Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
developer:api_specification:hpp_secure_card_features [2019/10/07 08:48]
branko
developer:api_specification:hpp_secure_card_features [2019/10/07 09:15] (current)
branko
Line 1: Line 1:
 +====== Hosted Page Secure Card Feature =======
 +
 +~~TOC~~
 +
 +
 +\\
 +This feature enables you to register a Secure Card using the Hosted Page method. For more details on Secure Cards, please visit the **[[merchant:​new_merchant:​products#​secure_card|Products]]** page.
 +
 +Use the Request URL and the Request Body Fields to perform a request for this feature, then put in place your Secure Card URL so the Gateway can use the Response Body Fields to send the registration'​s response.
 +
 +===== Secure Card Registration and Update =====
 +
 +  * REQUEST URL: **%URLSecureCard**
 +
 +==== Request Body Fields ====
 +
 +<​searchtable>​
 +^ **FIELD** ^ **REQUIRED** ^ **DESCRIPTION** ^
 +| ACTION ​    | Y | Values can be: register or update. |
 +| TERMINALID | Y | A TerminalID provided by %CompanyName. |
 +| MERCHANTREF| Y | Unique reference assigned by the Merchant site/ solution to identify the stored card details. The length is limited to 48 characters. |
 +| EMAIL | N | Cardholder e-mail, which is going to be used, if sent, to provide the cardholder with receipt notifications when the transactions is processed. See note **ND0003 - E-mail field behavior and settings**. |
 +| DATETIME ​  | Y | Date and time of the request. Format: DD-MM-YYYY:​HH:​MM:​SS:​SSS. |
 +| HASH       ​| ​ Y  | A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**,​ in the next section. |
 +| STOREDCREDENTIALUSE |  N  | Values can be: UNSCHEDULED,​ INSTALLMENT or RECURRING. See note ND0004 - Stored Credential use field behaviour and settings |
 +</​searchtable>​
 +\\
 +\\
 +
 +==== Notes and Details About the Request ====
 +
 +**ND001 - Hash Formation**
 +
 +The gerenal rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page. For this specific feature, you should use the following formats:
 +
 +<WRAP center box 100%>
 +TERMINALID:​MERCHANTREF:​DATETIME:​ACTION:​SECRET
 +</​WRAP>​
 +
 +**ND002 - Valid Secure Card Update**
 +
 +To initiate card details updating, the value of the ACTION parameter should be changed to “update”. Also, in case you want to update a Secure Card of MERCHANTREF **1234321**,​ a Secure Card should already exist with this same MERCHANTREF,​ or the updated won't preoceed.
 +
 +**ND0003 - E-mail field behavior and settings**
 +
 +This field is available for all terminal, but depending on configuration (**SC Hosted Page email field setup**), it might have one of the following behaviors when the customer gets to the hosted payment page: \\ **Hidden** - the gateway accepts the field, if sent, and adds it to the transaction,​ but does not show it for the customer); \\ **Visible** - the gateway accepts the field, if sent, and adds it to the transaction,​ also shows the field on the hosted payment page, and the user can changed it or not. In this last case, the field can be made optional or mandatory.
 +
 +**ND0004 - Stored Credential use field behaviour and settings**
 +
 +This feature is currently available to TSYS Saratoga terminals and is configurable by customer support. This field will have the following behaviour:
 +Hidden - the gateway accepts the field, if sent, and adds it to the transaction,​ but does not show it for the customer.
 +
 +Note: STOREDCREDENTIALTXTYPE set as FIRST_TXN by default
 +
 +\\
 +
 +==== Examples for a Request ====
 +
 +  * **Scenario**:​ Minimum request, with only mandatory data.
 +  * **Terminal Secret**: x4n35c32RT.
 +
 +<code html>
 +<​html>​
 +  <​body>​
 +    <form action="​%URLTestPayments"​ method="​post">​
 +        <input type="​hidden"​ name="​ACTION"​ value="​register"​ />
 +        <input type="​hidden"​ name="​TERMINALID"​ value="​6491002"​ />
 + <input type="​hidden"​ name="​MERCHANTREF"​ value="​1234321"​ />
 + <input type="​hidden"​ name="​DATETIME"​ value="​15-3-2006:​10:​43:​01:​673"​ />
 + <input type="​hidden"​ name="​HASH"​ value="​c3ce23e5e27d2863d116a6f9c8d63f5e"​ />
 + <input type="​submit"​ value="​Register"​ />
 +    </​form>​
 +  </​body>​
 +</​html>​
 +</​code>  ​
 +
 +<WRAP center important 100%>
 +**REMEMBER** to change the Terminal Id and Terminal Secret for valid values.
 +Verify the **[[developer:​integration_docs|Integration Docs]]** for viable examples or contact our support team.
 +</​WRAP>​
 +
 +
 +\\
 +
 +==== Response Body Fields ====
 +
 +Assuming valid details were sent, the Hosted Registration or Update page will be displayed, clicking on “Register” or “Update” will save the card details, result GET parameters will be forwarded to the Secure Card URL that is configured on the Terminal Setup page. The response body field will be:
 +
 +<​searchtable>​
 +^ **FIELD** ^ **DESCRIPTION** ^
 +| RESPONSECODE | **A**: Approval. \\ **Error Code**: Verify the ND002 for more details on possible values. |
 +| RESPONSETEXT | The text of the response. |
 +| MASKEDCARDNUMBER| The registered/ updated card number (obfuscated).|
 +| MERCHANTREF ​  | Original SECURECARDMERCHANTREF provided by the Merchant on request. |
 +| CARDREFERENCE | Generated card reference. |
 +| CARDTYPE ​     | Card Type used for the transaction.\\ For more details on this, visit **[[developer:​api_specification:​special_fields_and_parameters#​the_card_types|Special Fields and Parameters - Card Types]]**. |
 +| CARDEXPIRY ​   | Expiry date of the card. |
 +| DATETIME | The time of the registration. Format: DD-MM-YYYY:​HH:​MM:​SS:​SSS. |
 +| HASH | A HASH code formed by part of the response fields. The formation rule is given at the **ND001 - Hash Formation**,​ in the next section. ​ |
 +| STOREDCREDENTIALUSE | Same as informed at the transaction'​s request. Returned if informed on request |
 +| STOREDCREDENTIALTXTYPE | set as FIRST_TXN by default |
 +| BRANDTXIDENTIFIER | If STOREDCREDENTIALUSE is sent in request and secure card is validated - then returned by acquirer |
 +</​searchtable>​
 +\\
 +\\
 +
 +==== Notes and Details on the Response ====
 +
 +**ND001 - Hash Formation**
 +
 +The gerenal rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page, under the **[[developer:​api_specification:​special_fields_and_parameters#​the_hash_parameter|Special Fields and Parameters]]** section.
 +
 +For this specific feature, you should consider the following formats:
 +
 +<WRAP center box 100%>
 +TERMINALID:​RESPONSECODE:​RESPONSETEXT:​MERCHANTREF:​CARDREFERENCE:​DATETIME:​SECRET
 +</​WRAP>​
 +
 +**ND002 - Response Codes - Errors **
 +
 +{gateway=testhelpdeskglobaloneme.worldnettps.com}{gateway=helpdesk.globalone.me}{gateway=helpdesk.nuvei.com}{gateway=testhelpdesknuveicom.worldnettps.com}
 +^ **Error Code** ^ **Description** ^
 +| E01        | SYSTEM ERROR – TRY AGAIN| ​
 +| E03        | OPERATION NOT ALLOWED |
 +| E04        | INVALID REFERENCE DETAILS| ​
 +| E05        | INVALID CARD TYPE| 
 +| E06        | INVALID TERMINALID |
 +| E07        | METHOD NOT SUPPORTED| ​
 +| E08        | INVALID MERCHANTREF| ​
 +| E09        | INVALID DATETIME|
 +| E10        | INVALID CARDNUMBER| ​
 +| E11        | INVALID CARDEXPIRY| ​
 +| E12        | INVALID CARDHOLDERNAME |
 +| E13        | INVALID HASH|
 +{/gateway}
 +
 +{gateway=testdocs.worldnettps.com}{gateway=docs.worldnettps.com}{gateway=testdocsanywherecommercecom.worldnettps.com}{gateway=docs.anywherecommerce.com}
 +^ **Error Code** ^ **Description** ^
 +| E01        | SYSTEM ERROR – TRY AGAIN| ​
 +| E03        | OPERATION NOT ALLOWED |
 +| E04        | INVALID REFERENCE DETAILS| ​
 +| E05        | INVALID CARD TYPE| 
 +| E06        | INVALID TERMINALID |
 +| E07        | METHOD NOT SUPPORTED| ​
 +| E08        | INVALID MERCHANTREF| ​
 +| E09        | INVALID DATETIME|
 +| E10        | INVALID CARDNUMBER| ​
 +| E11        | INVALID CARDEXPIRY| ​
 +| E12        | INVALID CARDHOLDERNAME |
 +| E13        | INVALID HASH|
 +| E14        | CVV VALIDATION FAILED|  ​
 +{/gateway}
 +
 +\\
 +
 +==== General Constraints and Rules Related to the Feature ====
 +
 +<​searchtable>​
 +^ **CONSTRAINT** ^ **DESCRIPTION** ^
 +| C001 | If invalid parameter values are sent, an Error Page will appear and the web browser will not be redirected to the Secure Card Receipt Page. This should not happen in a production environment after integration is completed. |
 +</​searchtable>​
 +\\
 +\\
 +
 +
  
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International