Function call
Example
Below is an example form using the essential parameters for 3dsecure.cgi.
NOTE: either COF or mitType is used – not both
<form method="post" action="https://payment.architrade.com/cgi-ssl/3dsecure.cgi"> <input type="hidden" name="merchant" Value="98765432"> <input type="hidden" name="amount" Value="100"> <input type="hidden" name="currency" Value="208"> <input type="hidden" name="cardno" value="4711100000000000"> <input type="hidden" name="expmon" Value="06"> <input type="hidden" name="expyear" Value="24"> <input type="hidden" name="cvc" Value="684"> <input type="hidden" name="orderid" Value="myorderid_1234"> <input type="hidden" name="declineurl" value="https://mypage.com/return.pml?status=declined" /> <input type="hidden" name="cancelurl" value="https://mypage.com/return.pml?status=cancelled" /> <input type="hidden" name="accepturl" value="https://mypage.com/return.pml?status=accepted" /> <input type="hidden" name="mitType" value="INSERT_MITTYPE_VALUE" /> <input type="hidden" name="COF" value="yes" /> </form>
Essential input parameters
| Parameter | Description |
|---|---|
|
amount * |
The smallest unit of an amount in the selected currency, following ISO4217 (see the currency list here). Example: Smallest unit for EUR is "cent" thus setting 'amount="150"' leads to the amount being 1,50 EUR
Smallest unit for JPY is "yen" thus setting 'amount="150"' leads to the amount being 150 JPY |
|
accepturl * |
The URL of the page to be displayed if the purchase is approved. You cannot use parameters in the URL. Example. ”?X=4&Y=2” The URLs have to be ”clean". |
|
cancelurl * |
The URL of the page to be displayed if the purchase is cancelled. |
|
cardno * |
Returns the full card number where all but the last 4 digits are masked. |
| currency * |
Currency is defined using the ISO4217 standart (see the currency list here). Both numeric and upper case letter codes are accepted. currency="SEK"
currency="752" |
| cvc * |
Card Verification Code |
| declineurl * |
The URL of the page to be displayed if the purchase is denied. |
|
expyear * |
Card expiry year in one or two digits, e.g. 06 or 6 for 2006. |
|
expmon * |
Card expiry month in one or two digits, e.g. 01 or 1 for january. |
|
md5key * |
This variable enables a MD5-key control of the values received by Nets. This control confirms that the values sent to Nets has not been tampered with during the transfer. See how MD5 is calculated here Note: When using MD5, the order id must be unique. |
| merchant * |
Shop identification. The Merchant number appears in the e-mail received from Nets during registration with Nets or on your contract. |
| orderid * |
The shop’s order number for this particular puchase. It can be seen later when payment is captured, and will in some instances appear on the customer’s bank statement (both numerals and letters may be used). |
| textreply * |
Should be declared to receive the returned message in simple text format. |
* Mandatory parameters
Optional input parameters
| Parameter | Description |
|---|---|
| HTTP_COOKIE |
Cookies/sessions which are to be sent to callbackurl. Must be sent along if you are using callbackurl and depend on cookies/sessions for keeping track of the user. |
| account |
If multiple departments utilize the same Nets account, it may be practical to keep the transactions separate at Nets. An account name may be inserted in this field, to separate transactions at Nets. To get an account, please contact the Nets sales department. |
| acquirerinfo |
The information added here will appear on the card holders bank statement for Handelsbanken transactions. (Cekab/Evry) |
| callbackurl |
An optional ”server-to-server” call which tells the shop’s server that the payment was a success. Can be used for many purposes, the most important of these being the ability to register the order in your own system without depending on the customer’s browser hitting a specific page of the shop. See also HTTP_COOKIE. You cannot use parameters in the URL, e.g. ”?X=4&Y=2”. The URL’s have to be ”clean”. |
| capturenow |
If this field exists, a capture request is automatically carried out after the authorization, following the normal capture process of the specific acquirer. If a transaction is marked as suspect, the automatic capture request is cancelled and you need to handle the capture. If used, the order id has to be unique at all times. |
| delivery1..deliveryN |
Complex order information. If both simple and complex order information (ordertext) is declared, the simple order information is then ignored. This information is stored in the Nets administration interface. |
| fullreply |
If this variable is set, all variables will be returned (as defined in the Nets admin). Note: This only works when used together with textreply. |
| ip |
Nets retains the IP-address from which a card transaction is carried out. The IP-address is used for ’fraud control’, etc. Some implementations may send the IP-address of the shop to Nets rather than that of the customer's machine. In order to provide the same services to shops which utilize such a program for their Nets hookup, we offer the option of sending the “ip” parameter. |
|
notifyurl |
Some acquirers might take a period of time before the payment is accepted. This parameter can be used to specify a callback URL to get a response at a later time when the transaction is either accepted or declined. |
| ordertext |
Simple order information sent to Nets in one text string. This information is displayed in the Nets Admin interface. |
| ordline0-1.. ordlineN-M |
This parameter is part of complex order information. If both complex and simple order information [ordertext] is declared, the simple order information will be ignored. This information is displayed in the Nets administration interface. It is a requirement that the number of fields be identical in all lines of the order (eg. if there are four fields in the first line, the remaining lines must also contain four fields). |
| COF |
Input: yes or no The COF (Card-On-File) parameter is used to store the creditcard to be used for future payments - scenario: 2 see: https://www.dibspayment.com/sca. A future COF payment can only be initiated by the cardholder, either viaFlexwin or 3dsecure.cgi. This is called a CIT (Cardholder Initiated Transaction). Ticket_auth.cgi cannot be used for processing future payments initiated with the COF parameter. Nets has to be contacted before this feature can be used. Default is "no", which means a single payment. Creditcard is not stored. (This refers to scenario: 1). |
| mitType |
Type: String The "mitType" parameter is used to store the creditcard info for future payments. A future payment can only be initiated by the merchant (MIT - Merchant Initiated Transaction).. Possible values
(Note: the "preAuth" parameter will default to mitType=RECURRING). A transaction initiated with the mitTypeparameter, cab be used for future transactions via ticket_auth.cgi or the DIBS BULK solution. |
| ticket |
Type: number This parameter can used for processing future payments via the Flexwin Payment Window. The ticket ID refers to a previous stored card based on a initial payment procesed with the COF parameter. The Flexwin Payment window then display a masked creditcard and expiry date. The cardholder is required to enter CVC. This refers to scenario 3 (https://www.dibspayment.com/sca) |
| preauth |
When preauth=true is sent as part of the request to auth.cgi the Nets server identifies the authorisation as a ticket authorisation rather than a normal transaction. Please note that the pre-authorised transaction is NOT available among the transactions in the Nets administration interface. For preauth to work, Nets has to be contacted for activation. When using MD5 the authkey must be calculated from the string transact=12345678&preauth=true&cy=123 NOTE: You cannot use "capturenow" along with "preauth". |
| priceinfo1.. priceinfoN |
This parameter is part of complex order information. If both complex and simple order information is declared, the simple order information is ignored. This information is displayed in the Nets administration interface. |
| test |
When this field is declared, the transaction is not dispatched to the card issuer, but is instead handled by the Nets test environment. When the shop goes live, the test system is normally disabled, and should the shop want to use the test mode at a later date the Nets support can be contacted for reactivation. |
| uniqueoid |
If this parameter is present, the parameter orderid has to be unique compared to all other order-ids used by the merchant. If the orderid isn't unique, the call will be declined by a reason=7. Note: Order numbers can be composed of a maximum of 50 characters (Nets automatically removes surplus characters). |
Return parameters
Payment accepted
When a transaction is successfull the following parameters are always returned to the accepturl.
| Parameter | Description |
|---|---|
| approvalcode |
Returns the approvalcode from the acquirer if available. |
| authkey |
The MD5 check sum for verification of the authenticity of the transaction. This is only returned if an MD5 key is created within the Nets administration (under installation + MD5 keys). You can read more about this here: MD5 key control. Note: When using a payment window and the calcfee function, amount+fee is used as a basis for calculations rather the amount only. |
| transact | The unique Nets identification number for the transaction. |
Parameters returned if the return values are activated in the Nets administration:
Nets recommend that all Return Values are activated.
| Parameter | Description |
|---|---|
|
acquirer |
Returns he acquirer used for the specific transaction. |
|
cardcountry |
Returns the nationality of the card in "ISO 3166-1 alpha-2" standard |
|
cardexpdate |
Returns the expire date of the card in the fomat "yymm" |
|
cardnomask |
Returns the full card number where everything except the last 4 ciffor is masked. |
|
cardprefix |
Returns the 6-ciffor prefix of the card used in the transaction. |
|
enrolled |
Returns the status of 3D-enrollment in boolean (true/false). |
|
merchantid |
Returns the acquirer agreement ID. |
|
paytype |
Returns the type of payment the customer has used for a particular payment. |
| severity |
Is returned if fraud control has noted the transaction as a potential fraud, if there is a subscription to fraud control and if this is activated in the administration interface. The higher the amount, the more questionable the transaction. We generally recommend closer checks of transactions with severity > 5. Activated in the Nets administration: Integration / Fraud Protection
|
| suspect |
Is returned if there is a subscription to fraud control and this is activated in the administration interface (in such a case, this may have the value ”true”). Activated in the Nets administration in: Integration / Fraud Protection
|
|
merchant, amount... |
All parameters sent in the call are returned in the response. |
| ?X=4&Y=2... |
All custom parameters defined by the shop, is returned. Reserved words cannot be used as custom parameters. If several parameters are declared, it should be noted that browsers use various maximum lengths of query-strings (eg. 2083 characters for IE). |
Return parameters
Payment declined
When the payment is declined, the following parameters are always returned:
| Parameter | Description |
|---|---|
| reason | Returns the reason why the payment is declined. See the reason list here |
Parameters returned if the return values is activated in Nets admin:
Nets recommend that all Return Values are activated.
| Parameter | Description |
|---|---|
|
merchant, amount... |
All parameters sent in the call are returned in the response. |
|
?X=4&Y=2... |
All custom parameters defined by the shop are returned. Reserved words cannot be used as custom parameters. If several parameters are declared, it should be noted that browsers use various maximum lengths of query-strings (eg. 2083 characters for IE). |