Let me start out by saying that I am not a developer.
I hired a developer to configure Magento and install a bridge that will allows it to interact with Moneris to accept credit card payments. Unfortunately, for a period of two months the system was not configured properly, and a number of fraudulent purchases were made. The client wants me to reimburse them for these transactions. My developer claims he configured the system properly and suspects that one of the times when the online database went down that the system was reset. As a non-developer, I cannot comment on this.
To the best of my knowledge (which isn't saying much), the fields involved were:
- The CVD code returned must be in this list to be a successful transaction
- The AVS code returned must be in this list to be a successful transaction
-Payment Action (Authorise)
Are there any log files or any way of seeing an audit trail of what was done when? Can anyone shed anymore light on this? Any info would be much appreciated. I need to definitively know if we were negligent or not.