AUTH Subscription
If you are already processing e-commerce payments using the latest version of our JavaScript Library, your existing solution already utilises 3-D Secure version 2, and can be updated to also submit Subscription requests with minimal changes to the mark-up. Click here to learn more.
If you are unsure, please contact our Support team for assistance.
Process overview
This subscription process consists of three parts:
This immediately processes the first payment and then schedules future payments in our subscription engine.
All subsequent payments are processed automatically by our subscription engine.
In the initial request, you can define a finite number of payments (using the subscriptionfinalnumber field), after which our subscription engine will discontinue automatic payments. Alternatively you can allow payments to continue indefinitely and manually disable the subscription when needed.
1. Submit combined AUTH SUBSCRIPTION request
In order to process the first payment immediately, and request that a series of subscription payments be scheduled in our subscription engine, your system will need to submit a request following the specifications outlined below.
Request example
When the AUTH SUBSCRIPTION request is submitted, our system will interpret this as two different requests:
- Firstly, an AUTH request is processed, which is used to process the first payment. This acts as a parent to all subsequent automated payments in this series.
- Secondly, a SUBSCRIPTION request is processed, which is used to tell our subscription engine when to process the subsequent automated payments.
AUTH SUBSCRIPTION request for cards enrolled in 3-D Secure When processing Subscriptions using 3-D Secure, you will first need to process a THREEDQUERY request and handle the response. Click here for further information If the customer’s card is enrolled in 3-D Secure, submit a combined AUTH SUBSCRIPTION request, including the md and pares field returned from the ACS: AUTH SUBSCRIPTION request for cards NOT enrolled in 3-D Secure When processing Subscriptions using 3-D Secure, you will first need to process a THREEDQUERY request and handle the response. Click here for further information If the customer’s card is NOT enrolled in 3-D Secure, submit a combined AUTH SUBSCRIPTION request, including the field parenttransactionreference (which contains the transactionreference returned in the response of the THREEDQUERY ): AUTH SUBSCRIPTION request for site references that don't employ 3-D Secure If your system does not employ 3-D Secure, submit a combined AUTH SUBSCRIPTION request, including the customer’s card details: In the response, in addition to following our best practices, you will need to check the fields returned contain the correct information in regards to subscription timing and amount, and in particular, that the transactionactive field contains the value you are expecting. The response is divided into two parts: Key This field is not strictly required field by Trust Payments, but it is highly recommended for the processing of security code checks. Additionally, some banks may decline the payment if the security code is not present. *In the response, the field ‘requesttypedescription’ is returned in both parts of the response e.g. “requesttypedescription”:”AUTH” and “requesttypedescription”: “SUBSCRIPTION”, respectively. Note: Visa and Mastercard have mandated that you must obtain cardholder consent before storing card details for future use. Click here for further information If your system fails to submit this value in the request, our system will automatically attempt to flag the request with the correct credentialsonfile value. If you are processing a new subscription using previously-stored credentials, you must still submit credentialsonfile = 1, to indicate the credentials will continue to be stored for payments in this specific subscription sequence. “0” – Inactive: Suspends future payments until manually overridden. (Refer to information on updating subscriptions below) “1” – Active: Schedules subscription payments immediately, bypassing fraud & duplicate checks (if enabled). “2” – Pending (default): Schedules subscription payments after the AUTH has been settled (settlestatus “100”). It is especially important to take note of the transactionreference returned in the SUBSCRIPTION section of the response, as you will need this if you need to perform any queries or updates on the subscription at a later time. You can schedule a subscription for a different amount to that of the initial payment (e.g. initial AUTH is for £5.99 and the SUBSCRIPTION is for £9.99 a month). The first payment will be processed immediately after the initial request is submitted. All subsequent payments will be processed automatically by our subscription engine. The first automated payment will be processed as follows: You can perform updates to active subscriptions in order to change customer’s details, or to cancel/modify the subscription payments. There are two ways to do this: Subscriptions can enter either one of these two states: Once the subscriptionnumber exceeds the subscriptionfinalnumber, our subscription engine will stop processing subscription payments indefinitely. If you do not need to process further payments from the customer, you do not need to take further action. If you wish to resume/extend a subscription, you can update the subscriptionfinalnumber to a greater value. You can do this by using MyST, or by submitting a TRANSACTIONUPDATE request. With this update complete, payments will resume processing at their original intervals. If payments have been missed while the subscription payments were not being processed, our subscription engine will catch up with missed payments within 24 hours. If the original request was submitted with subscriptionfinalnumber set to “0”, we will continue to process payments indefinitely until you manually deactivate the subscription. If you wish to deactivate the subscription, you can do so by updating the transactionactive field to be “0”. You can do this by using MyST, or by submitting a TRANSACTIONUPDATE request (you can re-enable a subscription at a later time, if needed).
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
authsub = {
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"md":"UEZOVVBqeE5SRDQ4VFVSSVBrRjVXSGhOZFZReVUzVlalBVeE",
"pares":"eJzVWFmzosgSfudXdPQ8Gt1sbkzYRhQ7KCjI/sYOsimgoL/+lp7Tp5"
}
strequest = securetrading.Request()
strequest.update(authsub)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'sitereference' => 'test_site12345',
'requesttypedescriptions' => array('AUTH','SUBSCRIPTION'),
'accounttypedescription' => 'ECOM',
'currencyiso3a' => 'GBP',
'baseamount' => '1050',
'orderreference' => 'My_Order_123',
'subscriptiontype' => 'RECURRING',
'subscriptionunit' => 'MONTH',
'subscriptionfrequency' => '1',
'subscriptionnumber' => '1',
'subscriptionfinalnumber' => '12',
'subscriptionbegindate' => '2018-01-01',
'credentialsonfile' => '1',
'md' => 'UEZOVVBqeE5SRDQ4VFVSSVBrRjVXSGhOZFZReVUzVlalBVeE',
'pares' => 'eJzVWFmzosgSfudXdPQ8Gt1sbkzYRhQ7KCjI/sYOsimgoL/+lp7Tp5'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias":"[email protected]",
"version": "1.00",
"request": [{
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"md":"UEZOVVBqeE5SRDQ4VFVSSVBrRjVXSGhOZFZReVUzVlalBVeE",
"pares":"eJzVWFmzosgSfudXdPQ8Gt1sbkzYRhQ7KCjI/sYOsimgoL/+lp7Tp5"
}]}'
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
authsub = {
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"parenttransactionreference": "1-2-345678"
}
strequest = securetrading.Request()
strequest.update(authsub)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'sitereference' => 'test_site12345',
'requesttypedescriptions' => array('AUTH','SUBSCRIPTION'),
'accounttypedescription' => 'ECOM',
'currencyiso3a' => 'GBP',
'baseamount' => '1050',
'orderreference' => 'My_Order_123',
'subscriptiontype' => 'RECURRING',
'subscriptionunit' => 'MONTH',
'subscriptionfrequency' => '1',
'subscriptionnumber' => '1',
'subscriptionfinalnumber' => '12',
'subscriptionbegindate' => '2018-01-01',
'credentialsonfile' => '1',
'parenttransactionreference' => '1-2-345678'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias":"[email protected]",
"version": "1.00",
"request": [{
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"parenttransactionreference": "1-2-345678"
}]}'
#!/usr/bin/python
import securetrading
stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)
authsub = {
"sitereference": "test_site12345",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"accounttypedescription": "ECOM",
"currencyiso3a": "GBP",
"baseamount": "1050",
"orderreference": "My_Order_123",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"pan": "4111111111111111",
"expirydate": "12/2020",
"securitycode": "123"
}
strequest = securetrading.Request()
strequest.update(authsub)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php
if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);
$configData = array(
'username' => '[email protected]',
'password' => 'Password1^',
);
$requestData = array(
'sitereference' => 'test_site12345',
'requesttypedescriptions' => array('AUTH','SUBSCRIPTION'),
'accounttypedescription' => 'ECOM',
'currencyiso3a' => 'GBP',
'baseamount' => '1050',
'orderreference' => 'My_Order_123',
'subscriptiontype' => 'RECURRING',
'subscriptionunit' => 'MONTH',
'subscriptionfrequency' => '1',
'subscriptionnumber' => '1',
'subscriptionfinalnumber' => '12',
'subscriptionbegindate' => '2018-01-01',
'credentialsonfile' => '1',
'pan' => '4111111111111111',
'expirydate' => '12/2020',
'securitycode' => '123'
);
$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());
?>
curl --user [email protected]:Password1^ https://webservices.securetrading.net/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias":"[email protected]",
"version": "1.00",
"request": [{
"currencyiso3a": "GBP",
"requesttypedescriptions": ["AUTH","SUBSCRIPTION"],
"sitereference": "test_site12345",
"baseamount": "1050",
"orderreference": "My_Order_123",
"accounttypedescription": "ECOM",
"subscriptiontype": "RECURRING",
"subscriptionunit": "MONTH",
"subscriptionfrequency": "1",
"subscriptionnumber": "1",
"subscriptionfinalnumber": "12",
"subscriptionbegindate": "2018-01-01",
"credentialsonfile": "1",
"pan": "4111111111111111",
"expirydate": "12/2020",
"securitycode": "123"
}]}'
Response example
{
u 'requestreference': u 'A0dcb11e6',
u 'version': u '1.00',
u 'response': [{
u 'transactionstartedtimestamp': u '2017-09-27 15:11:14',
u 'livestatus': u '0',
u 'issuer': u 'SecureTrading Test Issuer1',
u 'splitfinalnumber': u '1',
u 'dccenabled': u '0',
u 'settleduedate': u '2017-09-27',
u 'errorcode': u '0',
u 'baseamount': u '1050',
u 'tid': u '27882788',
u 'merchantnumber': u '00000000',
u 'merchantcountryiso2a': u 'GB',
u 'transactionreference': u '1-2-345678',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'VISA',
u 'orderreference': u 'My_Order_123',
u 'accounttypedescription': u 'ECOM',
u 'acquirerresponsecode': u '00',
u 'requesttypedescription': u 'AUTH',
u 'securityresponsesecuritycode': u '2',
u 'currencyiso3a': u 'GBP',
u 'authcode': u 'TEST50',
u 'errormessage': u 'Ok',
u 'operatorname': u '[email protected]',
u 'securityresponsepostcode': u '0',
u 'maskedpan': u '411111######1111',
u 'securityresponseaddress': u '0',
u 'issuercountryiso2a': u 'US',
u 'credentialsonfile': u '1',
u 'settlestatus': u '0'
}, {
u 'transactionstartedtimestamp': u '2018-01-01 00:00:00',
u 'parenttransactionreference': u '23-9-80025',
u 'livestatus': u '0',
u 'errorcode': u '0',
u 'orderreference': u 'My_Order_123',
u 'subscriptionfinalnumber': u '12',
u 'subscriptionunit': u 'MONTH',
u 'transactionreference': u '1-2-345679',
u 'paymenttypedescription': u 'VISA',
u 'transactionactive': u '2',
u 'baseamount': u '1050',
u 'subscriptiontype': u 'RECURRING',
u 'accounttypedescription': u 'RECUR',
u 'requesttypedescription': u 'SUBSCRIPTION',
u 'currencyiso3a': u 'GBP',
u 'subscriptionbegindate': u '2018-01-01',
u 'maskedpan': u '411111######1111',
u 'errormessage': u 'Ok',
u 'subscriptionnumber': u '2',
u 'subscriptionfrequency': u '1',
u 'operatorname': u '[email protected]'
}]
}
array(3) {
["requestreference"] => string(9) "A58cdfkpy"
["version"] => string(4) "1.00"
["response"] => array(2) {
[0] => array(29) {
["transactionstartedtimestamp"] => string(19) "2017-09-27 15:11:14"
["livestatus"] => string(1) "0"
["issuer"] => string(26) "SecureTrading Test Issuer1"
["splitfinalnumber"] => string(1) "1"
["dccenabled"] => string(1) "0"
["settleduedate"] => string(10) "2017-09-27"
["errorcode"] => string(1) "0"
["baseamount"] => string(4) "1050"
["tid"] => string(8) "27882788"
["merchantnumber"] => string(8) "00000000"
["merchantcountryiso2a"] => string(2) "GB"
["transactionreference"] => string(10) "1-2-345678"
["merchantname"] => string(13) "Test Merchant"
["paymenttypedescription"] => string(4) "VISA"
["orderreference"] => string(12) "My_Order_123"
["accounttypedescription"] => string(4) "ECOM"
["acquirerresponsecode"] => string(2) "00"
["requesttypedescription"] => string(4) "AUTH"
["securityresponsesecuritycode"] => string(1) "2"
["currencyiso3a"] => string(3) "GBP"
["authcode"] => string(6) "TEST50"
["errormessage"] => string(2) "Ok"
["operatorname"] => string(23) "[email protected]"
["securityresponsepostcode"] => string(1) "0"
["maskedpan"] => string(16) "411111######1111"
["securityresponseaddress"] => string(1) "0"
["issuercountryiso2a"] => string(2) "US"
["credentialsonfile"] => string(1) "1"
["settlestatus"] => string(1) "0"
}
[1] =>array(20) {
["transactionstartedtimestamp"] => string(19) "2018-01-01 00:00:00"
["parenttransactionreference"] => string(10) "1-2-345679"
["livestatus"] => string(1) "0"
["errorcode"] => string(1) "0"
["orderreference"] => string(12) "My_Order_123"
["subscriptionfinalnumber"] => string(2) "12"
["subscriptionunit"] => string(5) "MONTH"
["transactionreference"] => string(9) "23-64-101"
["paymenttypedescription"] => string(4) "VISA"
["transactionactive"] => string(1) "2"
["baseamount"] => string(4) "1050"
["subscriptiontype"] => string(9) "RECURRING"
["accounttypedescription"] => string(5) "RECUR"
["requesttypedescription"] => string(12) "SUBSCRIPTION"
["currencyiso3a"] => string(3) "GBP"
["subscriptionbegindate"] => string(10) "2018-01-01"
["maskedpan"] => string(16) "411111######1111"
["subscriptionnumber"] => string(1) "2"
["subscriptionfrequency"] => string(1) "1"
["operatorname"] => string(23) "[email protected]"
}
}
}
{"requestreference":"W23-wt77f0n8","version":"1.00","response":[{"transactionstartedtimestamp":"2017-09-27 15:11:14","livestatus":"0","issuer":"SecureTrading Test Issuer1","splitfinalnumber":"1","dccenabled":"0","settleduedate":"2017-09-27","errorcode":"0","baseamount":"1050","tid":"27882788","merchantnumber":"00000000","merchantcountryiso2a":"GB","transactionreference":"1-2-345678","merchantname":"Test Merchant","paymenttypedescription":"VISA","orderreference":"My_Order_123","accounttypedescription":"ECOM","acquirerresponsecode":"00","requesttypedescription":"AUTH","securityresponsesecuritycode":"2","currencyiso3a":"GBP","authcode":"TEST50","errormessage":"Ok","operatorname":"[email protected]","securityresponsepostcode":"0","maskedpan":"411111######1111","securityresponseaddress":"0","issuercountryiso2a":"US","credentialsonfile":"1","settlestatus":"0"},{"transactionstartedtimestamp":"2018-01-01 00:00:00","parenttransactionreference":"1-2-345679","livestatus":"0","errorcode":"0","orderreference":"My_Order_123","subscriptionfinalnumber":"12","subscriptionunit":"MONTH","transactionreference":"23-64-101","paymenttypedescription":"VISA","transactionactive":"2","baseamount":"1050","subscriptiontype":"RECURRING","accounttypedescription":"RECUR","requesttypedescription":"SUBSCRIPTION","currencyiso3a":"GBP","subscriptionbegindate":"2018-01-01","maskedpan":"411111######1111","errormessage":"Ok","subscriptionnumber":"2","subscriptionfrequency":"1","operatorname":"[email protected]"}],"secrand":"E0ksvyuH5VKg"}
Field specification
Field name
Type
Length
Request
Response
Description
md
Alphanumeric including symbols
65536
The unique 3-D Secure reference for this transaction. Supplied if enrolled is “Y”
pares
Alphanumeric including symbols
1024
Must be the value returned in the pares field of the HTTPS POST from the card issuer’s ACS, otherwise this may forfeit the liability shift.
parenttransactionreference
Alphanumeric including hyphens
25
Unique reference of the parent THREEDQUERY request.
expirydate
Date MM/YYYY
7
The expiry date printed on the card.
pan
Numeric
12-19
This is the long number printed on the front of the customer’s card.We return a masked version of this PAN in the response, in the field maskedpan. e.g. “411111######1111”
securitycode
Numeric
3-4
This is the three digit security code printed on the back of the card.(For AMEX cards, this is a 4 digit code found on the front of the card)
requesttypedescriptions
Alpha
20
*You must submit “AUTH” and “SUBSCRIPTION”, as shown in the request example.
sitereference
Alphanumeric including
underscore50
The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support team.
accounttypedescription
Alpha
20
The source of the transaction.
currencyiso3a
Alpha
3
The currency assigned to each payment in the subscription sequence.
baseamount
Numeric
13
The amount to be paid at regular intervals, in base units, with no commas or decimal points, so £10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
credentialsonfile
Numeric
1
Submit value “1” to indicate the credentials submitted in the initial request are being stored for subsequent subscription payments.
subscriptiontype
Alpha
11
For information on the use of subscription fields, please refer to the Subscription engine page.
subscriptionfinalnumber
Numeric
5
subscriptionunit
Alpha
5
subscriptionfrequency
Numeric
11
subscriptionbegindate
Date
YYYY-MM-DD10
subscriptionnumber
Numeric
5
transactionactive
Numeric
1
The subscription status.
transactionreference
Alphanumeric including
hyphens25
This field is returned in both the AUTH and SUBSCRIPTION response, and is used to uniquely identify both.
2. Subscription is active
Start of the automated payments
Keeping track of your subscriptions
Click here for further information.
Click here for further information.
Click here for further information.Updating the subscription
Click here for further information.
Click here for further information.
3. Finishing the subscription
Number of payments exceeded
Subscription continues indefinitely
ACCOUNTCHECK SubscriptionSubscriptions