API Reference Guide for Web Services

API Reference Guide for Web Services June 2015 Version 1.0

This manual and accompanying electronic media are proprietary products of Optimal Payments plc. They are to be used only by licensed users of the product. 1999 2015 Optimal Payments plc. All rights reserved. The information within this document is subject to change without notice. The software described in this document is provided under a license agreement, and may be used or copied only in accordance with this agreement. No part of this manual may be reproduced or transferred in any form or by any means without the express written consent of Optimal Payments plc. All other names, trademarks, and registered trademarks are the property of their respective owners. Optimal Payments plc makes no warranty, either express or implied, with respect to this product, its merchantability or fitness for a particular purpose, other than as expressly provided in the license agreement of this product. For further information, please contact Optimal Payments plc. International Head Office 3500 de Maisonneuve W., Suite 700 Montreal, Quebec H3Z 3C1 Canada Tel.: (514) 380-2700 Fax: (514) 380-2760 Email: info@optimalpayments.com Technical support: support@optimalpayments.com Web: www.optimalpayments.com U.K. Office Compass House, Vision Park Chivers Way, Histon Cambridge CB24 9AD United Kingdom Email: info@optimalpayments.com Technical Support: support@optimalpayments.com Web: www.optimalpayments.com U.S. Office 1209 Orange Street Wilmington, DE 19801 Gatineau Office 75 Promenade du Portage Gatineau, Quebec J8X 2J9 Canada

Contents 1 Optimal Payments Web Services What are Optimal Payments Web Services?............................................... 1-1 Web Services supported for Direct Debit............................................ 1-1 Web Services supported for credit cards............................................. 1-2 Web Services supported for Information Lookup Service................................. 1-3 System requirements................................................................ 1-3 Accessing the Optimal Payments WSDLs and links.......................................... 1-3 Direct Debit.................................................................. 1-3 Credit card................................................................... 1-4 Information Lookup Service...................................................... 1-4 Testing Optimal Payments Web Services.................................................. 1-4 Security features.................................................................... 1-4 AVS........................................................................ 1-4 CVD........................................................................ 1-5 Negative database............................................................. 1-6 3D Secure................................................................... 1-6 Using this guide.................................................................... 1-6 Audience.................................................................... 1-6 Functionality.................................................................. 1-6 Symbols..................................................................... 1-7 2 Direct Debit Transactions Introduction....................................................................... 2-1.NET example...................................................................... 2-2 Building charge, verify, or credit requests................................................. 2-4 charge example C#........................................................... 2-4 ddcheckrequestv1 schema...................................................... 2-6 ddcheckrequestv1 elements..................................................... 2-7 Special considerations for Direct Debit elements................................... 2-13 Building updateshippinginfo requests.................................................... 2-14 updateshippinginfo example C#................................................. 2-14 ddshippingrequestv1 schema.................................................... 2-16 ddshippingrequestv1 elements................................................... 2-16 Building lookup requests............................................................. 2-18 Lookup example C#.......................................................... 2-18 ddlookuprequestv1 schema..................................................... 2-20 ddlookuprequestv1 elements.................................................... 2-20 Building BACS mandate requests (UK)................................................... 2-22 API Reference Guide for Web Services 1.0 III

June 2015 Building SEPA mandate requests................................................... 2-22 mandate example C#......................................................... 2-23 ddmandaterequestv1 schema.................................................... 2-24 ddmandaterequestv1 elements................................................... 2-25 Building change status requests......................................................... 2-28 Change status example C#..................................................... 2-28 ddchangestatusrequest schema................................................... 2-29 ddchangestatusrequestv1 elements............................................... 2-30 Building mandate update requests...................................................... 2-31 Mandate update example C#................................................... 2-31 ddupdatemandaterequestv1 schema.............................................. 2-32 ddupdatemandaterequestv1 elements............................................. 2-32 Processing the response.............................................................. 2-33 3 Credit/Debit Card Transactions Introduction....................................................................... 3-1.NET example...................................................................... 3-3 Building Purchase/Authorization/Verification requests........................................ 3-4 Purchase example C#......................................................... 3-5 ccauthrequestv1 schema....................................................... 3-7 ccauthrequestv1 elements...................................................... 3-8 addendumdata tag/value pairs.................................................... 3-17 Building Authorization Reversal requests.................................................. 3-18 Authorization Reversal example C#............................................... 3-18 ccauthreversalrequestv1 schema................................................. 3-19 ccauthreversalrequestv1 elements................................................ 3-20 Building Settlement/Credit requests..................................................... 3-21 Settlement example C#........................................................ 3-21 ccpostauthrequestv1 schema.................................................... 3-22 ccpostauthrequestv1 elements................................................... 3-23 Building Stored Data Requests......................................................... 3-25 Stored Data Authorization example C#............................................ 3-25 ccstoreddatarequestv1 schema................................................... 3-27 ccstoreddatarequestv1 elements................................................. 3-27 Building Cancel requests.............................................................. 3-29 Cancel Settle example C#...................................................... 3-29 cccancelrequestv1 schema...................................................... 3-30 cccancelrequestv1 elements..................................................... 3-30 Building Payment/Independent Credit requests............................................. 3-32 Payment example C#......................................................... 3-32 ccpaymentrequestv1 schema.................................................... 3-34 ccpaymentrequestv1 elements................................................... 3-34 Building Transaction Lookup requests.................................................... 3-37 Transaction Lookup example C#................................................. 3-37 cctxnlookuprequestv1 schema.................................................. 3-39 IV

June 2015 cctxnlookuprequestv1 elements................................................. 3-39 Building Enrollment Lookup requests.................................................... 3-41 Enrollment Lookup example C#................................................. 3-41 ccenrollmentlookuprequestv1 schema............................................. 3-43 ccenrollmentlookuprequestv1 elements............................................ 3-43 Building Authentication requests....................................................... 3-44 Authentication example C#..................................................... 3-44 ccauthenticaterequestv1 schema................................................. 3-45 ccauthenticaterequestv1 elements................................................ 3-46 Processing the response.............................................................. 3-48 detail tag/value pairs............................................................ 3-55 addendumresponse tag/value pairs................................................ 3-55 Currency codes............................................................... 3-55 4 Information Lookup Service Transactions Introduction....................................................................... 4-1 Optimal Payments ILS WSDLs and links............................................. 4-1.NET example..................................................................... 4-2 Building ILS requests................................................................ 4-3 ILS C#..................................................................... 4-3 ilslookuprequestv1 schema..................................................... 4-4 ilslookuprequestv1 elements.................................................... 4-5 Processing the response.............................................................. 4-8 ilslookupresponsev1 schema.................................................... 4-9 Response element contents...................................................... 4-12 Authorizations response details................................................ 4-12 Settlements response details................................................... 4-13 Credits response details...................................................... 4-13 Chargebacks response details.................................................. 4-14 Direct Debit response details.................................................. 4-15 Reason codes...................................................................... 4-16 Chargeback reason codes........................................................ 4-16 Retrieval request reason codes.................................................... 4-17 Discover chargeback and retrieval request reason codes................................. 4-18 A Using the HTTP Post Method Introduction....................................................................... A-1 Direct Debit requests................................................................ A-1 charge/verify/credit............................................................. A-1 HTML example charge..................................................... A-2 updateshippinginfo............................................................ A-4 HTML example updateshippinginfo........................................... A-4 ddlookuprequest............................................................. A-6 HTML example lookuprequest............................................... A-6 API Reference Guide for Web Services 1.0 V

June 2015 Mandate request.............................................................. A-7 HTML example mandate request............................................. A-8 Change status request........................................................... A-9 HTML example change status request.......................................... A-10 Mandate update request......................................................... A-10 HTML example mandate update request........................................ A-11 Credit card requests................................................................. A-12 Purchase/Authorization/Verification................................................ A-12 HTML example Authorization................................................ A-13 Authorization Reversal.......................................................... A-15 HTML example Authorization Reversal......................................... A-16 Settlement/Credit.............................................................. A-17 HTML example Settlement.................................................. A-17 Stored Data Authorization/Purchase................................................ A-18 HTML example Stored Data Authorization...................................... A-19 Cancel Settle/Credit/Payment/Independent Credit..................................... A-20 HTML example Cancel..................................................... A-20 Payment request............................................................... A-21 HTML example Payment.................................................... A-22 Credit card Information Lookup................................................... A-23 HTML example Information Lookup........................................... A-24 Enrollment Lookup............................................................. A-25 HTML example Enrollment Lookup............................................ A-26 Authentication................................................................ A-27 HTML example Authentication............................................... A-27 Information Lookup Service requests.................................................... A-28 HTML example - ILS............................................................ A-29 Sample HTTP Post.................................................................. A-30 Sample HTTP Post responses..................................................... A-30 B Response Codes Overview......................................................................... B-1 Response codes............................................................... B-1 Action codes.................................................................. B-19 Return codes................................................................. B-19 C Geographical Codes Province codes..................................................................... C-1 State codes....................................................................... C-2 Country codes..................................................................... C-3 VI

CHAPTER 1 Optimal Payments Web Services What are Optimal Payments Web Services? Web Services are a technology that allows applications to communicate with each other in a platform- and programming language independent manner. A Web Service is a software interface that describes a collection of operations that can be accessed over the network through standardized XML messaging. It uses protocols based on the XML language to describe an operation to execute or data to exchange with another Web Service. Web Services are built on open standards such as SOAP and WSDL. Optimal Payments Web Services offer the following benefits: Merchants can integrate easily with the Web Service API, using their favourite platform and language. Merchants can automate operation and avoid manually keying in information via the Optimal Payments Web page. Merchants can operate independently of changes and updates to the Optimal Payments Web site. Web Services supported for Direct Debit Optimal Payments currently supports the following Web Services for Direct Debit: Table 1-1: Direct Debit Operations Operation Verify Charge Credit Update Shipping Info Information Lookup Mandate Request Change Status Update Mandate Description Allows you to confirm that a customer s bank account is in good standing, without actually transferring money out of that account. Allows you to transfer money from a customer s bank account to your merchant account. This transaction is completed in real time, though the banking network takes 3 5 days to transfer the funds. Allows you to transfer money from your merchant account directly to a customer s bank account. This transaction is completed in real time, though the banking network takes 3 5 days to transfer the funds. Allows you to send shipping information, including a tracking number, once you have shipped goods for which you previously processed a charge transaction. Allows you to run a report through the API over a date range you specify to return data on Direct Debit charge and credit transactions processed through your merchant account. Allows you to create a mandate for a customer s bank account and lodge it at their bank, which permits you to transfer money from the customer s bank account to your merchant account. The banking network typically takes 5 days to process the mandate. Allows you to change the status of a charge, credit, or mandate transaction. Allows you to update the information contained within an existing mandate. API Reference Guide for Web Services 1.0 1-1

Optimal Payments Web Services June 2015 Availability of Direct Debit operation types is allotted on a merchant-by-merchant basis, since not all merchant banks support all operations. If you have any questions, contact your account manager. Web Services supported for credit cards Optimal Payments currently supports the following Web Services for credit cards: Table 1-2: Credit Card Operations Operation Authorization Purchase Verification Authorization Reversal Credit Settlement Stored Data Authorization Stored Data Purchase Cancel Payment Independent Credit Information Lookup Enrollment Lookup Authentication Description Allows you to confirm that a credit card exists and has sufficient funds to cover a Purchase, but without settling the funds to your merchant account. Both authorizes and settles a requested amount against a credit card. Allows you to run an AVS and/or CVD check on a credit card without processing a charge against that card. Allows you to reverse all or part of an existing authorization, provided no settlements (either full or partial) have been processed against that authorization. This transaction type does not function with purchase transactions, but only with authorizations. Allows you to issue a credit for an amount that was previously settled. Allows you to Settle the amount of an existing Authorization, crediting the authorized amount from the credit card to your merchant account. Allows you to authorize an amount on a customer s credit card using customer data that is stored in our database. You provide only a minimum of information, saving you time and effort. Allows you to both authorize and settle an amount on a customer s credit card using customer data that is stored in our database. You provide only a minimum of information, saving you time and effort. Allows you to cancel a Credit, Settlement, Payment, or Independent Credit transaction. You can cancel one of these transactions as long as it is in a Pending state, which typically is before midnight of the day that it is requested. In some cases, you may find older Credit transactions in a Pending state. Allows you to credit an amount to a customer s credit card. The Payment transaction is not associated with a previously existing authorization, so the amount of the transaction is not restricted in this way. Allows you to credit an amount to a customer s credit card. The Independent Credit transaction is not associated with a previously existing authorization, so the amount of the transaction is not restricted in this way. Allows you to run a report through the API over a date range you specify to return data on credit card transactions processed through your merchant account. Allows you to determine whether a customer s credit card is enrolled in the 3D Secure program. Allows you to send an Authentication request in order for a cardholder enrolled in 3D Secure to authenticate their card with the Card Issuer before you process an Authorization. Availability of credit card operation types is allotted on a merchant-by-merchant basis, since not all merchant banks support all operations. If you have any questions, contact your account manager. 1-2

June 2015 Web Services supported for Information Lookup Service Web Services supported for Information Lookup Service Optimal Payments currently supports the following Web Service: Table 1-3: Information Lookup Service Operation Operation Information Lookup Service Description Allows you to run a report through the API over a date range you specify to return data on Authorizations, Settlements, Credits, and Chargebacks processed through a merchant account. System requirements The SOAP API has been tested with the following client environments: Table 1-4: Client Environments SOAP Client Programming Environment Operating Environment Microsoft.NET 1.1 and 2.0 Framework Microsoft Visual Studio.NET 2003 Microsoft Windows Server 2003 and Windows XP Apache Axis 1.4 Java (J2SE 1.4.X and higher) Linux and Microsoft Windows XP, Server 2003 Apache Axis 2.0 Java (J2SE 1.4.X and 1.5.X) Linux and Microsoft Windows XP, Server 2003 For more information: J2SE or J2EE 1.3.1 or newer (1.4.X recommended) Sun Microsystems, Inc. http://java.sun.com/downloads/index.html Apache Axis 1.4, The Apache Software Foundation http://www.apache.org/dyn/closer.cgi/ws/axis/1_4 Apache Axis2, 1.2, The Apache Software Foundation http://ws.apache.org/axis2/1_2/contents.html Microsoft.NET Framework Version 1.1/2.0 Microsoft Corporation http://www.microsoft.com/net Regardless of which SOAP client you adopt, it must support document-style messaging. Accessing the Optimal Payments WSDLs and links Direct Debit WSDL: https://webservices.optimalpayments.com/directdebitws/directdebitservice/v1?wsdl Web Service: https://webservices.optimalpayments.com/directdebitws/directdebitservice/v1 HTTP Post: API Reference Guide for Web Services 1.0 1-3

Optimal Payments Web Services June 2015 Credit card https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 WSDL: https://webservices.optimalpayments.com/creditcardws/creditcardservice/v1?wsdl Web Service: https://webservices.optimalpayments.com/creditcardws/creditcardservice/v1 HTTP Post: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 Information Lookup Service WSDL: https://webservices.optimalpayments.com/ilsws/ilsservice/v1?wsdl Web Service: https://webservices.optimalpayments.com/ilsws/ilsservice/v1 HTTP Post: https://webservices.optimalpayments.com/ilsws/ilsservlet/v1 Testing Optimal Payments Web Services Once you have configured your Web Services enabled application, please contact our Technical Support team for instructions on how to test your API calls. Email support@optimalpayments.com Telephone 888-709-8753 Security features For some transactions (e.g., Purchase) Optimal Payments provides additional features to protect the merchant from fraudulent card usage. Address verification system (AVS) Card validation data (CVD) Negative database 3D Secure AVS Optimal Payments supports address verification checks (AVS) wherever the issuing bank supports this feature. AVS verifies whether the address supplied by the customer using a card matches the billing address associated with that card at the issuing bank. This makes it more difficult to use the card fraudulently, since in order to use a stolen card someone must also know the billing address associated with it. In addition, if goods are to be shipped, the merchant can require that they be shipped to the billing address associated with the card. 1-4

June 2015 CVD Within Optimal Payments, each payment method is configured with the acceptable set of AVS return codes. If the bank returns a code that is not acceptable for the payment method, then the request is rejected with an Authorization Failed error. If you get an Authorization Failed error in response to a transaction request, and an Authorization number is returned in the response, then the failure was caused by the AVS check. You can look at the AVS code returned to determine exactly why the AVS check failed. Optimal Payments returns the following codes, in the avsresponse element, to the merchant application in response to a transaction request, with A, N, and E indicating AVS failure: Table 1-5: AVS Codes Code Letter Explanation A B E M N Q R S U W X Y Z Address matches, but zip code does not. AVS not performed for international transaction. Either the postal code has invalid format or address information not provided. AVS not supported for this industry. For international transaction, address and postal code match. No part of the address matches. Unknown response from issuer/banknet switch. Retry. System unable to process. AVS not supported. Address information is unavailable. Nine-digit zip code matches, but address does not. Exact. Nine-digit zip code and address match. Yes. Five-digit zip code and address match. Five-digit zip code matches, but address does not. When you registered with Optimal Payments, your account was set up to automatically apply AVS checks. Optimal Payments accepts only transactions for which the allowable AVS return codes are returned. AVS has three limitations, which may affect the decisions you make with regard to failed AVS checks: AVS is not always reliable. Bad results can be returned if someone has moved, for instance, or because some people report five-digit zip codes and some report nine-digit zip codes. AVS does only limited support internationally. If you decide, therefore, to ship only to addresses that return good AVS results, you may exclude otherwise valid transactions. AVS is supported by many U.S. issuing banks, but not all. So even if you only serve U.S. customers, you may not always be able to depend on AVS being available. CVD The CVD value is a 3- or 4-digit number printed on the credit card, but which is not present on the magnetic strip. Therefore, the value is not printed on receipts or statements, reducing the probability of fraud from imprint information. The CVD feature, intended specifically for trans- API Reference Guide for Web Services 1.0 1-5

Optimal Payments Web Services June 2015 actions where a card is not present, is a requirement of Optimal Payments. We support the CVD feature wherever the issuing banks do. When customers enter their card and cardholder information, the CVD value is requested at the same time. One of four indicators flag the status of a CVD request: Not provided The customer did not provide the CVD value. Provided The customer provided the CVD value. When this indicator is selected, the CVD value is provided. Illegible The customer claims the CVD value is illegible. Not present The customer claims the CVD value is not on the card. Negative database 3D Secure Using this guide Audience Optimal Payments administers a negative database that provides additional protection against misuse of cards and inappropriate transaction requests. Card numbers and email addresses are entered into the negative database for the following reasons: A chargeback associated with the card number or email address has occurred. The card number or email address was involved in, or suspected to have been involved in, fraudulent activity. Your account is configured to automatically implement this security feature, and any transaction request that attempts to use either a card number or email address that is in the negative database will not be processed. Optimal Payments supports 3D Secure, an online cardholder authentication program designed to make Internet purchase transactions safer by authenticating a cardholder s identity at the time of purchase, before the merchant submits an authorization request. It is currently supported by several card brands, including Visa (Verified by Visa), MasterCard (SecureCode), and JCB (J/Secure). Authorizations processed using 3D Secure are guaranteed against most common types of chargeback disputes. This user guide details major system functions. Each section provides an overview of functions, which are then broken down into procedures with steps to be followed. This user s guide is intended for Optimal Payments merchants using our Web Services API to process transaction requests with Optimal Payments. Functionality This guide may document some features to which you do not have access. Access to such functionality is allotted on a merchant-by-merchant basis. If you have any questions, contact your account manager. 1-6

June 2015 Symbols Symbols This user guide uses the following symbols to bring important items to your attention: Table 1-6: Symbols Symbol Description This note icon denotes a hint or tip to help you use the transaction processing application more efficiently. This warning icon alerts you about actions you might take that could have important consequences. This access icon alerts you about functionality that might be available only for certain merchant configurations. API Reference Guide for Web Services 1.0 1-7

Optimal Payments Web Services June 2015 1-8

CHAPTER 2 Direct Debit Transactions Introduction This chapter describes how to process Direct Debit transactions via the Optimal Payments Web Service. The following operations are supported: Table 2-1: Supported Operations Operation Description For Request Type Verify Allows you to confirm that a customer s bank account is in good standing, without actually transferring money out of that account. EFT ACH Charge Allows you to transfer money from a customer s bank account to your merchant account. This transaction is completed in real time, though the banking network takes 3 5 days to transfer the funds. EFT ACH BACS SEPA See Building charge, verify, or credit requests on page 2-4. Credit Allows you to transfer money from your merchant account directly to a customer s bank account. This transaction is completed in real time, though the banking network takes 3 5 days to transfer the funds. EFT ACH BACS Update Shipping Info Allows you to send shipping information, including a tracking number, once you have shipped goods for which you previously processed a charge transaction. EFT ACH SEPA See Building updateshippinginfo requests on page 2-14. Information Lookup Allows you to run a report through the API over a date range you specify to return data on Direct Debit charge and credit transactions processed through your merchant account. EFT ACH BACS SEPA See Building lookup requests on page 2-18. Mandate Request Allows you to create a mandate for a customer s bank account and lodge it at their bank, which permits you to transfer money from the customer s bank account to your merchant account. The banking network typically takes 5 days to process the mandate. BACS SEPA See Building BACS mandate requests (UK) on page 2-22. Change Status Allows you to change the status of a charge, credit, or mandate transaction. EFT ACH BACS SEPA See Building change status requests on page 2-28. Update Mandate Allows you to update the information contained within an existing mandate. SEPA See Building mandate update requests on page 2-31. API Reference Guide for Web Services 1.0 2-1

Direct Debit Transactions June 2015 Availability of Direct Debit operation types is allotted on a merchant-by-merchant basis, since not all merchant banks support all operations. If you have any questions, contact your account manager. The verify, charge, and credit operations accept a ddcheckrequestv1 document object. The updateshippinginfo operation accepts a ddshippingrequestv1 document object. The lookup operation accepts a ddlookuprequestv1 document object. The mandate request operation accepts a ddmandaterequest document object. The change status operation accepts a ddchangestatusrequest document object. The mandate update operation accepts a ddupdatemandaterequest document object. All operations return a ddcheckresponsev1 response..net example To build the.net example: 1. Create a new project. 2. Add a Web Reference. 2-2

June 2015.NET example 3. Enter the WSDL URL and click the Add Reference button. The Web client is now built. API Reference Guide for Web Services 1.0 2-3

Direct Debit Transactions June 2015 4. Build a Direct Debit request and process response. See Building charge, verify, or credit requests on page 2-4 See Building updateshippinginfo requests on page 2-14 See Processing the response on page 2-33 Building charge, verify, or credit requests Charge, verify, and credit requests require the ddcheckrequestv1 document object. This section describes the structure of a ddcheckrequestv1 and how to construct one. See Table 2-2: ddcheck- RequestV1 Elements on page 2-7 for details on elements required. charge example C# The following is a charge example in C#. To make this a credit or verify request, modify the value charge in the line DDCheckResponseV1 ddtxnresponse = ddservice.charge(ddcheckrequest) below to credit or verify, respectively. // Prepare the call to the Direct Debit Web Service DDCheckRequestV1 ddcheckrequest = new DDCheckRequestV1(); ddcheckrequest.amount = "10.00"; MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddcheckrequest.merchantaccount = merchantaccount; CheckV1 check = new CheckV1(); check.routingnum = "123456789"; check.accountnum = "987654321"; check.accounttype = BankAccountTypeV1.PC; check.bankname = "Chase"; check.checknum = 12; check.payee = "ACME Inc."; ddcheckrequest.check = check; BillingDetailsV1 billingdetails = new BillingDetailsV1(); billingdetails.firstname = "Jane"; 2-4

June 2015 charge example C# billingdetails.lastname = "Jones"; billingdetails.street = "123 Main Street"; billingdetails.city = "LA"; billingdetails.country = CountryV1.US; billingdetails.zip = "90210"; billingdetails.phone = "555-555-5555"; billingdetails.checkpaymethod = CheckPayMethodV1.WEB; ddcheckrequest.billingdetails = billingdetails; //Perform the Web Services call to process the charge DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddtxnresponse = ddservice.charge(ddcheckrequest); // Print out the result String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } API Reference Guide for Web Services 1.0 2-5

Direct Debit Transactions June 2015 ddcheckrequestv1 schema A ddcheckrequestv1 document object has the following structure: 2-6

June 2015 ddcheckrequestv1 elements ddcheckrequestv1 elements This request is used for Direct Debit transactions for a variety of schemes. Please see Table 2-3: Additional Direct Debit Element Requirements on page 2-13 for variations on certain required elements. The ddcheckrequestv1 document object may contain the following elements: Table 2-2: ddcheckrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 merchantrefnum Conditional String Max = 40 amount Yes String Max = 9999999.99 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the unique ID number associated with the original request. The value is created by the merchant and submitted as part of the original request. This is returned only in response to a lookup request. This is the amount of the transaction request. NOTE: This field requires a leading nonzero digit and two digits after the decimal place. An exception is made in cases where a leading zero is by itself (e.g., 0.99). check accounttype Optional Enumeration This is the type of checking account used for the transaction. Possible values are: PC (Personal Checking) PS (Personal Savings) PL(Personal Loan) BC (Business Checking) BS (Business Savings) BL (Business Loan) NOTE: If this element is not specified, the value defaults to PC. bankname Optional String Max = 40 This is the name of the customer s bank, to which this transaction is posted. API Reference Guide for Web Services 1.0 2-7

Direct Debit Transactions June 2015 Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description checknum Yes Long Max = 8 accountnum Yes String Max = 17 If IBAN, Max = 32 routingnum Yes String Min = 6 Max = 9 If BIC, Min = 8 Max = 11 payee Conditional String Max = 81 This is the check serial number, provided at the time of the transaction request. NOTE: The checknum element is required for the verify operation, where it serves as a unique transaction ID, even though no money is transferred between accounts for this operation. It cannot be set to 0 (zero). This is the customer s bank account number. For SEPA transactions, this is IBAN (International Bank Account Number) of the customer s bank account. NOTE: This cannot be zero (0) and can contain alphanumeric characters only. For USD accounts, this is the 9-digit routing number of the customer s bank. For British pound accounts, this is the 6-digit sort code of the customer s bank. For Canadian dollar accounts, this is a combination of the 3-digit institution ID followed by the 5-digit transit number of the customer s bank branch. They must be entered in this order. Do not include spaces or dashes. For SEPA transactions, this is the BIC (Bank Identifier Code) of the customer s bank account. NOTE: This cannot be zero (0) and can contain alphanumeric characters only. This is the descriptor that will appear on the customer s bank account. It is required only for credit and verify transactions. If you provide a value for this field, this value will be used as the statement descriptor. If you do not provide a value for this field, a default value configured for the merchant account will be used. bankcountry Conditional Enumeration This is the country in which the bank is located. See Country codes on page C-3 for correct codes to use. This is a required element only for certain countries. bankcity Conditional String Max = 40 This is the city in which the bank is located. This is a required element only for certain countries. 2-8

June 2015 ddcheckrequestv1 elements Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description mandatereference Conditional String Max = 10 For SEPA, Max = 35 This is the mandate reference that allows the account to be charged. This is the value returned for the mandatereference parameter in the response to a ddmandaterequestv1. For SEPA, this element is mandatory. billingdetails checkpaymethod Optional Enumeration This is the payment type. Possible values are: WEB (Personal Check Only) TEL (Personal Check Only) PPD (Personal Check Only) CCD (Business Check Only) NOTE: If this element is not specified, the value defaults to WEB. It cannot be set to WEB or TEL for credit requests. firstname Conditional String Max = 40 lastname Conditional String Max = 40 companyname Conditional String Max = 50 street Yes String Max = 50 street2 Optional String Max = 50 city Yes String Max = 40 state/region Conditional If state, then Enumeration If region, then string Max = 40 This is the customer s first name. Required if checkpaymethod is set to WEB or TEL. This is the customer s last name. Required if accounttype is set to PC, PS, or PL. This is the company s name. Required if accounttype is set to BC, BS, or BL. This is the first line of the customer s street address. This is the second line of the customer s street address. This is the city in which the customer resides. This is the state/province/region in which the customer resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Yes Enumeration This is the country in which the customer resides. See Country codes on page C-3 for correct codes to use. zip Optional String Max = 10 phone Optional String Max = 40 This is the customer s ZIP code if in the U.S.; otherwise, this is the customer s postal code. This is the customer s telephone number. API Reference Guide for Web Services 1.0 2-9

Direct Debit Transactions June 2015 Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description email Optional String Max = 100 personalid idnumber Optional String Max = 20 This is the customer s email address. This is the number of the ID provided for the idtype element. idtype Optional Enumeration This is the type of ID used to identify the owner of the bank account. Possible values are: DL (Driver s License) SS (Government ID) MI (Military ID) GN (Generic ID) state/region Optional If state, then Enumeration If region, then string Max = 40 country Optional String Length = 2 This is the state/province/region in which the ID was issued. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. This is the country in which the ID was issued. Possible values are: CA (Canada) US (United States) expiry Optional The expiry child element has three further child elements. Child Element of expiry day Optional Int Length = 2 month Optional Int Length = 2 year Conditional Int Length = 4 socialsecuritynumber Optional String Max = 12 This is the day the ID expires. This is the month the ID expires. This is the year the ID expires. This element is required if the expiry element is included. This is the customer s Social Security Number. dateofbirth Optional This is the customer s date of birth. year Conditional String Max = 4 1900 9999 month Conditional String Max = 12 day Conditional String Max = 31 This is the customer s year of birth. This is the customer s month of birth. This is the customer s day of birth. 2-10

June 2015 ddcheckrequestv1 elements Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description shippingdetails carrier Optional Enumeration This is the shipment carrier. Possible values are: APC = APC Overnight APS = AnPost CAD = Canada Postal Service DHL FEX = Fedex RML = Royal Mail UPS = United Parcel Service USPS = United States Postal Service OTHER trackingnumber Optional String Max = 50 This is the shipping tracking number provided by the carrier. shipmethod Optional Enumeration This is the method of shipment. Possible values are: N = Next Day/Overnight T = Two-Day Service C = Lowest Cost O = Other firstname Optional String Max = 40 lastname Optional String Max = 40 street Optional String Max = 50 street2 Optional String Max = 50 city Optional String Max = 40 state/region Optional If state, Enumeration If region, then string Max = 40 This is the recipients s first name. This is the recipient s last name. This is the first line of the recipient s street address. This is the second line of the recipient s street address. This is the city in which the recipient resides. This is the state/province/region in which the recipient resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the recipient resides. See Country codes on page C-3 for correct codes to use. zip Optional String Max = 10 phone Optional String Max = 40 This is the recipient s ZIP code if in the U.S.; otherwise, this is the recipient s postal code. This is the recipient s phone number. API Reference Guide for Web Services 1.0 2-11

Direct Debit Transactions June 2015 Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description email Optional String Max = 100 customerip Optional String Max = 50 This is the recipient s email address. This is the customer s IP address. producttype Optional Enumeration This is the type of product sold. Possible values are: P (Physical Goods) D (Digital Goods) C (Digital Content) G (Gift Certificate/Digital Cash) S (Shareware) M (Both Digital and Physical) R (Account Replenish) txnappliedto No This element is not applicable for Direct Debit transactions. confirmationnumber Conditional String Max = 15 This is the confirmation number returned by Optimal Payments in response to the original request. Include this element only if you are using the ddcheckrequestv1 to process a credit request. targetvirtualaccount No This element is not applicable for Direct Debit transactions. checkriskservice No This element is not applicable for Direct Debit transactions. txndate Optional datetime This is the date and time that the transaction took place. For a charge or credit, or for a ddmandaterequestv1, this can be the future date and time when the transaction will take place. For SEPA, this specifies the future collection date. It must be a minimum of 6 business days in the future for First and One-Off transactions, and a minimum of 3 business days in the future for Recurring and Final transactions. NOTE: The resulting collection date will be returned in the tag/value pair for the detail element in the response (see Table 2-10: ddcheckresponsev1 Elements on page 2-34). sdk version Conditional String Max = 20 This is the version of the SDK used, if any. Required if sdk element is provided. 2-12

June 2015 ddcheckrequestv1 elements Table 2-2: ddcheckrequestv1 Elements (Continued) Element Child Element Required Type Description platform Conditional String Max = 10 provider Conditional String Max = 20 This is the integration language of the SDK used (e.g., Java,.NET). Required if sdk element is provided. This is the author of the SDK used. Set to value op when the SDK is provided by Optimal Payments. Required if sdk element is provided. origin Optional Enumeration The is the origin of the request. Possible values are: Wireless Wireline addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is additional data that the merchant can include with the transaction request. This is additional data that the merchant can include with the transaction request. Special considerations for Direct Debit elements Some merchants are integrated with downstream processors that have different requirements for mandatory Direct Debit elements. In such cases, the following holds. Table 2-3: Additional Direct Debit Element Requirements Element Regular Transactions Guaranteed Transactions SEPA Transactions check.accounttype Optional Required Optional check.bankname Optional Required Optional check.checknum Required Required Optional check.payee Optional Optional Required check.bankcountry Conditional Conditional Optional check.bankcity Conditional Conditional Optional check.mandatereference Conditional Conditional Required billingdetails.firstname Conditional Required Required billingdetails.lastname Conditional Required Required billingdetails.companyname Conditional Conditional Optional billingdetails.state Conditional Required Optional billingdetails.zip Optional Required Required billingdetails.phone Optional Required Optional billingdetails.email Optional Required Required customerip Optional Required Optional API Reference Guide for Web Services 1.0 2-13

Direct Debit Transactions June 2015 Table 2-3: Additional Direct Debit Element Requirements (Continued) Element Regular Transactions Guaranteed Transactions SEPA Transactions dateofbirth.year Optional Required Optional dateofbirth.month Optional Required Optional dateofbirth.day Optional Required Optional personalid.idnumber Optional Required Optional personalid.state Optional Required Optional socialsecuritynumber Optional Required Optional Your account manager will inform you 1) if you are integrated with this type of downstream processor and 2) if you are eligible for guaranteed Direct Debit processing. Building updateshippinginfo requests All optional elements that take non-nullable data types (e.g., int or enum) must have their specified attribute set to true when setting values for those elements. See the shipmethod element in the example below. The updateshippinginfo request requires the ddshippingrequestv1 document object. This section describes the structure of a ddshippingrequestv1 and how to construct one. See Table 2-4: ddshippingrequestv1 Elements on page 2-16 for details on elements required. updateshippinginfo example C# The following is an updateshippinginfo example in C#. // Prepare the call to the Direct Debit Web Service DDShippingRequestV1 ddshippingrequest = new DDShippingRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddshippingrequest.merchantaccount = merchantaccount; ddshippingrequest.confirmationnumber = "123456"; // A valid confirmation number from a previous settle auth or purchase ddshippingrequest.carrier = CarrierV1.FEX; // Fedex ddshippingrequest.shipmethod = ShipMethodV1.T; ddshippingrequest.shipmethodspecified = true; ddshippingrequest.trackingnumber = "555666888999"; ddshippingrequest.firstname = "Jane"; ddshippingrequest.lastname = "Jones"; ddshippingrequest.street = "123 Main Street"; ddshippingrequest.city = "LA"; ddshippingrequest.country = CountryV1.US; ddshippingrequest.countryspecified = true; ddshippingrequest.zip = "90210"; ddshippingrequest.email = "janejones@emailserver.com"; // optional email address 2-14

June 2015 updateshippinginfo example C# //Perform the Web Services call to update the shipping info DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddtxnresponse = ddservice.updateshippinginfo(ddshippingrequest); // Print out the result String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } API Reference Guide for Web Services 1.0 2-15

Direct Debit Transactions June 2015 ddshippingrequestv1 schema A ddshippingrequestv1 document object has the following structure: ddshippingrequestv1 elements The ddshippingrequestv1 document object may contain the following elements: Table 2-4: ddshippingrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 This is the merchant account number. 2-16

June 2015 ddshippingrequestv1 elements Table 2-4: ddshippingrequestv1 Elements (Continued) Element Child Element Required Type Description storeid Yes String Max = 80 storepwd Yes String Max = 20 This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. carrier Yes Enumeration This is the shipment carrier. Possible values are: APC = APC Overnight APS = AnPost CAD = Canada Postal Service DHL FEX = Fedex RML = Royal Mail UPS = United Parcel Service USPS = United States Postal Service OTHER trackingnumber Yes String Max = 50 confirmationnumber Yes String Max = 15 This is the shipping tracking number provided by the carrier. This is the confirmation number returned by Optimal Payments. shipmethod Optional Enumeration This is the method of shipment. Possible values are: N = Next Day/Overnight T = Two-Day Service C = Lowest Cost O = Other firstname Optional String Max = 40 lastname Optional String Max = 40 street Optional String Max = 50 street2 Optional String Max = 50 city Optional String Max = 40 This is the customer s first name. This is the customer s last name. This is the first line of the customer s street address. This is the second line of the customer s street address. This is the city in which the customer resides. API Reference Guide for Web Services 1.0 2-17

Direct Debit Transactions June 2015 Table 2-4: ddshippingrequestv1 Elements (Continued) Element Child Element Required Type Description state/region Optional If state, then Enumeration If region, then string Max = 40 This is the state/province/region in which the customer resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the customer resides. See Country codes on page C-3 for correct codes to use. zip Optional String Max = 10 phone Optional String Max = 40 email Optional String Max = 100 This is the customer s ZIP code if in the U.S.; otherwise, this is the customer s postal code. This is the customer s telephone number. This is the customer s email address. Building lookup requests The Direct Debit lookup request allows you to run a report, over a date range you specify, to return data on Direct Debit charge and credit transactions processed through your merchant account. Lookup example C# The following is a ddlookuprequest example in C#. // Prepare the call to the Direct Debit Web Service DDLookupRequestV1 ddlookuprequest = new DDLookupRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddlookuprequest.merchantaccount = merchantaccount; ddlookuprequest.confirmationnumber = "123456789"; DateV1 startdate = new DateV1(); startdate.year = "2012"; startdate.month = "08"; startdate.day = "15"; startdate.hour = "11"; startdate.minute = "00"; startdate.second = "00"; ddlookuprequest.startdate = startdate; ddlookuprequest.startdatespecified = true; DateV1 enddate = new DateV1(); enddate.year = "2012"; enddate.month = "08"; enddate.day = "15"; enddate.hour = "14"; enddate.minute = "00"; 2-18

June 2015 Lookup example C# enddate.second = "00"; ddlookuprequest.enddate = enddate; ddlookuprequest.enddatespecified = true; //Perform the Web Services call to process the charge DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddcheckresponse = ddservice.lookup(ddlookuprequest); // Print out the result String responsetxt = ddcheckresponse.code + " - " + ddcheckresponse.decision; responsetxt += "Transactions:" + Environment.NewLine; if (ddcheckresponse.transaction!= null) { for (int i = 0; i < ddcheckresponse.transaction.length; i++) { responsetxt += " - confirmationnumber: " + ddcheckresponse.transaction[i].confirmationnumber + Environment.NewLine; responsetxt += " - merchantrefnum: " + ddcheckresponse.transaction[i].merchantrefnum + Environment.NewLine; responsetxt += " - txntime: " + ddcheckresponse.transaction[i].txntime + Environment.NewLine; responsetxt += " - amount: " + ddcheckresponse.transaction[i].amount + Environment.NewLine; StatusV1 status = ddcheckresponse.transaction[i].status; if (status!= null){ responsetxt += " - status: " + status.code + Environment.NewLine; responsetxt += " - status effective date:" + status.effectivedate + Environment.NewLine; } responsetxt += Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddCheckResponse.decision)) { System.Console.WriteLine("Transaction Found."); } else { System.Console.WriteLine("Transaction Failed or Not Found with decision: " + ddcheckresponse.decision); } API Reference Guide for Web Services 1.0 2-19

Direct Debit Transactions June 2015 ddlookuprequestv1 schema A ddlookuprequestv1 document object has the following structure: ddlookuprequestv1 elements The ddlookuprequestv1 document object may contain the following elements: Table 2-5: ddlookuprequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. 2-20

June 2015 ddlookuprequestv1 elements Table 2-5: ddlookuprequestv1 Elements (Continued) Element Child Element Required Type Description confirmationnumber Optional String Max = 15 merchantrefnum Conditional String Max = 40 startdate year Required Int Max = 9999 month Required Int Min = 1 Max = 12 day Required Int Min = 1 Max = 31 hour Required Int Min = 0 Max = 23 minute Required Int Min = 0 Max = 59 second Required Int Min = 0 Max = 59 enddate year Required Int Max = 9999 month Required Int Min = 1 Max = 12 day Required Int Min = 1 Max = 31 hour Required Int Min = 0 Max = 23 This is the confirmation number returned by Optimal Payments in response to the original request. Include this element only if you want to search using this field. This field takes precedence over the merchantrefnum field. This is a unique ID number associated with the original request. The value is created by the merchant and submitted as part of the request. This is the year set for the search start. This is the month set for the search start. This is the day set for the search start. This is the hour set for the search start. This is the minute set for the search start. This is the second set for the search start. This is the year set for the search end. This is the month set for the search end. This is the day set for the search end. This is the hour set for the search end. API Reference Guide for Web Services 1.0 2-21

Direct Debit Transactions June 2015 Table 2-5: ddlookuprequestv1 Elements (Continued) Element Child Element Required Type Description minute Required Int Min = 0 Max = 59 second Required Int Min = 0 Max = 59 This is the minute set for the search end. This is the second set for the search end. Building BACS mandate requests (UK) The Direct Debit mandate allows you to create a mandate for a customer s bank account and lodge it at their bank, which is required before you can perform a charge operation to transfer money from that customer s bank account to your merchant account. When you submit a ddmandaterequestv1, Optimal Payments will return a value for the mandatereference element in the response. This value is either based on the value you send in the request, or it is automatically generated by the Optimal Payments system. You will use this value in the mandatereference element (which is a child element of the check element) when you process future charge requests against the customer s bank account using the ddcheckrequestv1. The mandatereference is 10 characters in length. If you send a request with a value of fewer than 10 characters, Optimal Payments will pre-fill the reference with 0 s to make up 10 characters. For example, a requested value of ABCDEFG will return a value of 000ABCDEFG. If no value is passed, Optimal Payments will create the value for you and return it within the response. Initially, the status of the mandate is set to W (Pending), followed by C (Completed) when it has been batched at this point the mandate cannot yet be used for Direct Debit transactions. The banking network typically takes 5 days to process the mandate, so 5 days after the mandate has been batched, Optimal Payments changes the status of the mandate to AP (Active). At that point it can be used to authorize Direct Debit transactions on the bank account for which it was set up. Note that if the charge is postdated by setting the txndate in the ddcheckrequestv1 request, then the mandate may be used while it is not yet active, provided the txndate is set to a minimum of 5 working days in the future to allow the mandate time to become active. To assist this process, the date a mandate will become active is returned in the effectivedate element of the response to the ddmandaterequestv1. Mandates are automatically batched the next working day unless the autosend value is not set to Y, in which case the mandate will remain in a PCA (Pending Customer Approval) state. This optional intermediate state before W allows you to perform extra checks on the customer, or for the customer to review the information having received the mandatereference, before proceeding. The mandate may then be turned from a PCA to W state by using either the changestatus request or the Optimal Payments merchant back office. Building SEPA mandate requests In order to process a SEPA Direct Debit transaction, you will need to pre-establish a mandate agreement with your customer and send your mandate reference ID in the mandatereference element. Please note that your mandate reference ID can have up to 35 characters. SEPA Direct Debit mandates are active as soon they are created by the merchant, so you can immediately follow up the ddmandaterequest request with a ddcheckrequest. 2-22

June 2015 mandate example C# The SEPA Direct Debit Merchant Implementation Guide contains more information about the business logic and processes surrounding the SEPA Direct Debit transaction. mandate example C# The following is a ddmandaterequest example in C#. // Prepare the call to the Direct Debit Web Service DDMandateRequestV1 ddmandaterequest = new DDMandateRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddcheckrequest.merchantaccount = merchantaccount; CheckV1 check = new CheckV1(); check.routingnum = "123456789"; check.accountnum = "987654321"; check.bankname = "Chase"; check.payee = "ACME Inc."; ddmandaterequest.check = check; BillingDetailsV1 billingdetails = new BillingDetailsV1(); billingdetails.firstname = "Jane"; billingdetails.lastname = "Jones"; billingdetails.street = "123 Main Street"; billingdetails.city = "Cambridge"; billingdetails.country = CountryV1.UK; billingdetails.zip = "CB12345"; billingdetails.phone = "1222 444000"; billingdetails.checkpaymethod = CheckPayMethodV1.WEB; ddmandaterequest.billingdetails = billingdetails; ddmandaterequest.autosend = "Y"; //Perform the Web Services call to process the charge DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddtxnresponse = ddservice.mandate(ddcheckrequest); // Print out the result String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } API Reference Guide for Web Services 1.0 2-23

Direct Debit Transactions June 2015 ddmandaterequestv1 schema A ddmandaterequestv1 document object has the following structure: 2-24

June 2015 ddmandaterequestv1 elements ddmandaterequestv1 elements The ddmandaterequestv1 document object may contain the following elements: Table 2-6: ddmandaterequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 merchantrefnum Conditional String Max = 40 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the unique ID number associated with the original request. The value is created by the merchant and submitted as part of the original request. check accounttype Optional Enumeration This is the type of checking account used for the transaction. Possible values are: PC (Personal Checking) PS (Personal Savings) PL(Personal Loan) BC (Business Checking) BS (Business Savings) BL (Business Loan) NOTE: If this element is not specified, the value defaults to PC. bankname Optional String Max = 40 checknum Optional Long Max = 8 accountnum Yes String Max = 17 routingnum Yes String Min = 6 Max = 9 This is the name of the customer s bank, to which this transaction is posted. This is the check serial number, provided at the time of the transaction request. This is the customer s bank account number. For SEPA transactions, this is IBAN (International Bank Account Number) of the customer s bank account. For British pound accounts, this is the 6-digit sort code of the customer s bank. For SEPA transactions, this is the BIC (Bank Identifier Code) of the customer s bank account. API Reference Guide for Web Services 1.0 2-25

Direct Debit Transactions June 2015 Table 2-6: ddmandaterequestv1 Elements (Continued) Element Child Element Required Type Description payee Optional String Max = 81 This is the descriptor that will appear on the customer s bank account. It is required only for credit and verify transactions. If you provide a value for this field, this value will be used as the statement descriptor. If you do not provide a value for this field, a default value configured for the merchant account will be used. bankcountry Conditional Enumeration This is the country in which the bank is located. See Country codes on page C-3 for correct codes to use. This is a required element only for certain countries. bankcity Conditional String Max = 40 mandatereference Conditional String Max = 10 For SEPA, Max = 35 This is the city in which the bank is located. This is a required element only for certain countries. This is the mandate reference that allows the account to be charged. You may optionally set the value of the mandatereference yourself when making the request. If you do not supply a value here then it will be set by Optimal Payments and returned in the response. For SEPA, this element is mandatory, and the merchant creates their own mandatereference. billingdetails checkpaymethod Optional Enumeration This is the payment type. Possible values are: WEB (Personal Check Only) TEL (Personal Check Only) PPD (Personal Check Only) CCD (Business Check Only) NOTE: If this element is not specified, the value defaults to WEB. firstname Conditional String Max = 40 lastname Conditional String Max = 40 companyname Conditional String Max = 50 street Optional String Max = 50 street2 Optional String Max = 50 This is the customer s first name. Required if checkpaymethod is set to WEB or TEL. This is the customer s last name. Required if accounttype is set to PC, PS, or PL. This is the company s name. Required if accounttype is set to BC, BS, or BL. This is the first line of the customer s street address. This is the second line of the customer s street address. 2-26

June 2015 ddmandaterequestv1 elements Table 2-6: ddmandaterequestv1 Elements (Continued) Element Child Element Required Type Description city Optional String Max = 40 state/region Conditional If state, then Enumeration If region, then string Max = 40 This is the city in which the customer resides. This is the state/province/region in which the customer resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the customer resides. See Country codes on page C-3 for correct codes to use. zip Optional String Max = 10 phone Optional String Max = 40 email Optional String Max = 100 customerip Optional String Max = 50 This is the customer s ZIP code if in the U.S.; otherwise, this is the customer s postal code. This is the customer s telephone number. This is the customer s email address. This is the customer s IP address. txndate Optional datetime This is the date and time that the transaction took place. For a charge or credit, or for a ddmandaterequestv1, this can be the future date and time when the transaction will take place. autosend Optional Boolean This controls when the mandate is sent to the bank. Possible values are: Y = The mandate will be set to W (Pending) status, ready to be batched and then sent to the bank N = The mandate will remain with the status of PCA (Pending Customer Approval), and will not be sent to the bank. If the autosend status is set to N, the mandate can later be changed to a status of W by using the changestatus request, at which point the mandate will then be sent to the bank at the next batching time (see Building change status requests on page 2-28). NOTE: For SEPA, this must be set to Y, and the mandate will be set to AP (Active). addendumdata tag Optional String Max = 30 This is additional data that the merchant can include with the transaction request. API Reference Guide for Web Services 1.0 2-27

Direct Debit Transactions June 2015 Table 2-6: ddmandaterequestv1 Elements (Continued) Element Child Element Required Type Description value Optional String Max = 1024 This is additional data that the merchant can include with the transaction request. Building change status requests A change status request allows you to change the status of some Direct Debit transactions. You can make the following status changes: Table 2-7: Status Changes Solution Request Type Initial Status Resulting Status UK Direct Debit (BACS) Mandate PCA Pending Customer Approval W Pending X Cancelled UK Direct Debit (BACS) Charge Credit Mandate W Pending X Cancelled UK Direct Debit (gateway merchants) Charge Credit Mandate C Completed CL Cleared RE Returned NOTE: Use only when your sponsoring bank has rejected the transaction and no BACS report has been produced. Allow 5 working days from the completed date and then contact Technical Support before making this change request. EFT/ACH Charge Credit C Completed X Cancelled NOTE: Only possible where the request has not yet been sent to the bank. SEPA Direct Debit Mandate AP Active X Cancelled SEPA Direct Debit Charge W Pending C Completed X Cancelled NOTE: Possible only up to 5 days after the clearing date of the charge. Optimal Payments responds to your change status request with the ddcheckresponsev1. In this response, the confirmationnumber identifies the request that was updated (charge, credit, or mandaterequest), and you can confirm the new status of the transaction you updated. See Processing the response on page 2-33 for details. Change status example C# The following is a ddchangestatusrequest example in C#. // Prepare the call to the Direct Debit Web Service DDChangeStatusRequestV1 ddchangestatusrequest = new DDChangeStatusRequestV1(); 2-28

June 2015 ddchangestatusrequest schema MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddchangestatusrequest.merchantaccount = merchantaccount; ddchangestatusrequest.confirmationnumber = "123456"; // A valid confirmation number from a previous mandate or echeck; ddchangestatusrequest.status = "C"; //Perform the Web Services call to process the charge DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddtxnresponse = ddservice.changestatus(ddcheckrequest); // Print out the result String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } ddchangestatusrequest schema A ddchangestatusrequestv1 document object has the following structure: API Reference Guide for Web Services 1.0 2-29

Direct Debit Transactions June 2015 ddchangestatusrequestv1 elements The ddchangestatusrequestv1 document object may contain the following elements: Table 2-8: ddchangestatusrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 confirmationnumber Optional String Max = 15 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This value identifies the transaction whose status you want to change. This is the confirmationnumber returned by Optimal Payments in response to the original transaction request. status Required Enumeration This is the new status code for the transaction. Possible values are: C Completed RE Returned W Pending X Cancelled addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is additional data that the merchant can include with the transaction request. This is additional data that the merchant can include with the transaction request. 2-30

June 2015 Building mandate update requests Building mandate update requests Only merchants processing SEPA Direct Debits can use this request type. A mandate update request allows you to update an existing mandate. Effectively, you are creating a new mandate based on the information contained in the existing mandate, but with some updated information (e.g., a customer s bank account number might change). When you submit a ddupdatemandaterequestv1, Optimal Payments sets the status of the mandate to T (Transferred). A new mandate is created, copying the data from the existing mandate, except for any of the following three values that may have been specified in the mandate update request: mandatereference accountnum routingnum Any new values that were specified in the request for these elements will be used in the new mandate. The new mandate will have a status of either PCA (Pending Customer Approval) or AP (Active) as per the existing mandate. The new mandate will be linked to the existing mandate, so the system knows that the existing mandate was transferred to the new mandate. Optimal Payments responds to your update mandate request with the ddcheckresponsev1. In this response, the confirmationnumber identifies the new mandate that has been created. Mandate update example C# The following is a ddupdatemandaterequest example in C#. // Prepare the call to the Direct Debit Web Service DDUpdateMandateRequestV1 ddupdatemandaterequest = new DDUpdateMandateRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ddupdatemandaterequest.merchantaccount = merchantaccount; ddupdatemandaterequest.confirmationnumber = "123456"; // A valid confirmation number from a previous mandate or echeck; ddupdatemandaterequest.mandatereference = "NL95ZZZ999999991458_TEST7A"; //Perform the Web Services call to process the charge DirectDebitServiceV1 ddservice = new DirectDebitServiceV1(); DDCheckResponseV1 ddtxnresponse = ddservice.updatemandate(ddcheckrequest); // Print out the result String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; API Reference Guide for Web Services 1.0 2-31

Direct Debit Transactions June 2015 } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } ddupdatemandaterequestv1 schema A ddupdatemandaterequestv1 document object has the following structure: ddupdatemandaterequestv1 elements The ddupdatemandaterequestv1 document object may contain the following elements: Table 2-9: ddupdatemandaterequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. 2-32

June 2015 Processing the response Table 2-9: ddupdatemandaterequestv1 Elements (Continued) Element Child Element Required Type Description confirmationnumber Optional String Max = 15 mandatereference Conditional String Max = 10 For SEPA, Max = 35 accountnum Conditional String Max = 17 If IBAN, Max = 32 routingnum Conditional String Min = 6 Max = 9 If BIC, Min = 8 Max = 11 This value identifies the mandate that you want to update. This is the confirmationnumber returned by Optimal Payments in response to the original transaction request. This is the mandate reference that allows the account to be charged. This is the value returned for the mandatereference parameter in the response to a ddmandaterequestv1. You might need to update the mandatereference, e.g., if the billing terms have changed but all other mandate information remains the same. For SEPA transactions, this is the IBAN (International Bank Account Number) of the customer s bank account. You might need to update the accountnum, e.g., if the customer is now going to be billed out of a different account but from the same bank (i.e., where there is no need to change the BIC). For SEPA transactions, this is the BIC (Bank Identifier Code) of the customer s bank account. You would need to update the routingnum, e.g., if the customer has changed banks, in which case the accountnum would also have to be updated. * At least one of these three elements must be included in the request: mandatereference, accountnum, and routingnum. Processing the response A ddcheckresponsev1 has the following structure: API Reference Guide for Web Services 1.0 2-33

Direct Debit Transactions June 2015 The following elements are relevant for a ddcheckresponsev1: Table 2-10: ddcheckresponsev1 Elements Element Child Element Required Type Description requestid Optional This is the unique ID number returned by Optimal Payments for a record if it was processed in a batch file. confirmationnumber Yes String Max = 15 merchantrefnum Optional String Max = 40 This is the confirmation number returned by Optimal Payments. If this is returned in response to a ddupdatemandaterequestv1, this identifies the new mandate that has been created. This is the unique ID number associated with the original request. The value is created by the merchant and submitted as part of the original request. This is returned only in response to a lookup request. 2-34

June 2015 Processing the response Table 2-10: ddcheckresponsev1 Elements (Continued) Element Child Element Required Type Description mandatereference Yes String Max = 20 This is the mandate reference returned by Optimal Payments. It is either the value echoed back from the request, or if it was not specified correctly in the request, then it is generated by Optimal Payments. For SEPA, this is the mandate reference created by the merchant in the request. decision Yes Enumeration This is the status of the transaction. One of the following is returned: Accepted the transaction was processed. Error the transaction was attempted, but failed for some reason. Declined the transaction was declined before it was sent for processing. Not Found the transaction lookup did not find any matches. code Yes Int This is a numeric code that categorizes the response. See Response codes on page B-1. actioncode Optional Enumeration This indicates what action to take. The following values are possible: C = Consumer Parameter Error. The consumer has provided incorrect information. Ask the customer to correct the information. D = Do Not Retry. Further attempts will fail. M = Merchant Parameter Error. Your application has provided incorrect information. Verify your information. R = Retry. The problem is temporary. Retrying the request will likely succeed. description Optional String Max = 100 detail tag Optional String Max = 1024 value Optional String Max = 30 This is a human readable description of the code element. This is the classification of the detail element. This is the description of the detail. txntime Yes datetime This is the date and time the transaction was processed by Optimal Payments. API Reference Guide for Web Services 1.0 2-35

Direct Debit Transactions June 2015 Table 2-10: ddcheckresponsev1 Elements (Continued) Element Child Element Required Type Description status Optional code Conditional Enumeration This is the status of the first transaction that matches a lookup request. Possible values are: AP Active C Complete batch CB Clawed back CL Cleared transaction DE Declined DI Disputed E Error batch EX Expired F Failed GR Good for reversal MI Manual intervention required PCA Pending customer approval PR1 Re-Presented 1 PR2 Re-Presented 2 PX Pending cancel RE Returned REF Rejected final RV Reversed T Transferred UM Unauthorized mandate W Pending X Cancelled effectivedate Conditional datetime This is the date and time at which the status of the lookup request is in effect. When included in the tag/value pair for the detail element for a response to a mandate request, this is the date the mandate will become active with the bank (counting 5 working days from batching time). You may submit a charge request from midnight on this date, or postdate your charge with a txntime that has a value of this date or later. If you submit a charge with a date before the mandate effectivedate, you will receive an error. currency Optional String The value will be one of the currency codes in Table 3-15: Currency Codes on page 3-55. This value is returned only in response to lookup requests. amount Optional String Max = 9999999.99 This is the amount of the first transaction that matches a lookup request. 2-36

June 2015 Processing the response Table 2-10: ddcheckresponsev1 Elements (Continued) Element Child Element Required Type Description transaction Optional This is returned only in response to a lookup request. All transactions that match the lookup request are returned here. confirmationnumber Conditional String Max = 15 merchantrefnum Optional String Max = 255 This is the confirmation number returned by Optimal Payments for a previous transaction. This is the unique ID number associated with the original request. The value is created by the merchant and submitted as part of the original request. This is returned only in response to a lookup request. txntime Conditional datetime This is the date and time the transaction was processed by Optimal Payments. status Conditional This contains code and effectivedate elements for the transaction. See the status element above in this table for details. amount Conditional String Max = 9999999.99 This is the amount of the transaction. To process the response: 1. Get the response details, which are available via get() methods of the response. String responsetxt = ddtxnresponse.code + " - " + ddtxnresponse.decision + " - " + ddtxnresponse.description; responsetxt += "Details:" + Environment.NewLine; if (ddtxnresponse.detail!= null) { for (int i = 0; i < ddtxnresponse.detail.length; i++) { responsetxt += " - " + ddtxnresponse.detail[i].tag + " - " + ddtxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ddTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + ddtxnresponse.decision); } API Reference Guide for Web Services 1.0 2-37

Direct Debit Transactions June 2015 2. Process based on the decision element. You would insert handling code appropriate to your application. You can also look at the code element to provide more fine-grained control for your application. See Response codes on page B-1 for more details. 2-38

CHAPTER 3 Credit/Debit Card Transactions Introduction This chapter describes how to process credit and debit card transactions via the Optimal Payments Web Service. The following operations are supported: Table 3-1: Supported Operations Operation Description Request Type Authorization Purchase Verification Authorization Reversal Credit Settlement Stored Data Authorization Stored Data Purchase Cancel Allows you to authorize an amount on a customer s credit/ debit card. The authorized amount must be settled in a subsequent settlement transaction. Allows you to both authorize and settle an amount on a customer s credit/debit card in a single transaction. Allows you to run an AVS and/or CVD check on a customer s credit card without processing a charge against that card. Allows you to reverse all or part of an existing authorization, provided no settlements (either full or partial) have been processed against that authorization. This transaction type does not function with purchase transactions, but only with authorizations. Allows you to credit back to a customer s credit/debit card an amount that has previously been settled. You can credit all or part of an existing settlement. Allows you to settle an amount that was previously authorized on a customer s credit/debit card. You can settle all or part of an existing authorization. Allows you to authorize an amount on a customer s credit/debit card using customer data that is stored in our database. You provide only a minimum of information, saving you time and effort. Allows you to both authorize and settle an amount on a customer s credit/debit card using customer data that is stored in our database. You provide only a minimum of information, saving you time and effort. Allows you to cancel a Credit, Settlement, Payment, or Independent Credit transaction. You can cancel one of these transactions as long as it is in a Pending state, which typically is before midnight of the day that it is requested. In some cases, you may find older Credit transactions in a Pending state. See Building Purchase/Authorization/Verification requests on page 3-4. See Building Authorization Reversal requests on page 3-18. See Building Settlement/Credit requests on page 3-21. See Building Stored Data Requests on page 3-25. See Building Cancel requests on page 3-29. API Reference Guide for Web Services 1.0 3-1

Credit/Debit Card Transactions June 2015 Table 3-1: Supported Operations Operation Description Request Type Payment Independent Credit Information Lookup Enrollment Lookup Authentication Allows you to credit an amount to a customer s credit card. The Payment transaction is not associated with a previously existing authorization, so the amount of the transaction is not restricted in this way. Allows you to credit an amount to a customer s credit card. The Independent Credit transaction is not associated with a previously existing authorization, so the amount of the transaction is not restricted in this way. Allows you to run a report through the API over a date range you specify to return data on credit card transactions processed through your merchant account. Allows you to determine whether a customer s credit card is enrolled in the 3D Secure program. Allows you to send an Authentication request, in order to validate a cardholder s password for credit cards enrolled in the 3D Secure program. See Building Payment/Independent Credit requests on page 3-32. See Building Transaction Lookup requests on page 3-37. See Building Enrollment Lookup requests on page 3-41. See Building Authentication requests on page 3-44. Availability of credit card operation types is allotted on a merchant-by-merchant basis, since not all merchant banks support all operations. If you have any questions, contact your account manager. The Authorization, Purchase, and Verification operations accept a ccauthrequestv1 document object. The Authorization Reversal operation accepts a ccauthreversalrequestv1 document object. The Settlement and Credit operations accept a ccpostauthrequestv1 document object. The Stored Data operations accept a ccstoreddatarequestv1 document object. The Cancel Settle, Cancel Credit, and Cancel Payment operations accept a cccancelrequestv1 document object. The Payment and Independent Credit operations accept a ccpaymentrequestv1 document object. The Information Lookup operation accepts a cctxnlookuprequestv1 document object. The Enrollment Lookup operation accepts a ccenrollmentlookuprequestv1 document object. The Authentication operation accepts a ccauthenticaterequestv1 document object. All operations return a cctxnresponsev1 response. 3-2

June 2015.NET example.net example To build the.net example: 1. Create a new project. 2. Add a Web Reference. 3. Enter the WSDL URL and click the Add Reference button. API Reference Guide for Web Services 1.0 3-3

Credit/Debit Card Transactions June 2015 The Web client is now built. 4. Build the request and process response: See Building Purchase/Authorization/Verification requests on page 3-4 See Building Authorization Reversal requests on page 3-18 See Building Settlement/Credit requests on page 3-21 See Building Stored Data Requests on page 3-25 See Building Cancel requests on page 3-29 See Building Payment/Independent Credit requests on page 3-32 See Building Enrollment Lookup requests on page 3-41 See Building Authentication requests on page 3-44 See Processing the response on page 3-48 Building Purchase/Authorization/Verification requests Purchase, Authorization, and Verification requests require the ccauthrequestv1 document object. This section describes the structure of a ccauthrequestv1 and how to construct one. See Table 3-2: ccauthrequestv1 Elements on page 3-8 for details on the elements required. 3-4

June 2015 Purchase example C# Purchase example C# All optional elements that take non-nullable data types (e.g., int or enum) must have their specified attribute set to true when setting values for those elements. See the cardtype element in the example below. The following is a Purchase example in C#. To make this an Authorize or Verification request, modify the value ccpurchase in the line CCTxn- ResponseV1 cctxnresponse = ccservice.ccpurchase(ccauthrequest); below to ccauthorize or ccverification, respectively. //Prepare the call to the Credit Card Web Service CCAuthRequestV1 ccauthrequest = new CCAuthRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ccauthrequest.merchantaccount = merchantaccount; ccauthrequest.merchantrefnum = "Ref-12345"; ccauthrequest.amount = "10.00"; CardV1 card = new CardV1(); card.cardnum = "4653111111111111"; CardExpiryV1 cardexpiry = new CardExpiryV1(); cardexpiry.month = 11; cardexpiry.year = 2006; card.cardexpiry = cardexpiry; card.cardtype = CardTypeV1.VI; card.cardtypespecified = true; card.cvdindicator = 1; card.cvdindicatorspecified = true; card.cvd = "111"; ccauthrequest.card = card; BillingDetailsV1 billingdetails = new BillingDetailsV1(); billingdetails.cardpaymethod = CardPayMethodV1.WEB; //WEB = Card Number Provided billingdetails.cardpaymethodspecified = true; billingdetails.firstname = "Jane"; billingdetails.lastname = "Jones"; billingdetails.street = "123 Main Street"; billingdetails.city = "LA"; billingdetails.item = (object) StateV1.CA; // California billingdetails.country = CountryV1.US; // United States billingdetails.countryspecified = true; billingdetails.zip = "90210"; billingdetails.phone = "555-555-5555"; billingdetails.email = "janejones@emailserver.com"; ccauthrequest.billingdetails = billingdetails; ccauthrequest.customerip = "127.0.0.1"; ccauthrequest.producttype = ProductTypeV1.M; //M = Both Digital and Physical(e.g., software downloaded followed by media shipment) ccauthrequest.producttypespecified = true; // Perform the Web Services call for the purchase CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.ccpurchase(ccauthrequest); API Reference Guide for Web Services 1.0 3-5

Credit/Debit Card Transactions June 2015 // Print out the result String responsetxt = cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } 3-6

June 2015 ccauthrequestv1 schema ccauthrequestv1 schema A ccauthrequestv1 has the following structure: API Reference Guide for Web Services 1.0 3-7

Credit/Debit Card Transactions June 2015 ccauthrequestv1 elements The ccauthrequestv1 document object may contain the following elements: Table 3-2: ccauthrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 merchantrefnum Yes String Max = 255 customertokenid amount Yes String Max= 999999999.99 card cardnum Yes String Min = 8 Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. For internal use only. This is amount of the transaction request. NOTE: Though mandatory, this value will be ignored for the ccverification transaction. This is the card number used for the transaction. cardexpiry Yes The cardexpiry child element has two further child elements month and year. Child Element of cardexpiry month Yes Int Max = 2 year Yes Int Length = 4 This is the month the credit card expires. This is the year the credit card expires. 3-8

June 2015 ccauthrequestv1 elements Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description cardtype Optional Enumeration This is the type of card used for the transaction. Possible values are: AM American Express DC Diners Club DI Discover JC JCB MC MasterCard MD Maestro SO Solo VD Visa Debit VE Visa Electron VI Visa issuenum Optional Integer Max = 2 cvdindicator Optional Integer Length = 1 cvd Conditional String Length = 3 or 4 The 1- or 2-digit number located on the front of the card, following the card number. NOTE: The issuenum element can be used only when the cardtype is MD (Maestro), or SO (Solo). This is the status of CVD value information. Possible values are: 0 The customer did not provide a value. 1 The customer provided a value. 2 The value is illegible. 3 The value is not on the card. NOTE: The cvdindicator element is mandatory for the ccverification transaction. Also note that even though this element is optional, it is required for several risk-related checks and we strongly advise you to include it to avoid failed transactions. The 3- or 4-digit security code that appears on the card following the card number. This code does not appear on imprints. NOTE: The cvd element is mandatory when the cvdindicator element value = 1. API Reference Guide for Web Services 1.0 3-9

Credit/Debit Card Transactions June 2015 Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description authentication NOTE: Use this element with ccauthorize or ccpurchase requests only. indicator Optional Integer Value = 1 cavv Optional String Max = 80 xid Optional String Max = 80 This is the Electronic Commerce Indicator code, a 2-digit value that gets returned by the card issuer indicating whether the cardholder was successfully authenticated. Possible values are: Visa / JCB 05 Identifies a successfully authenticated transaction. 06 Identifies an attempted authenticated transaction. 07 Identifies a non-authenticated transaction. MasterCard 01 Identifies a non-authenticated transaction. 02 Identifies a successfully authenticated transaction. This value is returned in the eci child element of the tdsauthenticateresponse element in the cctxnresponsev1 to your ccauthenticaterequestv1 request. This is the Cardholder Authentication Verification Value. This value is returned in the cavv child element of the tdsauthenticateresponse element in the cctxnresponsev1 to your ccauthenticaterequestv1 request. This is the transaction identifier returned by the card issuer. This value is returned in the xid child element of the tdsauthenticateresponse element in the cctxnresponsev1 to your ccauthenticaterequestv1 request. enrollmentstatus Optional Enumeration This indicates whether 3D Secure authentication is available for the cardholder. Possible values are: Y Authentication available N Cardholder not enrolled U Authentication unavailable E Error 3-10

June 2015 ccauthrequestv1 elements Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description authenticationstatus Optional Enumeration This indicates the authentication outcome. Possible values are: Y Cardholder successfully authenticated with their Card Issuer. A Cardholder authentication was attempted. N Cardholder failed to successfully authenticate with their Card Issuer. U Authentication with the Card Issuer was unavailable. E Error authcode Optional String Max = 50 This is the Authorization code assigned by the issuing bank and returned by Optimal Payments for a previous transaction. NOTE: Include this element only when instructed to do so by Optimal Payments. billingdetails cardpaymethod Optional Enumeration This is how the card was presented for the transaction. Possible values are: WEB Card number provided online TEL Card number provided by phone P Card present PD Card present deferred D Deferred NOTE: Include this element only when instructed to do so by Optimal Payments. firstname Optional String Max = 40 lastname Optional String Max = 40 street Optional String Max = 50 street2 Optional String Max = 50 city Optional String Max = 40 This is the customer s first name. This is the customer s last name. This is the first line of the customer s street address. NOTE: the street element is mandatory if you are processing a ccverification transaction. This is the second line of the customer s street address. This is the city in which the customer resides. API Reference Guide for Web Services 1.0 3-11

Credit/Debit Card Transactions June 2015 Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description state/region Optional If state, Enumeration If region, then string Max = 40 This is the state/province/region in which the customer resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the customer resides. See Country codes on page C-3 for correct codes to use. zip Mandatory String Max = 10 phone Optional String Max = 40 email Optional String Max = 100 This is the customer s ZIP code if in the U.S.; otherwise, this is the customer s postal code. This is the customer s telephone number. This is the customer s email address. shippingdetails carrier Optional Enumeration This is the shipment carrier. Possible values are: APC APC Overnight APS AnPost CAD Canada Postal Service DHL FEX Fedex RML Royal Mail UPS United Parcel Service USPS United States Postal Service OTHER shipmethod Optional Enumeration The method of shipment. Possible values are: N Next Day/Overnight T Two-Day Service C Lowest Cost O Other firstname Optional String Max = 40 lastname Optional String Max = 40 street Optional String Max = 50 street2 Optional String Max = 50 city Optional String Max = 40 This is the recipients s first name. This is the recipient s last name. This is the first line of the recipient s street address. This is the second line of the recipient s street address. This is the city in which the recipient resides. 3-12

June 2015 ccauthrequestv1 elements Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description state/region Optional If state, Enumeration If region, then string Max = 40 This is the state/province/region in which the recipient resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the recipient resides. zip Optional String Max = 10 phone Optional String Max = 40 email Optional String Max = 100 This is the recipient s ZIP code if in the U.S.; otherwise, this is the recipient s postal code. This is the recipient s phone number. This is the recipient s email address. recurring Optional recurringindicator Conditional Enumeration Use this parameter to indicate whether a transaction is an initial or a repeat transaction for a specific customer for whom you will be processing recurring transactions. Depending on which processing gateway is used, if the value for a repeat transaction is set to R, the gateway may be more lenient regarding certain requirements such as CVD data and address information, authorizing the request without this data. Possible values are: I Initial Recurring R Subsequent Recurring originalconfirmation Number Conditional String Max = 15 If this is a recurring transaction, this is the confirmation number returned by Optimal Payments for the initial transaction in the series. If you include this value, Optimal Payments will be able to more precisely identify an Authorization to Settle or a Settlement to Credit, should either of those transactions be required in the future. API Reference Guide for Web Services 1.0 3-13

Credit/Debit Card Transactions June 2015 Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description previousconfirmation Number Conditional String Max = 15 If this is a recurring transaction, this is the confirmation number returned by Optimal Payments for the most recent transaction in the series. If you include this value, Optimal Payments will be able to more precisely identify an Authorization to Settle or a Settlement to Credit, should either of those transactions be required in the future. customerip Optional String Max = 50 This is the customer s IP address. producttype Optional Enumeration This is the type of product sold. Possible values are: P Physical Goods D Digital Goods C Digital Content) G Gift Certificate/Digital Cash S Shareware M Both Digital and Physical R Account Replenish targetvirtualaccount No This element is not applicable for credit card transactions. cardriskservice For internal use only. dupecheck Optional Boolean This validates that this request is not a duplicate. A request is considered a duplicate if the cardnum, amount, and merchantrefnum are the same. sdk version Conditional String Max = 20 platform Conditional String Max = 10 provider Conditional String Max = 20 addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is the version of the SDK used, if any. Required if sdk element is provided. This is the integration language of the SDK used (e.g., Java,.NET). Required if sdk element is provided. This is the author of the SDK used. Set to value op when the SDK is provided by Optimal Payments. Required if sdk element is provided. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. 3-14

June 2015 ccauthrequestv1 elements Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description merchantdescriptor NOTE: Not all processing gateways support this parameter. Contact your account manager for more information. dynamicdescriptor Optional String Max = 25 phone Optional String Max = 13 This is a merchant descriptor that will be displayed on a customer s credit card statement. This is the merchant s phone number, which will be appended to the merchant descriptor on a customer s credit card statement. description Optional String Max = 255 This is a description of the transaction, provided by the merchant. cardentrymode Optional Enumeration This is the method used to capture the card information. Possible values are: SWIPED A card reader was used. MANUAL The card number was entered manually. geolocation Optional This is the geographical location of the mobile transaction. latitude Conditional String Max = 24 longitude Conditional String Max = 24 This is the latitude of the mobile transaction (e.g., 44.903889). This is the longitude of the mobile transaction (e.g., -77.255123). wallettransactionid Internal use only. profile dateofbirth Conditional This field allows you to record the cardholder s date of birth, if you have it. It may be used to assist in authenticating the customer s identity with a third-party validation service. Child Element of dateofbirth day Mandatory Integer Min = 1 Max = 31 month Mandatory Integer Min = 1 Max = 12 year Mandatory Integer Min = 1900 Max = 9999 This is the customer s day of birth. This is the customer s month of birth. This is the customer s year of birth. visaadditionalauthdata NOTE: The recipient is deemed to be the person or party who has the contractual relationship with the merchant/ financial institution. This may be different from the cardholder, e.g., in the case of a parent topping up a child s savings account. Therefore, the fields should not be collected on the same page as cardholder information, but instead be passed in the background from the merchant s records. API Reference Guide for Web Services 1.0 3-15

Credit/Debit Card Transactions June 2015 Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description recipientdateofbirth Optional Include this element if your Merchant Category Code is 6012 and your registered trading address is in the United Kingdom. If you have any questions, contact your account manager. All fields are optional, however scheme fines may apply if data is consistently not supplied and chargebacks persist. Child Element of recipientdateofbirth day Conditional Integer Min = 1 Max = 31 month Conditional Integer Min = 1 Max = 12 year Conditional Integer Min = 1900 Max = 9999 This is the recipient s day of birth. This is the recipient s month of birth. This is the recipient s year of birth. recipientzip Optional String Max = 10 recipientlastname Optional String Max = 40 recipientaccountnumber Optional String Max = 25 This is the recipient s postcode. NOTE: The last 3 characters are not sent to the banking network. This is the recipient s last name or surname. NOTE: Only the first 6 characters are sent to the banking network. This is the recipient s account number, e.g., a loan agreement number or customer ID. In the case where the recipient account is a prepaid card, the card number may be sent in full. NOTE: Only the first 6 and last 4 characters are sent to the banking network and will be masked accordingly within the back office and any other reports, to comply with PCI regulations. masterpass Conditional This must be included if you are accepting MasterPass as a payment method. The values for the masterpass child elements are returned to the merchant in a callback from Master- Card, and must be provided here for this request. paypasswalletindicator Mandatory String Max = 3 This wallet indicator value is returned by the wallet platform. 3-16

June 2015 addendumdata tag/value pairs Table 3-2: ccauthrequestv1 Elements (Continued) Element Child Element Required Type Description authenticationmethod Mandatory Enumeration This is the method used to authenticate the cardholder at checkout. MERCHANT_ONLY 3DS cardenrollmentmethod Mandatory Enumeration This is the method by which the card was added to the wallet. MANUAL DIRECT_PROVISIONED 3DS_MANUAL NFC_TAP mastercardassignedid Mandatory String Max = 50 This value is assigned by MasterCard and represents programs associated directly with Maestro cards. addendumdata tag/value pairs Not all processing gateways support all addendumdata tag/value pairs. Contact your account manager for more information The following table contains the tag/value pairs supported for the addendumdata element. Table 3-3: addendumdata Tag/Value Pairs Tag CUST_ACCT_OPEN_DATE CUSTOMER_ID KEYWORD MERCHANT_COUNTRY_CODE MERCHANT_SIC_CODE MERCHANT_ZIP_CODE Value This is the date the merchant account opened. Format = yyyymmdd This is an ID used by the merchant. Maximum of 64 numeric characters. This value can be any text the merchant wants to use, e.g., used for reporting purposes in the Optimal Payments merchant back office. For example, you can use this as a tag to identify the transaction or the product purchased at your site. Maximum of 255 alphanumeric characters. Can be specified more than once, with a different value each time. Valid for CCAuthRequestV1 and CCStoredDataRequestV1 objects. This is a two-character country code. Value is not validated. This is the ISO Standard Industry Code (SIC) for the merchant. This is a 4-character numerical string. Maximum of 10 alphanumeric characters. API Reference Guide for Web Services 1.0 3-17

Credit/Debit Card Transactions June 2015 Table 3-3: addendumdata Tag/Value Pairs (Continued) Tag Value PRODUCT_TYPE PRODUCT_CODE SERVICE_REQUEST_CURRENCY NOTE: This tag/value pair can be included with the ccauthrequestv1 document object only (i.e., for Authorization, Purchase, and Verification card transaction requests). USER_DATA_04 USER_DATA_05 USER_DATA_06 This is the type of product purchased. Possible values are: P Physical goods D Digital goods C Digital content G Gift certificate/digital cash S Shareware M Digital and physical R Account replenish (e.g., subscription renewal) This is the product code of the item purchased. Maximum of 18 alphanumeric characters. Include this tag/value pair in order to have the merchant account s currency returned in the transaction response. Possible values: on off This is a user-defined field. Maximum of 255 alphanumeric characters. This is a user-defined field. Maximum of 255 alphanumeric characters. This is a user-defined field. Maximum of 255 alphanumeric characters. Building Authorization Reversal requests Authorization Reversal requests allow you to reverse all or part of an existing authorization, provided no settlements (either full or partial) have been processed against that authorization. You can use Authorization Reversal transactions to reverse Authorizations only. You cannot reverse Purchase transactions. Authorization Reversal requests require the ccauthreversalrequestv1 document object. This section describes the structure of a ccauthreversalrequestv1 and how to construct one. See Table 3-4: ccauthreversalrequestv1 Elements on page 3-20 for details on the elements required. Authorization Reversal example C# The following is an Authorization Reversal example in C#. //Prepare the call to the Credit Card Web Service CCAuthReversalRequestV1 authreversalrequest = new CCAuthReversalRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; authreversalrequest.merchantaccount = merchantaccount; authreversalrequest.confirmationnumber = "115147689"; authreversalrequest.merchantrefnum = "AR2"; authreversalrequest.reversalamount = "18.00"; 3-18

June 2015 ccauthreversalrequestv1 schema // Perform the Web Services call for the Auth Reversal CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.ccauthorizereversal(authreversalrequest); // Print out the result String responsetxt = cctxnresponse.confirmationnumber + " - " + cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description; responsetxt += Environment.NewLine; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); consoletextbox.text = responsetxt; if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } ccauthreversalrequestv1 schema A ccauthreversalrequestv1 has the following structure: API Reference Guide for Web Services 1.0 3-19

Credit/Debit Card Transactions June 2015 ccauthreversalrequestv1 elements The ccauthreversalrequestv1 document object contains the following elements: Table 3-4: ccauthreversalrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 confirmationnumber Yes String Max = 15 merchantrefnum Yes String Max = 255 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the confirmation number returned by Optimal Payments for the Authorization you want to reverse. This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. 3-20

June 2015 Building Settlement/Credit requests Table 3-4: ccauthreversalrequestv1 Elements (Continued) Element Child Element Required Type Description reversalamount Optional String Max= 999999999.99 addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is amount of the original authorization that you want to reverse. If you omit this element, the full amount of the original authorization will be reversed. NOTE: Not all processing gateways support partial authorization reversals. Contact your account manager for more information. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. geolocation Optional This is the geographical location of the mobile transaction. latitude Conditional String Max = 24 longitude Conditional String Max = 24 This is the latitude of the mobile transaction (e.g., 44.903889). This is the longitude of the mobile transaction (e.g., -77.255123). Building Settlement/Credit requests Settlement and Credit requests require the ccpostauthrequestv1 document object. This section describes the structure of a ccpostauthrequestv1 and how to construct one. See Table 3-5: ccpostauthrequestv1 Elements on page 3-23 for details on the elements required. Settlement example C# The following is a Settlement example in C#. To make this a Credit request, just modify the value ccsettlement in the line CCTxnResponseV1 cctxnresponse = ccservice.ccsettlement(ccpostauthrequest); below to cccredit. //Prepare the call to the Credit Card Web Service CCPostAuthRequestV1 ccpostauthrequest = new CCPostAuthRequestV1(); ccpostauthrequest.confirmationnumber = "123456"; MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid= "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ccpostauthrequest.merchantaccount = merchantaccount; ccpostauthrequest.merchantrefnum = "Ref-12345"; ccpostauthrequest.amount = "10.00"; API Reference Guide for Web Services 1.0 3-21

Credit/Debit Card Transactions June 2015 // Perform the Web Service call for the Settlement CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.ccsettlement(ccpostauthrequest); // Print out the result String responsetxt = cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description ; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } ccpostauthrequestv1 schema A ccpostauthrequestv1 document object has the following structure: 3-22

June 2015 ccpostauthrequestv1 elements ccpostauthrequestv1 elements The ccpostauthrequestv1 document object may contain the following elements: Table 3-5: ccpostauthrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 20 storepwd Yes String Max = 20 confirmationnumber Yes String Max = 15 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the confirmation number returned by Optimal Payments for the original request. API Reference Guide for Web Services 1.0 3-23

Credit/Debit Card Transactions June 2015 Table 3-5: ccpostauthrequestv1 Elements (Continued) Element Child Element Required Type Description merchantrefnum Yes String Max = 40 amount Optional String Max= 999999999.99 origmerchanttxn Conditional String Max = 255 This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. This is amount of the transaction request. You can Settle all or part of an Authorization. You can Credit all or part of a Settlement. This is the merchant transaction ID from a Settlement that was processed via the Direct Payment API and that is now being credited via the Web Services API. dupecheck Optional Boolean This validates that this request is not a duplicate. A request is considered a duplicate if the cardnum, amount, and merchantrefnum are the same. sdk version Conditional String Max = 20 platform Conditional String Max = 10 provider Conditional String Max = 20 addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is the version of the SDK used, if any. Required if sdk element is provided. This is the integration language of the SDK used (e.g., Java,.NET). Required if sdk element is provided. This is the author of the SDK used. Set to value op when the SDK is provided by Optimal Payments. Required if sdk element is provided. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. geolocation Optional This is the geographical location of the mobile transaction. latitude Conditional String Max = 24 longitude Conditional String Max = 24 This is the latitude of the mobile transaction (e.g., 44.903889). This is the longitude of the mobile transaction (e.g., -77.255123). 3-24

June 2015 Building Stored Data Requests Building Stored Data Requests Stored Data Authorization/Purchase requests require the ccstoreddatarequestv1 document object. This section describes the structure of a ccstoreddatarequestv1 and how to construct one. See Table 3-6: ccstoreddatarequestv1 Elements on page 3-27 for details on the elements required. Stored Data requests allow you to perform credit card Authorizations and Purchases by providing a minimum of customer information. The Stored Data request requires a Confirmation Number from a previous Authorization or Purchase. This Confirmation Number allows Optimal Payments to access from its database most of the data required for the transaction. Stored Data Authorization example C# The following is a Stored Data Authorization example in C#. To make this a Stored Data Purchase request, just modify the value ccstoreddataauthorize in the line CCTxnResponseV1 cctxnresponse = ccservice.ccstoreddataauthorize(ccstoreddatarequest); below to ccstoreddatapurchase. //Prepare the call to the Credit Card Web Service MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; CCStoredDataRequestV1 ccstoreddatarequest = new CCStoredDataRequestV1(); ccstoreddatarequest.confirmationnumber = "111374429"; ccstoreddatarequest.amount = "97.97"; ccstoreddatarequest.merchantrefnum = "jim55"; ccstoreddatarequest.merchantaccount = merchantaccount; // Perform the Web Service call for the Stored Data Transaction CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.ccstoreddataauthorize(ccstoreddatarequest); String responsetxt = ""; // Print out the result if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); API Reference Guide for Web Services 1.0 3-25

Credit/Debit Card Transactions June 2015 } 3-26

June 2015 ccstoreddatarequestv1 schema ccstoreddatarequestv1 schema A ccstoreddatarequestv1 document object has the following structure: ccstoreddatarequestv1 elements The ccstoreddatarequestv1 document object may contain the following elements: Table 3-6: ccstoreddatarequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Required String Max = 10 storeid Required String Max = 20 storepwd Required String Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. API Reference Guide for Web Services 1.0 3-27

Credit/Debit Card Transactions June 2015 Table 3-6: ccstoreddatarequestv1 Elements (Continued) Element Child Element Required Type Description merchantrefnum Required String Max = 255 confirmationnumber Required String Max = 15 amount Required String Max= 999999999.99 cardexpiry month Optional Int Max = 2 year Optional Int Length = 4 cvdindicator Optional Integer Length = 1 cvd Conditional String Length = 3 or 4 addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. This is the confirmation number returned by Optimal Payments for the original request. NOTE: The confirmationnumber can be a maximum of 13 months old. This is amount of the transaction request. This is the month the credit card expires. Use this element to include updated card expiry date information, if required, to be included with the rest of the transaction data. This is the year the credit card expires. Use this element to include updated card expiry date information, if required, to be included with the rest of the transaction data. This is the status of CVD value information. Possible values are: 0 The customer did not provide a value. 1 The customer provided a value. 2 The value is illegible. 3 The value is not on the card. The 3- or 4-digit security code that appears on the card following the card number. This code does not appear on imprints. When you provide the CVD for a Stored Data request, the transaction benefits from full CVD protection. However, you must never store the CVD information, but instead have the consumer pass it in with the request. NOTE: The cvd element is mandatory when the cvdindicator element value = 1. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. 3-28

June 2015 Building Cancel requests Building Cancel requests Use the cccancelrequestv1 document object to cancel Settle, Credit, Payment, and Independent Credit transactions. This section describes the structure of a cccancelrequestv1 and how to construct one. See Table 3-7: cccancelrequestv1 Elements on page 3-30 for details on the elements required. Cancel Settle example C# The following is a Cancel Settle example in C#. To make this a request to cancel a Credit, Payment, or an Independent Credit, just modify the value cccancelsettle in the line CCTxnResponseV1 cctxnresponse = ccservice.cccancelsettle(cccancelrequest); below to cccancelcredit, cccancelpayment, or cccancelindependentcredit, respectively. //Prepare the call to the Credit Card Web Service CCCancelRequestV1 cccancelrequest = new CCCancelRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid= "mystoreid"; merchantaccount.storepwd = "mystorepwd"; cccancelrequest.merchantaccount = merchantaccount; cccancelrequest.confirmationnumber = "123456"; // Perform the Web Services call for the cancel settle CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.cccancelsettle(cccancelrequest); // Print out the result String responsetxt = cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description ; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } API Reference Guide for Web Services 1.0 3-29

Credit/Debit Card Transactions June 2015 cccancelrequestv1 schema A cccancelrequestv1 document object has the following structure: cccancelrequestv1 elements The cccancelrequestv1 document object may contain the following elements: Table 3-7: cccancelrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 20 storepwd Yes String Max = 20 confirmationnumber Yes String Max = 15 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the confirmation number returned by Optimal Payments for the original Settlement or Credit request. 3-30

June 2015 cccancelrequestv1 elements Table 3-7: cccancelrequestv1 Elements (Continued) Element Child Element Required Type Description sdk version Conditional String Max = 20 platform Conditional String Max = 10 provider Conditional String Max = 20 addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is the version of the SDK used, if any. Required if sdk element is provided. This is the integration language of the SDK used (e.g., Java,.NET). Required if sdk element is provided. This is the author of the SDK used. Set to value op when the SDK is provided by Optimal Payments. Required if sdk element is provided. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. geolocation Optional This is the geographical location of the mobile transaction. latitude Conditional String Max = 24 longitude Conditional String Max = 24 This is the latitude of the mobile transaction (e.g., 44.903889). This is the longitude of the mobile transaction (e.g., -77.255123). API Reference Guide for Web Services 1.0 3-31

Credit/Debit Card Transactions June 2015 Building Payment/Independent Credit requests Payments and Independent Credits require the ccpaymentrequestv1 document object. This section describes the structure of a ccpaymentrequestv1 and how to construct one. See Table 3-8: ccpaymentrequestv1 Elements on page 3-34 for details on the elements required. Payment example C# All optional elements that take non-nullable data types (e.g., int or enum) must have their specified attribute set to true when setting values for those elements. See the cardtype element in the example below. The following is a Payment example in C#. To make this an Independent Credit request, just modify the value ccpayment in the line CCTxnResponseV1 cctxnresponse = ccservice.ccpayment(ccpaymentrequest); below to ccindependentcredit. //Prepare the call to the Credit Card Web Service CCPaymentRequestV1 ccpaymentrequest = new CCPaymentRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; ccpaymentrequest.merchantaccount = merchantaccount; ccpaymentrequest.merchantrefnum = "Ref-12345"; ccpaymentrequest.amount = "10.00"; CardV1 card = new CardV1(); card.cardnum = "4653111111111111"; CardExpiryV1 cardexpiry = new CardExpiryV1(); cardexpiry.month = 11; cardexpiry.year = 2006; card.cardexpiry = cardexpiry; card.cardtype = CardTypeV1.VI; card.cardtypespecified = true; card.cvdindicator = 1; card.cvdindicatorspecified = true; card.cvd = "111"; ccpaymentrequest.card = card; BillingDetailsV1 billingdetails = new BillingDetailsV1(); billingdetails.cardpaymethod = CardPayMethodV1.WEB; //WEB = Card Number Provided billingdetails.cardpaymethodspecified = true; billingdetails.firstname = "Jane"; billingdetails.lastname = "Jones"; billingdetails.street = "123 Main Street"; billingdetails.city = "LA"; billingdetails.item = (object)statev1.ca; // California billingdetails.country = CountryV1.US; // United States billingdetails.countryspecified = true; billingdetails.zip = "90210"; billingdetails.phone = "555-555-5555"; billingdetails.email = "janejones@emailserver.com"; ccpaymentrequest.billingdetails = billingdetails; // Perform the Web Services call for the payment request 3-32

June 2015 Payment example C# CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.ccpayment(ccpaymentrequest); // Print out the result String responsetxt cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description ; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } } catch (WebException we) { consoletextbox.text += we.message.tostring(); consoletextbox.refresh(); } API Reference Guide for Web Services 1.0 3-33

Credit/Debit Card Transactions June 2015 ccpaymentrequestv1 schema A ccpaymentrequestv1 has the following structure: ccpaymentrequestv1 elements The ccpaymentrequestv1 document object may contain the following elements: Table 3-8: ccpaymentrequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 merchantrefnum Yes String Max = 40 customertokenid This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. For internal use only. 3-34

June 2015 ccpaymentrequestv1 elements Table 3-8: ccpaymentrequestv1 Elements (Continued) Element Child Element Required Type Description amount Yes String This is amount of the transaction request. The amount maximum is configured on a merchant-by-merchant basis. It applies to each transaction and to the daily maximum per credit card. Contact your account manager for details. card cardnum Yes String Min = 8 Max = 20 This is the card number used for the transaction. cardexpiry Yes The cardexpiry child element has two further child elements month and year. Child Element of cardexpiry month Yes Int Max = 2 year Yes Int Length = 4 This is the month the credit card expires. This is the year the credit card expires. cardtype Optional Enumeration This is the type of card used for the transaction. Possible values are: AM American Express DC Diners Club DI Discover JC JCB MC MasterCard MD Maestro SO Solo VD Visa Debit VE Visa Electron VI Visa issuenum Optional Integer Max = 2 cvdindicator Optional Integer Length = 1 The 1- or 2-digit number located on the front of the card, following the card number. NOTE: The issuenum element can be used only when the cardtype is MD (Maestro), or SO (Solo). This is the status of CVD value information. Possible values are: 0 The customer did not provide a value. 1 The customer provided a value. 2 The value is illegible. 3 The value is not on the card. NOTE: Even though this element is optional, it is required for several risk-related checks and we strongly advise you to include it to avoid failed transactions. API Reference Guide for Web Services 1.0 3-35

Credit/Debit Card Transactions June 2015 Table 3-8: ccpaymentrequestv1 Elements (Continued) Element Child Element Required Type Description cvd Conditional String Length = 3 or 4 The 3- or 4-digit security code that appears on the card following the card number. This code does not appear on imprints. NOTE: The cvd element is mandatory when the cvdindicator element value = 1. billingdetails cardpaymethod For internal use only. firstname Optional String Max = 40 lastname Optional String Max = 40 street Optional String Max = 50 street2 Optional String Max = 50 city Optional String Max = 40 state/region Optional If state, Enumeration If region, then string Max = 40 This is the customer s first name. This is the customer s last name. This is the first line of the customer s street address. This is the second line of the customer s street address. This is the city in which the customer resides. This is the state/province/region in which the customer resides. Provide state if within U.S./Canada. Provide region if outside of U.S./Canada. See Appendix C: Geographical Codes for correct codes to use. country Optional Enumeration This is the country in which the customer resides. See Country codes on page C-3 for correct codes to use. zip Mandatory String Max = 10 phone Optional String Max = 40 email Optional String Max = 100 sdk version Conditional String Max = 20 platform Conditional String Max = 10 provider Conditional String Max = 20 This is the customer s ZIP code if in the U.S.; otherwise, this is the customer s postal code. This is the customer s telephone number. This is the customer s email address. This is the version of the SDK used, if any. Required if sdk element is provided. This is the integration language of the SDK used (e.g., Java,.NET). Required if sdk element is provided. This is the author of the SDK used. Set to value op when the SDK is provided by Optimal Payments. Required if sdk element is provided. 3-36

June 2015 Building Transaction Lookup requests Table 3-8: ccpaymentrequestv1 Elements (Continued) Element Child Element Required Type Description authcode Optional String Max = 50 This is the Authorization code assigned by the issuing bank and returned by Optimal Payments for a previous transaction. NOTE: Include this element only when instructed to do so by Optimal Payments. previousconfirmation- Number Optional String Max = 20 This is the confirmation number of a previously processed authorization. NOTE: Include this element only when instructed to do so by Optimal Payments. addendumdata tag Optional String Max = 30 value Optional String Max = 1024 This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. This is additional data that can be included with the transaction request. See addendumdata tag/value pairs on page 3-17 for details. Building Transaction Lookup requests The credit card Transaction Lookup request allows you to run a report, over a date range you specify, to return data for credit card transactions processed through your merchant account. For example, you might want to determine the result of a transaction that timed out, with no response returned, or the result of a batched transaction that gets declined at a later date. You can look up the following transaction types: Authorization Purchase Settlement Credit Payment/Independent Credit Transaction Lookup example C# The following is a cctxnlookuprequest example in C#. // Prepare the call to the Credit Card Web Service CCTxnLookupRequestV1 cctxnlookuprequest = new CCTxnLookupRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; cctxnlookuprequest.merchantaccount = merchantaccount; cctxnlookuprequest.merchantrefnum = "123456789"; DateV1 startdate = new DateV1(); startdate.year = "2012"; API Reference Guide for Web Services 1.0 3-37

Credit/Debit Card Transactions June 2015 startdate.month = "08"; startdate.day = "15"; startdate.hour = "11"; startdate.minute = "00"; startdate.second = "00"; cctxnlookuprequest.startdate = startdate; DateV1 enddate = new DateV1(); enddate.year = "2012"; enddate.month = "08"; enddate.day = "15"; enddate.hour = "14"; enddate.minute = "00"; enddate.second = "00"; cctxnlookuprequest.enddate = enddate; //Perform the Web Services call to process the request CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.cctxnlookup(cctxnlookuprequest); // Print out the result String responsetxt = cctxnresponse.code + " - " + cctxnresponse.decision; responsetxt += "Transactions:" + Environment.NewLine; if (cctxnresponse.transaction!= null) { for (int i = 0; i < cctxnresponse.txnlookupresult.length; i++) { responsetxt += " - confirmationnumber: " + cctxnresponse.txnlookupresult[i].confirmationnumber + Environment.NewLine; responsetxt += " - decison: " + cctxnresponse.txnlookupresult[i].decision + Environment.NewLine; responsetxt += " - code: " + cctxnresponse.txnlookupresult[i].code + Environment.NewLine; responsetxt += " - transaction type: " + cctxnresponse.txnlookupresult[i].trantype + Environment.NewLine; responsetxt += " - transaction time: " + cctxnresponse.txnlookupresult[i].txntime + Environment.NewLine; responsetxt += " - merchantrefnum: " + cctxnresponse.txnlookupresult[i].merchantrefnum + Environment.NewLine; responsetxt += " - card ending: " + cctxnresponse.txnlookupresult[i].cardending + Environment.NewLine; responsetxt += " - card ending: " + cctxnresponse.txnlookupresult[i].cardending + Environment.NewLine; CardExpiryV1 expiry = cctxnresponse.txnlookupresult[i].cardexpiry; responsetxt += " - card expiry: " + expiry.month + "/" + expiry.year + Environment.NewLine; } responsetxt += Environment.NewLine + Environment.NewLine; System.Console.WriteLine(responseTxt); } 3-38

June 2015 cctxnlookuprequestv1 schema cctxnlookuprequestv1 schema A cctxnlookuprequestv1 has the following structure: cctxnlookuprequestv1 elements The cctxnlookuprequestv1 document object may contain the following elements: Table 3-9: cctxnlookuprequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 20 storepwd Yes String Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. API Reference Guide for Web Services 1.0 3-39

Credit/Debit Card Transactions June 2015 Table 3-9: cctxnlookuprequestv1 Elements (Continued) Element Child Element Required Type Description confirmationnumber Optional String Max = 15 merchantrefnum Optional String Max = 255 startdate year Conditional Int Max = 9999 month Conditional Int Min = 1 Max = 12 day Conditional Int Min = 1 Max = 31 hour Conditional Int Min = 0 Max = 23 minute Conditional Int Min = 0 Max = 59 second Conditional Int Min = 0 Max = 59 enddate year Conditional Int Max = 9999 month Conditional Int Min = 1 Max = 12 day Conditional Int Min = 1 Max = 31 This is the confirmation number returned by Optimal Payments in response to the original request. Include this element only if you want to search using this field. This field takes precedence over the merchantrefnum field. NOTE: If you include this element, you do not have to specify the startdate or enddate elements. This is a unique ID number associated with the original request. The value is created by the merchant and submitted as part of the request. NOTE: If you include this element, you must specify the startdate and enddate elements. This is the year set for the search start. This is the month set for the search start. This is the day set for the search start. This is the hour set for the search start. This is the minute set for the search start. This is the second set for the search start. This is the year set for the search end. This is the month set for the search end. This is the day set for the search end. 3-40

June 2015 Building Enrollment Lookup requests Table 3-9: cctxnlookuprequestv1 Elements (Continued) Element Child Element Required Type Description hour Conditional Int Min = 0 Max = 23 minute Conditional Int Min = 0 Max = 59 second Conditional Int Min = 0 Max = 59 This is the hour set for the search end. This is the minute set for the search end. This is the second set for the search end. Building Enrollment Lookup requests Use the Enrollment Lookup request to determine whether a cardholder s credit card is enrolled in the 3D Secure program. Enrollment Lookup requests require the ccenrollmentlookuprequestv1 document object. This section describes the structure of a ccenrollmentlookuprequestv1 and how to construct one. See Table 3-10: ccenrollmentlookuprequestv1 Elements on page 3-43 for details on the elements required. Enrollment Lookup example C# The following is an Enrollment Lookup example in C#. All optional elements that take non-nullable data types (e.g., int or enum) must have their specified attribute set to true when setting values for those elements. See the cardtype element in the example below. //Prepare the call to the Credit Card Web Service CCEnrollmentLookupRequestV1 enrollmentlookuprequest = new CCEnrollmentLookupRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; enrollmentlookuprequest.merchantaccount = merchantaccount; enrollmentlookuprequest.merchantrefnum = "Ref-12345"; enrollmentlookuprequest.amount = "97.97"; CardV1 card = new CardV1(); card.cardnum = "4653111111111111"; CardExpiryV1 cardexpiry = new CardExpiryV1(); cardexpiry.month = 11; cardexpiry.year = 2013; card.cardexpiry = cardexpiry; card.cardtype = CardTypeV1.VI; card.cardtypespecified = true; enrollmentlookuprequest.card = card; API Reference Guide for Web Services 1.0 3-41

Credit/Debit Card Transactions June 2015 // Perform the Web Services call for the TDS Enrollment Lookup CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.cctdslookup(enrollmentlookuprequest); // Print out the result String responsetxt = cctxnresponse.confirmationnumber + " - " + cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description; responsetxt += Environment.NewLine; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt += "TDSResponse:" + Environment.NewLine; if (cctxnresponse.tdsresponse!= null) { responsetxt += " - " + cctxnresponse.tdsresponse.acsurl + Environment.NewLine; responsetxt += " - " + cctxnresponse.tdsresponse.paymentrequest + Environment.NewLine; responsetxt += " - " + cctxnresponse.tdsresponse.enrollmentstatus + Environment.NewLine; responsetxt += " - " + cctxnresponse.tdsresponse.eci + Environment.NewLine; } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); consoletextbox.text = responsetxt; if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } 3-42

June 2015 ccenrollmentlookuprequestv1 schema ccenrollmentlookuprequestv1 schema A ccenrollmentlookuprequestv1 has the following structure: ccenrollmentlookuprequestv1 elements The ccenrollmentlookuprequestv1 document object may contain the following elements: Table 3-10: ccenrollmentlookuprequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 20 storepwd Yes String Max = 20 merchantrefnum Yes String Max = 255 amount Yes String Max= 999999999.99 card cardnum Yes String Min = 8 Max = 20 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. This is amount of the transaction request. NOTE: Though the amount element is mandatory for the Enrollment Lookup transaction, no amount is actually processed against the credit card. This is the card number used for the transaction. API Reference Guide for Web Services 1.0 3-43

Credit/Debit Card Transactions June 2015 Table 3-10: ccenrollmentlookuprequestv1 Elements (Continued) Element Child Element Required Type Description cardexpiry Yes The cardexpiry child element has two further child elements month and year. Child Element of cardexpiry month Yes Int Max = 2 year Yes Int Length = 4 This is the month the credit card expires. This is the year the credit card expires. cardtype Optional Enumeration This is the type of card used for the transaction. Possible values are: JC JCB MC MasterCard VI Visa issuenum Optional Integer Max = 2 cvdindicator Optional Integer Length = 1 cvd Conditional String Length = 3 or 4 The 1- or 2-digit number located on the front of the card, following the card number. NOTE: The issuenum element is not used for this request type. This is the status of CVD value information. Possible values are: 0 The customer did not provide a value. 1 The customer provided a value. 2 The value is illegible. 3 The value is not on the card. NOTE: the cvdindicator element is not used for this request type. The 3- or 4-digit security code that appears on the card following the card number. This code does not appear on imprints. NOTE: The cvd element is not used for this request type. Building Authentication requests Use the Authentication request to allow a cardholder to authenticate their card at the issuer and to retrieve the values required for the authentication element of a ccauthrequestv1 transaction. Authentication requests require the ccauthenticaterequestv1 document object. This section describes the structure of a ccauthenticaterequestv1 and how to construct one. See Table 3-11: ccauthenticaterequestv1 Elements on page 3-46 for details on the elements required. Authentication example C# The following is an Authentication example in C#. //Prepare the call to the Credit Card Web Service CCAuthenticateRequestV1 authenticaterequest = new CCAuthenticateRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); 3-44

June 2015 ccauthenticaterequestv1 schema merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; authenticaterequest.merchantaccount = merchantaccount; authenticaterequest.confirmationnumber = "myconfirmationnumber"; authenticaterequest.paymentresponse = "mypaymentresponse"; // Perform the Web Services call for the authentication CreditCardServiceV1 ccservice = new CreditCardServiceV1(); CCTxnResponseV1 cctxnresponse = ccservice.cctdsauthenticate(authenticaterequest); // Print out the result String responsetxt = cctxnresponse.confirmationnumber + " - " + cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description; responsetxt += Environment.NewLine; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); consoletextbox.text = responsetxt; if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } ccauthenticaterequestv1 schema A ccauthenticaterequestv1 has the following structure: API Reference Guide for Web Services 1.0 3-45

Credit/Debit Card Transactions June 2015 ccauthenticaterequestv1 elements The ccauthenticaterequestv1 document object may contain the following elements: Table 3-11: ccauthenticaterequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 20 storepwd Yes String Max = 20 confirmationnumber Yes String Max = 15 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the confirmation number in the cctxnresponsev1 returned by Optimal Payments in response to the ccenrollmentlookuprequestv1. paymentresponse Yes String This is the Payment Authentication Response that is returned from the issuing bank via your customer s Web browser once your customer has provided their authentication information. It is an encoded response generated by the Issuer ACS software. Its digital signature will be verified through Optimal Payments to ensure it was generated by a legitimate Issuer. 3-46

June 2015 ccauthenticaterequestv1 elements Table 3-11: ccauthenticaterequestv1 Elements (Continued) Element Child Element Required Type Description merchantrefnum Optional String Max = 255 This is a unique ID number associated with each request. The value is created by the merchant and submitted as part of the request. API Reference Guide for Web Services 1.0 3-47

Credit/Debit Card Transactions June 2015 Processing the response A cctxnresponsev1 has the following structure: 3-48

June 2015 Processing the response The following elements are relevant for a cctxnresponsev1: Table 3-12: cctxnresponsev1 Elements Element Child Element Required Type Description confirmationnumber Yes String Max = 15 merchantrefnum Optional String Max = 255 childaccountnum Optional String Max = 10 This is the confirmation number returned by Optimal Payments. This is a unique ID number that was created by the merchant and submitted as part of the request. This is the child merchant account number, and provided only if the transaction was processed via a master account. decision Yes Enumeration This is the status of the transaction. One of the following is returned: Accepted the transaction was processed. Error the transaction was attempted, but failed for some reason. Declined the transaction was declined before it was sent for processing. Held the transaction has been placed on hold due to risk considerations. code Yes Int This is a numeric code that categorizes the response. See Response codes on page B-1. actioncode Optional Enumeration This indicates what action the caller should take. Possible values are: C Consumer Parameter Error. The consumer has provided incorrect information. Ask the customer to correct the information. D Do Not Retry. Further attempts will fail. M Merchant Parameter Error. Your application has provided incorrect information. Verify your information. R Retry. The problem is temporary. Retrying the request will likely succeed. description Yes String Max = 1024 authcode Optional String Max = 20 This is a human readable description of the code element. This is the Authorization code assigned by the issuing bank and returned by Optimal Payments. API Reference Guide for Web Services 1.0 3-49

Credit/Debit Card Transactions June 2015 Table 3-12: cctxnresponsev1 Elements (Continued) Element Child Element Required Type Description avsresponse Optional Enumeration This is the AVS response from the card issuer. Possible values are: X Exact. Nine-digit zip code and address match. Y Yes. Five-digit zip code and address match. A Address matches, but zip code does not. W Nine-digit zip code matches, but address does not. Z Five-digit zip code matches, but address does not. N No part of the address matches. U Address information is unavailable. R Retry. System unable to process. S AVS not supported. E AVS not supported for this industry. B AVS not performed. Q Unknown response from issuer/banknet switch. cvdresponse Optional Enumeration This is the response to the cvdvalue submitted with the transaction request. Possible values are: M (Match) The CVD value provided matches the CVD value associated with the card. N (No Match) The CVD value provided does not match the CVD value associated with the card. P (Not Processed) The CVD value was not processed. Q (Unknown Response) No results were received concerning the CVD value. S (Not Present) CVD should be on the card. However, the cardholder indicated it was not present. U Issuer is not certified and/or has not provided Visa encryption keys. detail tag Optional String Max = 30 value Optional String Max = 1024 This is the tag/value pair returned as part of the detail element. See detail tag/value pairs on page 3-55 for details. txntime Yes datetime This is the date and time the transaction was processed by Optimal Payments. duplicatefound Yes Boolean This indicates if this transaction is a duplicate transaction, if a duplicate check was requested. 3-50

June 2015 Processing the response Table 3-12: cctxnresponsev1 Elements (Continued) Element Child Element Required Type Description duplicatetransactionresponse Optional CCTxnResponseV1 If a duplicate record was found, this element contains the details of that record. tdsresponse This element and its child elements are returned only in response to the ccenrollmentlookuprequestv1 transaction request. acsurl Optional String Max = 255 This is a fully qualified URL to redirect the consumer to complete the Payment Authentication Request transaction. paymentrequest Optional String This is an encoded Payment Authentication Request generated by the merchant authentication processing system (MAPS). enrollmentstatus Yes Enumeration This indicates whether or not the cardholder is enrolled in 3-D Secure. Possible values are: Y Authentication available N Cardholder not enrolled U Authentication unavailable E Error eci Optional Enumeration Visa / JCB 05 Identifies a successfully authenticated transaction. 06 Identifies an attempted authenticated transaction. 07 Identifies a non-authenticated transaction. MasterCard 01 Identifies a non-authenticated transaction. 02 Identifies a successfully authenticated transaction. If the cardholder is not enrolled in 3D Secure, you can use this E-Commerce Indicator value for the indicator child element of the authentication element in your ccauthrequestv1 Authorization/Purchase request. However, if the cardholder is enrolled in 3D Secure, use the eci value in the tdsauthenticateresponse element below. API Reference Guide for Web Services 1.0 3-51

Credit/Debit Card Transactions June 2015 Table 3-12: cctxnresponsev1 Elements (Continued) Element Child Element Required Type Description tdsauthenticateresponse This element and its child elements are returned only in response to the ccauthenticaterequestv1 transaction request. status Yes Enumeration This indicates the outcome of the authentication request. Possible values are: Y Cardholder successfully authenticated with their Card Issuer. A Cardholder authentication was attempted. N Cardholder failed to successfully authenticate with their Card Issuer. U Authentication with the Card Issuer was unavailable. E Error cavv Optional String Max = 80 This is the Cardholder Authentication Verification Value returned by the card issuer. Use this value for the indicator child element of the authentication element in a ccauthrequestv1. signature Verification Yes Enumeration This indicates whether the paymentresponse element that was submitted with the Authentication request passed integrity checks. Possible values are: Y All transaction and signature checks satisfied N At least one transaction or signature check failed. xid Optional String Max = 80 This is the transaction identifier returned in response to a ccauthenticaterequestv1 Authentication request. eci Optional Enumeration Use this E-Commerce Indicator value for the indicator child element of the authentication element in your ccauth- RequestV1 Authorization/Purchase request. Visa / JCB 05 Identifies a successfully authenticated transaction. 06 Identifies an attempted authenticated transaction. 07 Identifies a non-authenticated transaction. MasterCard 01 Identifies a non-authenticated transaction. 02 Identifies a successfully authenticated transaction. lbcascading Optional This element provides information on transactions that were retried due to load balancing. 3-52

June 2015 Processing the response Table 3-12: cctxnresponsev1 Elements (Continued) Element Child Element Required Type Description retrycount Conditional Int This is the number of times Optimal Payments retried the transaction. originalcode Conditional Int The original response code returned by the system that caused Optimal Payments to retry the transaction. addendumresponse Optional This element allows Optimal Payments to return certain gateway-specific response values to the merchant. service Conditional String Max = 50 This is the service provider who provides the values for the tag/value pair. detail Conditional There may be multiple detail elements, if required. Child Element of detail tag Conditional String Max = 30 value Conditional String Max = 30 amount Optional String Max= 999999999.99 This is the tag/value pair returned as part of the addendumresponse. See addendumresponse tag/value pairs on page 3-55 for details. This is amount of the transaction request. trantype NOTE: The trantype element is returned only in response to a cctxnlookuprequestv1. Optional Enumeration This is the type of transaction that was looked up. Possible values are: A Authorization S Settlement P Purchase CR Credit PY Payment N Independent Credit cardending NOTE: The cardending element is returned only in response to a cctxnlookuprequestv1. Optional String Max = 4 This is the last four digits of the card associated with this transaction. cardexpiry NOTE: The cardexpiry element is returned only in response to a cctxnlookuprequestv1. Optional month Conditional Int Max = 2 year Conditional Int Length = 4 This is the month the credit card expires. This is the year the credit card expires. API Reference Guide for Web Services 1.0 3-53

Credit/Debit Card Transactions June 2015 Table 3-12: cctxnresponsev1 Elements (Continued) Element Child Element Required Type Description txnlookupresult NOTE: The txnlookupresult element is returned only in response to a cctxnlookuprequestv1. Conditional This contains all the elements contained in the standard cctxnresponsev1 that would have been returned for the initial request, in addition to the elements in this table that are identified as being returned only in response to a cctxnlookuprequestv1 (e.g., trantype). profile id Optional String Max = 50 This is an internal ID returned in the response to the profile request, used to identify a customer. card Conditional Child Element of card id Conditional String Max = 50 This is the card ID returned by Optimal Payments to identify the profile card. lastfourdigits Conditional Integer This is the last 4 digits of the card number associated with the profile. paymenttoken Conditional String Max = 50 This is a token generated by Optimal Payments that represents the card. To process the response: 1. Get the response details, which are available via get() methods of the response. String responsetxt = cctxnresponse.code + " - " + cctxnresponse.decision + " - " + cctxnresponse.description ; responsetxt += "Details:" + Environment.NewLine; if (cctxnresponse.detail!= null) { for (int i = 0; i < cctxnresponse.detail.length; i++) { responsetxt += " - " + cctxnresponse.detail[i].tag + " - " + cctxnresponse.detail[i].value + Environment.NewLine; } } responsetxt = responsetxt.replace("\n", Environment.NewLine); System.Console.WriteLine(responseTxt); if (DecisionV1.ACCEPTED.Equals(ccTxnResponse.decision)) { System.Console.WriteLine("Transaction Successful."); } else { System.Console.WriteLine("Transaction Failed with decision: " + cctxnresponse.decision); } 2. Process based on the decision element. You would insert handling code appropriate to your application. You can also look at the code element to provide more fine-grained control for your application. See Response codes on page B-1 for more details. 3-54

June 2015 detail tag/value pairs detail tag/value pairs Not all processing gateways support all detail tag/value pairs. Contact your account manager for more information. The following table contains the tag/value pairs supported for the data element. Table 3-13: detail Tag/Value Pairs Tag Value CurrencyCode BalanceResponse This value is returned if the addendumdata tag element of the original transaction was set to SERVICE_REQUEST_CURRENCY. The value will be one of the currency codes in Table 3-15: Currency Codes on page 3-55. This value is the balance remaining on a gift card, if a gift card was used for the original transaction. Note that decimal is implied for currency, so, for example, 16500 in dollars = $165.00. addendumresponse tag/value pairs Not all processing gateways support all addendumresponse tag/value pairs. Contact your account manager for more information. The following table contains the tag/value pairs supported for the addendumresponse element. Table 3-14: addendumresponse Tag/Value Pairs Tag Service Value BATCH_NUMBER DJN This is your batch number. EFFECTIVE_DATE DJN This is the date of the bank deposit associated with the transaction. Format = YYMMDD SEQ_NUMBER DJN This is your sequence number. TERMINAL_ID DJN This is your terminal ID. Currency codes Table 3-15: Currency Codes Code Currency ARS AUD BGN BRL CAD Argentine Peso Australian Dollar Bulgarian Lev Brazilian Real Canadian Dollar API Reference Guide for Web Services 1.0 3-55

Credit/Debit Card Transactions June 2015 Table 3-15: Currency Codes (Continued) Code Currency CHF CZK DKK EUR GBP HKD HUF ILS ISK JPY MXN NOK NZD PLN RON SEK SGD THB TWD USD ZAR Swiss Franc Czech Koruna Danish Krone Euro Pound Sterling Hong Kong Dollar Forint New Israeli Sheqel Iceland Krona Yen Mexican Peso Norwegian Krone New Zealand Dollar Zloty New Leu Swedish Krona Singapore Dollar Baht New Taiwan Dollar US Dollar Rand 3-56

CHAPTER 4 Information Lookup Service Transactions Introduction The Information Lookup Service (ILS) operation allows you to run a report through the API over a date range you specify to return data on Authorizations, Settlements, Credits, and Chargebacks processed through a merchant account. You can use the type element to combine one or more transaction types in a single request. See Table 4-1: ilslookuprequestv1 Elements on page 4-5 for more information on the type element. This chapter describes how to process the ILS operation via the Optimal Payments Web Service. The ILS operation accepts an ilslookuprequestv1 document object. The ILS operation returns an ilslookupresponsev1 response. The maximum range for most ILS requests is 24 hours. Optimal Payments ILS WSDLs and links WSDL: https://webservices.optimalpayments.com/ilsws/ilsservice/v1?wsdl Web Service: https://webservices.optimalpayments.com/ilsws/ilsservice/v1 HTTP Post: https://webservices.optimalpayments.com/ilsws/ilsservlet/v1 API Reference Guide for Web Services 1.0 4-1

Information Lookup Service Transactions June 2015.NET example To build the.net example: 1. Create a new project. 2. Add a Web Reference. 3. Enter the WSDL URL and click the Add Reference button. 4-2

June 2015 Building ILS requests The Web client is now built. 4. Build the request and process response. See Building ILS requests on page 4-3. Building ILS requests ILS requests require the ilslookuprequestv1 document object. This section describes the structure of an ilslookuprequestv1 and how to construct one. See Table 4-1: ilslookuprequestv1 Elements on page 4-5 for details on the elements required. ILS C# The following is an ILS example in C#: //Prepare the call to the Credit Card Web Service ILSLookupRequestV1 ilslookuprequest = new ILSLookupRequestV1(); MerchantAccountV1 merchantaccount = new MerchantAccountV1(); merchantaccount.accountnum = "12345678"; merchantaccount.storeid = "mystoreid"; merchantaccount.storepwd = "mystorepwd"; DateV1 startdate = new DateV1(); API Reference Guide for Web Services 1.0 4-3

Information Lookup Service Transactions June 2015 startdate.year = 2008; startdate.month = 11; startdate.day = 3; startdate.hour = 0; startdate.minute = 0; startdate.second = 0; DateV1 enddate = new DateV1(); enddate.year = 2008; enddate.month = 11; enddate.day = 3; enddate.hour = 14; enddate.minute = 40; enddate.second = 59; RequestTypeV1[] txntypes = new RequestTypeV1[1]; txntypes[0] = RequestTypeV1.settlements; IlsLookupRequestV1 req = new IlsLookupRequestV1(); req.merchantaccount = merchantaccount; req.startdate = startdate; req.enddate = enddate; req.type = txntypes; System.Console.WriteLine("Sending request..."); IlsServiceV1 ilsservice = new IlsServiceV1(); IlsLookupResponseV1 response = null; response = ilsservice.ilslookup( req ); System.Console.WriteLine("Response received: "); String responsetxt = ""; if( response!= null ) { responsetxt += "Decision: " + response.decision + Environment.NewLine; responsetxt += "Description: " + response.description + Environment.NewLine; if( response.decision == DecisionV1.ACCEPTED ) { responsetxt += "Authorizations: " + response.transactions.authorizations + Environment.NewLine; responsetxt += "Settlements: " + response.transactions.settlements + Environment.NewLine; responsetxt += "Chargebacks: " + response.transactions.chargebacks + Environment.NewLine; responsetxt += "Credits: " + response.transactions.credits + Environment.NewLine; } } System.Console.WriteLine( responsetxt ); ilslookuprequestv1 schema An ilslookuprequestv1 has the following structure: 4-4

June 2015 ilslookuprequestv1 elements ilslookuprequestv1 elements The ilslookuprequestv1 document object contains the following elements: Table 4-1: ilslookuprequestv1 Elements Element Child Element Required Type Description merchantaccount accountnum Yes String Max = 10 storeid Yes String Max = 80 storepwd Yes String Max = 20 startdate year Yes Int Max = 9999 month Yes Int Min = 1 Max = 12 This is the merchant account number. This is the Optimal Payments store identifier, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the Optimal Payments store password, used to authenticate the request. It is defined by Optimal Payments and provided to the merchant as part of the integration process. This is the year set for the search start. This is the month set for the search start. API Reference Guide for Web Services 1.0 4-5

Information Lookup Service Transactions June 2015 Table 4-1: ilslookuprequestv1 Elements (Continued) Element Child Element Required Type Description day Yes Int Min = 1 Max = 31 hour Yes Int Min = 0 Max = 23 minute Yes Int Min = 0 Max = 59 second Yes Int Min = 0 Max = 59 enddate year Yes Int Max = 9999 month Yes Int Min = 1 Max = 12 day Yes Int Min = 1 Max = 31 hour Yes Int Min = 0 Max = 23 minute Yes Int Min = 0 Max = 59 second Yes Int Min = 0 Max = 59 This is the day set for the search start. This is the hour set for the search start. This is the minute set for the search start. This is the second set for the search start. This is the year set for the search end. This is the month set for the search end. This is the day set for the search end. This is the hour set for the search end. This is the minute set for the search end. This is the second set for the search end. 4-6

June 2015 ilslookuprequestv1 elements Table 4-1: ilslookuprequestv1 Elements (Continued) Element Child Element Required Type Description type Yes Enumeration This is the type of transaction for which you are looking for data. Possible values are: authorizations settlements credits chargebacks dd-charge dd-credit dd-charge-bacs (returns mandatereference element) dd-credit-bacs (returns mandatereference element) dd-mandate-bacs (returns mandatereference and effectivedate elements) ccoptions Optional Enumeration For internal use only. ddoptions Optional datetype Optional Enumeration This specifies the nature of the transaction status that will searched for. initiation The search will be conducted on all checks that were presented during the time period specified. If the datetype is not specified, this is the default setting. status_change The search will be conducted on all checks whose status changed during the time period specified. status Optional Enumeration The lookup request will return only those transactions with the status specified here. When combined with a status_change element, only those records that had the specified status during that date range are returned. If this element is not specified then transactions of all statuses are returned. Possible values are: Presented Represented Returned Pending Customer Approval Pending Active Declined Cancelled Failed Cleared The maximum range for an ILS request is 24 hours. API Reference Guide for Web Services 1.0 4-7

Information Lookup Service Transactions June 2015 Processing the response The following is an example of a typical ilslookupresponsev1 for a successful transaction. See Table 4-2: ilslookupresponsev1 Elements on page 4-9 for a description of the parameters returned. <ilslookupresponsev1 xmlns="http://www.optimalpayments.com/ils/xmlschema/v1"> <decision>accepted</decision> <description/> <merchantaccount>10000400036</merchantaccount> <currency>usd</currency> <startdate> <year>2011</year> <month>2</month> <day>5</day> <hour>0</hour> <minute>0</minute> <second>0</second> </startdate> <enddate> <year>2011</year> <month>3</month> <day>5</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> <txntype> <code>authorizations</code> <count>2</count> </txntype> <txntype> <code>settlements</code> <count>2</count> </txntype> <txntype> <code>credits</code> <count>1</count> </txntype> <txntype> <code>chargebacks</code> <count>1</count> </txntype> <transactions childfma='1000201930'> <authorizations>100052493 FS 2011-02-05 09:57:54 test 123 111.65 </authorizations> <settlements>100052493 C 2011-02-05 09:57:55 test 123 111.65 </settlements> <credits>116883988 C 2011-03-02 15:17:09 test 123 5.0 102318569 USD </credits> <chargebacks>368237 100052493 test 123 test 123 1111 2011-02 -05 111.65 USD 111.65 30 40003610000160100052493 100000 1 2008-02-05 </chargebacks> </transactions> <transactions childfma='1000201931'> <authorizations>100052493 FS 2011-02-05 09:57:54 test 123 88.00 </authorizations> <settlements>100052493 C 2011-02-05 09:57:55 test 123 88.00 </settlements> 4-8

June 2015 ilslookupresponsev1 schema </transactions> </ilslookupresponsev1> The following is an example of a typical ilslookupresponsev1 for a rejected transaction. In this example, an invalid merchant ID or password was submitted. <ilslookupresponsev1 xmlns="http://www.optimalpayments.com/ils/xmlschema/v1"> <decision>rejected</decision> <description>invalid Credentials</description> </ilslookupresponsev1> ilslookupresponsev1 schema An ilslookupresponsev1 has the following structure: The following elements are relevant for an ilslookupresponsev1: Table 4-2: ilslookupresponsev1 Elements Element Child Element Required Type Description decision Yes Enumeration This is the status of the transaction. One of the following is returned: Accepted the transaction was processed. Error the transaction was attempted, but failed for some reason. Rejected the request was rejected, e.g., due to invalid merchant credentials. description Yes String Max = 1024 If the decision returned is Error or Rejected, this is a description of the error. API Reference Guide for Web Services 1.0 4-9

Information Lookup Service Transactions June 2015 Table 4-2: ilslookupresponsev1 Elements (Continued) Element Child Element Required Type Description merchantaccount Yes String Max = 10 currency Yes String Length = 3 startdate year Yes Int Max = 9999 month Yes Int Min = 1 Max = 12 day Yes Int Min = 1 Max = 31 hour Yes Int Min = 0 Max = 23 minute Yes Int Min = 0 Max = 59 second Yes Int Min = 0 Max = 59 enddate year Yes Int Max = 9999 month Yes Int Min = 1 Max = 12 day Yes Int Min = 1 Max = 31 hour Yes Int Min = 0 Max = 23 minute Yes Int Min = 0 Max = 59 second Yes Int Min = 0 Max = 59 This is the merchant account number. This is the currency of the merchant account. This is the year set for the search start date. This is the month set for the search start date. This is the day set for the search start date. This is the hour set for the search start date. This is the minute set for the search start date. This is the second set for the search start date. This is the year set for the search end date. This is the month set for the search end date. This is the day set for the search end date. This is the hour set for the search end date. This is the minute set for the search end date. This is the second set for the search end date. 4-10

June 2015 ilslookupresponsev1 schema Table 4-2: ilslookupresponsev1 Elements (Continued) Element Child Element Required Type Description txntype code Yes String This is the type of transaction for which you searched for data. Possible values are: authorizations settlements credits chargebacks dd-charge dd-credit dd-charge-bacs (includes mandatereference element) dd-credit-bacs (includes mandatereference element) dd-mandate-bacs (includes mandatereference and effectivedate elements) count Yes Int This is the number of the transaction type returned in the code element above. Each code element returned has its own count. transactions Optional Attribute of transactions childfma Conditional String Max = 10 This is the child merchant account number, and provided only if the account provided for the merchantaccount element is a master account. authorizations Optional String Each instance of authorizations contains further details. See Authorizations response details on page 4-12 for a description. settlements Optional String Each instance of settlements contains further details. See Settlements response details on page 4-13 for a description. credits Optional String Each instance of credits contains further details. See Credits response details on page 4-13 for a description. chargebacks Optional String Each instance of chargebacks contains further details. See Chargebacks response details on page 4-14 for a description. API Reference Guide for Web Services 1.0 4-11

Information Lookup Service Transactions June 2015 Table 4-2: ilslookupresponsev1 Elements (Continued) Element Child Element Required Type Description dd-charge dd-credit Optional Optional String String Each instance of dd-charge, dd-credit, dd-charge-bacs, dd-credit-bacs, and dd-mandate-bacs contains further dd-charge-bacs Optional String details. See Direct Debit response details on page 4-15 for a description. dd-credit-bacs Optional String dd-mandate-bacs Optional String Response element contents Optimal Payments may without warning, when necessary, add additional detail elements to each of the transaction response types documented below (authorizations, settlements, credits, and chargebacks). These additional detail elements will be added at the end of the current pipe-separated element list, as in the example below. <ilslookupresponsev1 xmlns="http://www.optimalpayments.com/ils/xmlschema/v1"> <transactions childfma='1000201930'> <authorizations>100052493 FS 2011-02-05 09:57:54 test 123 111.65 added element added element </authorizations> <settlements>100052493 C 2011-02-05 09:57:55 test 123 111.65 added element added element </settlements> <credits>116883988 C 2011-03-02 15:17:09 test 123 5.0 102318569 USD added element added element </credits> <chargebacks>368237 100052493 test 123 test 123 1111 2011-02-05 111.65 USD 111.65 30 40003610000160100052493 100000 1 2008-02-05 added element </chargebacks> </ilslookupresponsev1> It is the merchant s responsibility to ensure that their integration for the ilslookuprequestv1 is not adversely affected by the addition of extra detail elements by Optimal Payments. Authorizations response details The following details may returned for authorizations: Table 4-3: Authorizations Response Details Record Sequence Authorization Status Parameter Description This is the confirmation number assigned by Optimal Payments to the transaction. This is the status of the Authorization. Possible values are: A Authorized FS Fully Settled AS Partially Settled 4-12

June 2015 Response element contents Table 4-3: Authorizations Response Details (Continued) Parameter Transaction Date/Time Merchant Transaction ID Amount Description This is the date and time the Authorization was processed. This is the transaction ID assigned by the merchant to the Authorization. This is the amount of the Authorization. Settlements response details The following details may be returned for settlements: Table 4-4: Settlements Response Details Parameter Record Sequence Settlement Status Transaction Date/Time Merchant Transaction ID Amount Description This is the confirmation number assigned by Optimal Payments to the transaction. This is the current status of the Settlement transaction. Possible values are: B Batched E Error P Pending C Complete K Cancelled HO Hold DE Declined MI Manual This is the date and time the Settlement was processed. This is the transaction ID assigned by the merchant to the Settlement. This is the amount of the Settlement. Credits response details The following details may be returned for credits: Table 4-5: Credits Response Details Parameter Record Sequence Credit Status Transaction Date/Time Merchant Transaction ID Amount Description This is the confirmation number assigned by Optimal Payments to the transaction. This is the status of the Settlement that is being credited. Possible values are: B Batched E Error P Pending C Complete K Cancelled HO Hold DE Declined MI Manual This is the date and time the Credit was processed. This is the transaction ID assigned by the merchant to the Credit. This is the amount of the Credit. API Reference Guide for Web Services 1.0 4-13

Information Lookup Service Transactions June 2015 Table 4-5: Credits Response Details (Continued) Parameter Settlement Record Sequence Description This the confirmation number originally assigned to the Settlement that was credited. Chargebacks response details The following details may be returned for chargebacks: Table 4-6: Chargebacks Response Details Parameter Chargeback ID Authorization Transaction ID Authorization Merchant Transaction ID Settlement Merchant Transaction ID Card Ending Original Settlement Date Original Settlement Amount Currency Code Chargeback Amount Description This is the Record ID in our Dispute Management system. Each chargeback has a unique Record ID to identify it. This is the transaction ID assigned by Optimal Payments to the original Authorization. This is the transaction ID assigned by the merchant to the original Authorization. This is the transaction ID assigned by the merchant to the Settlement that was charged back. This is the last 4 digits of the credit card used for the original Authorization. This is the date of the Settlement of the original Authorization. Format = yyyy-mm-dd This is the amount that was settled against the original Authorization. This is the currency of the merchant account. This is the amount that is being charged back against the Settlement. Reason Code This is the reason the transaction was charged back. See Reason codes on page 4-16 for an explanation of the codes. ARN Original Authorization Code CBTY Code Disputed Flag FMA Posting Date This is the Acquirer s Reference Number, a unique identification reference number assigned to each settlement transaction by the acquirer. This is the authorization code assigned by the issuing bank and returned by Optimal Payments if the transaction was process via the Direct Payment protocol. This is the type of chargeback. Possible values are: 1 Chargeback 2 Chargeback Reversal C Risk Only Notice D Denied/Lost Representment RET Retrieval Request This flag indicates whether a transaction is being disputed. Possible values are: Null Yes This is the date the chargeback was posted to the merchant account. Format = yyyy-mm-dd 4-14

June 2015 Response element contents Direct Debit response details The following details may be returned for Direct Debit transactions: Table 4-7: Direct Debit Response Details Parameter Echeck ID Echeck Status Presentation Date Merchant Transaction ID Amount Filtered Status Latest Status Update Time Return Code Bank Reference Description This is the confirmation number assigned by Optimal Payments to the transaction. This is the current status of the Direct Debit transaction. Possible values are: AP Approved mandate C Complete batch CL Cleared transaction DE Declined E Error batch F Failed PR1 Presented 1 PR2 Presented 2 RE Rejected REF Rejected final RF Refunded RV Reversed W Waiting to be batched X Cancelled This is the date and time the transaction was processed. This is the transaction ID assigned by the merchant to the transaction. This is the amount of the transaction. This value will be 0.0 when the txntype was set to ddmandate-bacs. When the datetype child element of ddoptions is set to initiation (default), this value is the same as the Echeck Status value, above in this table. When the datetype child element of ddoptions is set to status_change, this is the status that was used for the search. Here are the statuses returned in each of the search scenarios. Presented C Represented PR1 PR2 Returned RE REF This is the date and time of the latest status update. This is the return code if the mandate or transaction has been returned by the banking network. NOTE: This field is returned only for dd-charge-bacs, dd-credit-bacs, and dd-mandate-bacs. This is the full reference used to send to the banking network. For dd-mandate-bacs, this will be the 10-character mandatereference. For dd-charge-bacs, this will be 18 characters comprising the 10-character mandatereference and 8 characters for the echeck ID of the transaction (charge). NOTE: This field is returned only for dd-charge-bacs, dd-credit-bacs, and dd-mandate-bacs. API Reference Guide for Web Services 1.0 4-15

Information Lookup Service Transactions June 2015 Table 4-7: Direct Debit Response Details (Continued) Effective Date Parameter Description This is returned for dd-mandate-bacs requests only. It is the date the mandate will become active with the bank. Transactions may not be requested against this mandate before the effective date. Once the mandate becomes active, the value returned for this field will be null. NOTE: This field is returned only for dd-charge-bacs, dd-credit-bacs, and dd-mandate-bacs. Reason codes Chargeback reason codes One of the following chargeback reason codes may be returned with a chargebacks response: Table 4-8: Visa/MasterCard Chargeback Reason Codes Card Brand Code Description MC 01 Requested Transaction Data Not Received MC 02 Requested item illegible MC 07 Warning Bulletin File MC 08 Requested/Required Authorization Not Obtained MC 12 Account Number Not on File VI 30 Services Not Provided or Merchandise Not Received MC 31 Transaction Amount Differs MC 34 Duplicate Processing MC 35 Card Not Valid or Expired MC 37 Fraudulent Mail/Phone Order Transaction MC 40 Fraudulent Processing of Transaction MC 41 Canceled Recurring Transaction VI 41 Canceled Recurring Transaction MC 42 Late Presentment MC 47 Exceeds Floor Limit, Not Authorized, and Fraudulent Transaction MC 49 Questionable Merchant Activity MC 50 Credit Posted as a Debit MC 53 Cardholder Dispute Defective/Not as Described VI 53 Not as Described/Defective Merchandise MC 54 Cardholder Dispute - Not Elsewhere classified (US Only) MC 55 Non-Receipt of Merchandise 4-16

June 2015 Retrieval request reason codes Table 4-8: Visa/MasterCard Chargeback Reason Codes (Continued) Card Brand Code Description VI 57 Fraudulent Multiple Transactions MC 59 Services Not Rendered MC 60 Credit Not Processed VI 60 Requested Copy Illegible MC 62 Counterfeit Transaction Magnetic Stripe POS Fraud VI 62 Counterfeit Transaction MC 63 Cardholder Does Not Recognize Potential Fraud VI 71 Authorization Request Declined/Declined Authorization VI 72 No Authorization / Transaction Exceeds Floor Limit VI 73 Expired Card VI 74 Late Presentment VI 75 Cardholder Does Not Recognize the Transaction VI 76 Incorrect Transaction Code VI 77 Non-Matching Account Number VI 79 Requested Transaction Information Not Received VI 80 Incorrect transaction amount or account number VI 81 Fraudulent transaction Card Present Environment VI 82 Duplicate Processing VI 83 Fraudulent Transaction Card Absent Environment VI 85 Credit Not Processed VI 86 Paid by Other Means Retrieval request reason codes One of the following retrieval request reason codes may be returned with a chargebacks response: Table 4-9: Visa/MasterCard Retrieval Request Reason Codes Card Brand Code Description MC 05 Chargeback Support Card Holder Does Not Agree with Amount Billed MC 21 Cardholder Inquiry Does Not Recognize Transaction (Merchant Name, City, State or Date) MC 22 Cardholder Inquiry Disagrees With Billing MC 23 Cardholder Inquiry Needs for Personal Records MC 24 Cardholder Inquiry No Reason Code API Reference Guide for Web Services 1.0 4-17

Information Lookup Service Transactions June 2015 Table 4-9: Visa/MasterCard Retrieval Request Reason Codes (Continued) Card Brand Code Description VI 28 Cardholder Requests Copy Bearing Signature VI 29 Request for T&E Documents VI 30 Cardholder Dispute, Cardholder Request Draft VI 33 Legal Process or Fraud Analysis VI 34 Repeat Request for Copy MC 41 Legal/Fraud Analysis Signature Verification MC 42 Potential Chargeback or Compliance Documentation MC 43 Legal/Fraud Imprint Verification Discover chargeback and retrieval request reason codes One of the following chargeback or retrieval request reason codes may be returned with a chargebacks response: Table 4-10: Discover Chargeback and Retrieval Request Codes Code AL AP AW CA CD RG UA11 UA12 UA18 UA21 UA22 UA23 UA28 RN1, RN2 DP Description Cardholder challenges the validity of an airline card sale. Cardholder challenges the validity of multiple recurring payments card sales after expiration or cancellation of the recurring payments plan agreement. Incorrect transaction amount or account number/transaction amount differs. Cardholder challenges the validity of a cash advance or cash over transaction, other than a Discover ATM transaction. Cardholder challenges the validity of a card transaction because the transaction should have resulted in a credit rather than a card sale. Cardholder challenges the validity of a card sale due to non-receipt of goods and/or services. Swiped card transaction No cardholder signature obtained. Swiped card transaction Invalid cardholder signature obtained. Swiped card transaction Illegible copy of transaction receipt. Keyed card transaction No cardholder signature obtained. Keyed card transaction Invalid cardholder signature obtained. Keyed card transaction Invalid card imprint. Keyed card transaction Illegible copy of transaction documentation. Cardholder alleges that an expected credit from the merchant was not received or was insufficient in amount. Cardholder alleges that a single card sale was posted more than once to the cardholder s account. 4-18

June 2015 Discover chargeback and retrieval request reason codes Table 4-10: Discover Chargeback and Retrieval Request Codes (Continued) Code RM NA UA01 CR NC DA EX IC IN IS LP SV TF UA10 UA20 UA30 UA31 UA38 UA02 UA03 UA32 Description Cardholder challenges the validity of a card sale because the goods or services delivered by the merchant were not of the quality or condition agreed upon. Issuer disputes a card sale because the merchant did not obtain a positive authorization response for the amount of the card transaction that is subject to dispute, as represented in sales data. Cardholder or issuer challenges the validity of a card sale because no authorization request was attempted by the merchant. Cardholder challenges the validity of a card transaction because the cardholder cancelled the underlying reservation with the merchant. Cardholder challenges the validity of a card sale and no other reason code applies. Issuer challenges the validity of a card sale because the merchant received a declined authorization response and the issuer cannot collect the card sale amount from the cardholder. Cardholder or issuer challenges the validity of a card sale because the card had expired on or before the card transaction date and the merchant did not obtain a positive authorization response. Cardholder or issuer disputes a card sale because the transaction documentation received in response to a ticket retrieval request is either illegible or is missing a valid, legible card imprint (if required). Issuer disputes a card transaction because the card number provided by the merchant is not valid. Cardholder or issuer disputes a card sale because transaction documentation received in response to a ticket retrieval request does not include a valid, legible cardholder signature where required for the card transaction. Cardholder or issuer disputes a card sale because the acquirer or merchant submitted sales data for the card sale more than 30 calendar days after the authorization request and the card sale was not for a delayed delivery card sale. Cardholder or issuer disputes a prepaid gift card transaction because the merchant did not obtain a positive authorization response for the amount of the card sale subject to dispute. Discover initiates a chargeback of a card transaction because the acquirer or merchant did not comply with the applicable operating regulations. Request transaction receipt for swiped card transaction. Request transaction documentation for keyed card transaction. Request transaction documentation for card not present card transaction. Card not present card transaction Invalid proof of delivery obtained by acquirer or merchant. Card Not present card transaction Illegible copy of transaction documentation. Cardholder or issuer challenges the validity of a card sale because the issuer provided a declined authorization response. Cardholder or issuer challenges the validity of a card sale because the amount billed to the cardholder exceeds amount authorized by the issuer. Cardholder or issuer challenges the validity of a card not present card transaction because the acquirer or merchant did not obtain address verification or did not obtain and submit the CID with the authorization request. API Reference Guide for Web Services 1.0 4-19

Information Lookup Service Transactions June 2015 Table 4-10: Discover Chargeback and Retrieval Request Codes (Continued) Code UA99 R2 A Cardholder or issuer challenges the validity of a card sale and the acquirer or merchant did not comply with the applicable operating regulations in connection with the card sale. Credit not processed. Cardholder dispute, cardholder request draft. Description 4-20

APPENDIX A Using the HTTP Post Method Introduction In addition to a standard Web Service based call, you can also use the HTTP Post method to post transaction requests to Optimal Payments. Note that the URLs in the examples below point to the Optimal Payments Production environment. In order to test your integration, please contact Technical Support to obtain Test URLs and Test merchant account parameters. Email support@optimalpayments.com Telephone 1-888-709-8753 All transactions sent using the HTTP Post method must be URL encoded using the application/x-www-form-urlencoded format. Otherwise, they run the risk of failing because any reserved characters (e.g., slashes, ampersands, etc.) are stripped from requests that are not properly URL encoded. Direct Debit requests charge/verify/credit For more information on these request types, see Building charge, verify, or credit requests on page 2-4. To send a charge, verify, or credit request via HTTP Post: 1. Create a transaction request like the following example: <ddcheckrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <check> <accounttype>pc</accounttype> <bankname>chase</bankname> <checknum>12</checknum> <accountnum>987654321</accountnum> <routingnum>123456789</routingnum> </check> <billingdetails> <checkpaymethod>web</checkpaymethod> <firstname>jane</firstname> API Reference Guide for Web Services 1.0 A-1

Using the HTTP Post Method June 2015 <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> <sdk> <version>1.0</version> platform>http</platform> <provider>merchant</provider> </sdk> </ddcheckrequestv1> See Table 2-2: ddcheckrequestv1 Elements on page 2-7 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example charge on page A-2). This HTTP Post must include two parameters: txnmode charge, credit, or verify txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example charge This example shows a form version of a charge/verify/credit request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>optimal Payments - Direct Debit Transaction</title> <body> <form NAME="Direct Debit" METHOD="post" ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" > <b>transaction Mode: </b> <br> <select name="txnmode"> <option value="charge">charge</option> <option value="credit">credit</option> <option value="verify">verify</option> </select> <br> <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddcheckrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> A-2

June 2015 charge/verify/credit <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <check> <accounttype>pc</accounttype> <bankname>chase</bankname> <checknum>12</checknum> <accountnum>987654321</accountnum> <routingnum>123456789</routingnum> </check> <billingdetails> <checkpaymethod>web</checkpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> <sdk> <version>1.0</version> <platform>http</platform> <provider>merchant</provider> </sdk> </ddcheckrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. API Reference Guide for Web Services 1.0 A-3

Using the HTTP Post Method June 2015 updateshippinginfo For more information on this request type, see Building updateshippinginfo requests on page 2-14. To send an updateshippinginfo request via HTTP Post: 1. Create a transaction request like the following example: <ddshippingrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <carrier>fex</carrier> <trackingnumber>555666888999</trackingnumber> <confirmationnumber>123456</confirmationnumber> <shipmethod>t</shipmethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </ddshippingrequestv1> See Table 2-4: ddshippingrequestv1 Elements on page 2-16 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example updateshippinginfo on page A-4). This HTTP Post must include two parameters: txnmode updateshippinginfo txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example updateshippinginfo This example shows a form version of an updateshippinginfo request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>direct Debit Transaction</title> <body> <form NAME="Direct Debit" METHOD="post" ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" > <input type=hidden name="txnmode" value="updateshippinginfo" > A-4

June 2015 updateshippinginfo <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddshippingrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <carrier>fex</carrier> <trackingnumber>555666888999</trackingnumber> <confirmationnumber>123456</confirmationnumber> <shipmethod>t</shipmethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </ddshippingrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. API Reference Guide for Web Services 1.0 A-5

Using the HTTP Post Method June 2015 ddlookuprequest For more information on this request type, see Building lookup requests on page 2-18. To send a ddlookuprequest via HTTP Post: 1. Create a transaction request like the following example: <ddlookuprequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <startdate> <year>2012</year> <month>1</month> <day>1</day> <hour>12</hour> <minute>1</minute> <second>1</second> </startdate> <enddate> <year>2012</year> <month>1</month> <day>1</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> </<ddlookuprequestv1> See Table 2-5: ddlookuprequestv1 Elements on page 2-20 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example lookuprequest on page A-6). This HTTP Post must include two parameters: txnmode lookup txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example lookuprequest This example shows a form version of a lookuprequest containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>direct Debit Transaction</title> <body> <form NAME="Direct Debit" METHOD="post" A-6

June 2015 Mandate request ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" > <input type=hidden name="txnmode" value="lookup" > <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddlookuprequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <startdate> <year>2012</year> <month>1</month> <day>1</day> <hour>12</hour> <minute>1</minute> <second>1</second> </startdate> <enddate> <year>2012</year> <month>1</month> <day>31</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> </<ddlookuprequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Mandate request For more information on this request type, see Building BACS mandate requests (UK) on page 2-22. To send a mandate request via HTTP Post: 1. Create a transaction request like the following example: <ddmandaterequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> API Reference Guide for Web Services 1.0 A-7

Using the HTTP Post Method June 2015 <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <check> <bankname>chase</bankname> <accountnum>987654321</accountnum> <routingnum>123456</routingnum> </check> <billingdetails> <checkpaymethod>web</checkpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>cambridge</city> <country>uk</country> <zip>cb12345</zip> <phone>1222 444000</phone> <email>janejones@emailserver.com</email> </billingdetails> <autosend>y</autosend> </ddmandaterequestv1> See Table 2-6: ddmandaterequestv1 Elements on page 2-25 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example mandate request on page A-8). This HTTP Post must include two parameters: txnmode mandate txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example mandate request This example shows a form version of a mandate request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>optimal Payments - Direct Debit Test</title> <body> <form NAME="Direct Debit" METHOD="post" ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" <input type=hidden name="txnmode" value="mandate" > <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddmandaterequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> A-8

June 2015 Change status request <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <check> <bankname>chase</bankname> <accountnum>987654321</accountnum> <routingnum>123456</routingnum> </check> <billingdetails> <checkpaymethod>web</checkpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>cambridge</city> <country>uk</country> <zip>cb12345</zip> <phone>1222 444000</phone> <email>janejones@emailserver.com</email> </billingdetails> <autosend>y</autosend> </ddmandaterequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Change status request For more information on this request type, see Building change status requests on page 2-28. To send a change status request via HTTP Post: 1. Create a transaction request like the following example: <ddchangestatusrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <status>c</status> </ddchangestatusrequestv1> See Table 2-8: ddchangestatusrequestv1 Elements on page 2-30 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example change status request on page A-10). API Reference Guide for Web Services 1.0 A-9

Using the HTTP Post Method June 2015 This HTTP Post must include two parameters: txnmode changestatus txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example change status request This example shows a form version of a change status request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>optimal Payments - Direct Debit Transaction</title> <body> <form NAME="Direct Debit" METHOD="post" ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" <input type=hidden name="txnmode" value="changestatus" > <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddchangestatusrequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <status>c</status> </ddchangestatusrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Mandate update request For more information on this request type, see Building mandate update requests on page 2-31. To send a mandate update request via HTTP Post: 1. Create a transaction request like the following example: <ddupdatemandaterequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> A-10

June 2015 Mandate update request <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <mandatereference>pdestest7a</mandatereference> <accountnum>nl77abna0574908765</accountnum> <routingnum>abnanl2a</routingnum> </ddupdatemandaterequestv1> See Table 2-9: ddupdatemandaterequestv1 Elements on page 2-32 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example mandate update request on page A-11). This HTTP Post must include two parameters: txnmode updatemandate txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/directdebitws/directdebitservlet/v1 HTML example mandate update request This example shows a form version of a mandate update request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>optimal Payments - Direct Debit Transaction</title> <body> <form NAME="Direct Debit" METHOD="post" ACTION="https://webservices.optimalpayments.com/directdebitWS/DirectDebitServlet/v1" <input type=hidden name="txnmode" value="updatemandate" > <br> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10> <ddupdatemandaterequestv1 xmlns="http://www.optimalpayments.com/directdebit/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <mandatereference>pdestest7a</mandatereference> <accountnum>nl77abna0574908765</accountnum> <routingnum>abnanl2a</routingnum> </ddupdatemandaterequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"></form> </body> </html> API Reference Guide for Web Services 1.0 A-11

Using the HTTP Post Method June 2015 The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Credit card requests Purchase/Authorization/Verification For more information on these request types, see Building Purchase/Authorization/Verification requests on page 3-4. To send a credit card Purchase/Authorization/Verification transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccauthrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <card> <cardnum>4653111111111111</cardnum> <cardexpiry> <month>11</month> <year>2008</year> </cardexpiry> <cardtype>vi</cardtype> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </card> <authentication> <indicator>05</indicator> <cavv>aaabb4wzlqaaaaaacjmveniwiv+=</cavv> <xid>q2prwui2rfnbc3fotxnlem50ewy=</xid> </authentication> <billingdetails> <cardpaymethod>web</cardpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> A-12

June 2015 Purchase/Authorization/Verification <shippingdetails> <carrier>fex</carrier> <shipmethod>t</shipmethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>44 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </shippingdetails> <recurring> <recurringindicator>i</recurringindicator> <originalconfirmationnumber>115147689</originalconfirmationnumber> </recurring> <customerip>127.0.0.1</customerip> <producttype>m</producttype> <addendumdata> <tag>cust_acct_open_date</tag> <value>20041012</value> </addendumdata> <addendumdata> <tag>merchant_country_code</tag> <value>us</value> </addendumdata> <addendumdata> <tag>service_request_currency</tag> <value>on</value> </addendumdata> </ccauthrequestv1> See Table 3-2: ccauthrequestv1 Elements on page 3-8 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Authorization on page A-13). This HTTP Post must include two parameters: txnmode ccauthorize, ccpurchase, or ccverification txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Authorization This example shows a form version of a credit card Authorization request containing the example above that you could post to Optimal Payments. To make this a Purchase or Verification request, just modify the txnmode value ccauthorize in the line <input type=hidden name="txnmode" value="ccauthorize" > below to ccpurchase or ccverification, respectively. API Reference Guide for Web Services 1.0 A-13

Using the HTTP Post Method June 2015 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>credit Card Test</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="ccauthorize" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > <ccauthrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <card> <cardnum>4653111111111111</cardnum> <cardexpiry> <month>11</month> <year>2008</year> </cardexpiry> <cardtype>vi</cardtype> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </card> <authentication> <indicator>05</indicator> <cavv>aaabb4wzlqaaaaaacjmveniwiv+=</cavv> <xid>q2prwui2rfnbc3fotxnlem50ewy=</xid> </authentication> <billingdetails> <cardpaymethod>web</cardpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> <shippingdetails> <carrier>fex</carrier> <shipmethod>t</shipmethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>44 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </shippingdetails> A-14

June 2015 Authorization Reversal <recurring> <recurringindicator>i</recurringindicator> <originalconfirmationnumber>115147689</originalconfirmationnumber> </recurring> <customerip>127.0.0.1</customerip> <producttype>m</producttype> <addendumdata> <tag>cust_acct_open_date</tag> <value>20041012</value> </addendumdata> <addendumdata> <tag>merchant_country_code</tag> <value>us</value> </addendumdata> <addendumdata> <tag>service_request_currency</tag> <value>on</value> </addendumdata> </ccauthrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Authorization Reversal For more information on these request types, see Building Authorization Reversal requests on page 3-18. To send a credit card Authorization Reversal transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccauthreversalrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>115147689</confirmationnumber> <merchantrefnum>ar2</merchantrefnum> <reversalamount>18.00</reversalamount> </ccauthreversalrequestv1> API Reference Guide for Web Services 1.0 A-15

Using the HTTP Post Method June 2015 See Table 3-4: ccauthreversalrequestv1 Elements on page 3-20 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Authorization Reversal on page A-16). This HTTP Post must include two parameters: txnmode ccauthorizereversal txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Authorization Reversal This example shows a form version of a credit card Authorization Reversal request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>reverse Authorization Transaction</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="ccauthorizereversal" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > <ccauthreversalrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>115147689</confirmationnumber> <merchantrefnum>ar2</merchantrefnum> <reversalamount>18.00</reversalamount> </ccauthreversalrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. A-16

June 2015 Settlement/Credit Settlement/Credit For more information on these request types, see Building Settlement/Credit requests on page 3-21. To send a credit card Settlement/Credit transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccpostauthrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <addendumdata> <tag>merchant_data</tag> <value>merchant_data</value> </addendumdata> </ccpostauthrequestv1> See Table 3-5: ccpostauthrequestv1 Elements on page 3-23 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Settlement on page A-17). This HTTP Post must include two parameters: txnmode ccsettlement or cccredit txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Settlement This example shows a form version of a credit card Settlement request containing the example above that you could post to Optimal Payments. To make this a Credit request, just modify the txnmode value ccsettlement in the line <input type=hidden name="txnmode" value="ccsettlement" > below to cccredit. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>credit Card Test</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="ccsettlement" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > API Reference Guide for Web Services 1.0 A-17

Using the HTTP Post Method June 2015 <ccpostauthrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <addendumdata> <tag>merchant_data</tag> <value>merchant_data</value> </addendumdata> </ccpostauthrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Stored Data Authorization/Purchase For more information on these request types, see Building Stored Data Requests on page 3-25. To send a Stored Data Authorization/Purchase transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccstoreddatarequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <confirmationnumber>123456</confirmationnumber> <amount>18.00</amount> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </ccstoreddatarequestv1> See Table 3-6: ccstoreddatarequestv1 Elements on page 3-27 or a list and description of parameters to include in this request. A-18

June 2015 Stored Data Authorization/Purchase 2. Include this transaction request in an HTTP Post (see HTML example Stored Data Authorization on page A-19). This HTTP Post must include two parameters: txnmode ccstoreddataauthorize or ccstoreddatapurchase txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Stored Data Authorization This example shows a form version of a credit card Stored Data Authorization request containing the example above that you could post to Optimal Payments. To make this a Stored Data Purchase request, just modify the txnmode value ccstoreddataauthorize in the line <input type=hidden name="txnmode" value="ccstoreddataauthorize" > below to ccstoreddatapurchase. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>credit Card Test</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="ccstoreddataauthorize" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > <ccstoreddatarequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <confirmationnumber>123456</confirmationnumber> <amount>18.00</amount> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </ccstoreddatarequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. API Reference Guide for Web Services 1.0 A-19

Using the HTTP Post Method June 2015 Cancel Settle/Credit/Payment/Independent Credit For more information on these request types, see Building Cancel requests on page 3-29. To cancel a credit card Settle/Credit/Payment/Independent Credit request via HTTP Post: 1. Create a transaction request like the following example: <cccancelrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <addendumdata> <tag>merchant_data</tag> <value>merchant_data</value> </addendumdata> </cccancelrequestv1> See Table 3-7: cccancelrequestv1 Elements on page 3-30 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Cancel on page A-20). This HTTP Post must include two parameters: txnmode cccancelsettle, cccancelcredit, cccancelpayment, or cccancelindependentcredit txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Cancel This example shows a form version of a credit card Cancel request containing the example above that you could post to Optimal Payments to cancel a Settle transaction. To make this a Cancel Credit, Cancel Payment, or Cancel Independent Credit request, just modify the txnmode value cccancelsettle in the line <input type=hidden name="txnmode" value="cccancelsettle" > below to cccancelcredit, cccancelpayment, or cccancelindependentcredit, respectively. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>credit Card Test</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="cccancelsettle" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > A-20

June 2015 Payment request <cccancelrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <addendumdata> <tag>merchant_data</tag> <value>merchant_data</value> </addendumdata> </cccancelrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Payment request For more information on this request type, see Building Payment/Independent Credit requests on page 3-32. To make a Payment request via HTTP Post: 1. Create a transaction request like the following example: <ccpaymentrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <card> <cardnum>4653111111111111</cardnum> <cardexpiry> <month>11</month> <year>2008</year> </cardexpiry> <cardtype>vi</cardtype> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </card> <billingdetails> API Reference Guide for Web Services 1.0 A-21

Using the HTTP Post Method June 2015 <cardpaymethod>web</cardpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> </ccpaymentrequestv1> See Table 3-8: ccpaymentrequestv1 Elements on page 3-34 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Payment on page A-22). This HTTP Post must include two parameters: txnmode ccpayment or ccindependentcredit txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Payment This example shows a form version of a credit card Payment request containing the example above that you could post to Optimal Payments. To make this an Indpendent Credit request, just modify the txnmode value ccpayment in the line <input type=hidden name="txnmode" value="ccpayment" > below to ccindependent Credit. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>cc Payment</title> </head> <body> <h1> Credit Card Webservice Tester </h1> <form NAME="creditcard" id="creditcard" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="ccpayment" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > <ccpaymentrequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> A-22

June 2015 Credit card Information Lookup <merchantrefnum>ref-12345</merchantrefnum> <amount>10.00</amount> <card> <cardnum>4653111111111111</cardnum> <cardexpiry> <month>11</month> <year>2008</year> </cardexpiry> <cardtype>vi</cardtype> <cvdindicator>1</cvdindicator> <cvd>111</cvd> </card> <billingdetails> <cardpaymethod>web</cardpaymethod> <firstname>jane</firstname> <lastname>jones</lastname> <street>123 Main Street</street> <city>la</city> <state>ca</state> <country>us</country> <zip>90210</zip> <phone>555-555-5555</phone> <email>janejones@emailserver.com</email> </billingdetails> </ccpaymentrequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Credit card Information Lookup For more information on this request type, see Building Transaction Lookup requests on page 3-37. To send a credit card Information Lookup transaction request via HTTP Post: 1. Create a transaction request like the following example: <cctxnlookuprequestv1 xmlns="http://www.optimalpayments.com/ creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <startdate> <year>2012</year> API Reference Guide for Web Services 1.0 A-23

Using the HTTP Post Method June 2015 <month>1</month> <day>1</day> <hour>12</hour> <minute>1</minute> <second>1</second> </startdate> <enddate> <year>2012</year> <month>1</month> <day>1</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> </cctxnlookuprequestv1> See Table 3-9: cctxnlookuprequestv1 Elements on page 3-39 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Information Lookup on page A-24). This HTTP Post must include two parameters: txnmode cctxnlookup txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Information Lookup <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>information Lookup</title> <form NAME="Information Lookup" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="cctxnlookup" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=25 > <cctxnlookuprequestv1 xmlns="http://www.optimalpayments.com/ creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <merchantrefnum>ref-12345</merchantrefnum> <startdate> <year>2012</year> <month>1</month> <day>1</day> A-24

June 2015 Enrollment Lookup <hour>12</hour> <minute>1</minute> <second>1</second> </startdate> <enddate> <year>2012</year> <month>1</month> <day>1</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> </<cctxnlookuprequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Enrollment Lookup For more information on this request type, see Building Enrollment Lookup requests on page 3-41. To send a credit card Enrollment Lookup transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccenrollmentlookuprequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>21.00</amount> <card> <cardnum>4000000000000002</cardnum> <cardexpiry> <month>01</month> <year>2011</year> </cardexpiry> <cardtype>vi</cardtype> </card> </ccenrollmentlookuprequestv1> API Reference Guide for Web Services 1.0 A-25

Using the HTTP Post Method June 2015 See Table 3-10: ccenrollmentlookuprequestv1 Elements on page 3-43 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Enrollment Lookup on page A-26). This HTTP Post must include two parameters: txnmode cctdslookup txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Enrollment Lookup <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>enrollment Lookup</title> <form NAME="Enrollment Lookup" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="cctdslookup" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=25 > <ccenrollmentlookuprequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <merchantrefnum>ref-12345</merchantrefnum> <amount>21.00</amount> <card> <cardnum>4653111111111111</cardnum> <cardexpiry> <month>01</month> <year>2011</year> </cardexpiry> <cardtype>vi</cardtype> </card> </ccenrollmentlookuprequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> A-26

June 2015 Authentication The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Authentication For more information on this request type, see Building Authentication requests on page 3-44. To send a credit card Authentication transaction request via HTTP Post: 1. Create a transaction request like the following example: <ccauthenticaterequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <paymentresponse>mypaymentresponse</paymentresponse> </ccauthenticaterequestv1> See Table 3-11: ccauthenticaterequestv1 Elements on page 3-46 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example Authentication on page A-27). This HTTP Post must include two parameters: txnmode cctdsauthenticate txnrequest the transaction request above 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/creditcardws/creditcardservlet/v1 HTML example Authentication This example shows a form version of a credit card Authentication request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>credit Card Test</title> <body> <form NAME="Credit Card" METHOD="post" ACTION="https://webservices.optimalpayments.com/creditcardWS/CreditCardServlet/v1"> <input type=hidden name="txnmode" value="cctdsauthenticate" > <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > API Reference Guide for Web Services 1.0 A-27

Using the HTTP Post Method June 2015 <ccauthenticaterequestv1 xmlns="http://www.optimalpayments.com/creditcard/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/creditcard/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <confirmationnumber>123456</confirmationnumber> <paymentresponse>mypaymentresponse</paymentresponse> </ccauthenticaterequestv1> </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Information Lookup Service requests For more information on this request type, see Building ILS requests on page 4-3. To send an ILS request via HTTP Post: 1. Create a transaction request like the following example: <ilslookuprequestv1 xmlns="http://www.optimalpayments.com/ils/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/ils/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <startdate> <year>2008</year> <month>03</month> <day>05</day> <hour>00</hour> <minute>00</minute> <second>00</second> </startdate> <enddate> <year>2008</year> <month>03</month> <day>05</day> <hour>23</hour> <minute>59</minute> <second>59</second> A-28

June 2015 HTML example - ILS </enddate> <type>authorizations</type> <type>settlements</type> <type>credits</type> <type>chargebacks</type> </ilslookuprequestv1> See Table 4-1: ilslookuprequestv1 Elements on page 4-5 for a list and description of parameters to include in this request. 2. Include this transaction request in an HTTP Post (see HTML example - ILS on page A-29). 3. Send the HTTP Post to the following URL: https://webservices.optimalpayments.com/ilsws/ilsservlet/v1 HTML example - ILS This example shows a form version of an ILS request containing the example above that you could post to Optimal Payments. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <title>information Lookup Service</title> <body> <form NAME="ILS" METHOD="post" ACTION="https://webservices.optimalpayments.com/ilsWS/IlsServlet/v1"> <b>xml Message body:</b> <TEXTAREA class="xmlbox" name="txnrequest" COLS=100 ROWS=10 > <ilslookuprequestv1 xmlns="http://www.optimalpayments.com/ils/xmlschema/v1" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xsi:schemalocation="http://www.optimalpayments.com/ils/xmlschema/v1"> <merchantaccount> <accountnum>12345678</accountnum> <storeid>mystoreid</storeid> <storepwd>mystorepwd</storepwd> </merchantaccount> <startdate> <year>2008</year> <month>03</month> <day>05</day> <hour>00</hour> <minute>00</minute> <second>00</second> </startdate> <enddate> <year>2008</year> <month>03</month> <day>05</day> <hour>23</hour> <minute>59</minute> <second>59</second> </enddate> <type>authorizations</type> <type>settlements</type> <type>credits</type> <type>chargebacks</type> </ilslookuprequestv1> API Reference Guide for Web Services 1.0 A-29

Using the HTTP Post Method June 2015 </TEXTAREA> <br> <input TYPE=submit class=input VALUE="Send Request"> </form> </body> </html> The maximum file size supported is 100K. If your HTTP Post exceeds 100K it will fail. See Sample HTTP Post on page A-30 to see what this would look like viewed with a browser. Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Sample HTTP Post This is what the HTTP Post examples of the transaction types described in this chapter would look like viewed in a browser: Clicking the Send Request button sends the transaction via HTTP Post to Optimal Payments. Sample HTTP Post responses Optimal Payments returns a response like the following for a successful transaction request: A-30

June 2015 Sample HTTP Post responses Optimal Payments returns a response like the following for a failed transaction request: For an explanation of the elements in the response, see Processing the response on page 3-48. For an explanation of error codes, see Response codes on page B-1. API Reference Guide for Web Services 1.0 A-31

Using the HTTP Post Method June 2015 A-32

APPENDIX B Response Codes Overview Optimal Payments Web Services can return different types of code if a transaction attempt fails: Response codes Action codes Return codes Response codes The following table describes the response codes that could be returned by Optimal Payments Web Services. Table B-1: Response Codes Response Code Action Description 1000 D An internal error occurred. Please contact Technical Support before retrying the transaction. 1001 R An error occurred with the external processing gateway. Please retry the transaction. 1002 R An internal error occurred. Please retry the transaction. 1003 D An error occurred with the external processing gateway. Do not retry the transaction. Contact Technical Support for more information. 1004 M Your account is not enabled for this transaction type. Please verify your parameters and retry the transaction. 1006 D An error occurred with the external processing gateway. Do not retry the transaction. Contact Technical Support for more information. 1007 R An internal error occurred. Please retry the transaction. 1008 D An internal error occurred. Do not retry the transaction. Contact Technical Support for more information. 1018 D The external processing gateway has reported the transaction is unauthorized. Do not retry the transaction. Contact Technical Support for more information. 1028 M The external processing gateway has reported invalid data. Please verify your parameters and retry the transaction. 1043 D The external processing gateway has reported the account type is invalid. Do not retry the transaction. Contact Technical Support for more information. 1060 D The external processing gateway has reported a limit has been exceeded. Do not retry the transaction. 1078 R The external processing gateway has reported a system error. Please retry the transaction. 1087 D The external processing gateway has rejected the transaction. Do not retry the transaction. Contact Technical Support for more information. 2000 D The echeck status cannot be found. API Reference Guide for Web Services 1.0 B-1

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 2001 C You submitted a request containing a bank account, amount, and check number already used together in a request within the last 24 hours. 2002 M The echeck request cannot be found. Please verify your parameters and retry. 2003 M The payment type you provided conflicts with the bank account type you provided. Please verify your parameters and retry the transaction. 2004 D The echeck transaction cannot be found. 2005 M An internal error occurred. Please verify your parameters and retry the transaction. 2006 C You have submitted a Decline transaction in response to a Settlement attempt. 2007 M The payment type included with your request cannot be used in Credit transaction mode. Please verify your parameters and retry the request. 2008 C You have submitted an invalid routing number. Please verify your parameter and retry the transaction. 2009 C You have submitted an invalid bank account number. Please verify your parameter and retry the transaction. 2010 C You have submitted an invalid check number. Please verify your parameter and retry the transaction. 2011 M You have submitted a mandate reference that does not exist. Please verify your parameter and retry the transaction. 2012 M You have submitted a mandate reference that is not active yet. Please resubmit your request after the mandate becomes active or resubmit your request including the txndate element with a date after: <date> 2013 M You have submitted an invalid mandate reference. Please verify your parameter and retry the transaction. 2014 M The mandate reference is already in use for the specified bank account information. Please specify a different mandate reference. 2016 M The paymenttoken element cannot be used together with the check element or the billingdetails element. 2017 M The payment token bank scheme does not match the merchant account bank scheme. 2100 D You have attempted to refund a Charge transaction that is not in a completed state. Do not retry the transaction. 2101 R The requested refund amount exceeds the remaining Charge amount. Please verify your parameters and retry the transaction. 2102 R You have submitted an invalid bank country in your request. Please verify your parameter and retry the transaction. 2500 D A suitable merchant account could not be found for this request. Do not retry the transaction. Contact Technical Support for more information. 2501 D An internal error occurred. Do not retry the transaction. Contact Technical Support for more information. 2502 M The authentication failed for your transaction request. Either your credentials were entered incorrectly or your request was tampered with. Please verify your request and retry the transaction. 2503 M You submitted an invalid shop ID. It must be a numeric value. B-2

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 2504 M You submitted a shop ID for which a shop does not exist. Please verify your parameters and retry the transaction. 2505 M No merchant account could be found for the currency you submitted. Please verify your parameters and retry the transaction. 2506 M More than one merchant account was found for the currency you submitted. Please provide a merchant account number and retry the request. 2507 M The merchant account submitted does not correspond to the shop ID you submitted. Please verify your parameters and retry the transaction. 2508 M You submitted a request that is missing the encodedmessage parameter. Please verify your parameters and retry the transaction. 2509 M You submitted a request that has an invalid encodedmessage parameter. The encodedmessage could not be Base64 decoded. Please verify your parameters and retry the request. 2510 M You submitted an invalid XML request. Please verify your request and retry the transaction. 2511 R An internal error occurred. Please retry the transaction. Contact Technical Support if the error persists. 2512 M You submitted a request that is missing the signature parameter. Please verify your parameters and retry the transaction. 2513 M You submitted a request that is missing the Shop ID parameter. Please verify your parameters and retry the transaction. 2514 D An internal error occurred. Your merchant credentials could not be found. Do not retry the transaction. Contact Technical Support for more information. 2515 R An internal error occurred. Please retry the transaction. 2516 D An internal error occurred. Do not retry the transaction. Please contact Technical Support. 2517 D An internal error occurred. Do not retry the transaction. Please contact Technical Support. 2518 R An internal error occurred. Please retry the transaction. Contact Technical Support if the error persists. 2519 D You submitted a request for a shop that is disabled. Do not retry the transaction. 2520 M The cartitem and feeitem amounts do not equal the totalamount. Please verify your parameters and retry the transaction. 2521 D An internal error occurred. Your shop is not configured properly. Do not retry the transaction. Contact Technical Support for more information. 2523 R An internal error occurred. Please retry the transaction. Contact Technical Support if the error persists. 2524 D An internal error occurred. The customer profile is not configured properly. Do not retry the transaction. Contact Technical Support for more information. 2525 M The customer profile associated with the token provided could not be located. Please verify your parameters and retry the transaction. 2526 R An internal profile management error occurred and your request could not be processed. Please retry the transaction. Contact Technical Support if the error persists. 2527 M You submitted a request with an unsupported locale. Please verify your parameters and retry the transaction. API Reference Guide for Web Services 1.0 B-3

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 2528 M You submitted a request with a merchant customer ID that is not associated with the customer token provided. Please verify your parameters and retry the transaction. 2529 R An internal error occurred. Please retry the transaction. 2530 D An internal error occurred. Do not retry the transaction. Contact Technical Support for more information. 2531 M A customer profile with the same merchant customer ID already exists. Please verify your parameters and retry the transaction. 2532 D Your shop is not configured to process any payments. Do not retry the transaction. Contact Technical Support for more information. 2533 D Your shop is not configured to process the selected payment method. Do not retry the transaction. Contact Technical Support for more information. 2534 M The customer profile associated with the token you provided is not active. Please verify your parameters and ensure the customer status is active and then retry the transaction. 2535 M The customer profile associated with the token you provided has a bank account that is not validated. Please verify your parameters or have your customer validate their account and then retry the transaction. 2536 D The transaction was declined because the maximum number of attempts has been reached. Do not retry the transaction. 2537 D The bank account validation failed because the maximum number of attempts has been reached. Do not retry the transaction. 2538 D The customer entered an invalid micro deposit amount. 2539 R An internal error occurred. Please retry the transaction. Contact Technical Support if the error persists. 2540 M The merchant reference number already exists. Please verify your parameters and retry the transaction. 2541 R An internal error occurred when sending the micro deposit transaction. Please retry the transaction. Contact Technical Support if the error persists. 2542 D The customer profile validation failed the AVS check. 2543 M The customer has a status that cannot be validated. Please reset the customer status before retrying the transaction. 2544 D The customer profile does not have the credit card information required for validation. 2445 D The customer tried to register an EFT bank account that is already used by another customer. Do not retry the transaction. 2546 D The customer tried to register a credit card that is already used by another customer. Do not retry the transaction. 2547 M The customer profile associated with the token you provided does not have a credit card. Please verify your parameters, and retry the transaction. 2548 M The customer profile used for this transaction has not been created. Please verify your parameters and retry the transaction. 2549 M Your shop is not configured to register a bank account for the country you submitted. Please verify your parameters and retry the transaction. 2550 M The customer profile associated with the token you provided does not have a registered bank account. Please verify your parameters and retry the transaction. B-4

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 2551 M You submitted a request that contains an invalid payment method. Please verify your parameters and retry the transaction. 2552 M You submitted a request that contains an invalid shop request ID. Please verify your parameters and retry the transaction. 2553 D Our system cannot find the successful enrollment response associated with your shop request ID. Do not retry the transaction. Contact Technical Support for more information. 2554 M The customer profile associated with the token you provided is disabled. Please verify your parameters and ensure the customer status is active, and retry the transaction. 2555 M The payment token is not associated with the customer profile you provided. Please verify your parameters and retry the transaction. 2556 M The credit card selected for this transaction is not active. Please verify your parameters and retry the transaction. 2557 M The confirmation number included in this request could not be found. Please verify this parameter and retry the transaction. 2558 M The transaction cannot be cancelled. Please verify your parameters and ensure you are attempting to cancel the correct transaction. If the error persists, contact Technical Support. 2701 None The Equifax validation was accepted with the condition that the customer s request should be verified. 2702 R An internal error has occurred while processing an Equifax transaction. Retry the transaction. Contact Technical Support if the error persists. 2703 R Some or all of the Equifax databases are down. Retry the transaction. Contact Technical Support if the error persists. 2704 D The Equifax validation was rejected. Do not retry the transaction. 2705 R The Equifax validation was rejected and should be treated manually. The merchant can contact the customer directly. 2706 R The Equifax validation was rejected due to invalid input. Please verify your parameters and retry the transaction. 2707 R The Equifax validation was rejected due to an invalid address. Please verify your parameters and retry the transaction. 2708 R An internal error occurred. The Equifax response codes are missing. Please verify your parameters and retry the transaction. 2709 D The bank rejected the transaction. It could not process the request. 2710 M No email template is set up, so no email could be sent to confirm the transaction. 2711 D The validation was rejected for the profile update. Do not retry the transaction. 3001 C You submitted an unsupported card type with your request. Please verify this parameter and retry the transaction. 3002 C You submitted an invalid card number or brand or combination of card number and brand with your request. Please verify these parameters and retry the transaction. 3003 C You submitted an incorrect value for the cvdindicator parameter with your request. Please verify this parameter and retry the transaction. 3004 C You have requested an AVS check. Please ensure that the zip/postal code is provided. API Reference Guide for Web Services 1.0 B-5

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 3005 C You submitted an incorrect value for the cvd parameter with your request. Please verify this parameter and retry the transaction. 3006 C You submitted an expired credit card number with your request. Please verify this parameter and retry the request. 3007 D Your request has failed the AVS check. Note that the amount may have been reserved on the customer s card and will be released in 3-5 business days. Please ensure the billing address is accurate before retrying the transaction. 3008 D You submitted a card type for which the merchant account is not configured. 3009 D Your request has been declined by the issuing bank. 3011 D Your request has been declined by the issuing bank because the card used is a restricted card. Contact the cardholder s credit card company for further investigation. 3012 D Your request has been declined by the issuing bank because the credit card expiry date submitted is invalid. 3013 D Your request has been declined by the issuing bank due to problems with the credit card account. 3014 D Your request has been declined the issuing bank has returned an unknown response. Contact the cardholder s credit card company for further investigation. 3015 D The bank has requested that you process the transaction manually by calling the cardholder s credit card company. 3016 D The bank has requested that you retrieve the card from the cardholder it may be a lost or stolen card. 3017 C You submitted an invalid credit card number with your request. Please verify this parameter and retry the transaction. 3018 R The bank has requested that you retry the transaction. 3019 C Your request has failed the CVD check. Please note that the amount may still have been reserved on the customer s card, in which case it will be released in from 3 to 5 business days. Please ensure the CVD value is accurate before retrying the transaction. 3020 R The bank has requested that you retry the transaction. 3021 M The confirmation number included in this request could not be found. Please verify this parameter and retry the transaction. 3022 D The card has been declined due to insufficient funds. 3023 D Your request has been declined by the issuing bank due to its proprietary card activity regulations. 3024 D Your request has been declined because the issuing bank does not permit the transaction for this card. 3025 R The external processing gateway has reported invalid data. Please verify your parameters and retry the transaction. 3026 D The external processing gateway has reported the account type is invalid. Do not retry the transaction. Contact Technical Support for more information. 3027 D The external processing gateway has reported a limit has been exceeded. Do not retry the transaction. 3028 R The external processing gateway has reported a system error. Please retry the transaction. B-6

June 2015 Response codes 3029 D The external processing gateway has rejected the transaction. Do not retry the transaction. Contact Technical Support for more information. 3030 D The external processing gateway has reported the transaction is unauthorized. Do not retry the transaction. Contact Technical Support for more information. 3031 M The confirmation number you submitted with your request references a transaction that is not on hold. Please verify this parameter and retry the transaction. 3032 D Your request has been declined by the issuing bank or external gateway because the card is probably in one of their negative databases. 3200 M You have submitted an invalidly formatted authorization ID for this settlement. Please verify this parameter and retry the transaction. 3201 M The authorization ID included in this settlement request could not be found. Please verify this parameter and retry the transaction. 3202 D You have exceeded the maximum number of settlements allowed. Contact Technical Support for more information. 3203 M The authorization is either fully settled or cancelled. 3204 M The requested settlement amount exceeds the remaining authorization amount. 3205 M The authorization you are attempting to settle has expired. 3206 D The external processing gateway has rejected the transaction. Do not retry the transaction. Contact Technical Support for more information. 3402 M The requested credit amount exceeds the remaining settlement amount. 3403 M You have already processed the maximum number of credits allowed for this settlement. 3404 M The settlement has already been fully credited. 3405 M The settlement you are attempting to credit has expired. 3406 M The settlement you are attempting to credit has not been batched yet. There are no settled funds available to credit. 3407 M The settlement referred to by the transaction response ID you provided cannot be found. Please verify this parameter and retry the transaction. 3408 M You have submitted an invalidly formatted response ID for the original purchase or settlement. Please verify this parameter and retry the transaction. 3409 M The authorization ID included in this credit request could not be found. Please verify this parameter and retry the transaction. 3410 M The refund request failed. Table B-1: Response Codes (Continued) Response Code Action Description 3411 M The cancel refund request failed. 3412 M The Credit transaction you attempted was not permitted because your merchant account is in overdraft. 3413 M The requested Credit amount exceeds the permissible Visa credit ratio. Please verify this parameter and retry the transaction. 3414 M The credit referred to by the transaction response ID you provided cannot be found. Please verify this parameter and retry the transaction. 3415 D You cannot cancel this transaction. It is not in a state that can be cancelled. It may already have been completed and therefore not be in a pending state. API Reference Guide for Web Services 1.0 B-7

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 3416 M The external processing gateway for which your merchant account is configured does not support partial settlements. Ensure that the amount you are trying to settle is identical to the amount in the original authorization and retry the transaction. 3417 M There is already another request being processed on the transaction referenced for this request. Please use the confirmation number used for this request to run a report or lookup to determine the results. 3418 M The external processing gateway for which your merchant account is configured does not support partial credits. 3500 M The confirmation number included in this request could not be found. Please verify this parameter and retry the transaction. 3501 M The requested authorization reversal amount exceeds the remaining authorization amount. 3502 D The authorization has already been settled. You cannot process an authorization reversal transaction against an authorization that has been settled. 3503 M The authorization reversal transaction is not supported for the card type used for the authorization you are attempting to reverse. 3504 M The external processing gateway for which your merchant account is configured does not support partial authorization reversals. Ensure that the amount you are trying to reverse is identical to the amount in the original authorization and retry the transaction. 3505 M The authorization reversal could not be completed. 3506 M The reversal amount exceeds the remaining amount of the authorization. 3601 D The 3D Secure authentication of this cardholder by the card issuer failed. 3602 M The confirmation number included in the 3D Secure authentication request could not be found. The confirmation number must be the one returned by the payment processor in response to the original authorization or purchase. 3603 M You submitted a request that is not available for 3D Secure authentication. 3604 D The original authorization or purchase request has expired. The 3D Secure authentication request must be completed within 60 minutes of the original authorization or purchase. 3605 D The 3D Secure authentication service was not available for the card used in this transaction. 3701 M The confirmation number included in this request could not be found. Please verify this parameter and retry the transaction. 3702 D You cannot cancel this payment transaction. It is not in a state that can be cancelled. It may already have been completed and therefore not be in a pending state. 3703 C The external gateway has reported that you have submitted an invalid amount with your request. Please verify this parameter and retry the transaction. 3704 M The transaction referred to cannot be found. 3705 M The transaction referred to uses a different card number. 3706 M The transaction referred to is not fully authenticated. 3707 D The transaction referred to is missing responses. 3708 M The transaction referred to has not been settled. 3800 D The transaction was declined by the authentication gateway. Do not retry the transaction. 3801 D The transaction was declined by the payment gateway. Do not retry the transaction. B-8

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 3802 R The transaction was not completed successfully. Please retry the transaction. 3803 D The transaction attempt failed. Do not retry the transaction. Please contact Technical Support for more information. 3804 M You have attempted to refund a payment transaction that is not in a completed state. Do not retry the transaction. 3805 M The attempted refund amount exceeds the amount that remains available for refund. Please verify this parameter and retry the transaction. 3806 D You have attempted a refund, but no amount could be found that was eligible for refund. Do not retry the transaction. 3807 D You have attempted a refund, but a simultaneous refund attempt has been detected. Do not retry the transaction. 3808 D You have attempted a refund, but the transaction was refused by the payment provider. Do not retry the transaction. 3809 D The payment provider for the transaction you attempted denied you permission. Do not retry the transaction. 3810 D The payment transaction is pending due to payment provider fraud-management filters. Do not retry the transaction. 3811 D The request has been cancelled by the customer. 3812 D The cartitem amounts do not equal the totalamount. Do not retry the transaction. 4000 D The transaction was declined by our Risk Management department. 4001 D The card number or email address associated with this transaction is in our negative database. 4002 D The transaction was declined by our Risk Management department. 5000 M Your merchant account authentication failed. Either your store ID/password are invalid or the IP address from which you are sending the transaction has not been authorized. Please verify these parameters and retry the transaction. Please contact Technical Support if the error persists. 5001 M You submitted an invalid currency code with your request. Please verify this parameter and retry the transaction. 5002 M You submitted an invalid payment method with your request. Please verify this parameter and retry the transaction. 5003 C You submitted an invalid amount with your request. Please verify this parameter and retry the transaction. 5004 M You submitted an invalid account type with your request. Please verify this parameter and retry the transaction. 5005 M You submitted an invalid operation type with your request. Please verify this parameter and retry the transaction. 5006 M You submitted an invalid personal ID type with your request. Please verify this parameter and retry the transaction. 5007 M You submitted an invalid product type with your request. Please verify this parameter and retry the transaction. 5008 M You submitted an invalid carrier with your request. Please verify this parameter and retry the transaction. API Reference Guide for Web Services 1.0 B-9

Response Codes June 2015 5009 M You submitted an invalid ship method with your request. Please verify this parameter and retry the transaction. 5010 M You submitted an invalid ID country with your request. Please verify this parameter and retry the transaction. 5011 M You submitted an invalid order date and time with your request. Please verify this parameter and retry the transaction. 5012 M You submitted an invalid ship country parameter with your request. Please verify this parameter and retry the transaction. 5013 M You submitted an invalid ship state parameter with your request. Please verify this parameter and retry the transaction. 5014 M You submitted an invalid transaction type with your request. Please verify this parameter and retry the transaction. 5015 M At least one of the parameters in your request exceeds the maximum number of characters allowed. Please verify your parameters and retry the transaction. 5016 M Either you submitted an invalid merchant account or the merchant account could not be found. Please verify this parameter and retry the transaction. Please contact Technical Support if the error persists. 5017 D The merchant account submitted with your request is not enabled. Do not retry the transaction. Contact Technical Support for more information. 5018 M You submitted a request that either is missing a field or contains an invalid field. 5019 D There is no processor set up for the merchant account submitted with your request. Do not retry the transaction. Contact Technical Support for more information. 5020 M The currency type included with your request does not match the currency type of your merchant account. Please verify your parameters and retry the request. 5021 D Your transaction request has been declined. Please verify the transaction details before you attempt this transaction again. Should you require more information, please contact Technical Support. 5022 M You submitted a request that is missing search criteria. Please verify your parameters and retry the transaction. 5023 M The request is unparsable. Table B-1: Response Codes (Continued) Response Code Action Description 5024 M You submitted an invalid ID expiry date for this request. Please verify this parameter and retry the transaction. 5025 M The search criteria you submitted is currently not supported. Please verify your search criteria and retry. 5026 M The Web Services API does not currently support credit card transactions. Please verify your parameters and retry your transaction. 5027 M You submitted an invalid risk service name with your transaction request. Please verify your parameters and retry your transaction. 5028 M You submitted a batch file with the same file name, file size, and number of entries within the last 24 hours. 5029 M You submitted an improperly formatted batch file. 5030 M You submitted a batch file that has exceeded the maximum number of rows allowed. 5031 M The transaction you have submitted has already been processed. B-10

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 5032 C You submitted an invalid city with your request. Please verify this parameter and retry the transaction. 5033 C You submitted an invalid country with your request. Please verify this parameter and retry the transaction. 5034 C You submitted an invalid email address with your request. Please verify this parameter and retry the transaction. 5035 C You submitted an invalid name with your request. Please verify this parameter and retry the transaction. 5036 C You submitted an invalid phone number with your request. Please verify this parameter and retry the transaction. 5037 C You submitted an invalid zip/postal code with your request. Please verify this parameter and retry the transaction. 5038 C You submitted an invalid state/province with your request. Please verify this parameter and retry the transaction. 5039 C You submitted an invalid street with your request. Please verify this parameter and retry the transaction. 5040 D Your merchant account is not configured for the transaction you attempted. Please contact Technical Support for more information. 5041 M You submitted an invalid merchantdata parameter. Please verify this parameter and retry the transaction. 5042 M The merchant reference number is missing or invalid or it exceeds the maximum permissible length. Please verify this parameter and retry the transaction. 5043 M You submitted an invalid account open date with your request. Please verify this parameter and retry the transaction. 5044 M You submitted an invalid customer ID with your request. Please verify this parameter and retry the transaction. 5045 M You submitted an invalid customer IP address with your request. Please verify this parameter and retry the transaction. 5046 M You submitted an invalid merchant SIC code with your request. Please verify this parameter and retry the transaction. 5047 M You submitted an invalid value for the previous customer parameter with your request. Please verify this parameter and retry the transaction. 5048 M You submitted an invalid product code with your request. Please verify this parameter and retry the transaction. 5049 M You submitted an invalid value for user data with your request. Please verify this parameter and retry the transaction. 5050 D An error occurred with your merchant account configuration. Please contact Technical Support. 5051 C You have submitted an invalid confirmation number. Please verify your parameter and retry. 5052 C You have submitted an invalid Zip/Postal code. Please verify your parameter and retry the transaction. 5053 C You have submitted invalid personal ID information. Please verify your parameters and retry the transaction. API Reference Guide for Web Services 1.0 B-11

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 5054 M You cannot submit recurring billing elements with this operation type. Please verify that your request includes the correct operation type and retry the transaction. 5055 M You submitted an invalid ECI value. Please verify this parameter and retry the transaction. 5056 M An ECI value must be provided for 3D Secure authentication. Please verify this parameter and retry the transaction. 5057 M You submitted a credit card brand that does not support 3D Secure authentication. Please verify this parameter and retry the transaction. 5058 M A CAVV value must be provided for 3D Secure authentication. Please verify this parameter and retry the transaction. 5059 M You submitted an invalid value for the currency request service. 5060 M You submitted an invalid recurringindicator parameter with your request. Please verify this parameter and retry the transaction. 5061 M A security check failed while processing this transaction. Please retry the transaction. If the error persists, contact Technical Support. 5062 M You have submitted invalid characters as part of your request. Please verify that all parameters contain only characters that can be URL encoded, and retry the transaction. 5063 M You have submitted an invalid KEYWORD with your request. Please verify this parameter and retry the transaction." 5065 M You have requested an invalid status change transition. 5066 M The external processing gateway for which your merchant account is configured does not support Independent Credits. 5067 M The external processing gateway for which your merchant account is configured does not support Credit Card Payments. 5068 M Either you submitted a request that is missing a mandatory field or the value of a field does not match the format expected. 5071 M You submitted a request that has invalid search parameters. Please verify your parameters and retry the transaction. 5074 M At least one of the parameters in your request is shorter than the minimum number of characters required. Please verify your parameters and retry the transaction. 5075 M At least one of the parameters in your request contains leading/trailing spaces. Please verify your parameters and retry the transaction. 5502 Either the payment token is invalid or the corresponding profile or bank account is not active. 7000 D The address you are trying to create already exists. 7001 M Unable to create address. Try again or contact Technical Support. 7002 M Unable to update address. Try again or contact Technical Support. 7003 M Unable to locate the specified address. 7004 M Unable to load address. Try again or contact Technical Support. 7005 M You have provided an invalid address type. 7006 M Unable to locate addresses for consumer. 7007 M Unable to load addresses. Try again or contact Technical Support. 7010 D The consumer you are trying to create already exists. B-12

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 7011 M Unable to create consumer. Try again or contact Technical Support. 7012 M Unable to update consumer. Try again or contact Technical Support. 7013 M Unable to locate the specified consumer. 7014 M Unable to load consumer. Try again or contact Technical Support. 7015 M You have specified an invalid consumer creation type. 7016 M You have specified an invalid consumer title. 7020 D The contact method you are trying to create already exists. 7021 M Unable to create contact method. Try again or contact Technical Support. 7022 M Unable to update contact method. Try again or contact Technical Support. 7023 M Unable to locate the specified contact method. 7024 M Unable to load contact method. Try again or contact Technical Support. 7025 M You have provided an invalid contact method type. 7026 M Unable to locate contact methods for consumer. 7027 M Unable to load contact methods. Try again or contact Technical Support. 7040 D The payment method you are trying to create already exists. 7041 M Unable to create payment method. Try again or contact Technical Support. 7042 M Unable to update payment method. Try again or contact Technical Support. 7043 M Unable to locate the specified payment method. 7044 M Unable to load payment method. Try again or contact Technical Support. 7045 M You have provided an invalid payment method type. 7046 M Unable to locate payment methods for consumer. 7047 M Unable to load payment methods. Try again or contact Technical Support. 7050 D The billing schedule you are trying to create already exists. 7051 M Unable to create billing schedule. Try again or contact Technical Support. 7052 M Unable to update billing schedule. Try again or contact Technical Support. 7053 M Unable to locate the specified billing schedule. 7054 M Unable to load billing schedule. Try again or contact Technical Support. 7055 M You have provided an invalid payment interval type. 7056 M Unable to locate billing schedules for consumer. 7057 M Unable to load billing schedules. Try again or contact Technical Support. 7058 M Billing amount must be greater than zero. 7059 M Unable to update billing schedule status. Try again or contact Technical Support. 7070 M Unable to execute the search operation. Try again or contact Technical Support. 7080 M Unable to update records. Try again or contact Technical Support. 7090 D The consumer status you are trying to create already exists. 7091 M Unable to create consumer status. Try again or contact Technical Support. API Reference Guide for Web Services 1.0 B-13

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 7092 M Unable to update consumer status. Try again or contact Technical Support. 7093 M Unable to locate the specified consumer status. 7094 M Unable to load consumer status. Try again or contact Technical Support. 7095 M Unable to locate the merchant legal entity. 7096 M Unable to retrieve merchant legal entity. Try again or contact Technical Support. 7097 D An internal error occurred. Response Detail could not be generated. 7098 M You have provided an invalid credit card number. 7100 M The ddstatus you are trying to create for the paymentmethod already exists. 7101 M Unable to create the ddstatus for the paymentmethod. Try again or contact Technical Support. 7102 M Unable to update the ddstatus for the paymentmethod. Try again or contact Technical Support. 7103 M Unable to locate the specified ddstatus for the paymentmethod. 7104 M Unable to load the ddstatus for the paymentmethod. Try again or contact Technical Support. 7107 M The customer profile was successfully created but we were unable to load the email template. 7108 M The ccstatus you are trying to create for the paymentmethod already exists. 7109 M Unable to create the ccstatus for the paymentmethod. Try again or contact Technical Support. 7110 M Unable to update the ccstatus for the paymentmethod. Try again or contact Technical Support. 7111 M Unable to load the ccstatus for the paymentmethod. Try again or contact Technical Support. 8000 M Unable to perform operation. Try again or contact Technical Support. 8001 M You have submitted an invalid request. Please verify your parameters and retry. 8002 M Your request is missing the consumerinfo element. 8003 M Your request is missing a value for the firstname element. 8004 M Your request is missing a value for the lastname element. 8005 M Your request is missing the billingaddress/shippingaddress element. 8006 M Your request is missing billingaddress/shippingaddress information. There is no value for the street element. 8007 M Your request is missing billingaddress/shippingaddress information. There is no value for the city element. 8008 M Your request is missing billingaddress/shippingaddress information. There is no value for the zip element. 8009 M Your request is missing billingaddress/shippingaddress information. There is no value for the country element. 8010 M Your request is missing billingaddress/shippingaddress information. There is no value for the state or region element. 8011 M Your request is missing the contactmethod element. 8012 M Your request is missing a home telephone number or a cell phone number or an email address for the type element. 8013 M Your request is missing the paymentmethod element. 8014 M Your request is missing a value for the id child element of the billingaddress element. B-14

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 8015 M Your request is missing either the card or check child element of the paymentmethod element. 8016 M Your request is missing the card element. 8017 M Your request is missing a value for the cardnum element. 8018 M Your request is missing a value for the cardtype element. 8019 M Your request is missing the cardexpiry element. 8020 M Your request is missing a value for the month element. 8021 M Your request is missing a value for the year element. 8022 M Your request is missing the check element. 8023 M Your request is missing a value for the accountnum element. 8024 M Your request is missing a value for the accounttype element. 8025 M Your request is missing a value for the routingnum element. 8026 M Your request is missing a value for the bankname element. 8027 M Your request is missing a value for the checknum element. 8028 M Your request is missing the billingschedule element. 8029 M Your request is missing a value for the intervalcode element. 8030 M Your request is missing a value for the nextbillingdate element. 8031 M Your request is missing a value for the startdate element. 8032 M Your request is missing a value for the amount element. 8033 M Your request is missing the merchantaccount element. 8034 M Your request is missing a value for the accountnum element. 8035 M Your request is missing a value for the storeid element. 8036 M Your request is missing a value for the storepwd element. 8037 M The credentials supplied with the merchantaccount element could not be validated. 8038 M An internal error occurred. Please retry the request. 8039 M Your request is missing a value for the consumerid element. 8040 M Your request is missing a value for the title element. 8041 M Your request is missing a value for the merchantrefnum child element of the consumerinfo element. 8042 M Your request is missing a value for the street2 element. 8043 M You have submitted an invalid address id element. It does not match the consumerid submitted with the request. 8044 M You have submitted an invalid contactmethod id element. It does not match the consumerid submitted with the request. 8045 M Your request is missing a value for the paymentmethodid element. 8046 M Your request is missing a value for the ccholdername element. 8047 M Your request is missing a value for the merchantrefnum child element of the paymentmethod element. API Reference Guide for Web Services 1.0 B-15

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 8048 M Your request is missing a value for the id child element of the billingschedule element. 8049 M Your request is missing a value for the servicename element. 8050 M Your request is missing a value for the statuscode element. 8051 M Your request is missing a value for the lastdayofthemonth element. 8052 M Your request is missing a value for the merchantrefnum child element of the billingschedule element. 8053 M Your request contains two consumerid elements that don t match. 8054 M You attempted an unsupported operation. 8055 M You have submitted an invalid enddate element. 8056 M You have submitted an invalid issuenumber element. 8057 M You have submitted an invalid statuscode element. 8058 M You have submitted an invalid intervalcode element. 8059 M You have submitted an invalid title element. 8060 M You have submitted an invalid cardtype element. 8061 M You have submitted an invalid accounttype element. 8062 M You have submitted an invalid state element. 8063 M You have submitted an invalid country element. 8064 M You have submitted an invalid startdate element. 8065 M You have submitted an invalid enddate element. 8066 M You have submitted an invalid nextbillingdate element. 8067 M The enddate cannot be before the startdate. 8068 M The nextbillingdate cannot be after the enddate. 8069 M The nextbillingdate cannot be before the startdate. 8070 M You have submitted an invalid cardexpiry element. 8071 M You have submitted an invalid paymentmethod billingaddressid. Either it does not match the consumerid submitted with the request or it is the wrong address type. 8072 M You have submitted an invalid paymentmethod shippingaddressid. Either it does not match the consumerid submitted with the request or it is the wrong address type. 8073 M You have submitted an invalid contactmethod type element. 8074 M You have submitted an invalid paymentmethod id element. It does not match the consumerid submitted with the request. 8075 M You have submitted an invalid billingschedule id element. It does not match the consumerid submitted with the request. 8076 M You have submitted an invalid consumerid element. The consumer specified is not registered with this merchant. 8077 M You have submitted an invalid billingschedule paymentmethodid element. The payment method identified is not registered with this consumer. 8078 D You have submitted a duplicate request within the last 24 hours. B-16

June 2015 Response codes Table B-1: Response Codes (Continued) Response Code Action Description 8079 D You have submitted a file that has already been processed within the last 24 hours. 8080 M You have submitted an invalid record type. It is missing the recurringbillingdetails element. 8081 D You have submitted an empty file. 8082 M You have submitted an invalid request. 8083 M Your request is missing a value for the cvv element. 8084 M You have submitted an invalid cvv element. 8085 M Your request is missing a value for the Merchant Transaction ID element. 8086 M Your request is missing a value for the Transaction ID element. 8087 M You have submitted an invalid accountnum element. 8088 M You have submitted a record with an invalid number of fields. 8089 D You have submitted a file that exceeds the file size limit. 8090 M You have submitted an invalid Transaction Date element. 8091 M You have submitted an invalid ID Expiration element. 8092 M Your have submitted an unsupported transaction type for the Transaction Code element. 8093 M You have submitted an invalid billingschedule element. Your request is either missing a payment- MethodId or missing a new paymentmethod element. 8094 M You have submitted an invalid paymentmethod element. Your request is either missing a billingaddressid or missing a new billingaddress element. 8095 M You have submitted a file that exceeds the limit of 1000 records. 8096 M You have submitted an invalid transactionmode element. Please verify this parameter and retry the transaction. 8100 M Your request is missing a value for the aggregateaccountnum element. 8101 M You have submitted an invalid aggregateaccountnum element. 8102 M You have submitted an invalid Version element. 8103 M You have submitted an invalid storeid element. 8104 M You have submitted an invalid storepwd element. 8105 M You have submitted an accountnum element that is not associated with the aggregateaccount- Num element. 8106 M You have submitted an invalid aggregateaccountnum element. No aggregated accounts were found. 8107 M Your request is missing a value for the intervalvalue element. 8108 M You have submitted an invalid intervalvalue element. 8109 M The intervalvalue element cannot be provided with the defined intervalcode. 8110 M The value for the intervalvalue element must be between 1 and 365. 8112 M You have submitted an invalid merchantaccount element. The merchant account number provided is not set up for Recurring Billing. 8119 M Your request is missing a value for the username element. 8120 M Your request is missing a value for the password element. API Reference Guide for Web Services 1.0 B-17

Response Codes June 2015 Table B-1: Response Codes (Continued) Response Code Action Description 8121 M Your request is missing a value for the customerip element. 8122 M Your request is missing a value for the siteurl element. 8123 M Your request is missing a value for the keyword element. 8124 M Your request is missing a value for the welcomeemail element. 8125 M An internal error occurred. The welcome email could not be generated. 8126 R You have submitted an invalid bank country in your request. Please verify your parameter and retry the transaction. 8127 M Your request is missing a value for the ddmandatereference child element of the billingschedule element. 8128 M You have submitted an invalid mandate reference. Please verify your parameter and retry the transaction. 8129 M You have submitted an invalid financingtype element. Please verify your parameter and retry the transaction. 8130 M You have submitted an invalid plan element. Please verify your parameter and retry the transaction. 8131 M You have submitted an invalid graceperiod element. Please verify your parameter and retry the transaction. 8132 M You have submitted an invalid term element. Please verify your parameter and retry the transaction. 8133 M Your request is missing a value for the processingtype element. 8134 M Your request is missing a value for the applieddate element. 8135 M Your request is missing a value for the echeckid element. 8136 M The purchase transaction that corresponds with the recurring billing record you are trying to create could not be located, probably because more than one purchase was processed on the card. 8137 M Your merchant account is not configured for the transaction you attempted. 8138 M You submitted an invalid email address with your request. 8139 M The routing number length for BACS (Sort Code) should be 6 digits. 8140 M The routing number length for ACH should be 9 digits. 8141 M The routing number length for EFT (Institution ID/Transit Number) should be 8 digits. 8142 M The routing number length for NAB (Bank State Branch) should be 6 digits. 8143 M The routing number length for SEPA (BIC) should not exceed 11 characters. 8144 M The account number length for BACS should be 8 digits. 8145 M The account number length for ACH should not exceed 17 digits. 8146 M The account number length for EFT should not exceed 12 digits. 8147 M The account number length for NAB (Bank State Branch) should not exceed 9 digits. 8148 M The account number length for SEPA (IBAN) should not exceed 34 characters. 9000 D Your transaction request could not be processed because your merchant account has no available child accounts for load balancing. B-18

June 2015 Action codes Table B-1: Response Codes (Continued) Response Code Action Description 9001 D Your transaction request could not be processed because your merchant account has no available child accounts for tier routing. 9002 D Your transaction request could not be processed because your merchant account has no available child accounts for sticky routing. 9003 D Your transaction request could not be processed because your merchant account has no available child accounts for bin country routing. 9004 D Your transaction request could not be processed because your merchant account has no available child accounts for brand routing. 9005 D Your transaction request could not be processed because your merchant account has no available child accounts for keyword routing. Action codes The transaction processor returns an action along with each response code. The meanings for the action codes are as follows: C = Consumer Parameter Error. The consumer has provided incorrect information. Ask the customer to correct the information. D = Do Not Retry M = Merchant Parameter Error. Your application has provided incorrect information. Verify your information. R = Retry Return codes These are the codes used by the online banking e-payment system for identifying the various reasons a check or payment is returned. These codes are generated by customers banks (RDFI) to return items. Table B-2: Return Codes Code IDD01 IDD02 IDD03 IDD04 IDD05 IDD06 IDD10 IDD99 R01 R02 R03 Description Disputed by customer Non-existent bank account No settlement Bank account and account holder do not match Account blocked for direct debit Insufficient funds Unknown Reversal Insufficient Funds Account Closed No Account/Unable to Locate Account API Reference Guide for Web Services 1.0 B-19

Response Codes June 2015 Table B-2: Return Codes (Continued) Code Description R04 Invalid Account Number R06 Returned per ODFI s Request R07 Authorization Revoked by Customer * R08 Payment Stopped or Stop Payment R09 Uncollected Funds R10 Customer Advises Not Authorized * R11 Check Truncation Entry Return R12 Branch Sold to Another RDFI R13 RDFI Not Qualified to Participate R14 Representative Payee Deceased or Unable to Continue in that Capacity R15 Beneficiary or Account Holder Deceased R16 Account Frozen R17 File Record Edit Criteria R18 Improper Effective Entry Date R19 Amount Field Error R20 Non-Transaction Account R21 Invalid Company Identification R22 Invalid Individual ID Number R23 Credit Entry Refused by Receiver R24 Duplicate Entry R25 Addenda Error R26 Mandatory Field Error R27 Trace Number Error R28 Routing Number Check Digit Error R29 Corporate Customer Advises Not Authorized R30 RDFI Not Participant in CK Truncation Program R31 Permissible Return Entry R32 RDFI Non-Settlement R33 Return of XCX Entry R34 Limited Participation DFI R35 Return of Improper Debit Entry R36 Return of Improper Credit Entry R51 Item is Ineligible, Notice Not Provided, Signature Not Genuine, or Item Altered R52 Stop Payment on Item 900 Validation Rejection 901 Insufficient Funds ( RA direct withdrawals only) B-20

June 2015 Return codes Table B-2: Return Codes (Continued) Code Description 902 Cannot Locate Account 903 Stopped/Recalled/Revoked Payment 904 Post-Dated or Date Expired 905 Account Closed 906 Account Transferred 907 No Chequing Privileges 908 Funds Not Free 910 Drawee/Payee Deceased 911 Blocked Account 912 Erroneous or Invalid Account Number 914 Erroneous Drawee/Payee Name 915 Refused by Drawee/Payee 916 Exceeds Funds Transfer Cap 917 Funds Transfer Not Accepted 990 Default by a Financial Institution 998 No Return Agreement *An initially cleared item can be returned as Unauthorized, Authorized, or Authorization Revoked for up to 60 days following the date of Presentment. API Reference Guide for Web Services 1.0 B-21

Response Codes June 2015 B-22

APPENDIX C Geographical Codes Province codes Table C-1: Province Codes Province Alberta British Columbia Manitoba New Brunswick Newfoundland Nova Scotia Northwest Territories Nunavut Ontario Prince Edward Island Quebec Saskatchewan Yukon Code AB BC MB NB NL NS NT NU ON PE QC SK YT API Reference Guide for Web Services 1.0 C-1

Geographical Codes June 2015 State codes Table C-2: State Codes State Code State Code Alabama AL Alaska AK Arizona AZ Arkansas AR California CA Colorado CO Connecticut CT Delaware DE District of Columbia DC Florida FL Georgia GA Hawaii HI Idaho ID Illinois IL Indiana IN Iowa IA Kansas KS Kentucky KY Louisiana LA Maine ME Maryland MD Massachusetts MA Michigan MI Minnesota MN Mississippi MS Missouri MO Montana MT Nebraska NE Nevada NV New Hampshire NH New Jersey NJ New Mexico NM New York NY North Carolina NC North Dakota ND Ohio OH Oklahoma OK Oregon OR Pennsylvania PA Rhode Island RI South Carolina SC South Dakota SD Tennessee TN Texas TX Utah UT Vermont VT Virginia VA Washington WA West Virginia WV Wisconsin WI Wyoming WY United States Federal US International IT Puerto Rico PR U.S. Virgin Islands VI Northern Mariana Is. MP Guam GU American Samoa AS Palau PW Armed Forces Americas AA Armed Forces Europe AE Armed Forces Pacific AP C-2

June 2015 Country codes Country codes Table C-3: Country Codes Country Code Country Code Afghanistan AF Åland Islands AX Albania AL Algeria DZ American Samoa AS Andorra AD Angola AO Anguilla AI Antarctica AQ Antigua and Barbuda AG Argentina AR Armenia AM Aruba AW Australia AU Austria AT Azerbaijan AZ Bahamas BS Bahrain BH Bangladesh BD Barbados BB Belarus BY Belgium BE Belize BZ Benin BJ Bermuda BM Bhutan BT Bolivia BO Bonaire, Sint Eustatius and Saba BQ Bosnia and Herzegovina BA Botswana BW Bouvet Island BV Brazil BR British Indian Ocean Territory IO Brunei Darussalam BN Bulgaria BG Burkina Faso BF Burundi BI Cambodia KH Cameroon CM Canada CA Cape Verde CV Cayman Islands KY Central African Republic CF Chad TD Chile CL China CN Christmas Island CX Cocos (Keeling) Islands CC Colombia CO Comoros KM Congo CG Congo, Democratic Republic of CD Cook Islands CK Costa Rica CR Côte D Ivoire CI Croatia HR Cuba CU Curaçao CW Cyprus CY Czech Republic CZ Denmark DK Djibouti DJ Dominica DM Dominican Republic DO API Reference Guide for Web Services 1.0 C-3

Geographical Codes June 2015 Table C-3: Country Codes (Continued) Country Code Country Code Ecuador EC Egypt EG El Salvador SV Equatorial Guinea GQ Eritrea ER Estonia EE Ethiopia ET Falkland Islands FK Faroe Islands FO Fiji FJ Finland FI France FR French Guiana GF French Polynesia PF French Southern Territories TF Gabon GA Gambia GM Georgia GE Germany DE Ghana GH Gibraltar GI Greece GR Greenland GL Grenada GD Guadeloupe GP Guam GU Guatemala GT Guernsey GG Guinea GN Guinea-Bissau GW Guyana GY Haiti HT Heard and McDonald Islands HM Honduras HN Hong Kong HK Hungary HU Iceland IS India IN Indonesia ID Iran (Islamic Republic of) IR Iraq IQ Ireland IE Isle of Man IM Israel IL Italy IT Jamaica JM Japan JP Jersey JE Jordan JO Kazakhstan KZ Kenya KE Kiribati KI Korea, Democratic People s Republic KP Korea, Republic of KR Kuwait KW Kyrgyzstan KG Lao People s Democratic Republic LA Latvia LV Lebanon LB Lesotho LS Liberia LR Libyan Arab Jamahiriya LY Liechtenstein LI Lithuania LT Luxembourg LU Macau MO Macedonia MK Madagascar MG C-4

June 2015 Country codes Table C-3: Country Codes (Continued) Country Code Country Code Malawi MW Malaysia MY Maldives MV Mali ML Malta MT Marshall Islands MH Martinique MQ Mauritania MR Mauritius MU Mayotte YT Mexico MX Micronesia, Federated States of FM Moldova, Republic of MD Monaco MC Mongolia MN Montenegro ME Montserrat MS Morocco MA Mozambique MZ Myanmar MM Namibia NA Nauru NR Nepal NP The Netherlands NL New Caledonia NC New Zealand NZ Nicaragua NI Niger NE Nigeria NG Niue NU Norfolk Island NF Northern Mariana Islands MP Norway NO Oman OM Pakistan PK Palau PW Palestinian Territory, Occupied PS Panama PA Papua New Guinea PG Paraguay PY Peru PE Philippines PH Pitcairn PN Poland PL Portugal PT Puerto Rico PR Qatar QA Reunion RE Romania RO Russian Federation RU Rwanda RW Saint Barthélemy BL Saint Helena SH Saint Kitts and Nevis KN Saint Lucia LC Saint Martin MF Saint Vincent and the Grenadines VC Samoa WS San Marino SM Sao Tome and Principe ST Saudi Arabia SA Senegal SN Serbia RS Seychelles SC Sierra Leone SL Singapore SG Sint Maarten SX Slovakia (Slovak Republic) SK API Reference Guide for Web Services 1.0 C-5

Geographical Codes June 2015 Table C-3: Country Codes (Continued) Country Code Country Code Slovenia SI Solomon Islands SB Somalia SO South Africa ZA South Georgia and the South Sandwich Islands GS South Sudan SS Spain ES Sri Lanka LK St. Pierre and Miquelon PM Sudan SD Suriname SR Svalbard and Jan Mayen Islands SJ Swaziland SZ Sweden SE Switzerland CH Syrian Arab Republic SY Taiwan TW Tajikistan TJ Tanzania, United Republic of TZ Timor-Leste TL Thailand TH Togo TG Tokelau TK Tonga TO Trinidad and Tobago TT Tunisia TN Turkey TR Turkmenistan TM Turks and Caicos Islands TC Tuvalu TV Uganda UG Ukraine UA United Arab Emirates AE United Kingdom GB United States US United States Minor Outlying Islands UM Uruguay UY Uzbekistan UZ Vanuatu VU Vatican City State (Holy See) VA Venezuela VE Vietnam VN Virgin Islands (British) VG Virgin Islands (U.S.) VI Wallis and Futuna Islands WF Western Sahara EH Yemen YE Zambia ZM Zimbabwe ZW C-6