composer require payone-gmbh/magento-2
php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento cache:clean

From a purely technical point of view, querying the CVC is optional. However, most end customers are used to the query.

In some cases there can be an interference between our plugin and the Amazon plugin provided in the Magento Core. So if you encounter "strange behavior" like disapperaing amazon buttons, you could try the following command in the magento root:

php bin/magento module:disable Amazon_Payment

The Klarna payment methods:

• Klarna Pay Later
• Klarna Pay Now
• Klarna Slice it

are grouped in a Klarna Base Payment method.

In addition to the configuration in Magento, it is also necessary to set up the corresponding certificates to operate Apple Pay as a payment method. You can find instructions for this here: Special Remarks - Apple Pay

Additionally, Apple requires validation of the store domain for Apple Pay. To do this, follow the instructions in the Apple Developer Portal:

Simple Protect is currently under beta stage. If you want to use this functionality you have to download the PAYONE Integration from the Simple Protect branch:

After that, please follow the intructions for installing the Simple Protect Template here:

Please be aware that all functions described in the legacy part of this documentation won't be available anymore when using simple protect. For the time being, we also don't offer a migration mechanism.

This option only affects requests regarding the PAYONE - API like adresscheck or consumerscore. Any other code will be executed as developed.

<?php

/**
 * PAYONE Magento 2 Connector is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * PAYONE Magento 2 Connector is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with PAYONE Magento 2 Connector. If not, see <http://www.gnu.org/licenses/>.
 *
 * PHP version 5
 *
 * @category  Payone
 * @package   Payone_Magento2_SimpleProtect
 * @author    FATCHIP GmbH <support@fatchip.de>
 * @copyright 2003 - 2019 Payone GmbH
 * @license   <http://www.gnu.org/licenses/> GNU Lesser General Public License
 * @link      http://www.payone.de
 */

namespace Payone\SimpleProtect\Model\SimpleProtect;

use Magento\Payment\Model\MethodInterface;
use Magento\Quote\Model\Quote;
use Payone\Core\Model\SimpleProtect\SimpleProtect as OrigSimpleProtect;
use Payone\Core\Model\PayoneConfig;
use Magento\Customer\Api\Data\CustomerInterface;
use Magento\Quote\Model\Quote\Address;
use Payone\Core\Model\Source\AddressCheckType;
use Payone\Core\Model\Source\CreditratingCheckType;
use Magento\Framework\Exception\LocalizedException;
use Payone\Core\Model\Exception\FilterMethodListException;
use Payone\Core\Model\Api\Response\AddresscheckResponse;
use Payone\Core\Model\Api\Response\ConsumerscoreResponse;
use Magento\Quote\Api\Data\AddressInterface;
use Magento\Store\Model\ScopeInterface;

class SimpleProtect extends OrigSimpleProtect
{
    const MODULE_VERSION = '1.0.0';

    /**
     * Whitelist of safe payment methods
     *
     * @var array
     */
    protected $safePaymentMethods = [
        PayoneConfig::METHOD_ADVANCE_PAYMENT,
        PayoneConfig::METHOD_CREDITCARD,
        PayoneConfig::METHOD_PAYPAL
    ];

    /**
     * PAYONE Protect model providing access to consumerscore and addresscheck requests
     *
     * @var \Payone\Core\Model\SimpleProtect\ProtectFunnel
     */
    protected $protectFunnel;

    /**
     * Database connection resource
     *
     * @var \Magento\Framework\App\ResourceConnection
     */
    protected $databaseResource;

    /**
     * Checkout session object
     *
     * @var \Magento\Checkout\Model\Session\Proxy
     */
    protected $checkoutSession;

    /**
     * Scope config object
     *
     * @var \Magento\Framework\App\Config\ScopeConfigInterface
     */
    protected $scopeConfig;

    /**
     * Constructor
     *
     * @param \Payone\Core\Model\SimpleProtect\ProtectFunnel     $protectFunnel
     * @param \Magento\Framework\App\ResourceConnection          $resource
     * @param \Magento\Checkout\Model\Session\Proxy              $checkoutSession
     * @param \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
     */
    public function __construct(
        \Payone\Core\Model\SimpleProtect\ProtectFunnel $protectFunnel,
        \Magento\Framework\App\ResourceConnection $resource,
        \Magento\Checkout\Model\Session\Proxy $checkoutSession,
        \Magento\Framework\App\Config\ScopeConfigInterface $scopeConfig
    ) {
        parent::__construct($protectFunnel);
        $this->databaseResource = $resource;
        $this->checkoutSession = $checkoutSession;
        $this->scopeConfig = $scopeConfig;
    }

    /**
     * Returns configured operation mode used for the addresscheck and consumerscore
     *
     * @return string
     */
    public function getOperationMode()
    {
        return $this->scopeConfig->getValue('payone_general/global/protect_mode', ScopeInterface::SCOPE_STORES);
    }

    /**
     * Get count of customers orders
     *
     * @param CustomerInterface $oCustomer
     * @return int
     */
    protected function getCustomersOrderCount(CustomerInterface $oCustomer)
    {
        $db = $this->databaseResource->getConnection();
        $oSelect = $db->select()
            ->from($this->databaseResource->getTableName('sales_order'), ['COUNT(entity_id)'])
            ->where("customer_id = :customerId");
        $iCount = $db->fetchOne($oSelect, ['customerId' => $oCustomer->getId()]);
        if ($iCount === null) {
            return 0;
        }
        return $iCount;
    }

    /**
     * Check if the customer has ordered before
     *
     * @param CustomerInterface $oCustomer
     * @return bool
     */
    protected function isRecurringCustomer(CustomerInterface $oCustomer)
    {
        if ($this->getCustomersOrderCount($oCustomer) == 0) {
            return false;
        }
        return true;
    }

    /**
     * Possibility to whiteliste customers with custom functionality
     *
     * @param  CustomerInterface $oCustomer
     * @return bool
     */
    protected function isCustomerWhitelisted(CustomerInterface $oCustomer)
    {
        return true; // implement this for yourself or remove completely
    }

    /**
     * Generate hash of given address for comparison
     *
     * @param  Address $oAddress
     * @return string
     */
    protected function getAddressHash(Address $oAddress) {
        $sAddress  = $oAddress->getFirstname();
        $sAddress .= $oAddress->getLastname();
        $sAddress .= $oAddress->getCity();
        $sAddress .= $oAddress->getPostcode();
        $sAddress .= $oAddress->getCountry();
        $sAddress .= $oAddress->getStreetFull();

        return md5($sAddress);
    }

    /**
     * Compare given addresses, return true if they are the same
     *
     * @param  Address $oBilling
     * @param  Address $oShipping
     * @return bool
     */
    protected function isBillingAndShippingAddressTheSame(Address $oBilling, Address $oShipping)
    {
        if ($this->getAddressHash($oBilling) != $this->getAddressHash($oShipping)) {
            return false;
        }
        return true;
    }

    /**
     * Filter out all payment methods except for the safe payment methods
     *
     * @param  MethodInterface[] $aPaymentMethods
     * @return MethodInterface[]
     */
    protected function getSafePaymentMethods($aPaymentMethods)
    {
        $aReturn = [];
        foreach ($aPaymentMethods as $oPaymentMethod) {
            if (in_array($oPaymentMethod->getCode(), $this->safePaymentMethods) === true) {
                $aReturn[] = $oPaymentMethod;
            }
        }
        return $aReturn;
    }

    /**
     * Examples of all the options for addresscheck usage
     *
     * @param  Quote $oQuote
     * @return AddresscheckResponse|bool
     */
    protected function executeAddresscheck(Quote $oQuote)
    {
        $oAddress = $oQuote->getBillingAddress();
        #$oAddress = $oQuote->getShippingAddress();

        #$sAddresscheckType = AddressCheckType::NONE;
        $sAddresscheckType = AddressCheckType::BASIC;
        #$sAddresscheckType = AddressCheckType::PERSON;
        #$sAddresscheckType = AddressCheckType::BONIVERSUM_BASIC;
        #$sAddresscheckType = AddressCheckType::BONIVERSUM_PERSON;

        return $this->protectFunnel->executeAddresscheck($oAddress, $this->getOperationMode(), $sAddresscheckType, $this->getModuleVersion());
    }

    /**
     * Examples of all the options for consumerscore usage
     *
     * @param  Quote $oQuote
     * @return ConsumerscoreResponse|bool
     */
    protected function executeConsumerscore(Quote $oQuote)
    {
        $oAddress = $oQuote->getBillingAddress();
        #$oAddress = $oQuote->getShippingAddress();

        #$sConsumerscoreType = CreditratingCheckType::INFOSCORE_HARD;
        $sConsumerscoreType = CreditratingCheckType::INFOSCORE_ALL;
        #$sConsumerscoreType = CreditratingCheckType::INFOSCORE_ALL_BONI;
        #$sConsumerscoreType = CreditratingCheckType::BONIVERSUM_VERITA;

        $sAddresscheckType = AddressCheckType::NONE;
        #$sAddresscheckType = AddressCheckType::BASIC;
        #$sAddresscheckType = AddressCheckType::PERSON;
        #$sAddresscheckType = AddressCheckType::BONIVERSUM_BASIC;
        #$sAddresscheckType = AddressCheckType::BONIVERSUM_PERSON;

        return $this->protectFunnel->executeConsumerscore($oAddress, $this->getOperationMode(), $sConsumerscoreType, $sAddresscheckType, $this->getModuleVersion());
    }

    /**
     * Check rules for recurring registered customers
     *
     * @param  Quote $oQuote
     * @return bool
     */
    protected function isOnlySafePaymentApplicableForRecurringCustomer(Quote $oQuote)
    {
        if ($oQuote->getBaseGrandTotal() > 400 || $this->isCustomerWhitelisted($oQuote->getCustomer()) === false) {
            return true;
        }
        return false;
    }

    /**
     * Check rules for first time registered customer
     *
     * @param  Quote $oQuote
     * @param  bool  $blIsPrePaymentSelection
     * @return bool
     */
    protected function isOnlySafePaymentApplicableForInitialOrder(Quote $oQuote, $blIsPrePaymentSelection)
    {
        if ($blIsPrePaymentSelection === false && $this->isBillingAndShippingAddressTheSame($oQuote->getBillingAddress(), $oQuote->getShippingAddress()) === false) {
            return true;
        }

        if ($oQuote->getBaseGrandTotal() > 120) {
            return true;
        }

        if ($blIsPrePaymentSelection === false && !in_array($oQuote->getPayment()->getMethodInstance()->getCode(), $this->safePaymentMethods)) {
            $oResponse = $this->executeConsumerscore($oQuote);
            if ($oResponse instanceof ConsumerscoreResponse && ($oResponse->getStatus() != 'VALID' || $oResponse->getScore() != 'G')) {
                return true;
            }
        }
        return false;
    }

    /**
     * Check if only safe payment methods are applicable
     *
     * @param  Quote $oQuote
     * @param  bool  $blIsPrePaymentSelection
     * @return bool
     */
    protected function isOnlySafePaymentApplicable(Quote $oQuote, $blIsPrePaymentSelection)
    {
        if ($this->checkoutSession->getPayoneSimpleProtectOnlySafePaymentsAllowed() === true) {
            return true;
        }

        if ($oQuote->getCustomerId() === null) { // if guest checkout
            return true;
        }

        if ($this->isRecurringCustomer($oQuote->getCustomer()) === true) {
            return $this->isOnlySafePaymentApplicableForRecurringCustomer($oQuote);
        }
        return $this->isOnlySafePaymentApplicableForInitialOrder($oQuote, $blIsPrePaymentSelection);
    }

    /************************* MAIN SIMPLEPROTECT HOOKS *************************/

    /**
     * This method can be extended for individual custom behaviour
     *
     * Extending this method gives the following possibilities:
     * 1. Filtering out payment methods based on your own rule set
     * 2. Throwing a LocalizedException to send the user back to shipping method selection
     *
     * @param  Quote             $oQuote
     * @param  MethodInterface[] $aPaymentMethods
     * @return MethodInterface[]
     */
    public function handlePrePaymentSelection(Quote $oQuote, $aPaymentMethods)
    {
        if ($this->isOnlySafePaymentApplicable($oQuote, true) === true) {
            return $this->getSafePaymentMethods($aPaymentMethods);
        }
        return $aPaymentMethods;
    }

    /**
     * This method can be extended for individual custom behaviour
     *
     * Extending this method gives the following possibilities:
     * 1. Throwing a LocalizedException will stop the order creation and throw the user back to payment selection with the given thrown message
     * 2. Throwing a FilterMethodListException with an array of safe payment methods will stop the order creation and
     *    throw the user back to payment selection with the given thrown message and remove all other payment methods except for the given ones
     * 3. Finishing the method - so throwing no Exception will finish the order creation
     *
     * @param  Quote $oQuote
     * @return void
     * @throws LocalizedException
     * @throws FilterMethodListException
     */
    public function handlePostPaymentSelection(Quote $oQuote)
    {
        if ($this->isOnlySafePaymentApplicable($oQuote, false) === true) {
            $sMethodCode = $oQuote->getPayment()->getMethodInstance()->getCode();
            if (!in_array($sMethodCode, $this->safePaymentMethods)) {
                $this->checkoutSession->setPayoneSimpleProtectOnlySafePaymentsAllowed(true);
                throw new FilterMethodListException(__('Please select another payment method.'), $this->safePaymentMethods);
            }
        }
    }

    /**
     * This method can be extended to transfer the version of your Simple-Protect implementation to Payone
     * It is recommended to transfer the name of your module and the version, otherwise Payone doesn't know that it is a Simple-Protect call
     *
     * @return string|null
     */
    public function getModuleVersion()
    {
        return 'Payone_SimpleProtect-'.self::MODULE_VERSION;
    }
}

We're curating more samples at Magento 2 - Simple Protect. Here you will find more information on how to gain data for your decisions. You're also invited to add more examples as issues on github or vial email at docs@payone.com.

@param  Quote $oQuote
@param  MethodInterface[] $aPaymentMethods
@return MethodInterface[]

public function handlePrePaymentSelection(Quote $oQuote, $aPaymentMethods)
{
    if ($this->isOnlySafePaymentApplicable($oQuote, true) === true) {
        return $this->getSafePaymentMethods($aPaymentMethods);
    }
    return $aPaymentMethods;
}

@param  Quote $oQuote
@return void
@throws LocalizedException
@throws FilterMethodListException

public function handlePostPaymentSelection(Quote $oQuote)
{
    if ($this->isOnlySafePaymentApplicable($oQuote, false) === true) {
        $sMethodCode = $oQuote->getPayment()->getMethodInstance()->getCode();
        if (!in_array($sMethodCode, $this->safePaymentMethods)) {
            $this->checkoutSession->setPayoneSimpleProtectOnlySafePaymentsAllowed(true);
            throw new FilterMethodListException(__('Please select another payment method.'), $this->safePaymentMethods);
        }
    }
}

@param AddressInterface $oAddressData
@param bool $blIsVirtual
@param double $dTotal
@return AddressInterface|bool
@throws LocalizedException

public function handleEnterOrChangeBillingAddress(AddressInterface $oAddressData, $blIsVirtual, $dTotal)
    {
        $response = $this->protectFunnel->executeAddresscheck($oAddressData, $this->getOperationMode(), AddressCheckType::BASIC);
        if ($oAddressData->getCity() == "FalscheStadt") {
            $oAddressData->setCity($response->getCity());
            return $oAddressData;
        }
        return true;
    }

@param AddressInterface $oAddressData
@param bool $blIsVirtual
@param double $dTotal
@return AddressInterface|bool
@throws LocalizedException

public function handleEnterOrChangeShippingAddress(AddressInterface $oAddressData, $blIsVirtual, $dTotal)
    {
        $response = $this->protectFunnel->executeAddresscheck($oAddressData, $this->getOperationMode(), AddressCheckType::BASIC);
        if ($oAddressData->getCity() == "FalscheStadt") {
            $oAddressData->setCity($response->getCity());
            return $oAddressData;
        }
        return true;
    }

• Click on PAYONE → Protect
  
  

Address Validation

Credit Assessment

• Click on PAYONE → API
  
  
  

In this overview you will find all requests from the Magento shop to the PAYONE platform as well as the answers of the PAYONE platform to these requests. Only the requests that were transmitted to the PAYONE platform via Client API are not listed in this overview. This applies to credit card information that is transferred directly from the buyer's browser to the PAYONE platform using Ajax technology so that your shop does not come into contact with sensitive credit card information. By clicking on View, you can display an API request in detail.

In the left column you can see the request that the Magento shop has sent to the PAYONE platform. On the right you will find the answer. A detailed explanation of the respective parameters can be found in the technical documentation of the PAYONE platform in the PAYONE Merchant Interface (PMI) under Downloads → Documentation.

• Click on PAYONE → Transactionsstatus
  
  

The Transactions submenu item displays Magento received transaction status notifications for each order and transaction. These notifications are sent from the PAYONE platform to your shop. If there are any errors, you can find out here whether the transaction status was received correctly and what the current status is for a transaction. By clicking on View, you can display details on a transaction status.

On the details page, you will see all the transaction status information transmitted through the PAYONE platform to your shop. Thus, you can always track which data your Magento shop has received and processed.

A detailed explanation of the respective parameters can be found in the technical documentation of the PAYONE platform in the PAYONE Merchant Interface (PMI) under Downloads → Documentation.