Bank Link Technical Description



Similar documents
Bank Link Technical Description

Bank link technical specifications. Information for programmers

AS DNB banka. DNB Link specification (B2B functional description)

This Annex uses the definitions set out in the Agreement on service of payment cards on the Internet (hereinafter the Agreement).

MONETA.Assistant API Reference

E-payment. Service description

OMA SAVINGS BANK S ONLINE PAYMENT SERVICE

QIWI Wallet Pull Payments API

Paynow 3rd Party Shopping Cart or Link Integration Guide

Global Transport Secure ecommerce. Web Service Implementation Guide

ipayment Gateway API (IPG API)

Online signature API. Terms used in this document. The API in brief. Version 0.20,

Order Notifications - reporting a payment status

Buckaroo Payment Engine 3.0 Implementation Manual HTML gateway

Netswipe Processing Implementation

SVEA HOSTED SERVICE SPECIFICATION V1.13

SmarterMeasure Inbound Single Sign On (SSO) Version 1.3 Copyright 2010 SmarterServices, LLC / SmarterServices.com PO Box , Deatsville, AL 36022

Korean Cyber Payment Services

PaperCut Payment Gateway Module PayPal Website Payments Standard Quick Start Guide

Specify the location of an HTML control stored in the application repository. See Using the XPath search method, page 2.

COMMERCIAL-IN-CONFIDENCE

Transaction Inquiries

Account Management System Guide

Server and Direct Shared Protocols

PAY BUTTON USER GUIDE PAY BUTTON USER GUIDE. Version: 1.2

Using etoken for Securing s Using Outlook and Outlook Express

Shopping Cart Interface Version 1.03

Displaying SSL Certificate and Key Pair Information

Three Step Redirect API V2.0 Patent Pending

Payment authorization Payment capture Table 1.3 SET Transaction Types

Hosted Credit Card Forms Implementation Guide

Secure Envelope specification

.NET Standard DateTime Format Strings

HireDesk API V1.0 Developer s Guide

SSO Eurécia. and external Applications. Purpose

Paytrail Oyj! Channel interface API! Channel model! Channel model description! Interface description!

Hal E-Bank Foreign payments (Format of export/import files)

D a n s k e B a n k M e s s a g e I m p l e m e n t a t i o n G u i d e. M a s t e r C a r d C o r p o r a t e C a r d T r a n s a c t i o n s

ANZ egate Virtual Payment Client

ideal Merchant Integration Guide

Secure XML API Integration Guide. (with FraudGuard add in)

MiGS Virtual Payment Client Integration Guide. July 2011 Software version: MR 27

Introduction...3 Terms in this Document...3 Conditions for Secure Operation...3 Requirements...3 Key Generation Requirements...

Server-to-Server Credit Card Implementation Guide

I. Payment request by WEB merchant II. Payment request by WEB merchant (direct credit card payment) III. Payment request - "Free transfer"

eway AU Hosted Payment Page

ASCII file structure, FORM #044 File TSD.txt Identifier, data record, data lines #044 Form TSD with annexes #0. . Taxpayer's registration number

Network Merchants Inc (NMI) Integration Resources. Direct Post API Documentation April 2010

<option> eggs </option> <option> cheese </option> </select> </p> </form>

MyGate Response Codes. Version 2.1

Webair CDN Secure URLs

Unitel. Payments in EDI/4 format July 2015

POP BANK S ONLINE PAYMENT SERVICE

Securing Adobe PDFs. Adobe - Certified Document Services Registration Authority (RA) Training. Enterprise Security. ID Verification Services

AliPay International Services

GTPayment Merchant Integration Manual

PLATBA 24 Implementation Manual. Date: December 18, 2014 Version: 1.49

Web Services Credit Card Errors A Troubleshooter

DIRECT INTEGRATION GUIDE DIRECT INTEGRATION GUIDE. Version: 9.16

Doing Business with Serco - A Suppliers Guide

HMRC Secure Electronic Transfer (SET)

Adobe Digital Signatures in Adobe Acrobat X Pro

MERCHANT SERVICE APPLICATION

PaperCut Payment Gateway Module - RBS WorldPay Quick Start Guide

Aliun Server Load Balancer API Reference Version

Microsoft Dynamics GP. SmartList Builder User s Guide With Excel Report Builder

Magensa Services. Administrative Account Services API Documentation for Informational Purposes Only. September Manual Part Number:

GP webpay web services Standard WS

PROCESS TRANSACTION API

Bank and SecurePay Response Codes

JAVASCRIPT AND COOKIES

OpenADR 2.0 Security. Jim Zuber, CTO QualityLogic, Inc.

LiteCommerce Authorize.Net Module. Version 2.4

Gateway Direct Post API

IBM i Version 7.3. Security Digital Certificate Manager IBM

Detailed Specifications

MERCHANT API INTEGRATION MANUAL. Version: 2.16 <March 2016 >

How to Use Certificates for Additional Security

Process Transaction API

Cryptography and Network Security

The Vetuma Service of the Finnish Public Administration SAML interface specification Version: 3.5

MERCHANT SERVICE AGREEMENT

Java SFA merchant integration guide

Deutsche Bank Paper Invoice Submission and Compliance Requirements Manual (PO and Non PO) India Region

DeltaPAY v2 Merchant Integration Specifications (HTML - v1.9)

TERMS AND CONDITIONS OF PAYMENT ORDER IN FOREIGN EXCHANGE TRANSACTIONS AT PKO BP SA BANK

MySagePay. User Manual. Page 1 of 48

Web Services Credit Card Errors A Troubleshooter

Technical documentation

Welcome to the topic on approval procedures in SAP Business One.

Automatic transfer of funds

Documentation to use the Elia Infeed web services

Regulation on the procedure and conditions for payment of tax liability by compensation

Transcription:

Bank Link Technical Description QUERIES 2 Queries from the merchant to the bank 2 Queries from the bank to the merchant 2 FINDING THE VK_MAC CONTROL CODE 3 QUERY SPECIFICATIONS 4 Query "1001 4 Query "1002 4 Query "1101 5 Query "1901 5 Query 4001 6 Query "3002 6 Query 4002 7 Query "3003 7 EXCHANGE OF PUBLIC KEYS 8 1

Queries Queries are HTTP GET or POST queries with specified parameters. Each query contains a service number. Each service has a unique list of parameters and its own algorithm for handling the query. By content, the service number is the algorithm number of query handling. All parameters whose field names do not begin with VK_ must be ignored. Parameters that are requested by the service but are missing, are counted as empty fields. In the amount parameters dot. Is used as decimal separator. Thousands separator is not used. Dates are presented in the format "DD.MM.YYYY," e.g. 17.02.2001 The time is indicated in the format "hh24:min:sec," e.g. 17:02:59 The length of the value of the parameter must not exceed that which is prescribed in the specifications. Upon exceeding the length, a query is not processed. The values of parameters can be shorter than the permitted maximum length. Missing places are not filled in. The spaces at the beginning and at the end of the value of a parameter are removed. An error message is sent in reply to queries that do not match the specifications and are invalid. Operations to be performed on the basis of a query are carried out pursuant to the general requirements of the service (requirements of payment orders, etc.). Merchant specifies the query encoding using VK_ENCODING parameter, supported encodings are UTF-8 and ISO-8859-1. Bank always replies using the encoding specified by merchant. If encoding is not explicitly specified, ISO-8859-1 is used by default. Queries can be divided into merchant or bank queries according to their originator. Queries can be divided into those that require a reply and that do not require a reply. According to the purpose, queries are divided as follows: 1xxx initiation of transactions 3xxx identification queries Queries from the merchant to the bank Queries from the merchant to the bank are meant for the direction and/or assistance of the customer in the performance of an operation, e.g. a payment order. Each query corresponds to one service. The presented parameters are verified according to the service. The list of parameters of a query and the order depends on the service used. The bank replies to the queries that require a reply after having completed the customer's operation. As a rule, a reply contains the details of the operation and a notice about whether it was successful. Queries from the merchant to the bank are directed to the URL: https://www.swedbank.ee/banklink Queries from the bank to the merchant As a rule, queries from the bank to the merchant are replies to the previous queries of the merchant. At the same time the client may initiate a query from the Bank to a merchant by entering the merchant's page through the E-services page on the Internet bank. 2

Finding the VK_MAC control code Verification of the electronic signature used in queries, VK_MAC, takes place on the basis of the agreed algorithm VK_VERSION. Only version 008 is currently used. VK_MAC is given as the query s parameter value in the BASE64 encoding. Version 008 The value of the MAC008 function is calculated using the public key algorithm RSA. Values of empty fields are taken into account as well 000. MAC008(x 1,x 2,,x n ) := RSA( SHA-1(p(x 1 ) x 1 p(x 2 ) x 2 p( x n ) x n ),d,n) Where: is an operation of adding the string x 1, x 2,, x n are the query parameters p is a function of the parameter length. The length is a number in the form of a three-digit string d is the RSA secret exponent n is the RSA modulus The signature is calculated in accordance with the PKCS1 standard (RFC 2437). Example Let us take a query with the following parameters: VK_SERVICE= 1002 VK_VERSION= 008 VK_SND_ID= TRADER VK_STAMP= 1234567890 VK_AMOUNT= 1.99 VK_CURR= LVL VK_REF= 01012001-001 VK_MSG= Payment for a good XXXXXX The signature is calculated from the following data row which comprises the following elements (the number of the symbols of the parameter values and the value of the parameter itself): 0041002" 003008 006TRADER 0101234567890 0041.99 003LVL 01201012001-001 025Payment for a good XXXXXX in one row: 0041002003008006TRADER01012345678900041.99003LVL01201012001-001025Payment for a good XXXXXX 3

or if the VK_MSG parameter is empty, the result: 0041002003008006TRADER01012345678900041.99003LVL01201012001-001000 Query specifications NB! A URL with parameters cannot be used in the VK_RETURN field. Query "1001" The merchant sends to the Bank the details of a signed payment order which the client cannot change on the Internet bank. After a successful payment the query 1001 is made for the merchant and, in the case of a failed payment, the query 1901. 1 VK_SERVICE 4 Service number (1001) 3 VK_SND_ID 10 ID of the author of the query (merchant's ID) 4 VK_STAMP 20 Query ID 5 VK_AMOUNT 17 Amount payable 6 VK_CURR 3 Name of the currency in the ISO 4217 format (EUR, etc.) 7 VK_ACC 16 Recipient s invoice number 8 VK_NAME 70 Recipient s name 9 VK_REF 20 Payment order reference number 10 VK_MSG 300 Description of payment order - VK_RETURN 60 URL where the transaction response query is sent (1101, 1901) Query 1002 The merchant sends to the Bank the details of a signed payment order which the client cannot change on the Internet bank. After a successful payment the query 1101 is made for the merchant, in the case of a failed payment the 1901 package. The details of the recipient are taken from a bank link agreement. 1 VK_SERVICE 4 Service number (1002) 3 VK_SND_ID 10 ID of the author of the query (merchant's ID) 4 VK_STAMP 20 Query ID 5 VK_AMOUNT 17 Amount payable 6 VK_CURR 3 Name of the currency in the ISO 4217 format (EUR, etc.) 7 VK_REF 20 Payment order reference number 4

8 VK_MSG 300 Description of payment order - VK_RETURN 60 URL where the transaction response query is sent (1101, 1901) Query 1101 Used for replying about the execution of a domestic payment order. No Field. Length Description 1 VK_SERVICE 4 Service number (1101) 3 VK_SND_ID 10 ID of the author of the query (Bank's ID) 4 VK_REC_ID 10 ID of the author of the query (merchant's ID) 5 VK_STAMP 20 Query ID 6 VK_T_NO 5 Payment order number 7 VK_AMOUNT 17 Amount paid 8 VK_CURR 3 Name of the currency in the ISO 4217 format (EUR, etc.) 9 VK_REC_ACC 16 Recipient s invoice number 10 VK_REC_NAME 30 Recipient s name 11 VK_SND_ACC 16 Remitter's account number 12 VK_SND_NAME 40 Remitter's name 13 VK_REF 20 Payment order reference number 14 VK_MSG 300 Description of payment order 15 VK_T_DATE 10 Payment order date - VK_AUTO 1 Y= reply automatically sent by the Bank. N= reply by moving the customer to the merchant s page. Query 1901 Used for notifying of a failed transaction. 1 VK_SERVICE 4 Service number (1901) 3 VK_SND_ID 10 ID of the author of the query (Bank's ID) 4 VK_REC_ID 10 ID of the author of the query (merchant's ID) 5 VK_STAMP 20 Query ID 6 VK_REF 20 Payment order reference number 5

7 VK_MSG 300 Description of payment order - VK_AUTO 1 N=reply by moving the customer to the merchant s page. Query 4001 A package sent by the merchant for identification of the user. The service is available to merchants who have entered into a respective agreement. 1 VK_SERVICE 4 Service number (4001) 3 VK_SND_ID 10 ID of the author of the query (Merchant ID) 4 VK_REPLY 4 Code of the expected reply package (3002) 5 VK_RETURN 60 Merchant s URL where to reply 6 VK_DATE 10 Query generation date 7 VK_TIME 8 Query generation time Query 3002 The user s identifier and the date and time of generation of the package are sent to the merchant. The VK_INFO field contains name-value pairs separate by a semi-colon, e.g. "NAME:value". For instance, "PERSON:37508166516;NAME:JOHN DOE". 1 VK_SERVICE 4 Service number (3002) 3 VK_USER 16 Agreed user identifier 4 VK_DATE 10 Query generation date 5 VK_TIME 8 Query generation time 6 VK_SND_ID 10 ID of the author of the query (Bank's ID) 7 VK_INFO 300 Field containing the personal data of the user 6

Query "4002" A package sent by the merchant for identification of the user. The service is available to merchants who have entered into a respective agreement. Response query is 3003. Jrk Välja nimi Pikkus Kirjeldus 1 VK_SERVICE 4 Service number (4002) 3 VK_SND_ID 10 ID of the author of the query (Merchant ID) 4 VK_REC_ID 10 ID of the receiver of the query (Bank ID HP ) 5 VK_NONCE 50 Unique security code generated by query author 6 VK_RETURN 150 Merchant s URL where to reply - VK_MAC 700 Control code or signature Query "3003" The user s identifier and the date and time of generation of the package are sent to the merchant. The VK_INFO field contains name-value pairs separate by a semi-colon, e.g. "NAME:value". For instance, "PERSON:37508166516;NAME:JOHN DOE". For security reasons merchant should compare the VK_NONCE parameters. Jrk Välja nimi Pikkus Kirjeldus 1 VK_SERVICE 4 Service number (3003) 3 VK_SND_ID 10 ID of the author of the query (Bank ID HP ) 4 VK_REC_ID 10 ID of the receiver of the query (Merchant ID) 5 VK_NONCE 50 A copy of the VK_NONCE from the 4002 query 6 VK_INFO 300 Field containing the personal data of the user - VK_MAC 700 Control code or signature 7

Exchange of public keys Public keys are exchanged upon entry into the agreement. We use PEM keys/certificates corresponding to the X.509 standard.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information