Really, never ever use Authorize.Net

The saga continues.

My employer and I have been dealing with Authorize.Net’s so-called support team for weeks now. After several conversations, several weeks, and a great deal of fact-checking, we have conclusively proven several things about Authorize.Net:

  • Their “Automated Recurring Billing” (ARB) attempts to POST notifications of a payment to our server but disconnects before sending data. We have seen evidence of this on our load balancer and our firewall.
  • Authorize.Net sends a GET before sending the POST. Also verified this the same as above.
  • Authorize.Net support insists that their developers insist that they do not send a GET before every POST.

The closest thing to an admission of fault that I have heard from a support representative was something to the effective of “the ‘silent POST’ facility is antiquated, we have had problems with it in the past, and we are contemplating disabling the feature.” Wouldn’t that be lovely? Sure, customers really don’t need to know in real time when they get paid, do they? Instead, we’d rather wait for (ordinarily) less reliable email messages to arrive indicating the status of payments.

From this, I hypothesize the following:

  • Authorize.Net’s support department is in fact their marketing department for they (1) provide almost nothing materially resembling support, often merely citing random factoids in their documentation and quoting the scripture as provided by their developers and (2) have no idea how to escalate an issue to the point of resolution.
  • Authorize.Net’s development team is either sequestered in a bomb shelter as they have perfected “HOW NOT TO BE SEEN” …

… given that they are entirely unreachable by non-Authorize.Net personnel and that I have yet to see any correspondence that clearly originates from them. Either that or they simply don’t exist.

Seriously, I have not yet managed to speak to a single developer in their organization. Evidently, they are so important to Authorize.Net and of such unimpeachable quality and skill that their mere word is taken as absolute. They are infallible. Clearly, our implementation must be in error despite repeated “Connection reset by peer” messages in our logs and a response time in our servers in the low millisecond range.

Allow me to reiterate: this issue has been ongoing for weeks and Authorize.Net has yet to take any meaningful steps in order to resolve it.

Just don’t use Authorize.Net. FWIW, I’ve heard from some that Braintree is a decent payment gateway…

Posted by evan on Friday, May 22, 2009

blog comments powered by Disqus