Payment Settings
The Settings tab allows you to configure several different options for Payment Settings.
On This Page
Payment Rules
This section sets where shoppers are redirected, to a page in your store, if no payment method is available.
Note:
To update Payment Method Rules using the Product Import feature (CSV), first add the Identifier column to the Payment Method Rules page. Then export your products using Export Products to Flat File from the Data Management page in your Miva Admin.
The Identifier column provides the required shipping method code format needed to import Payment Method Rules successfully.
To add this column go to PATH: Settings > Payment Settings > Click the ( + ) to open the Show/Hide Columns Menu, Select the box for Identifier.
MivaPay Vault Settings
For information on configuring the MivaPay Vault settings in this section, visit the MivaPay Vault page .
Fraud
The Fraud section is where you set various features to protect your store from fraudulent credit card use.
Failed Authorization Delay : During checkout, a shopper submits their credit card information on the Payment Information (OPAY) screen. If the authorization fails, you can make a customer wait a certain amount of time before they can try it again. The wait time is entered here in milliseconds.
Invalidate Checkout Session After : This is another place where you can make it more difficult for people to commit fraud through scripted attacks on your site. When a shopper clicks past the Order Details (OCST) page, a checkout session cookie is created. If the Invalidate Checkout Session After box is checked, when a shopper’s credit card fails authorization the number of times you choose, the Miva admin will expire the checkout session cookie, and make them start the checkout process again from the basket page.
Use Authorization Token : The Authorization Token helps insure that a credit card authorization request is coming from a human and not an automated attack on your store. When you enable this option, the Miva admin adds a random, 32-character, alphanumeric string to your Payment Information (OPAY) page. The shopper cannot see the string, but when the admin authorizes a credit card, it checks to see if the credit card data is accompanied by the token. If the token is missing or incorrect, the authorization request is ignored.
Authorization Blacklist
Authorization Blacklist : When a shopper visits your store, the Miva admin can see their IP address. The Authorization Blacklist is a list of IP addresses that you will not accept credit cards from.
- To manually add an IP address to your blacklist : Set Authorization Blacklist to Manual. Then go to Settings>Payment Settings>Authorization Blacklist , and click Add Blacklisted IP. You can also manually add an IP address by going to Order Processing>Authorization Failures . Then in that tab, select a failed authorization and click the Blacklist button.
- To automatically add IP addresses to your blacklist : Set the Authorization Blacklist to Automatic, and then set the Threshold and Duration in the fields below.
Threshold : If you set the Authorization Blacklist field to Automatic, use the Threshold field to decide how many credit card authorization failures you will allow before an IP address is added to your blacklist. It is set in the number of authorization failures within a certain number of minutes.
Duration : If you set the Authorization Blacklist field to Automatic, use the Duration field to set how long an IP address will stay on your blacklist.
reCAPTCHA
reCAPTCHA is another tool to make sure that your store is being used by human shoppers and not a scripted attach. There are many types of reCAPTCHA you can configure here.
While these methods can be used in your store, there is a new, reCAPTCHA v3 available that Miva recommends using. For more information on it, view the reCAPTCHA v3 document .