as true in your wp-config.php file. Then, open the plugin’s WooCommerce setting page, and configure the new options. Use at your own risk. This will be removed in a future update.
Support is provided by Fiserv. Before posting to this plugin forum, contact your Fiserv sales agent.
Cards saved while in test/sandbox mode will NOT carry over when switching to live mode. If you’ve saved a card in this manner, and receive an error, you need to re-save the card in live mode, under a different label/name. Always use a test WP user account for testing saved cards in sandbox mode, and do not try to use the account or it’s saved cards in live mode at a later time.
Define WC_CC_ADVANCED as true in your wp-config.php file, and visit the plugins settings in WooCommerce.
First, please note that this is in beta. Report any issues you encounter immediately, in the plugin’s support area above.
If we’ve introduce a breaking change, please revert back to the previous 3.3.2x version and turn off auto plugin updating, until we can get a fix.
You must enter your MID, username and password, and then save, to see the new field selector on the CardPointe settings page.
Refer to the “Include these checkout fields in CardPointe transactions” section now present on the settings page, and select the desired checkout form fields, then re-save.
Any data submitted during checkout matching the fields selected in your settings, will show up in a virtual terminal transaction under “Custom Fields” (e.g. selecting “billing_company” will send the standard WooCommerce checkout field called “billing_company,” if a customer fills it out.)
Support for the official WooCommerce Checkout Field Editor plugin is included.
Support for custom user fields in the Subscriptions and Pre-Orders plugins is currently experimental.