I have a strange problem, I'm trying to figure out.
I'm using PHP and REST API.
This is the scenario:
Users press the checkout button
Payment is approved
Payment is executed
User is redirected to the completed purchase page
Few seconds later, Cancel URL of the transaction is called (like when users clicks on Cancel and return to merchant button, instead of approving the payment).
Out of about 100 transactions I had 3 which manifested this way on all 3 the payment was actually made, and the funds where available. I have checked the server access log files and 2 of them were using iOS 9.3.1 and one was an iOS 9.2.1. How is this possible?
My guess is that they somehow hit the back button and then the cancel button, can this be the case?
My cancel URL contains a script which sets the order status to canceled, should I adjust the script to only set the status to canceled if the order wasn't previously executed.
Can anybody still cancel the payment AFTER I have executed the payment?