Sale/Purchase *
*
*
M
Mandatory
O
Optional
C
Conditional
blank
not relevant
Context *
Parameter *
Debit with PAN *
Debit with TransactionIndex *
Void *
Credit with PAN *
Credit with TransactionIndex *
Core
ApplicationID
M *
M *
M *
M *
M *
Core
Category
M *
M *
M *
M *
M *
Core
CertificateID
M *
M *
M *
M *
M *
Core
Gateway
O *
O *
O *
O *
O *
Core
Command
M *
M *
M *
M *
M *
Core
Mode
M *
M *
M *
M *
M *
Common
Amount
M *
M *
*
M *
M *
Common
CardSecurityCode
O
O
O
O
Common
PAN
M
M
M
Common
Currency
M *
M *
*
M *
M *
Common
ExpiryDate
M *
M *
*
M *
M *
Common
MerchantReference
M *
M *
*
M *
M *
Common
OriginalMerchantReference
*
*
M *
*
*
Common
MerchantTrace
O *
O *
*
O *
O *
Common
OriginalRequestID
*
*
M *
*
*
Common
PANFormat
*
M *
*
*
M *
Common
TransactionIndex
*
M *
*
*
M *
Common
3DS 2 Parameters *
**
Request Parameters *
Parameter *
Description *
Merchant ReturnUrl
Mandatory: The URL which the Gateway will post return response
parameters to
ApplicationID
Mandatory: Merchant Application ID generated upon the creation of the
merchant profile on the iVeri Gateway
MerchantReference
Mandatory:
A merchant generated identifier that is unique within a specified time that
identifies a transaction sequence.
Amount
Mandatory:
The total value of the transaction in the smallest unit of the currency
specified (eg in cents)
Currency
Mandatory:
The ISO 4217 currency code of the value of the transaction. e.g., USD or ZAR
or GBP
PAN
Mandatory:
Card number used for transaction
ExpiryDate
Mandatory:
The last month of the validity period of the card, formatted as MMYY or MMYYYY
Card
3D Secure *
**
3D secure is an XML-based security protocol for online credit and debit card transactions. 3D Secure adds an authentication step for online payments, making it possible for cardholders to authenticate their online transactions with their card issuers, using a password or OTP.
Benefits of using 3D secure *
Reduces fraudulent debit & credit card transactions processed through online platforms Gives the merchants and acquiring bank liability protection
3D secure providers *
CyberSource Bankserve
3D secure with iVeri *
High: 3D secure – If a merchant is deemed high risk, the acquiring bank can set merchants on this level. Merchants that want lowest possible risk can also opt for this level. Medium: 3D secure/attempted- This option gives merchants a broader reach in the cards the
CyberSource Fraud Management
**
CyberSource data is additional transaction data which iVeri Payment Technologies Ltd needs to process orders within CyberSource's fraud screening solution.
Device Fingerprinting *
To successfully implement Device Fingerprinting, a 1-pixel image file (which cannot be seen) and two scripts need to be placed in the <body> tag of the merchant’s checkout page*. This will ensure a 3-5 second window in which the code segments can complete the data collection necessary to create a fingerprint for the device making the order.
Below are the code segments for implementing Device Fingerprinting:
PNG Image
<p style="background:url(https://h.online-metrix.net/fp/clear.png?org_id= <org ID> &session_id= <merchant id><session ID> &m=1)"></p> <img src="https://h.onli
* LiteBox Hosted Payment Page *
**
The LiteBox hosted payment page is an e-commerce solution that allows merchants to connect, send payment requests to the iVeri Payment Gateway without redirecting the cardholder away from their website. When implemented, the LiteBox pops up and sits in-front of the merchant’s website. From a merchant/cardholder point of view the LiteBox solution provides a more seamless checkout experience.
An example is available online on None [1] this link . To simulate the LiteBox behaviour, click on “Modal”.
Merchants’ developers can download the JavaScript library that handles the events to generate the button. The library can be found on the following URLs:
For Nedbank acquired merchants located in South Africa, Zimbabwe, Namibia, Lesotho and Swaziland: https://p
3D Secure 2 Test Cases BY 3D secure Vendor/MPI *
**
The MPI test cases that should be used are depended on the acquiring bank that holds the merchant agreement or PSP that will be processing the payments on the Gateway on behalf of the merchant
Things to note about the test cards:*
CVV not required Expiry must be current or future date
BANKSERV *
For merchants and acquiring banks in South Africa and Kenya
Frictionless
Full authentication *
Scenario
1 *
Authenticated
Frictionless Transaction *
Test
Values *
Visa*:4069425217889137
MC:*5163426869252246
DINERS*:36135230403232
Expected results -
Lookup *
EnrolledStatus: Y
paresTxStatus: Y
TDS2.transStatus: Y
ECI (Visa): 05
ECI (MCI): 02
ECI (DINERS): 05
PARESVERIFIED: true
PROTOCOL: 3DS 2.1.0
MD_STATUS: 1
MD_ERROR_MESSAGE:
Authenticated
Action
/ Nedbank Gateway /* – Applicable for Nedbank acquired merchants located in South Africa, Zimbabwe, Namibia, Lesotho and Swaziland
Website *
URL *
Port *
BackOffice *
[1] https://backoffice.nedsecure.co.za/
443 *
Lite
[2] https://portal.nedsecure.co.za/Lite/Authorise.aspx
Authorization Information
[3] https://portal.nedsecure.co.za/Lite/AuthoriseInfo.aspx
/ CIM Hosted Gateway /* – Applicable for merchants acquired by CIM Finance in Mauritius
Website *
URL *
Port *
BackOffice *
[4] https://backoffice.merchant.cim.mu/
443 *
Lite
[5] https://portal.merchant.cim.mu/Lite/Authorise.aspx
Authorization Information
[6] https://portal.merchant.cim.mu/Lite/AuthoriseInfo.aspx
/ CSC Hosted Gateway */– Applicable for merchants that acquired by banks af
* 3D Secure 2 implementation using the Form Post *
*
Merchant can POST Form variables to the 3DS 2 endpoint, which is redirect over the browser. On completion of the 3D secure process, the Gateway will return the result to the merchant ReturnURL. The result returned to the merchant will either allow for the continuation of the Authorisation/debit instruction or result in the termination of the transaction by the merchant to the customer.
Format: Form Data
* Form Post request Sample *
<form
name="Form1" method="post"action="https://portal.iveri.net/threedsecure/EnrollmentInitial"
id="Form1">
<input
type="hidden" name="ApplicationID"
id="ApplicationID"
value="{ca8a6eae-a469-4b39-bef3-aa029ca3a806}" />
<input
type="hidden" name="ReturnUrl" id="ReturnUrl"
value="https://[domain]/Lite/Result.as
Duplicate transactions *
**
A problem of a duplicate transaction can occur if a merchant submits a previously successful transaction in a new request. A duplicate transaction of this nature is typically due to a user's unintentional mistake, e.g. pressing the “Submit” button twice, or submitting the same batch twice. It is responsibility of the merchant to ensure that a single transaction request is not submitted successfully more than once.
Nevertheless, the iVeri Gateway provides three mechanisms to protect against duplicate transactions. Specifying a unique MerchantTrace is a client-side configuration, while the latter to require contacting your local distributor.
Specify a unique Merchant Trace for each step in a Transaction Sequence *
As mentioned in section 8.2, a MerchantTrace is a