AIM does not use a form post to their servers. For AIM the form posts to an API script on your site, which then processes and formats the data and securely transmits it to authnet. Authnet provides sample code for several languages.

IMHO, you should avoid sending sensitive data to another site via standard html form post.

In both cases, the data is securely transmitted via a secure SSL channel. There is no security advantage that one method holds over another.

The AIM method offers more flexibility in designing your payment methods webpage, as the customer input task is logically separated from the data submission task.

Welcome aboard singlehouse03, the process is a little complicated but here is the basic method for AIM (For those reading, this is Advanced Integration Method, as opposed to Simple.)

As said, make sure this is in a SECURE location on your server, https, or it will not work. AIM will reject any post from non-ssl.

1. Submit form to YOUR script

2. Your script uses cuRL to silently post to A.N.,

3. Your script receives response from A.N. Depending on the response, you either a) return an error to the browser, or b) update database, send emails, etc.

4. Return response to the browser, which in one scenario may be directly to the member control panel of a paid subscription service.

Note the important part here is cURL. Curl allows you to post to the server and "listen" for a response. The overall effect is that the user never leaves your site.

Dig though their documentation. They have sample code for ASP, PHP, and I think even perl (they used to anyway . . . )