Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
developer:api_specification:xml_3d_secure [2019/07/02 09:06]
127.0.0.1 external edit
developer:api_specification:xml_3d_secure [2020/10/08 10:30] (current)
Line 13: Line 13:
  
 <WRAP center important 100%> <WRAP center important 100%>
-**PSD2 and String ​Customer Authentication (SCA)**+**PSD2 and Strong ​Customer Authentication (SCA)**
  
-The Payment Services Directive 2 (PSD2) comes into force in 2019 (only applicable in EU) and you might need to be prepared to provide SCA for your payments. Take a closer look at our **[[https://​worldnettps.com/​psd2-faq/|F.A.Q]]** in case you have more questions.+The Payment Services Directive 2 (PSD2) comes into force in December 2020 (only applicable in EU) and you might need to be prepared to provide SCA for your payments. Take a closer look at our **[[https://​resources.worldnetpayments.com/blog/​psd2-faq|F.A.Q]]** in case you have more questions.
 </​WRAP>​ </​WRAP>​
 \\ \\
 +The process is described in the flowchart below.
  
 +{{:​developer:​api_specification:​xml_detailed_3_.png?​820|}}
 +
 +1. A POST request is made to the %CompanyName server. The server will handle the user authentication. ​
 +
 +2. After authentication,​ the server will redirect to the URL set in the MPI Receipt URL in the `Selfcare > Settings > Terminal` section with the authentication results passed in the URL.
 +
 +3. In your integration add the MPIREF code to your XML payment and send a payment load to the XML Request URL. For further details, check [[developer:​api_specification:​xml_payment_features|XML Payment Features]].
 +
 +4. If the payment is successful, the server will return an approval message. ​
 +
 +\\
 The following resources are the same for all the requests and responses you find in this page: The following resources are the same for all the requests and responses you find in this page:
  
Line 52: Line 64:
 | TERMINALID ​ | Y | A Terminal ID provided by %CompanyName. NB - Please contact %CompanyName to be issued with a test terminal ID.  | | TERMINALID ​ | Y | A Terminal ID provided by %CompanyName. NB - Please contact %CompanyName to be issued with a test terminal ID.  |
 | CARDNUMBER ​ | Y | The payment card number. | | CARDNUMBER ​ | Y | The payment card number. |
 +| **CARDHOLDERNAME** ​ | Y | Required for 3DS 2.0 - The name on the front of the credit card. |
 | CARDEXPIRY ​ | Y | 4 digit expiry field (MMYY). | | CARDEXPIRY ​ | Y | 4 digit expiry field (MMYY). |
 | CARDTYPE ​   | Y | See **[[developer:​api_specification:​special_fields_and_parameters#​the_card_types| Card Types]]** section. | | CARDTYPE ​   | Y | See **[[developer:​api_specification:​special_fields_and_parameters#​the_card_types| Card Types]]** section. |
Line 62: Line 75:
 </​searchtable>​ </​searchtable>​
 \\ \\
 +The HTML example below shows how to build a form to request Strong Customer Authentication from %CompanyName.
 +
 +
 +<code html>
 +<​html>​
 +
 +<​body>​
 +  <form id="​FormID"​ action="​https://​testpayments.worldnettps.com/​merchant/​mpi"​ method="​post">​
 +    <​label>​Terminal ID</​label>​ <input type="​text"​ name="​TERMINALID"​ />
 +    <​label>​Terminal Secret</​label>​ <input type="​text"​ name="​SECRET"​ />
 +
 +    <​label>​Order ID</​label>​ <input type="​text"​ name="​ORDERID"​ />
 +    <​label>​Currency</​label>​ <input type="​text"​ name="​CURRENCY"​ value="​EUR"​ />
 +    <​label>​Amount</​label>​ <input type="​text"​ name="​AMOUNT"​ />
 +    <​label>​DateTime</​label>​ <input type="​text"​ name="​DATETIME"​ value="​15-3-2006:​10:​43:​01:​673"​ />
 +
 +    <​label>​Cardholder Name</​label>​ <input type="​text"​ name="​CARDHOLDERNAME"​ />
 +    <​label>​Card Number</​label>​ <input type="​text"​ name="​CARDNUMBER"​ />
 +    <​label>​Expiry Date</​label>​ <input type="​text"​ name="​CARDEXPIRY"​ />
 +    <​label>​CVV</​label>​ <input type="​text"​ name="​CVV"​ />
 +
 +    <​label>​CardType</​label>​ <input type="​text"​ name="​CARDTYPE"​ />
 +
 +    <​label>​Hash</​label>​ <input type="​text"​ name="​HASH"​ /><br />
 +    <input id="​SubmitID"​ type="​submit"​ value="​Check 3D Secure"​ />
 +  </​form>​
 +
 +  <script src="​https://​code.jquery.com/​jquery-3.2.1.min.js"></​script>​
 +  <script src="​https://​cdnjs.cloudflare.com/​ajax/​libs/​blueimp-md5/​2.18.0/​js/​md5.min.js"></​script>​
 +  <​script>​
 +    // GENERATE HASH TERMINALID+ORDERID+CARDNUMBER+CARDEXPIRY+CARDTYPE+AMOUNT+DATETIME+secret
 +    function calcHash() {
 +      var hash = md5($("​input[name='​TERMINALID'​]"​).val() + $("​input[name='​ORDERID'​]"​).val() + $("​input[name='​CARDNUMBER'​]"​).val() + $("​input[name='​CARDEXPIRY'​]"​).val() + $("​input[name='​CARDTYPE'​]"​).val() + $("​input[name='​AMOUNT'​]"​).val() + $("​input[name='​DATETIME'​]"​).val() + $("​input[name='​SECRET'​]"​).val());​
 +      $("​input[name='​HASH'​]"​).val(hash);​
 +    }
 +
 +    $("​input[type='​text'​]"​).each(function (index) {
 +      $(this).on("​keyup",​ calcHash);
 +    });
 +
 +    calcHash();
 +  </​script>​
 +</​body>​
 +
 +</​html>​
 +</​code> ​
  
 ==== Notes and Details About the Request ==== ==== Notes and Details About the Request ====
Line 67: Line 126:
 **ND001 - Hash Formation** **ND001 - Hash Formation**
  
-The general rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page, under the **[[developer:​api_specification:​special_fields_and_parameters#​the_hash_parameter|Special Fields and Parameters]]** section. For this specific feature, you should use the following formats:+The general rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page. For this specific feature, you should use the following formats:
  
 <WRAP center box 100%> <WRAP center box 100%>
Line 95: Line 154:
 </​searchtable>​ </​searchtable>​
 \\ \\
 +
 +The response will be attached to the MPI Receipt URL. An example of the response can be seen below.
 +<code text>
 +https://​MPIRESULTURL.COM?​RESULT=A&​STATUS=A&​ECI=06&​MPIREF=d01656cf0ec3e62e3754&​ORDERID=25&​DATETIME=06-10-2020%3A13%3A19%3A10%3A239&​HASH=3ea402c12f7a8cb0afac31cf0429a167
 +</​code>​
 +
  
 ==== Notes and Details on the Response ==== ==== Notes and Details on the Response ====
Line 100: Line 165:
 **ND001 - Hash Formation** **ND001 - Hash Formation**
  
-The general rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page, under the **[[developer:​api_specification:​special_fields_and_parameters#​the_hash_parameter|Special Fields and Parameters]]** section. For this specific feature, you should use the following formats:+The general rule to build HASH field is given at the **[[developer:​api_specification:​special_fields_and_parameters|Special Fields and Parameters]]** page. For this specific feature, you should use the following formats:
  
 <WRAP center box 100%> <WRAP center box 100%>
 RESULT:​MPIREF:​ORDERID:​DATETIME:​SECRET RESULT:​MPIREF:​ORDERID:​DATETIME:​SECRET
 </​WRAP>​ </​WRAP>​
 +
 +==== Simple Payment Request ====
 +
 +Now with the MPIREF available, attach it to your XML Payment load and send it to the XML Request URL.
 +
 +  * **Scenario**:​ Simple request, only mandatory fields.
 +  * **Terminal**:​ 6491002.
 +  * **Terminal Secret**: x4n35c32RT.
 +
 +<code xml>
 +<?xml version="​1.0"​ encoding="​UTF-8"?>​
 +<​PAYMENT>​
 + <​ORDERID>​115010922465</​ORDERID>​
 + <​TERMINALID>​6491002</​TERMINALID>​
 + <​AMOUNT>​10</​AMOUNT>​
 + <​CARDNUMBER>​4111111111111111</​CARDNUMBER>​
 + <​CARDTYPE>​VISA</​CARDTYPE>​
 + <​CARDEXPIRY>​0807</​CARDEXPIRY>​
 + <​CARDHOLDERNAME>​Joe Bloggs</​CARDHOLDERNAME>​
 + <​CURRENCY>​EUR</​CURRENCY>​
 + <​TERMINALTYPE>​1</​TERMINALTYPE>​
 + <​TRANSACTIONTYPE>​7</​TRANSACTIONTYPE>​
 + <​CVV>​214</​CVV>​
 + <​DATETIME>​12-06-2006:​11:​47:​04:​656</​DATETIME>​
 + <​MPIREF>​d01656cf0ec3e62e3754</​MPIREF>​
 + <​HASH>​d04c3bab519095ecb046eff91722e8df</​HASH>​
 +</​PAYMENT>​
 +</​code>​
 +
 +If the payment is successful a return message should be similar to the below:
 +
 +<code xml>
 +<?xml version="​1.0"​ encoding="​UTF-8"?>​
 +<​PAYMENTRESPONSE>​
 + <​UNIQUEREF>​JJCVGCTOV3</​UNIQUEREF>​
 + <​RESPONSECODE>​A</​RESPONSECODE>​
 + <​RESPONSETEXT>​APPROVAL</​RESPONSETEXT>​
 + <​APPROVALCODE>​475318</​APPROVALCODE>​
 + <​DATETIME>​2005-11-14T12:​53:​18</​DATETIME>​
 + <​CVVRESPONSE>​M</​CVVRESPONSE>​
 + <​HASH>​afe4c8b57f3ea0dfee7c8f75fae7e90d</​HASH>​
 +</​PAYMENTRESPONSE> ​
 +</​code>​
 +
 +For further information about XML Payments, visit the [[developer:​api_specification:​xml_payment_features|XML Payment Features]] section. ​
 \\ \\
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International