Card Services

 

Important notice:
DIBS Payment Window (Flexwin) / Card API

The COF/mitType parameters are not yet activated. It is possible to send them to Flexwin  / Card API with no failures.

Due to acquirer integration dependencies, the 'preAuth' parameter must still be used to store a card for later usage.

The 'COF' and 'mitType' will be available in the very near future.

It is possible to pass 'ticket' parameter to Flexwin / Card API to process subsequent CIT transaction.

Currently CVC must be entered/passed to continue processing the transaction with SCA.

Function call

https://payment.architrade.com/api/payment/card

Card handles card payments and is used when a credit card the user input or a stored credit card (ticket) is to be processed. card handles authentication (3dsecure and Dankort Secured By Nets) and authorization of an amount towards the acquirer. If required, card can store the card number for later use (create a ticket) along with processing the transaction.


A payment window will post a request to card, which will authenticate the transaction by redirecting the browser to the correct authentication method (3dsecure for visa/mastercard/amex or Dankort Secured By Nets for dankort and Visa-Dankort), if required for the transaction.


Card will after a successful authentication, authorize and optionally capture the amount specified and/or store the credit card for later use and return a token for the stored credit card (called a ticket).


When card is done processing it will redirect the browser to the supplied accepturl/declineurl/cancelurl, depending on result.

Example

A single transaction:

<form method="post" action="https://payment.architrade.com/api/payment/card">
  <input type="hidden" name="merchant" Value="98765432">
  <input type="hidden" name="amount" Value="100">
  <input type="hidden" name="currency" Value="208">
  <input type="hidden" name="cardno" value="4711100000000000">
  <input type="hidden" name="expmon" Value="06">
  <input type="hidden" name="expyear" Value="24">
  <input type="hidden" name="cvc" Value="684">
  <input type="hidden" name="orderid" Value="myorderid_1234">
  <input type="hidden" name="declineurl" value="https://mypage.com/return.pml?status=declined" />
  <input type="hidden" name="cancelurl" value="https://mypage.com/return.pml?status=cancelled" />
  <input type="hidden" name="accepturl" value="https://mypage.com/return.pml?status=accepted" />
</form>

A single transaction storing the card for future CIT transactions:

<form method="post" action="https://payment.architrade.com/api/payment/card">
  <input type="hidden" name="merchant" Value="98765432">
  <input type="hidden" name="amount" Value="100">
  <input type="hidden" name="currency" Value="208">
  <input type="hidden" name="cardno" value="4711100000000000">
  <input type="hidden" name="expmon" Value="06">
  <input type="hidden" name="expyear" Value="24">
  <input type="hidden" name="cvc" Value="684">
  <input type="hidden" name="orderid" Value="myorderid_1234">
  <input type="hidden" name="declineurl" value="https://mypage.com/return.pml?status=declined" />
  <input type="hidden" name="cancelurl" value="https://mypage.com/return.pml?status=cancelled" />
  <input type="hidden" name="accepturl" value="https://mypage.com/return.pml?status=accepted" />
  <input type="hidden" name="COF" value="yes" />
</form>

A single transaction storing the card for future recurring transactions:

<form method="post" action="https://payment.architrade.com/api/payment/card">
  <input type="hidden" name="merchant" Value="98765432">
  <input type="hidden" name="amount" Value="100">
  <input type="hidden" name="currency" Value="208">
  <input type="hidden" name="cardno" value="4711100000000000">
  <input type="hidden" name="expmon" Value="06">
  <input type="hidden" name="expyear" Value="24">
  <input type="hidden" name="cvc" Value="684">
  <input type="hidden" name="orderid" Value="myorderid_1234">
  <input type="hidden" name="declineurl" value="https://mypage.com/return.pml?status=declined" />
  <input type="hidden" name="cancelurl" value="https://mypage.com/return.pml?status=cancelled" />
  <input type="hidden" name="accepturl" value="https://mypage.com/return.pml?status=accepted" />
  <input type="hidden" name="mitType" value="RECURRING" />
</form>

A single transaction using a stored card (ticket):

<form method="post" action="https://payment.architrade.com/api/payment/card">
  <input type="hidden" name="merchant" Value="98765432">
  <input type="hidden" name="amount" Value="100">
  <input type="hidden" name="currency" Value="208">
  <input type="hidden" name="ticket" value="TICKET ID">
  <input type="hidden" name="orderid" Value="myorderid_1234">
  <input type="hidden" name="declineurl" value="https://mypage.com/return.pml?status=declined" />
  <input type="hidden" name="cancelurl" value="https://mypage.com/return.pml?status=cancelled" />
  <input type="hidden" name="accepturl" value="https://mypage.com/return.pml?status=accepted" />
</form>

Parameters

Parameter Description

CardInformation
 

  • cardno
  • expmon
  • expyear

or

TicketInformation

  • ticket

Either cardinformation or ticketinfomration must
be passed.

 

cardno - cardnumber

expmon - expiry month

expyear - expiry year

 

ticket - ticket ID for the stored card

cvc Card cvc
mitType

The "mitType" parameter is used to store the creditcard info for future payments initiated by the merchant (MIT - Merchant Initiated Transaction).​

Possible values

  • mitType=RECURRING
  • mitType=UCOF ​
  • mitType=INCREMENTAL

(Note: the "preAuth" parameter will default to mitType=RECURRING).​

A transaction initiated with the mitTypeparameter, can be used for future transactions via ticket_auth.cgi or the DIBS BULK solution.​

COF

boolean: yes/no​

The COF (Card-On-File) parameter is used to store the creditcard to be used for future payments initiated by the cardholder, either via Flexwin or 3dsecure.cgi.

 

This is called a CIT (Cardholder Initiated Transaction).​

  • Ticket_auth.cgi cannot be used for processing future payments initiated with the COF parameter​.
  • DIBS has to be contacted before this feature can be used.
  • Default is "no", which means a single payment. Creditcard is not stored.
amount The smallest unit of an amount in the selected currency, following ISO4217 (see the minor unit list here).
Example:
Smallest unit for EUR is "cent" thus setting 'amount="150"'
leads to the amount being 1,50 EUR
Smallest unit for JPY is "yen" thus setting 'amount="150"'
leads to the amount being 150 JPY
capturenow If this field exists, a capture request is automatically carried out after the authorization,
following the normal capture process of the specific acquirer.
If a transaction is marked as suspect, the  automatic capture request is canceled and you need to handle the capture.
If used, the order id has to be unique at all times
md5key This variable enables an MD5 key control of the values received by DIBS. This control confirms
that the values sent to DIBS has not been tampered with during the transfer. See how MD5
is calculated here.
Note: When using MD5, the order id must be unique.
merchant Shop identification. The Merchant ID appears in the e-mail received from DIBS during registration
with DIBS or on your contract.
orderid The shops order number for a particular purchase.
This is the cross reference between the shop and DIBS (both numerals and letters may be used).
The actual length of the orderid shown on the bank settlement report may differ from acquirer to acquirer
account If multiple departments utilize the same DIBS account, it may be practical to keep the transactions separate at DIBS. An account name may be inserted in this field, to separate transactions at DIBS.
To get an account, please contact the DIBS sales department.
acquirerInfo The information added here will be passed along as ticket information to Cekab/EVRY. It will appear on the card holders bank statement.
calcfee If this parameter is sent with the value "yes", the charge from the acquirer due to the transaction will automatically be calculated and affixed.

Fee calculation method: Fee = Amount * Percent / (100-Percent)

NOTE: To use this parameter you need to contact DIBS Support with the fees you have at your acquirer, as they need to be entered into our system.

More information about using calcfee with surcharge here link

callbackurl An optional (but recommended) ”server-to-server” call. Can be used for many purposes. The most important being that you will be able to register the order in your own system without depending on the customers browser hitting a specific page of the shop. Please refer to the return page documentation for further information.
ip DIBS retains the IP -address from which a card transaction is carried out. The IP -address is used for ’fraud control’, etc. Some implementations may send the IP-address of the shop to DIBS rather than that of the customer's machine. In order to provide the same services to shops which utilize such a program for their DIBS hookup, we offer the option of sending the “ip” parameter.
ticket

This parameter can used for processing future payments via the Flexwin Payment Window.​ The ticket ID refers to a previous stored card based on a initial payment procesed with the COF parameter.​

The Flexwin Payment window then display a masked creditcard and expiry date.​ The cardholder is required to enter CVC​.

test When this field is declared, the transaction is not dispatched to the card issuer, but is instead handled by the DIBS test environment. When the shop goes live, the test system is normally disabled, and should the shop want to use the test mode at a later date the DIBS support can be contacted for reactivation.
uniqueoid If this parameter is present, the parameter orderid has to be unique compared to all other orderid's used by the merchant.
If the orderid isn't unique, the call will be declined
by a reason=7.
accepturl The URL of the page to be displayed if the purchase is approved.

You cannot use parameters in the URL. Example. ”?X=4&Y=2” The URLs have to
be ”clean".

Example:
accepturl ="http://www.yourDomain.com/acceptedPayment?
var1=YES&var2=JohnDoe"

If the payment is accepted, then the customer will be redirected to
"http://www.yourDomain.com/acceptedPayment"

It is recommended (but not required) to use HTTPS.
declineurl The URL of the page to be displayed if the purchase is declined.
cancelurl The URL of the page to be displayed if the purchase is canceled.

 

Parameters returned to the accepturl/declineurl/cancelurl:

Parameters Description
acquirer The acquirer used for the specific transaction
agreement The acquirer agreement ID.
amount The amount without fee.
approvalcode The approvalcode from the acquirer, if available.
authkey The MD5 check sum for verification of the authenticity of the transaction. This is only returned if an MD5-key is created within the administration (under installation + MD5 keys). You may read more about MD5 key control.
Note: When using a payment window and the calcfee function, amount+fee is used as a basis for calculations rather the amount only.
cardcountry Returns the nationality of the card in "ISO 3166-1 alpha-2" standard.
Example:
cardcountry=DK
cardexpdate Returns the expiry date of the card in the fomate "yymm".
cardId Returns a unique hash value for the card used for payment. This hash will be unique for all cards on the same merchant and different for two merchants even though the same card is used. The cardId can be used to check if a card has been used for a previous purchase in the shop.
Note: This feature requires activation by DIBS. Please contact our support if you would like this feature.
cardnomask Card number with no spacing.
Example: cardnomask=XXXXXXXXXXXX1234
cardprefx Returns the 6-digit prefix of the card used in the transaction.
Example: cardprefix=123456
checksum Checksum returns a unique value for the card used for the payment.
The checksum will be the same for the card regardless of which DIBS Merchant ID the transaction is made towards.
currency Returns the currency used in the transaction.
Example:
currency=208
currency=DKK
fee When calcfee is used, the calculated fee is returned so it can be shown on the receipt.
orderid The shop’s order number for this particular purchase. It can be seen later when a payment is captured, and will in some instances appear on the customer’s bank statement (both numerals and letters may be used). The actual length of the orderid shown on the bank settlement report may differ from acquirer to acquirer
severity Is returned if fraud control has noted the transaction as a potential fraud, if there is a subscription to fraud control and if this is activated in the DIBS Administration interface. The higher the number, the more questionable the transaction. We generally recommend closer checks of transactions with severity > 5. Activated in DIBS admin in: Integration / Fraud Protection 
Note: DIBS is not responsible for the use of this service and can not guarantee that all attempts of fraud are caught. Activated in DIBS Admin in "Integration" / "Fraud Protection"
statuscode A value describing the result.
A complete list of possible statuscodes are listed here.
suspect Is returned if there is a subscription to fraud control and this is activated in the administration interface (in such a case, this may have the value ”true”).
Activated in the DIBS Administration in: Integration / Fraud Protection
threeDstatus If the card used to pay is enrolled in 3D secure, this parameter will contain a value corresponding to the following:
ValueDescription0Success: The cardholder completed authentication correctly. Card should be accepted for payment and authentication information passed to authorization processing.1 Attempt: The cardholder is not participating, but the attempt to authenticate was recorded. Card should be accepted for payment and authentication information passed to
authorization processing.2 Failure: The cardholder did not complete authentication and the card should not be accepted for payment.3 Error: A system error prevented authentication from completing.4 Not enrolled: The card was not enrolled.
Note: This only works if you are using a 3D secure agreement with the acquirer.
transact

The unique DIBS identification number for the transaction. The transact is a as minimum 10-digit integer, e.g. transact=1234567891 , int64, long.

ticket The unique DIBS identification number for the ticket, of the card was stored for later use. The transact is a as minimum 10-digit integer, e.g. transact=1234567891 , int64, long

 

Do you have a question or need help?
Follow us
DIBS Payment Services
Stockholm +46 (0)8-527 525 00
Göteborg +46 031-600 800
København +45 7020 3077
Oslo +47 21 55 44 00
Close menu