GP webpay - service description



Similar documents
GP webpay - Practical Examples

GP webpay web services Standard WS

GP webpay: Practical Examples

Merchant Account Service

Frequently Asked Questions

Global Transport Secure ecommerce Decision Tree

3D Secure safe on-line shopping with your payment card

The DirectOne E-Commerce System

Cardholder Authentication Guide. Version 4.3 August 2013 Business Gateway

3D Secure Code: Shop Safely Online

Merchant Operating Guide

The Wells Fargo Payment Gateway Business Center. User Guide

ROAMpay powered by ROAM

Setting Up a CyberSource Web Payment Account

Merchant Integration Guide

Contents Error! Bookmark not defined.

Refer to the Integration Guides for the Connect solution and the Web Service API for integration instructions and issues.

Fraud Detection Module (basic)

REDFIN Document Version a

Getting Started with Swipe Checkout

MySagePay. User Manual. Page 1 of 48

Version 15.3 (October 2009)

Contents. 2 Welcome. 20 Settings. 3 Activation Steps. 4 Introduction. 4 Purpose. 20 Offline Mode Change Password. 5 Key Features

Merchant Integration Guide

ONLINE MERCHANT PORTAL USER GUIDE

Blackbaud Merchant Services Web Portal Guide

MasterPass Service Provider Onboarding & Integration Guide Fileand API-Based Merchant Onboarding Version 6.10

Merchant User Manual PAYMENT GATEWAY

DalPay Internet Billing. Technical Integration Overview

Ecommerce Setup Wizard Site Setup Wizards

Risk Management Service Guide. Version 4.2 August 2013 Business Gateway

Wind River Financial iprocess Setup Guide for Android Devices

Processing credit card payments over the internet. The business of getting paid.

Virtual Terminal Guide

UnionPay Online Payment enabled by NAB Transact.

I. Simplifying Payment Processing. II. Authorizing Your Transactions Correctly page 6

Streamline Cardholder Authentication. Avoid being the target of online fraud

Fraud Detection. Configuration Guide for the Fraud Detection Module v epdq 2014, All rights reserved.

Secure Online Payment Verified by Visa and MasterCard SecureCode

Wind River Financial iprocess Setup Guide for IOS Devices

Your gateway to card acceptance.

First Data Merchant Solutions Virtual Terminal & Manager

Elavon Payment Gateway- 3D Secure

Tired of running to the post office and the bank to get your customers payments

Google Payments Terms of Service Buyer (US)

Virtual Terminal & Online Portal

Terms and Conditions. of operation and use of the PayU Payment system

Recurring Credit Card Billing

ANZ Secure Gateway Virtual Terminal QUICK REFERENCE GUIDE NOVEMBER 2015

MASTERCARD SECURECODE ISSUER BEST PRACTICES

*ROAMpay powered by ROAM

ONSITE TRACK EASY Yancoal Contractor Management Portal Portal User Guide: Company Registration. Yancoalcontractors.com.

Merchant User Manual

An introduction to CashFlows and the provision of on-line card acceptance services we provide to Young Enterprise companies

PAYLINE USER GUIDE LOGGING INTO PAYLINE PROCESSING A PURCHASE

Security in connection with card payments. Non-face-to-face transactions (e-commerce/mail and telephone order)

MiGS Merchant Administration User Manual. MiGS User Manual

Implementation guide - Interface with the payment gateway PayZen 2.5

GENERAL TERMS OF MONEY TRANSFER SERVICE Swipe.lv

Your Guide to PayAnywhere

Electronic Payments Part 1

Business Mobile Banking

Virtual Terminal User s Guide

DEBIT and CREDIT CARDS

User Guide: Apple devices

OXY GEN GROUP. pay. payment solutions

MySchoolBucks Parent User Guide

Merchant Console User Manual

MasterCard In tern et Gatew ay Service (MIGS)

How to buy the ticket online

Merchant Administration

STX Beacon User Guide. Credit Card Processing Mobile Devices Mac & Windows OS

mpos Solution A: Visa, MasterCard and JCB are supported. Both Debit & Credit Cards which is supported by any of this Card Type can be accepted.

Virtual Terminal User s Guide

Credit Cards in BillQuick

Registration and PCI DSS compliance validation

Virtual Terminal User s Guide

PayDollar PayGate. Integration Guide (For third party shopping cart platform v1.0)

Contents. 4 Welcome to ATBOnline Business. 5 How to Use This Guide

MyPrint instructions; printing, scanning and copying. version 1.3 EN march 2015

Mobile Pay. for Android TM. *Android Version 4.0 or higher required

Visa Merchant Best Practice Guide for Cardholder Not Present Transactions

My Sage Pay User Manual

Online Shop Frequently Asked Questions

MiGS Merchant Administration Guide. July 2013 Software version: MR 29

Bankwest. Account Access. Conditions of Use 19 May making banking easier

VIRTUAL TERMINAL (OVERVIEW)

Netswipe Processing Implementation

Reach more customers. Take quicker payments. Make it all easier With just one Click.

Security in connection with card payments. Non-face-to-face transactions (e-commerce/mail and telephone order)

ipay88 Recurring Payments V1.0 CHAPTER GUIDE

TERMS OF USE FOR PUBLIC LAW CORPORATION PERSONAL CERTIFICATES FOR QUALIFIED DIGITAL SIGNATURE

PayDollar. Merchant User Guide

MOBILKINCSTAR ONLINE SECURITIES TRADING TERMS AND CONDITIONS OF USE

PayWithIt for Android Devices User Guide Version 1.0.0

Payment Cardholder Data Handling Procedures (required to accept any credit card payments)

MiniPOS and BluePad-50 user manual

PAYLINE USER GUIDE. 1 Logging into Payline. 2 - Processing a Purchase

Transcription:

GP webpay - service description Version: 2.0 Global Payments Europe, s.r.o. Created 15.10.2015 Last update 14.12.2015

Author Dimitrij Holovka Manager Approved by Version 2.0 Confidentiality Confidential Document history: Version Date Author Comments 1.0 15.10.2015 V. Keřka Initial document version GP webpay service description 2.0 15.10.2015 D. Holovka New template, versioning Table of contents 1. Formula clause... 4 2. Introduction... 5 3. Merchant activation overview... 5 3.1 Basic technical specification for the merchant... 5 4. Requesting payments... 5 4.1 Signing a request... 5 4.2 Signing a response... 6 5. 3-D standard... 6 6. Customer payment... 7 6.1 Purchase... 7 6.2 Order creation... 7 6.3 Request receipt and check... 7 6.4 PAN and expiration date insertion request... 7 6.5 Insertion of PAN and expiration... 9 6.6 Card data processing... 9 6.7 Request of authentication services... 9 6.8 Authentication... 9 6.9 Password verification... 9 6.10 Authentication result processing... 9 6.11 Request of authorization services... 9 6.12 Authorization... 9 6.13 Authorization result processing... 9 6.14 Authorization confirmation... 10 6.15 Payment confirmation / unconfirmation... 10 7. Orders administration... 10 7.1 Web interface... 10 7.2 Web services... 10 Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 2 / 16

8. Generating extracts... 10 9. Other features... 11 9.1 Multicurrency... 11 9.2 Recurring payments... 11 9.3 Fastpay... 11 9.4 MasterPass... 12 9.5 MasterCard Mobile... 14 9.6 PUSH payments... 15 Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 3 / 16

1. Formula clause This document including any possible annexes and links is intended solely for the needs of an e- shop service provider (hereinafter referred to as Customer ). Information included in this document (hereinafter referred to as "Information") are subject to intellectual property and copyright protection of the Global Payments Europe, s.r.o. (hereinafter referred to as "GPE") and are of a commercially confidential nature in accordance with the provisions of the section 504 of the Act No. 89/2012 Coll., Civil Code. The Customer is aware of the legal obligations in relation to the handling of Information. Information or any part thereof may not be provided or in any way made available to third parties without the prior written consent of the GPE. At the same time, Information may not be used by the Customer for purposes other than for the purpose for which it serves. To avoid any doubts, without the prior written consent of the GPE, Information or any part thereof may be provided or in any way made available neither to companies providing payment processing services on the Internet. The GPE to the extent permitted by applicable law retains all rights to this document and Information contained therein. Any reproduction, use, exposure, or other publication, or dissemination of Information or its part by methods known and as yet undiscovered without the prior written consent of the GPE is strictly prohibited. The GPE is not in any way responsible for any errors or omissions in Information. GPE reserves the right, without giving any reason, to amend or repeal any Information. Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 4 / 16

2. Introduction GP webpay is an internet payment gateway developed by the Global Payments Europe. This service facilitates e-shops to accept payments made by payment cards issued by VISA, MasterCard, Diners Club, and American Express. GP webpay supports fully the 3-D Secure standard. GP webpay consists of processes and services described below in details. GP webpay main advantages in a nutshell: VISA, MasterCard, Diners Club, and American Express cards acceptance Sophisticated user interface intuitive design, optimization for all mobile devices Advanced features facilitating payments Recurring payments, Fastpay, MasterPass, MasterCard Mobile, PUSH payments Fraud Detection System Highest possible security 3-D Secure Web Services integration of administrative interface into merchant s systems, recurring payments Consultations and support by a team of experts implementation and operation 3. Merchant activation overview A merchant makes a contract with a bank on acceptance of payment cards on the Internet. The bank then asks GPE for introduction of the merchant into systems (order form). The merchant gets from GPE access to the test environment, where all documentations and guidelines for successful implementation are downloadable. Test environment is active for all the time, when there is the contract between the merchant and the bank, so there is e.g. a possibility to test new versions of e- shop. After some transactions are made successfully in the test environment, the merchant is activated for production. 3.1 Basic technical specification for the merchant Basic technical specification for the merchant can be downloaded at: http://www.gpwebpay.cz/en/download 4. Requesting payments 4.1 Signing a request GP webpay accepts only requests, by which can be documented that the originator of the request is an authorized body, i. e. the merchant having a valid contract with the bank on providing GP webpay service. To prove the origin of the request serves the DIGEST field. Its content is calculated on the basis of: Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 5 / 16

the sent data it proves that the content of individual fields has not been changed on the way to the system, and the private key - it proves that the request origins from the given merchant. When signing the contract, the merchant generates a pair of keys private/public key. The merchant stores the private key safely and the public key forwards by e-mail to GPE. This key will be stored in the GPE database and before any request is accepted from the merchant, it will be checked in the GP webpay by means of the public key, if the request is signed by the merchant s private key. The DIGEST field included in the forwarded data messages contains electronic signature of all the other fields of the message. This signature ensures integrity and undeniableness of the forwarded message. 4.2 Signing a response All the responses from the GP webpay contain the DIGEST field as well; its content is calculated on the basis of: the data contained in the response, and the GP webpay private key. When signing the contract, the merchant is provided by the GP webpay public key that serves for verification of the contents of the DIGEST field. This way enables the sender of the request to verify that: the response really comes from GP webpay, and the response has not been changed on the way to the merchant. 5. 3-D standard Considering the easy misuse of payments made by payment cards on the Internet, GP webpay supports 3-D Secure standard defined by the VISA, MasterCard, and American Express associations. This standard defines a supplementary mechanism of verification of a cardholder, and at the same time it is providing all the parties (cardholder, merchant, card issuer, acquirer bank) with incomparably higher guarantees compared to non-authenticated payments. After receiving a request to make a payment by a payment card, sends a request to authenticate the cardholder to the 3-D system operated by the VISA, MasterCard, and American Express associations and on the basis of the result of the authentication, GP webpay either approves or declines further processing. GP webpay system sends to the authorization centre only requests for which the cardholder s bank will not be able to claim refund due to a non-authenticated request. Once the card issuer s 3-D system authenticates the cardholder s identity, it also commits itself not to deny the validity of the Internet electronic transaction and claim refund from the merchant. This procedure also makes it possible to eliminate fraud attempts when the cardholder is not successfully authenticated due to incorrect authentication data, in which case the transaction will Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 6 / 16

not continue. If it turns out any time during the processing of the order that the issuer or the cardholder is not connected to the 3-D system, GP webpay receives information about the type and level of verification. Based on this information, GP webpay decides whether the transaction can continue and a request can be sent to the authorization centre or not. As regards VISA, MasterCard, and American Express payment products, responsibility for transaction in case of 3-D transaction is fully on the part of the card issuer. It means that if the merchant is ready to accept payment by means of the 3-D system, however the card issuer does not participate in the 3-D system, or the card issuer has not introduced the card into its 3-D system, then non-verification of the transaction is caused by the issuer and for this reason refund from the merchant cannot be claimed. If the card holder cannot be authenticated, all transactions made by of VISA, MasterCard, and American Express cards are sent to the authorization centre with the respective attribute. Authorization of the order is approved / declined by the card issuer on the basis of received information. 6. Customer payment 6.1 Purchase Cardholder is shopping in e-shop and requires payment by a payment card. 6.2 Order creation The merchant sends a request to GP webpay to create a new order and redirect the cardholder s Internet browser to the GP webpay pages. 6.3 Request receipt and check GP webpay checks the request received. The order is created and the system waits for its completion. 6.4 PAN and expiration date insertion request GP webpay displays a page where sensitive data about the payment card are entered card number (PAN), expiration, CVC2/CVV2. Card payment is simplified by the intuitive GP webpay web interface. Customer s confidence in this payment method is strengthened particularly by using corporate colour scheme for every particular bank providing GP webpay. A big advantage is also the fact that the payment gateway automatically adjusts to all screen sizes depending on the device used (desktop, tablet, mobile) and language settings of the browser. Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 7 / 16

Examples: Displayed on a standard PC (desktop): Displayed on a mobile device: Displayed on a tablet: Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 8 / 16

6.5 Insertion of PAN and expiration On the GP webpay pages the cardholder enters sensitive information and confirms his/her payment request. 6.6 Card data processing GP webpay processes the data received about the payment card. 6.7 Request of authentication services GP webpay sends a request for authentication of the card holder to the 3-D system of the relevant financial association (VISA, MasterCard, American Express). This communication regarding 3-D is provided by the MPI software. 6.8 Authentication If the card issuer participates in the 3-D system and cardholder s authentication is required, the cardholder is transferred to the card issuer s 3-D system page to enter the required authentication data (in most cases a one-time password sent by SMS, or other secret information shared with the card issuer). If the card issuer does not participate in the 3-D system, GP webpay receives this information. 6.9 Password verification The card issuer s 3-D system authenticates the cardholder and provides the GP webpay system with the result of authentication. 6.10 Authentication result processing Depending on the result of the cardholder s authentication, GP webpay determines, if the transaction is allowed to continue and to send a request for authorization of the order to the authorization centre. 6.11 Request of authorization services The system sends a request of the order authorization to the authorization centre. 6.12 Authorization Authorization centre processes the request of the order authorization. 6.13 Authorization result processing GP webpay processes the result of the order authorization. Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 9 / 16

6.14 Authorization confirmation The merchant is informed about the result of processing. 6.15 Payment confirmation / unconfirmation The merchant records the result and displays the result of payment to the cardholder. 7. Orders administration 7.1 Web interface Administration of GP webpay is available by means of the standardly provided graphic web user interface. An ordinary merchant has following menu items available in his/her user s interface: Administration: Password change Orders processing: Orders search Deposit orders Search batches Batches closer Deleting pending orders Documentation Log out. 7.2 Web services By means of the Web Services it is possible to integrate on-line communication of merchant s e- shop into the GP webpay system. There are available Web Services supporting all operations except for orders creation. 8. Generating extracts Approx. at 10 p.m. the system automatically generates extracts for every particular bank. These extracts are stored in the relevant directory, then recopied, and via Connect Direct sent to every particular bank. Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 10 / 16

9. Other features 9.1 Multicurrency Every particular bank has defined supported currencies. The merchant can set enable multicurrency" in its system; list of currencies can be adopted from the bank, or it can have its own list. 9.2 Recurring payments GP webpay payment gateway enables to create so called recurring payments according to an already completed order. The first one, the so called registration order is created in a standard way with additional indication that this order is to be considered as a sample for the following recurring payments (parameter USERPARAM1=R). Without this indication it will not be possible to make a recurring payment to this order. Subsequently the merchant has possibility to enter a request for creation of a recurring payment via Web Services (both particular orders and batches). In practice it means that in a moment of creation of a recurring payment the customer is informed by the merchant about its parameters (maximum amount and fervency of payments); the customer has to express his/her agreement with them (this agreement is safely stored by the merchant). After that the customer enters data from the payment card in the GP webpay payment gateway and pays in a standard way (the so called registration order is created). Following purchases (periodic payments or ad hoc payments on customer s request) are already made as recurring payments via Web Services, it means without entering card number in the GP webpay payment gateway; it makes purchase considerably easier particularly via mobile devices. Important notice: Recurring payments are not enabled to be made by Maestro payment card. 9.3 Fastpay Fastpay feature allows the customer at his/her next payment for the same merchant (the customer is registered at the merchant) to have prefilled at the GP webpay payment gateway the number and expiration of the payment card used at the previous order. In practice it means that the customer expresses his/her agreement to the merchant, that the merchant s bank can offer the pre-filled number and expiration of the payment card used at the previous order of this customer and send its number in the FASTPAYID parameter together with request of new payment. The GP webpay payment gateway searches for the order and at the payment gateway it offers the customer with a possibility of payment by the same card as was used for his/her previous order the card number and expiration are prefilled (the card number is hidden behind asterisks, only the last 4 digits are displayed) and the customer enters only CVC2 / CVV2. Example: Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 11 / 16

9.4 MasterPass The MasterPass service is an open system of the MasterCard society for administration of electronic wallets and their use at the Interment payments. Wallets are created by independent certified providers and by means of standardized interface connected to the MasterPass system. In the wallet, there can be put payment cards, but also delivery addresses, and loyalty programs. At shopping in e shop, that fully uses possibilities of MasterPass, the customer does not have to enter manually the card number, neither billing, nor delivery address. Another advantage for the customer is the fact that after choosing a card from the MasterPass wallet, there is no authentication at the card issuer (it is assumed that this type of verification is done at registration of the card for the wallet). It means that at the payment, there is no redirection to the page, where the cardholder is asked to enter the code distributed usually by SMS. It can be expected that for this reason the MasterPass payment will be welcomed particularly by customers using for shopping mobile devices, where is quite uncomfortable to copy the SMS code. MasterPass payment method can be offered to the customer as another payment method on the payment page of the GP webpay payment gateway without any intervention of the merchant (see the example below). To use fully the potential of MasterPass, it can be offered directly at pages of the e shop by means of the button Buy with MasterPass, its appearance and use is defined by MasterPass specification. Possibilities of integration of e-shop with MasterPass and technical Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 12 / 16

aspects of integration are described by technical specification for the merchant GP webpay MasterPass Manual for integration and testing. Detailed information can be found at https://masterpass.com/. Example: Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 13 / 16

9.5 MasterCard Mobile GP webpay payment gateway supports also the MasterCard Mobile service digital wallet enabling easy and safe shopping using mobile. To use the MasterCard Mobile service it is necessary to have an app for mobile devices with ios and Android operation systems, which are free downloadable at Google Play and Appstore. Detailed information can be found at http://www.mastercardmobile.cz/. Example: Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 14 / 16

9.6 PUSH payments PUSH payments are easy, innovative, and comfortable way for initiation of card payment. The merchant can initiate particular payments by means of the GP webpay administrative interface (GUI), or via Web Services. GP webpay produces an order for every requested payment, and produces a short, recallable link, which can be sent to the customer s e-mail, via SMS/MMS, or can be a part of the invoice (hyperlink or QR code). If the customer decides to use the link received for payment, after the link activation or the QR code scan the customer is redirected to the GP webpay payment gateway, where the payment can be made comfortably and securely. The payment link is valid until the standard payment is made by the cardholder. If the cardholder does not enter the card data, the link is recallable. It is possible to set validity of the payment link, or it can be invalidated by the merchant. Main advantages of PUSH payments: Easy creation of a PUSH payment for the merchant the merchant logs in to the GP webpay administrative interface, enters few data regarding payment and sends an e- mail to the customer Comfortable and consistent payment experience for the customer the same procedure as when paying by card in a classic e-shop Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 15 / 16

Instant payment after the link activation the customer is redirected to the GP webpay payment gateway, where the card payment can be made comfortably Link can be recalled link is active until the payment is made successfully, or until expires its validity (as set by the merchant) One of the possible uses of PUSH payments is a card payment for invoices. In this case, the merchant is able to send batch requests of PUSH payments he/she sends WS or uploads a file in GUI. The GP webpay payment gateway produces orders, creates payment links, and returns them to the merchant via WS or the system stores the created links into a file that can be downloaded by the merchant. The merchant himself/herself delivers them to customers, or e.g. adds them to the invoice, see the example below. The customer activates the link on the electronic (PDF) invoice or scan QR code on the paper invoice and the internet browser displays the GP webpay payment gateway for card payment of the invoice. Global Payments Europe, s.r.o., V Olšinách 80/626, 100 00 Praha 10 Strašnice, Česká republika 16 / 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information