Action types
We will automatically perform an Action when criteria of a condition have been met. This page explains the different types of actions that can be configured on your Trust Payments account.
URL notifications
URL notification actions are requests sent from Trust Payments to a pre-defined URL.
These notifications contain information about requests processed on your Trust Payments account.
Click here to learn more There are three different notification flows you can choose from: The notification sent from Trust Payments will include a valid HTTP/1.1 Content-type header to be accepted by your system. For example: The included field names and data will be urlencoded. For example, if the notification contains the fields “baseamount”, “errorcode” and “orderreference” with values “2499”, “0” and “customerorder1” respectively, then the notification may look like the following (notificationreference field is always returned): To ensure the notification has not been modified by a malicious user, a field called responsesitesecurity can be included in the POST to your system, when configuring the notification in MyST. This field contains a cryptographic hash of a predefined set of field values. Using the example above, with the addition of a notification password of “password”, using the sha256 security algorithm, the notification may look like the following: Step 1: To check the notification is legitimate, concatenate the values of all the fields in the request (excluding notificationreference and responsesitesecurity), in order of field name, in ASCII alphabetical order. Step 2: To the end of this, append your notification password. This leaves: Where “password” would be replaced with your own notification password. Step 3: Then generate a hexadecimal hash of this value using sha256 and ensure the value matches the value in responsesitesecurity: If the generated hexadecimal hash does not match the responsesitesecurity received from Trust Payments, the notification should not be accepted. In such a case, please contact our Support Team. You can set up your system to receive URL notifications using SSL/TLS. In order to do so, your server must present a valid TLS certificate chain to the Trust Payments notifications client. A valid certificate contains the domain of the Notification URL in the common name of the certificate and the chain must correctly validate to an accepted certificate authority. You must configure your system to accept incoming URL notifications on port 443. You must configure your system to respond to a notification with an HTTP 200 OK response. For example: “HTTP/1.0 200 OK”. Your system must reply within 8 seconds of receiving a notification. A notification is sent shortly after the criteria defined in the filters have been fulfilled. One notification is sent per request. Once a day, we will send email alerts for failed URL notifications on your account. A URL notification failure may be attributed to an invalid URL or if we fail to receive a response from your system. The alert is sent to the email address of the user that configured the notification and has a subject of “Notification Problems”. For example: When creating the action, use the “Fields” tab to specify fields to be included in the notification. Start to type the name of the fields you would like to include to filter down the list displayed, and tick the fields to add them to the action. We recommend including at least the following fields as a minimum for inclusion in typical URL notifications:
Online
Offline
Failover
Format of URL notification
Content-type: application/x-www-form-urlencoded; charset=UTF-8
baseamount=2499&errorcode=0¬ificationreference=1-A60356&orderreference=customerorder1
Authentication (notification security)
baseamount=2499&errorcode=0¬ificationreference=1-A60356&orderreference=customerorder1&responsesitesecurity=033e6bcc1971f150c5a6d5487548b375b8971c9bdc1962b2cc1844d26ff82c2a
24990customerorder1
24990customerorder1password
24990bravoalphacustomerorder1password
033e6bcc1971f150c5a6d5487548b375b8971c9bdc1962b2cc1844d26ff82c2a
Using Secure Socket Layer / Transport Layer Security (SSL/TLS)
Response to Trust Payments
Retrying notifications
Email alerts for failed URL notifications
Fields to include
Payment pages customer email
This action is used to send an email to the customer’s billing email address following a Payment Pages transaction, when the associated condition(s) has been met (e.g. for successful transactions).
Click here to learn more Customer email notifications are sent from Trust Payments’s systems when pre-specified criteria are met. These are designed to be sent to your customers, and can act as a receipt or confirmation following a transaction. When enabled, please inform your customer to expect an email notification when they make a purchase. Within the action, you can specify the “from” and “reply to” addresses and also the subject. The following fields are included as default within email notifications:
Included fields
Payment pages merchant email
This action is used to send an email to yourself and/or members of your organisation following a Payment Pages transaction, when the associated condition(s) has been met.
e.g. For successful transactions over £600, send an email confirmation to [email protected]
Click here to learn more Merchant email notifications are sent from Trust Payments’s systems when pre-specified criteria are met. These are designed to be sent to your company, containing a customised selection of fields. Please ensure your email server is configured to accept all incoming emails from the email address you specified when configuring the notification. Within the action, you can specify the recipient, email subject and “from” and “reply to” addresses. The following fields are included as default within email notifications:
Included fields
Payment pages redirect
This action is used to redirect the customer’s browser from the Payment Pages following a transaction, when the associated condition(s) has been met. The customer’s browser bypasses Trust Payments’s default response page and is redirected to the URL specified in the action.
e.g. For successful transactions, redirect the customer’s browser to your website.
Click here to learn more Please note: We do not support localhost, loopback or multicast IP ranges in the URL. When creating the action, use the “Fields” tab to specify fields to be included in the redirect. Start to type the name of the fields you would like to include to filter down the list displayed, and tick the fields to add them to the action. You should include the errorcode, settlestatus and transactionreference fields as a minimum, as these are used to indicate whether or not the transaction was successful. You can also include custom fields, by typing the name and ticking it from the list.
Fields to include
Payment pages required fields
This action is used to designate fields as required on the Payment Pages when the associated condition(s) has been met.
e.g. For Mastercard transactions, you could specify the billing name as required.
Click here to learn more If the customer fails to enter the information required when performing a payment, the relevant fields are highlighted in red and the customer is shown an error message to convey the problem. This allows the customer to make corrections and re-attempt the payment. All required fields are highlighted with an asterisk. When creating the action, you will need to specify the fields required when the condition has been met.
Update response action
This action is used to automatically update the status of a request after it has been processed by the acquirer and the associated condition(s) has been met. e.g. For authorisations, where the results of the AVS checks return a “Not matched” postcode response, update the settle status in order to suspend the payment.
