WooCommerce CyberSource Payment Gateway

Overview ↑ Back to top

WooCommerce CyberSource is a payment gateway integration that allows you to take credit card and eCheck payments via CyberSource directly on your site.

This plugin leverages CyberSource’s Flex Microform payment form to help you meet SAQ A PCI compliance levels with a seamless checkout on your site. CyberSource uses hosted fields to process payments, so sensitive payment information is sent directly to CyberSource, bypassing your servers. WooCommerce CyberSource also support 3D Secure for added security and compliance. You can also utilize CyberSource’s Decision Manager tool to help prevent fraudulent transactions, and enable Visa Checkout and Google Pay to offer digital wallets payment options in your store.

🎥 Watch a demo of WooCommerce CyberSource to see the admin and customer features in action!

Requirements ↑ Back to top

  • A CyberSource account (fees apply)
  • WooCommerce 4.3+
  • WordPress 5.2+
  • PHP 7.0+ (you can view this under WooCommerce > Status)
  • An SSL certificate

Installation ↑ Back to top

  1. Ensure your store meets the plugin requirements.
  2. Download the extension from your WooCommerce dashboard.
  3. Go to Plugins > Add New > Upload and select the ZIP file you just downloaded.
  4. Click Install Now and then Activate.
  5. Click Configure and read the next section to learn how to setup the plugin.

Getting Started ↑ Back to top

You must have an active Cybersource gateway account (which charges its own usage fees) with the JSON REST API enabled to use this plugin. In this section, we’ll review how to generate your security keys and setup the plugin.

Generate Security Keys ↑ Back to top

CyberSource uses a security key to communicate with your site. If you want to perform test transactions, you can follow these steps to create both Live and Test accounts. Follow the steps below to generate a security key:

  1. Log in to the CyberSource business center with your CyberSource merchant ID.
  2. Go to Payment Configuration > Key Management.
  3. Select the Keys menu and click API Keys.
  4. Click Generate Key.
  5. Select API Cert / Secret as the key type and click Next Step.
  6. Select Shared Secret as the key subtype and click Submit.
  7. Copy the Shared Secret Key to add to the plugin settings. You can also click Download Key if you’d like to save this key for future reference.
  8. Click Key Management and select the newly-created key.
  9. Copy the Key Detail and your Merchant ID to add to the plugin settings.

Visa Checkout setup ↑ Back to top

If you want to use Visa Checkout, you can set that up by following these steps:

  1. Log in to the CyberSource business center with your CyberSource merchant ID.
  2. Go to Payment Configuration > Digital Payment Solutions.
  3. Click Configure next to Visa Checkout.
  4. Follow CyberSource’s steps for generating the API key.
  5. Finding the Visa Checkout Key in the CyberSource merchant control panel.

  6. Download the API Key.
  7. In your site admin, go to WooCommerce > Settings > Payments > CyberSource Visa Checkout and paste your API key into the Visa Checkout API Key field.

Adding the Visa Checkout API key to the CyberSource plugin settings.

Google Pay setup ↑ Back to top

If you want to use Google Pay, go to WooCommerce > Settings > Payments > Google Pay and select the Accept Google Pay setting.

Google Pay settings in the CyberSource plugin.

You can then update other settings to determine how and where the Google Pay buttons appear on your site.

Extension Settings ↑ Back to top

You can configure the plugin to support credit cards and/or eChecks by going to WooCommerce > Settings > Payments and selecting CyberSource or CyberSource eCheck.

Note: If you would like to accept eCheck payments, please contact CyberSource to ensure that your account is setup with one of the correct processors to handle eChecks.

Credit Card Settings

  • Enable / Disable: Allow customers to use this gateway to process credit cards at checkout.
  • Title: The text shown for the payment during checkout and on the Order Received page.
  • Description: The text shown under the gateway’s title during checkout. Limited HTML is allowed. If you enable test mode, this section will also display a notice along with test credit card numbers.
  • Card Verification (CSC): Display the card security/verification code field at checkout.
    • Saved Card Verification: Display the card security/verification code field when using a saved card at checkout.
  • Transaction Type: Controls how transactions are submitted to CyberSource. Select “Charge” to automatically capture payments. If you select “Authorization”, you must manually capture and settle payments in your CyberSource account or on the WooCommerce orders screen after the transaction has been submitted. This defaults to “Charge”.
    • Charge Virtual-Only Orders: If Transaction Type is set to “Authorization”, enable this to automatically capture charges for orders with only virtual products. For downloadable products, this will grant downloads access right away.
    • Capture Paid Orders: If Transaction Type is set to “Authorization”, enable this to automatically capture charges when orders move to a paid status.
  • Accepted Card Logos: Determines which card logos are displayed during checkout. This has no impact on which cards are accepted by your merchant account.
  • Tokenization: Let customers save their payment methods for future use at checkout. This is required for Subscriptions or Pre-Orders.
    • Tokenization Profile ID: The Token Management Server profile ID, which CyberSource can provide for you.
  • Detailed Decline Messages: Display detailed messages to customers to provide reasoning for declines instead of a generic error message when possible. Click here to read more about detailed decline messages.
  • Debug Mode: Enable when you’re having issues processing transactions. You can choose to log API requests directly on the checkout page, save them to the WooCommerce > Status > Logs page, or both. As a best practice, please do not enable this setting unless you’re having issues with the plugin.
  • Environment: Switch between “Test” and “Production” credentials. Enable “Test” to send transactions to your CyberSource Test Account.
  • Merchant ID: The ID assigned to you by CyberSource, which you use to log into the Business Center.
  • API Key Detail: Follow the steps above to retrieve your API Key Detail.
  • API Shared Secret Key: Follow the steps above to retrieve your API Shared Secret Key.
  • Fraud management: Use CyberSource’s Decision Manager tools to avoid fraudulent transactions. This must be enabled on your CyberSource merchant account.
    • Organization ID: If Fraud management is enabled, enter your Organization ID, provided by CyberSource, here to use Decision Manager.
  • 3D Secure: Enable 3D Secure for added security and compliance. This must be enabled on your CyberSource merchant account.
    • Card types: When 3D Secure is enabled, use this setting to manage the card authentication services you want to support.

eCheck Settings

  • Enable / Disable: Allow customers to use this gateway to process eChecks at checkout.
  • Title: The text shown for the payment during checkout and on the Order Received page.
  • Description: The text shown under the gateway’s title during checkout. Limited HTML is allowed. If you enable test mode, this section will also display a notice along with test credit card numbers.
  • Detailed Decline Messages: Display detailed messages to customers to provide reasoning for declines instead of a generic error message when possible. Click here to read more about detailed decline messages.
  • Debug Mode: Enable when you’re having issues processing transactions. You can choose to log API requests directly on the checkout page, save them to the WooCommerce > Status > Logs page, or both. As a best practice, please do not enable this setting unless you’re having issues with the plugin.
  • Environment: Switch between “Test” and “Production” credentials. Enable “Test” to send transactions to your CyberSource Test Account.
  • Share connection settings: If using multiple CyberSource gateways, select this setting to share credentials between the gateways so you don’t need to enter and maintain them in two locations. If disabled, you’ll need to enter the Merchant ID, API Key Detail, Shared Secret Key, and Fraud management settings here as well.
  • Check Number Field: Decide whether to display the Check Number field at checkout and if it should be required.
  • Authorization: Display an authorization message during the checkout process.
  • Authorization Message: If Authorization is enabled, enter the message you want to show to your customers. You can use the following merge tags:
    • {merchant_name}: Your store name
    • {order_date}: Date of purchase
    • {order_total}: Total order value

Visa Checkout Settings

In CyberSource 2.3+, you can configure Visa Checkout payments.

  • Enable / Disable: Allow customers to use Visa Checkout to process credit cards at checkout.
  • Title: The text shown for the payment during checkout and on the Order Received page.
  • Description: The text shown under the gateway’s title during checkout. Limited HTML is allowed. If you enable test mode, this section will also display a notice along with test credit card numbers.
  • Transaction Type: Controls how transactions are submitted to CyberSource. Select “Charge” to automatically capture payments. If you select “Authorization”, you must manually capture and settle payments in your CyberSource account or on the WooCommerce orders screen after the transaction has been submitted. This defaults to “Charge”.
    • Charge Virtual-Only Orders: If Transaction Type is set to “Authorization”, enable this to automatically capture charges for orders with only virtual products. For downloadable products, this will grant downloads access right away.
    • Capture Paid Orders: If Transaction Type is set to “Authorization”, enable this to automatically capture charges when orders move to a paid status.
  • Accepted Card Brands: Determines which card types are accepted by Visa Checkout – note that this is different from the credit card gateway, where this setting only determines the logos shown at checkout.
  • Detailed Decline Messages: Display detailed messages to customers to provide reasoning for declines instead of a generic error message when possible. Click here to read more about detailed decline messages.
  • Debug Mode: Enable when you’re having issues processing transactions. You can choose to log API requests directly on the checkout page, save them to the WooCommerce > Status > Logs page, or both. As a best practice, please do not enable this setting unless you’re having issues with the plugin.
  • Environment: Switch between “Test” and “Production” credentials. Enable “Test” to send transactions to your CyberSource Test Account.
  • Share connection settings: If using multiple CyberSource gateways, select this setting to share credentials between the gateways so you don’t need to enter and maintain them in two locations. If disabled, you’ll need to enter the Merchant ID, API Key Detail, Shared Secret Key, and Fraud management settings here as well.
  • Visa Checkout API Key: Your API Key for Visa Checkout transaction requests. Click here for instructions on generating this key.

Google Pay settings

In CyberSource 2.3+, you can configure Google Pay payments.

  • Enable / Disable: Allow customers to use Google Pay to process credit cards.
  • Allow Google Pay on: Choose where customers may place orders via Google Pay by determining where the Google Pay buttons appear.
  • Button Style: Determine the style of the Google Pay buttons across your store.
  • Test Mode: Enable to test Google Pay functionality without processing real payments. This should be disabled on your live site, if you have active customers, to avoid customer confusion.

Managing Orders ↑ Back to top

As a site administrator, you can use the WooCommerce CyberSource gateway to manually capture charges and automatically refund/void transactions as needed. You may also take advantage of CyberSource tools such as Decision Manager to prevent and manage fraudulent orders.

Decision Manager ↑ Back to top

In CyberSource 2.3+, you can use CyberSource’s Decision Manager tool to identify fraudulent and manage fraudulent orders. You must have Decision Manager enabled on your CyberSource account before you can use it in WooCommerce!

Once enabled in the extension settings, WooCommerce CyberSource will approve, hold, or reject orders based on your Decision Manager fraud settings:

  • Approved orders will go directly to Processing status.
  • Held orders will go to On Hold status until they are reviewed and approved or rejected in your CyberSource dashboard.
  • Rejected orders will go to Failed status, with more details available in the order notes.
Note: If your Transaction Type setting is set to “Authorize”, your approved orders (whether approved directly or approved after review in CyberSource’s Decision Manager) will go to On Hold status until you manually capture them in WooCommerce.

WooCommerce CyberSource will check for updates to orders in the CyberSource Decision Manager every 15 minutes, so you may notice a slight delay between when an order is approved or rejected in the CyberSource dashboard and when the order is updated in WooCommerce. If you need to trigger the check right away, you can do so by follow these steps:

  1. Go to Tools > Scheduled Actions > Pending.
  2. Find the wc_cybersource_update_orders action. You may see multiple actions if you are using multiple CyberSource gateways (e.g. credit card, Visa Checkout, echeck).
  3. Click the Run action.
đź“š Click here to view CyberSource’s Decision Manager documentation for information on setting up decision manager rules and managing orders. You must be logged into your CyberSource dashboard to view this document.

Capture Charges ↑ Back to top

If the Transaction Type setting is set to “Authorization”, you can manually capture these payments from the WooCommerce Orders page. Click here to read more about capturing charges.

Note: If your Transaction Type setting is set to “Charge”, you cannot use the Capture button.

Automatic Refunds ↑ Back to top

You can process refunds directly in WooCommerce without needing to log into your CyberSource account. Click here to read more about issuing automatic refunds from WooCommerce.

Void Transactions ↑ Back to top

You can void transactions directly in WooCommerce in the following circumstances:

  • If your Transaction Type setting is set to “Authorization”, you can void when the transaction has been authorized but not yet captured.
  • If your Transaction Type setting is set to “Charge”, you can void when the transaction has not yet been settled (e.g. funds haven’t been transferred from the customer’s account to your CyberSource account).

CyberSource does not accept partial voids. If a transaction is no longer eligible to be voided, you must refund the order. Click here to read more about voiding transactions in WooCommerce.

Gateway Features ↑ Back to top

Your customers can take advantage of the following features when your site uses WooCommerce CyberSource.

3D Secure Support ↑ Back to top

CyberSource 2.3+ supports 3D Secure version 2.0 for liability shift, which supports the following card authentication services:

  • American Express SafeKey
  • Diners International
  • Discover ProtectBuy
  • JCB J-Secure
  • MasterCard SecureCode and Identity Check
  • Verified by Visa

3D Secure can be enabled in the credit card settings, but must first be enabled in your CyberSource account.

Visa Checkout and Google Pay ↑ Back to top

In CyberSource 2.3+, you can enable Visa Checkout and Google Pay for your customers to use to pay for orders on your store.

Note that Google Pay does not share the customer’s billing address or, when placing an order for virtual products, the customer shipping address back to your store prior to the order’s payment. This means that you may see unexpected tax calculation behavior in a few cases:

  • If your Calculate tax based on setting (WooCommerce > Settings > Tax) is set to “Customer shipping address” and the customer order contains only virtual products, the order’s taxes will be calculated based on the store address instead.
  • If your Calculate tax based on setting (WooCommerce > Settings > Tax) is set to “Customer billing address”, the order’s taxes will be calculated based on…
  • The customers shipping address, if the order includes at least one shippable product (i.e. not a virtual product).
  • The store address, if the order includes no shippable products (i.e. only virtual products).

Saving Payment Methods ↑ Back to top

Customers can save payment methods during the checkout process or from their My Account area. This lets them quickly select payment details during future checkouts and also lets your site support Subscriptions and Pre-Orders.


Notes:

Enhanced Checkout Form ↑ Back to top

CyberSource supports an enhanced checkout form that improves the checkout experience on mobile and desktop devices. Click here to read about the enhanced payment form.

Frequently Asked Questions ↑ Back to top

Q: How can I perform test transactions to ensure that the gateway is setup properly?
A: To perform test transactions, first set the plugin in the “Test” environment. Then, submit an order with a valid billing address and the following payment information:

  • Card Number: 4111111111111111
  • Card Type: VISA
  • Expiration Date: Enter any future date
  • Card Security Code: Enter any three-digit string (e.g. 123)

Click here to view all test card numbers provided by CyberSource.


Q: CyberSource supports Apple Pay for web payments. Can I use this in my store?
A: CyberSource contains a framework for Apple Pay, but it can only be enabled by developers, as the certification process requires developer-only tools. If you work with a developer and would like to add Apple Pay to your store, please click here to review the setup instructions and requirements. Please note that configuring Apple Pay support for this plugin is considered a customization and is not covered by our support policy.

Troubleshooting ↑ Back to top

Having trouble? Follow these steps to make sure everything is setup correctly before posting a support request:

  • Please ensure that your site meets the plugin requirements.
  • Check the FAQs to see if they address your question.
  • Confirm that your credentials are correct.
  • Enable the Debug Mode setting and review the errors codes/messages provided by CyberSource. Click here to learn more about CyberSource error/response codes. Sometimes more detailed error information/messages can be found by logging into your CyberSource Business Center and viewing transaction reports. In some cases, such as a transaction being held for review or declined, the plugin cannot change the issue and it must be resolved in your CyberSource account. If the error code indicates an issue with the plugin, please submit a support ticket and include the logs to help us troubleshoot.

Questions & Support ↑ Back to top

Have a question before you buy? Please fill out this pre-sales form.

Already purchased and need some assistance? Please check out our troubleshooting tips and frequently asked questions for common issues or contact support via the help desk if you need more help.

WooCommerce - the most customizable eCommerce platform for building your online business.

Back to the top