Managing Open Invoices and AR with SAP Systems: Q&A on Best Practices for Compliant, Secure, and Streamlined Payments Processing

June 24, 2015

What are your options for simplifying the online processing of open invoices?

CNBS's Gerald Schlechter and Paymetric's Eric Bushman and Jennifer Rossi took readers' questions on online payment processing for SAP systems -- including questions on security, PCI compliance, managing terms and advance payments, customer adoption, and SAP ERP data integration. They also covered some specific questions on CNBS's Web AR solution and the Paymetric XiPay offering. Review all the discussion from this SAPinsider online chat, including:

  • How does online payment processing handle advance payments?
  • If we offer online payment self-services to customers, does this require configuration changes in SAP? 
  • Which payment methods should we support, based on current trends?
  • Does Web AR integrate with external document/archive systems for account statement display?
  • Does SAP support encryption of customer bank information?
  • What is the workaround for “Insufficient Authorization” issues between XiPay and our SAP systems?
  • How do we handle automated card payment for multiple shipments on a sales order?
Live Blog Managing Online Payment & Open Invoices with SAP: Live Q&A June 24 12:30pmET

SAPinsider, Moderator: Thanks to everyone for joining us for today’s SAPinsider Chat! Today we'll be taking your questions on online payment processing in line with your SAP AR systems, and better managing open invoices.

Here today to share some expertise in online payment expertise specifically for SAP solutions are Gerald Schlechter, CEO & CTO of CNBS Software, and Paymetric’s Jennifer Rossi, Vice President, Channel Sales, along with Eric Bushman, Vice President, Solutions Engineering at Paymetric.

Gerald, Jennifer, Eric, thank you all for joining us today!  


Gerald Schlechter, CNBS Software: Hi, I’m Gerald – CEO & CTO of CNBS – welcome! I am very excited to have over 120 people joining us today! I see we have already a lot of great questions coming in … so I better get my last minute finger stretching started … might need to type fast to answer everything :)

Eric Bushman, Paymetric: Hello, this is Eric Bushman. Vice President of Solutions Engineering with Paymetric. It's a pleasure to be with you today! Following Gerald's lead, here is my LinkedIn link.

Jennifer Rossi, Paymetric: Hi Everyone! I'm Jennifer Rossi with Paymetric, Inc. I'm also very excited to working with Gerald today to answer your questions!  


SAPinsider: To start off this chat, just a quick overview: What are the advantages you see for companies that make open invoices accessible to customers? Any specific pitfalls to avoid?

Gerald Schlechter: We live in a world where 24/7 access to information without human interaction gets more and more critical for businesses. This is as well true for online payments. In our personal lives we are using tools to pay bills every month. For our customers this is more and more relevant as well. Web AR allows easy access to relevant finance data, open invoices, invoice documents and statements – allowing the customer to go completely self-service and therefore making it easier to pay, which will result in improved DSO. Immediate cost savings can be achieved by using the Go-Green features of Web AR, which eliminates printing emails or account statements.

Pitfall: Online payment of open invoices is a very straight forward process. Most important is to have a very simple solution, not just to deploy but most important simple to use for the customer. Real time integration with SAP is key!

SAPinsider: Now we'll let you get to those questions that are coming from readers!


Comment From Guest

What's the best approach to handling advance payments with an online payment system? How will that be recognized in SAP?

Gerald Schlechter: Typically an advance payment is handled as separate document posting - basically a credit in FI AR. Open AR solutions should allow you to configure the document type you want to post so you have flexibility. Configuration of ledger account posted will be automatically determined by your SAP FI setup for the document type.

Eric Bushman: To follow on Gerald's response, Paymetric provides solutions for clearing open items on a customer's account in order to help address gaps in SAP's business logic which exist in this area.
By allowing customers the ability to view and pay invoices in a self-service manner you provide a service that many customers (myself included) prefer to use rather than spending time on a phone call with a Customer Service agent.
Paymetric's Open AR (an SAP transaction used by internal users) and Web AR (a service integrated with a website such as the CNBS solution) provide two methods of allowing customer open items to be cleared with an electronic payment - with Web AR being the self-service method.


Comment From KV

Has SAP developed any tools to encrypt a customer or vendor's bank account information to fully protect it against unauthorized retrieval and use?  

Eric Bushman: Currently SAP doesn't have any standard functionality to encrypt or tokenize bank account information in the SAP database. It is possible to add this yourself using the same Function Modules that SAP provides to encrypt credit card numbers - but that would be a custom solution which you must build and maintain.

Paymetric's tokenization functionality can be integrated and leveraged to tokenize other sensitive Personally Identifiable Information (PII) besides credit card numbers, such as bank account numbers, social security numbers, email addresses, etc. Many Paymetric customers are already leveraging Paymetric's tokenization to secure, outside the SAP database, these types of data which are considered sensitive.


Comment From Janet

Is it possible in SAP Open AR to record a deduction from a customer (not partially paying an invoice)? 

Eric Bushman: The Paymetric Open AR program is designed to allow for a Full or Partial payment against an Open Item on a Customer's AR Account with a credit card or electronic check. Open AR does have the ability to exclude any discounts that otherwise would have been relevant based on the Payment Terms the open item was posted to Accounting with. Any discounts or deductions already take into account by SAP when an open item is posted to a customer's AR account will be included already when paying with Open AR. If this doesn't answer your questions, there is always the possibility of Paymetric enhancing Open AR to provide exactly the deduction functionality that you are referring to.


Comment From Ron Doyle

How do vendors set up collections via e-mail in SAP? Interested in sending monthly statements and dunning letters via e-mail on a batch and individual basis.

Gerald Schlechter: SAP offers a couple of options for this. You can set up message types and configure them as PDF output. In addition to that you can then configure invoicing/statement report to trigger the output and send per email. There is, of course, some configuration around SCOT needed to enable email sending via your SAP ECC system. We can definitely follow up on detail concerning that.

With an Online Open AR solution you can send out emails with link to the portal - then the customer can log in and get the invoice or account statement PDF in real time. This will streamline your process, avoid setup in SAP and enable 24/7 access to invoices / statements for your customers.


Comment From Therese-Leigh

When processing an XiPay to an SAP order with more than one line item, it will process the first item that is ready for shipment, but will not process the additional lines when they are due for shipment. Is there a workaround for this? 

Jennifer Rossi: This is correct, if there are multiple shipments on an SAP sales order the system will authorize only the first shipment.
There are few things that you can do for the remaining shipments:
1. You can manually reauthorize the credit card for the remaining shipments as they are ready
2. you can use a Paymetric transaction that can automatically cycle through SAP sales orders in a batch process and look for any credit card reauthorizations that need to occur and then monitor that daily, or 3. Paymetric can help build a simple customization to your sales order processing to do multiple credit card authorizations to cover multiple shipments if at the time of the sales order save process there are multiple schedule lines for shipments created.

Eric Bushman: Another option to consider to solve for this would be to use Paymetric's Auto AR solution. Auto AR is used to automatically process a credit card payment against a customer open item when it is posted with a special Payment Term - like "ZAUT".
This approach introduces risk, in that you are shipping and billing the order prior to attempting to collect the payment, so it may not be something that your company is willing to do, at least not for all orders.
In this scenario you would create the order, enter the card details, and a special Payment Term (e.g., ZAUT). By adding userexit code, SAP would be prevented from attempting an Authorization (unless it is a $0 or $1 pre-authorization) when the Sales Order is SAVED. Instead, SAP would create as many Deliveries and Invoices as necessary, at the times that are determined by Stock Availability, and bill them on the ZAUT Payment Terms. Auto AR would be scheduled to run at least once per day (usually in the evening) and would identify the Open Items by the ZAUT Payment Term. The program would then pull the card number from the Sales Order and attempt to obtain an Authorization for the Invoice amount. If APPROVED, Auto AR would post a clearing document just like Open AR and Web AR.
So whether an order generates one Invoice or multiple Invoices, Auto AR will only attempt to make a payment AFTER the Invoice is generated.
Again, there is a risk here because you've already shipped. But the advantage is SAP automates the payment regardless of how many Invoices are generated from a single order. And the Authorization and Settlement amounts will always match, so the Settlement will always happen within 24 hours of Authorization, and your interchange fees should be minimized as a result.


Comment From Guest

A broad question, but, with email and online payments, what are top requirements for PCI compliance? It tokenization the critical one? Any others?

Eric Bushman: PCI compliance and the security of your customer's data (particularly their credit card details) should always be of primary importance to any payment process you expose in your systems.

Tokenization helps minimize a merchant's risk of having that sensitive payment data breached. By only storing a token, which is a reference to where the actual card number is stored in an encrypted format in an external data vault, there will be no sensitive data within the merchant's own systems to steal and attempt to commit fraud with on another merchant's systems.

In addition, a merchant should ensure that they are adhering to all 12 sections of the PCI requirements. Tokenization helps address Section 3 around securing the card data. Other sections deal with keeping firewalls in place, keeping virus software and OS patches up-to-date, segregating duties of employees and minimizing access to the data as much as possible, etc.

The full PCI 3.0 and 3.1 requirements documentation can be found here.


Comment From Therese-Leigh

When processing an XiPay to an SAP order, various times it will provide an error "Insufficient Authorization" at which time they are unable to deliver and we must process the payment manually. Is there an explanation as to what this error is and how to fix it? 

Eric Bushman: The "Insufficient Authorization" message from SAP can result from a variety of events. Often it is shown because an authorization is declined or an approved authorization has expired as you try to create a delivery or invoice.

In your example, you're unable to create a delivery because of that message. The likely cause is that the Authorization is now considered "expired" by SAP based on your configuration setting for the "Authorization Validity Period" - which is commonly set to 7 days based on advice from your processor.

So the likely workflow is that an Authorization was APPROVED and then, 8 days or more in the future, you attempt to create the delivery and the authorization is now considered expired by SAP. This would cause the error message and prevent you from picking, packing, and PGIing the delivery until you obtain a new authorization by resaving the sales order or entering a manual authorization.

It may also be that you are adding something to the delivery that is causing the value of the delivery to be HIGHER than the value of the authorization you received on the sales order. Commonly this happens when you add Freight or Shipping charges or deliver a quantity that is GREATER than the order quantity. Suddenly you're trying to create a Delivery with a value that is MORE than the Authorization you received. Again, to address this you must obtain a second, "delta" authorization on the Sales Order to be able to pick, pack, and PGI.

Comment From Therese-Leigh

HI Eric, So if the verification has simply expired, will reentering the information provide an additional verification amount in order to process?

Eric Bushman: One simple approach is to go into the Order in CHANGE mode (VA02) and make a simple "change" to the Sales Order (usually putting the cursor in the PO Number field and hitting the SPACE key to add a blank and not really change the order in any material way) and then SAVE the order. This is enough for SAP to invoke the logic to perform a new Authorization attempt.

In addition, Paymetric can advise and assist you with techniques to automate this new Authorization attempt with a userexit code (in various Sales Order and Delivery userexits) or by using Paymetric's Expiring Authorization report in PCMA, which can be run as a scheduled job or as a real-time online transaction.


Comment From Guest

With an existing customer portal, is security/access control a barrier to adding invoice payment to a current portal?

Gerald Schlechter: Totally supported, and a great question around SSO. We have complete SSO integration available. Customers like Nobel Biocare, Firestone, Under Armor, etc., are offering the Web AR functionality through SSO within their existing portals. With our pre-built SSO options we are able to make this typically very complex integration very easy.


Comment From Narayana Reddy

If we need to use Web AR for our customers (self-services), is there a requirement for configuration changes in SAP? If so, any guidelines?

Jennifer Rossi: There are no specific configuration changes that are required when using Web AR. You can utilize all of the existing receivables management configuration.

Gerald Schlechter: Web AR is completely pre-integrated with Paymetric, leveraging Paymetric’s Open AR and Paymetric’s Xi intercept for complete PCI compliance. Any configuration applied to SAP’s FI module or to Paymetric’s Open AR/payment processing is completely leveraged. This eliminates complexity in Web AR deployment and maintenance.


Comment From Matt

With online payment, how are invoices cleared back on the SAP system? 

Gerald Schlechter: Invoices are cleared automatically and in real time according to your configuration in FI Accounts Receivable. Basically, the same process that is configured through Paymetric’s Open AR is leveraged. Settlement and follow-up processes with Paymetric remain as configured today – so no business process change is necessary.

Eric Bushman: Specifically, Web AR (and Open AR) will call a standard SAP transaction (FB05) to post  a clearing document to accounting. Assume the open item was originally for $100. The clearing document which will be posted will show a $100 CREDIT to the Customer AR account and a $100 DEBIT to the appropriate Credit Card Clearing Receivable account. SAP's Settlement program (t-code FCC1) which is run nightly will read the postings made to the Credit Card Clearing Receivable account and transmit them to your Processor for the deposit request each night.


Comment From Guest

What are best practices right now for payment methods? Should we assume that we should include PayPal for a customer payment?  

Jennifer Rossi: The most common electronic payment methods being used now by companies in addition to payment cards are electronic check and PayPal. Bill Me Later is another one that is starting to come up more often.


Comment From Mauricio

How does SAP handle automatically a situation where a vendor sends an amount below, for example say 8 pieces, but its invoice is for 10 pieces because it doesn’t count pieces, instead it weighs raw materials. The problem is we need to recognize his invoice for 10 pieces, pay for 10, and then take a credit memo from him. How is this done automatically?

Gerald Schlechter: This is actually a vendor GR/IR topic on your side I assume, and not so much Customer AR, but I still want to give some direction on this.

On your side you could set up an automatic rule through message determination that triggers by reason code a credit memo in your system automatically. I am more than happy to follow up after this and discuss possible solutions.


Comment From Leslie

Is there a guide available for transitioning from MISO to FB60 invoicing, and what configurations may need to be changed in FI AR?

Gerald Schlechter: Unfortunately not, but here is an SAP Note with some guidance. Please check related notes as well: Note 904652 - MIRO: Different from FB60.


Comment From Guest

What's a typical workflow on the customer side to confirm payment? Is there an alert? Can they download invoices and account statements?

Gerald Schlechter: The customer can set the option to print the payment confirmation or to get an email confirmation sent.

In addition to that, the customer can, of course, access invoices and account statements in PDF format through the portal and download them if required.


Comment From Guest

Does Web AR integrate with external document systems/archive systems for account statement display?

Gerald Schlechter: Yes, we have tight integration into Esker and we have numerous other custom implementations where we integrate with external document systems through web services. Of course SAP solutions are covered as well.


Comment From Guest

Any suggestion for concerns about managing security/access control for views on the customer side?

Gerald Schlechter: Security is very important with SAP - the solution leverages SAP security and authorization concept to make sure only allowed and relevant data is accessible.

Web AR has a registration cockpit for new user request. Web AR user accounts are linked to the customer master and granting access to information of the linked customer only. Further SAP’s user authorization roles (PFCG) are completely leveraged to secure that only data is provided and generated that is authorized to view. The registration cockpit allows power users at a customer to maintain their users themselves. This takes the burden of user management off your Finance department.


Comment From Ken

You mentioned real-time invoice information from SAP. Can you explain how that is supported here?

Gerald Schlechter: Web AR is all about real time integration and getting data directly out of SAP. There is no synchronized data in an external database. Your customer has access to same information as the FI AR person, which is critical in today’s world – in case a customer calls, there is not disconnect between the information the customer sees and what the internal staff has. Of course we can configure what information (what fields, etc.) the customer can see and how it is formatted. Look and feel can be completely adjusted to your requirements.

Eric Bushman: To add to Gerald's comments, the open items are retrieved real-time from SAP by using internal SAP function modules to read the open items on a customer’s account and then display them in the Web AR interface. The payments made in Web AR are also immediately reflected in the SAP ledger because the clearing also happens in real-time.


SAPinsider: As we head toward 1:30, we will have to wrap up this Q&A for today. Thanks to everyone who joined us, and for all your questions. And of course, a big thanks to CNBS Software’s Gerald Schlechter and Paymetric’s Jennifer Rossi and Eric Bushman for taking the time for these questions today.


Eric Bushman: Thank you again for all of your questions today!

Should you have any additional questions that you'd like to send directly to me, feel free to send those questions to


Gerald Schlechter: Thanks everyone for great questions - really enjoyed it! Don't hesitate to reach out to me if anything was not answered:

Gerald Schlechter

Tel: (859) 309-4414

Or reach me via LinkedIn or on the CNBS Software site


Jennifer Rossi: Thank you to everyone that participated for today, please feel free to contact me directly with any additional questions at and additional information can be found on the Paymetric website.


SAPinsider: Thanks for joining in today!

An email has been sent to:

More from SAPinsider