Skip to Content

I guess all of us would agree that the world has realized an electronic form of money in terms of credit cards. Today there are plenty of banks which of offer a variety of credit cards to their customers to increase the purchasing power thus promoting better trades.

The objective of this blog is to highlight the use of corporate credit cards used in a business environment and from a technology perspective how SAP is going to play a very crucial role in automating the credit card process. It’s also important to know how the accounting entries are treated in a credit card process differently compared to a standard order-delivery-invoice-accounting scenario. I will try to highlight the importance of SAP NetWeaver technology in providing the Enterprise Services.

To implement online credit card processing in SAP we need an interfacing with the 3rd party vendors. We use the SAP Net Weaver’s PI and J2EE engine which provides the required communication medium.

 

Benefits of automating credit card processing in SAP

 

a) It improves cash flow by reducing the outstanding receivables since the chance of defaulting/not making payment in time is reduced.

b) The transaction efficiency is highly increased since for every sale made through credit card process is almost sure to be realized.

c) Can even reduce the paper invoicing costs.

d) Better vision of the incoming receivables so that the business can plan its future plans accordingly.

 

Terminology associated with credit card processing

 

a) Merchant ID– It’s the ID given by the merchant bank to the supplier to which the payments and collections are affected.

b) Merchant Bank – Supplier’s Bank i.e. the company which is implementing credit card process.

c) 3rd Party Service Provider – It provides the interfacing between SAP and clearing house.

d) Clearing House – Provides the authorization and settlement services.

e) Authorization – The process of checking whether the credit card is valid or not and enough fund is available to make a purchase.

e) Authorization Window* – It’s the number days that you want to consider the material as available and execute an authorization.

f) Authorization Validity – It’s the number of days an authorization is valid within which the complete order-delivery-billing-accounting and settlement process should be completed. If the authorization validity expires, a new authorization is required to be made to complete the remaining transaction process.

g) Settlement – The process of collecting the fund blocked on the credit card of customer during authorization when a purchase was made.

 

Data Flow in SAP

 

R/3 –> PI –> 3rd Party Service Provider –> Clearning House

 

Upon receiving a customer purchase order we start creating a sales order in SAP.
After entering the sales order information like sold to, ship to, material, quantity for a given sales area, we select from the sales order menu GoTo > Header > Payment Cards.

Here we need to enter the card holder information like card type, card number, valid to date and the card holder name. We can even fill the additional fields like CVV number and CVV usage status for implementing additional checks.

Now the system checks the material availability date on the sales order overview screen > shipping tab whether it’s falling into the authorization window* or not.

So after the all the required information on the sales order is filled, we click the save button which triggers the authorization function module. It takes the card holder information along with the material ordered, quantity, price and goes to the PI server. At the PI server a web service part of the J2EE engine is invoked to establish a connection with the 3rd party service provider who gets the clearing house service for authorization. Since we are using the web service in our enterprise to call different systems identified as services, it’s making use of the enterprise service oriented architecture.

We can have three possibilities for a response from clearing house:

  • a) Successful authorization which indicates that the card holder data is valid and there is required amount of fund on the card.

The sales order is successfully saved with a valid authorization. Now this portion of the fund is blocked on the customer’s credit card for the authorization validity period. This means before the authorization validity is expired we need to ship the goods, do invoice and make settlement.

  • b) The authorization is declined since the card is not valid or does not have enough funds to buy.

An authorization block is set to the set sales order and hence further processing can’t be carried out. The credit card order goes into a credit hold which can be processed at a later stage for reauthorization after checking with the customer that the card can now be tried again. There is also a manual option to remove the credit hold through VCC1 transaction; it’s similar to VKM1/VKM3 used for releasing standard orders from credit hold. But we should not attempt to use VKM1/VKM3 for releasing credit card orders since they can create a delivery but cant post the goods issue later since they don’t have a valid authorization on them. We have managed this difficulty by removing authorization of end users to use VKM1 for releasing credit card orders. Also we have changed the report layout of VKM1 to distinguish credit card orders separately.

  • c) The 3rd party service is temporarily unavailable so we need send the data again to try the authorization later.

The re authorization program which can be scheduled per a batch job runs at a given frequency and tries attempt for authorization at a later stage.

Finally after successful authorization we process the delivery/picking/packing and PGI. The shippable items after PGI are processed for invoicing. As soon as the invoice is saved an accounting document is created where the customer account shows as cleared. That’s the main difference in accounting in credit card processing. The reason being, we are sure collect the fund as we have already blocked it during authorization. So we clear the customer account and debit an interim credit card settlement account.

Now we go for the actual settlement of the accounting document posted through FCC1 transaction. Settlement is the process where we try to collect the fund blocked during authorization into our merchant bank. As soon as the settlement transaction FCC1 is executed, a settlement function module triggers and sends the data to PI server. From here a web service is again invoked to contact our 3rd party service provider for settlement.

After successful settlement, the interim credit card settlement account is credited and the main credit card clearing account is debited. This is also reflected at GL account line item display at FBL5N.

Incase of a failed settlement, the credit card settlement account is reversed by FBRC – (reverse posting) transaction which is embedded into the settlement function module. But the customer account would continue to show as cleared. I guess it’s a bug in SAP for which we are still trying to find a solution. The process is finally completed by re attempting settlement with FCC2 (Repeat Settlement) transaction.

I shall try to discuss some of the implementation issues, security guidelines in my future blogs.

To report this post you need to login first.

10 Comments

You must be Logged on to comment or reply to a post.

  1. Bhavesh Kantilal
    Hello,
    Look forward to the part 2 of this blog.

    There have been lots of discussion on the XI forum in terms of Security and Credit Card Logging on the PI middleware. With Credit Card details being passed around and logged in the middleware, the question of security is a big concern.

    Specifically, the requirement has been very clear in terms of middleware and credit card integrations – No info of the credit card should be logged anywhere on the database. This would mean – not turning on user specific message interface logging but rather the fact that the entire payload should not be logged anywhere on the database?

    Was it addressed? If yes how?

    Regards
    Bhavesh

    (0) 
  2. Sadhu Kishore Post author
    Hi Bhavesh,

    in our case, there is possibility of a credit card transaction (authorization/ settlement) can fail because of 57 possible reasons as classified by the payment gateway. Where as SAP can store only 3 reasons ie a sucess / fail / try later. If we have understand why the failure has taken place the only option thus left is to check the payload in XI monitoring. So it will part of database. However, the sensitive card information can be protected by encryption. So the process encryption would start the moment the data enters PI frm R/3 and decrypts before going to the payment gateway and vice versa.

    The other option can be to outsource the sensitive informatoin using 3 rd party solutions.

    (0) 
    1. Bhavesh Kantilal
      Hello Sadhu,
      Unfortunately; Payload Encryption cannot help.
      Payload Encryption helps when the message is to be sent across corporates over the Internet to stop sniffers from grabbing sensitive info.
      In case of XI, the payload encryption will have to be decrypted in the runtime before it enters XI’s mapping runtime and therein lies the problem.

      I understand your problem and your solution viz – a viz the reason codes for payment failure to use XI but; I am just wondering how and what can happen if this information is mis-used even by IT support.

      I am not very knowledgable on how this is done over Internet Portals etc but I still think we are away from the perfect solution.
      The sap note provided by Srinivas does help but yet there are too many loop holes and most of the IT security teams at Client’s places would not be very happy.
      Just my 2 cents worth on a topic I might not be the most knowledgeable on.

      Regards
      Bhavesh

      (0) 
    1. Sadhu Kishore Post author
      Thanks. Glad to have your comment – also I have some more blogs on credit card processing. Please check out, you may find them useful too.

      Thanks
      Sadhu

      (0) 

Leave a Reply