Hosted Payment Method
Overview
This document provides technical specifications for processing financial transactions through the Tranzpay gateway by interfacing with the Gateway API and a Hosted Payment Page. We have written this specifically for web designers and professionals who design, implement and support the intended systems. We use HTTPS POST to transmit and receive data.
Description:
To reduce your PCI DCSS requirements and liability, and eliminate sensitive card data footprints in your environment, Tranzpay provides a Hosted Payment Page Solution that provides the ability to authorize and capture transactions while adhering to all PCI requirements.
Summary of Steps Required
- Send non-secure customer data in initial request to prefill Customer Name, Address, Phone, Email, Policy Number, along with your PostBack and RedirectUrl to capture and store payment results.
- Receive encrypted payment link via API Response to prefilled payment form.
- Using tokenized payment link, customer will enter payment information and has the option to save information for future use (rebill).
- Payment is processed and customer is sent to provided RedirectUrl to view transaction results.
- Provided PostBackUrl receives POST response and stores response in database.
Initial Request
Sample Request
Notes
ThirdPartyCallID must be unique to every transaction.
PostBackUrl is your API page set up to process a POST request containing results of the transaction.
RedirectUrl is the page the customer will be directed to to view the results of the transaction from the Postback results provided to the PostBackUrl.
CancelUrl is the page the customer will be directed to if the transaction is cancelled before completion, or the session times-out.
AddVault should be “Y” to give customer the option to save payment information for future use in the Customer Vault. If “N” the option will not be displayed to customer.
CustomerID should be a minimum of 6 characters with no spaces.
To test and view the postback response within the page, it is recommended to use
tranzpaydev.com/testThirdPartyCheck.php in the RedirectUrl field and tranzpaydev.com/testSilentPostBack.php in the PostBackUrl field. These pages are for demonstration purposes only.
Sample Initial Response
Postback Response
Fieldname | Required | Type | Description | Validate | Post |
---|---|---|---|---|---|
Status | String | Transaction Status | SUCCESS or FAILED | Status | |
TransactionType | String | Transaction type to process. (“ThirdParty”) | ThirdParty | TransactionType | |
ResponseMessage | String | Transaction Response Message | APPROVED or DECLINED | ResponseMessage | |
ResponseCode | String | Transaction Response Code | 00=Approved | ResponseMessage | |
CardType | String | Payment method card type | Visa, Mastercard, Discover, American Express | CardType | |
AccountNumber | Integer | Last four digits of account number | Numeric only | AccountNumber | |
ExpirationDateMMYY | Integer | 2 digit month and 2 digit year | 06/24 | ExpirationDateMMYY | |
PaymentMethod | String | Transaction Payment Type (CC or ACH) | Cell | PaymentMethod | |
TransactionDate | DateTime | TransactionDate | Cell | 02/04/2020 1:21:30 pm | |
TransactionAmount | String | Transaction Amount | Float | TransactionAmount | |
AuthCode | Integer | Authorization Code | Any alphanumeric | AuthCode | |
AvsRsltCode | String | AVS Result Code | ‘Y’or ‘N’ | AvsRsltCode | |
TransactionID | Integer | Id unique to transaction on the payment gateway | Cell | TransactionID | |
CVV2ResponseMessage | String | CVV2 Response Message | Cell | CVV2ResponseMessage | |
CVV2ResponseCode | String | CVV2 Response Code | Cell | CVV2ResponseCode | |
ThirdPartyCallID | String | Unique ID assigned by merchant for transaction. | Any alphanumeric | ThirdPartyCallID | |
AddVault | String | ‘Y’ if the payment data was saved to Vault. ‘N’ for No. | ‘Y’or ‘N’ | AddVault | |
CustomerID | String | Token ID for Vault Entry (Saved Payment Information) | Any alphanumeric | CustomerID | |
PolicyNum | String | Customer policy number or equivalent. | Any alphanumeric | PolicyNum | |
Error | String | Returned error Message. | Any alphanumeric | Error | |
StatusMessage | String | Status Message | Any alphanumeric | Status Message |
Sample Postback Success Return
Sample Postback Failed Return
Notes:
Values above can be fetched in PHP via $_POST variables. Example: on the Post Back url page just use $_POST[‘Status’] to fetch “SUCCESS” or “FAILED”.
Even if Initial Request passes AddVault=Y, if the customer does not opt to save payment information for future use (via the checkbox to save payment information), the Postback will exclude a CustomerID and return AddVault=N. This is the same for both SUCCESS and FAILED transaction responses.
Methodology
Postback response contains ‘TransactionID’ and ‘CustomerID’ if the customer’s information was successfully added the vault. Using the ‘TransactionID’ or ‘CustomerID’ the following functions are available:
Voiding a transaction:
Supply the TransactionID from the original transaction, and utilize the CreditCardVoid or the ACHVoid request. Transactions may only be voided before they settle. For settled transactions, please see Refunding a Transaction below.
Refunding a transaction:
After a transaction has settled, you will need to issue a refund, rather than void. Provide a TransactionID and TransactionAmount to utilize the CreditCardCredit or the ACHRefund request.
Check Status:
To check the status of a transaction, use the TransactionID and utilize the GetTransaction request.
Rebilling a Customer:
To rebill a customer that was previously added to the Customer Vault, provide the CustomerID and then utilize one the following API requests:
Credit Card: AddCustomerCCCharge
ACH: AddCustomerACHDebit
Updating a Vault Record:
To update a customer record in the vault, provide the CustomerID and utilize the UpdateCustomer request.
View Vault Record:
To view details of a previously stored Vault record, provide the CustomerID and utilize the GetCustomer API Request.