Magento2 Integration

Forter's Magento2 Extension Integration

Suggest Edits

Forter Magento2 Extension

Forter's Magento2 extension works by interacting mainly with the order and payment models in Magento. Forter's M2 extension allows for post-authorization decisions at checkout for Fraud as well as enforcement of Policy abuse like Refund Abuse, coupon abuse, bots, and seller abuse via recommendations.

Certain merchant stores might require additional adjustments to the store’s backend code base or to your payment gateway settings. The extension includes mapping for payment gateways like Braintree, Adyen, Authorize.net, PayPal Express and Worldpay.

Step 1: Install the extension on your Sandbox/Test environment

Installation options

Manual Installation (app/code)

Install manually under app/code Download & place the contents of this repository under {YOUR-MAGENTO2-ROOT-DIR}/app/code/Forter/Forter
Then, run the following commands under your Magento 2 root dir: 

php bin/magento maintenance:enable  
php bin/magento setup:upgrade  
php bin/magento setup:di:compile  
php bin/magento setup:static-content:deploy  
php bin/magento maintenance:disable  
php bin/magento cache:flush

Make sure Magento’s CRON is active.

Composer Installation (from Magento2 Marketplace)

composer require forter/magento2-module-forter  
php bin/magento maintenance:enable  
php bin/magento setup:upgrade  
php bin/magento setup:di:compile  
php bin/magento setup:static-content:deploy  
php bin/magento maintenance:disable  
php bin/magento cache:flush

Step 2: Enable Forter

  1. On the Admin sidebar, go to Stores > Settings > Configuration.
  2. In the panel on the left select Forter.
  3. Expand the Forter -> Configuration section.
  4. To enable the extension and display additional fields, set Enabled to ‘Yes’.

Step 3: Complete Basic Settings

📘

:lock:Note on Credentials :lock:

You'll need a Forter portal account to access your unique site Id and secret key values

  1. In the Site ID field, enter the site ID from your Forter account.
  2. In the Secret Key field, enter the Secret Key from your Forter account.
  3. To save logs transmitted between your store and Forter, set Debug to Yes.
  4. In the Enhanced Data Mode field, choose Yes if working in a test environment, additional data will be sent to Forter's API calls to help Forter to support the integration.

Step 4. Order Validation Settings

  1. Expand the Forter -> Order Validation Settings section
  2. Order Validation Location:
    a. After Payment Action (Recommended) > This is the default post-auth option
    b. Before Payment Action. > This is the pre-Auth option

🚧

Note on Before Payment Action:

Talk Forter’s project management team if you're interested in implementing this option

If you select After Payment Action:

  1. Action on Decline:
    1. Do Nothing
    2. Set Order to Payment Review Status: Sets order State to “Payment Review”.
    3. Cancel Order, Void or Refund Payment: Puts order “on hold” immediately. A cron that runs in the background every minute will cancel this order (if it’s cancellable). If not, it will try to create a credit memo (if available). Lastly, if none of the options were available, it sets the order back into an “on hold” state.
  2. Action on Approve:
  3. Do Nothing
  4. Create Invoice and Capture Payment: A cron that runs in the background every minute will create an invoice and capture the funds (attempts to capture the funds online. If it can’t it will perform a capture offline)
  5. Action on Not Reviewed: same options as the above.
    1. Custom Error Message: Free text to display to user in the “Thank You” page in case Forter declines an order and the option for Decline is set to “Cancel” the order. To prevent showing an error message, leave the box empty.

If you select Before Payment Action

  1. Action on Decline
    1. Do Nothing
    2. Show Payment Error to User (stay in checkout page): Shows the user an error similar to when there is a Payment processor error
    3. Custom Error Message: error message to be displayed (mandatory if the option above is to show error)
  2. Action on Approve
    1. Proceed with Order
    2. Do Nothing
  3. Action on Not Reviewed
    1. Proceed with Order
    2. Do Nothing

Step 5: Configure Additional Settings

  1. Use the below instructions to enable the relevant connection data (including user Agent and IP) is included in the API request that is sent to Forter
  • Forter Extension Configuration - Additional Settings Connection Information Settings
  • Expand the Forter -> Connection Information section
  • Base Connection timeout (Value in milliseconds. Number needs to be between 1000 and 20000)
  • Set timeout in Base Request timeout (Value in milliseconds. Number needs to be between 1500 and 20000)
  • Set timeout in Max Connection timeout (Value in milliseconds. Number needs to be between 1000 and 20000)
  • Set timeout in Max Request timeout (Value in milliseconds. Number needs to be between 1500 and 20000)

📘

Note on Installations:

It’s very important to install the extension on a test environment first prior to the production environment. The real-time fraud prevention process might change sensitive flows like the default order processing behavior of your store.

  1. Configure your desired Authorization Process Settings

Read the section “Forter Extension Configuration”. Forter recommends using the default configuration, which requires the payment method to be set to “Authorize Only” and to not capture the funds automatically, so you can configure Forter to capture the funds if the order gets “approved” by Forter and void the authorization if it gets “declined” by Forter (there is also an option to set the order to a payment review state in those cases).

Step 6: Test / QA

Make sure to test all order types and payment methods. For each order type and payment method, 2 basic tests are required:

  • when Forter approves an order
  • when Forter declines an order (due to fraud reasons)

While using Forter’s sandbox credentials, you can trigger each one of these decisions using test email [email protected] and [email protected] (make sure to also place test orders with regular emails) as the account owner field

  1. Check the entire flow (decision through capture/cancel)

  • Make sure you check the whole flow, from placing an order as the user, until checking the state of the order in Magento’s admin and also checking other relevant systems you might have (payment gateway portal - to make sure the order was captured or canceled correctly, other services like OMS softwares, to make sure the orders was exported / canceled correctly).

  1. Make relevant automations (if applicable)

  • In many cases, merchants might want to implement customization to their base code to achieve certain automation processes. Forter’s implementation experts are here to provide support.

  1. Confirm the completion of tests with your Project Manager

    You may be required to make additional checks or make additional modifications to the data in the API call to Forter.

Deploy to production :confetti-ball:

Upon completion of your QA and test suite, you'll coordinate a time to deploy the plugin to your production environment with your dedicated Implementations Project Manager

Updated 6 months ago