Authorisations
The following documentation explains how to manually submit an AUTH request using our Webservices API.
If you are already processing e-commerce payments using our JavaScript Library (using 3-D Secure v2), you no longer need to manually perform the AUTH request described herein (as the JavaScript Library will automatically perform the authorisation).
This page is written for those processing Mail or Telephone Order (MOTO) payments, Merchant Initiated Transactions (MIT), or other advanced workflows that do not warrant 3-D Secure v2 being enabled.
Requirements
If you are unsure, please contact our Support Team for assistance.
To perform 3-D Secure, you will need to utilise our JavaScript Library. Click here to get started.
To perform 3-D Secure, you will need to utilise our JavaScript Library. Click here to get started.
Failure to submit these fields may prevent the transaction from being processed successfully, with a “60025” errorcode being returned in the response.
AUTH request
Example
To successfully process an AUTH request, you must follow the specification below:
#!/usr/bin/python import securetrading stconfig = securetrading.Config() stconfig.username = "[email protected]" stconfig.password = "Password1^" st = securetrading.Api(stconfig) auth = { "sitereference": "test_site12345", "requesttypedescriptions": ["AUTH"], "accounttypedescription": "ECOM", "currencyiso3a": "GBP", "baseamount": "1050", "orderreference": "My_Order_123", "pan": "4111111111111111", "expirydate": "12/2020", "securitycode": "123" } strequest = securetrading.Request() strequest.update(auth) stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'sitereference' => 'test_site12345',
'requesttypedescriptions' => array('AUTH'),
'accounttypedescription' => 'ECOM',
'currencyiso3a' => 'GBP',
'baseamount' => '1050',
'orderreference' => 'My_Order_123',
'pan' => '4111111111111111',
'expirydate' => '12/2020',
'securitycode' => '123'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{ "alias":"[email protected]", "version": "1.00", "request": [{ "currencyiso3a": "GBP", "requesttypedescriptions": ["AUTH"], "sitereference": "test_site12345", "baseamount": "1050", "orderreference": "My_Order_123", "accounttypedescription": "ECOM", "pan": "4111111111111111", "expirydate": "12/2020", "securitycode": "123" }]}'
{"alias":"[email protected]","version":"1.00","request":[{"currencyiso3a":"GBP","requesttypedescriptions":["AUTH"],"sitereference":"test_site12345","baseamount":"1050","orderreference":"My_Order_123","accounttypedescription":"ECOM","pan":"4111111111111111","expirydate":"12\/2020","securitycode":"123"}]}
<requestblock version="3.67"> <alias>[email protected]</alias> <request type="AUTH"> <merchant> <orderreference>My_Order_123</orderreference> </merchant> <billing> <payment> <expirydate>12/2020</expirydate> <pan>4111111111111111</pan> <securitycode>123</securitycode> </payment> <amount currencycode="GBP">1050</amount> </billing> <operation> <sitereference>test_site12345</sitereference> <accounttypedescription>ECOM</accounttypedescription> </operation> </request> </requestblock>
Replace <DOMAIN> with a supported domain. Click here for a full list.
Click here for test card numbers you can submit in AUTH requests while testing.
Field specification
Operation The following fields relate to the type of request submitted: Do not submit when processing a Customer Initiated Transaction (CIT).The allowed values for this field are “A”, “C”, “D”, “S” and “X”. Click here for further information on the different initiationreason values. Note: You must ensure the initiationreason submitted in the request correctly represents the reason for the new payment. Visa may introduce new values to this list in the future. Please refer to Visa’s own documentation for further information. If you do not know your site reference, please contact our Support Team. Payment The following fields contain the customer’s payment details: If the currency is submitted in a child request, it must be the same value as the parent transaction. Click here for a full list of different card-based payment types. (For AMEX cards, this is a 4 digit code found on the front of the card) This field is not strictly required by Trust Payments, but it is highly recommended for the processing of security code checks. Additionally, some banks may decline the payment if the security code is not present. Merchant The following fields relate to your account configuration and allow you to configure custom unique references for your request: Specification of this field will depend on your acquiring bank. Click here for further information. Valid characters: Note: This can be updated at a later time (only if transaction is pending settlement). Billing The following fields contain the customer’s billing details: If the country provided is not United States, Great Britain or Canada, or if no country is provided, the postcode field is not validated. Customer and delivery The following fields contain the customer’s delivery details: If the country provided is not United States, Great Britain or Canada, or if no country is provided, the postcode field is not validated. Settlement The following fields contain the Settlement details: The following is an example of an AUTH response indicating the request was processed successfully. When you receive an AUTH response, you must check the field values, to ensure the request was processed successfully. Please refer to our “Best practices” for further information. Operation The following fields relate to the type of request submitted: Billing The following fields contain the customer’s billing details: Click here for a full list of different card-based payment types. Merchant The following fields relate to your account configuration: Only supported by certain acquiring banks. Specification of this field will depend on your acquiring bank. Click here for further information. Valid characters: Note: This can be updated at a later time (only if transaction is pending settlement). Settlement The following fields contain the Settlement details: Transaction status The following fields returned in the response indicate the outcome of the request: Mapping: For successful transactions, this is returned as “Ok”. To submit subsequent transactions with the same details, your system can process another AUTH request, and reference the previously-completed payment’s transactionreference, which is returned in the response. Submit this reference in the parenttransactionreference field of the new AUTH request, and the majority of fields (card details, billing address, delivery address, order reference, etc.) will be re-used when proceeding with the new payment. Please refer to the following example request: Replace <DOMAIN> with a supported domain. Click here for a full list. Once a transaction has been authorised, the funds are then reserved against the customer’s account for 7 days. The instruction to transfer the funds is scheduled daily when we submit a batch of all pending transactions to your acquirer. This process is called settlement and is outlined below: Settlement can be deferred for certain transactions. You can request this by modifying the payment request, or transactions may be deferred by our internal fraud system. You should therefore sign in to MyST on a regular basis, to check the status of your transactions. Settle status 0 – Pending settlement Transaction that has been authorised by card issuer for payment. Settle status 1 – Pending settlement (manual override) Transaction that has been authorised by card issuer for payment. Settle status 10 – Settling Details of this transaction have been sent to the acquiring bank for settlement. Settle status 100 – Settled Transaction has been settled into the merchant’s account. Transaction has been suspended, and will not settle without action from the merchant. Settle status 3 – Cancelled Transaction has been cancelled and will not settle. If you are unsure, please contact our Support Team for assistance. The following documentation explains how to manually perform 3-D Secure using version 1 through our Webservices API. The process described below only supports 3-D Secure version 1. If you are already processing e-commerce payments using our JavaScript Library, you do not need to follow the process described below, as the JavaScript Library will handle the 3-D Secure process automatically. 3-D Secure is a protocol designed to reduce fraud and chargebacks during e-commerce transactions. It allows Mastercard and Visa card issuers to provide an extra level of protection, by authenticating the customer’s identity at the point of sale, sometimes by prompting for a previously-agreed PIN and/or password. If the customer is enrolled in 3-D Secure, your system will need to redirect the customer to the card issuer’s server (ACS URL) and handle the customer being redirected to your server (Term URL). Your system will need to send an AUTH request using our Webservices API and interpret the response returned. To determine whether or not the customer’s card is enrolled in the 3-D Secure scheme, you need to manually submit a THREEDQUERY request using our Webservices API. The following example demonstrates how to structure a THREEDQUERY request: Here is the specification of the fields included in the THREEDQUERY request described above: Key We return a masked version of this PAN in the response, in the field maskedpan. e.g. “411111######1111” More info This section documents how to interpret a THREEDQUERY response, which is used to indicate whether or not the customer’s card is enrolled in the card issuer’s 3-D Secure scheme. The example below demonstrates the structure of a THREEDQUERY response, indicating that the customer’s card is enrolled in a 3-D Secure scheme: If the errorcode value returned in the response is not ‘0’, an error has occurred. If an errorcode other than ‘0’ is returned, please consult the table below and attempt to resolve the issue: If you were unable to resolve the issue, you can instruct your system to perform a standard AUTH without using 3-D Secure. If the enrolled value returned in the response is “Y”, the customer’s card is enrolled in 3-D secure. Please refer to the following table for enrolled values: Here is the specification of the fields included in the THREEDQUERY response described above: Key The unique 3-D Secure reference for this transaction. The URL of the Access Control Server (ACS) to be used in authenticating the cardholder. The version of the 3-D Secure protocol. Your progress Following the instructions above, your system should now be able to determine whether or not a customer’s card is enrolled in a 3-D Secure scheme. If the customer’s card is enrolled, follow the “Authenticate the customer” section below, otherwise skip ahead to the “Authorisation” section. If the card is not enrolled, skip ahead to the “Authorisation” section. If the customer is enrolled in the card issuer’s 3-D Secure scheme, your system must send the customer’s browser to the card issuer-hosted Access Control Server (ACS) using an HTTPS POST. The URL for the ACS can be found in the acsurl field of the THREEDQUERY response. On the ACS, the customer will be authenticated, sometimes by prompting for a previously-agreed PIN and/or password. The browser must send data from the termurl, pareq and md in HTML fields ‘TermUrl’, ‘PaReq’ and ‘MD’, respectively (These field names are case sensitive). Following authentication, the customer will be returned to your servers using an HTTPS POST. You will need to parse this response, as it will contain the ‘PaRes’ and ‘MD’ fields, for constructing the subsequent AUTH Request needed to process the payment. The following is an example of how to redirect the cardholder to the card issuer’s ACS : In most circumstances, your system will need to store data about the transaction in your database while the customer is being authenticated on the card issuer’s ACS, to be retrieved when the customer returns to your system via the termurl. As the 3-D Secure specification requires that only the md and pares fields are returned to your system, it is recommended that the md field is used to look up any corresponding customer session to complete the transaction. Your system will need to consider the length of time it may take for the customer to enter their details on the card issuer’s ACS. The time the customer will spend on the ACS will depend on a number of factors. Longer wait times may occur when the customer is signing up to a 3-D Secure scheme for the first time, or recovering a forgotten password. While your system needs to allow time for the customer to return, it is entirely possible for the customer to close their browser on the card issuer’s ACS and not return at all. There are no specific regulations as to how long your system must wait for the customer to be redirected from the ACS to your Term URL, but we recommend waiting for no more than two hours. Your progress Following the instructions above, your system should now be able to redirect the browsers of customers with cards enrolled in a 3-D Secure scheme to the ACS for authentication. Your system can now proceed and submit an AUTH request using our Webservices API to process the payment, by following the instructions below. 3-D authorisations are used to seek authorisation for authenticated transactions from your acquiring bank. This is performed by manually submitting an AUTH Request using our Webservices API and interpreting the response returned. The following example demonstrates how to structure a 3-D AUTH request when the card is enrolled in a 3-D Secure scheme: For cards that are NOT enrolled in the card issuer’s 3-D Secure scheme (or have unknown enrolment), you will need to submit the following fields in order to inherit transaction information needed to perform the authorisation: Inheritance The example AUTH requests shown above (both enrolled and not-enrolled) contain all the fields that are required for submission. All other information required to seek authorisation will be inherited from the previous THREEDQUERY request stored on our system. We allow the submission of additional fields in the AUTH request that have not been submitted in the THREEDQUERY request (e.g. the customer name, if omitted in the query). Click here for a full list of fields that can be submitted in an AUTH request. Here is the specification of the fields included in the AUTH requests described above: Key Must be the value returned in the pares field of the HTTPS POST from the card issuer’s ACS, otherwise this may forfeit the liability shift. The unique 3-D Secure reference for this transaction. Supplied if enrolled is “Y” Unique reference of the parent THREEDQUERY request. The site reference processing the transaction. The data returned in the AUTH response will depend on both the card enrollment status, and whether or not the customer was successfully authenticated on the card issuer’s ACS. Your system should be able to interpret the response data in each of the following scenarios. Enrolled and authenticated Enrolled but NOT authenticated Not enrolled Your system will need to interpret the AUTH response in order to determine if the transaction was successful. The most important field to check in the response is the errorcode. Regardless of the errorcode returned in the response, we strongly recommend that you refer to our best practices and configure your system to perform all of the checks outlined. Here is the specification of the fields that are included in the AUTH responses described above, which are specific to 3-D Secure: Key Indicates whether or not the customer was authenticated on the card issuer’s ACS: The unique Cardholder Authentication Verification Value (CAVV) associated with the transaction, provided by the card issuer. The ECI (E-Commerce Indicator) security level associated with the transaction. We recommend that you thoroughly test your solution before processing live payments.
Field
Format
Description
accounttypedescription
XPath: /operation/accounttypedescriptionAlpha (20)
The type of account to be used:
authmethod
XPath: /operation/authmethodAlpha (11)
Auth methods are used to specify how a transaction is to be processed by the card issuer. Each authmethod has a different set of requirements.
Click here for further information.
credentialsonfile
XPath: /operation/credentialsonfileNumeric (1)
The allowed values for this field are 0, 1 and 2.
initiationreason
XPath: /operation/initiationreasonChar (1)
Allows you to assign a reason for a Merchant Initiated Transaction (MIT).
parenttransactionreference
XPath: /operation/parenttransactionreferenceAlphanumeric
& hyphens (25)Allows you to specify the transactionreference of a previous request. Key details are inherited from this request.
requesttypedescriptions
XPath: /@typeAlpha (20)
You must submit “AUTH”, as shown in the request example.
sitereference
XPath: /operation/sitereferenceAlphanumeric
& underscore (50)Identifies your site on the Trust Payments system.
Field
Format
Description
baseamount
XPath: /billing/amountNumeric (13)
The amount of the transaction in base units, with no commas or decimal points, so £10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
currencyiso3a
XPath: /billing/amount/@currencycodeAlpha (3)
The currency of the transaction. Click here for a full list of available currencies.
expirydate
XPath: /billing/payment/expirydateDate MM/YYYY
The expiry date printed on the card.
pan
XPath: /billing/payment/pan Numeric (12-19)
This is the long number printed on the front of the customer’s card.
paymenttypedescription
XPath: /billing/payment/@typeAlpha (20)
Payment method (e.g. “VISA” or “MASTERCARD”).
securitycode
XPath: /billing/payment/securitycode Numeric (3-4)
This is the three digit security code printed on the back of the card.
Field
Format
Description
chargedescription
XPath: /merchant/chargedescriptionAlphanumeric including
symbols (25)This is a description of the payment that appears on the customer’s bank statement. Only supported by certain acquiring banks.
merchantemail
XPath: /merchant/email Email (255)
The merchant’s email address. Maximum length of 255 (maximum of 64 characters before the ”@” symbol).
operatorname
XPath: /merchant/operatornameAlphanumeric (255)
The value of this field contains the name of the user that processed the request. By default, this is the Web Services username included in the request. This can be overridden with a custom value by passing through this field in the request (optional).
orderreference
XPath: /merchant/orderreference Alphanumeric including
symbols (255)Your unique order reference that can be stored on the Trust Payments system.
Field
Format
Description
billingpremise
XPath: /billing/premiseAlphanumeric including
symbols (25)The house number or first line of the customer’s billing address.
billingstreet
XPath: /billing/streetAlphanumeric including
symbols (127)The street entered for the customer’s billing address.
billingtown
XPath: /billing/townAlphanumeric including
symbols (127)The town entered for the customer’s billing address.
billingcounty
XPath: /billing/countyAlphanumeric including
symbols (127)The county entered for the customer’s billing address. For US addresses, the state would be entered in this field. Valid formats:
billingcountryiso2a
XPath: /billing/countryAlpha (2)
The country for the customer’s billing address. This will need to be in ISO2A format. Click here for a full list of country codes.
billingpostcode
XPath: /billing/postcodeAlphanumeric (25)
The postcode entered for the customer’s billing address.
billingemail
XPath: /billing/emailEmail (255)
The customer’s billing email address. Maximum length of 255 (maximum of 64 characters before the ”@” symbol).
billingtelephonetype
XPath: /billing/telephone/@typeChar (1)
The type of telephone number. The options available are:
billingtelephone
XPath: /billing/telephoneAlphanumeric including
symbols (20)The customer’s telephone number. Valid characters:
billingprefixname
XPath: /billing/name/prefixAlphanumeric including
symbols (25)The prefix of the customer’s billing name (e.g. Mr, Miss, Dr).
billingfirstname
XPath: /billing/name/firstAlphanumeric including
symbols (127)The customer’s billing first name.
billingmiddlename
XPath: /billing/name/middleAlphanumeric including
symbols (127)The customer’s billing middle name(s).
billinglastname
XPath: /billing/name/lastAlphanumeric including
symbols (127)The customer’s billing last name.
billingsuffixname
XPath: /billing/name/suffixAlphanumeric including
symbols (25)The suffix of the customer’s billing name (e.g. Bsc).
Field
Format
Description
customerpremise
XPath: /customer/premiseAlphanumeric including
symbols (25)The customer’s house name or number.
customerstreet
XPath: /customer/streetAlphanumeric including
symbols (127)The customer’s street name.
customertown
XPath: /customer/townAlphanumeric including
symbols (127)The customer’s town.
customercounty
XPath: /customer/countyAlphanumeric including
symbols (127)The customer’s county. For US addresses, the state would be entered in this field. Valid formats:
customercountryiso2a
XPath: /customer/countryAlpha (2)
The customer’s country. This will need to be in ISO2A format. Click here for a full list of country codes.
customerpostcode
XPath: /customer/postcodeAlphanumeric (25)
The customer’s postcode or ZIP code.
customeremail
XPath: /customer/emailEmail (255)
The customer’s email address. Maximum length of 255 (maximum of 64 characters before the ”@” symbol).
customertelephonetype
XPath: /customer/telephone/@typeChar (1)
The type of telephone number. The options available are:
customertelephone
XPath: /customer/telephoneAlphanumeric including
symbols (20)The customer’s telephone number. Valid characters:
customerprefixname
XPath: /customer/name/prefixAlphanumeric including
symbols (25)The customer’s prefix name (e.g. Mr, Miss, Dr).
customerfirstname
XPath: /customer/name/firstAlphanumeric including
symbols (127)The customer’s first name.
customermiddlename
XPath: /customer/name/middleAlphanumeric including
symbols (127)The customer’s middle name(s).
customerlastname
XPath: /customer/name/lastAlphanumeric including
symbols (127)The customer’s last name.
customersuffixname
XPath: /customer/name/suffixAlphanumeric including
symbols (25)The customer’s suffix name (e.g. Bsc).
customerforwardedip
XPath: /customer/forwardedipIP address (39)
Customer forwarded IP address, as provided by a proxy server if available.
customerip
XPath: /customer/ipIP address (39)
The IP of the customer.
Field
Format
Description
settleduedate
XPath: /settlement/settleduedateDate YYYY-MM-DD
You can submit this field in the request to specify the date you would like your transaction to settle. This must be within 7 days of the authorisation date.
settlestatus
XPath: /settlement/settlestatusNumeric (3)
A numeric value used to define the settlement instruction. If you do not submit a value here, the settlestatus defaults to “0”.
AUTH response
{
u 'requestreference': u 'A0bxh87wt',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2016-12-07 11:32:44',
u 'livestatus': u '0',
u 'issuer': u 'Test Issuer',
u 'splitfinalnumber': u '1',
u 'dccenabled': u '0',
u 'settleduedate': u '2016-12-07',
u 'errorcode': u '0',
u 'orderreference': u 'My_Order_123',
u 'tid': u '27882788',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'transactionreference': u '23-9-80001',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'baseamount': u '1050',
u 'accounttypedescription': u 'ECOM',
u 'acquirerresponsecode': u '00',
u 'requesttypedescription': u 'AUTH',
u 'securityresponsesecuritycode': u '2',
u 'currencyiso3a': u 'GBP',
u 'authcode': u 'TEST36',
u 'errormessage': u 'Ok',
u 'operatorname': u '[email protected]',
u 'securityresponsepostcode': u '0',
u 'maskedpan': u '411111######1111',
u 'securityresponseaddress': u '0',
u 'issuercountryiso2a': u 'US',
u 'settlestatus': u '0'
}]
}
array(3) {
["requestreference"] => string(9) "A3579dkvx"
["version"] => string(4) "1.00"
["response"] => array(1) {
[0] => array(28) {
["transactionstartedtimestamp"] => string(19) "2016-12-09 09:52:19"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "Test Issuer"
["splitfinalnumber"] => string(1) "1"
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2016-12-09"
["errorcode"] => string(1) "0"
["orderreference"] => string(12) "My_Order_123"
["tid"] => string(8) "27882788"
["merchantnumber"] => string(8) "00000000"
["securityresponsepostcode"] => string(1) "0"
["transactionreference"] => string(10) "72-9-80003"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["baseamount"] => string(4) "1050"
["accounttypedescription"] => string(4) "ECOM"
["acquirerresponsecode"] => string(2) "00"
["requesttypedescription"] => string(4) "AUTH"
["securityresponsesecuritycode"] => string(1) "2"
["currencyiso3a"] => string(3) "GBP"
["authcode"] => string(6) "TEST31"
["errormessage"] => string(2) "Ok"
["operatorname"] => string(23) "[email protected]"
["merchantcountryiso2a"] => string(2) "GB"
["maskedpan"] => string(16) "411111######1111"
["securityresponseaddress"] => string(1) "0"
["issuercountryiso2a"] => string(2) "US"
["settlestatus"] => string(1) "0"
}
}
}
{"requestreference":"W23-fjgvn3d8","version":"1.00","response":[{"transactionstartedtimestamp":"2016-12-07 15:08:47","livestatus":"0","issuer":"Test Issuer","splitfinalnumber":"1","dccenabled":"0","settleduedate":"2016-12-07","errorcode":"0","baseamount":"1050","tid":"27882788","merchantnumber":"00000000","merchantcountryiso2a":"GB","transactionreference":"23-9-80006","merchantname":"Test Merchant","paymenttypedescription":"VISA","orderreference":"My_Order_123","accounttypedescription":"ECOM","acquirerresponsecode":"00","requesttypedescription":"AUTH","securityresponsesecuritycode":"2","currencyiso3a":"GBP","authcode":"TEST96","errormessage":"Ok","operatorname":"[email protected]","securityresponsepostcode":"0","maskedpan":"411111######1111","securityresponseaddress":"0","issuercountryiso2a":"US","settlestatus":"0"}],"secrand":"zO9"}
<responseblock version="3.67">
<requestreference>A3579dkvx</requestreference>
<response type="AUTH">
<merchant>
<merchantname>Test Merchant</merchantname>
<orderreference>MyOrder123</orderreference>
<tid>27882788</tid>
<merchantnumber>00000000</merchantnumber>
<merchantcountryiso2a>GB</merchantcountryiso2a>
<operatorname>[email protected]</operatorname>
</merchant>
<transactionreference>23-9-80006</transactionreference>
<security>
<postcode>2</postcode>
<securitycode>2</securitycode>
<address>2</address>
</security>
<billing>
<amount currencycode="GBP">1050</amount>
<payment type="VISA">
<issuer>Test Issuer</issuer>
<issuercountry>ZZ</issuercountry>
<pan>411111######1111</pan>
</payment>
<dcc enabled="0"/>
</billing>
<authcode>TEST96</authcode>
<timestamp>2012-10-08 12:46:02</timestamp>
<settlement>
<settleduedate>2012-10-08</settleduedate>
<settlestatus>0</settlestatus>
</settlement>
<live>0</live>
<error>
<message>Ok</message>
<code>0</code>
</error>
<acquirerresponsecode>00</acquirerresponsecode>
<operation>
<splitfinalnumber>1</splitfinalnumber>
<authmethod>PRE</authmethod>
<accounttypedescription>ECOM</accounttypedescription>
</operation>
</response>
<secrand>hYWFMkiiAZ0wKHFZ</secrand>
</responseblock>
Field specification
Field
Format
Description
accounttypedescription
XPath: /operation/accounttypedescriptionAlpha (20)
The type of account to be used:
authmethod
XPath: /operation/authmethodAlpha (11)
Auth methods are used to specify how a transaction is to be processed by the card issuer. Each authmethod has a different set of requirements.
Click here for further information.
credentialsonfile
XPath: /operation/credentialsonfileNumeric (1)
The allowed values for this field are 0, 1 and 2.
parenttransactionreference
XPath: /operation/parenttransactionreferenceAlphanumeric
& hyphens (25)The transactionreference of a previous request, from which key details have been inherited.
requesttypedescription
XPath: /@type
Alpha (20)
“AUTH” is returned in the response.
Field
Format
Description
baseamount
XPath: /billing/amountNumeric (13)
The amount of the transaction in base units, with no commas or decimal points, so £10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
currencyiso3a
XPath: /billing/amount/@currencycodeAlpha (3)
The currency of the transaction. Click here for a full list of available currencies.
dccenabled
XPath: /billing/dcc/@enabled Numeric (1)
Indicates if your account is configured for DCC:
1= Yes
0 = No
issuer
XPath: /billing/payment/issuer Alphanumeric (255)
The customer’s card issuer.
issuercountryiso2a
XPath: /billing/payment/issuercountry Alpha (2)
The country for the customer’s card issuer.
This will be in ISO2A format. Click here for a full list of country codes.
maskedpan
XPath: /billing/payment/pan Alphanumeric including “#” (12-19)
The customer’s card number. This is masked in the response. Most of the number is intentionally obscured by “#” characters, e.g. 411111######0211.
paymenttypedescription
XPath: /billing/payment/@typeAlpha (20)
Payment method (e.g. “VISA” or “MASTERCARD”).
Field
Format
Description
chargedescription
XPath: /merchant/chargedescriptionAlphanumeric including
symbols (25)This is a description of the payment that appears on the customer’s bank statement.
merchantnumber
XPath: /merchant/merchantnumber Alphanumeric (32)
The merchant number that was used to process the transaction. Provided by the acquiring bank.
merchantcategorycode
XPath: /merchant/merchantcategorycodeAlphanumeric (255)
These are details associated with the account used to process the transaction.To amend these fields, please contact our Support Team.
merchantcity
XPath: /merchant/merchantcityAlphanumeric (127)
merchantcountryiso2a
XPath: /merchant/merchantcountryiso2aAlpha (2)
merchantname
XPath: /merchant/merchantnameAlphanumeric (255)
merchantstatecode
XPath: /merchant/merchantstatecodeAlphanumeric (127)
merchantzipcode
XPath: /merchant/merchantzipcodeAlphanumeric (10)
operatorname
XPath: /merchant/operatornameAlphanumeric (255)
The value of this field contains the name of the user that processed the request.
orderreference
XPath: /merchant/orderreferenceAlphanumeric including
symbols (255)Your unique order reference that can be stored on the Trust Payments system.
tid
XPath: /merchant/tidAlphanumeric (255)
The terminal ID used to process the transaction. This is accredited to your merchant number when we setup your account in our systems.
Field
Format
Description
settleduedate
XPath: /settlement/settleduedateDate YYYY-MM-DD
The date on which the transaction will be settled.
settlestatus
XPath: /settlement/settlestatusNumeric (3)
A numeric value used to indicate the progress of settlement regarding this transaction.
Field
Format
Description
acquireradvicecode
XPath: /acquireradvicecode Numeric (1)
A numeric value returned following a repeat payment request, indicating if further payments can be processed.
acquirerresponsecode
XPath: /acquirerresponsecode Alphanumeric (255)
Used by your acquirer to indicate the outcome of the request.
acquirerresponsemessage
XPath: /acquirerresponsemessageAlphanumeric (255)
authcode
XPath: /authcode Alphanumeric (255)
The authorisation code provided by the issuing bank. This will differ depending on which bank you use.
errorcode
XPath: /error/codeNumeric (1-5)
The error code should be used to determine if the request was successful or not.
errordata
XPath: /error/dataAlphanumeric (255)
Additional information to help troubleshoot the error.
errormessage
XPath: /error/messageAlphanumeric (255)
This provides a brief explanation as to the cause of the error.
livestatus
XPath: /live Numeric (1)
retrievalreferencenumber
XPath: /other/retrievalreferencenumberAlphanumeric (255)
An ISO term. This is used to reference the source transaction.
securityresponseaddress
XPath: /security/addressNumeric (1)
The result of AVS and Security Code Checks.
securityresponsepostcode
XPath: /security/postcodeNumeric (1)
securityresponsesecuritycode
XPath: /security/securitycodeNumeric (1)
transactionreference
XPath: /transactionreference Alphanumeric including
hyphens (25)A unique reference for the transaction assigned by Trust Payments. You will need this reference to perform a refund or update the transaction.
transactionstartedtimestamp
XPath: /timestampDate time YYYY-MM-DD hh:mm:ss
The time the transaction was processed.
Field
Format
Description
requestreference
Alphanumeric (25)
This is an internal field generated by Trust Payments. It must not be validated. If problems are experienced with the request this field may be requested by Trust Payments support to aid in determining the cause.
secrand
Alphanumeric (16)
Random string of characters, returned in the response of non-API-based libraries developed by Trust Payments.
Tokenisation from previous request
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
auth = {
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"parenttransactionreference": "23-9-80006"
}
strequest = securetrading.Request()
strequest.update(auth)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'sitereference' => 'test_site12345',
'requesttypedescriptions' => array('AUTH'),
'accounttypedescription' => 'ECOM',
'currencyiso3a' => 'GBP',
'baseamount' => '1050',
'orderreference' => 'My_Order_123',
'parenttransactionreference' => '23-9-80006'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias":"[email protected]",
"version": "1.00",
"request": [{
"currencyiso3a": "GBP",
"requesttypedescriptions": ["AUTH"],
"sitereference": "test_site12345",
"baseamount": "1050",
"orderreference": "My_Order_123",
"accounttypedescription": "ECOM",
"parenttransactionreference": "23-9-80006"
}]}'
{"alias":"[email protected]","version":"1.00","request":[{"currencyiso3a":"GBP","requesttypedescriptions":["AUTH"],"sitereference":"test_site12345","baseamount":"1050","orderreference":"My_Order_123","accounttypedescription":"ECOM","parenttransactionreference":"23-9-80006"}]}
<requestblock version="3.67">
<alias>[email protected]</alias>
<request type="AUTH">
<merchant>
<orderreference>My_Order_123</orderreference>
</merchant>
<billing>
<amount currencycode="GBP">1050</amount>
</billing>
<operation>
<sitereference>test_site12345</sitereference>
<accounttypedescription>ECOM</accounttypedescription>
<parenttransactionreference>12-23-34</parenttransactionreference>
</operation>
</request>
</requestblock>
Settlement
Deferred settlement
Settle status
‘0’ – Allows settlement to occur, providing the transaction passes fraud checks.
‘1’ – Allows settlement to occur, bypassing fraud checks.
‘3’ – Manually cancels the transaction.
Additional resources
3-D Secure (version 1)
We recommend all merchants utilise 3-D Secure version 2 by using our JavaScript Library.
Process overview
1. Check customer enrolment
THREEDQUERY Request
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
threedquery= {
"termurl":"https://termurl.com",
"accept":"text/html,*/*",
"pan": "4111111111111111",
"expirydate": "12/2020",
"securitycode": "123",
"currencyiso3a":"GBP",
"requesttypedescriptions": ["THREEDQUERY"],
"accounttypedescription":"ECOM",
"sitereference": "test_site12345",
"baseamount": "1050"
}
strequest = securetrading.Request()
strequest.update(threedquery)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'termurl' => 'https://termurl.com',
'accept' => 'text/html,*/*',
'pan' => '4111111111111111',
'expirydate' => '12/2020',
'securitycode' => '123',
'currencyiso3a' => 'GBP',
'requesttypedescriptions' => array('THREEDQUERY'),
'accounttypedescription' => 'ECOM',
'sitereference' => 'test_site12345',
'baseamount' => '1050'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias": "[email protected]",
"version": "1.00",
"request": [{
"termurl":"https://termurl.com",
"accept":"text/html,*/*",
"pan": "4111111111111111",
"expirydate": "12/2020",
"securitycode": "123",
"currencyiso3a":"GBP",
"requesttypedescriptions": ["THREEDQUERY"],
"accounttypedescription":"ECOM",
"sitereference": "test_site12345",
"baseamount": "1050"
}]}'
Field name
Type
Length
Request
Description
accept
Alphanumeric
1024
The exact content of the HTTP accept-header field as received from the cardholder’s user agent.
accounttypedescription
Alpha
20
This must be submitted as “ECOM” (e-commerce).
baseamount
Numeric
13
The amount of the transaction in base units, with no commas or decimal points, so £10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
currencyiso3a
Alpha
3
The currency that the transaction will be processed in.
expirydate
Date MM/YYYY
7
The expiration date printed on the card.
pan
Numeric
12-19
This is the long number printed on the front of the customer’s card.
requesttypedescriptions
Alpha
20
The request type required is “THREEDQUERY”.
securitycode
Numeric
3-4
This is the three digit security code printed on the back of the card.
(For AMEX cards, this is a 4 digit code found on the front of the card)This field is not strictly required field by Trust Payments, but it is highly recommended for the processing of security code checks.Additionally, some banks may decline the payment if the security code is not present.
sitereference
Alphanumeric including
underscore50
The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support team.
termurl
URL
1024
This field value is a URL of a script/file located on your system that is able to manage customers who are returned to your system. It is used to instruct the card issuer where to send the customer’s browser after they have been authenticated on the card issuer’s ACS.
useragent
Alphanumeric
255
The exact content of the HTTP user-agent header field as received from the cardholder’s user agent. We strongly recommend you submit this field, as failure to do so may forfeit the liability shift.
THREEDQUERY Response
{
u 'requestreference': u 'Aw5mpjtv6',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2016-12-07 16:55:47',
u 'livestatus': u '0',
u 'issuer': u 'SecureTrading Test Issuer1',
u 'xid': u 'amh1OCtINGpuemJaVmQreU5YT2Y=',
u 'pareq': u 'eJxVUmFPw9C12xiQowlCopiIqGji5Yqj25lPCwOutoQKHZzxqOQgF5soqzk=',
u 'dccenabled': u '0',
u 'settleduedate': u '2016-12-07',
u 'errorcode': u '0',
u 'threedversion': u '1.0.2',
u 'tid': u '27882788',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'transactionreference': u '1-2-345678',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'acsurl': u 'https://webapp.securetrading.net/acs/visa.cgi',
u 'accounttypedescription': u 'ECOM',
u 'requesttypedescription': u 'THREEDQUERY',
u 'md': u 'UEZOVVBqeE5SRDQ4VFVSSVBucE9abUp5WWtTlDR0NLaFVSZUV5aStFPQ==',
u 'maskedpan': u '411111######0211',
u 'errormessage': u 'Ok',
u 'operatorname': u '[email protected]',
u 'enrolled': u 'Y',
u 'issuercountryiso2a': u 'US',
u 'settlestatus': u '0'
}]
}
array(3) {
["requestreference"] => string(9) "A2cjnruwy"
["version"] => string(4) "1.00"
["response"] => array(1) {
[0] => array(25) {
["transactionstartedtimestamp"] => string(19) "2016-12-09 11:25:36"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "SecureTrading Test Issuer1"
["xid"] => string(28) "ZlcyU1hQcUhmaEtzd2I1SmkrMnM="
["pareq"] => string(27) "eJxVUstuwjAQ/BXEHZxjoOrXA=="
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2016-12-09"
["errorcode"] => string(1) "0"
["threedversion"] => string(5) "1.0.2"
["tid"] => string(8) 27882788"
["merchantnumber"] => string(8) "00000000"
["merchantcountryiso2a"] => string(2) "GB"
["transactionreference"] => string(10) "1-2-345678"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["acsurl"] => string(45) "https://webapp.securetrading.net/acs/visa.cgi"
["accounttypedescription"] => string(4) "ECOM"
["requesttypedescription"] => string(11) "THREEDQUERY"
["md"] => string(72) "UEZOVVBqeVQand2VTFRKzptZGY2RXZXOGQrS2V5Tko5cEk9"
["maskedpan"] => string(16) "411111######0211"
["errormessage"] => string(2) "Ok"
["operatorname"] => string(23) "[email protected]"
["enrolled"] => string(1) "Y"
["issuercountryiso2a"] => string(2) "US"
["settlestatus"] => string(1) "0"
}
}
}
{"requestreference":"W23-08yvq0db","version":"1.00","response":[{"transactionstartedtimestamp":"2016-12-07 16:57:44","livestatus":"0","issuer":"SecureTrading Test Issuer1","xid":"KzRLRmhSUEZ0OWZJSkJIMDU1dDk=","pareq":"eJxVUu9PwjAQ\/NtY9ts6tP8Ac1Rqq+","dccenabled":"0","settleduedate":"2016-12-07","errorcode":"0","threedversion":"1.0.2","tid":"27882788","merchantnumber":"00000000","merchantcountryiso2a":"GB","transactionreference":"1-2-345678","merchantname":"Test Merchant","paymenttypedescription":"VISA","acsurl":"https:\/\/webapp.securetrading.net\/acs\/visa.cgi","accounttypedescription":"ECOM","requesttypedescription":"THREEDQUERY","md":"UEZOVVBqeE5SRD06bWRzS1dBbnFZY01JRjEwZGOWhrPQ==","maskedpan":"411111######0211","errormessage":"Ok","operatorname":"[email protected]","enrolled":"Y","issuercountryiso2a":"US","settlestatus":"0"}],"secrand":"0gqEPDTnCWlvTr6G"}
Check the error code field value
Error code
Description
0
Request was successful.
30000
Invalid field.
60031
The THREEDQUERY request used a payment type that is not supported by Trust Payments 3-D Secure.
other
Other errors will require further investigation. Click here for a full list of possible error codes.
Check the enrolled field value
Enrolled
Description
Action
Y
The card is enrolled in the card issuer’s 3-D Secure scheme.
Send the customer to the card issuer’s Access Control Server (ACS). The URL for the ACS is provided in the acsurl of the THREEDQUERY response.
N
The card is not enrolled in the card issuer’s 3-D Secure scheme.
Perform an AUTH Request, including the transactionreference returned in the THREEDQUERY response (example can be found below).
U
The card’s enrolment in the card issuer’s 3-D Secure scheme could not be determined.
This typically indicates a temporary problem with the card issuer’s systems. You can configure your system to resubmit the same THREEDQUERY request. If this continues to fail, submit a standard AUTH request using our Webservices API, including the transactionreference returned in the THREEDQUERY response.
Field name
Type
Length
Response
Description
requesttypedescription
Alpha
20
“THREEDQUERY” is always returned in the response.
xid
Alphanumeric
255
The unique identifier for the transaction, assigned by the MPI (Merchant Plug-In) (in this case, Trust Payments).
enrolled
Char
1
Determines if the cardholder is enrolled in a 3-D Secure scheme.
pareq
Alphanumeric including symbols
2048
The unique identifier for the transaction, assigned by the MPI (Merchant Plug-In) (in this case, Trust Payments).
md
Alphanumeric including symbols
1024
Returned if card is enrolled.
acsurl
URL
1024
Returned if card is enrolled.
threedversion
Numeric
6
Only returned for accounts with certain acquiring banks.
2. Authenticate the customer
<!DOCTYPE html PUBLIC '-//W3C//DTD HTML 4.01//EN'>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1">
<title>Processing payment</title>
<style type="text/css">
h3,h3,h4 { font-family: verdana, arial, sans-serif;
font-weight: normal;}
#logo {float: left;}
</style>
</head>
<body OnLoad="document.form.submit();" >
<form name="form" id="form" action="$acsurl" method="POST">
<div>
<input type="hidden" name="PaReq" value="$pareq" />
<input type="hidden" name="TermUrl" value="$termurl" />
<input type="hidden" name="MD" value="$md" />
</div>
<noscript>
<div>
<h3>JavaScript is currently disabled or is not supported by your browser.</h3>
<h4>Please click Submit to continue processing your 3-D Secure transaction.</h4>
<input type="submit" value="Submit">
</div>
</noscript>
</form>
</body>
</html>
Referencing 3-D Secure transactions
Waiting for the customer to return from the ACS
3. Authorisation
AUTH Request
For enrolled cards only
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
auth= {
"requesttypedescriptions": ["AUTH"],
"md":"UEZOVVBqeE5SRDQ4VFVSSVBrRjVXSGhOZFZReVUzVlalBVeE",
"pares":"eJzVWFmzosgSfudXdPQ8Gt1sbkzYRhQ7KCjI/sYOsimgoL/+lp7Tp5"
}
strequest = securetrading.Request()
strequest.update(auth)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'requesttypedescriptions' => array('AUTH'),
'md' => 'UEZOVVBqeE5SRDQ4VFVSSVBtSllOVTlMYVdaUlJXWnZVRTA0UVdwVlJXZFpRo5cEk9',
'pares' => 'eJztWEnTqsi2nfMrKqqGxik6UajwJFCOxLb5BNvgHdPneIihB/fq2eNv777/BdaScGg='
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias": "[email protected]",
"version": "1.00",
"request": [{
"requesttypedescriptions": ["AUTH"],
"md":"UEZOVVBqeE5SRDVS1FLVG9aenQrRGhaNk1NPQ==",
"pares":"eJztWMmyq7iynfMVFVVDxyk6Y0OX0U1wTQ=="
}]}'
For non-enrolled cards only
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
auth= {
"requesttypedescriptions": ["AUTH"],
"sitereference": "test_site12345",
"parenttransactionreference": "1-2-345678"
}
strequest = securetrading.Request()
strequest.update(auth)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'requesttypedescriptions' => array('AUTH'),
'sitereference' => 'test_site12345',
'parenttransactionreference' => '1-2-345678'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias": "[email protected]",
"version": "1.00",
"request": [{
"requesttypedescriptions": ["AUTH"],
"sitereference": "test_site12345",
"parenttransactionreference": "1-2-345678"
}]}'
Field name
Type
Length
Request
Description
pares
Alphanumeric including symbols
1024
Only send if card is enrolled.
md
Alphanumeric including symbols
65536
Only send if card is enrolled.
parenttransactionreference
Alphanumeric including hyphens
25
Only send if card is NOT enrolled.
sitereference
Alphanumeric including underscore
50
Only send if card is NOT enrolled.
AUTH Response
{
u 'requestreference': u 'Av87m7xq9',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2016-12-08 08:34:48',
u 'parenttransactionreference': u '1-2-345678',
u 'livestatus': u '0',
u 'issuer': u 'SecureTrading Test Issuer1',
u 'splitfinalnumber': u '1',
u 'xid': u 'amh1OCtINGpuemJaVmQreU5YT2Y=',
u 'dccenabled': u '0',
u 'settleduedate': u '2016-12-07',
u 'errorcode': u '0',
u 'cavv': u 'Q0FWVkNBVlZDQVZWQ0FWVkNBVlY=',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'status': u 'Y',
u 'transactionreference': u '1-2-345679',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'baseamount': u '1050',
u 'eci': u '05',
u 'accounttypedescription': u 'ECOM',
u 'tid': u '27882788',
u 'acquirerresponsecode': u '00',
u 'requesttypedescription': u 'AUTH',
u 'securityresponsesecuritycode': u '2',
u 'currencyiso3a': u 'GBP',
u 'authcode': u 'TEST40',
u 'errormessage': u 'Ok',
u 'operatorname': u '[email protected]',
u 'maskedpan': u '411111######0211',
u 'securityresponsepostcode': u '0',
u 'enrolled': u 'Y',
u 'securityresponseaddress': u '0',
u 'issuercountryiso2a': u 'US',
u 'settlestatus': u '0'
}]
}
array(3) {
["requestreference"] => string(9) "A278afgrx"
["version"] => string(4) "1.00"
["response"] => array(1) {
[0] => array(33) {
["transactionstartedtimestamp"] => string(19) "2016-12-09 11:46:34"
["parenttransactionreference"] => string(10) "1-2-345678"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "SecureTrading Test Issuer1"
["splitfinalnumber"] => string(1) "1"
["xid"] => string(28) "ZlcyU1hQcUhmaEtzd2I1SmkrMnM="
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2016-12-09"
["errorcode"] => string(1) "0"
["tid"] => string(8) "27882788"
["merchantnumber"] => string(8) "00000000"
["merchantcountryiso2a"] => string(2) "GB"
["status"] => string(1) "Y"
["transactionreference"] => string(10) "1-2-345679"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["baseamount"] => string(4) "1050"
["enrolled"] => string(1) "Y"
["eci"] => string(2) "05"
["accounttypedescription"] => string(4) "ECOM"
["cavv"] => string(28) "Q0FWVkNBVlZDQVZWQ0FWVkNBVlY="
["acquirerresponsecode"] => string(2) "00"
["requesttypedescription"] => string(4) "AUTH"
["securityresponsesecuritycode"] => string(1) "2"
["currencyiso3a"] => string(3) "GBP"
["authcode"] => string(6) "TEST30"
["errormessage"] => string(2) "Ok"
["operatorname"] => string(23) "[email protected]"
["securityresponsepostcode"] => string(1) "0"
["maskedpan"] => string(16) "411111######0211"
["securityresponseaddress"] => string(1) "0"
["issuercountryiso2a"] => string(2) "US"
["settlestatus"] => string(1) "0"
}
}
}
{"requestreference":"W23-n68rw97k","version":"1.00","response":[{"transactionstartedtimestamp":"2016-12-07 17:21:59","parenttransactionreference":"1-2-345678","livestatus":"0","issuer":"SecureTrading Test Issuer1","splitfinalnumber":"1","xid":"ZldiREFPMW5HYi90UDhxMDJTV2Q=","dccenabled":"0","settleduedate":"2016-12-07","errorcode":"0","tid":"27882788","merchantnumber":"00000000","merchantcountryiso2a":"GB","status":"Y","transactionreference":"1-2-345679","merchantname":"Test Merchant","paymenttypedescription":"VISA","baseamount":"1050","enrolled":"Y","eci":"05","accounttypedescription":"ECOM","cavv":"Q0FWVkNBVlZDQVZWQ0FWVkNBVlY=","acquirerresponsecode":"00","requesttypedescription":"AUTH","securityresponsesecuritycode":"2","currencyiso3a":"GBP","authcode":"TEST05","errormessage":"Ok","operatorname":"[email protected]","securityresponsepostcode":"0","maskedpan":"411111######0211","securityresponseaddress":"0","issuercountryiso2a":"US","settlestatus":"0"}],"secrand":"bsZP"}
{
u 'requestreference': u 'Aq2qmp0j3',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2016-12-13 11:11:58',
u 'parenttransactionreference': u '1-2-345678',
u 'livestatus': u '0',
u 'issuer': u 'SecureTrading Test Issuer1',
u 'splitfinalnumber': u '1',
u 'dccenabled': u '0',
u 'settleduedate': u '2016-12-13',
u 'errorcode': u '60022',
u 'tid': u '27882788',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'status': u 'N',
u 'transactionreference': u '1-2-345679',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'baseamount': u '1050',
u 'accounttypedescription': u 'ECOM',
u 'requesttypedescription': u 'AUTH',
u 'currencyiso3a': u 'GBP',
u 'maskedpan': u '411111######0211',
u 'errormessage': u 'Unauthenticated',
u 'operatorname': u '[email protected]',
u 'enrolled': u 'Y',
u 'issuercountryiso2a': u 'US',
u 'settlestatus': u '3'
}]
}
array(3) {
["requestreference"] => string(9) "A35ahjnwx"
["version"] => string(4) "1.00"
["response"] => array(1) {
[0] => array(25) {
["transactionstartedtimestamp"] => string(19) "2016-12-13 10:41:57"
["parenttransactionreference"] => string(10) "1-2-345678"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "SecureTrading Test Issuer1"
["splitfinalnumber"] => string(1) "1"
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2016-12-13"
["errorcode"] => string(5) "60022"
["tid"] => string(8) "27882788"
["merchantnumber"] => string(8) "00000000"
["merchantcountryiso2a"] => string(2) "GB"
["status"] => string(1) "N"
["transactionreference"] => string(10) "1-2-345679"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["baseamount"] => string(3) "1050"
["accounttypedescription"] => string(4) "ECOM"
["requesttypedescription"] => string(4) "AUTH"
["currencyiso3a"] => string(3) "GBP"
["maskedpan"] => string(16) "411111######0211"
["errormessage"] => string(15) "Unauthenticated"
["operatorname"] => string(23) "[email protected]"
["enrolled"] => string(1) "Y"
["issuercountryiso2a"] => string(2) "US"
["settlestatus"] => string(1) "3"
}
}
}
{
"requestreference": "W23-mjuwx1f5",
"version": "1.00",
"response": [{
"transactionstartedtimestamp": "2016-12-13 11:00:44",
"parenttransactionreference": "1-2-345678",
"livestatus": "0",
"issuer": "SecureTrading Test Issuer1",
"splitfinalnumber": "1",
"dccenabled": "0",
"settleduedate": "2016-12-13",
"errorcode": "60022",
"tid": "27882788",
"merchantnumber": "00000000",
"merchantcountryiso2a": "GB",
"status": "N",
"transactionreference": "1-2-345679",
"merchantname": "Test Merchant",
"paymenttypedescription": "VISA",
"baseamount": "1050",
"accounttypedescription": "ECOM",
"requesttypedescription": "AUTH",
"currencyiso3a": "GBP",
"maskedpan": "411111######0211",
"errormessage": "Unauthenticated",
"operatorname": "[email protected]",
"enrolled": "Y",
"issuercountryiso2a": "US",
"settlestatus": "3"
}],
"secrand": "3J"
{
u 'requestreference': u 'Adyw3fdbw',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2016-12-07 16:47:39',
u 'parenttransactionreference': u '1-2-345678',
u 'livestatus': u '0',
u 'issuer': u 'SecureTrading Test Issuer1',
u 'splitfinalnumber': u '1',
u 'dccenabled': u '0',
u 'settleduedate': u '2016-12-07',
u 'errorcode': u '0',
u 'tid': u '27882788',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'transactionreference': u '1-2-345679',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'baseamount': u '1050',
u 'accounttypedescription': u 'ECOM',
u 'acquirerresponsecode': u '00',
u 'requesttypedescription': u 'AUTH',
u 'securityresponsesecuritycode': u '2',
u 'currencyiso3a': u 'GBP',
u 'authcode': u 'TEST23',
u 'errormessage': u 'Ok',
u 'operatorname': u '[email protected]',
u 'maskedpan': u '411111######0021',
u 'securityresponsepostcode': u '0',
u 'enrolled': u 'N',
u 'securityresponseaddress': u '0',
u 'issuercountryiso2a': u 'US',
u 'settlestatus': u '0'
}]
}
array(3) {
["requestreference"] => string(9) "A256agnuw"
["version"] => string(4) "1.00"
["response"] => array(1) {
[0] => array(29) {
["transactionstartedtimestamp"] => string(19) "2016-12-09 11:53:36"
["parenttransactionreference"] => string(10) "1-2-345678"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "SecureTrading Test Issuer1"
["splitfinalnumber"] => string(1) "1"
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2016-12-09"
["errorcode"] => string(1) "0"
["tid"] => string(8) "27882788"
["merchantnumber"] => string(8) "00000000"
["merchantcountryiso2a"] => string(2) "GB"
["transactionreference"] => string(10) "1-2-345679"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["baseamount"] => string(4) "1050"
["enrolled"] => string(1) "N"
["accounttypedescription"] => string(4) "ECOM"
["acquirerresponsecode"] => string(2) "00"
["requesttypedescription"] => string(4) "AUTH"
["securityresponsesecuritycode"] => string(1) "2"
["currencyiso3a"] => string(3) "GBP"
["authcode"] => string(6) "TEST08"
["errormessage"] => string(2) "Ok"
["operatorname"] => string(23) "[email protected]"
["securityresponsepostcode"] => string(1) "0"
["maskedpan"] => string(16) "411111######0021"
["securityresponseaddress"] => string(1) "0"
["issuercountryiso2a"] => string(2) "US"
["settlestatus"] => string(1) "0"
}
}
}
{"requestreference":"W23-fwpp74eu","version":"1.00","response":[{"transactionstartedtimestamp":"2016-12-07 17:24:51","parenttransactionreference":"1-2-345678","livestatus":"0","issuer":"SecureTrading Test Issuer1","splitfinalnumber":"1","dccenabled":"0","settleduedate":"2016-12-07","errorcode":"0","tid":"27882788","merchantnumber":"00000000","merchantcountryiso2a":"GB","transactionreference":"1-2-345679","merchantname":"Test Merchant","paymenttypedescription":"VISA","baseamount":"1050","enrolled":"N","accounttypedescription":"ECOM","acquirerresponsecode":"00","requesttypedescription":"AUTH","securityresponsesecuritycode":"2","currencyiso3a":"GBP","authcode":"TEST42","errormessage":"Ok","operatorname":"[email protected]","securityresponsepostcode":"0","maskedpan":"411111######0021","securityresponseaddress":"0","issuercountryiso2a":"US","settlestatus":"0"}],"secrand":"O3L"}
Managing authorisation response
Error code
Description
0
Cardholder was successfully authenticated on the card issuer’s ACS.
Customer’s bank authorised the transaction.
Funds will be transferred.
70000
Cardholder was successfully authenticated on the card issuer’s ACS.
Customer’s bank declined the transaction.
Funds will NOT be transferred.
60022
Cardholder was NOT successfully authenticated on the card issuer’s ACS.
Trust Payments did not contact the acquiring bank to seek authorisation.
Funds will NOT be transferred.
99999
An error code of ‘99999’ indicates an unknown error occurred, which requires manual inspection.
We recommend contacting our Support Team for assistance, providing a copy of the entire request submitted and the response returned.
In the interest of security, ensure you omit or mask sensitive field values, such as card details.
other
Click here for a full list of error codes used by Trust Payments.
Field name
Type
Length
Response
Description
enrolled
Char
1
Indicates if the cardholder is enrolled in a 3-D Secure scheme:
xid
Alphanumeric
255
The unique identifier for the transaction, assigned by the MPI (Merchant Plug-In) (in this case, Trust Payments).
status
Char
1
Returned if card is enrolled.
cavv
Alphanumeric
32
Returned if card is enrolled and authenticated.
eci
Alphanumeric
2
Returned if card is enrolled and authenticated.
Testing
Click here for test card details that you can submit when testing.
