Quantum Gateway is a merchant gateway solution that supports 3D Secure for Visa & MasterCard Transactions in WHMCS.

If you don't yet have an account, visit www.whmcs.com/partners/quantum-gateway/ for more information.

Supported Features

Setup

• You must use your Quantum gateway login id as your username
• If you don't have your RestrictKey, you can easily generate it by login into your Quantum Gateway merchant center and going to the Processing settings area. Scroll down until you see the "RestrictKey" area. Click the generate button, check the "Use restriction key" box, and finally click the UPDATE button. That is your new restriction key (Transaction Key).

MD5 Hash Verification

The MD5 Hash in the Quantum Gateway module is used to prevent forged callback requests. To set this up, you simply need to define a secret key value inside your Quantum Gateway account and then enter the same value into your WHMCS installation Quantum Gateway config in Setup > Payment Gateways.

Quantum also now have an "Include Response In Hash" setting which you should set to "No" within the account settings area.

Quantum Vault Service

Supported Features

The Vault Solution from Quantum Gateway enables you to accept credit cards through your site while completely avoiding the hassles of PCI compliance and here at WHMCS we were one of the first to offer this new service to Quantum users.

For more information visit the Quantum Vault page

How does it work?

1. The customer leaves your site to perform 3D Secure authentication (exactly the same as they already do now) but the difference is they enter their card details once they've left your site aswell so that the card details never pass through your site
2. The customer can still edit their card held on file at any time from the client area
3. WHMCS can still request the card is rebilled whenever needed meaning fully automated recurring billing can continue as before and manual captures at any time are also still possible - it's just like you have the card details stored locally

Why does it avoid PCI compliance?

1. No cardholder data ever touches or passes through your Network, Server or WHMCS System
2. No cardholder data is ever retained or stored on your Network, Server or WHMCS system

Configuration/Setup

You will find the module in the Setup > Payment Gateways area listed as Quantum Vault which you can activate and configure in the same way as the regular module.

For existing Quantum Gateway users, there is also a vault migration script available to transfer all your existing clients card details over to the vault automatically and remove them from your local database. It can be downloaded from http://www.whmcs.com/members/dl.php?type=d&id=117

Inside your Quantum Gateway account, you will need to configure and API Username, Key and Vault Key to use the Vault API, and in the Inline Frame API settings where it asks for various urls, you should leave all of those fields blank.

Contrary to what you might think, you should leave the "Disable Credit Card Storage" setting unticked in Setup > General Settings > Security as that will disable entry by a client.