Introduction
The iVeri range of payment solutions, developed by iVeri Payment Technologies (Pty) Ltd (www.iveri.com) provides proven credit card payment solutions for businesses that have online or physical presence. The use of Enterprise API's is ideal for merchants that want complete control & flexibility of the payment page and transaction mechanisms supported.
Enterprise API’s currently support the following Webservices.
Merchant Requirements
- Merchants are required to enter into a “Agreement” with an authorised Acquiring Institution. Once there is a merchant agreement in place, a merchant profile can be created
- With Enterprise calls to the Gateway, the presence of a certificate ID is required, with the actual physical certificate available as optional means to authenticate merchant requests
- Test Mode should used during integration, testing, and validation
- Test application ID must be used with Mode Test
Terminology
This document uses certain iVeri specific terminology which can be referenced in Parameter Description
Merchant Requirements
- Merchants are required to enter into a “Agreement” with an authorized Acquiring Institution. Once there is a merchant agreement in place, a merchant profile can be created.
- With Enterprise calls to the Gateway, the presence of a certificate ID is required, with the actual physical certificate available as optional means to authenticate merchant requests.
- Test Mode should be used during integration, testing, and validation.
- Test application ID must be used with Mode Test
Terminology
This document uses certain iVeri specific terminology which can be referenced in Parameter Description
SOAP API
The SOAP services allow cross platform integration with the various systems provided by iVeri, using a common interface. With the SOAP API, merchanst can implemented payment mechanisms which are supported are stated in the following sections:
Commands and Action
Payment Flow
Parameter Description
Parameter Per Action
Web Service implementation
All methods provided by the web service return a V_XML formatted response. The GetPinBlock method is the only exception. For card present transactions, the GetPinBlock method will return a PINBlock data structure.
- The V_XML request and response format is defined by the V_XML.xsd schema, which can be downloaded from https://portal.nedsecure.co.za/schemas/v_xml/7.0/v_xml.xsd
- Client code must check the respective Result fields to determine if the web service method was successful or not. (Result fields are defined by the V_XML specification)
- For a client to call the execute method the client certificate ID must be provided with the HTTP Request
Webservice Gateway Address
iVeri WebService uses the Gateway addresses below with the following:
- [portal]/iVeriWebService/Service.asmx
Service Description
Nedbank: https://portal.nedsecure.co.za/iVeriWebService/Service.asmx?wsdl
I&M Bank: https://portal.host.iveri.com/iVeriWebService/Service.asmx?wsdl
CBZ Bank: https://portal.host.iveri.com/iVeriWebService/Service.asmx?wsdl
ECS Bank:https://portal.host.iveri.com/iVeriWebService/Service.asmx?wsdl
CSC Bank: https://portal.host.iveri.com/iVeriWebService/Service.asmx?wsdl
CIM Finance: https://portal.host.iveri.com/iVeriWebService/Service.asmx?wsdl
Message Formats
Communication between the client and web service is via SOAP protocol. Format supported is in XML.The SOAP requests and responses are shown for each method provided by the web service.
WebService Methods
Execute - (bool validateRequest, string protocol, string protocolVersion, string request)
Usage: For posting of transactions to the Gateway
Description |
|
Execute |
Execute the V_XML formatted request. The action to be performed is determined by the V_XML, as defined by the V_XML specifications.
ie. Transaction (Sale, Refund etc) |
Returns |
A V_XML formatted string (The return string will need to be URL decoded) |
Client Certificate |
Is required (provided with HTTP Request) |
Parameters |
|
ValidateRequest: boolean |
true: Will validate the V_XML request against the schema definition. If there are any schema errors processing of the request will terminate and the request will not be passed on to the relevant provider. or false: Will not validate the V_XML request. The V_XML request along with any schema errors will be passed on to the relevant provider for processing. If there are schema errors processing will terminate in the provider.
Set this parameter to true while testing client code and false when in a production environment. |
Protocol: string |
Currently supported protocols • V_XML
If validate is set to true, an unsuccessful response will be generated for any unsupported values. |
ProtocolVersion: string |
Currently supported protocol version • "7.0" (V_XML)
If validate is set to true, an unsuccessful response will be generated for any unsupported values. |
Request: string |
A V_XML format string without any namespace declarations. Providing namespace declarations will result in an unsuccessful call.
The request must also be URL encoded
|
Additional |
|
Validation Performed |
The execute method will also return unsuccessful if:
• No client certificate present • Certificate ID not provided in the V_XML request • Certificate ID in the Client Certificate does not match the Certificate ID in the V_XML
Validation of the Client Certificate is always performed. |
|
|
Note: URL Encode / Decode is not necessary in .NET and PHP
Execute SOAP Message
Request |
Response |
POST /iVeriWebService/Service.asmx HTTP/1.1 Host: portal.nedsecure.co.za Content-Type: text/xml; charset=utf-8 Content-Length: length
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="e7c523a4-7da7-4e59-b888-569fe65c535b" Command="Debit" Mode="Test"> <MerchantTrace>240X5681EEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.14:31</MerchantReference> <CardSecurityCode>183</CardSecurityCode> <PAN>4242424242424242</PAN> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{E7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Debit" Mode="Test" RequestID="{E7AF107F-C9F6-4086-927D-935368B504EE}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR1N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>240X5681EEE</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>311507</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.14:31</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{E5E2E178-4B2D-4DD2-82F1-B26DCD34FCBE}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95707:04645632</AcquirerReference> <AcquirerDate>20230103</AcquirerDate> <AcquirerTime>143147</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04645632</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
DownloadFile Method (string fileServiceCommand)
Usage: For downloading files from the Gateway
Description |
|
fileServiceCommand |
Downloads a file |
|
|
Returns |
A Base64 encoded string which is the contents of the downloaded zipped file. |
|
|
Client Certificate |
Send as parameter |
Parameters |
See section File Transfer Parameters |
DownloadFile SOAP Message
Request |
Response |
Transaction History Download |
|
POST /iVeriWebService/Service.asmx HTTP/1.1 Host: portal.nedsecure.co.za Content-Type: text/xml; charset=utf-8 Content-Length: length
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"> <env:Header/> <env:Body> <DownloadFile xmlns="http://iveri.com/"> <fileServiceCommand> <File Command="TRANSACTIONHISTORY"> <Gateway>Nedbank</Gateway> <CertificateID>{2bc42c-7ffb-44d0-a1e4-441444e1274c}</CertificateID> <UserGroup>3**816</UserGroup> <UserName>administrator</UserName> <Password>$C***n</Password> <FileName>TransactionHistory.zip</FileName> <Mode>Test</Mode> <StartDateTime>2022-11-01T10:00:00</StartDateTime> <EndDateTime>2022-11-02T11:00:00</EndDateTime> <Format>XML</Format></File> </fileServiceCommand> </DownloadFile> </env:Body> </env:Envelope>
|
POST /iVeriWebService/Service.asmx HTTP/1.1 Host: portal.nedsecure.co.za Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <DownloadFileResponse xmlns="http://iveri.com/"> <DownloadFileResult>UEsDBBQAAggIAPV2I1aSB0HNoKIBAHQHDAAWABQAVHJhbnNhY3Rpb25IaXN0b3J5LnhtbFJYEABSYngxAQAIAAAAAAAAAAAA7H1pUxvJ0vVfIfzVt4falzcwEVVd1Rizr7b58oYsySDQgiVkG9+4//05JYHBY0Dd0gwgwr7PM4GkUiOaIk9lnpMnlw7//4eN9YXDZn/Q6nXfvGJ/kVcLodVv1i9Gj3ebg/Ned9B8tby026z3umlx3ht2L968kpTh2f1+rTuojVYvuPPzdqteS1+vhjev/it4YJH6PJMF05nQmmRWOZtJZymlRcgVl/97tbDRazTfvFpvfW2+wrU7nVq38eZVaH5qXbxa2G1+GTYHF6PLEaIVITZkXhKTCZ/HzClVZKJQSuU540LE/+EjbQ/79ZPaoBlqF81lRhijlLClxV+e/rlov9VpLhMjCSE3S0ZPLm0006PuBX7EenP5v8Lmmjoj8O356NsXmSmIzgotheHEUhn1/5YWf33X7fuz2m00vy//N +gCZYfEgGgBQSwECLQAUAAIICAD1diNWkgdBzaCiAQB0BwwAFgAkAAAAAAAAAIAAAAAAAAAAVHJhbnNhY3Rpb25IaXN0b3J5LnhtbAoAIAAAAAAAAQAYAPL5+69yH9kBAAAAAAAAAAAAAAAAAAAAAFBLBQYAAAAAAQABAGgAAADoogEAAAA=</DownloadFileResult> </DownloadFileResponse> </soap:Body> </soap:Envelope>
|
Recon Download Sample |
|
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"> <env:Header/><env:Body> <DownloadFile xmlns="http://iveri.com/"> <fileServiceCommand> <File Command="RECON"> <Gateway>Nedbank</Gateway> <CertificateID>{12bc42c-7ffb-44d0-a1e4-441444e1274c}</CertificateID> <UserGroup>256146</UserGroup> <UserName>Bu****H</UserName> <Password> K******NS</Password> <FileName>Recon.zip</FileName> <AcquirerCycle>02463</AcquirerCycle> <Mode>Test</Mode> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <MerchantUsn>0092201</MerchantUsn> <Format>XML</Format> </File> </fileServiceCommand> </DownloadFile> </env:Body> </env:Envelope>
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <DownloadFileResponse xmlns="http://iveri.com/"> <DownloadFileResult>UEsDBBQAAggIAKl1JVZmVbJ6TQAAAEgAAAAJABQAUmVjb24ueG1sUlgQAFJieDEBAAgAAAAAAAAAAAABSAC3/zxWX1hNTCBWZXJzaW9uPSIyLjAiIERpcmVjdGlvbj0iUmVzcG9uc2UiPjxSZWNvblhNTCBDb3VudD0iMCIgLz48L1ZfWE1MPlBLAQItABQAAggIAKl1JVZmVbJ6TQAAAEgAAAAJACQAAAAAAAAAgAAAAAAAAABSZbi54bWwKACAAAAAAAAEAGAAXnhiRAyHZAQAAAAAAAAAAAAAAAAAAAABQSwUGAAAAAAEAAQBbAAAAiAAAAAAA</DownloadFileResult> </DownloadFileResponse> </soap:Body> </soap:Envelope>
|
UploadFile (string fileServiceCommand)
Usage: Upload Batch files to the iVeri Gateway
Description |
|
fileServiceCommand |
Uploads file |
|
|
Returns |
Result Status Code and Description |
Parameters |
|
Client Certificate |
Send as parameter |
Parameters |
See section File Transfer Parameters |
UploadFile SOAP Message
Request |
Response |
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"> <env:Header/> <env:Body> <UploadFile xmlns="http://iveri.com/"> <fileServiceCommand> <File Command="BATCH"> <Gateway>Nedbank</Gateway> <CertificateID>{00000000-0000-0000-0000-0000000000000}</CertificateID> <UserGroup>000006</UserGroup> <UserName>Administrator</UserName> <FileName>****</FileName> <Password>S*****3</Password></File> </fileServiceCommand> <fileData> PFZfWE1MIFZlcnNpb249IjIuMCIgRGlyZWN0aW9uPSJSZXF1ZXN0Ij 4gDQogIDxCYXRjaCBWZXJzaW9uPSIyLjAiIENvbW1hbmQ9IkJhdGNoVXBs b2FkIiBDb3VudD0iMSIgQW1vdW50PSIxMDAwIj4gDQoJCTxEYXRlPjIwMjAxMTA2 WxlbmFtZT4gDQoJCTxEZXNjcmlwdGlvbj5XZWRuZXNkYXlMb2FkPC9EZXNjcm lwdGlvbj4gDQoJCTxCYXRjaEl0ZW0gQXBwbGljYXRpb25JRD0ie2JiMDg3M2ViLTBjOTctNGJkNS05NGZiLTNhY2Q3MmFlMGEz M30iIE1vZGU9IlRlc3QiIENvbW1hbmQ9IlJlY3VycmluZ0RlYml0Ij4gDQoJCQk8Q0NOdW1iZXI+NDI0Mi4uLi4uLi4uNDI0MjwvQ0NOdW1iZXI+IA0KCQkJPFN0YXJ0RGF0ZT4xMTIwMjA8L1N0YX J0RGF0ZT4NCgkJCTxFeHBpcnlEYXRlPjEyMjAyMDwvRXhwaXJ5RGF0Z T4NCgkJCTxCdWRnZXRQZXJpb2Q+PC9CdWRnZXRQZX Jpb2Q+IA0KCQkJPFRlcm1pbmFsPjQ3ODUyMzI2PC9UZXJtaW5 hbD4NCgkJCTxBbW91bnQ+MTAwMDwvQW1vdW50Pg0KCQkJPEN1cnJlbmN5PlpBUjwvQ3 WRUZXN0aW5nRnJpZGF5PC9NZXJjaGFudFJlZmVyZW5jZT4gDQoJCQk 8UHVyY2hhc2VEYXRlPjIwMjAxMTA0PC9Q dXJjaGFzZURhdGU+IA0KCQkJPFB1cmNoYXNlVGltZT4wOTEwMTk8L1B 1cmNoYXNlVGltZT4gDQoJCQk8VHJhbnNhY3Rpb25JbmRleD57MkE2N EI5NkQtNDkyRC00Njc4LUJFRjgtRDUyNEYyNjlBRjFGfTwvVHJhbnNhY3Rpb25JbmRleD4NCgkJPC9CYXRjaEl0ZW 0+DQoJPC9CYXRjaD4gDQo8L1ZfWE1MPg== </fileData> </UploadFile> </env:Body> </env:Envelope>
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope" <soap:Body> <UploadFileResponse xmlns="http://iveri.com/"> <UploadFileResult><?xml version="1.0" encoding="utf-8" ?> <File><Result Status="0" Description="File uploaded successfully."/></File> </UploadFileResult> </UploadFileResponse> </soap:Body> </soap:Envelope>
|
IsDataAvailable (string fileServiceCommand)
Usage: Check if Batch result file is available on the iVeri Gateway, works hand in hand with the UploadFile method
Description |
|
IsDataAvailable |
Check the availability of the Batch result file |
|
|
Returns |
Result Status Code and Description |
Parameters |
|
Client Certificate |
Send as parameter |
Parameters |
See section File Transfer Parameters |
IsDataAvailable SOAP Message
Request |
Response |
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope"> <env:Header/><env:Body> <IsDataAvailable xmlns="http://iveri.com/"> <fileServiceCommand> <File Command="BATCH"> <Gateway>Nedbank</Gateway> <CertificateID>{bc42c-7ffb-44d0-a1e4-441444e1274c}</CertificateID> <ApplicationID>{b0873eb-0c97-4bd5-94fb-3acd72ae0a33}</ApplicationID> <UserGroup>25***46</UserGroup> <UserName>Administrator</UserName> <Password>S******</Password> <FileName>Test</FileName> <Mode>Test</Mode> <Format>XML</Format></File> </fileServiceCommand> </IsDataAvailable> </env:Body> </env:Envelope>
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <IsDataAvailableResponse xmlns="http://iveri.com/"> <IsDataAvailableResult><?xml version="1.0" encoding="utf-8" ?> <File><Result Status="101" Description="File not found"/></File> </IsDataAvailableResult> </IsDataAvailableResponse> </soap:Body> </soap:Envelope>
|
GenerateCertificateID (string billingDetailsID)
GenerateCertificateID |
Creates a new unique Certificate ID to be used when generating a new certificate signing request. Certificate status will be created. This method must be used in conjunction with the SubmitCertificateRequest method to complete request of a new certificate. |
Returns |
A V_XML formatted string containing the generated certificate ID. |
Client Certificate |
not required |
Parameters |
|
billingDetailsID: string |
Merchant Profile ID /User Group ID |
|
|
GenerateCertificateID SOAP Message
Request |
Response |
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GenerateCertificateID xmlns="http://iveri.com/"> <billingDetailsID>string</billingDetailsID> </GenerateCertificateID> </soap:Body> </soap:Envelope>
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GenerateCertificateIDResponse xmlns="http://iveri.com/"> <GenerateCertificateIDResult>string</GenerateCertificateIDResult> </GenerateCertificateIDResponse> </soap:Body> </soap:Envelope>
|
GenerateCertificateID SOAP Message
Request |
Response |
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GenerateCertificateID xmlns="http://iveri.com/"> <billingDetailsID>string</billingDetailsID> </GenerateCertificateID> </soap:Body> </soap:Envelope>
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GenerateCertificateIDResponse xmlns="http://iveri.com/"> <GenerateCertificateIDResult>string</GenerateCertificateIDResult> </GenerateCertificateIDResponse> </soap:Body> </soap:Envelope>
|
GetCertificate(string certificateID)
Description |
|
GetCertificate |
Download a base 64 encoded P7B certificate that has been issued |
Returns |
A V_XML formatted string (The return string will need to be URL decoded) containing the |
Client Certificate |
not required |
Parameters |
|
certificateID:string |
Certificate ID (GUID) used to generate the certificateSigningRequest |
GetCertificate SOAP Message
Request |
Response |
POST /iVeriWebService/Service.asmx HTTP/1.1 Content-Type: text/xml; charset=utf-8 Content-Length: length SOAPAction: "http://iveri.com/GetCertificate"
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GetCertificate xmlns="http://iveri.com/"> <certificateID>string</certificateID> </GetCertificate> </soap:Body> </soap:Envelope>
|
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GetCertificateResponse xmlns="http://iveri.com/"> <GetCertificateResult>string</GetCertificateResult> </GetCertificateResponse> </soap:Body> </soap:Envelope> |
RenewCertificateID (string certificateID)
Usage: Renewal of an existing certificate
Description |
|
RenewCertificateID |
Will change the certificate status of the certificate mathcing the certificate ID to "created". This method must be used in conjunction with the SubmitCertificateRequest method to complete the renewal of the certificate. |
Returns |
A V_XML formatted string (The return string will need to be URL decoded) |
Client Certificate |
not required |
Parameters |
|
certificateID: string |
Certificate ID (GUID) of existing certificate. |
RenewCertificateID Sample Message
Request |
Response |
Content-Type: text/xml; charset=utf-8 Content-Length: length SOAPAction: "http://iveri.com/RenewCertificateID"
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <RenewCertificateID xmlns="http://iveri.com/"> <billingDetailsID>string</billingDetailsID> <certificateID>string</certificateID> </RenewCertificateID> </soap:Body> </soap:Envelope>
|
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <RenewCertificateIDResponse xmlns="http://iveri.com/"> <RenewCertificateIDResult>string</RenewCertificateIDResult> </RenewCertificateIDResponse> </soap:Body> </soap:Envelope>
|
PinBlock GetPinBlock (string mode, string pan, string pin)
Description |
|
|
Generate a PIN Block using the HSM (Hardware Security Module) |
Returns |
|
|
PinBlock data structure containing the following fields:
• ResultStatusCode • ResultDescription • DeviceSerialNumber • DeviceMake • KeySerialNumber • PinBlock
ResultStatusCode see Status Codes used by V_XML ResultDescription see Descriptions used by V_XML |
Client Certificate |
|
|
not required |
|
|
Parameters |
|
mode : string |
"test"
"live" |
|
|
pan : string |
Primary Account Number |
pin : string |
|
Additional |
|
Validation Performed |
• pan length is not less than 13 chracters and not more than 19 characters • pan is also validated against the LUHN Formula • pin length is not less than 4 characters and not more than 14 characters |
GetPinBlock SOAP message
Request |
Response |
POST /iVeriWebService/Service.asmx Content-Type: text/xml; charset=utf-8 Content-Length: length SOAPAction: "http://iveri.com/GetPinBlock"
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GetPinBlock xmlns="http://iveri.com/"> <mode>string</mode> <pan>string</pan> <pin>string</pin> </GetPinBlock> </soap:Body> </soap:Envelope>
|
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <GetPinBlockResponse xmlns="http://iveri.com/"> <GetPinBlockResult> <ResultStatusCode>int</ResultStatusCode> <ResultDescription>string</ResultDescription> <DeviceSerialNumber>string</DeviceSerialNumber> <DeviceMake>string</DeviceMake> <KeySerialNumber>string</KeySerialNumber> <PinBlock>string</PinBlock> </GetPinBlockResult> </GetPinBlockResponse> </soap:Body> </soap:Envelope>
|
SubmitCertificate (string certificateID, string certificateSigningRequest)
Description |
|
SubmitCertificateRequest |
Submits a PKCS10 certificate signing request. Certificate status will be pending. |
Returns |
A V_XML formatted string. |
Client Certificate |
not required |
Parameters |
|
certificateID : string |
Certificate ID (GUID) used to generate the certificateSigningRequest |
certificateSigningRequest : string |
|
|
Base 64 encoded string containing the new certificate signing request
example of a certificate signing request BEGIN NEW CERTIFICATE REQUEST----- MIIDGjCCAoMCAQAwgbMxCzAJBgNVBAYTAlpBMRAwDgYDVQQIDAdHYXV0ZW5nMRAwINT8mTAfmAe4FdlY9RUv43F9jBYqsV/B6fQxRiSehqnOeS4pmK5gIXiqmfgA/NmZqRiohLwr45SNu6NjF6Bx56T9fAw7RKTsN9dYb6vEtOXew2kc -----END NEW CERTIFICATE REQUEST-----
|
SubmitCertificate SOAP Message
Request |
Response |
POST /iVeriWebService/Service.asmx HTTP/1.1 Content-Type: text/xml; Content-Length: length
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <SumitCertificateRequest xmlns="http://iveri.com/"> <certificateID>string</certificateID> <certificateSigningRequest>string</certificateSigningRequest> </SumitCertificateRequest> </soap:Body> </soap:Envelope>
|
HTTP/1.1 200 OK Content-Type: text/xml; charset=utf-8 Content-Length: length
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <SumitCertificateRequestResponse xmlns="http://iveri.com/"> <SumitCertificateRequestResult>string</SumitCertificateRequestResult> </SumitCertificateRequestResponse> </soap:Body> </soap:Envelope>
|
REST API
Getting Started
With the REST API, merchants can enable card acceptance from a card not present or card present environment, where payments can include the use of tokenised cards and 3D secure authenticated data elements.
To begin processing transactions to the iVeri Gateway, the following has to be in place:
- Merchant Profile
- Generate Certificate in Backoffice
- Only the certificate ID is required on transaction request to the iVeri Gateway
- Before use, the certificate ID has to be linked to the merchants application on the Gateway, reach out to iVeri support on assist@iveri.com to action
To get a view of the applicable parameters per payment instruction, the following sections can be referenced
Commands and Action
Payment Flow
Parameter Description
Parameter Per Action
Requirements (REST API)
- Merchant profile that contains credentials to login to the merchant portal - Backoffice
- Merchant must login to Backoffice and request a certificate, only the certificate ID is required.
Authorisation Header
Authorisation Header
When interfacing with the Gateway endpoints, merchants can include the AuthenticationKey and AuthenticationToken in the headers for both transaction status queries and transaction submissions.
Headers
AuthenticationKey
The key consists of the username. The key and username must be in lowercase
The Username must be encoded to base64 i.e bWVyY2hhbnRwcm9maWxlPTYxNjk1NA
AuthenticationToken
The token consists of:
AuthenticationSecret
This is the secret key generated by the merchant within Backoffice, which the merchant has to store on the merchant’s system.Once the secret is generated, it remains readable in plain text for a couple of minutes, after which it is hashed. Merchant must copy the secret immediately after the secret is generated.
If the merchant loses their secret, a new one will have to be generated
Resource
· Query Transaction Status & Submission of Transactions endpoint
o REST endpoints can be referenced
Data
- Payload that gets posted to the PosPort URL
- Applies to the POST method
QueryString
Query string to retrieve transactions
o /api/transactions?applicationid={applicationid}
o /api/transactions/{requestid}
· only to the GET Method
Timestamp
Calculated as follows:
Timestamp |
|||
|
private static Int32 UnixTimeStampUTC() { Int32 unixTimeStamp; DateTime currentTime = DateTime.Now; DateTime zuluTime = currentTime.ToUniversalTime(); DateTime unixEpoch = new DateTime(1970, 1, 1); unixTimeStamp = (Int32)(zuluTime.Subtract(unixEpoch)).TotalSeconds; return unixTimeStamp; } Calculating the Token
|
REST API
REST Endpoints
On all endpoints the following applies:
- Method: Only GET, POST methods are supported
- Format: JSON
Submission of transactions to the correct Gateway endpoint relates to the acquiring bank that holds the merchant agreement. To submit transactions to the iVeri Gateway, merchants can connect to following end points.
- Nedbank Merchants: https://portal.nedsecure.co.za/
- CSC acquiring bank merchants https://portal.cscacquiring.com/
- CBZ Bank merchants: https://portal.host.iveri.com/
- I&M Bank merchants: https://portal.host.iveri.com/
- CIM Merchants https://portal.merchant.cim.mu
REST API
Endpoint Overview
EndPoint |
Purpose |
Usage |
/api/transactions HTTP Method: POST |
Submit transactions to iVeri Gateway endpoint |
card processing of transactions to the Gateway |
/api/merchant/authenticate HTTP Method: GET |
Returns the server UTC datetime formatted as “yyyyMMddHHmmssfff' |
|
/api/merchant/configuration?mode=live|test HTTP Method: GET |
Returns the user parameters configured in the BackOffice website. Mode is optional. When not specified “live” configuration will be returned?
|
Usage: Optional, and only applicable to mPress Card Present transactions |
/api/merchant/bins HTTP Method: GET |
Returns the current bin list used by the gateway in determining whether to prompt for PIN entry on POS devices when the card service code incorrectly identifies this requirement. |
|
/api/transactions?applicationid={applicationid} HTTP Method: GET |
Returns the application transaction history for the last 7 days |
Optional, but can be used to fetch any transactions processed by the Gateway |
/api/transactions/{requestid} HTTP Method: GET |
Returns transaction details for a particular transaction identified by the requestid |
|
/api/transactions/{requestid}/receipt HTTP Method: POST |
Upload cardholder digital signature to the gateway |
only applicable in the mPress Card Present solution |
|
|
|
Endpoints in Detail
/api/merchant/authenticate
Returns the current server time, in UTC, formatted as yyyyMMddHHmmssfff. This time can be used to check the client time against that of the server. A deviation of five minutes or less is allowed between the client and server time.
yyyy – four-digit year
MM – two-digit month
dd – two-digit day
HH – Hour formatted as 24-Hour time
mm – two-digit minutes
ss – two-digit seconds
fff – current millisecond
Example
Monday, 7th October 2013, 17:02:45 PM would be formatted as 20131007150245442.
JSON Response:
20131007150245442
/api/merchant/configuration
Returns the user parameters as configured in the BackOffice website.
The user parameters consist of list of applications selected for the user
list of currencies selected for the user list of permissions selected for the user
JSON Response:
{
"Applications": [{
"Description": "mPress test application",
"ApplicationID": "1d76a36f-f10e-4388-87f4-4675c78a5511",
"CertificateID": "4c96973f-71dd-4044-802d-6e234effe8f2",
"Mode": "Live"
},
{
"Description": "mPress test application",
"ApplicationID": "1d76a36f-f10e-4388-87f4-4675c78a5511",
"CertificateID": "7dcb6189-bfad-414b-b4ed-ea9d5875ea12",
"Mode": "Live"
}],
"Currencies": [{
"Format": "SCA,.R ",
"DecimalPlaces": 2,
"Code": "ZAR"
}],
"Permissions": [{
"Name": "AUTHORISATION",
"Allowed": "true"
},
{
"Name": "REFUND",
"Allowed": "true"
},
{
"Name": "SALE",
"Allowed": "true"
}]
}
NB. If no applications are returned in the response configuration, you will need to contact the administrator of the usergroup and request the necessary configuration changes to be made to the respective user.
Application list
You will need to select only one of the applications returned.
The application id, certificate id and mode will be used when performing a transaction to the gateway. The description is returned for display use only and not when performing the transaction
NB: You cannot simply switch to mode test using an application id received for mode live. You will need to download the configuration each time you change between test and live.
Permissions list
The permissions returned in the list relate to the transaction types that the user can perform using the REST API. If the “Allowed” value for any of the transaction types is set to “false”, that transaction option should not be presented to the user.
In all cases irrespective of the allowed transaction types, the void transaction type is allowed.
/api/transactions
Submit a transaction to the gateway.
JSON Request:
Sample request for an mPress SDK (Card Present) implementation
{
"Version": "2.0",
"CertificateID": "{7dcb6189-bfad-414b-b4ed-ea9d5875ea12}",
"ProductType": "Enterprise",
"ProductVersion": "mPress",
"Direction": "Request",
"Transaction": {
"ApplicationID": "{1d76a36f-f10e-4388-87f4-4675c78a5511}",
"Command": "Debit",
"Mode": "Live",
"MerchantReference": "{11f1167c-9112-46ca-a69d-b0e856271f4b}",
"MerchantTrace": "{76c8813c-09ad-4b48-bbf5-4a4b320d6659}",
"DeviceMake": "Miura",
"DeviceSerialNumber": "02000567",
"EMV_ApplicationIdentifier": null,
"EMV_ApplicationInterchangeProfile": null,
"EMV_ApplicationTransactionCounter": null,
"EMV_ApplicationVersion": null,
"EMV_AuthorisationRequestCryptogram": null,
"EMV_CardHolderVerificationMethodResult": null,
"EMV_CardSequenceNumber": null,
"EMV_CryptogramInformationData": null,
"EMV_IssuerApplicationData": null,
"EMV_TerminalCapabilities": null,
"EMV_TerminalType": null,
"EMV_TerminalVerificationResult": null,
"EMV_UnpredictableNumber": null,
"EMV_TransactionStatusInformation": null,
"Currency": "ZAR",
"KeySerialNumber": "FF … 14",
"Track2KeySerialNumber": "FF … 44",
"Track2": "37E ... C155",
"PINBlock": "1F … 6F",
"Amount": "2500",
"ExpiryDate": "816",
"CardSecurityCode": null
}
}
/api/merchant/bins
Returns the current bin list used by the gateway in determining whether to prompt for PIN entry while using a POS device when the card service code incorrectly identifies this requirement.
JSON Response:
[{
"BIN": "201010",
"IsOnlineOnly": 1,
"IsPinCard": 2,
"MaxLength": 20
},
{
"BIN": "225050",
"IsOnlineOnly": 1,
"IsPinCard": 2,
"MaxLength": 20
},
{
"BIN": "3045",
"IsOnlineOnly": 1,
"IsPinCard": 2,
"MaxLength": 20
},]
The section “16.6.4 Determining if a card is PIN based” of the iVeri Client Developers Guide, describes how the bin list together with the card's service code is used in determining whether to prompt for PIN.
JSON Response:
{
"Version": "2.0",
"Direction": "Response",
"Transaction": {
"MerchantTrace": "76c8813c-09ad-4b48-bbf5-4a4b320d6659",
"Amount": "2500",
"AuthorisationCode": "660156",
"Currency": "ZAR",
"ExpiryDate": "082016",
"MerchantReference": "11f1167c-9112-46ca-a69d-b0e856271f4b",
"Terminal": "11111111",
"TransactionIndex": "{63D6D3F5-1F1B-46CE-B0EC-AD6F092F51B3}",
"MerchantName": "iVeri",
"MerchantUSN": "2169017345",
"Acquirer": "NedbankPostilion",
"AcquirerReference": "31008:00660156",
"AcquirerDate": "20131007",
"AcquirerTime": "184550",
"DisplayAmount": "R 25.00",
"BIN": "504931",
"Association": "MasterCard",
“CardType": "Unknown Card Type",
"Issuer": "Unknown Issuer",
"Jurisdiction": "Local",
"PANMode": "Swiped,PIN,EncryptedTrack2",
"ReconReference": "00660156",
"CardHolderPresence": "CardPresent",
"MerchantAddress": "MERCHANT ADDRESS",
"MerchantCity": "Johannesburg",
"MerchantCountryCode": "ZA",
"MerchantCountry": "South Africa",
"ApplicationID": "{1D76A36F-F10E-4388-87F4-4675C78A5511}",
"Command": "Debit",
"Mode": "Live",
"RequestID": "{A832F735-9A17-429D-8C82-46C833271D31}",
"Result": {
"Status": "0",
"AppServer": "QAGW2012APP1",
"DBServer": "QAGW2012DB1",
"Gateway": "QA"
},
"PAN": "5049........0023"
}
}
JSON Request:
Sample request for an eCommerce/CNP transaction
{
"Version": "2.0",
"CertificateID": "{7dcb6189-bfad-414b-b4ed-ea9d5875ea12}",
"ProductType": "Enterprise",
"ProductVersion": "mPress",
"Direction": "Request",
"Transaction": {
"ApplicationID": "{1d76a36f-f10e-4388-87f4-4675c78a5511}",
"Command": "Debit",
"Mode": "Live",
"MerchantReference": "{11f1167c-9112-46ca-a69d-b0e856271f4b}",
"MerchantTrace": "{76c8813c-09ad-4b48-bbf5-4a4b320d6659}",
"Currency": "ZAR",
"Amount": "2500",
"ExpiryDate": "816",
"CardSecurityCode": null,
“PAN”: ”4242424242424242”
}
}
JSON Response:
{
"Version": "2.0",
"Direction": "Response",
"Transaction": {
"MerchantTrace": "76c8813c-09ad-4b48-bbf5-4a4b320d6659",
"Amount": "2500",
"AuthorisationCode": "660156",
"Currency": "ZAR",
"ExpiryDate": "082016",
"MerchantReference": "11f1167c-9112-46ca-a69d-b0e856271f4b",
"Terminal": "11111111",
"TransactionIndex": "{63D6D3F5-1F1B-46CE-B0EC-AD6F092F51B3}",
"MerchantName": "iVeri",
"MerchantUSN": "2169017345",
"Acquirer": "NedbankPostilion",
"AcquirerReference": "31008:00660156",
"AcquirerDate": "20131007",
"AcquirerTime": "184550",
"DisplayAmount": "R 25.00",
"BIN": "504931",
"Association": "MasterCard",
“CardType": "Unknown Card Type",
"Issuer": "Unknown Issuer",
"Jurisdiction": "Local",
"PANMode": "Swiped,PIN,EncryptedTrack2",
"ReconReference": "00660156",
"CardHolderPresence": "CardPresent",
"MerchantAddress": "MERCHANT ADDRESS",
"MerchantCity": "Johannesburg",
"MerchantCountryCode": "ZA",
"MerchantCountry": "South Africa",
"ApplicationID": "{1D76A36F-F10E-4388-87F4-4675C78A5511}",
"Command": "Debit",
"Mode": "Live",
"RequestID": "{A832F735-9A17-429D-8C82-46C833271D31}",
"Result": {
"Status": "0",
"AppServer": "QAGW2012APP1",
"DBServer": "QAGW2012DB1",
"Gateway": "QA"
},
"PAN": "4242........4242"
}
}
/api/transactions?applicationid={applicationid}
Returns the application transaction history for the last 7 days.
The JSON Response is a list of transaction responses.
/api/transactions/{requestid}
Returns transaction details for a particular transaction identified by the requestid.
JSON Response:
{
"Version": "2.0",
"Direction": "Response",
"Transaction": {
"MerchantTrace": "76c8813c-09ad-4b48-bbf5-4a4b320d6659",
"Amount": "2500",
"AuthorisationCode": "660156",
"Currency": "ZAR",
"ExpiryDate": "082016",
"MerchantReference": "11f1167c-9112-46ca-a69d-b0e856271f4b",
"Terminal": "11111111",
"TransactionIndex": "{63D6D3F5-1F1B-46CE-B0EC-AD6F092F51B3}",
"MerchantName": "iVeri",
"MerchantUSN": "2169017345",
"Acquirer": "NedbankPostilion",
"AcquirerReference": "31008:00660156",
"AcquirerDate": "20131007",
"AcquirerTime": "184550",
"DisplayAmount": "R 25.00",
"BIN": "504931",
"Association": "MasterCard",
“CardType": "Unknown Card Type",
"Issuer": "Unknown Issuer",
"Jurisdiction": "Local",
"PANMode": "Swiped,PIN,EncryptedTrack2",
"ReconReference": "00660156",
"CardHolderPresence": "CardPresent",
"MerchantAddress": "MERCHANT ADDRESS",
"MerchantCity": "Johannesburg",
"MerchantCountryCode": "ZA",
"MerchantCountry": "South Africa",
"ApplicationID": "{1D76A36F-F10E-4388-87F4-4675C78A5511}",
"Command": "Debit",
"Mode": "Live",
"RequestID": "{A832F735-9A17-429D-8C82-46C833271D31}",
"Result": {
"Status": "0",
"AppServer": "QAGW2012APP1",
"DBServer": "QAGW2012DB1",
"Gateway": "QA"
},
"PAN": "5049........0023"
}
}
api/transactions/{requestid}/receipt
Upload a Cardholder signature to be added to a MerchantReceipt linked to a transaction identified by the requestid.
JSON Request:
{
"Version": "2.0",
"CertificateID": "{7dcb6189-bfad-414b-b4ed-ea9d5875ea12}",
"Direction": "Request",
"Enquiry": {
"ApplicationID": "{1d76a36f-f10e-4388-87f4-4675c78a5511}",
"Command": "Debit",
"RequestID": "{A832F735-9A17-429D-8C82-46C833271D31}",
"CardholderName", "Russel King",
"SignatureImageFormat", "jpeg",
"SignatureImage", "hexified image data"
}
}
Parameter Description & Action
This section describes the various gateway parameters available. This is followed by a table of what input and output parameters are relevant for each action. Parameters are shown grouped according to their usage.
Parameter per Acton
M |
Mandatory |
O |
Optional |
C |
Conditional |
blank |
not relevant |
Context |
Parameter |
Authorisation with PAN |
Authorisation with Track2 |
Authorisation with VisaCheckoutCallID |
Additional Authorisation with TransactionIndex |
AuthorisationReversal with TransactionIndex |
Debit with PAN |
Debit with Track2 |
Debit with PIN |
Debit with VisaCheckoutCallID |
Debit with TransactionIndex |
Credit with PAN |
Credit with Track2 |
Credit with TransactionIndex |
Void |
Balance Enquiry with PIN |
PAN Enquiry with PAN |
PANToken Enquiry |
PAN Enquiry with Track2 |
Ping |
Get Device PIN Key |
ThreeDSecureCheckEnrollment
|
ThreeDSecureValidateAuthentication
|
RequestForDebit |
MasterPassQuickResponseCode |
MasterPassPaymentNotification |
DynamicCurrencyConversion |
MultiCurrencyPricing |
Core |
ApplicationID |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
|
M |
M |
M |
M |
M |
M |
M |
Core |
Category |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
Core |
CertificateID |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
Core |
Gateway |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
Core |
Command |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
Core |
Mode |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
Common |
Amount |
M |
M |
M |
M |
O |
M |
M |
M |
M |
O |
M |
M |
O |
|
|
|
|
|
|
|
M |
M |
M |
M |
|
M |
|
Common |
AuthorisationCode |
|
|
|
|
|
O |
O |
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
BudgetPeriod |
O |
O |
O |
O |
|
O |
O |
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
CardSecurityCode |
O |
O |
O |
O |
O |
O |
O |
|
|
O |
|
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PAN |
M |
|
|
|
|
M |
|
|
|
|
M |
|
|
|
|
M |
M |
|
|
|
M |
M |
|
|
|
O |
|
Common |
Currency |
O |
O |
O |
|
|
O |
O |
O |
O |
|
O |
O |
|
|
O |
|
|
|
|
|
M |
M |
M |
M |
|
M |
|
Common |
VisaCheckoutCallID |
|
|
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
ExpiryDate |
M |
|
|
O |
O |
O |
|
|
|
O |
O |
|
O |
|
|
O |
M |
|
|
|
M |
M |
|
|
|
|
|
Common |
CardholderName |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
|
Common |
MerchantReference |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
M |
|
|
|
|
|
|
|
M |
M |
M |
M |
M |
|
|
Common |
OriginalMerchantReference |
C |
|
|
|
|
C |
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantTrace |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
OriginalMerchantTrace |
|
|
|
|
|
|
|
|
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
OriginalRequestID |
|
|
|
|
|
|
|
|
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PurchaseDate |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PurchaseTime |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
StartDate |
O |
|
|
O |
O |
O |
|
|
|
O |
O |
|
|
|
|
O |
|
|
|
|
|
|
|
|
|
|
|
Common |
Terminal |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
Track2 |
|
M |
|
O |
O |
|
M |
M |
|
O |
|
M |
O |
|
M |
|
|
M |
|
|
|
|
|
|
|
|
|
Common |
TransactionIndex |
|
|
|
M |
M |
|
|
|
|
M |
|
|
M |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MobileMoneyID |
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MSISDN |
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PANFormat |
O |
|
M |
|
|
O |
|
|
M |
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PANMode |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
O |
|
O |
O |
|
O |
|
|
|
|
|
|
|
|
|
Common |
CardHolderPresence |
O |
O |
|
O |
|
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
CardholderEmail |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
|
Common |
OrderDescription |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
|
Common |
AllowBudgetPeriod |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
|
Common |
RequestExpiryDate |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
|
Common |
CreateTransactionUrl |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
|
3DSecure |
ElectronicCommerceIndicator |
O |
O |
|
O |
|
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
CardHolderAuthenticationData |
O |
O |
|
O |
|
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
CardHolderAuthenticationID |
O |
O |
|
O |
|
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
ThreeDSecure_RequestID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
|
|
3DSecure |
ThreeDSecure_SignedPARes |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
|
|
3DSecure |
ThreeDSecure_DSTransID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
ThreeDSecure_AuthenticationType |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
ThreeDSecure_VEResEnrolled |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3DSecure |
ThreeDSecure_ProtocolVersion |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MasterPass |
MasterPassAction |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
MasterPass |
MasterPassMerchantID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
M |
|
|
|
MasterPass |
MasterPassShortDescription |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MasterPass |
MasterPassCodeExpiryDate |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MasterPass |
MasterPassMerchantName |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MasterPass |
MasterPassCode |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MasterPass |
MasterPassTransactionID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
POS |
AccountType |
|
|
|
|
|
|
|
O |
|
|
|
|
|
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
CashAmount |
|
|
|
|
|
|
|
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
POS |
DeviceFirmware |
|
|
|
|
|
|
|
O |
|
|
|
|
|
|
O |
|
|
|
|
O |
|
|
|
|
|
|
|
POS |
DeviceFirmwareVersion |
|
|
|
|
|
|
|
O |
|
|
|
|
|
|
O |
|
|
|
|
O |
|
|
|
|
|
|
|
POS |
DeviceMake |
|
|
|
|
|
|
|
M |
|
|
|
|
|
|
M |
|
|
|
|
M |
|
|
|
|
|
|
|
POS |
DeviceSerialNumber |
|
|
|
|
|
|
|
M |
|
|
|
|
|
|
M |
|
|
|
|
M |
|
|
|
|
|
|
|
POS |
DeviceCycle |
|
|
|
|
|
O |
O |
O |
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
POS |
KeySerialNumber |
|
|
|
|
|
|
|
C |
|
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
Track2KeySerialNumber |
|
C |
|
|
|
|
C |
C |
|
|
|
C |
|
|
C |
|
|
C |
|
|
|
|
|
|
|
|
|
POS |
PANKeySerialNumber |
|
C |
|
|
|
|
C |
C |
|
|
|
C |
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
Procurement |
CustomerReferenceIdentifier |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
CustomerVATRegistrationNumber |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
DestinationCountry |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
DestinationZIPCode |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
NationalTax |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
NationalTaxIndicator |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
OrderDate |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
PurchaseIdentifier |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
ShipFromZIPCode |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
ShippingAmount |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
ShippingTaxRate |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
TransactionDiscount |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement |
UniqueVATInvoiceReference Number |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
Discount |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
ItemCommodityCode |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
ItemDescriptor |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
ProductCode |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
Quantity |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
TaxRate |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
Total |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
UnitCost |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Procurement: LineItem |
UnitOfMeasure |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fleet |
CustomerReferenceIdentifier |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fleet: LineItem |
ProductCode |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fleet: LineItem |
Quantity |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fleet: LineItem |
UnitCost |
|
|
|
|
|
O |
O |
|
|
O |
O |
O |
O |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Point 3.
Point 4.
Ecommerce, Card Not Present
Sale/Purchase
M |
Mandatory |
O |
Optional |
C |
Conditional |
blank |
not relevant |
Context |
Parameter |
Debit with PAN |
Debit with TransactionIndex |
Void |
Credit with PAN |
Credit with TransactionIndex |
|
Core |
ApplicationID |
M |
M |
M |
M |
M |
|
Core |
Category |
M |
M |
M |
M |
M |
|
Core |
CertificateID |
M |
M |
M |
M |
M |
|
Core |
Gateway |
O |
O |
O |
O |
O |
|
Core |
Command |
M |
M |
M |
M |
M |
|
Core |
Mode |
M |
M |
M |
M |
M |
|
Common |
Amount |
M |
M |
|
M |
M |
|
Common | CardSecurityCode | O | O | O | O | ||
Common | PAN | M | M | M | |||
Common |
Currency |
M |
M |
|
M |
M |
|
Common |
ExpiryDate |
M |
M |
|
M |
M |
|
Common |
MerchantReference |
M |
M |
|
M |
M |
|
Common |
OriginalMerchantReference |
|
|
M |
|
|
|
Common |
MerchantTrace |
O |
O |
|
O |
O |
|
Common |
OriginalRequestID |
|
|
M |
|
|
|
Common |
PANFormat |
|
M |
|
|
M |
|
Common |
TransactionIndex |
|
M |
|
|
M |
|
Common |
CardHolderPresence |
C |
C |
|
|
|
|
Common |
| C | C | C | C | ||
Common | WalletProvider
| C | C | C | C | ||
Common | TokenCrytogram | C | C | C | C | ||
Common | ForeignRetailIndicator
| C | C | C | C | ||
Common | AuthorisationCode | O | O | O | O | ||
Common | BudgetPeriod | O | O | O | O | ||
Common | PANMode | ||||||
Common | Terminal | O | O | O | O | ||
Common | VisaCheckoutCallID | C | C | C | C | ||
Common | PurchaseDate | O | O | O | O | ||
Common | PurchaseTime | O | O | O | O | ||
Common | StartDate | O | O | O | O | ||
Common | MSISDN | ||||||
Common | MobileMoney | ||||||
Common | OrderDescription | O | O | O | O | ||
ThreeDsecure |
ElectronicCommerceIndicator |
C |
C |
|
|
|
|
ThreeDsecure |
CardHolderAuthenticationData |
C |
C |
|
|
|
|
ThreeDsecure |
CardHolderAuthenticationID |
C |
C |
|
|
|
|
ThreeDsecure |
ThreeDSecure_DSTransID |
C |
C |
|
|
|
|
ThreeDsecure |
ThreeDSecure_ProtocolVersion |
C |
C |
|
|
|
|
ThreeDsecure |
ThreeDSecure_RequestID |
O |
O |
|
|
|
|
ThreeDsecure |
ThreeDSecure_AuthenticationType |
O |
O |
|
|
|
|
ThreeDsecure |
ThreeDSecure_VEResEnrolled |
O |
O |
|
|
|
Card Present Parameters
Sale/Purchase
Context |
Parameter |
Debit with Track2 |
Debit with TransactionIndex |
Credit with Track2 |
Credit with TransactionIndex |
Void |
Core |
ApplicationID |
M |
M |
M |
M |
M |
Core |
Category |
M |
M |
M |
M |
M |
Core |
CertificateID |
M |
M |
M |
M |
M |
Core |
Gateway |
O |
O |
O |
O |
O |
Core |
Command |
M |
M |
M |
M |
M |
Core |
Mode |
M |
M |
M |
M |
M |
Common |
Amount |
M |
M |
|
|
|
Common |
ExipiryDate |
M |
M |
|
|
|
Common |
Currency |
M |
M |
|
|
|
Common |
MerchantReference |
M |
M |
|
|
|
Common |
MerchantTrace |
O |
O |
|
|
|
Common |
BudgetPeriod |
O |
O |
|
|
|
Common |
OriginalMerchantTrace |
|
|
|
|
|
Common |
Track2 |
M |
C |
|
|
|
Common |
PANMode |
M |
C |
|
|
|
Common |
Terminal |
M |
C |
|
|
|
Common |
AccountType |
M |
C |
|
|
|
POS |
CashAmount |
O |
O |
|
|
|
POS |
DeviceFirmware |
O |
O |
|
|
|
POS |
DeviceFirmwareVersion |
O |
O |
|
|
|
POS |
DeviceMake |
|
|
|
|
|
POS |
DeviceSerialNumber |
|
|
|
|
|
POS |
DeviceCycle |
|
|
|
|
|
POS |
KeySerialNumber |
|
|
|
|
|
POS |
Track2KeySerialNumber |
|
|
|
|
|
POS |
PANKeySerialNumber |
|
|
|
|
|
POS |
PinBlock |
|
|
|
|
|
POS |
EMV_AuthorisationRequestCryptogram |
|
|
|
|
|
POS |
EMV_ApplicationIdentifier |
|
|
|
|
|
POS |
EMV_ApplicationInterchangeProfile |
|
|
|
|
|
POS |
EMV_CardSequenceNumber |
|
|
|
|
|
POS |
EMV_ApplicationTransactionCounter |
|
|
|
|
|
POS |
EMV_ApplicationVersion |
|
|
|
|
|
POS |
EMV_CardHolderVerificationMethodRe sult |
|
|
|
|
|
POS |
EMV_CryptogramInformationData |
|
|
|
|
|
POS |
EMV_IssuerApplicationData |
|
|
|
|
|
POS |
EMV_IssuerApplicationData |
|
|
|
|
|
POS |
EMV_TerminalCapabilities |
|
|
|
|
|
POS |
EMV_TerminalType |
|
|
|
|
|
POS |
EMV_TransactionType |
|
|
|
|
|
POS |
EMV_TerminalVerificationResult |
|
|
|
|
|
POS |
EMV_UnpredictableNumber |
|
|
|
|
|
POS |
EMV_TransactionStatusInformation |
|
|
|
|
|
QR Code - MasterPass
QR Code – MasterPass Parameters
Context |
Parameter |
MasterPassQuickResponseCode |
MasterPassPaymentNotification |
Credit with TransactionIndex |
Void |
Core |
ApplicationID |
M |
M |
M |
M |
Core |
Category |
M |
M |
M |
M |
Core |
CertificateID |
M |
M |
M |
M |
Core |
Gateway |
O |
O |
O |
O |
Core |
Command |
M |
M |
M |
M |
Core |
Mode |
M |
M |
M |
M |
Common |
Amount |
|
|
|
|
Common |
ExipiryDate |
|
|
|
|
Common |
Currency |
|
|
|
|
Common |
MerchantReference |
|
|
|
|
MasterPass |
MasterPassAction |
M |
|
|
|
MasterPass |
MasterPassMerchantID |
M |
|
|
|
MasterPass |
MasterPassShortDescription |
|
|
|
|
MasterPass |
MasterPassCodeExpiryDate |
|
|
|
|
MasterPass |
MasterPassMerchantName |
|
|
|
|
MasterPass |
MasterPassCode |
|
|
|
|
MasterPasss |
MasterPassTransactionID |
|
|
|
|
Request Payment – Divert Parameters
Context |
Parameter |
RequestForDebit |
RequestForAuthorisation |
Core |
ApplicationID |
M |
M |
Core |
Category |
M |
M |
Core |
CertificateID |
M |
M |
Core |
Gateway |
O |
O |
Core |
Command |
M |
M |
Core |
Mode |
M |
M |
Common |
Amount |
M |
M |
Common |
Currency |
M |
M |
Common |
MerchantReference |
M |
M |
Common |
CardholderName |
M |
M |
Common |
CardholderEmail |
C |
C |
Common |
OrderDescription |
O |
O |
Common |
AllowBudgetPeriod |
O |
O |
Common |
RequestExpiryDate |
O |
O |
Common |
CreateTransactionUrl |
O |
O |
Data Types
The following key table is used for data types:
Data Type |
Description |
A |
Alpha only (A-Za-z) |
AN |
Alphanumeric (a-zA-Z0-9) |
Base64 |
Base64 encryption of binary data |
Boolean |
True or False |
Guid |
Globally Unique
Identifier: {[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}\} |
Hex |
Hex (0-9A-Fa-f) |
N |
Numeric (Positive integer) |
N. |
Digits and dots (.) (e.g's 4242........4242, 1.0) |
N: |
Digits and colons |
String |
ANPS Free format string containing: Alpha, numeric, special and padding (printable ASCII) |
Z |
Positive or negative integer |
Node Type |
Set input parameter value |
Get output parameter value |
attribute |
enterprise.setAttribute(..) |
enterprise.getAttribute(..) |
tag |
enterprise.setTag(..) |
enterprise.getTag(..) |
parameter |
enterprise.prepare(...) |
N/A |
attribute parameter |
enterprise.prepare(...) |
enterprise.getAttribute(..) |
property |
Use method or property of enterprise corresponding to the parameter |
N/A |
subtag |
call
enterprise.setTag(..) within |
N/A |
Parameter Description
Core Parameters
Core Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
ApplicationID | Attribute parameter | GUid | 38 | 38 | Identification of the merchant’s configuration within the iVeri Gateway |
CertificateID | property |
| 38 | 38 | The iVeri CertificateID installed on the server communicating with the iVeri Gateway |
CertificatePath | Property | A |
|
| Valid Path to directory where the KeyStoreFile or CertificateFile exists on the filesystem |
CertificateFile | Property | A |
|
| Existing certificate file |
CertificatePassword | Property | A |
|
| Password of the certificate |
Gateway | Property | A |
|
| The name of the gateway connecting to. If not explicitly set, the default gateway is used. |
RequestID | Attribute
|
| 38 | 38 | A unique identifier generated by the iVeri Gateway for this request |
Mode | Attribute parameter |
| 4 | 4 | The mode of the corresponding ApplicationID. See section 10.2 |
| TEST | ||||
LIVE | |||||
Category | parameter |
|
| 50 | A categorisation of the request. Only required in conjunction with a prepare method. |
| Transaction | use if Command = 'Debit' or 'Credit' or 'Authorisation' or 'AuthorisationReversal' or 'Void' | |||
Enquiry | use if Command = 'Balance', 'PAN' or 'PANToken' or ' ‘AuthenticatedCollection' or ‘RequestForDebit’ OR ‘AccountValidation’
| ||||
System | use if Command = 'Ping' | ||||
Security | use if Command = 'GetDevicePINKey' | ||||
Command | Attribute parameter | A |
|
| The command specifying what should be done by the iVeri Gateway |
| GetDevicePINKey | Get DevicePINKey (use Category='Security') | |||
Ping | Ping (use Category='System') | ||||
Authorisation | Authorisation (use Category='Transaction') | ||||
AuthorisationReversal | Authorisation Reversal (use Category='Transaction') | ||||
Credit | Credit (use Category='Transaction') | ||||
Debit | Debit (use Category='Transaction') | ||||
Void | Void (use Category='Transaction') | ||||
Balance | Balance Enquiry (use Category='Enquiry') | ||||
PAN | PAN Enquiry (use Category='Enquiry') | ||||
PANToken | PANToken Enquiry (use Category='Enquiry') | ||||
AuthenticatedCollection | AuthenticatedCollection:Enquiry (use Category='Enquiry') | ||||
AccountValidation | AccountValidation Enquiry (use Category = ‘Enquiry’) | ||||
RequestForDebit | RequestForDebit Enquiry (use Category = ‘Enquiry’) | ||||
MasterPassQuickResponseCode | MasterPass QuickResponseCode Enquiry (use Category = ‘Enquiry’) | ||||
DynamicCurrencyConversion | DynamicCurrencyConversion |
Common Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description | |
Acquirer | tag | A | 3 | 32 | The Acquiring system to which this transaction was routed by iVeri | |
| NBPostllionNBSA |
| ||||
NBPostilion NB Zimbabwe |
| |||||
NBPostilionUSD NB Zimbabwe |
| |||||
CBZPostilion CBZ Zimbabwe |
| |||||
CSCFIS CSC Lebanon |
| |||||
NBPostilion iVeri SouthAfrica |
| |||||
ICPSPwC CIM Mauritius |
| |||||
OWWay4 IM Kenya |
| |||||
NBPostilion NB Namibia |
| |||||
|
| |||||
AcquirerDate | tag | N |
| 64 | The date that the Acquirer allocated to this transaction | |
YYYYMMDD | YearMonthDay | |||||
AcquirerReference | tag | N |
| 64 | A reference allocated by the Acquirer to this transaction with format specific to the acqiurer. It is a composite element consisting of a settlement cycle and a transaction trace. The cycle can be 5 digits (the acquirer batch number) or 8 digits (cycle end date). The trace is the significant part of the acquirer Retrieval Reference Number (RRN). The trace can be 8 digits (if the RRN starts with 0000) or 12 digits (the full RRN). | |
| CCCCC: TTTTTTTT | CycleNumber: RRN8 (for Nedbank providers) | ||||
yyyyMMdd:tttttttt | CycleEndDate: RRN8 (for the TMS provider) | |||||
yyyyMMdd:ydddhhtttttt | CycleEndDate:RRN (for providers in general) | |||||
|
| |||||
AcquirerTime | tag | N |
| 6 | The time that the Acquirer allocated to this transaction | |
HHMMSS | HourMinuteSecond | |||||
Amount | tag | N | 0 | 12 | The total value of the transaction in the smallest unit of the currency specified (eg in cents) | |
AuthorisationCode | Tag | AN | 0 | 6 | The Authorisation Code issued by the Issuer to the Merchant either telephonically or electronically | |
BudgetPeriod | Tag | N | 0 | 2 | The number of months over which the cardholder would like to pay the transaction off. See section 10.4 | |
| 0 | Default | ||||
3 |
| |||||
6 |
| |||||
9 |
| |||||
12 |
| |||||
18 |
| |||||
24 |
| |||||
36 |
| |||||
| ||||||
CardSecurityCode | Tag | N | 3 | 4 | The 3 or 4 digits printed on the card which are not contained on the magnetic strip. Usually printed after the CCNumber on the signature strip. Corresponds to American Express CIV, MasterCard CVC2 and VISA CVV2. Does not exist within Associations | |
Currency | Tag | A |
| 3 | The ISO 4217 currency code of the value of the transaction. e.g., USD or ZAR or GBP | |
DisplayAmount | Tag | String |
| 30 | The Amount returned in a currency aware printable format | |
ExpiryDate | Tag | N | 4 | 6 | The last month of the validity period of the card | |
MMYY | MonthYear | |||||
| MMYYYY | MonthYear | ||||
CardholderName | Tag | String |
| 50 | The name of the cardholder as embossed on the card. | |
CardholderEmail | Tag | String |
| 125 | The email address of the cardholder | |
OrderDescription | Tag | String |
| 250 | A brief description of the purchase made by the cardholder | |
AllowBudgetPeriod | Tag | Boolean |
|
| When this is true a ‘BudgetPeriod’ input field will be present on the CardDetails capture form. | |
RequestExpiryDate | Tag | N | 8 | 8 | The date after which the debit request will expire | |
YYYYMMDD | YearMonthDay | |||||
CreateTransactionUrl | Tag | Boolean |
|
| When this value is ‘true’ a ‘TransactionUrl’ will be returned to the merchant. If ‘false’ a debit request email will be sent to the ‘CardholderEmail’ | |
TransactionUrl | Tag | String |
| 225 | The transaction url that the Cardholder must be redirected to perform a transaction when the command was ‘RequestForDebit’. This will be returned to the merchant in the response if the ‘CreateTransactionUrl’ parameter is set to ‘true’ | |
MerchantName | Tag | String |
| 50 | The merchant name associated with the ApplicationID | |
MerchantAddress | Tag | String |
| 50 | The merchant address associated with the ApplicationID | |
MerchantCity | Tag | String |
| 50 | The merchant city associated with the ApplicationID | |
MerchantCountryCode | Tag | String |
| 2 | The merchant country code associated with the ApplicationID | |
MerchantCountry | Tag | String |
| 50 | The merchant country name associated with the ApplicationID | |
MerchantReference | Tag | String | 0 | 64 | A merchant generated identifier that is unique within a specified time period that identifies a transaction sequence. In the case that the transaction is an Authenticated Collection this field will contain the 14-character long Contract Reference allocated by the Merchant for this transaction. | |
OriginalMerchantReference | Tag | String | 0 | 64 | A merchant generated identifier of a previous transaction used in a Tokenized PAN transaction | |
MerchantTrace | Tag | String | 0 | 64 | Unique merchant identification for the request | |
MerchantUSN | Tag | String | 0 | 15 | The merchant USN associated with the ApplicationID | |
OriginalMerchantTrace | Tag | String |
| 64 | A reference to the original MerchantTrace previously sent to the iVeri Gateway | |
OriginalRequestID | Tag | Guid | 38 | 38 | The RequestID that was returned as part of the original transaction | |
PAN | Tag | N |
| 20 | Primary Account Number (eg Credit card number), may have been extracted from Track2. When this is an output parameter, then a section of it is dotted out, and safe to display or print | |
PANMode | Tag | String | 0 | 128 | The mechanism by which the PAN was determined from the card. The value is a comma separated list of the following:
| |
Name
| Direction | Description | ||||
Keyed | Input/Output | Card number was keyed | ||||
Tokenized | Output | PANFormat 'TransactionIndex', 'OriginalMerchantReference' or 'MSISDN' (non-registration) was specified in the request | ||||
Swiped | Input/Output | Card was swiped. This means that a Track2 must be specified in the request. | ||||
Dipped | Input/Output | Card was processed while in the card reader slot of the device. This means that a Track2 must be specified in the request. | ||||
Tapped | Input/Output | Card was processed by a contactless device. This means that a24 Track2 must be specified in the request. | ||||
ConstructedTrack2 | Output | For when a partial Track2 is received in the request usually accompanied by a PINBlock as one of the legs of a PANFormat “MSISDN” transaction. | ||||
CVV | Output | The CardSecurityCode tag had a value in the request | ||||
PIN | Output | The PINBlock tag had a value in the request | ||||
PINCapable | Input/Output | No online PIN or EMV data sent to the gateway, but the device is capable to process PIN. | ||||
EMV | Output |
| ||||
EMVFallback | Output | No EMV data specified in the request, but the service code of the request Track2 indicate a chip card. | ||||
EncryptedPAN | Output | The value of the PAN tag in the request specified encrypted data | ||||
EncryptedTrack2 | Output | The value of the Track2 tag in the request specified encrypted data | ||||
PurchaseDate | Tag |
| 4 | 4 | The date on which the purchase was made. Defaults to current Date | |
MMDD |
MonthDay | |||||
PurchaseTime | Tag |
| 4 | 4 | The time at which the purchase was made. Defaults to current Time | |
HHMM | HourMinute | |||||
ReconReference | Tag | N | 0 | 8 | Identifier that the Merchant is returned during a transaction and that also appears in the reconciliation information supplied by the Acquirer. Either assigned by the iVeri Gateway or derived from the specified MerchantReference. | |
StartDate | Tag | A |
| 6 | The date of the start of the validity period of the card number. The start date is not available on many cards, and will remain an optional parameter until the start date becomes more common
| |
MMYY | MonthYear | |||||
MMYYYY | MonthYear | |||||
Terminal | Tag | N | 0 | 8 | Identifier optionally allocated by the merchant which is intended to group transactions together for reporting purposes in reconciliation statements. | |
Track2 | Tag | String |
| 39 | Track2 after being read by the swipe device from the magnetic stripe on the card (for card present transactions). It is inclusive of the beginning and end markers being ; and ? respectively. See section 10.3 | |
TransactionIndex | Tag | Guid | 38 | 38 | Unique identifier allocated by iVeri for a series of related transactions. If PANFormat is 'TransactionIndex', TransactionIndex is used to locate a previous transaction for the PAN to be resolved. | |
MobileMoneyID | Tag | N | 1 | 6 | An additional transaction identifier returned for a PANFormat “MSISDN” transaction. This tag should be passed to the Gateway along with OriginalRequestID or OriginalMerchantTrace when the transaction needs to be Voided. | |
MSISDN | Tag | String |
|
| A mobile number required by PANFormat “MSISDN” transactions | |
VisaCheckoutCallID | Tag | String | 0 | 48 | Visa Checkout transaction ID associated with a payment request. | |
MasterPassTransactionID | Tag | N |
|
| This is the MasterPass system transaction reference | |
ForeignAmount | Tag | String | 0 | 11 | When doing a transaction in a foreign currency we need to specify the amount here in the foreign currency Mandatory when doing transaction in foreign currency
| |
ForeignCurrency | Tag | String | 3 | 3 | When doing a transaction in a foreign currency we need to specify the foreign currency here Mandatory when doing transaction in foreign currency
| |
ForeignExchangeID | Tag | Guid | 38 | 38 | Unique Identifier returned in the DynamicCurrencyConversion / MultiCurrencyPricing linked to the BaseAmount /BaseCurrency and the Amount and Currency in the current transaction request Mandatory when doing transaction in foreign currency
| |
PANFormat | Tag | String |
|
| An enumeration specifying how to obtain the PAN details
| |
PAN | Required tag: PAN. If PANFormat is not specified, this value is used if the PAN tag is set and the Track2 tag not set. | |||||
Track2 | Required tag: Track2. If PANFormat is not specified, this value is used if the Track2 tag is set. | |||||
VisaCheckoutCallID | Required tags: VisaCheckoutCallID The VisaCheckoutCallID is used to retireve the Payment Data from the Visa Checkout Process.
| |||||
MSISDN | Required tag: MSISDN. If in addition, AccountType, PAN (full) and ExpiryDate are provided, the transaction also serves as a registration of the MSISDN, thereby enabling future transactions with MSISDN only. | |||||
|
| |||||
CardHolderPresence | Tag | String | 0 | 128 | Specify how the cardholder is involved when a virtual transaction is performed. This tag supersedes the ElectronicCommerceIndicator tag. The value is a comma separated list of the following: | |
CardPresent | Gets set in the output when a full Track2 was specified in the request. This value may also be set in the request when the card number was keyed on a POS device. | |||||
|
|
|
|
| CardNotPresent | The physical plastic of the card was not present when the request was sent to the gateway. |
|
|
|
|
| eCommerce | Gets set in the output when one of the ElectronicCommerceIndicator values was specified in the request |
|
|
|
|
| ThreeDSecure | Encryption (SSL) used between CardHolder and Merchant. ThreeDSecure was successful |
|
|
|
|
| ThreeDSecureAttempted | Encryption (SSL) used between CardHolder and Merchant. ThreeDSecure was attempted unsuccessfuly |
|
|
|
|
| SecureChannel | Encryption (SSL) used between CardHolder and Merchant. ThreeDSecure not used |
|
|
|
|
| ClearChannel | No encryption used between CardHolder and Merchant |
|
|
|
|
| MOTO | Telephonic or mail order |
|
|
|
|
| Recurring | Transactions submitted by a merchant automatically |
|
|
|
|
|
|
Card Detail Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
Association | tag | string | 0 | 50 | The association to which the card number belongs e.g., VISA or Master card or American Express |
Bin | Tag | string | 1 | 9 | The Bank Identification Number into which PANs are grouped. Generally, this is the first two to eight digits |
CardType | tag | String | 0 | 50 | A description of the type of the card used e.g., Credit Card, Maestro, Electron etc |
Issuer | tag | string | 0 | 50 | If the card is local this gives a description of the institution that issued this card
|
Jurisdiction | Tag | String | 0 | 50 | Description of whether the card is a local or international card |
3DSecure Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
ElectronicCommerceIndicator | tag | A | 0 |
| More commonly known as the ECI, it describes for virtual transactions what steps were taken to secure and authenticate the transaction. Values are the following subset of CardHolderPresence values: ThreeDSecure, ThreeDSecureAttempted, SecureChannel and ClearChannel |
CardHolderAuthenticationData | tag | Base64 | 28 | 28 | For usage with Verified by Visa / MasterCard SecureCode. The CAVV or UCAF field depending on whether the card is VISA or Master card. Note: Original binary format length = 20 bytes. Mandatory when ElectronicCommerceIndicator = ThreeDSecure |
CardHolderAuthenticationID | tag | Base64 | 28 | 28 | For usage with Verified by Visa / MasterCard SecureCode. The Transaction ID. Note: Original binary format length = 20 bytes. Mandatory when ElectronicCommerceIndicator = ThreeDSecure |
ThreeDSecure_RequestID | Tag | Guid | 38 |
| The RequestID that was returned as part of the Enrollment Check that will be used to retrieve data for the Authentication Validation |
ThreeDSecure_ACS_URL | Tag | URL |
| No Limit | URL of the Access Control Server of the card-issuing bank where you need to send the ThreeDSecure_PAReq so that the customer can be authenticated. The field length can be very large. |
ThreeDSecure_PAReq | Tag | Base64 |
| No Limit | Digitally signed payer authentication request message that contains a unique transaction ID.The field length can be very large. |
ThreeDSecure_SignedPARes | Tag | Base64 |
| No Limit | Digitally signed PARes message that contains the authentication result.The field length can be very large. |
ThreeDSecure_VEResEnrolled | Tage | A | 1 | 1 | Indicator that shows whether the cardholder is participating in 3DS. |
Result Parameters
Result Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description | |
Code | Attribute | N |
| 3 | The numeric Result Code of the completed execution. See section 10.1 | |
Description | Attribute | String |
| 1024 | A description of the results of the completed execution. Only relevant where ResultStatus is 'Unsuccessful' [-1] or 'Successful with warning' [1] | |
Source | Attribute | String |
| 138 | The source of the result | |
Previous | Attribute | Boolean |
|
| In most cases returns false, indicating that the other result values refer to the immediately completed execution. For advanced usage within a Reprint, to indicate whether the result returned refers to the current execution, or a previous execution. | |
Status | Attribute | Z |
| 2 | The status of the completed execution | |
|
|
|
|
| -1 | Unsuccessful |
0 | Successful | |||||
1 | Successful, with warning |
UPOP SecurePlus Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
UPOP_TransactionTime | tag | String |
|
| The time when the Merchant sends the transaction. Date and time formatted as an ISO 8601 combined date and time string using the extended format.
- Format: YYYY-MM-DDThh:mm:ssZ
- YYYY = year - MM = month - DD = day - hh = hour - mm = minutes - ss = seconds
|
UPOP_RelatedTransactionType | tag | String | 2 | 2 | Related Transaction Type. One of:
- Purchase - Pre-authorization
The corresponding UnionPay protocol values are:
- 01: Purchase - 02: Pre-authorization
|
UPOP_RequestID | Tag | Guid | 38 |
| The RequestID that was returned as part of the Request Creation that will be used to retrieve data for the Authentication Validation |
UPOP_FrontUrl | Tag | URL |
| 256 | UPOP send the transaction result notification to the URL via cardholder’s browser |
UPOP_BackUrl | Tag | URL |
| 256 | UPOP send the transaction result notification to the URL via system |
UPOP_ACPReq | Tag | Base64 |
| No Limit | The Authentication Request message to be posted to the UPOP authentication server |
UPOP_Endpoint | Tag | URL |
|
| The UPOP authentication server endpoint where the Authentication Request message must be posted via cardholder’s browser |
UPOP_ACPRes | Tag | Base64 |
| No Limit | The Authentication Response message received from the UPOP authentication server |
Masterpass Parameters
Parameter |
Node Type |
Data Type |
Min Length |
Max Length |
Description |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ForeignExchange Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
Currency | Subtag | A | 3 | 3 | The ISO 4217 currency code of the value of the transaction. e.g. USD or ZAR or GBP |
Amount | subTag | N | 0 | 11 | The total value of the transaction in the smallest unit of the currency specified (eg in cents) |
ForeignExchange | Tag | AN |
|
| Contains a collection of ForeignExchangeItems |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
CyberSource Parameters
Parameter | Node Type | Data Type | Required/Optional | Max Length | Description |
DeliveryMethod | subTag | 0 | O | 255 | Physical or Virtual |
DeviceFingerprintID | SubTag | AN | 0 | 88 | Session ID for the fingerprint. |
BillTo_FirstName | SubTag | AN | R | 60 | First name of cardholder |
BillTo_LastName | SubTag | AN | R | 60 | Last name of cardholder |
BillTo_Street | subTag | AN | R | 60 | Street address of cardholder |
BillTo_City | subTag | AN | R | 60 | Billing city for cardholder |
BillTo_State | subTag | AN | 0 | 2 | State or province of the cardholder. Required for U.S. and Canada. Use the two-character state, province, or territory codes.
|
BillTo_Country | subTag | AN | R | 2 | Billing country for cardholder. Use the two-character country codes. |
BillTo_PostalCode | subTag | AN | O | 10 | Postal code of the billing address. Required only if the BillTo_Country field is US or CA |
BillTo_Email | subTag | AN | R | 100 | Email address of the cardholder |
BillTo_IPAddress | subTag | AN | O | 15 | IP address of the cardholder as reported by your Web server via socket information. |
Note: If any of the fields marked in Red is unavalable all the fields in Red will be replaced with defaults specified by CyberSource |
POS Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
DeviceFirmware | Tag | String |
| 64 | The firmware (software) currently loaded on the device. This may be set as an integer |
DeviceFirmwareVersion | Tag | String |
| 64 | The version of the firmware (software) currently loaded on the device. |
DevicePINKey | Tag | Hex | 32 | 32 | Master/Session encryption specific: The device PIN Key encrypted under the device master key i.e. DMK(DPK) |
MACDevicePINKey | Tag | Hex | 8 | 8 | Master/Session encryption specific: The MAC of the device PIN Key i.e. MAC(DPK) |
AccountType | Tag | A | 0 | 32 | The type of account that this transaction relates to (known to the cardholder |
Cheque |
Not specified | ||||
Savings | Credit | ||||
AvailableBalance | Tag | N |
| 12 | The available amount in the cardholders account given in the smallest unit of currency of the cardholder (not necessarily the currency of the merchant) |
DisplayAvailableBalance | Tag | String |
| 25 | The AvailableBalance returned in a currency aware printable format |
CashAmount | Tag | N |
| 12 | The Cash (back) portion of the Amount. Subject to the constraint: 0 <= CashAmount <= Amount |
CurrentBalance | Tag | Z |
| 12 | The current balance in the cardholders account given in the smallest unit of currency of the cardholder (not necessarily the currency of the merchant) |
DisplayCurrentBalance | Tag | String |
| 25 | The CurrentBalance returned in a currency aware printable format |
DeviceMake | Tag | String |
| 64 | The manufacturer of the device (terminal). e.g. Dione / Sagem |
DeviceSerialNumber | Tag | String |
| 64 | The serial number of the device (terminal) |
DeviceCycle | Tag | String | 20 |
| the current batch id of the device (terminal) |
PINBlock | Tag | Hex | 16 | 16 | The cardholders PIN encrypted using the current device pin key |
KeySerialNumber | Tag | Hex | 20 | 20 | DUKPT encryption specific: Mandatory input parameter needed in decryption of a DUKPT PINBlock. |
Track2KeySerialNumber | Tag | Hex | 20 | 20 | DUKPT Track2 encryption specific: Mandatory input parameter needed in decryption of a DUKPT Track2. |
PANKeySerialNumber | Tag | Hex | 20 | 20 | UKPT PAN encryption specific: Mandatory input parameter needed in decryption of a DUKPT PAN. |
EMV Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
EMV_AuthorisationRequestCryptogram | Tag | Hex |
| 16 | EMV tag 9F26 |
EMV_ApplicationIdentifier | Tag | Hex |
| 32 | EMV tag 9F26 |
EMV_ApplicationInterchangeProfile | Tag | Hex |
| 4 | EMV tag 82 |
EMV_CardSequenceNumber | Tag | Hex |
| 2 | EMV tag 5F34 |
EMV_ApplicationTransactionCounter | Tag | Hex |
| 4 | EMV tag 9F36 |
EMV_ApplicationVersion | Tag | Hex |
| 4 | EMV tag 9F08 |
EMV_CardHolderVerificationMethodResult | Tag | Hex |
| 6 | EMV tag 9F34 |
EMV_CryptogramInformationData | Tag | Hex |
| 2 | EMV tag 9F27 |
EMV_IssuerApplicationData | Tag | Hex |
| 64 | EMV tag 9F10 |
EMV_TerminalCapabilities | Tag | Hex |
| 6 or 8 | EMV tag 9F33 |
EMV_TerminalType | Tag | N |
| 2 | EMV tag 9F35 |
EMV_TransactionType | Tag | N |
| 2 | EMV tag 9C |
EMV_TerminalVerificationResult | Tag | Hex |
| 10 | EMV tag 95 |
EMV_UnpredictableNumber | Tag | Hex |
| 8 | EMV tag 9F37 |
EMV_TransactionStatusInformation | Tag | Hex |
| 4 | EMV tag 9B |
EMV_IssuerAuthenticationData | Tag | Hex |
| 16 or 32 | EMV tag 91 |
EMV_IssuerScriptTemplate1 | Tag | Hex |
| 999 | EMV tag 71 |
EMV_IssuerScriptTemplate2 | Tag | Hex |
| 999 | EMV tag 72 |
EMV_ResponseCode | Tag | AN |
| 2 | EMV tag 8A |
|
|
|
|
|
|
Airline Data
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
PassengerName | subTag | AN | 0 | 60 | Passenger's first name. |
PrimaryTicketNumber | subTag | AN | 0 | 60 |
|
FirstDepartureLocationCode | subTag | AN | 0 | 32 |
|
FirstArrivalLocationCode | subTag | AN | 0 | 32 |
|
OfficeIATANumber | subTag | AN | 0 | 32 |
|
OrderNumber |
|
|
|
|
|
PlaceOfIssue |
|
|
|
|
|
DepartureDate |
|
|
|
|
|
Note: The fields in Blue will only be used when doing CyberSource Advanced Fraud Screening. | |||||
CompleteRoute |
|
|
|
|
|
DepartureTime |
|
|
|
|
|
JourneyType |
|
|
|
|
|
Procurement Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
CustomerReferenceIdentifier | Tag | AN |
| 17 | Description allocated by the merchant to be printed on the Cardholders statement |
CustomerVATRegistrationNumber | Tag | AN |
| 13 | The VAT registration number of the Customer if available |
DestinationCountry | Tag | A | 2 | 2 | The ISO code for the country of residence of the Merchant. e.g., ZA, US, GB |
DestinationZIPCode | Tag | AN | 0 | 10 | The Customers Destination ZIP code |
NationalTax | Tag | N | 0 | 12 | The VAT amount of the transaction in the currency's smallest denomination. Depending on the NationalTaxIndicator this may be included or in addition to the Amount field |
NationalTaxIndicator | Tag | N | 0 | 1 | Indicates whether VAT is applicable to this transaction.
|
0 | NationalTax is NOT included | ||||
1 | NationalTax is included | ||||
OrderDate | Tag | A | 0 | 6 | The date that the order was placed. This is not necessarily the same as the PuchaseDate. Defaults to current Date |
PurchaseIdentifier | Tag | AN | 0 | 25 | Optional description allocated by the Merchant to be displayed on the Merchants statement. Defaults to MerchantReference. |
ShipFromZIPCode | Tag | AN | 0 | 10 | The ZIP code of the Merchant (Shipping source ZIP code) |
ShippingAmount | Tag | N | 0 | 12 | The amount charged to the customer for shipping charges in the currency's smallest denomination. |
ShippingTaxRate | Tag |
| 0 | 4 | The VAT rate that applies to the ShippingAmount. It is a percentage and not the actual value. The value is the rate multiplied with 10000. |
TransactionDiscount | Tag | N | 0 | 12 | Discount value for the transaction, it is the result of individual line-item percentage discounts applied to line items. In the currency’s smallest denomination |
UniqueVATInvoiceReferenceNumber | Tag | AN | 0 | 15 | The invoice number allocated by the merchant and appears on the merchant’s invoice given to the customer. This is an optional field is independent of the Merchant Reference. |
Procurement LineItems Parameters
Parameter | Node Type | Data Type | Min Length | Max Length | Description |
Discount | subTag | N | 0 | 12 | The total discount for the line item in the currency's smallest denomination. |
ItemCommodityCode | subTag | N | 0 | 4 | The ISO commodity code for the line-item unit |
ItemDescriptor | subTag | N | 0 | 26 | A description for the line-item unit. |
ProductCode | subTag | AN | 0 | 12 | The merchant's code for the line-item unit. |
Quantity | subTag | N | 0 | 8 | The total number of line-item units. |
TaxRate | subTag | N | 0 | 4 | The VAT rate applicable to the line item. The value is the rate multiplied with 10000. |
Total | subTag | N | 0 | 12 | The total amount for the line item in the currency's smallest denomination. The value equals Quantity x UnitCost - Discount. |
UnitCost | subTag | N | 0 | 12 | The cost of a line-item unit in the currency's smallest denomination. |
UnitOfMeasure | subTag | AN | 0 | 12 | The measurement unit description. |
PassengerFirstName | subTag | AN | 0 | 60 | Passenger's first name. |
PassengerLastName | subTag | AN | 0 | 60 | Passenger's last name |
PassengerID | subTag | AN | 0 | 32 | ID of the passenger to whom the ticket was issued. For example, you can use this field for the frequent flyer number
|
PassengerStatus | subTag | AN | 0 | 32 | our company's passenger classification, such as with a frequent flyer program. In this case, you might use values such as standard, gold, or platinum.
|
PassengerType | subTag | AN | 0 | 32 | Passenger classification associated with the price of the ticket. You can use one of the following values: • ADT: Adult • CNN: Child • INF: Infant • YTH: Youth • STU: Student • SCR: Senior Citizen • MIL: Military
|
Note: The fields in Blue will only be used when doing CyberSource Advanced Fraud Screening. |
AuthenticatedCollectionData Parameters
Parameter | Node Type | Data Type | Required/Optinal | Max Length | Description |
AccountNumber | subTag | AN | R | 19 | The account number that the payor is agreeing to allow the payee debit. |
DebtorIdentification | SubTag | AN | R | 35 | Some data to identify the payor e.g., ID Number |
DebtorIdentification | subTag | AN | R | 12 | The maximum amount that the payor is agreeing to in the smallest unit of the currency specified (eg in cents) |
|
|
|
|
|
|
Fleet Parameters
|
Output Parameters
Y |
relevant (may be populated) |
C |
returned if supported by Acquirer |
blank |
not relevant |
Y |
relevant (may be populated) |
C |
returned if supported by Acquirer |
blank |
not relevant |
Context |
Parameter |
Authorisation with PAN |
Authorisation with Track2 |
Additional Authorisation with TransactionIndex |
AuthorisationReversal with TransactionIndex |
Debit with PAN |
Debit with Track2 |
Debit with PIN |
Debit with TransactionIndex |
Credit with PAN |
Credit with Track2 |
Credit with TransactionIndex |
Void |
Balance Enquiry with PIN |
PAN Enquiry with PAN |
PANToken Enquiry |
PAN Enquiry with Track2 |
Ping |
Get Device PIN Key |
ThreeDSecureCheckEnrollment
|
ThreeDSecureValidateAuthentication
|
RequestForDebit |
MasterPassQuickResponseCode |
MasterPassPaymentNotification |
DynamicCurrencyConversion |
MultiCurrencyPricing |
Core |
ApplicationID |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
Y |
Y |
Y |
|
|
Core |
Command |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
Y |
Y |
|
|
Core |
Mode |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
Y |
Y |
|
|
Core |
RequestID |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
Y |
Y |
|
|
Common |
Acquirer |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
AcquirerDate |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
AcquirerReference |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
AcquirerTime |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
Amount |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
DisplayAmount |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
AuthorisationCode |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
Currency |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
C |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
MerchantName |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantAddress |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantCity |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantCountryCode |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantCountry |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
Common |
MerchantReference |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
Y |
|
Y |
|
|
Common |
MerchantTrace |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
MerchantUSN |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
PAN |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
|
Y |
|
|
|
|
|
|
|
Y |
|
|
Common |
ReconReference |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
Terminal |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
Common |
TransactionIndex |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
|
Y |
|
|
|
|
|
|
|
Y |
|
|
Common |
MobileMoneyID |
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Common |
PANMode |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
|
Y |
|
|
|
|
|
|
Y |
|
|
Common |
CardHolderPresence |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Common |
TransactionUrl |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
C |
|
|
|
|
3DSecure |
ElectronicCommerceIndicator |
C |
C |
C |
C |
C |
C |
C |
C |
C |
C |
C |
|
|
|
|
|
|
|
Y |
Y |
|
|
|
|
|
3DSecure |
CardHolderAuthenticationData |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
|
|
|
|
|
3DSecure |
CardHolderAuthenticationID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
|
|
|
|
|
3DSecure |
ThreeDSecure_RequestID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
|
|
|
|
|
3DSecure |
ThreeDSecure_ACS_URL |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
|
|
|
|
3DSecure |
ThreeDSecure_PAReq |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
|
|
|
|
Card Detail |
Association |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Card Detail |
BIN |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
|
Y |
|
|
|
|
|
|
Y |
|
|
Card Detail |
CardType |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Card Detail |
Issuer |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Card Detail |
Jurisdiction |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
|
Y |
|
Y |
|
|
|
|
|
|
|
|
|
Result |
Code |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
Y |
|
|
|
Y |
Y |
|
|
Result |
Description |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
Y |
|
|
|
Y |
Y |
|
|
Result |
Source |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
Y |
|
|
|
Y |
Y |
|
|
Result |
Status |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
Y |
|
Y |
Y |
Y |
|
|
|
Y |
Y |
|
|
POS |
AccountType |
|
|
|
|
|
|
C |
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
AvailableBalance |
|
|
|
|
|
|
C |
|
|
|
|
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
CurrentBalance |
|
|
|
|
|
|
C |
|
|
|
|
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
DisplayAvailableBalance |
|
|
|
|
|
|
C |
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
DisplayCashAmount |
|
|
|
|
|
|
Y |
|
|
|
|
|
Y |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
DisplayCurrentBalance |
|
|
|
|
|
|
C |
|
|
|
|
|
C |
|
|
|
|
|
|
|
|
|
|
|
|
POS |
DevicePINKey |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
|
|
|
|
|
POS |
MACDevicePINKey |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
|
|
|
|
|
MasterPass |
MasterPassCode |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
MasterPass |
MasterPassCodeExpiryDate |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
MasterPass |
MasterPassMerchantName |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
MasterPass |
MasterPassShortDescription |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
O |
|
|
|
MasterPass |
MasterPassMerchantId |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
|
|
Forex |
ForeignExchangeID |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
ForeignExchangeProvider |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
BaseCurrency |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
BaseAmount |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
Forex |
ForeignCurrency |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
ForeignAmount |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
|
Forex |
ExchangeRate |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
ExpiryDateTime |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
MarginPercentage |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
Forex |
CommissionPercentage |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Y |
Y |
File Transfer - Automating File Transfer process
The File Transfer component of Enterprise facilitates the upload/download files to and from the iVeri Gateway. There may be files available for upload/download within Enterprise APIs that are not available via the BackOffice. Similarly, there may be files available for upload/download within BackOffice that are not available via the Enterprise APIs.
File Transfer Data Types
The File Transfer parameters have the following data types:
Data Type |
Description |
Guid |
Global Unique Identifier
{[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}
\} |
N |
Numeric (Positive integer) |
String |
Free format string containing, alpha numeric, special, and adding (printable ASCII)
|
The Node Type column corresponds to how the FileTransfer class should be used for the parameter:
Node Type |
Set input parameter value |
property |
Use method or property of FileTransfer corresponding to the parameter |
tag |
fileTransfer.setTag(..) |
File Transfer Parameters
File Transfer Parameter Description
Parameter |
Description |
||||||||||||||||||
Gateway |
The name of the gateway connecting to. If not explicitly set, the default gateway is used. |
||||||||||||||||||
CertificateID |
The iVeri CertificateID installed on the server communicating with the iVeri Gateway |
||||||||||||||||||
UserGroup |
The UserGroup used to login to the BackOffice website. Usually, the same as the BillingDetailsID |
||||||||||||||||||
UserName |
A Username created under the specified UserGroup |
||||||||||||||||||
Password |
The BackOffice password of the specified user |
||||||||||||||||||
Command |
The command identifying what should be done by the iVeri Gateway.
|
||||||||||||||||||
ApplicationID |
Identification of the merchant profile performing the file transfer |
||||||||||||||||||
Mode |
The mode of the corresponding ApplicationID |
||||||||||||||||||
FileName |
The identifying file name of the original batch / divert file uploaded |
||||||||||||||||||
FileFormat |
The format of the batch file to download
|
||||||||||||||||||
StartDateTime |
The starting datetime from which reconciliation information are required
|
||||||||||||||||||
YYYY-MM-DD HH:MM: SS |
YearMonthDay HourMinuteSecond |
||||||||||||||||||
EndDateTime |
The ending datetime to which reconciliation information are required |
||||||||||||||||||
YYYY-MM-DD HH:MM: SS |
YearMonthDay HourMinuteSecond |
||||||||||||||||||
Acquirer |
The acquirer that settled the transactions
|
||||||||||||||||||
AcquirerCycle |
The cycle from which reconciliation information are required |
||||||||||||||||||
MerchantUsn |
Acquirer identification for a merchant account |
File Specification
The specifications for the content of the files relevant to each of the supported commands are contained in the following sections:
- For downloading files from the Gateway, reference the iVeri Download Files XML Specification
- For uploading an XML batch file and related result file, reference the iVeri Batch XML Specification
- For uploading an XML batch file and related result file, reference the iVeri Batch Fixed Format Specification
- For generating payment links, reference the DiVert Specification Guide
The Gateway support payment instructions that can cause transfer of funds where the cardholder is debited and merchant account credited. There is also a set of enquiry messages that is available that is does not effect does not cause any transfer of funds
Transaction Commands
The following transaction types encompasses the payment mechanism which the iVeri Gateway supports and may cause the transfer of funds from cardholder to merchant or vise-versa.
Authorisation (also known as “Preauthorisation”)
Causes a reservation of funds on the cardholder’s account.
Authorisation Reversal
Unreserve the funds previously reserved on the cardholder’s account.
Debit (also known as “Sale” or “Purchase”)
Causes a transfer of funds from the cardholder to the merchant.
Credit (also known as “Refund” or “Pay”)
Causes a transfer of funds from the merchant to the cardholder.
Void
Cancel one of the above commands within a short time after the command was initiated.
Enquiry commands
The section to follow outlines the various enquiry message supported on the iVeri Gateway and corresponding descriptions. The enquiry commands do not cause the transfer of funds.
Enquiry Commands |
Description |
PANToken |
Instruction to tokenize card number, a token which can be used for ad-hoc or recurring payments. |
AccountValidation |
Validate the cardholders account |
RequestForDebit |
To request for payment request URL to be generated |
MasterPassQuickResponseCode |
For generating a MasterPass QR code |
MasterPassPaymentNotification |
For handling MasterPass Payment notifications |
DynamicCurrencyConversion
|
For doing currency rate lookups associated to the card |
MultiCurrencyPricing
|
|
UPOPAuthenticationRequestCreation |
For doing an 3D secure request enrollement and authentication on UPI Cards |
UPOPAuthenticationRequestValidation |
For validating the 3D secure authentication data on UPI Cards |
PING |
Check the status of the Gateway |
GetDevicePINKey |
Retrieve associate device Pin Key |
Balance |
Obtain the balance of the PIN based account in the currency of the account. |
PAN |
Obtain information about a card which is not present |
AuthenticatedCollection |
Authenticate the cardholder before doing scheduled or agreed collections between merchant and customer, handy for cases where Debi-check is required. |
File Transfer commands
The sections outline the commands that are supported by the Gateway where file transfer is attainable.
File Transfer Commands |
Descriptions |
Batch Upload |
Upload a Batch file to the Gateway |
Batch Download |
Download the result file on the Gateway |
DiVert Upload |
Upload a batch of payment requests to the Gateway |
DiVert Download |
Download the Divert Batch response file |
TransactionHistory Download |
Download a report contain the transaction history withing a given period |
Recon Download |
Download the recon report from the Gateway |
HotCard Download |
Download the file containing sanitised blacklisted cards |
BINLookup Download |
Retrieve Bin specific information |
BINManagement Download |
Retrieve available Bin file information |
BlackCard Download |
Retrieve blacklisted information with a merchant profile |
AcquirerRecon Download |
|
Inventory Download |
|
Action
An action corresponds to the combination of a payment mechanism and a command. The concept of an action is used within the documentation and examples as a means of describing functionality. The Enterprise API and iVeri Gateway use the concepts payment mechanism and command instead of Action.
The iVeri Gateway allows for the following actions:
Authorisation with PAN |
Reserve funds when a card is not present. This action is commonly known as a "Pre-Auth/Pre-Authorisation" |
Authorisation with Track2 |
Reserve funds when a card is present. Funds reservation is not applicable for cards requiring a PIN. This action is commonly known as a "Pre-Auth/Pre-Authorisation" |
Authorisation with VisaCheckoutCallID |
Reserve funds when a card is present. Funds reservation is not applicable for cards requiring a PIN. This action is commonly known as a "Pre-Auth/Pre-Authorisation" Usage: The use of the VisaCheckout CallID is only applicable to Visa Checkout Transactions |
Additional Authorisation with TransactionIndex |
Increase the amount previously reserved via iVeri by an additional amount. Note: The addition of funds previously reserved outside the iVeri Gateway is not supported. |
Authorisation Reversal with TransactionIndex |
Release the funds previously reserved on the cardholders account via the iVeri Gateway. NOTE:The release of funds reserved outside the iVeri Gateway is not supported. |
Debit with PAN |
Transfer of funds from cardholder to merchant when a card not present. The use of an AuthorisationCode previously obtained outside the iVeri Gateway is supported. |
Debit with Track2 |
Transfer of funds from cardholder to merchant when a card is present. The use of an AuthorisationCode previously obtained outside the iVeri Gateway is supported. |
Debit with PIN |
Transfer of funds from cardholder to merchant when a card requiring a PIN is present. |
Debit with TransactionIndex |
Transfer of funds from cardholder to merchant. Follow up of an action previously sent to the iVeri Gateway. Not supported for cards requiring a PIN. |
Debit with VisaCheckoutCallID |
Transfer of funds from cardholder to merchant. NOTE: Follow up of an action previously sent to the iVeri Gateway is not supported for cards requiring a PIN. |
Credit with PAN |
Transfer of funds from merchant to cardholder when a is card not present. When used, the refund is not linked to an original transaction, it is deemed a stand-alone refund. Usage: applicable for use cases where a merchant wants to refund a customer without having an original transaction. |
Credit with Track2 |
Transfer of funds from merchant to cardholder when a card is present. Credit is not currently supported for cards requiring a PIN. |
Credit with TransactionIndex |
Transfer of funds from merchant to cardholder. Follow up of an action previously sent to the iVeri Gateway. Not supported for cards requiring a PIN. Usage: Applies in uses cases where a merchant has an original transaction and either part or full refund of the original transaction is required. |
Credit with VisaCheckoutCallID |
Transfer of funds from merchant to cardholder. Follow up of an action previously sent to the iVeri Gateway. Not supported for cards requiring a PIN. |
Void |
Cancel a transaction command within a short time after the command was initiated. See more on ensuring end-to end transaction integrity |
Balance Enquiry with PIN |
Obtain the balance of the PIN based account in the currency of the account. Note that this currency may be different to the currency of the merchant. |
PAN Enquiry with PAN |
Obtain information about a card (which is not present) without performing a transaction, for example to check if the card is a hot card or blacklisted by the merchant. |
PAN Enquiry with Track2 |
Obtain information about a card (which is present) without performing a transaction, for example to check if the card is a hot card or blacklisted by the merchant. PAN Enquiry is not currently supported for cards requiring a PIN.
|
PAN Token Enquiry |
Obtain a TransactionIndex for the card number and expiry date without performing a transaction. The TransactionIndex is to be used in a Tokenized transaction. Usage: Tokenise a card without doing a transaction and use the token on subsequent transactions. |
Ping |
The Ping command is primarily used to determine if the connection status between the Merchant and the Acquirer. If the connection is down, then the Ping command can also be used to check when the status is back up. Usage: To check the status of the Gateway is up or down |
Get Device PIN Key |
Get the current Triple DES session key for a device. See PIN based transactions (section Error: Reference source not found). |
|
|
RequestForDebit |
A Request for a Debit (Sale) which contains a payment Link is generated by the Gateway onbehalf of the merchant and can be distributed to the customer by the Gateway or using the merchant’s distribution channels such as SMS or EMAIL etc Usage: Only applicable to the Divert solution and where merchants want’s to embed the payment Link into their own applications. |
MasterPassQuickResponseCode |
Generating / Managing a transactional code that can be paid for by a cardholder. See MasterPass section. |
DynamicCurrencyConversion |
Generating / Managing a transactional code that can be paid for by a cardholder. See Dynamic Currency Conversion |
MultiCurrencyPricing |
Generating / Managing a transactional code that can be paid for by a cardholder. See Multi Currency Pricing section. |
MasterPassPaymentNotification |
Inquiring whether a payment notification has been received from MasterPass. |
UPOPAuthenticationRequestCreation |
The creation of the Authentication Request message to be posted to the UPOP authentication server. See UPOP Authentication Request section NOTE: Only applicable to UPI cards and support is dependent on the acquiring bank |
UPOPAuthenticationRequestValidation |
The validation of the Authentication Response message received from the UPOP authentication server. See UPOP Authentication Request section. NOTE: Only applicable to UPI cards and support is dependent on the acquiring bank |
MasterPass
MasterPass is a safe and easy way in which merchants can present the QR code which customers can scan using a MasterPass application to affect a payment.
Create Code
Requirements
Merchant must be onboarded for MasterPass on the iVeri Gateway and on the MasterPass platform.
Create Code
Function: Generate a transactional code that can then be paid for by a cardholder. This code can be represented as a QR code, transferred using NFC or manually entered a device. The code can also be used as part of an In-App payment.
Create Code Parameters
Request Parameter | Description |
MasterPassAction | Mandatory, The action to perform. |
MasterPassMerchantID | Mandatory, The merchant id as captured on MasterPass. |
MasterPassShortDescription | Mandatory, This will be displayed to the consumer at the time a code is scanned. Length is 5 to 45 characters |
MasterPassCodeExpiryDate | Optional. If this is empty the code will by default expire in 30 minutes from issue. If this value is 0 the code will never expire. This time is specified in epoch. |
Amount | Mandatory, To use a variable amount use 0 as the amount. |
Currency | Mandatory, The currency is tied to the merchant setup. |
MerchantReference | Mandatory, Used to link code to transaction. |
Response Parameter | Description |
MasterPassAction | The action that was performed |
MasterPassCode | This is the result code |
MasterPassCodeExpiryDate | Date until the code is valid. This is in epoch time. |
Create Code – REST Sample
Request | Response |
Request: { "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "CreateCode", "Currency": "ZAR", "MerchantReference": "Ref_001", "Amount": "1075", "MasterPassShortDescription": "Basket of goods" } }
| { "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "CreateCode", "Currency": "ZAR", "MerchantReference": "Ref_001", "Amount": "1075", "MasterPassShortDescription": "Basket of goods" } }
|
Create Code – SOAP Sample
SOAP Request | SOAP Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx" Command="MasterPassQuickResponseCode" Mode="LIVE"> <Amount>1075</Amount> <Currency>ZAR</Currency> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>CreateCode</MasterPassAction> <MasterPassShortDescription>TestProduct1</MasterPassShortDescription> </Enquiry> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
| <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response">
|
Query Code
Function: Query a code that has been created.
Query Code Parameters
Request Parameter | Description |
MasterPassAction | Mandatory, The action to perform. |
MasterPassMerchantID | Mandatory, The merchant id as captured on MasterPass. |
MasterPassCode | Mandatory, The result code that must be queried |
Response Parameter | Description |
MasterPassAction | The action that was performed |
MasterPassShortDescription | Short decription linked to the code |
MasterPassCodeExpiryDate | Date until the code is valid. This is in epoch time. |
MasterPassMerchantName | The name of the merchant as captured on MasterPass |
Amount | Amount linked to the code. |
Currency | The currency is tied to the merchant setup. |
MerchantReference | Linked to the code. |
Query Code – REST Sample
Request | Response |
{ "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Mode": "Live", "command":"MasterPassQuickResponseCode", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "QueryCode", "MerchantReference": "Ref_001", "MasterPassCode":"xxx2720xxx" } }
| { "Version": "2.0", "Direction": "Response", "Enquiry": { "Currency": "R", "MerchantReference": "Ref_001", "Amount": "1075", "MasterPassAction": "QueryCode", "MasterPassShortDescription": "Basket of goods", "MasterPassCodeExpiryDate": "1645187074000", "MasterPassMerchantName": "Retail Merchant 001", "ApplicationID": "{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "RequestID": "{xxxxxxxx-2207-4C11-A89C-xxxxxxxxxxxx}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QAGW2012APP1", "DBServer": "QAGW2012DB2", "Gateway": "QA" } } }
|
Query Code –SOAP Sample
Request | Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx" Command="MasterPassQuickResponseCode" Mode="LIVE"> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>QueryCode</MasterPassAction> <MasterPassCode>xxx5104xxx</MasterPassCode> </Enquiry> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
| <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}" Command="MasterPassQuickResponseCode" Mode="Live" RequestID="{xxxxxxxx-55EC-4835-9817-xxxxxxxxxxxx}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" /> <Currency>R</Currency> <MerchantReference>Ref_002</MerchantReference> <Amount>1075</Amount> <MasterPassAction>QueryCode</MasterPassAction> <MasterPassShortDescription>TestProduct</MasterPassShortDescription> <MasterPassCodeExpiryDate>1647898033000</MasterPassCodeExpiryDate> <MasterPassMerchantName>Sample Merchant Enterprise Enterprise</MasterPassMerchantName> </Enquiry> </V_XML></ExecuteResult></ExecuteResponse></soap:Body></soap:Envelope |
Delete Code
Function: Delete a code that has been created
Delete Code Parameters
Request Parameter | Description |
MasterPassAction | Mandatory, The action to perform. |
MasterPassMerchantID | Mandatory, The merchant id as captured on MasterPass. |
MasterPassCode | Mandatory, The result code that must be deleted |
Response Parameter | Description |
MasterPassAction | The action that was performed |
Delete Code – REST Sample
Request | Response |
{ "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Mode": "Live", "command":"MasterPassQuickResponseCode", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "DeleteCode", "MerchantReference": "Ref_001", "MasterPassCode":"0790455080" } }
| { "Version": "2.0", "Direction": "Response", "Enquiry": { "MasterPassAction": "DeleteCode", "ApplicationID": "{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "RequestID": "{xxxxxxxx-1DC1-4D06-A632-xxxxxxxxxxxx}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QAGW2012APP1", "DBServer": "QAGW2012DB2", "Gateway": "QA" } } }
|
Delete Code – SOAP Sample
Request | Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx" Command="DeleteCode" Mode="LIVE"> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>DeleteCode</MasterPassAction> <MasterPassCode>xxx5104xxx</MasterPassCode> </Enquiry> </V_XML> </request> </Execute>
| <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}" Command="DeletCode Mode="Live" RequestID="{xxxxxxxx-304D-4EB0-882D-xxxxxxxxxxxx}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" /> <MasterPassAction>DeleteCode</MasterPassAction> </Enquiry> </V_XML></ExecuteResult></ExecuteResponse></soap:Body></soap:Envelope> |
Update Code
Function: Query a code that has been created.
Update Code Parameters
Request Parameter |
Description |
MasterPassAction |
Mandatory, the action to perform. |
MasterPassMerchantID |
Mandatory, the merchant id as captured on MasterPass. |
MasterPassCode |
Mandatory, the result code that must be queried |
Amount |
Mandatory, to use a variable amount use 0 as the amount. |
Currency |
Mandatory, the currency is tied to the merchant setup. |
MerchantReference |
Mandatory, used to link code to transaction. |
MasterPassShortDescription |
Mandatory, This will be displayed to the consumer at the time a code is scanned. Length is 5 to 45 characters |
MasterPassCodeExpiryDate |
Optional. If this is empty the code will by default expire in 30 minutes from issue. If this value is 0 the code will never expire. This time is specified in epoch. |
Response Parameter |
Description |
MasterPassAction |
The action that was performed |
Update Code - REST Sample
Request |
Response |
{ "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Mode": "Live", "command":"MasterPassQuickResponseCode", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "UpdateCodeAmount", "MerchantReference": "Ref_001", "MasterPassCode":"xxx2720xxx", "Amount":"2000", "Currency":"ZAR", "MasterPassShortDescription":"The code has been updated"
} }
|
{ "Version": "2.0", "Direction": "Response", "Enquiry": { "MasterPassAction": "UpdateCodeAmount", "ApplicationID": "{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "RequestID": "{xxxxxxxx-5FAE-490C-87CF-xxxxxxxxxxxx}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QAGW2012APP1", "DBServer": "QAGW2012DB2", "Gateway": "QA" } } }
|
Update Code -SOAP Sample
Request |
Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx" Command="MasterPassQuickResponseCode" Mode="LIVE"> <Amount>2000</Amount> <Currency>ZAR</Currency> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>UpdateCodeAmount</MasterPassAction> <MasterPassCode>xxx5104xxx</MasterPassCode> <MasterPassShortDescription>The code has been updated</MasterPassShortDescription> </Enquiry> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}" Command="MasterPassQuickResponseCode" Mode="Live" RequestID="{xxxxxxxx-E3FB-447B-BBC1-xxxxxxxxxxxx}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" /> <MasterPassAction>UpdateCodeAmount</MasterPassAction> </Enquiry> </V_XML></ExecuteResult></ExecuteResponse></soap:Body></soap:Envelope> |
Block Code
Function: This is an API call to temporarily block a code. This prevents purchases on the code.
Block Code Parameters
Request Parameter |
Description |
MasterPassAction |
Mandatory, The action to perform. |
MasterPassMerchantID |
Mandatory, The merchant id as captured on MasterPass. |
MasterPassCode |
Mandatory, The result code that must be blocked |
Response Parameter |
Description |
MasterPassAction |
The action that was performed |
Block Code Sample Message
Request |
Response |
{ "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Mode": "Live", "command":"MasterPassQuickResponseCode", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "BlockCode", "MerchantReference": "Ref_001", "MasterPassCode":"xxx2720xxx" } }
|
{ "Version": "2.0", "Direction": "Response", "Enquiry": { "MasterPassAction": "BlockCode", "ApplicationID": "{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "RequestID": "{xxxxxxxx-7EF2-449D-8454-xxxxxxxxxxxx}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QAGW2012APP1", "DBServer": "QAGW2012DB2", "Gateway": "QA" } } }
|
Block Code – SOAP Sample
Request |
Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx" Command="MasterPassQuickResponseCode" Mode="LIVE"> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>BlockCode</MasterPassAction> <MasterPassCode>xxx5104xxx</MasterPassCode> </Enquiry> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}" Command="MasterPassQuickResponseCode" Mode="Live" RequestID="{xxxxxxx-271A-407D-AB52-xxxxxxxxxxxx}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" /> <MasterPassAction>BlockCode</MasterPassAction> </Enquiry> </V_XML></ExecuteResult></ExecuteResponse></soap:Body></soap:Envelope>
|
Unblock Code
Function: This unblocks a blocked code. This call enables future purchases on that code.
Unblock Code Parameters
Request Parameter |
Description |
MasterPassAction |
Mandatory, The action to perform. |
MasterPassMerchantID |
Mandatory, The merchant id as captured on MasterPass. |
MasterPassCode |
Mandatory, The result code that must be unblocked |
Response Parameter |
Description |
MasterPassAction |
The action that was performed |
UnBlock Code – REST Sample
Request |
Response |
{ "Version": "2.0", "CertificateID": "{xxxxxxxx-71dd-4044-802d-xxxxxxxxxxxx}", "ProductType": "Enterprise", "Direction": "Request", "Enquiry": { "ApplicationID": "{xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxxxx}", "Mode": "Live", "command":"MasterPassQuickResponseCode", "MasterPassMerchantID": "xxxxx", "MasterPassAction": "UnblockCode", "MerchantReference": "Ref_001", "MasterPassCode":"xxx2720xxx" } }
|
{ "Version": "2.0", "Direction": "Response", "Enquiry": { "MasterPassAction": "UnblockCode", "ApplicationID": "{xxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}", "Command": "MasterPassQuickResponseCode", "Mode": "Live", "RequestID": "{xxxxxxxx-6E28-41F2-81BE-xxxxxxxxxxxx}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QAGW2012APP1", "DBServer": "QAGW2012DB2", "Gateway": "QA" } } }
|
UnBlock Code – SOAP Sample
Request |
Response |
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="xxxxxxxx-71dd-4044-802d-xxxxxxxxxx" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="xxxxxxxx-68e0-42eb-aba9-xxxxxxxxxx" Command="MasterPassQuickResponseCode" Mode="LIVE"> <MerchantReference>Ref_002</MerchantReference> <MasterPassMerchantID>xxxxx</MasterPassMerchantID> <MasterPassAction>UnblockCode</MasterPassAction> <MasterPassCode>xxx5104xxx</MasterPassCode> </Enquiry> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><ExecuteResponse xmlns="http://iveri.com/"><ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{xxxxxxxxxx-68E0-42EB-ABA9-xxxxxxxxxxxx}" Command="MasterPassQuickResponseCode" Mode="Live" RequestID="{xxxxxxxxxx-474B-454E-801D-xxxxxxxxxxxx}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" /> <MasterPassAction>UnblockCode</MasterPassAction> </Enquiry> </V_XML></ExecuteResult></ExecuteResponse></soap:Body></soap:Envelope>
|
Transaction Sequence
Authorisation Flow
The possible transaction sequence flow with an initial Authorization is the following:
Debit/Sale
The possible transaction sequence flow with an initial Debit is the following
Refund/Credit
The possible transaction sequence flow with an initial Credit is the following:
Foreign Exchange
Dynamic Currency Conversion (DCC)
DCC is service that enables payment card cardholders to make international card purchases or transactions in their own currency. The conversion of the purchase price of goods or services from the merchant’s local currency to the cardholder’s home currency occurs at the point of sale at the quoted exchange rate from a cited exchange rate source.
DCC Transaction Flow
- Perform an enquiry DCC rate request using a PAN and Amount to the iVeri Gateway
- Merchant presents the returned DCC rate offer to the customer
- Perform a transaction using the customers elected currency
Sample – DCC/MCP Request with Specified PAN and Base Amount
REST |
SOAP |
Request |
|
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Enquiry": { "ApplicationID": "{56cdf444-b238-4609-9137-148a34b08f59}", "Command": "DynamicCurrencyConversion", "Mode": "LIVE", "MerchantReference": "Farm_1709", "MerchantTrace": "20220520_1706", "Currency": "ZAR", "Amount": "5000", "ExpiryDate": "1225", "CardSecurityCode": "001", "PAN": "5185520050000010" } }
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="{4c96973f-71dd-4044-802d-6e234effe8f2}" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="{56cdf444-b238-4609-9137-148a34b08f59}" Command="DynamicCurrencyConversion" Mode="Live"> <MerchantTrace>240X568VFEEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>1225</ExpiryDate> <MerchantReference>20220104.1525</MerchantReference> <CardSecurityCode>001</CardSecurityCode> <PAN>5185520050000010</PAN> </Enquiry></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response |
|
{ "Version": "2.0", "Direction": "Response", "Enquiry": { "MerchantName": "Busiswa", "MerchantUSN": "1732460", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "02848:09021748", "AcquirerDate": "20221230", "AcquirerTime": "151154", "Currency": "ZAR", "Amount": "5000", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ForeignExchange": { "ForeignExchangeItem": [ { "Version": "1.0", "ForeignExchangeID": "{3056511A-360E-4C57-8437-4BEBE5CF0CD4}", "ForeignExchangeProvider": "Fexco", "BaseCurrency": "ZAR", "BaseAmount": "50.00", "ForeignCurrency": "KES", "ForeignAmount": "405.29", "ExchangeRate": "8.1058", "ExpiryDateTime": "2023-12-30 15:10:21", "MarginPercentage": "3.5", "CommissionPercentage": "0.000000", "Source": "REUTERS WHOLESALE INTERBANK", "SourceTimestamp": "2022-03-29 17:31:06" } ] }, "ApplicationID": "{56CDF444-B238-4609-9137-148A34B08F59}", "Command": "DynamicCurrencyConversion", "Mode": "Live", "RequestID": "{E575AA65-8C06-4814-B9CC-A99AD4C06EB1}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QA2019GWAPP01", "DBServer": "QA2019GWDB02", "Gateway": "QA", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{56CDF444-B238-4609-9137-148A34B08F59}" Command="DynamicCurrencyConversion" Mode="Live" RequestID="{0192B92C-E645-4E67-877D-4EEB71492818}"> <Result Status="0" Code="0" Description="" AppServer="QA2019GWAPP01" DBServer="QA2019GWDB02" Gateway="QA" AcquirerCode="00" AcquirerDescription="" /> <MerchantName>Busiswa</MerchantName> <MerchantUSN>1732460</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>02848:09021749</AcquirerReference> <AcquirerDate>20221230</AcquirerDate> <AcquirerTime>153200</AcquirerTime> <Currency>ZAR</Currency> <Amount>2000</Amount> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> <ForeignExchange> <ForeignExchangeItem Version="1.0"> <ForeignExchangeID>{62EC3B82-BD4A-40D0-9AB1-79996761A17E}</ForeignExchangeID> <ForeignExchangeProvider>Fexco</ForeignExchangeProvider> <BaseCurrency>ZAR</BaseCurrency> <BaseAmount>20.00</BaseAmount> <ForeignCurrency>KES</ForeignCurrency> <ForeignAmount>162.12</ForeignAmount> <ExchangeRate>8.1058</ExchangeRate> <ExpiryDateTime>2023-12-30 15:30:27</ExpiryDateTime> <MarginPercentage>3.5</MarginPercentage> <CommissionPercentage>0.000000</CommissionPercentage> <Source>REUTERS WHOLESALE INTERBANK</Source> <SourceTimestamp>2022-03-29 17:31:06</SourceTimestamp> </ForeignExchangeItem> </ForeignExchange> </Enquiry> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Perform a transaction using the customers elected currency
REST |
SOAP |
Request |
|
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{56cdf444-b238-4609-9137-148a34b08f59}", "Command": "Debit", "Mode": "LIVE", "MerchantReference": "Farm_12098", "MerchantTrace": "20220520_1631", "Currency": "ZAR", "Amount": "5000", "ExpiryDate": "1225", "CardSecurityCode": "001", "PAN": "5185520050000010", "ForeignAmount": "40529", "ForeignCurrency": "KES", "ForeignExchangeID":"{3056511A-360E-4C57-8437-4BEBE5CF0CD4}"
} }
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="{4c96973f-71dd-4044-802d-6e234effe8f2}" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="{56cdf444-b238-4609-9137-148a34b08f59}" Command= Mode="Live"> <MerchantTrace>240X568VFEEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>1225</ExpiryDate> <MerchantReference>20220104.1525</MerchantReference> <CardSecurityCode>001</CardSecurityCode> <PAN>5185520050000010</PAN> </Enquiry></V_XML> <ForeignExchangeID>{62EC3B82-BD4A-40D0-9AB1-79996761A17E}</ForeignExchangeID> <ForeignCurrency>KES</ForeignCurrency> <ForeignAmount>16212</ForeignAmount>
</request> </Execute> </soap:Body> </soap:Envelope>
|
Response |
|
{ "Version": "2.0", "Direction": "Response", "Transaction": { "MerchantTrace": "20220520_1631", "Amount": "5000", "AuthorisationCode": "012247", "CCNumber": "5185........0010", "Currency": "ZAR", "ExpiryDate": "122025", "MerchantReference": "Farm_12098", "Terminal": "Default", "TransactionIndex": "{C4BF6D8A-E6DF-4B92-8B40-056CA516A5FE}", "MerchantName": "Busiswa", "MerchantUSN": "1732460", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "02848:09021750", "AcquirerDate": "20221230", "AcquirerTime": "155823", "DisplayAmount": "R 50.00", "BIN": "5", "Association": "MasterCard", "CardType": "Unknown Card Type", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "5185........0010", "PANMode": "Keyed", "ReconReference": "09021750", "CardHolderPresence": "CardNotPresent,MOTO", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ForeignAmount": "40529", "ForeignCurrency": "KES", "DisplayForeignAmount": "KSh 405.29", "ApplicationID": "{56CDF444-B238-4609-9137-148A34B08F59}", "Command": "Debit", "Mode": "Live", "RequestID": "{F9EE9359-9D62-46C3-AE4E-97E151A8EB6E}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QA2019GWAPP01", "DBServer": "QA2019GWDB02", "Gateway": "QA", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
|
Multi-Currency Pricing (MCP)
MCP offers eCommerce merchants the ability to sell their goods or services in currencies other than their base/local currency. This gives the merchant the ability to transact with new customers around the world while at the same time they can generate a new revenue stream. With MCP, the merchant prices goods/services in a currency other than, or in addition to, the merchant’s local currency.
The cardholder makes a purchase decision based on the price displayed by the merchant. The transaction is then completed with the price displayed by the merchant and the currency selected by the cardholder, with no currency conversion performed by the merchant.
MCP Transaction Flow
- Perform an enquiry message using MCP enquiry message.
- Merchant makes use of the returned list of MPC rates and perform transactions based on the customers elected currency.
NB: Support of MCP is not yet publicly available to merchants.
MCP - SAMPLES
REST |
SOAP |
Request |
|
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Enquiry": { "ApplicationID": "{56cdf444-b238-4609-9137-148a34b08f59}", "Command": " MultiCurrencyPricing ", "Mode": "LIVE", "MerchantReference": "Farm_1709", "MerchantTrace": "20220520_1706", "Currency": "ZAR", "Amount": "5000", "ExpiryDate": "1225", "CardSecurityCode": "001", "PAN": "5185520050000010" } }
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="{4c96973f-71dd-4044-802d-6e234effe8f2}" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Enquiry ApplicationID="{56cdf444-b238-4609-9137-148a34b08f59}" Command=" MultiCurrencyPricing " Mode="Live"> <MerchantTrace>240X568VFEEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>1225</ExpiryDate> <MerchantReference>20220104.1525</MerchantReference> <CardSecurityCode>001</CardSecurityCode> <PAN>5185520050000010</PAN> </Enquiry></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response |
|
{ "Version": "2.0", "Direction": "Response", "Enquiry": { "MerchantName": "Busiswa", "MerchantUSN": "1732460", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "02848:09021748", "AcquirerDate": "20221230", "AcquirerTime": "151154", "Currency": "ZAR", "Amount": "5000", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ForeignExchange": { "ForeignExchangeItem": [ { "Version": "1.0", "ForeignExchangeID": "{3056511A-360E-4C57-8437-4BEBE5CF0CD4}", "ForeignExchangeProvider": "Fexco", "BaseCurrency": "ZAR", "BaseAmount": "50.00", "ForeignCurrency": "KES", "ForeignAmount": "405.29", "ExchangeRate": "8.1058", "ExpiryDateTime": "2023-12-30 15:10:21", "MarginPercentage": "3.5", "CommissionPercentage": "0.000000", "Source": "REUTERS WHOLESALE INTERBANK", "SourceTimestamp": "2022-03-29 17:31:06" } ] }, "ApplicationID": "{56CDF444-B238-4609-9137-148A34B08F59}", "Command": "DynamicCurrencyConversion", "Mode": "Live", "RequestID": "{E575AA65-8C06-4814-B9CC-A99AD4C06EB1}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "QA2019GWAPP01", "DBServer": "QA2019GWDB02", "Gateway": "QA", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Enquiry ApplicationID="{56CDF444-B238-4609-9137-148A34B08F59}" Command="DynamicCurrencyConversion" Mode="Live" RequestID="{0192B92C-E645-4E67-877D-4EEB71492818}"> <Result Status="0" Code="0" Description="" AppServer="QA2019GWAPP01" DBServer="QA2019GWDB02" Gateway="QA" AcquirerCode="00" AcquirerDescription="" /> <MerchantName>Busiswa</MerchantName> <MerchantUSN>1732460</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>02848:09021749</AcquirerReference> <AcquirerDate>20221230</AcquirerDate> <AcquirerTime>153200</AcquirerTime> <Currency>ZAR</Currency> <Amount>2000</Amount> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> <ForeignExchange> <ForeignExchangeItem Version="1.0"> <ForeignExchangeID>{62EC3B82-BD4A-40D0-9AB1-79996761A17E}</ForeignExchangeID> <ForeignExchangeProvider>Fexco</ForeignExchangeProvider> <BaseCurrency>ZAR</BaseCurrency> <BaseAmount>20.00</BaseAmount> <ForeignCurrency>KES</ForeignCurrency> <ForeignAmount>162.12</ForeignAmount> <ExchangeRate>8.1058</ExchangeRate> <ExpiryDateTime>2023-12-30 15:30:27</ExpiryDateTime> <MarginPercentage>3.5</MarginPercentage> <CommissionPercentage>0.000000</CommissionPercentage> <Source>REUTERS WHOLESALE INTERBANK</Source> <SourceTimestamp>2022-03-29 17:31:06</SourceTimestamp> </ForeignExchangeItem> </ForeignExchange> </Enquiry> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
3D Secure
3D secure is an EMVCO standard which is made up of 6 major card brand networks, allowing merchants to accept and process authenticated online transactions by cardholders with their bank prior to the actual authorization of the payment. Through the iVeri Gateway, the following 3D secure authentication services from the card schemes are supported.
- Verified by VISA (VbV),
- SecureCode by Mastercard,
- SafeKey by American Express,
- UPOP by UPI
- Protect Buy by Diners
Merchant Benefits
- Acceptance of authenticated transactions via 3D secure deters unauthorized card use.
- Enables the merchants to receive protection, liability shift from fraudulent chargeback activity
Overview
Integrate 3D Secure
Integrate 3D Secure functions via the iVeri Gateway
- Implement a form post with the required data
- When received, the Gateway will process and handle the enrollment lookups, authentication with the 3DS provider on your behalf
- On completion, of the authentication, the merchant can submit payment instruction with the 3D 2 authentication data
Integrate 3D Secure directly with the 3DSecure MPI vendor
- Contact 3D secure Vendor
- Integrate the 3D secure using the 3D secure integration specification from the MPI/3D Secure vendor
- On completion of the 3D secure process, merchants, or Payment service Provider (PSP) can include 3D secure authentication data on the payment instructions to the iVeri Gateway.
- When received, the Gateway will process the payment to the appropriate acquirer
3DS 2
3D secure 2 is the latest standard released by EMVCo that allows merchants and payment service providers to send additional data elements to the issuing bank of the cardholder, which in turn, makes it possible for the issuer of the card to perform frictionless authentication and offer an improved, better, user experience to the cardholder. With the additional data elements relating to the cardholder, issuers can apply Frictionless Authentication flows or “Challenged” authentication flows.
Frictionless Authentication Flows: issuers can apply risk-based decisions using the additional data received and trust that the real cardholder is making the purchase and auto authenticate the transaction in the background without requesting any additional information from the cardholder.
Challenged Authentication Flows: When the issuer cannot apply risk-based decision using the data on record, additional information to authenticate the payment is then requested from the cardholder.
Integration Prerequisites
- Merchant must request a certificate in the merchant portal - Backoffice.
- The generated certificate ID is only applicable on the Authorisation/Debit message not the 3DS process.
- The merchants application ID must be enabled for 3DS 2
- Merchant Profile
A merchants test application ID must be enabled for 3DS 2. Contact iVeri support on assist@iveri.com to enable 3D secure.
Integration testing using should use the test application and corresponding 3D secure test cards
3DS 2 Endpoint
3D secure - https:// [portal base URL]/threedsecure/EnrollmentInitial
Method: POST
Format: FormData
Integration Method
Implementation of 3DS 2 to the iVeri Gateway can be done by either using as a form Post or Pop-up
3D Secure Process
- Submit 3D secure request in a Form POST or Pop-Up method
- Post request on /threedsecure/EnrollmentInitial
- The iVeri Gateway act as proxy and submits the 3D secure request to the 3DS MPI onbehalf of the merchant
- 3D secure MPI returns the status to the iVeri Gateway
- iVeri Gateway posts the status of the 3D secure authentication to the merchant ReturnURL
- Depending on the data set returned, the merchant can proceed with the payment instruction ( Debit/Authorisation) or the transaction will have to be terminated to the customer.
3D Secure
3DS 2 Parameters
Request Parameters
Parameter |
Description |
Merchant ReturnUrl |
Mandatory: The URL which the Gateway will post return response parameters to |
ApplicationID |
Mandatory: Merchant Application ID generated upon the creation of the merchant profile on the iVeri Gateway |
MerchantReference |
Mandatory: A merchant generated identifier that is unique within a specified time that identifies a transaction sequence. |
Amount |
Mandatory: The total value of the transaction in the smallest unit of the currency specified (eg in cents) |
Currency |
Mandatory: The ISO 4217 currency code of the value of the transaction. e.g., USD or ZAR or GBP |
PAN |
Mandatory: Card number used for transaction |
ExpiryDate |
Mandatory: The last month of the validity period of the card, formatted as MMYY or MMYYYY |
CardSecurityCode |
The 3 or 4 digits printed on the card which are not contained on the magnetic strip. Usually printed after the Card number on the signature strip. Corresponds to American Express CIV, MasterCard CVC2 and VISA CVV2 |
Note: Depending on the result of 3D secure authentication, the following fields will be returned
Parameter |
Description |
ApplicationID |
Identification of the merchant profile performing the transaction |
MerchantReference |
|
Amount |
|
Currency |
|
JWT |
|
PAN |
|
ExpiryDate |
|
ResultCode |
|
ResultDescription |
|
ThreeDSecure_AuthenticationType |
Expected Value: 01 |
CardHolderAuthenticationID |
Commonly known XID: Unique identifier generated during the 3DS process |
CardHolderAuthenticationData |
|
ElectronicCommerceIndicator |
Commonly known as “ECI”: Indicates if the cardholder was fully authenticated, attempted or not. Possible values: ThreeDSecure (ECI “05”, “02”), ThreeDSecureAttempted (“ECI “06” or “01”) or SecureChannel (ECI “07”) |
ThreeDSecure_VEResEnrolled |
Possible values: Y|N|U - Indicates if the card is enrolled. |
ThreeDSecure_RequestID |
|
ThreeDSecure_ProtocolVersion |
Indicates the version of 3D secure used |
ThreeDSecure_DSTransID |
Directory Server Transaction ID returned for the transaction |
3D Secure 2 implementation using the Pop-Up Method
Mandatory Requirements
Merchants can use the from the Gateway or they can build their own:
jQuery = [portal domain]/scripts/jquery/js/https://jquery.min.js/
Bootstrap = [portal domain] /scripts/jquery/js/https://jquery.tdsbox.js/
Step1: Initialize the popup
Include the following javascript code on your webpage that you want to initiate 3DS from:
$(document).ready(function () {
tdsboxInitialise('[portal domain]',
tdsboxComplete);
});
Step2: Load the popup and shows the modal dialog
function loadModal() {
var jsonObject = {
ApplicationID : $("#ApplicationID").val(),
MerchantReference : $("#MerchantReference").val(),
Amount : $("#Amount").val(),
Currency : $("#Currency").val(),
PAN : $("#PAN").val(),
ExpiryDate : $("#ExpiryDate").val()
};
var data = JSON.stringify(jsonObject);
tdsboxSubmit(data);
}
Step 3: Gets the response back after 3D 2 Completes
function tdsboxComplete(data) {
alert(data);
}
3D Secure 2 implementation using the Form Post
Merchant can POST Form variables to the 3DS 2 endpoint, which is redirect over the browser. On completion of the 3D secure process, the Gateway will return the result to the merchant ReturnURL. The result returned to the merchant will either allow for the continuation of the Authorisation/debit instruction or result in the termination of the transaction by the merchant to the customer.
Format: Form Data
Form Post request Sample |
<form name="Form1" method="post"action="https://portal.iveri.net/threedsecure/EnrollmentInitial" id="Form1"> <input type="hidden" name="ApplicationID" id="ApplicationID" value="{ca8a6eae-a469-4b39-bef3-aa029ca3a806}" /> <input type="hidden" name="ReturnUrl" id="ReturnUrl" value="https://[domain]/Lite/Result.asp" /> <div>Amount:</div><input type="text" name="Amount" id="Amount" value="2000" /></br> <input type="hidden" name="Currency" id="Currency" value="ZAR" /> <div>Reference:</div><input type="text" name="MerchantReference" id="MerchantReference" value="3DS2:20210920.001" /></br> <div>PAN:</div><input type="text" name="PAN" id="PAN" value="5192602720584796" /></br> <div>Expiry:</div><input type="text" name="ExpiryDate" id="ExpiryDate" value="012023" /></br> <br /> <input type="submit" name="buttonPostData" value="Post Data" id="buttonPostData" class="clsButton" style="width:90px;" />
</form>
|
3D secure
Authorisation/Debit with 3DS 2 Data
Merchants have the choice of doing 3D secure authentication directly with the 3DS Vendor ("MPI") or via the iVeri Gateway. In any event, when the authentication process is completed successfully, the merchant can POST the payment instruction to the iVeri Gateway with the authentication data using the SOAP or REST webservice.
Debit/Authorisation Payment Parameters
The applicable set of 3DS 2 parameters are expected in the Authorisation/Debit message are as follows
Parameter |
Description |
CardHolderAuthenticationID |
Mandatory for 3DS 1 and 2: Commonly known as an XID: Unique identifier generated during the 3D secure process |
CardHolderAuthenticationData |
Mandatory for 3DS 1 and 2: Commonly known as UCAF -(universal cardholder authentication field) for Mastercard or CAVV( cardholder authentication verification value), generated on completion of the authentication between cardholder and card issuer |
ElectronicCommerceIndicator |
Mandatory for 3DS 1 and 2: Commonly known as “ECI”: Indicates if the cardholder was fully authenticated, attempted or not. Possible values: ThreeDSecure (ECI “05”, “02”), ThreeDSecureAttempted (“ECI “06” or “01”) or SecureChannel (ECI “07”) |
ThreeDSecure_VEResEnrolled |
Optional: Possible values: Y|N|U - Indicates if the card is enrolled. |
ThreeDSecure_RequestID |
Optional: Unique identifier returned by the Gateway on completion of the 3D secure authentication process |
New 3D Secure 2 Parameters |
|
ThreeDSecure_AuthenticationType |
Optional: Possible values( not limited to) "01", "02", "03". Must be as generated on completion of the 3D secure authentication process. indicates the method of authentication used. |
ThreeDSecure_ProtocolVersion |
Mandatory: Indicates the version of 3D secure used |
ThreeDSecure_DSTransID |
Mandatory: Directory Server Transaction ID returned on completion of the 3D secure authentication process |
|
|
Webservice Service Payment Samples
For submission of transactions to the Gateway the merchant can post to the existing Portal URL's . The Portal URL's are listed in the REST and SOAP sections by acquiring bank. As a note, the submission of the Debit/Authorisation message assumes the following:
- 3DS 2 authentication was a success.
- The merchant is making use of the test application ID with mode "Test" for integration testing
REST Webservice |
SOAP Webservice |
Format: JSON Transaction Endpoint - https://[portal domain]/api/transactions
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}", "Command": "Debit", "Mode": "Test", "Amount": "1500", "ExpiryDate": "0123", "MerchantReference": "3DS2:20210920.004", "Currency": "ZAR", "PAN": "4069425217889137", "ThreeDSecure_ProtocolVersion": "2.1.0", "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=", "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=", "ElectronicCommerceIndicator": "ThreeDSecure", "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63", "ThreeDSecure_AuthenticationType": "01" "ThreeDSecure_VEResEnrolled": "Y" } }
|
Format: XML Transaction Endpoint - https://[portal domain] /iVeriWebservice/Service.asmx
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="b2fd980c-f61a-473e-a685-5e8d38595d84" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="66bc5003-88dd-4cd5-9b27-2b5cdb7a8b73" Command="Debit" Mode="Test"> <MerchantTrace>9AE2405C07E7227568BEEE5A58E890</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>012023</ExpiryDate> <MerchantReference>3DS2:202112.002</MerchantReference> <CardSecurityCode>123</CardSecurityCode> <PAN>4069425217889137</PAN> <ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator> <CardHolderAuthenticationID>nhkWtFs6DlxCbpAyOFmjjxTtZOc=</CardHolderAuthenticationID> <CardHolderAuthenticationData>AJkBCIZ1CQAAAAfQcQADdISCkYQ=</CardHolderAuthenticationData> <ThreeDSecure_ProtocolVersion>2.1.0</ThreeDSecure_ProtocolVersion> <ThreeDSecure_DSTransID>c43c9d4a-3461-46e9-be29-3c7a0e033e11</ThreeDSecure_DSTransID> <ThreeDSecure_AuthenticationType>01</ThreeDSecure_AuthenticationType> <ThreeDSecure_VEResEnrolled>Y</ThreeDSecure_VEResEnrolled> </Transaction> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope> |
Response:
{ "Version": "2.0", "CertificateID": "{4c96973f-71dd-4044-802d-6e234effe8f2}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{ca8a6eae-a469-4b39-bef3-aa029ca3a806}", "Command": "Debit", "Mode": "Test", "Amount": "1500", "ExpiryDate": "0123", "MerchantReference": "3DS2:20210920.004", "Currency": "ZAR", "PAN": "4069425217889137", "ThreeDSecure_ProtocolVersion": "2.1.0", "CardHolderAuthenticationID": "xVyRZy0bYuN69j1pZi/zlmC68Vw=", "CardHolderAuthenticationData": "AJkBCWhygQAAAAEDhXKBAAAAAAA=", "ElectronicCommerceIndicator": "ThreeDSecure", "ThreeDSecure_DSTransID": "2e962032-0499-4fb6-9cf3-e640ceebeb63", "ThreeDSecure_AuthenticationType": "01" "ThreeDSecure_VEResEnrolled": "Y" } }
|
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{66BC5003-88DD-4CD5-9B27-2B5CDB7A8B73}" Command="Debit" Mode="Test" RequestID="{AF5214BF-878E-4691-A124-96E0748CF062}"> <Result Status="0" Code="0" Description="" AppServer="QAGW2012APP1" DBServer="QAGW2012DB2" Gateway="QA" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>9AE2405C07E7227568BEEE5A58E890</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>315669</AuthorisationCode> <CCNumber>4069........9137</CCNumber> <Currency>ZAR</Currency> <ElectronicCommerceIndicator>ThreeDSecure</ElectronicCommerceIndicator> <ExpiryDate>012023</ExpiryDate> <MerchantReference>3DS2:202112.002</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{F9401D94-4CA7-46EF-A007-9883950A80D3}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>81774:09170322</AcquirerReference> <AcquirerDate>20220103</AcquirerDate> <AcquirerTime>154109</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown Card Type</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4069........9137</PAN> <PANMode>Keyed,CVV</PANMode> <ReconReference>09170322</ReconReference> <CardHolderPresence>CardNotPresent,eCommerce,ThreeDSecure</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
|
|
3D Secure
3D Secure 2 Test Cases BY 3D secure Vendor/MPI
The MPI test cases that should be used are depended on the acquiring bank that holds the merchant agreement or PSP that will be processing the payments on the Gateway on behalf of the merchant
Things to note about the test cards:
- CVV not required
- Expiry must be current or future date
BANKSERV
For merchants and acquiring banks in South Africa and Kenya
Frictionless Full authentication |
|
Scenario 1 |
Authenticated Frictionless Transaction |
Test Values |
Visa:4069425217889137 MC:5163426869252246 DINERS:36135230403232 |
Expected results - Lookup |
EnrolledStatus: Y paresTxStatus: Y TDS2.transStatus: Y ECI (Visa): 05 ECI (MCI): 02 ECI (DINERS): 05 PARESVERIFIED: true PROTOCOL: 3DS 2.1.0 MD_STATUS: 1 MD_ERROR_MESSAGE: Authenticated |
Action: Merchant should proceed with the authorization message Note Pan supplied configured for frictionless authentication |
Failed Frictionless Authentication |
|
Scenario 2 |
Failed Frictionless Transaction |
Test Values |
Visa: 4069421358347845 MC: 5178872338408971 DINERS: 36135234130393 |
Expected results - Lookup |
EnrolledStatus: Y paresTxStatus: N TDS2.transStatus: N ECI (Visa): Blank, (will default to ECI 07) ECI (MCI): Blank, will default to ECI 00) (DINERS): Blank, (will default to ECI 07) PARESVERIFIED: True PROTOCOL: 3DS 2.1.0 MD_STATUS: 0 MD_ERROR_MESSAGE: NOT Authenticated |
Action: Merchant should NOT proceed with the authorization message Note Pan supplied configured for frictionless authentication |
CYBERSOURCE
Frictionless Full Authentication |
|
Scenario 1 |
Authenticated Frictionless Transaction |
Test Values |
Visa: 445653 00 0000 1005 445653 00 0000 0001 007
MC: 520000 00 0000 1005 520000 00 0000 3001
|
Expected results - Lookup |
Reason code = 100 ics_pa_enroll service was successful. VERes enrolled = Y PARes status = Y CAVV = AVV = (Mastercard only)
|
Action: Merchant should proceed with the authorization message Note Pan supplied configured for frictionless authentication |
Failed Frictionless Authentication |
|
Scenario 2 |
Failed Frictionless Transaction |
Test Values |
Visa: 445653 00 0000 1013 445653 00 0000 3019 MC: 520000 00 0000 1013 520000 00 0000 3019
|
Expected results - Lookup |
VERes enrolled = Y PARes status = N Reason code = 476 User failed authentication. |
Action: Merchant should NOT proceed with the authorization message. Ask the customer for another form of payment |
Out of band transaction notification
Out of Band Transaction notification is a dedicated messaging system that allows merchants to receive their transaction outcome reliable and timeously. The transaction outcome available in the Out of Band notification system contains the same data elements as would be found when doing a transaction look up in the gateway's endpoint or directly from Backoffice. Merchant developers can implement a webservice that will consume the transaction notification payload. The transaction notifications are usually available when the cardholder completes a payment to the merchant.
Format of the OOB Transaction Notification
- The transaction notifications to the merchant are JSON formatted, the body of the message contains a Base64 string of the VXML response. The VXML response parameters are defined in the Output Parameters per action.
Usage: Out of Band notifications are available for any transactions processed by the Gateway, no matter the channel or product.
Prerequisite
- Merchant developer has to implement a Webservice that can consume the transaction results posted to the merchants endpoint, with the sample available in merchant-webservice
- Out of Band Transaction notification must be enabled on the Test/Live application ID(s), this can be actioned by the support team - assist@iveri.com
- The merchant developer has to contact the support team - assist@iveri.com and provide the merchant URL to be used for posting transaction
- The merchant URL should be HTTPS and handle TLS 1.2 connections.
Merchant Webservice
The sections covers the Webservice example which the merchant can implement in order to consume the transaction responses as and when they are delivered by the Gateway's out of band notification system.
Out of Band Sample
Sample from a merchant view point |
namespace { public class Response: IResponse { public string TransactionResponse(Response_message message) { string decoded_response = null; string response_message = null; string response = message.message; //Deserialize the message and get the response dynamic dynJson = JsonConvert.DeserializeObject(response); string deserialized_response = dynJson.Response; //Decode the response from base64 byte [] response_data = System.Convert.FromBase64String(deserialized_response); decoded_response = System.Text.ASCIIEncoding.ASCII.GetString(response_data); response_message = decoded_response; Log.WriteLog(response_message); return response_message; } } } |
Card on File
This section applies to transactions that are first initiated by the cardholder where 3D secure is enforced, whereafter monthly debits can be processed by the merchant. The same principle may be applied for the Batch (product) recurring transactions, even though in the below example we have used a second Enterprise application ID which is not 3DS enforced.
CIT with 3D Secure
First 3DS Transaction
When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database.
The following field response values need to be stored on your database, linked to the card holder details.
- TransactionIndex
- PAN
- ExpiryDate
Subsequent - Recurring Transactions
Now comes the time you want to debit the same card. You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.
Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.
For this transaction you need to also include the following fields on your request:
- PANFormat: This must always be fixed to TransactionIndex
- PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
- ExpiryDate: You must provide the previous transaction ‘s response value.
The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.
Subsequent Recurring Transaction Message
In the sample below "CardholderPresence" is set by the merchant on the Debit instruction:
REST |
SOAP |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Debit ", "Mode": "Test", "MerchantReference": "Ned20221214_1117", "Currency": "ZAR", "Amount": "1600", "ExpiryDate": "1230", "PAN": "4242........4242", "CardholderPresence": "Recurring", "PANFormat": "TransactionIndex", "TransactionIndex": "7C256903-9097-41AE-81B6-54681B33301F"
}
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="{5c4b9c74-0063-4240-9cff-f730675c5bd0}" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="{6d8d5a94-8fa0-428d-a539-3a5baf166f7f}" Command="Debit" Mode="Test"> <MerchantTrace>24AZNXBEEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.0931</MerchantReference> <CardholderPresence>Recurring</CardholderPresence> <PANFormat>TransactionIndex</PANFormat> <TransactionIndex>7C256903-9097-41AE-81B6-54681B33301F</TransactionIndex> <PAN>4242........4242</PAN> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
REST Response |
SOAP Response |
{ "Version": "2.0", "Direction": "Response", "Transaction": { "Amount": "1600", "AuthorisationCode": "811045", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "122030", "MerchantReference": "Ned20221214_1117", "Terminal": "Default", "TransactionIndex": "{550B0E5C-AA2A-4A46-B7A4-9543338188D6}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95713:04649948", "AcquirerDate": "20230109", "AcquirerTime": "091725", "DisplayAmount": "R 16.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "Tokenized", "ReconReference": "04649948", "CardHolderPresence": "CardNotPresent,Recurring", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{6D8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "Debit", "Mode": "Test", "RequestID": "{3ED8E51C-24AC-4959-8E8E-F3952DEF019A}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR1N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{6D8D5A94-8FA0-428D-A539-3A5BAF166F7F}" Command="Debit" Mode="Test" RequestID="{24A1FCA2-69F0-41ED-B5B7-AB07521EE5B6}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>24AZNXBEEE</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>811887</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.0931</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{C888BD10-0474-495B-84E7-A113C4C74C76}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95713:04649951</AcquirerReference> <AcquirerDate>20230109</AcquirerDate> <AcquirerTime>093127</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Tokenized</PANMode> <ReconReference>04649951</ReconReference> <CardHolderPresence>CardNotPresent,Recurring </CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Note in the above response you will receive a new TransactionIndex, each time a recurring payment is made, you can keep the new Transaction and daisy chain or use the original/first transaction
CIT - MOTO & COF
First Transaction
When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the following options are available in
COF and Debit with PAN
Process a COF transactions by setting CardholderPrense to “MOTO, COF” and providing the full card details.
- CardholderPresence": "MOTO, COF”
- PAN:
- ExpiryDate:
COF and Debit with TransactionIndex
Process a COF transactions by setting the PANFormat and “Sanitised/tokenised card details.
- PANFormat
- PAN:
- ExpiryDate:
- TransactionIndex
The gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database. The following field response values should be stored on your database, linked to the card holder details.
- TransactionIndex
- PAN
- ExpiryDate
Subsequent/COF Transaction
Now comes the time you want to debit the same card. You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.
Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.
For this transaction you need to also include the following fields on your request:
- PANFormat: This must always be fixed to TransactionIndex
- PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
- ExpiryDate: You must provide the previous transaction ‘s response value.
The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.
MIT - Recurring & MOTO
First Transaction
When performing your first transaction using application id: 00000000-263b-4315-b2cd-000000000000, the gateway will return the TransactionIndex, masked PAN and Expiry Date, which you will need to store in your database.
Debit with PAN
Process a COF transactions by setting CardholderPrense to “MOTO, Recurring ” and providing the full card details.
- CardholderPresence": "MOTO, Recurring”
- PAN:
- ExpiryDate:
Debit with TransactionIndex
Process a Recurring transactions by setting the PANFormat and “Sanitised/tokenised card details.
- PANFormat
- PAN:
- ExpiryDate:
- TransactionIndex
The following field response values need to be stored on your database, linked to the card holder details.
- TransactionIndex
- PAN
- ExpiryDate
Subsequent - Recurring Transactions
Now comes the time you want to debit the same card. You will need to pass the following using application id 01010101-7694-4343-95EE-010101010101 which is not 3DS enforced.
Note that this is a different Application ID to the one used for initial transaction but must reside within the same user group.
For this transaction you need to also include the following fields on your request:
- PANFormat: This must always be fixed to TransactionIndex
- PAN: You must provide the previous transaction ‘s response value. The masked PAN must be populated.
- ExpiryDate: You must provide the previous transaction ‘s response value.
- CardholderPresence: must be set to “Recurring”
The combination of the above are used by the gateway to retrieve the missing digits of the card. Should the above not match to the previous transaction then your transaction will fail.
Ensuring End To End Transaction Integrity
Transaction integrity can be seen as ensuring that all players within an individual iVeri transaction agree on its outcome. When a Card Holder gets his statement from his Issuer, it must correspond to his instruction to the merchant for a corresponding transaction. When transaction integrity is compromised either willfully (fraud) or unintentionally, it can result in a disputed transaction with legal impacts.
Individual transactions
Void
A “Void” of a previous transaction request is a command to ignore (i.e. cancel the effects of) a previous (recently submitted) transaction request. When a merchant receives a successful response for a transaction request, and thereafter “something goes wrong”, then the Merchant has the option to “void” the transaction.
Examples of “something goes wrong” are:
- communications error between merchant and cardholder
- printer could not print the invoice
- problem accessing merchant database
A merchant can also call “void” when s/he does not know whether a response was received from the iVeri Gateway (for example a power failure). A successful void (cancellation) typically results in the transaction not being shown on the merchant nor the cardholders’ statements.Transaction sets are settled as a group at predefined periods (cycle cut off time).
A “Void” can only be successful if the transaction being cancelled has not passed its cut off time. Therefore, when a void is required, it should be done as soon as possible (particularly since cycle cut off time is out of the control of a merchant). If the void request is submitted too late, then the void request will fail, and a separate reversal transaction would be required.
Enterprise users call Void with the syntax like:
enterprise.prepare("Transaction", "Void", applicationID, mode);
A Void request must set one of the following parameters: OriginalMerchantTrace or OriginalRequestID, for example:
enterprise.setTag("OriginalRequestID", requestID)
Result Code |
Result Description |
Action |
0 |
Void successful |
Transaction successfully voided. |
13 |
Void unsuccessful |
Too late to void the transaction. |
1 |
Timeout |
Void can be automatically retried a minute later |
\9 |
Unable to process |
Void can be automatically retried a minute later |
255 |
General Error (Exception) |
Void can be retried a minute later after the problem given in the ResultDescription is fixed (which may require manual intervention) |
A Void has one of the following responses
If the iVeri Gateway receives a Void request referring to a MerchantTrace or RequestID that it has no knowledge of, then “Void successful” is replied.
A merchant implementing “Void” command requires a void repeat mechanism which only ends upon receiving a “Void successful” or “Void unsuccessful” response.
If you intend to resubmit the transaction, then you can either:
- Submit it immediately using a new MerchantReference, and have a separate process or thread to manage the sending of Voids (which may only be sent a few minutes later)
- Implement a mechanism where the transaction is only sent after the void process for the transaction is completed.
- Implement a retry mechanism discussed below without using a Void.
Retry
A merchant may want to retry a transaction after receiving an unsuccessful response.
If a merchant is not sure what the iVeri Gateway replied previously, then they might even want to retry after a receiving a successful response. Typically, a retry is relevant after receiving one of the following results on a transaction request:
Result Code |
Result Description |
Action |
1 |
Timeout |
Transaction can be automatically retried a minute later |
9 |
Unable to process |
Transaction can be automatically retried a minute later |
255 |
General Error (Exception) |
Transaction can be retried a minute later after the problem given in the ResultDescription is fixed (which may require manual intervention) |
A retry is relevant after the above responses because then one would expect a different result code. Nevertheless, a retry is supported after other result codes (eg Successful / Denied / Hot card / Black card) for when there is some change that could cause the transaction to be approved, or when the original reply is unknown to the merchant.
The following shows three different approaches to retries. A retry is only recommended in using the first approach, however all these approaches are supported.
Retry with client recorded Merchant Trace
A merchant records transaction information in their database before they send a transaction request to the iVeri Gateway. The database index of this request is given as the MerchantTrace (to uniquely identify an individual transaction request).
The merchant retries a previous transaction with the same MerchantTrace, MerchantReference, Command, Amount, PAN parameters as previously.
The possible responses are:
- If the previous attempt was successful, a successful result is returned.
- If the previous attempt was unsuccessful, the transaction request is retried.
- If the previous attempt is in process, then “Transaction in process” (ResultCode 9 : Unable to process transaction) is returned. The retry can then be reattempted a minute later.
If the merchant is only performing debits, and there is a database table where the unique identifier corresponds to the reference number given to a card holder, then it may make sense for the MerchantReference and MerchantTrace to be the same.
NB. The NedbankBICISO provider does not allow a follow-up debit to be Voided. If a transaction cannot be Voided and no response is received from the iVeri Gateway, the transaction has to be retried instead. For this, all transactions done with the ApplicationID has to be with MerchantTrace. Once a response is received for the follow-up debit, a follow-up credit has to be performed to undo the debit if it was successful.
Retry without Merchant Trace
It is not recommended to retry a transaction without a MerchantTrace.
Nevertheless, if the same Command, Amount, PAN, and MerchantReference as a previous transaction are specified (with no Merchant Trace given), then the possible responses are:
- If the previous attempt was successful, then "A transaction with the same MerchantReference was successful" (Result Code 255: Duplicate MerchantReference).
- If the previous attempt was unsuccessful, the transaction request is retried.
- If the previous attempt is in process, then “Transaction in process” (Result Code 9 : Unable to process transaction) is returned. The retry can then be reattempted a minute later.
Retry with irrelevant Merchant Trace (or irrelevant Merchant Reference)
A merchant may be tempted to bypass the various checking mechanisms within the iVeri Gateway and just send the current date time stamp as the value for the MerchantTrace or MerchantReference. In this manner there is more chance that a transaction request will be successful. However, there is also more chance that the card holder will be double debited!
For merchants who cannot store an individual request identifier before sending the request to the iVeri Gateway, see section 9.3.3 on “Recurring transaction checking”.
Enquiry
A merchant with a doubt of the current status of a transaction can determine its status by:
- Performing a “Transaction lookup” within iVeri BackOffice
- Download a “Reconciliation file” (can be automated with iVeri FileTransfer) and compare records.
- Check an immediate notification mechanism (such as email for iVeriBatch clients, and SMS for iVeri Voice clients)
- Look in the logs for an exception message containing details of a misconfiguration or a coding error.
Conclusion
The Void Retry and Enquiry mechanisms discussed above help to either fix an individual transaction integrity or resolve the doubt around what the current state is. A merchant should automate at least one of these mechanisms. If a Void is unsuccessful, or the current state does not correctly correspond to the corresponding transfer of goods or services, then a follow up reversal transaction may be required.
Duplicate transactions
A problem of a duplicate transaction can occur if a merchant submits a previously successful transaction in a new request. A duplicate transaction of this nature is typically due to a user's unintentional mistake, e.g. pressing the “Submit” button twice, or submitting the same batch twice. It is responsibility of the merchant to ensure that a single transaction request is not submitted successfully more than once.
Nevertheless, the iVeri Gateway provides three mechanisms to protect against duplicate transactions. Specifying a unique MerchantTrace is a client-side configuration, while the latter to require contacting your local distributor.
Specify a unique Merchant Trace for each step in a Transaction Sequence
As mentioned in section 8.2, a MerchantTrace is a unique identifier for each request sent to the gateway and is an optional parameter. The MerchantTrace corresponds to a database index that was generated by the merchant before a request was sent to the gateway. In short, the MerchantTrace refers to a particular step in the transaction sequence.
The recommended way to control duplicate transactions is to always specify a MerchantTrace. This has two benefits
- If a merchant does not receive a reply to a request, then they have the choice of either voiding (9.2.1) or retrying (9.2.2) the transaction by using the same MerchantTrace.
- A merchant can re-use a MerchantReference with different MerchantTraces for the same TransactionIndex.
Merchant Reference validity period
- A MerchantReference is a unique identifier allocated by the merchant for a transaction sequence.
- The MerchantReference validity period is a mechanism to protect merchants against undesired double debiting.
- When performing an initial transaction request (i.e. no TransactionIndex provided), then if the last use of that MerchantReference (within a time period) was a successful, then a new Transaction is not performed.
- When performing a follow up transaction (i.e. TransactionIndex provided), then if the last use of the MerchantReference (within a time period) of the same transaction type was successful, then a new Transaction is not performed. [Assuming the Transaction Type Repetition option has not been activated].
- The default time period (Merchant Reference validity period) discussed above is 6 months. This can be changed to a minimum of 3 days.
Recurring transaction checking
The Recurring transaction checking period is an additional mechanism to protect merchants against undesired double debiting. By default, recurring transaction checking is disabled.When enabled, if a transaction is attempted with the same PAN, Amount, Command combination, but a different MerchantReference as a previously successful transaction done within a period, then the subsequent transaction request will fail.
If a Merchant explicitly requests this to be enabled, a time period (in seconds / minutes / hours) should be specified. This is typically 5 minutes.If a Merchant uses MerchantTrace to uniquely assign each individual transaction before submission to the iVeri Gateway, then this option should not be needed.This option is recommended for merchants who are forced to have poor state handling - for example those that generate a merchant’s reference in memory and only write to the database after sending a request to the iVeri Gateway.
Note that even when this option is disabled, an acquirer or issuer “downstream” may have their equivalent option enabled.
Specialized Techniques
Ping
The Ping command is primarily used to determine if the connection between the Merchant and the Acquirer is down. If the connection is down, then a Ping can be used to poll the iVeri Gateway to see when the status is back up.
The Ping command checks that:
- the merchant is communicating with the iVeri Gateway, and
- the merchant configuration is active, and
- the iVeri Gateway is online, and
- the iVeri Gateway is communicating with the acquirer.
This is different to checking network connectivity to the iVeri Gateway, where a network ping should be employed. The Ping takes an ApplicationID as a mandatory input parameter and is sometimes referred to as an ApplicationID Ping. As mentioned previously, an iVeri transaction involves communication between the following players:
Card Holder > Merchant > iVeri Gateway > Acquirer > Association > Issuer
An Acquirer can route a transaction to many different Associations, and an Association can route a transaction to many different https://issuers.an/ individual Transaction may reply to with a ResultCode of 1 or 9, meaning something is wrong between the Merchant and the card issuer. However, in such a case the merchant does not know if the problem was between the Acquirer and an Issuer (due to the routing of the PAN), or between the Merchant and the Acquirer. Although the individual transaction can be automatically retried, the Merchant may have some business rules for the case when the connection between the Merchant and the Acquirer is down, such as:
- go into Store and Forward mode
- notify a certain person
- show a different website page upon checkout
The Ping code of conduct:
- The Ping command should be used only when a merchant needs to know the connection status between the Merchant and the Acquirer after either:
- A service startup or a Transaction result code 1 or 9 (in doubt)
- A Ping result code 1 or 9 (connection down)
- A merchant should assume that the system is up. A Ping should not be used when the merchant thinks that the connection is up and the above conditions do not hold (i.e it should not be used to indiscriminately repeatedly poll the iVeriGateway)
- When polling to see if the status is back up, a Ping may not be more frequent than every 20 seconds.
- As a note, a merchant abusing the Ping command may have their use of it suspended
Ping Flow
The following is a diagram showing how a Ping can be effectively used.
“S&F” refers to “Store and Forward”, otherwise known as an Offline transaction.
Mod-10 Checking
PANs are checked for validity using the Luhn check-digit algorithm (also known as “Mod-10 checking”). If the iVeri Gateway receives a transaction that fails Mod-10 checking, then “Invalid Card Number” (ResultCode 14) if returned.
A merchant may perform Mod-10 checking up front before sending the transaction to the iVeriGateway.
The steps of the algorithm are described below (however there are many Mod-10 algorithms available for download on the Internet):
- Exclude the right-most digit from the calculation as this is the actual check-digit to be examined for validity.
- Starting with the 2nd to the last digit and moving right to left, alternatively multiply each successive digit by 2 and 1 respectively.
- Sum the integers comprising the product obtained from each of the calculations
- Subtract the resulting sum from the next higher multiple of ten (10). The resulting value is the desired account number check-digit.
The following example uses the PAN of: 4287 9478
Step |
Description |
Example |
1 |
Example account number |
4 2 8 7 9 4 7 (8) |
2 |
Multiplier |
x2 x1
x2 x1 x2
x1 x2 |
3 |
Sum the integers |
8 + 2 + (1+6) + 7 + (1+8) + 4 + (1+4) = 42 |
4 |
Derive the Check Digit |
50 – 42 = 8 |
Card Number Checking
A merchant can perform multiple other checks on the PAN before initiating an iVeri Gateway transaction request.
This can be achieved by using the contents of files downloaded with the Commands:
- HotCard
- BINLookup
- BINManagement
- BlackCard
Transaction Terminology
An iVeri transaction is the combination of a transaction request (command: Authorisation, AuthorisationReversal, Debit, Credit, Void), and its corresponding response. A transaction sequence relates to the complete set of movement of goods and services and can include many related transactions.
An iVeri transaction involves communication between the following players:
Card Holder .>Merchant > iVeri Gateway > Acquirer > Association > Issuer
Unique Identifiers
The players in an iVeri transaction generate the following fields to identify an individual transaction
Player |
Individual transaction identifier |
Merchant |
Merchant Trace |
iVeri Gateway |
RequestID |
Acquirer |
Acquirer Reference |
The players in an iVeri transaction generate the following fields to identify a transaction sequence:
Player |
Transaction sequence identifier |
Merchant |
Merchant Reference |
iVeri Gateway |
Transaction Index |
A MerchantReference is a unique identifier defined by the Merchant for a transaction sequence within a limited time period. A MerchantReference is mandatory (for initial transaction requests and optional for follow-up requests). It typically corresponds to an invoice or ticket number (a transaction sequence).
A MerchantTrace is a unique identifier for each request sent to the gateway and is an optional parameter. The MerchantTrace corresponds to a database index that was generated before a request was sent to the gateway. In short, the MerchantTrace refers to a particular step in the transaction sequence.
Example is below:
For a Debit followed by an immediate Void (cancellation of ticket etc): The MerchantReference remains the same for both steps of the transaction sequence, while the MerchantTrace is different for the Debit and Void.
- A single MerchantReference can be associated with many MerchantTrace's.
- Similarly, a single TransactionIndex can be associated with many RequestID's.
TransactionIndex and Follow up transactions
TransactionIndex refers to the unique identifier given by the iVeri Gateway to a set of related transactions. When a TransactionIndex is an input parameter, then the command is referred to as a “follow up”. Therefore, the actions with the suffix “with TransactionIndex” mean “as a Follow up transaction”.
Follow up transactions by default use the same card information that was set in the initial transaction, however by default the follow up is considered a Card not present (Keyed) transaction.
Specifying one of the following mutually exclusive optional follow up input parameters can change the default behaviour:
- Track2: The follow up transaction is considered a “Swiped” transaction
- ExpiryDate: applicable to change when the original expiry date is in the past.
A follow up transaction can be done within 6 months of the original transaction. It can be used within a valid transaction sequence (eg a credit after a debit), but not for an invalid sequence (eg a debit following a credit). It cannot be used for a PIN based transaction.
Reversal transaction (Negative transaction)
A reversal transaction is an equal but opposite transaction to a previously successful transaction. This is typically a refund (i.e. a credit following a debit). A reversal typically results in both legs of the transaction being shown on the merchants and cardholders’ statements.
A merchant may initiate a reversal any time after a transaction was processed. A merchant can perform the reversal either by:
- performing a follow up transaction within 6 months of the original iVeri transaction,
or - initiating a new transaction request with the cardholder’s details.
A reversal should not be confused with a Void
Payment Mechanisms: Pan Vs Track2 Vs Pin
iVeri Gateway separates accounts into 3 different payment mechanisms:
- PAN
- Track2
- PIN
To process a transaction with an account you need to know which payment mechanism you are going to use
Note that independent of the payment mechanism is used, the iVeri Gateway returns a dotted out “PAN” which can be used for display purposes.
PAN (also known as “Card Not Present” or “Keyed”)
The Primary Account Number (PAN) is given by the card holder to the merchant.
Either the card is not present with the Merchant, or the Merchant does not have a card reader to “swipe” the card.
The account can be any card that has the PAN embossed or printed on the card but does not require a PIN.
Mandatory Input Parameters: PAN, ExpiryDate.
Optional Input Parameters: StartDate, CardSecurityCode.
Track2 (also known as “Card Present” or “Swiped”)
A card reader is available to “swipe” the cardholder’s card and read the Track2 from it.
The account can be any card that has a Track2 on the magnetic strip but does not require a PIN.
Mandatory Input Parameter: Track2
PIN (also known as “Card Present” with PIN or “Swiped” with PIN)
The account is a card that requires a PIN (eg debit card) and a card reader is available to “swipe” the cardholder’s card and read the Track2 from it.
A PED (PIN entry device) is available to securely capture the cardholders PIN and encrypt it.
See “PIN based transactions” (section Error: Reference source not found) for more
.
Advanced Settings
This section documents functionality within the iVeri Gateway that is not enabled by default. Contact your local distributor should you wish to activate one of these settings for your ApplicationIDMerchant Reference validity period See “Duplicate Transactions” (section 7.3.2) for a discussion of this option.
Recurring transaction checking
See“Duplicate Transactions” (section 7.3.3) for a discussion of this option.
Recon Reference extraction
ReconReference extraction setting is only available for the Nedbank https://distributor.an/ 8 digit ReconReference is sent from iVeri to the acquirer to uniquely identify a transaction. This number is used to query transaction information with the acquirer, and it may appear on the merchant reconciliation statement. By default, a ReconReference is generated by the iVeri Gateway. A merchant has the option for their ReconReference to be derived from their MerchantReference. Since a MerchantReference can be in free text format of up to 64 characters, various rules determine how the 7-digit ReconReference is derived from extracting a section of the Merchant Reference. The configuration for activating a derived ReconReference requires:
- fixed starting position
- maximum length of up to 7 digits (first digit reserved as a control digit)
- direction: left-to-right or right-to-left.
Starting position |
Length |
Direction |
MerchantReference |
Derived
ReconReference |
12 |
7 |
left-to-right |
March01Rref10 |
0000010 |
12 |
7 |
right-to-left |
100Rref01March |
0000100 |
5 |
4 |
left-to-right |
Rref1000March01 |
1000 |
Transaction Type repetition within transaction sequence
Auhorisations, AuthorisationReversals, Debits and Credits are by default limited to one successful of each type per transaction sequence. An ApplicationID can be configured to not limit the successful count of any of these within a transaction sequence. A MerchantTrace must be supplied for transactions using an ApplicationID with this configuration activated.
AuthorisationReversals and Debits reduce the authorisation amount available (for subsequent authorisations, authorisation reversals and debits). Similarly, Credits reduce the total amount debited.
The possible Advanced transaction sequence flow with an initial Authorisation is the following:
The possible Advanced transaction sequence flow with an initial Debit is the following:
The possible Advanced transaction sequence flow with an initial Credit is unchanged from the diagram shown within the “Sequence” section (6.5).
Mode: Test Vs Live
The iVeri Gateway provides a mechanism where a merchant can perform test transactions that are routed to an iVeri Gateway issuer simulator. This enables a merchant to complete testing within a test environment. When the merchant is ready s/he can perform live transactions, which are routed to the genuine card issuer. merchant specifies the mode of a transaction by setting Mode as “Test” or “Live” and sends their corresponding Test or Live ApplicationID.
Sending the following card numbers to the Test environment has the following results:
PAN |
Result |
4242424242424242 |
returns "Authorised" |
2121212121212121 |
randomly returns "Hot Card", "Please Call" or "Denied" |
5454545454545454 |
randomly returns "Unable to process" or times out |
All other card numbers |
returns "Invalid card number" |
For information on testing PIN based accounts, see “PIN based transactions”.
Merchants are requested not to abuse the test environment more than their realistic requirements.
A merchant abusing the Test environment may have their use of it suspended
Budget Period
The Budget Period facility is only available within certain localities (eg South Africa), and therefore only currently available with distributor Nedbank. Since a transaction sequence may entail the Budget Period being sent to the acquirer multiple times, the merchants should ensure that this value is consistent. If an authorisation was obtained outside the iVeri Gateway, and then the AuthorisationCode is sent within “Debit with PAN” or “Debit with Track2”, then the BudgetPeriod should be set to the same value as when authorised. If the BudgetPeriod is not sent to the iVeri Gateway, then iVeri assumes to be “straight” (0 months). However, if the external authorisation was “over budget”, then it would then be up to the acquirer/issuer to decide between the conflicting budget values.
Field |
Description |
Length (bytes) |
Format |
SS |
Start Sentinel |
1 |
; |
PAN |
Primary Account Number |
19 max |
Digits |
FS |
Field Separator |
1 |
= |
DATE |
Expiration Date (YYMM) |
4 |
Digits |
SVC CD |
Service Code |
3 |
Digits |
Discretionary Data |
Optional Issuer Data |
variable |
Digits |
ES |
End Sentinel |
1 |
? |
|
Total cannot exceed 39 bytes |
39 |
|
Track2
The Track2 is used for card present transactions and is sent to the iVeri Gateway after it is read by the swipe device from the magnetic stripe on the card. It is inclusive of the beginning and end markers being ; and ? respectively.
The Track2 sent to the iVeri Gateway must be in the following format:
The Track2 read from by the card reader typically contains the following fields (at most 40 bytes):
SS |
PAN |
FS |
DATE |
SVC CD |
Descretionary Data |
ES |
LRC |
The e 1-byte Longitudinal Redundancy Check (LRC) should not be sent to the iVeriGateway.
The End Sentinel (ES) may need to be converted to? (0x3F)
Track2 Service Code values
The following tables can be used to determine the meaning of the 3-digit service code.
See section 17.6.4 for algorithm to determine if a card is PIN based or not.
Note that a transaction may not decline or rejected solely because of the value of the service code.
Value Position#1 |
Description |
MasterCard |
Visa |
1 |
International Card |
Yes |
Yes |
2 |
International Card – Integrated Circuit Card |
Yes |
Yes |
5 |
National Use Only |
Yes |
Yes |
6 |
National Use Only – Integrated Circuit Card |
Yes |
Yes |
7 |
Private Label or Proprietary Card |
Yes |
No |
Value Position#2 |
Description |
MasterCard |
Visa |
0 |
Normal Authorisation |
Yes |
Yes |
2 |
Positive Online Authorisation Required |
Yes |
Yes |
Value Position#3 |
Description |
MasterCard |
Visa |
0 |
PIN Required |
Yes |
Yes |
1 |
Normal Cardholder Verification, No Restrictions |
Yes |
Yes |
2 |
Normal Cardholder Verification – Goods and services only at point of interaction (no cash back) |
Yes |
No |
3 |
ATM Only, PIN Required |
Yes |
Yes |
5 |
PIN Required – Goods and services only at point of interaction (no cash back) |
Yes |
No |
6 |
Prompt for PIN if PIN Pad Present |
Yes |
Yes |
7 |
Prompt for PIN if PIN Pad Present – Goods and services only at point of service (no cash back) |
Yes |
No |
Gateway Domain Knowledge
This purpose of this sections is to give some domain knowledge to people not familiar with the payment domain.
Card Present vs. Card Not Present
A Merchant interfaces with a card holder and submits a Card Present Transaction request whilst the card holder is waiting, and the card holder authenticates the transaction (typically via signature or PIN entry). In the event of a dispute of the transaction, the merchant must prove that the card holder authorized it, else merchant is liable to refund the card holder.
A Merchant submits a Card Not Present Transaction according to previously arranged agreement with a card holder. The card holder is not present to authenticate the transaction. In the event of a dispute on the transaction, the merchant must prove the card holder authorized it, else the merchant is liable for refunding the card holder.
Fully 3D Secure transactions are Card not present transactions with the protection of a Card present transaction.4.
Online vs. Offline Transactions
- When a Merchant submits an Online Transaction, s/he expects a response while the card holder is waiting. An Online Transaction can be a Card Present or a Card Not Present transaction. The result of such a transaction needs to be responded to as soon as possible.
- When a Merchant submits an Offline Transaction (typically with Batch of Transactions), the merchant requires a response for the transaction within the immediate future. The time frame of such transactions is they should preferably be settled before the current cycle cut off. A Batch Transaction can only be a Card Not Present transaction.
- PIN based cards can only be processed within online transactions. (It is possible for the card holder's chip card to verify the card holder's PIN locally at the card acceptance device, using the on-board cryptography of the card and the PED).
Online Transactions
In an Online Transaction the transfer of goods and services is ready to take place directly after the approval. No approval means no transfer of goods and services.
A Merchant interfaces with a card holder and submits an Online Transaction request whilst the card holder is waiting for the response.
- If the transaction request is approved, there is a transfer of goods or services.
- If the transaction request is denied, then either the proposed exchange of goods and services is aborted, a parameter (e.g. amount or expiry date) is changed and the transaction retried, or a different payment channel is used.
- If the transaction experiences an error, then the transaction is retried as long as the card holder is prepared to wait. Thereafter the transaction details are assessed if either it should be done offline or the proposed transfer of goods and services be aborted.
Offline Transactions
PIN based cards can therefore not be included in offline transactions.
An Offline Transaction is submitted when either the transfer of goods and services have already taken place, or the transfer of goods and services is not a once off transfer that takes place immediately (e.g., a repetitive / continuous service). A Merchant submits a set of offline transactions (via iVeri Enterprise or iVeri Batch) according to previously (implied) arranged agreement with a card holder.
A Merchant interfaces with a card holder. An offline transaction is initiated after one of the following occurs:
- a repetitive transaction (e.g. monthly bill) is agreed to, either in advance or in arrears
- (Store and Forward): the transaction details are below a floor limit, pass hot card and black card checking, and therefore the merchant decides to take the risk of transferring the goods and services without guaranteed payment, since either:
- it is outweighed by the cost of going online (time or money is not worth it), or
- an online transaction was attempted but experienced an error.
- there was a problem when the transaction was attempted online.
If the transaction request is:
- approved, the merchant gets paid.
- denied, then if the transfer of goods and services has occurred, the merchant can consider contacting the card holder, think about revising their offline business rules, or contact a debt collector.
- in error, then the transaction is retried until it is in a known state.
Transaction Result Codes
Result Status |
Result Code |
Result Description |
Only relevant when |
0 (OK) |
0 |
N/A (Approved) |
|
-1 (Not OK) |
1 |
Timeout waiting for response |
|
-1 (Not OK) |
2 |
Gateway unreachable |
|
-1 (Not OK) |
3 |
Hot card |
|
-1 (Not OK) |
4 |
Denied |
|
-1 (Not OK) |
5 |
Please call |
|
-1 (Not OK) |
6 |
Card Address failure |
|
1 (Warning) |
6 |
Warning: Approved but Card Address failure |
|
-1 (Not OK) |
7 |
Card Security Code failure |
|
1 (Warning) |
7 |
Warning: Approved but Card Security Code failure |
|
-1 (Not OK) |
8 |
Card Type not accepted |
|
-1 (Not OK) |
9 |
Unable to process the transaction |
|
-1 (Not OK) |
10 |
Card blocked |
|
-1 (Not OK) |
11 |
Invalid amount |
|
-1 (Not OK) |
12 |
Invalid budget period |
|
-1 (Not OK) |
13 |
Void unsuccessful |
Command Void |
-1 (Not OK) |
14 |
Invalid card number |
|
-1 (Not OK) |
15 |
Invalid track2 |
|
-1 (Not OK) |
16 |
Invalid card date (Expiry Date or Card period) |
|
-1 (Not OK) |
18 |
Invalid authorisation code |
|
-1 (Not OK) |
19 |
Incorrect PIN |
PINBlock submitted |
-1 (Not OK) |
20 |
Device PIN Key has expired |
PINBlock submitted |
1 (Warning) |
21 |
Warning: Approved but Cash Denied |
PINBlock and CashAmount submitted |
-1 (Not OK) |
22 |
EMV not supported |
|
-1 (Not OK) |
23 |
Card information not present |
|
-1 (not OK) |
24 |
Invalid Recurring Account |
CardHolderPresence 'Recurring' specified |
1 (Warning) |
25 |
Warning: Approved but Identification Required |
|
-1 (Not OK) |
100 |
The requested file is not available for download |
FileTransfer |
-1 (Not OK) |
101 |
The specified file has already been uploaded |
FileTransfer |
-1 (Not OK) |
255 |
General Error (Exception) |
|
PAYD
A service that enables payment card cardholders to make international card purchases or transactions in their own currency. The conversion of the purchase price of goods or services from the merchant’s local currency to the cardholder’s home currency occurs at the point of sale at the quoted exchange rate from a cited exchange rate source.
PAYD
PayD transactions allow the customer to make a payment using their debit card + pin, without a POS device present (i.e. web site purchases), by using their mobile phones
PayD Process
- Customer selects payD as payment method for the transaction. (The payment selection process is provided by the merchant)
- Customer enters their mobile number instead of their card details. (Card details are not present in the V_XML)
- PanFormat is set to MSISDN and the MSISDN tag set to the customer's mobile number, this will identify the transaction as a payD transaction.
- Transaction is sent to the gateway as a normal enterprise transaction.
- The gateway identifies the transaction as a payD transaction and forwards the transaction to payD.
- payD determines the registration status of the user. (See respective sections below on how the process changes)
Non-Registered Users
- payD determines the user has not been registered and the transaction fails.
- The gateway returns Error Code 23 and Description “Card information not present” to the merchant.
- The merchant must then, in addition to the MSISDN, prompt the user for their PAN (full card number), ExpiryDate and AccountType (savings, cheque, credit)
- PanFormat is set to MSISDN. (PanFormat must still be set to MSISDN, to identify transaction as a payD transaction)
- Transaction is sent to the gateway as a normal enterprise transaction.
- The gateway identifies the transaction as a payD transaction, and forwards the transaction to payD
- payD performs the user registration.
- ...continue as a registered user.
Registered Users
- The customer is prompted to enter their PIN using their mobile phone.
- payD then forwards the transaction (along with card data) to the gateway to be completed.
- The gateway will respond to the merchant the transaction status and a new tag MobileMoneyID
Voiding payD Transactions
The exisiting void mechanism is used to void payD transactions. In addition to the existing tags used to perform a void, the merchant must also set the MobileMoneyID tag.
POS Device Intergration
The following section covers the details of POS Device integration (particularly PIN based transactions). PIN transactions are encrypted either using Triple DES DUKPT or Triple DES Master/Session encryption architecture. The combination of Acquirer and type of device used determine the encryption architecture chosen.
iVeri provides facilities where PIN transactions can be process in either mode Live or Test.For security reasons, a key cannot be used in both modes Live and Test. Therefore, a device is either loaded for mode Test or mode Live.
A Device that is to be used for mode Live must be injected with a key within an iVeri Trusted Centre using the appropriate encryption architecture.A Device that is to be used for mode Test may be injected by a merchant, or within the Trusted https://centre.to/ change a device from mode Test to Live, device has to be reinjected with a key within an iVeri Trusted Centre.A merchant wishing to perform a Live Debit with PIN transaction requires an approved device that has been injected appropriately by the appropriate distributor.
PINBlock encryption via Triple DES DUKPT encryption
The DUKPT PINBlock encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with an Initial PIN Encryption Key (IPEK) and Initial Key Serial Number (IKSN). Whenever a PIN block is required from the device, a counter is incremented, which indicates a PIN Encryption key. When performing a Debit with PIN, the PINBlock is sent encrypted using the PIN Encryption key, along with the current KeySerialNumber (which indicates the device and the current counter value).
Key Injection for DUKPT Mode Test
There is one Test IKSN and IPEK that is public knowledge. When a Device is to be injected with the Test Device Master Key, it can be done either within the iVeri Test Loading Centre, or by the merchant. When a device is loaded with a test device master key by the merchant, then the merchant must contact their iVeri Distributor with the device information: Make, Model and Serial Numbe
The Test values are:
IKSN: FFFF0000030000000000
IPEK: 02B50748B58B7C4452E22E39DE560CE2
PINBlock encryption via Master/Session encryption
Master/Session keys are Double Length and are sent to the iVeri Gateway in Hexadecimal format.
The Master/Session PINBlock encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with a Device Master Key. A merchant periodically sends a request for a session key (GetDevicePINKey) which is returned encrypted under the Device Master Key. When performing a Debit with PIN, the PINBlock is sent encrypted using the current session key.
Key Injection for Master/Session Mode Test
There is one Test Device Master Key that is public knowledge. When a Device is to be injected with the Test Device Master Key, it can be done within the iVeri Test Loading Centre, or by the merchant. When a device is loaded with a test device master key by the merchant, then the merchant must contact their iVeri Distributor with the device information: Make, Model and Serial Number.
The Test Device Master Key is: 375DE602546843B68089911652E951CB
(MAC: CA40C1F2)
Get Device PIN Key
The command “GetDevicePINKey” (which is only relevant for PINBlock encryption via Master/Session) has the following mandatory input parameters:
DeviceMake
DeviceSerialNumber
Unlike other commands to the iVeri Gateway, “GetDevicePINKey” does not require the input parameter ApplicationID. Using iVeri Enterprise in iVeri https://client.net,/ this can be prepared using the following syntax:
enterprise.prepare("Security", "GetDevicePINKey", new Guid(), mode);
or using java:
enterprise.prepare("Security", "GetDevicePINKey", "", mode);
“GetDevicePINKey” must be called if “Debit with PIN” or “Balance Enquiry” reply with the Result code: “Device PIN Key expired” [20]. It should be called upon startup and every 24 hours, or 200 transactions thereafter. “GetDevicePINKey” returns the following output parameters, which can be stored for later usage with “Debit with PIN” and “Balance Enquiry”:
DevicePINKey
MACDevicePINKey
Track2 encryption via Master/Session encryption
A POS Device Integration architect has the option sending the Track2 to the iVeri Gateway in an encrypted format. This optional functionality is there as an extra security measure against someone sniffing the data between the device and the server communicating with the iVeri Gateway.
The Master/Session Track2 encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with a Track2 Master Key. A merchant periodically sends a request for a session key (getTrack2SessionKey) which is returned encrypted under the Track2 Master Key. When performing a transaction or a balance enquiry, the Track2 is sent encrypted using the current Track2 session key.
Track2 Key Injection for Master/Session Mode Test
There is one Test Track2 Master Key that is public knowledge. When a Device is to be injected with the Test Track2 Master Key, it can be done either within the iVeri Test Loading Centre, or by the merchant.
The Test Track2 Master Key is: BFE60D7685A24C15BC8FFBFE137C8C86
(MAC: 2F3BC80A)
Track2 encryption via Dukpt encryption
A POS Device Integration architect has the option sending the Track2 to the iVeri Gateway in an encrypted format. This optional functionality is there as an extra security measure against someone sniffing the data between the device and the server communicating with the iVeri Gateway.
The Dukpt Track2 encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with a Track2 IPEK (initial pin encryption key). This IPEK is different from the one injected for Dukpt PIN encryption. For this encryption, the following are mandatory input parameters together with the Track2 tag:
DeviceSerialNumber
DeviceMake
Track2KeySerialNumber
Track2 IPEK Injection for Dukpt Mode Test
BDK: 1534C275CDB5DCE015D952AB208AC1DA (MAC: B3D647B5)
IKSN: FFFF8000030000000000
IPEK: 5EC604C6F4D5EC3223F5B1BCC2AD6DD2
PAN encryption via Dukpt encryption
A POS Device Integration architect has the option sending the PAN to the iVeri Gateway in an encrypted format. This optional functionality is there as an extra security measure against someone sniffing the data between the device and the server communicating with the iVeri Gateway.
The Dukpt PAN encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with a Track2 IPEK (initial pin encryption key). This IPEK is different from the one injected for Dukpt PIN encryption. For this encryption, the following are mandatory input parameters together with the PAN tag:
- DeviceSerialNumber
- DeviceMake
- PANKeySerialNumber
Debit with PIN and Balance Enquiry
The merchant determines if the card is PIN based typically via a local bin list (section 17.6.4). If it is PIN based, the merchant reads in the PIN from the PED, and obtains an encrypted PINBlock.
A PIN based request is identified by the existence of a PINBlock tag. The existence of the PINBlock tag implies Track2, DeviceSerialNumber, DeviceMake and DevicePINKey is mandatory.
Account Type is 'Savings' or 'Cheque' or 'Credit' or 'NotSpecified'.
Debit with PIN
The mandatory Amount tag refers to the total transaction amount. The optional CashAmount tag is any cash portion of the transaction. Therefore, always Amount >= CashAmount.
Normal Withdrawal: CashAmount = Amount
Normal Sale: CashAmount = 0 (or not specified)
Combined Sale and Withdrawal: 0 < CashAmount < Amount
The only time the balance of a PIN based card can be increased using iVeri is by Voiding a previous transaction.
Balance Enquiry
Obtain the balance of the PIN based account in the currency of the account.
Using iVeri Enterprise, this can be prepared using the following syntax:
enterprise.prepare("Enquiry", "Balance", applicationID, mode)
Test environment for PIN cards
iVeri Test cards are available upon request. The Result Codes responded within the PIN based issuer simulator for Mode Test are as follows:
Input |
Result returned |
Void of previous transaction |
Successful [0] |
4242424242424242 or 5959595959595959 |
See below |
2121212121212121 |
Randomly returned code “3” – Hot card or code “4” - Denied |
5454545454545454 |
Code 9 - Returns an “unbale to process “ |
All other card number such as 1111222233334444 |
Returns code “14” – invalid card number |
“4242424242424242” returns the following:
PIN |
Amount & CashAmount |
Result returned |
54321 |
N/A |
Denied [4] (similar to PIN tries exceeded) |
12345 |
Amount <= CurrentBalance |
Successful [0] |
12345 |
Amount – CashAmount > CurrentBalance |
Denied [4] (Insufficient funds) |
12345 |
(Amount > CurrentBalance) and (Amount – CashAmount) <= CurrentBalance |
Approved but cash denied Warning
[21] |
Other |
N/A |
Incorrect PIN [19] |
The Current Balance for PAN 4242424242424242 for the current merchant testing is stored in memory, and is manipulated in the following manner:
Initial amount is: 10,000.00 (max balance)
Reset to max balance upon service restart
Decreased after a successful debit.
Replenished to the max balance if the CurrentBalance goes below 10.00 (min balance).
If a Void is received, then CurrentBalance is increased. Since a Void could be received after a replenishment (or service restart), CurrentBalance is forced to be less than or equal to max balance.
Determining if a card is PIN based.
A merchant determines the card is PIN based by using a local BIN list in conjunction with the Track2 information read from a card. The BINLookup download within the File Transfer mechanism (section 22) may be used to refresh a local BIN list. merchant can determine if the card is PIN based in the following manner:
The BINLookup download within the File Transfer mechanism (section 22) is used to populate a local BIN list. It can be refreshed daily.
The Track2 of the card is read within a card reader
The PAN is determined from the Track2 (see section 10.3)
The PAN is checked against the local BIN list.
If the initial digits of the card PAN is found on the BIN list then based on the IsPINCard attribute:
0 |
Prompt for PIN |
1 |
Do not prompt for PIN |
2 |
If Position #3 of the Track2 Service Code (see section 10.3.1) is 0 or 6 then Prompt for PIN, else Do not prompt for PIN |
If there is no BIN list available (or if the initial digits of the card PAN are not found on the BIN list), then:
If the PAN starts with 50, 56, 57, 58 or 6 then Prompt for PIN
Else if Position #3 of the Track2 Service Code (see section 10.3.1) is in {0,5,6,7} then Prompt for PIN
Else do not prompt for PIN.
EMV Transactions
The introduction of smart cards based on the EMV standard (EMV: Europay, MasterCard, Visa) is progressing worldwide. More and more banks rely on secure transactions for payments. With the migration from magstripe to EMV chip, banks can offer their customers the utmost in security. EMV chip technology prevents unauthorized access to card information and helps fight fraud.
Coding for EMV data
The following is a code snippet in C#:
EMV Request Tags:
enterprise.setTag("EMV_AuthorisationRequestCryptogram", authorisationRequestCryptogram);
enterprise.setTag("EMV_ApplicationIdentifier", applicationIdentifier);
enterprise.setTag("EMV_ApplicationInterchangeProfile", applicationInterchangeProfile);
enterprise.setTag("EMV_CardSequenceNumber", cardSequenceNumber);
enterprise.setTag("EMV_ApplicationTransactionCounter", applicationTransactionCounter);
enterprise.setTag("EMV_ApplicationVersion", applicationVersion);
enterprise.setTag("EMV_CardHolderVerificationMethodResult", cardHolderVerificationMethodResult);
enterprise.setTag("EMV_CryptogramInformationData", cryptogramInformationData);
enterprise.setTag("EMV_IssuerApplicationData", issuerApplicationData);
enterprise.setTag("EMV_TerminalCapabilities", terminalCapabilities);
enterprise.setTag("EMV_TerminalType", terminalType);
enterprise.setTag("EMV_TransactionType", transactionType);
enterprise.setTag("EMV_TerminalVerificationResult", terminalVerificationResult);
enterprise.setTag("EMV_UnpredictableNumber", unpredictableNumber);
enterprise.setTag("EMV_TransactionStatusInformation", transactionStatusInformation);
EMV Response Tags:
enterprise.getTag(“EMV_IssuerAuthenticationData”);
enterprise.getTag(“EMV_IssuerScriptTemplate1”);
enterprise.getTag(“EMV_IssuerScriptTemplate2”);
enterprise.getTag(“EMV_ResponseCode”);
Transaction Message Examples
The examples apply when using the web service interface to perform various transactions. The examples serve to showcase a set of parameters that are largely used when performing transactions using the schema definition available in the SOAP interface which are also commonly used on the REST API. The functionality and related parameter definitions, elements supported are standard in the SOAP schema and REST API
Further insights on the transaction types and their meanings, refer to the “Commands” and
“Actions” sections and these have to be used in conjunction with the input parameters per actions. For the corresponding transaction flows per transactions type refer to transaction sequence
The examples cover the following messages:
The transaction Request and Response cover the following:
The Request message shows all the elements that are most used. The examples that follow will use the mandatory elements from this message necessary to perform the respective transaction covered in the example.
The response message is a typical response received from the web service to the various request messages.
Sale – “Debit with PAN”
This where the cardholder is debited, and merchant account is credited by the acquiring bank or PSP that holds the merchant agreement
REST |
SOAP |
Request |
|
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Debit", "Mode": "TEST", "MerchantReference": "20221108_1029", "MerchantTrace": "DIAAAY4734", "Currency": "ZAR", "Amount": "3000", "ExpiryDate": "1025", "PAN": "4242424242424242"
} }
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="Debit" Mode="Test"> <MerchantTrace>2407E27568BEEE</MerchantTrace> <Amount>2000</Amount> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.0942</MerchantReference> <CardSecurityCode>183</CardSecurityCode> <PAN>4242424242424242</PAN> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope> |
Response |
|
{ "Version": "2.0", "Direction": "Response", "Transaction": { "MerchantTrace": "DIAAAY4734", "Amount": "3000", "AuthorisationCode": "543305", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "102025", "MerchantReference": "20221108_1029", "Terminal": "Default", "TransactionIndex": "{7C256903-9097-41AE-81B6-54681B33301F}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95702:04641684", "AcquirerDate": "20221229", "AcquirerTime": "102825", "DisplayAmount": "R 30.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "Keyed", "ReconReference": "04641684", "CardHolderPresence": "CardNotPresent", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{D8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "Debit", "Mode": "Test", "RequestID": "{B6308E50-4337-4DFE-A0DC-A4B3C4732139}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR2N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Debit" Mode="Test" RequestID="{E01B8439-05B0-4B68-A22F-903D8CB5CC67}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR1N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>2407E27568BEEE</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>540565</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.0942</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{F20B545A-B2CC-40E9-8C9B-40030AC50B31}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641678</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>094245</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04641678</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Pre-Auth Reversal – “Authorisation Reversal”
Allows merchants to submit an instruction to cancel/reverse a pre-authorized amount on the cardholder’s card
REST | SOAP |
Request | |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "AuthorisationReversal", "Mode": "Test", "TransactionIndex": "{34799783-6A61-4EFB-8E1C-DA3D73C27F05}"
} }
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="AuthorisationReversal" Mode="Test"> <TransactionIndex>{258A91D9-2B0B-4445-ADB2-E5DF210E9054}</TransactionIndex> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response | |
{ "Version": "2.0", "Direction": "Response", "Transaction": { "Amount": "3000", "AuthorisationCode": "551260", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "102025", "MerchantReference": "20221108_1242", "Terminal": "Default", "TransactionIndex": "{34799783-6A61-4EFB-8E1C-DA3D73C27F05}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95702:04641695", "AcquirerDate": "20221229", "AcquirerTime": "124130", "DisplayAmount": "R 30.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "Keyed", "ReconReference": "04641695", "CardHolderPresence": "CardNotPresent", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "AuthorisationReversal", "Mode": "Test", "RequestID": "{2D4A81AB-2214-4983-A9EA-933AF9E04612}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR1N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
| <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="AuthorisationReversal" Mode="Test" RequestID="{6ED66FD3-6F77-48A4-9CF7-80CB8E8DE50F}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <Amount>1000</Amount> <AuthorisationCode>551388</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1251</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{258A91D9-2B0B-4445-ADB2-E5DF210E9054}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641696</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>125040</AcquirerTime> <DisplayAmount>R 10.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04641696</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Pre-Auth Completion – Follow-up Debit
Allows the merchant to instruct the cardholders bank to release and debit the funds previously reserved or pre-authorized
REST | SOAP |
Request | |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Debit", "Mode": "Test", "Amount": "1000", "MerchantTrace":"20220812_1044", "TransactionIndex": "{5C8F61BE-15AD-4201-B361-66AD52D2EFAE}"
} }
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="Debit" Mode="Test"> <MerchantTrace>9AE405C07E7)7568BEEE</MerchantTrace> <Amount>1000</Amount> <MerchantReference>20220104.1057</MerchantReference> <TransactionIndex>{1D638328-7A15-4937-9818-C3F9C9B96E52}</TransactionIndex> </Transaction> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response | |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Debit", "Mode": "Test", "Amount": "1000", "MerchantTrace":"20220812_1044", "TransactionIndex": "{5C8F61BE-15AD-4201-B361-66AD52D2EFAE}"
} }
| <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Debit" Mode="Test" RequestID="{7549E81F-016B-4A83-B136-CEAF6A7A093A}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR1N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>9AE405C07E7)7568BEEE</MerchantTrace> <Amount>1000</Amount> <AuthorisationCode>545108</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1057</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{1D638328-7A15-4937-9818-C3F9C9B96E52}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641686</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>105828</AcquirerTime> <DisplayAmount>R 10.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04641686</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Refund – “Follow-Credit”
Allows for a previously debited amount to be returned to the cardholders account using a detail of a previously processed transaction.
REST | SOAP |
Request | |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Credit", "Mode": "Test", "Amount": "1000", "MerchantTrace":"20220812_1107", "MerchantReference": "20221123_1106", "TransactionIndex": "{CB7A9E38-4797-4513-85EE-AFE63C957ED3}"
} }
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request><V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="Credit" Mode="Test"> <MerchantTrace>9AE405C07E7227568BEEE</MerchantTrace> <Amount>2000</Amount> <MerchantReference>20220104.0942</MerchantReference> <TransactionIndex>{F20B545A-B2CC-40E9-8C9B-40030AC50B31}</TransactionIndex> </Transaction> </V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response | |
{ "Version": "2.0", "Direction": "Response", "Transaction": { "MerchantTrace": "20220812_1107", "Amount": "1000", "AuthorisationCode": "545684", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "102025", "MerchantReference": "20221123_1106", "Terminal": "Default", "TransactionIndex": "{CB7A9E38-4797-4513-85EE-AFE63C957ED3}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95702:04641688", "AcquirerDate": "20221229", "AcquirerTime": "110804", "DisplayAmount": "R 10.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "", "ReconReference": "04641688", "CardHolderPresence": "CardNotPresent", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{D8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "Credit", "Mode": "Test", "RequestID": "{A8BCFF58-C35B-40ED-8F5D-01FFFA14FD19}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR2N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
| <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Credit" Mode="Test" RequestID="{1EDD5EF7-D27C-4D68-95FA-7627E42AFE6E}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>9AE405C07E7227568BEEE</MerchantTrace> <Amount>2000</Amount> <AuthorisationCode>541742</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.0942</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{F20B545A-B2CC-40E9-8C9B-40030AC50B31}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641681</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>100222</AcquirerTime> <DisplayAmount>R 20.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode /> <ReconReference>04641681</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Pre-Auth – “Authorisation with PAN”
Reserve or withhold funds on the cardholders related card account
REST |
SOAP |
Request |
|
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Authorisation", "Mode": "TEST", "MerchantReference": "20221108_1042", "MerchantTrace": "DIAAAY4QW2", "Currency": "ZAR", "Amount": "3000", "ExpiryDate": "1025", "PAN": "4242424242424242"
} }
|
<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="Authorisation" Mode="Test"> <MerchantTrace>2407E27568ABEEE</MerchantTrace> <Amount>1000</Amount> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1051</MerchantReference> <PAN>4242424242424242</PAN> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope> |
Response |
|
{ "Version": "2.0", "Direction": "Response", "Transaction": { "MerchantTrace": "DIAAAY4QW2", "Amount": "3000", "AuthorisationCode": "544161", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "102025", "MerchantReference": "20221108_1042", "Terminal": "Default", "TransactionIndex": "{5C8F61BE-15AD-4201-B361-66AD52D2EFAE}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95702:04641685", "AcquirerDate": "20221229", "AcquirerTime": "104241", "DisplayAmount": "R 30.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "Keyed", "ReconReference": "04641685", "CardHolderPresence": "CardNotPresent", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{D8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "Authorisation", "Mode": "Test", "RequestID": "{3D1860F1-86E1-4AE2-A8EA-EFC0D6A5B8AF}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR1N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
|
<?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Authorisation" Mode="Test" RequestID="{E7134374-BC00-428E-9F32-AE5DED439EEF}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>2407E27568ABEEE</MerchantTrace> <Amount>1000</Amount> <AuthorisationCode>544721</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1051</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{1D638328-7A15-4937-9818-C3F9C9B96E52}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641686</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>105201</AcquirerTime> <DisplayAmount>R 10.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04641686</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Refund – “Initial Credit”
Allows the merchants to essentially “pay” or “credit” the cardholder without referencing any original or previously processed transaction
REST | SOAP |
Request | |
{ "Version": "2.0", "CertificateID": "{cf4b7e7a-4fec-43b4-a2cb-221263c0a34b}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "e7c523a4-7da7-4e59-b888-569fe65c535b", "Command": "Credit", "Mode": "TEST", "MerchantReference": "20211014_0129", "MerchantTrace": "NAHSI-1112", "Currency": "ZAR", "Amount": "1000", "ExpiryDate": "1025", "PAN": "4242424242424242"
} }
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="e7c523a4-7da7-4e59-b888-569fe65c535b" Command="Credit" Mode="Test"> <MerchantTrace>2407E295EEE</MerchantTrace> <Amount>1000</Amount> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1213</MerchantReference> <CardSecurityCode>183</CardSecurityCode> <PAN>4242424242424242</PAN> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope> |
Response | |
{ "Version": "2.0", "Direction": "Response", "Transaction": { "MerchantTrace": "NAHSI-1112", "Amount": "1000", "AuthorisationCode": "550310", "CCNumber": "4242........4242", "Currency": "ZAR", "ExpiryDate": "102025", "MerchantReference": "20211014_0129", "Terminal": "Default", "TransactionIndex": "{B1BF566A-23FE-43A4-A5A0-DBF648C1D94F}", "MerchantName": "iVeri Payment Technology", "MerchantUSN": "7771777", "Acquirer": "NBPostilionNBSouthAfrica", "AcquirerReference": "95702:04641691", "AcquirerDate": "20221229", "AcquirerTime": "122510", "DisplayAmount": "R 10.00", "BIN": "4", "Association": "VISA", "CardType": "Unknown CardType", "Issuer": "Unknown Issuer", "Jurisdiction": "International", "PAN": "4242........4242", "PANMode": "Keyed", "ReconReference": "04641691", "CardHolderPresence": "CardNotPresent", "MerchantAddress": "MERCHANT ADDRESS", "MerchantCity": "Sandton", "MerchantCountryCode": "ZA", "MerchantCountry": "South Africa", "DistributorName": "Nedbank", "ApplicationID": "{E7C523A4-7DA7-4E59-B888-569FE65C535B}", "Command": "Credit", "Mode": "Test", "RequestID": "{61F85F10-5E7B-40C8-A18C-DD1EE595665D}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR1N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank", "AcquirerCode": "00", "AcquirerDescription": "" } } }
| <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{E7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Credit" Mode="Test" RequestID="{69F6E0B8-BDA0-4586-8185-815F95A15FE4}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" AcquirerCode="00" AcquirerDescription="" /> <MerchantTrace>2407E295EEE</MerchantTrace> <Amount>1000</Amount> <AuthorisationCode>550367</AuthorisationCode> <CCNumber>4242........4242</CCNumber> <Currency>ZAR</Currency> <ExpiryDate>042024</ExpiryDate> <MerchantReference>20220104.1213</MerchantReference> <Terminal>Default</Terminal> <TransactionIndex>{89CCE679-E1B1-497C-8684-C6080EB61B00}</TransactionIndex> <MerchantName>iVeri Payment Technology</MerchantName> <MerchantUSN>7771777</MerchantUSN> <Acquirer>NBPostilionNBSouthAfrica</Acquirer> <AcquirerReference>95702:04641692</AcquirerReference> <AcquirerDate>20221229</AcquirerDate> <AcquirerTime>122607</AcquirerTime> <DisplayAmount>R 10.00</DisplayAmount> <BIN>4</BIN> <Association>VISA</Association> <CardType>Unknown CardType</CardType> <Issuer>Unknown Issuer</Issuer> <Jurisdiction>International</Jurisdiction> <PAN>4242........4242</PAN> <PANMode>Keyed</PANMode> <ReconReference>04641692</ReconReference> <CardHolderPresence>CardNotPresent</CardHolderPresence> <MerchantAddress>MERCHANT ADDRESS</MerchantAddress> <MerchantCity>Sandton</MerchantCity> <MerchantCountryCode>ZA</MerchantCountryCode> <MerchantCountry>South Africa</MerchantCountry> <DistributorName>Nedbank</DistributorName> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Void
Void should be performed on an event where transactions are not responded to or not completed to the merchant’s application which could be due to a timeout scenario. When used the void message should be performed closer to the time it relates. For more on the use of Void messages, refer to the Ensuring end to end Transaction Integrity
REST | SOAP |
Request | |
{ "Version": "2.0", "CertificateID": "{5c4b9c74-0063-4240-9cff-f730675c5bd0}", "ProductType": "Enterprise", "ProductVersion": "WebAPI", "Direction": "Request", "Transaction": { "ApplicationID": "{d8d5a94-8fa0-428d-a539-3a5baf166f7f}", "Command": "Void", "Mode": "Test", "OriginalMerchantTrace": "DIAAAY22734", "OriginalRequestID": "{9667792F-635A-4121-AC85-E06856ADC3EF}"
} }
| <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <Execute xmlns="http://iveri.com/"> <validateRequest>false</validateRequest> <protocol>V_XML</protocol> <protocolVersion>7.0</protocolVersion> <request> <V_XML Version="2.0" CertificateID="cf4b7e7a-4fec-43b4-a2cb-221263c0a34b" ProductType="Enterprise" ProductVersion="iVeriWebService" Direction="Request"> <Transaction ApplicationID="7c523a4-7da7-4e59-b888-569fe65c535b" Command="Void" Mode="Test"> <MerchantTrace>240X568BEEE</MerchantTrace> <OriginalRequestID>{B3C46039-5B4D-402A-82A7-A37BC0161167}</OriginalRequestID> </Transaction></V_XML> </request> </Execute> </soap:Body> </soap:Envelope>
|
Response |
|
{ "Version": "2.0", "Direction": "Response", "Transaction": { "OriginalMerchantTrace": "DIAAAY22734", "OriginalRequestID": "{9667792F-635A-4121-AC85-E06856ADC3EF}", "ApplicationID": "{D8D5A94-8FA0-428D-A539-3A5BAF166F7F}", "Command": "Void", "Mode": "Test", "RequestID": "{F096A71F-75D0-4F0C-A150-0AF181A86445}", "Result": { "Status": "0", "Code": "0", "Description": "", "AppServer": "105IVERIAPPPR2N", "DBServer": "105iveridbpr01n", "Gateway": "Nedbank" } } }
| <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <soap:Body> <ExecuteResponse xmlns="http://iveri.com/"> <ExecuteResult><V_XML Version="2.0" Direction="Response"> <Transaction ApplicationID="{7C523A4-7DA7-4E59-B888-569FE65C535B}" Command="Void" Mode="Test" RequestID="{2EDCA6EC-0683-41C2-872B-CC5A01355EFD}"> <Result Status="0" Code="0" Description="" AppServer="105IVERIAPPPR2N" DBServer="105iveridbpr01n" Gateway="Nedbank" /> <OriginalMerchantTrace>240X568BEEE</OriginalMerchantTrace> <OriginalRequestID>{B3C46039-5B4D-402A-82A7-A37BC0161167}</OriginalRequestID> </Transaction> </V_XML></ExecuteResult> </ExecuteResponse> </soap:Body> </soap:Envelope>
|
Additional Data Transactions
Additional Data for Procurement Transactions
Procurement transactions refer to transactions that contain the line item (or order basket) details. If the line-item details are sent to iVeri within a transaction, then a procurement card holder get those details from their issuing bank (for example on their monthly statement). This is of assistance in tracking business to business transactions particularly in large corporations. Procurement transactions are currently only available within distributor Nedbank.
Coding for Procurement
The following optional input parameters are Procurement specific per transaction:
- CustomerReferenceIdentifier
- CustomerVATRegistrationNumber
- DestinationCountry
- DestinationZIPCode
- NationalTax
- NationalTaxIndicator
- OrderDate
- PurchaseIdentifier
- ShipFromZIPCode
- ShippingAmount
- ShippingTaxRate
- TransactionDiscount
- UniqueVATInvoiceReferenceNumber
The following optional input parameters are Procurement specific per Line item:
- Discount
- ItemCommodityCode
- ItemDescriptor
- ProductCode
- Quantity
- TaxRate
- Total
- UnitCost
- UnitOfMeasure
Since Line items are repeated, the advanced Enterprise methods openElement and closeElement must be used.
The following is a code snippet in https://vb.net/
enterprise.setTag("ShippingTaxRate", shippingTaxRate)
enterprise.setTag("TransactionDiscount", transactionDiscount)
enterprise.setTag("UniqueVATInvoiceReferenceNumber", vatReferenceNo)
Dim dr As DataRow
For Each dr In myTable.Rows
enterprise.openElement("LineItem")
enterprise.setTag("ItemCommodityCode", dr("Item Code"))
enterprise.setTag("ItemDescriptor", dr("Description"))
enterprise.setTag("ProductCode", dr("Product Code"))
enterprise.setTag("Quantity", dr("Quantity"))
enterprise.setTag("UnitOfMeasure", dr("Unit Of Measure"))
enterprise.setTag("UnitCost", dr("Unit Cost"))
enterprise.setTag("TaxRate", dr("Tax Rate"))
enterprise.setTag("Discount", dr("Discount"))
enterprise.setTag("Total", dr("Total"))
enterprise.closeElement()
Tax Calculation
The calculations below show how the NationalTax is calculated. Note that rounding can be up or down since the resulting NationalTax value is allowed to fall in a precision tolerance interval based on the number of line items. Calculation when TransactionDiscount is zero
NationalTax = (sum of (LineItem Total x LineItem TaxRate) / 10000) + (ShippingAmount x ShippingTaxRate) / 10000
Calculation when TransactionDiscount is NOT zero
The TransactionDiscount is spread across some or all the line items resulting in an additional discount for these line items. Let’s call the LineItem Total of the affected line items, reduced LineItem Total. Then,
NationalTax = (sum of (reduced LineItem Total x LineItem TaxRate) / 10000) + (ShippingAmount x ShippingTaxRate) / 10000.
For the above calculation, a maximum and minimum tax amount is obtained by sorting line items in ascending and descending order respectively according to LineItem TaxRate.
Advanced Fraud Screening
The following optional input parameters are CyberSource specific per Line item:
- Discount
- ItemCommodityCode
- ItemDescriptor
- ProductCode
- Quantity
- TaxRate
- Total
- UnitCost
- UnitOfMeasure
- PassengerFirstName
- PassengerLastName
- PassengerID
- PassengerStatus
- PassangerType
Note: The fields in Blue will be used when doing Advanced Fraud Screening and is not recorded on the iVeri system. Since Line items are repeated, the advanced Enterprise methods openElement and closeElement must be used. The following is a code snippet in https://vb.net/
enterprise.setTag("ShippingTaxRate", shippingTaxRate)
enterprise.setTag("TransactionDiscount", transactionDiscount)
enterprise.setTag("UniqueVATInvoiceReferenceNumber", vatReferenceNo)
Dim dr As DataRow
For Each dr in myTable.Rows
enterprise.openElement("LineItem")
enterprise.setTag("UnitCost", dr("Unit Cost"))
enterprise.setTag("Quantity", dr("Quantity"))
enterprise.setTag("ItemDescriptor", dr("Description"))
enterprise.setTag("ProductCode", dr("Product Code"))
enterprise.setTag("PassengerFirstName", dr("Passenger FirstName"))
enterprise.setTag("PassengerLastName", dr("Passenger LastName"))
enterprise.setTag("PassengerID", dr("Passenger ID"))
enterprise.setTag("PassengerStatus", dr("Passenger Status"))
enterprise.setTag("PassengerType", dr("Passenger Type"))
enterprise.closeElement()
Next
Fleet card transactions
Fleet cards facilitate the tracking of costs and managing statistical information of a fleet of vehicles.
- A Fleet transaction refer to special processing for a Fleet card.
- Fleet transactions are currently only available within distributor Nedbank.
- If a fleet card is received with other distributors, then the fleet specific parameters are ignored.
Coding for Fleetcards
The following optional input parameters are Fleet specific per transaction:
CustomerReferenceIdentifier
The following optional input parameters are Fleet specific per Line item:
- ProductCode
- Quantity
- QuantityDecimalPlaces
- UnitCost
The latest available values of the ProductCode field are obtained via the “Inventory” download command (See section 22). Only use the ProductCodes with Type='Fleet'. The list at the time of writing is given in 7.4
Since Line items are repeated, the advanced Enterprise methods openElement and closeElement must be used. The following is a code snippet in C#:
enterprise.setTag("CustomerReferenceIdentifier", customerReferenceIdentifier);
foreach (DataRow dr in myTable.Rows)
{
enterprise.openElement("LineItem");
enterprise.setTag("ProductCode", dr["Product Code"]);
enterprise.setTag("Quantity", dr["Quantity"]);
enterprise.setTag("QuantityDecimalPlaces", dr["QuantityDecimalPlaces"]);
enterprise.setTag("UnitCost", dr["Unit Cost"]);
enterprise.closeElement();
}
Airline addendum data
Airline addendum data is additional transaction data which appear on a card holder's statement when buying a ticket from an airline merchant who include this data in a transaction request. Airline addendum data is currently only available for Nedbank. In addition, the airline addendum data is currently only supported for follow-up debit (pre-authorised debit) transactions.
Coding for Airline addendum data
The following is a code snippet in C#:
enterprise.openElement("AirlineData");
enterprise.setTag("PassengerName", passengerName);
enterprise.setTag("PrimaryTicketNumber", primaryTicketNumber);
enterprise.setTag("FirstDepartureLocationCode", firstDepartureLocationCode);
enterprise.setTag("FirstArrivalLocationCode", firstArrivalLocationCode);
enterprise.setTag("PNRNumber", pnrNumber);
enterprise.setTag("OfficeIATANumber", officeIATANumber);
enterprise.setTag("OrderNumber", orderNumber);
enterprise.setTag("PlaceOfIssue", placeOfIssue);
enterprise.setTag("DepartureDate", departureDate);
These following fields are not recorded on the iVeri system:
enterprise.setTag("CompleteRoute", completeRoute);
enterprise.setTag("DepartureTime", departureTime);
enterprise.setTag("JourneyType", journeyType);
enterprise.closeElement();
Note: The fields in Blue will be used when doing Advanced Fraud Screening.
CyberSource Fraud Management
CyberSource data is additional transaction data which iVeri Payment Technologies Ltd needs to process orders within CyberSource's fraud screening solution.
Device Fingerprinting
To successfully implement Device Fingerprinting, a 1-pixel image file (which cannot be seen) and two scripts need to be placed in the <body> tag of the merchant’s checkout page*. This will ensure a 3-5 second window in which the code segments can complete the data collection necessary to create a fingerprint for the device making the order.
Below are the code segments for implementing Device Fingerprinting:
PNG Image
<p style="background:url(https://h.online-metrix.net/fp/clear.png?org_id=<org ID>&session_id=<merchant id><session ID>&m=1)"></p> <img src="https://h.online-metrix.net/fp/clear.png?org_id=<org ID>&session_ id=<merchant id><session ID>&m=2" alt="">
Flash Code
<object type="application/x-shockwave-flash" data="https://h.online-metrix.net/fp/ fp.swf?org_id=<org ID>&session_id=<merchant id><session ID>" width="1" height="1" id="thm_fp"> <param name="movie" value="https://h.online-metrix.net/fp/fp.swf?org_id=<org ID>&session_id=<merchant id><session ID>" /> <div></div> </object>
JavaScript Code
<script src="https://h.online-metrix.net/fp/check.js?org_id=<org ID>&session_ id=<merchant id><session ID>" type="text/javascript"> </script>
Parameter | Data Type | Description |
Org ID | AN | Will be supplied by iVeri Payment Technologies Ltd to the merchant. |
Session ID | AN | The session ID is a string variable (letters and numbers only) that must be unique for each merchant ID. Any string that are already generating, such as an order number or Web session ID. However, do not use the same uppercase and lowercase letters to indicate different session IDs. This is the same value that must be send to iVeri in the DeviceFingerprintID field. |
Merchant id | AN | Will be supplied by iVeri Payment Technologies Ltd to the merchant. |
Coding for CyberSource data
The following is a code snippet in C#:
enterprise.openElement("CyberSource");
enterprise.setTag("DeliveryMethod", Virtual);
enterprise.setTag("DeviceFingerprintID", sessionId);
enterprise.setTag("BillTo_FirstName", billTo_FirstName);
enterprise.setTag("BillTo_LastName", billTo_LastName);
enterprise.setTag("BillTo_Street", billTo_Street);
enterprise.setTag("BillTo_City", billTo_City);
enterprise.setTag("BillTo_Country", billTo_Country);
enterprise.setTag("BillTo_Email", billTo_Email);
enterprise.setTag("BillTo_IPAddress", billTo_IPAddress);
enterprise.closeElement();
Authenticated Collections
Authenticated collections are intended to enable a merchant who wants to make regular direct debits to a customer’s account to authenticate the customer.
This has two benefits:
- The merchant has proved that the customer has consented to these regular debits
- The customer has verified themselves by way of a pin validation so there is a higher level of comfort that the customer's account is a valid account and does belong to the customer.
Authenticated Collections is currently only available from Nedbank. In addition, the Authenticated Collections provider parameter must be enabled otherwise the transaction will be declined.
Coding for Authenticated Collection data
The following is a code snippet in C#:
enterprise.openElement("AuthenticatedCollectionData");
enterprise.setTag("AccountNumber", accountNumber);
enterprise.setTag("DebtorIdentification", debtorIdentification);
enterprise.setTag("MaximumCollectionAmount", maximumCollectionAmount);
enterprise.closeElement();
Note: That MerchantReference must be set for Authenticated Collections AND the transaction must be PIN authenticated card present. The MerchantReference is used as the contract reference. An AuthorisationCode is returned if successful.
Contact Information
An iVeri Distributor markets the services of the iVeri Gateway and products within a locality.
South Africa specific: The Nedbank Merchant agreement allows for the acceptance of Visa and MasterCard credit cards only. A Merchant that wishes to accept Diners Club and American Express cards, will need to contact these organisations separately and enter into Merchant Agreements with them. On receipt of Merchant numbers from these organisations, the merchant must contact Nedbank Card Division and ask them to update their Nedbank Merchant profile to include Diners and American Express.
Nedbank South Africa
Location
South Africa
Telephone
0860 114 966
Web sites
http://www.iveri.co.za/
http://www.nedbank.co.za/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (i.e. product information etc)
https://info@iveri.com/
23..2 Nedbank Namibia
Location
Namibia
Web sites
http://www.iveri.co.za/
http://www.nedbank.co.za/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (product information etc)
https://info@namibia.nedbank.iveri.com/
23.3 CBZ Zimbabwe
Location
Zimbabwe
Web sites
http://www.iveri.com/
https://www.cbzbank.co.zw/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (product information etc)
https://info@iveri.com/
23.4 CIM Finance
23.5 I&M Bank
Location
Kenya
Web sites
http://www.iveri.com/
http://www.imbank.com/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (product information etc)
https://info@iveri.com/
23.6 CSC/CSC247 Bank
Location
Lebanon & Cyprus
Web sites
http://www.iveri.com/
http://www.cscacquiring.com/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (product information etc)
https://info@iveri.com/
Location
Cim Finance
Web sites
http://www.iveri.com/
http://www.cim.mu/
Email
Technical Assistance
https://operations@iveri.com/
Non-technical (product information etc)
https://info@iveri.com/
23.8 Gateway Websites
Merchants has access to 3 iVeri websites: Gateway, Certificate and BackOffice.
Website
Description
Portal
Used whenever transactions are posted to the iVeri Gateway
Certificate
Used where applicable to validate certificate against the root certificate
BackOffice
Merchant portal used for accessing transaction listing, creation of users and downloading transactions reports
23.8.1 Gateway Portal Address by acquiring institution.
23.8.1.1 Nedbank
Website
URL
Port
Portal
https://portal.nedsecure.co.za/
443
Certificate
http://ca.iveri.com/
80
BackOffice
https://backoffice.nedsecure.co.za/
443
23.8.1.2 CBZ Bank
Website
URL
Port
Gateway
https://portal.host.iveri.com/
443
Certificate
http://ca.iveri.com/
80
BackOffice
https://backoffice.host.iveri.com/
443
23.8.1.3 I&M Bank
Website
URL
Port
Gateway
https://portal.host.iveri.com/
443
Certificate
http://ca.veri.com/
80
BackOffice
https://backoffice.host.iveri.com/
443
23.8.1.4 CSC/CSC247 Bank
Website
URL
Port
Gateway
https:///https://portal.cscacquiring.com/
443
Certificate
http://ca.veri.com/
80
BackOffice
https://backoffice.cscacquiring.com/
443
23.8.1.5 CIM Finance
Website
URL
Port
Gateway
https://portal.merchant.cim.mu/
443
Certificate
http://ca.veri.com/
80
BackOffice
https://backoffice.merchant.cim.mu/
443
DNS configuration
The current IP address of a website can be determined by pinging the DNS domain name.
iVeri reserves the right to change the DNS mapping to IP address at any time, however iVeri would endeavor to notify merchants timeously of such a change.