Gateway Emulator
Third Party Shopping Carts

We have designed our gateway to be able to handle transaction submissions and responses in the Authorize.Net format. We call this our Gateway Emulator.

To use the Gateway Emulator, your shopping cart or application must support the Authorize.Net AIM or SIM method of integration. If the application supports the AIM or SIM method, you simply need to change the transaction POST URL to our Gateway Emulator URL.

The Gateway does not support the emulation of XML AIM, CIM, ARB, DPM, Card Present or Transaction Details APIs.

Our Gateway Emulator URL is:

AIM:https://velox.transactiongateway.com/gateway/transact.dll
SIM:https://velox.transactiongateway.com/cart/ausi.php

You will need to change any production and test Authorize.Net URLs to one of the above URLs. The following URLs should be replaced:

https://secure.authorize.net/gateway/transact.dll
https://test.authorize.net/gateway/transact.dll

Some applications will not contain the test URL. In that case, you will only be changing one URL. Once you have updated the URLs to point to us, the application will submit transactions without needing changes to the code base.

You will then need to configure the Authorize.Net AIM or SIM payment module with the following credentials:

  • API ID or Login ID is your gateway username.
  • Transaction Key is your gateway password.
  • The MD5 Hash is the word "gateway" without the marks.

For testing, you can use the username and password of "demo" and "password".

Shopping Cart List
Third Party Shopping Carts

Wordpress Plugins
Third Party Shopping Carts

Drupal Plugins
Third Party Shopping Carts

Joomla Plugins
Third Party Shopping Carts

1AutomationWiz provides an easy to use "Buy It" button based 'all in one' shopping cart software, and combines it with the power of an integrated marketing automation system. With 1AutomationWiz, there's no heavy lifting, outrageous set up fee or huge learning curve.

1AutomationWiz has built-in support for our system.

1ShoppingCart.com is a complete online shopping cart software solution designed to help you start selling and keep growing. 1ShoppingCart.com incorporates all of the tools your business needs to sell online in a single, easy-to-use web-based eCommerce solution.

1ShoppingCart.com has built-in support for our system. Click on the link below to get more information about their product.

Whether you are a startup company, a small business, or a large corporation, 3dCart has a store solution for you. Each of our solutions includes toll free support, training manuals, and free consultation with an e-commerce and marketing expert to help you setup your online store.

3DCart has built-in support for our system. Click on the link below to get more information about their product.

800 Cart has built-in support for our system. Click on the link below to get more information about their product.

AShop is the oldest still active open source shopping cart. It has been around since 2000 and has had plenty of time to grow and evolve. We are dedicated to our mission, which is to develop timely and cost effective tools for running online businesses.

AShop Software has built-in support for our system. Click on the link below for more details.

AbanteCart is a free PHP based eCommerce solution for merchants to provide ability creating online business and sell products online quick and efficient. AbanteCart application is built and supported by experienced enthusiasts that are passionate about their work and contribution to rapidly evolving eCommerce industry. AbanteCart is more than just a shopping cart, it is rapidly growing eCommerce platform with many benefits.

Abente Cart uses the gateway emulator to connect to the payment gateway.

Enterprise level, Insurance-based hosted solution perfect for managing documents, workflow solutions, and simple integration for any sized company.

ACROSOFT connects to us through our Gateway Emulator.

AgoraCart is one of the early open source ecommerce shopping cart software solutions offering small businesses and online retailers more flexibility, power, and customization on a larger scale. AgoraCart can be easily installed on your existing website or it can be hosted for you. Built as an Open Source Software (OSS) using Perl, our ecommerce shopping cart software is community driven in its design and development, which keeps the focus on the merchant needs.

AgoraCart integrates using the Gateway Emulator AIM Method.

Accept subscription payments, manage customer profiles, deliver digital content, integrate with your blog, forum, or CMS, send opt-in newsletters, run your own affiliate program everything is easy with aMember Pro.

aMember Pro has built-in support for our system.

Americart is one of the most robust and well-tested shopping carts on the Web. Since 1996, Americart has provided reliable and economical shopping cart services to tens of thousands of online merchants.

Americart has built-in support for our system. Click on the link below to get more information about their product.

AmeriCommerce Shopping Cart Software is a complete eCommerce package. In development since 2000, AmeriCommerce has been a recognized innovation leader and boasts market share with thousands of merchants choosing our platform.

Americommerce has built-in support for our system. Click on the link below to get more information about their product.

Industry leading software to manage and sell WiFi HotSpot access. We have easy setup with any hardware and live support.

AntaMedia integrates to the payment gateway directly.

WorqSmart has developed an add-on module for Apple's FileMaker Pro that adds support for our system. Click on the link below to obtain more information about the integration module.

ASecureCart is a feature rich shopping cart service that allows you to sell products and services from your web pages affordably, with no software to download and no programming knowledge.

aSecureCart has built-in support for our system. Click on the link below to get more information about their product.

Whether you're new to ecommerce or a seasoned professional, Ashop ecommerce shopping cart software is easy, flexible and feature rich so your online business can grow without limits.

Ashop Commerce has built-in support for our system. Click on the link below to get more information about their product.

AspDotNetStorefront, in all its fullness, has everything you will ever need. Platform, partners, plug-ins. With built-in SEO, promotion and marketing tools, and the flexibility and stability of the .NET platform, AspDotNetStorefront is the only shopping cart your business can't outgrow.

AspDotNetStorefront connects to us through our Gateway Emulator. Click on the link below for more details.

Avactis PHP Shopping Cart is a new-generation online store software. Top Features: customizable to any design with no programming skills; easy integration with an existing website through a unique tag-based technology.

Avactis has built-in support for our system. Click on the link below to get more information about their product.

Bigcommerce is a complete content management system that lets you build and manage your entire website. Along with a powerful product catalog and e-commerce functionality, you get the ability to easily create web pages, contact forms, banners and more.

Big Commerce has built-in support for our system. In order to use this integration, please contact your Merchant Service Provider and ask them to set your account to 'allow merchant override' in the processor setup.

Create a blog. It's free.

Blogger is a blogging platform that can be integrated with the gateway using QuickClick.

Bookeo is the easiest, most comprehensive online booking system. Bookeo is already used in over 50 countries, and every minute, somewhere, someone is making a new booking.

Bookeo has a direct integration to the payment gateway.

CanadaCart.ca has been helping Canadian and international companies to enter the e-marketplace with our shopping cart and store builder eCommerce solutions since 1998. CanadaCart.ca continues to be Canada's first and best unlimited shopping cart solution. Our focus is on continuing to deliver a solid, sustainable shopping cart system specific to Canadians.

Canada Cart has the payment gateway directly integrated.

Cart66 is a WordPress Ecommerce Plugin that makes selling as simple as placing a product on any page or post on your WordPress website.

Cart 66 connects to us through our Gateway Emulator. Click on the link below for more details.

Our shopping cart software is database driven with import and export capability, secure server enabled, and customizable with the ability to easily create a template for itself from any page on your web site.

Cart 7 Technologies has built-in support for our system. Click on the link below to get more information about their product.

Cart32 is an online shopping cart solution that fits all your website needs. This includes Website Hosting, Shopping Cart Hosting, Payment Gateway, and Merchant Services. With the user friendly control panel, you can get your shopping cart set up in under an hour! If you have any issues, Cart32 offers 24/7 Tech Support.

Cart32 connects to us through our Gateway Emulator.

Used by thousands of merchants all over the world; CartManager has been providing easy to use, secure, online shopping cart solutions since 1998.

CartManager has built-in support for our system. Click on the link below to get more information about their product.

CartVille.com has helped thousands of successful Web businesses like yours take the guesswork out of capturing more online orders quickly and easily. And unlike other systems, this complete shopping cart solution does not require any additional software, order forms, or database programs. You will be able to set up your cart in just minutes, and then view your new orders securely, online from anywhere in the world, 24 hours a day!

CARTVILLE.COM has built-in support for our system.

With just a few clicks you'll have a full featured shopping cart installed, including the store pages, the database and a robust web-based administration area, ready to log in and start configuring your eCommerce options. With Cartweaver 4 PHP or ColdFusion or Railo (open source CFML), you are just minutes away from adding a full featured store to your web site!

CartWeaver integrates using the Gateway Emulator AIM Method.

The ChamberMaster Member Management Software is powerful, easy-to-use and designed to manage all the day-to-day operations of your organization. Thousands of people in chambers, business and trade associations, and convention and visitors bureaus (CVBs) trust ChamberMaster to manage their most important information and help promote and grow the communities they serve.

CHAMBER MASTER connects to us through our Gateway Emulator.

Chargent Payment Processing for Salesforce is a 100% Salesforce native credit card / ACH payment solution for one time or recurring billing. Chargent puts you in complete control of your payment processing, managing everything right in Salesforce where your customer data is stored. Available as an easy-to-install Salesforce add-on, our highly extensible platform has been deployed in hundreds of organizations since 2009. Chargent comes with pre-built integrations to 15+ payment gateways, with developer tools that make it easy to customize to fit any business process.

CHARGENT PLUGIN has built-in support for our system.

Checkfront is an cloud-based online booking system that snaps right into your existing website. It includes a built-in payment processing platform enabling you take online credit card payments. Checkfront shows your bookings and availability in real-time, even managing your equipment inventory.

Checkfront has a basic integration with the payment gateway.

CiviCRM is a web-based, open source, Constituent Relationship Management (CRM) software geared toward meeting the needs of non-profit and other civic-sector organizations.

CiviCRM connects to us through our Gateway Emulator. Click on the link below for more details.

CMS made for Marketing but build for Geeks. Concrete5 is a content management system that is free and open source.

Concrete CMS uses the gateway emulator to connect with the payment gateway.

Contact Your Client Ultimate is an all-inclusive Windows-based CRM Contact Management Software with integrated Marketing, Telemarketing, Prospecting, SEO, Invoicing, Emailing, E-Commerce and Financial Charging capabilities all under one roof.

Has built in support for the payment gateway, may support recurring building.

CoreCommerce is the full-service shopping cart solution that makes it easy for you to sell online. Choose from over 250+ hand-crafted, professionally made themes for your store to get that look that's just right.

CoreCommerce has built-in support for our system. Click on the link below to get more information about their product.

Chain Reaction Ecommerce, Inc. (CRE) is a leading provider of open source ecommerce software and services for merchants, and a steward of the CRE ecommerce ecosystem. The CRE Loaded product family is supported by a growing open source community - CRE Share - of more than 12,000 developers, designers, Web hosting providers, online merchants, Internet retailers and business partners. CRE Share provides a unique environment for merchants to access a wide variety of resources designed to help them succeed with their online stores, and to share their experiences, success and lessons learned with other online merchants. Through its CRE Lance network of ecommerce design, development and programming experts, CRE provides customers with access to expert resources to create and manage their online stores.

Filename: cre_loaded-v6.5.x_Install.zip

This payment module adds support using the Three Step Redirect integration, which keeps merchants and their environment outside the scope of transmitting sensitive payment information.

The most comprehensive Credit Repair Software under the sun.

Credit Money Machine is directly integrated with the payment gateway.

Cresecure, powered by PCI-Compliance provider ControlScan, offers secure, PCI Compliant payment modules for open-source Shopping Carts including Magento, osCommerce, ZenCart, Loaded Commerce, Wild Apricot and more.

CRESECURE has built-in support for our system.

CS-Cart is a standalone web application for building and managing an ecommerce website of any size from a small web store to a virtual shopping mall with multiple departments and product suppliers.

CS-Cart connects to us through our Gateway Emulator. Click on the link below for more details.

Filename: cubecart-v3.x_nmi_gateway_services.zip

This module adds support for our system to CubeCart v3.x.x.

Filename: cubecart-v4.x_nmi_gateway_services.zip

This module adds support for our system to CubeCart v4.x.x.

Formerly known as Curdbee, Hiveage offers impressive online billing, invoicing, time tracking and subscription/recurring capabilities for freelancers and small businesses.

Hiveage connects to us through our Gateway Emulator.

Cydec has built-in support for our system. Click on the link below to get more information about their product.

DesignCart has provided the easiest to use, most secure, online shopping carts for thousands of small and medium sized businesses. As a third-party hosted online shopping cart, DesignCart is perfect for a small to mid-size businesses that wish to sell their products on the web and reflect a "big business" presence. Our online shopping carts offer you a practical, quick, user-friendly and developer-friendly environment. Setting up our shopping cart software is fast, easy and you don't have to be an expert to do it.

DesignCart is directly integrated into the payment gateway using our direct post api.

Drupal Commerce is an open source eCommerce framework. Use it to build truly flexible eCommerce websites and applications based on Drupal, the best platform for social commerce.

DrupalCommerce uses the AIM method of the Gateway Emulator.

DudaMobile can be used to build a mobile website using most of our integrated shopping carts. DudaMobile will build a mobile website based on your existing website to make it mobile device friendly. If you have a payment method integrated into that website, it will transfer over nicely in most cases. If no website exists, QuickClick can be used, though it is not responsive.

The QuickClick Shopping Cart can be used to integrate dudamobile with the payment gateway.

ProductCart is the result of this effort. Among the very best ecommerce software you can find, it's successfully powering thousands of Internet stores. It contains hundreds of smart features, optimized over time based on constant feedback from companies just like yours. Over 11 years of continuous development really comes down to this: ProductCart is ecommerce software that simply makes sense.

Early Impact has built in support for our gateway, which does support recurring billing. However, it does not use the gateway's recurring system.

EasyCart, built by LevelFour StoreFront, is the top WordPress Shopping Cart software that allows you to plugin e-Commerce into your WordPress website with only a few clicks.  All the features you need to sell physical goods, digital products, gift cards, and more all from your website.

EasyCart connects to us through our Gateway Emulator.

storeBlox CS is the most affordable solution for custom company store programs. No extra charge for spectacular support and customer service.

eBlox storeBlox CS has a direct integration with the payment gateway.

Ecommerce Templates is a shopping cart system written in both ASP and PHP.

Filename: ecomtemp.zip

This adds Network Merchants support for the PHP version of Ecommerce Templates. Installation instructions are included in this package.

Ecommerce Templates can connect to the Gateway via the Gateway Emulator, AIM method. This is supported via ASP and PHP versions of Ecommerce Templates.

Ecwid is qualiteam's attempt to bring an entirely new approach to creating an online store: SaaS-based, compatible with your existing site, hassle-free and lightning-fast.

Ecwid has built-in support for our system. Click on the link below to get more information about their product.

Management software for Security Businesses.

Engarde is directly integrated with the payment gateway.

eShop is an accessible shopping cart plugin for WordPress, packed with various features including customer login, various payment methods, downloadable/digital products, various shipping methods and more.

The eShop plugin connects to the payment gateway using the SIM method of the gateway emulator.

eStore Advanced connects to us through our Gateway Emulator. Click on the link below for more details.

EventEspresso is a powerful Event Registration plugin for WordPress that supports customizable event page designs, multi-ticket and pricing options, a Venue manager and much, much more.

The Event Espresso plugin connects to the payment gateway using the AIM method of the gateway emulator.

The most popular Events Management plugin for WordPress. Quickly and easily create events, accept bookings, and manage attendees with one plugin. A regularly maintained plugin with a Pro add-on for additional support and features

This plugin uses the AIM method of the gateway emulator in order to connect to the payment gateway.

EZregister makes online event registration easy. After just a few simple online forms, your event is set up and ready to promote!

EZ REGISTER connects to us through our Gateway Emulator.

Finalsite is web software and services designed for schools. The platform's many different components make it scalable and flexible. Finalsite's interactive solution builder lets you pick the parts of the platform that fits your school's unique needs.

Finalsite has built-in support for our system.

Fishbowl is the most popular manufacturing and warehouse management solution among Quickbooks users. It's also a great standalone tool for organizations looking to track assets.

FISHBOWL INVENTORY connects to us through our Gateway Emulator.

FormSite.com connects to us through our Gateway Emulator. Click on the link below for more details.

FoxyCart is fast and easy to get started with. All that's required is basic HTML knowledge to create a link or a form. Even if you've never created an e-commerce site before, FoxyCart will allow you to implement a custom e-commerce solution without banging your head against your desk.

FoxyCart has built-in support for our system. Click on the link below to get more information about their product.

The FSM .NET Marina Management System is the most advanced and capable marina management software available. It’s reliable, fast, flexible, comprehensive, and quickly understood and mastered.

FSM MARINA MGMT has built-in support for our system.

GlobeKey is a commerce package aimed at hotel operators and is intended to ease the process of managing reservations.

Support for our system is built into GlobeKey. Click on the link below for more information.

GoECart's comprehensive technology solutions offer the ultimate in reliability, scalability, and flexibility demanded by the world's busiest ecommerce sites. And our value-added professional services and turn-key implementation programs ensure speed to market while keeping our clients at the forefront of ecommerce.

GoECart connects to us through our Gateway Emulator. Click on the link below for more details.

Gravity Forms is hands down the best contact form plugin for WordPress powered websites. Oh yeah, we said it!

GRAVITY FORMS connects to us through our Gateway Emulator.

GuestPoint is a powerful and easy to use Property Management System designed specifically for small and medium-sized independent accomodation properties including hotels, motels, inns, spas, resorts, hostels, mini-camps and and B&Bs.

GUESTPOINT has built-in support for our system.

HikaShop is a Joomla Extension that enables you to manage your shop's content (categories, products, etc), handle advanced prices management, heavily personalize your store by providing an easy interface to customize all the HikaShop views. You can also easily manage custom fields for users, their addresses and products, manage an affiliate program, easily handle the translation of the shop's content in multiple languages, show statistics and so much more...

Hikashop can be integrated using the AIM or SIM method of the gateway emulator.

Design, Manage and Market your website today!! Everything you need to succeed online: Designs, SEO, Web Hosting, Multimedia, Emails, Credit Card Processing, Online Commerce Tools, Social Media & more. Take control of your website using our quick and convenient power-packed platform. Get your own website instantly, there's no commitments, nothing to download, no coding to learn, try it absolutely risk free for ten days.

iBuilt.net has built-in support for our system.

The Ignite Builder lets you create a fully customizable website quickly and easily. Armed with the input and suggestions of thousands of our students, we set out to launch a website builder that meets the demands of today's online entrepreneurs; a builder that lets you build a website the way you want with an interface that makes it fun and the features that you expect.

Ignite supports the payment gateway through the gateway emulator.

e-Store Hosting: Ready to use shopping cart and no programmer required. Our shopping cart software is designed with the small business person in mind. It's affordable and easy to use, yet very powerful.

The payment gateway is directly integrated into the iHost e-Store solution.

Create a website -- simple & elegant (and it's free)

ImCreator can be integrated with the gateway using the QuickClick Shopping Cart.

IMS Voyager is a Reservation, Ticketing and Booking System specifically for Ferry, Bus/Train, Aircraft Reservations, and Tour OND Systems. Our system provides realtime passenger reservations, freight, ticketing and departure control solutions!

Inflatable Office is the most advanced rental management software on the market! Our suite includes quoting and booking, contracts, alerts, double-booking prevention, surveys, testimonials, QuickBooks, Facebook integrations, Taxing, Analytics, Loading/routing of Trucks, and much, much more!

INFLATABLE OFFICE connects to us through our Gateway Emulator.

Infusionsoft is the only all-in-one sales and marketing automation software for small businesses that combines CRM, email marketing and e-commerce.

Infusionsoft has built-in support for our system. Click on the link below to get more information about their product.

InnerFence is a mobile and desktop based terminal solution for iPhone, iPad, Android, Mac and Windows platforms. **Note: NMI cannot provide swipe support for this Software.

INNERFENCE has built-in support for our system.

irsLogics is the best cloud-based tax resolution and management software available today. Prioritize, manage and document your work easily and effectively. Features include Online payments, Federal and State Forms, Lead/Pipeline Management, Phone/Call center, Fax Services, and email client support.

IRSLOGICS has built-in support for our system.

iVenue delivers cutting edge web-based tools and services that enable business owners and entrepreneurs to become webmasters with absolutely no programming knowledge. Our proprietary website construction technology can put you in business in minutes.

IVENUE.COM connects to us through our Gateway Emulator.

Jigoshop is an eCommerce plugin for WordPress developed by professionals with years of experience delivering online shops for global brands.

JigoShop is directly integrated with the payment gateway.

JigoShop can also use the gateway emulator to integrate with the payment gateway.

Full-featured CMS with e-commerce, intranet, social networking, online marketing tools & more.

Kentico CMS connects to us through our Gateway Emulator. Click on the link below for more details.

King Cart has built-in support for our system. Click on the link below to get more information about their product.

At LeashTime, we know that you have your hands full managing pooches and their people. Let LeashTime make scheduling, key management and invoicing a breeze, so you can focus on the important things.

LeashTime has built-in support for our system. Click on the link below to get more information about their product.

LemonStand is a powerful PHP eCommerce platform that's flexible and developer friendly in every way. Full of amazing features, an easy to use interface, strong developer community plus a Marketplace to purchase and sell add-ons.

Lemonstand supports the payment gateway through the gateway emulator.

Easy, affordable and just a little bit fun. That's what we want life to be like for you when you use LightWave. Having a Website offers a unique opportunity to be creative and experiment a little ... to make a big impression without exerting a lot of time or money. After all, you can change a Webpage in a lot less time and for a lot less money than you can update a brochure or sign.

Livewave by Thrive has built-in support for our system.

LimeLight CRM has built-in support for our system. Click on the link below to get more information about their product.

Limo Anywhere is a complete limousine reservation management software for small to mid-size transportation companies.

Limo Anywhere has built-in support for our system. Click on the link below for more details on configuring Network Merchants within Limo Anywhere.

The LinkPointCart allows e-businesses to transform any Web Site into a secure shopping environment without extensive effort, complicated programming, or high-cost support.

LINKPOINT CART has built-in support for our system.

MA WebCenters is an innovative Internet marketing company specializing in business Web site design, eCommerce and hosting services. The company provides businesses of all kinds with an easy and affordable way to launch and maintain a presence in the ever-important marketplace of the Internet.

Uses the gateway emulator to connect to the payment gateway. AUTH/CAPTURE must be used to make transactions.

Magento is the eCommerce software platform for growth that promises to revolutionize the industry. Its modular architecture and unprecedented flexibility means your business is no longer constrained by your eCommerce platform. Magento is total control

Filename: magento-v1.7.x_Install.zip

This payment module adds support using the Three Step Redirect integration, which keeps merchants and their environment outside the scope of transmitting sensitive payment information.

The NMI Module is not supported on Magento installs of version 8.0 and up. All versions of Magento support Authorize.net AIM Emulation.

We make it simple to add a shopping cart to your website. Escape from the limitations of traditional store builder software, just add Buy Now buttons to your existing product pages and start taking orders straight away.

Mal's e-commerce has built-in support for our system. Click on the link below to get more information about their product.

MarketersChoice is the world's most referred ecommerce solution offering affordable and easy to use packages!

MarketersChoice has built-in support for our system. Click on the link below to get more information about their product.

MARKETPRESS ECOMMERCE is the easiest to use, best designed and most powerful ecommerce / shopping cart plugin available for WordPress today. Developed from the ground up to make it simple to set up a stylish online shop, MarketPress has all the features you need.

MarketPress integrates to the payment gateway using the gateway emulator.

Finally, a comprehensive Martial Arts Management system that is elegant to look at and easy to use. Note: This software solution requires the Customer Vault tokenization system.

MARTIAL ARTS ADMIN has built-in support for our system.

MemberWing-X allows quick and easy building of Powerful, Secure and SEO Optimized Professional Membership Websites.

MEMBERWING can be integrated using QuickClick.

Manage contacts and leads. Track phone calls, emails and tasks. Improve customer service and close more deals. Quickbooks Plugin.

Method CRM can be integrated with the payment gateway by using the gateway emulator.

Microsoft Dynamics NAV (formerly Navision) is designed for diverse manufacturers, distributors and services businesses wanting a proven, secure solution with the flexibility to accommodate new business processes and extend functionality quickly as their businesses grow and change. Microsoft Dynamics NAV is one of the most widely used ERP solutions in the world.

Microsoft Dynamics NAV uses a third party module called SIMCREST for integrating with the payment gateway.

Mijireh Checkout is your PCI compliant checkout page that looks exactly like your site – your code secured on our servers. Our page slurp technology makes it as easy as one click. Avoid the hassle and expense of security scans, SSL certificates, and all the other issues concerning PCI compliance. Let us handle PCI compliance so you can focus on your business.

MIJIREH has built-in support for our system.

MijoShop: The leading e-Commerce application for Joomla! MijoShop is a powerful shopping cart component that is designed feature rich and user friendly. It is a turn-key ready "out of the box" shopping cart and e-Commerce component for Joomla. It has an intuitive admin interface that allows you to have complete control over your store and detailed sales reports.

MIJOSOFT connects to us through our Gateway Emulator.

ModernBill, is one of the best ready-to-use application to automate the process of managing and billing web hosting accounts.

ModernBill is directly integrated with the payment gateway.

eCommerce Shopping cart software for every kind of product: shipped goods, digital delivery and subscription services.

Modular Merchant is directly integrated with the payment gateway.

MonsterCommerce shopping cart software allows you to easily build an online store from any web browser!

MonsterCommerce has built-in support for our system. Click on the link below to get more information about their product.

NetIDNow offers a variety of website building tools, including an online store builder.

NetIDNow's ecommerce solutions support our system. Click on the link below to get more information on their ecommerce offerings.

Thousands of online store merchants trust their vital ecommerce operations to Network Solutions. Why? Because we deliver integrated, customizable web-based online shopping cart solutions for companies of all sizes, on an easy-to-learn and manage Web-based platform.

Network Solutions has built-in support for our system. Click on the link below for more details.

Netz Internet Solutions offer a variety of web products and services, including an online cart service.

NetzCart is an ecommerce product that can support our system.

nopCommerce is an open source ecommerce software that contains both a catalog frontend and an administration tool backend. nopCommerce is a fully customizable shopping cart. It's stable and highly usable. From downloads to documentation, nopCommerce.com offers a comprehensive base of information, resources, and support to the nopCommerce community.

NOPCOMMERCE connects to us through our Gateway Emulator.

Software developers for nearly every Fortune 500 and Global 2000 company worldwide use /n software's products to build powerful connected applications.

nSofware is directly integrated with the payment gateway.

OfficeAutopilot is an all-in-one business and marketing platform designed for information marketers, experts, and coaches.

OfficeAutopilot has built-in support for our system. Click on the link below to get more information about their product.

A free shopping cart system. OpenCart is an open source PHP-based online e-commerce solution.

OpenCart connects to us through our Gateway Emulator. Click on the link below for more details.

PledgedPlugins offers another third-party plugin for OpenCart to connect to the payment gateway.

OrangeCRM is an enterprise quality set of tools designed to help you run your continuity or direct marketing business. Whether your company is a start-up or you manage millions of customer records OrangeCRM can seamlessly integrate into your business process. OrangeCRM is customer centered business management and intelligence.

ORANGE CRM has built-in support for our system.

OrderLogix is an Order Management and Sales Optimization software with multi-channel support, call center tools, inventory & warehousing, and more.

ORDER LOGIX has built-in support for our system.

Order management can be a real chore. But not with Orderwave. Over the product's 8 year history we've been driven to continually address the needs warehouse managers, marketers, customer service centers, and many others in ways that reduce management costs and time.

OrderWave is directly integrated with the payment gateway.

osCommerce is a free, open source ecommerce package.

Filename: oscommerce-v2.3.x_Install.zip

This payment module adds support using the Three Step Redirect integration, which keeps merchants and their environment outside the scope of transmitting sensitive payment information.

Paid Memberships Pro is a WordPress Plugin and support community for membership site curators. PMPro's rich feature set allows you to add a new revenue source to your new or current blog or website and is flexible enough to fit the needs of almost all online and offline businesses.

The Paid Membership Pro plugin connects to the payment gateway using the AIM method of the gateway emulator.

PaperCut's print management software has helped over 50,000 organizations reduce their print costs and their environmental impact in the areas of Education, SME & Corporate, and Professional Client Billing.

Papercut connects to the payment gateway using the SIM method of the gateway emulator.

Shopping cart software with no monthly fees that allows merchants to create stunning and highly customized ecommerce enabled internet storefronts.

PDG Software connects to us through our Gateway Emulator. Click on the link below for more details.

PDshop is an award winning online store, shopping cart, and content management system from PageDown Technology. PDshop is a complete online store & ecommerce system, it includes hundreds of features, everything you need to start building a great looking website, or online store!

PDshop connects to the payment gateway using the AIM method of the gateway emulator.

Penny Pro Auctions is a penny auction script that allows anyone to start a penny auction quickly using our complete turnkey penny auction Software

Penny Pro Auctions Software has built-in support for our system. Click on the link below to get more information about their product.

Are you looking for the ideal software solution so you can run your own online auction web-site? If so, then you have come to the right place.

Probid can be integrated with the payment gateway using the gateway emulator.

Photo Cart is the online sales solution for all types of working photographers including event, wedding, sports, portrait and more. Loaded with features like public & private galleries, packages, print credits, downloadable photos, favorites and a ton more.

Photo Cart connects to the payment gateway using the gateway emulator.

Pinnacle Cart is an extremely powerful php shopping cart and web site builder application that allows you to create, manage and effectively market your store online.

Pinnacle Cart has built-in support for our system. Click on the link below for more details on configuring Pinnacle Cart to be used with the gateway.

Robust & Powerful software designed for MLM, Network Marketing, and Direct Sales companies. Features include; integrated administrative & members (IBO's) back office, website replicator, shopping cart, lead management, real-time genealogy tracking, graphical reports, etc... Supports various types of compensation plan structures, and much more.

Plexum has built-in support for our system. Click on the link below to get more information about their product.

 Our shopping cart software is database driven with import and export capability, secure server enabled, and customizable with the ability to easily create a template for itself from any page on your web site. Our software is SEO friendly, Mobile Friendly, and offers features such as free SSL Cert, Email notifications, promo/discount code support, automatic shipping fee calculations, and unlimited categories!

PRECISION WEB-HOSTING/CART has built-in support for our system.

Premium Web Cart offers highly customizable functionality such as online scheduling, Recurring Billing, Membership System, Ticket Support, Affiliate system and more!

Build an Online Store: Fast, Efficient and Easy to Use, Prestashop's free e-commerce solution provides everything you need to open, operate and maintain a successful online store.

Prestashop will work using the gateway emulator.

PledgedPlugins offers another third-party plugin for Prestashop to connect to the payment gateway.

PrestoMart is a cooperative shopping network of PrestoStore sellers. When you list an item in your PrestoStore, shopping it is also automatically listed and promoted in PrestoMart. Having your items listed for sale at several locations on the Internet increases your overall exposure to Internet shoppers.

Prestocart connects to the payment gateway using the gateway emulator.

PrintNow’s web to print Storefront solution was designed to serve the unique needs of the printing industry and bridges the gap between those who buy print products and those who sell them, by satisfying the needs for both types of users. Design and deploy for various brands, product groups, B2B, B2C, affiliates, franchises, co-branded stores and more; anytime from anywhere in the world.

PRINTNOW has built-in support for our system.

QuickCart is shopping cart software and hosted shopping cart store builder that will instantly add a shopping cart to any web site.

QuickCart has built-in support for our system. Click on the link below to get more information about their product.

QuoteWerks is specialized software used in every industry for creating sales quotes and proposals. Rather than using Microsoft® Word® or Excel® to create your quotes and proposals, you can benefit from a tool that is specialized for the task of creating quotes and proposals.

QUOTEWERKS has built-in support for our system.

The SecureNetShop Shopping Cart solution is exceptionally feature-rich and extremely easy-to-use. The internet's #1 ecommerce shopping cart software is primed to provide you and your customers with a huge array of benefits.

SecureNetShop has built-in support for our system. Click on the link below to get more information about their product.

ShopSite is the easiest-to-use shopping cart software for small to medium-sized businesses. With our e-commerce software and intuitive interface, you can have a store online in 15 minutes. With our rich feature set your online store won't outgrow our shopping cart, and you will not need expensive add-ons in order to have a fully functioning store.

ShopSite can connect to the payment gateway using the SIM or AIM method of the gateway emulator.

Today, Shopify powers tens of thousands of online retailers including General Electric, Amnesty International, CrossFit, Tesla Motors, Encyclopaedia Britannica, Foo Fighters, GitHub, and more. Our platform lets users easily and quickly create their own online store, without all the technical work involved in developing their own website, or the huge expense of having someone else build it. Merchants can use Shopify to manage all aspects of their shops: uploading products, customizing the design, accepting credit cards, and viewing their incoming orders and completed transactions.

We built Shopify to take the hassle out of running an online store, so our merchants can focus on what they do best: building and selling their products.

Note: This integration can utilize the Customer Vault tokenization platform, allowing merchants to perform recurring and repeat billing without storing any sensitive payment data in Shopifys system, reducing merchant risk.

Shopp is a simple, flexible ecommerce plugin for WordPress with a secure shopping cart, easy product catalog, discounts & more. Sell anything, Sell amazing.

The Shopp plugin can be integrated to the payment gateway by using the AIM method of the gateway emulator with the username only permission enabled for your gateway account.

ShopperPress is a Premium WordPress theme that transforms WordPress into a fully functional online store with shopping cart functionality. ShopperPress is the ideal solution for anyone who wants to sell products or services, digital downloads or affiliate products online. You can even set up a catalog!

SHOPPERPRESS THEME connects to the payment gateway using the SIM method of the gateway emulator.

SiteCube.com is an incredibly easy HTML 5 website building solution created for independent professionals like doctors, attorneys, musicians, models etc and small businesses like restaurants, salons etc. Sitecube.com brings together different aspects which are needed to put a professional site together.

Site Cube can connect to the payment gateway using the link alternative for QuickClick.

SkyCreek managed services provide innovative functional capabilities that go beyond traditional out-of-the-box standard features of IVR systems, multi-channel contact platforms and customer experience management applications. They are designed specifically for the needs of high-volume, enterprise operations and are designed to elevate the precision, stability and performance of the automated contact programs we manage and support.

SKYCREEK IVR VOICE has built-in support for our system.

SmartCart is a catalog builder and ecommerce shopping cart system for online stores.

SmartCart has built-in support for our system. Click on the link below to get more information about their product.

SmartWin Technology has built-in support for our system. Click on the link below to get more information about their product.

Simply the most user friendly and feature rich shopping cart module for DotNetNuke on the market today. Easy to configure backend cart settings will get you up and running fast! Perfect for B2C or B2B Ecommerce Sites.

Smith-Cart is a robust turnkey ecommerce solution, with user friendly functionality that allows you to immediately start to sell online. Optimized programming code makes it possible to build stores ranging from a single product to a full featured online store that can handle over 10,000 products. Smith-Cart is designed for ease of use and flexible customizations, to meet all your needs. Your store will be using the latest ecommerce innovations, like fast checkout, affiliate marketing integration and search engine promotion tools to increase your sales.

The Spree storefront offers a full feature set and is built on common standards, so you don't have to compromise speed to market, efficiency or innovation. The modular platform allows you to easily configure, supplement or replace any functionality you need, so that you can build the exact storefront that you want.

SPREECOMMERCE connects to us through our Gateway Emulator.

An 'elegant' subscription service in an PCI Compliant Environment.

Spreedly is directly integrated with the payment gateway.

Squirrelcart PHP Shopping Cart software is a fully customizable, robust php shopping cart, designed with the advanced developer and web novice in mind.

Squirrel Cart connects to the payment gateway using the gateway emulator. For it to work properly, you must have username only enabled in the gateway or modify the module to send X_TRAN_KEY instead of X_PASSWORD.

SunShop has built-in support for our system. Click on the link below to get more information about their product.

Templatic offers Premium WordPress themes that cater to the ecommerce business needs. Our E-commerce themes come with everything you need in order to start an online shop. Manage shipping, tax and payments using PayPal, 2Checkout or other included gateways. To sweeten the deal even further, all themes are fully compatible with WooCommerce ! Whether you are selling clothes, car spare parts or goods and you need an online store theme for Wordpress, choose one of beautifully designed online shop themes.

TEMPLATIC THEMES has built-in support for our system.

TEMPLATIC THEMES connects to us through our Gateway Emulator.

Ideal for merchants, themes constructors and developers. Use it as shopping cart, catalog or framework. Extend the eCommerce functionality with plugins and themes exactly in same way that you do with WordPress.

TheCartPress integrates using the Gateway Emulator SIM Method.

TicketSpice offers the ability to easily create professional ticketing pages. Anyone who has ever clicked a mouse can edit, publish and manage online ticketing themselves. No specialized technical knowledge required!

TicketSpice will connect to the payment gateway using the AIM method of the gateway emulator.

Tix, Inc has built-in support for our system. Click on the link below to get more information about their product.

The first open source shopping cart solution designed for offering great user experience for all digital devices from a PC to an iPhone.

Tomato Cart will connect to the payment gateway using the AIM method of the gateway emulator.

Triangle CRM helps you automate and grow your marketing campaigns. Order management, payment processing, fulfillment, contact center, data services and more, on a real-time, secure cloud platform.

TRIANGLE CRM has built-in support for our system.

TRUX provides waste management software solutions for your business-critical data. Our applications have been designed and programmed by waste industry experts. The TRUX software suite is scalable and contains applications for waste hauling, landfill and transfer station management, and vehicle asset maintenance.

TRUX ROUTE MANAGEMENT connects to us through our Gateway Emulator.

Ubercart is an exciting open source e-commerce shopping cart that fully integrates your online store with Drupal, the leading open source content management system.

Filename: ubercart-v1.x_nmi_gateway_services.zip

This module adds support for our system to Ubercart version 1.x.

Filename: ubercart-v2.x_nmi_gateway_services.zip

This module adds support for our system to Ubercart version 2.x

Filename: ubercart-v3.x.zip

This module adds support for our system to Ubercart version 3.x using the Three Step Redirect integration, which keeps merchants and their environment outside the scope of transmitting sensitive payment information.

UberCart can connect to the Gateway via the Gateway Emulator, AIM method.

Ultimate Client Manager is an open-source CRM and Project Management System for Freelancers and small businesses who need a quick and simple, but powerful way to manage their customers. Take advantage of powerful tools such as invoicing, finance/expense tracking, email ticketing system, Recurring Payments, Encrypted Data, Jobs/Tasks, and Quote approvals!

ULTIMATE CLIENT MANAGER/UCM connects to us through our Gateway Emulator.

UltraCart is the premiere hosted shopping cart and e-commerce platform. In continuous development for over 12 years, the UltraCart platform provides you with state of the art tools to manage every aspect of your e-commerce business. Much more than simple order taking, UltraCart integrates with your entire e-commerce business, including shopping cart, payment processing, marketing & affiliate management, shipping systems, product fulfillment, and accounting systems. UltraCart is the most powerful and flexible online commerce system available today.

UltraCart has built-in support for our system. Click on the link below to get more information about their product.

virtualCART®, delivers the most cost effective and highest quality shopping cart service available to thousands of internet merchants around the world. virtualCART® is affordable, easy to setup, powerful in features, and is extremely reliable. Transform your basic web site into a powerful selling machine in minutes.

VIRTUAL CART/VCART connects to us through our Gateway Emulator.

VirtueMart is an Open Source E-Commerce solution to be used together with a Content Management System (CMS) called Joomla!. Joomla! and VirtueMart are written in PHP and can be used in typical PHP/MySQL environments.

VirtueMart connects to us through our Gateway Emulator. Click on the link below for more details.

Volusion offers a variety of ecommerce packages and has been the answer for over 35,000 entrepreneurs looking to sell online.

Volusion's ecommerce packages fully support our system. Click on the link below for more details on configuring Volusion to be used with the gateway.

VP-ASP offers both an open source shopping cart and an all-in-one ecommerce solution.

VP-ASP has built-in support for our system. Click on the link below to get more information about their product.

Join over 10,000 businesses that get organized, increase sales, improve marketing ROI, and deliver delightful customer experiences with Vtiger CRM.

VTIGER CRM connects to us through our Gateway Emulator.

Web.com offers a built-in Website Builder with Reliable & secure shopping cart with real-time payment and shipping options

Web.com is directly integrated with the payment gateway and supports e-check.

Choose from a wide variety of templates that you can fully customize. Our template gallery has categories and styles for everyone, whether you're an online store, a non-profit, a restaurant, a kickball team, or an amateur photographer.

Webs can be integrated with the payment gateway using the QuickClick Shopping Cart.

Weebly gives millions of people a surprisingly easy and affordable way to create a site that is as unique as they are. With a Weebly site, people can start their own business, communicate with their clients, showcase their achievements, and be an authority on personal and professional interests. Weebly gives everyone the freedom to start a site, blog or online store that works brilliantly across computers, phones and tablets.

WEEBLY can be integrated using QuickClick.

WHMCS is an all-in-one client management, billing & support solution for online businesses. Handling everything from signup to termination, WHMCS is a powerful business automation tool that puts you firmly in control.

WHMCS connects to the payment gateway using the AIM method of the gateway emulator.

Wild Apricot is online membership software for associations, non-profits, clubs and subscription websites. It is a cloud-based system, so you can use it right from your web browser. And your volunteers can pitch in too, without installing any software!

Wild Apricot id directly integrated with the payment gateway.

WishList Member™ is a powerful, yet easy to use membership solution that can turn any WordPress site into a full-blown membership site. Just unzip and upload the plugin, and within minutes you’ll have your own membership site up and running… complete with protected, members-only content, integrated payments, member management, and so much more!

Wix offers customizable flash or HTML5 based websites for free.

Wix can use QuickClick link alternatives to connect to the payment gateway.

A WordPress eCommerce toolkit that helps you sell anything. Beautifully transform your WordPress website into a thorough-bred eCommerce store. Delivering enterprise-level quality & features whilst backed by a name you can trust. Say hello to WooCommerce.

There is also a third party plugin to connect to the payment gateway for WooCommerce.

WooCommerce connects to the payment gateway using the SIM method of the gateway emulator.

WooCommerce supports Mijireh out of the box.

PledgedPlugins offers another third-party plugin for WooCommerce to connect to the payment gateway.

Wordpress.com is a hosted website and blogging solution that lets you create beautiful and powerful websites or blogs. Use your own domain name, optimize with SEO, and get the best support in the business.

WORDPRESS.COM can be integrated using QuickClick.

In a Nutshell this powerful, sleek and conversion oriented WordPress shopping cart plugin allows you to sell any type of digital products and services from your WordPress powered site securely with complete automation.

This plugin can be integrated with the payment gateway using the gateway emulator.

WP e-Commerce remains the most popular, most robust e-commerce plugin for WordPress and is the ideal way to sell products, downloads or services online.

There is also a direct integration provided by a third-party plugin that will work.

WP-Invoice lets you create and send web-invoices for your clients.

This plugin connects to the payment gateway using the AIM method of the gateway emulator. The Plugin's recurring feature is not compatible with the Gateway.

Shopping cart software trusted by thousands of successful business owners worldwide. Web-based administrator area and installation wizard make setup and maintenance of the shopping cart as easy as point and click. No PHP or other programming knowledge is required to set up and run a world class online store.

X-Cart connects to us through our Gateway Emulator. Click on the link below for more details.

xAuthorize has several ecommerce related products and services.

xAuthorize's ecommerce solutions have built-in support for our system. Click on the link below to get more information about their product.

Create a professional, free website in minutes with no technical experience required! Make your free website with our easy drag and drop functionality. Everything you need is at your fingertips.

Yola integrates to the payment gateawy using the QuickClick Link Alternative only.

ZenCart is a free, user-friendly open source PHP-based shopping cart system.

Filename: zencart-v1.5.x_Install.zip

This payment module adds support using the Three Step Redirect integration, which keeps merchants and their environment outside the scope of transmitting sensitive payment information.

Multifront is the industry's best ASP.NET ecommerce platform, allowing you to deliver more relevant B2B ecommerce and B2C ecommerce website experiences. As a result, your ecommerce website will convert more customers, increase average order value, reduce shopping cart abandonments, and offer relevant brand experiences that keep shoppers coming back.

ZNODE connects to us through our Gateway Emulator.

Methodology
Direct Post API

Transactions

Steps:

1. The customer sends their payment information to the merchant's web site.
2. The merchant web site posts the payment data to the Payment Gateway.
3. The Payment Gateway responds immediately with the results of the transactions.
4. The merchant web site displays the appropriate message to the customer.

The communication method used to send messages to the Payment Gateway's server is the standard HTTP protocol over an SSL connection.

In the Direct Post method, the communications with the cardholder (Steps 1 and 4) are developed completely by the merchant and therefore are not defined by the Payment Gateway. Step 1 should simply collect the payment data from the cardholder and Step 4 should display the appropriate transaction receipt or declined message.

In Step 2, transaction details should be delivered to the Payment Gateway using the POST method with the appropriate variables defined below posted along with the request.

In Step 3, the transaction responses are returned in the body of the HTTP response in a query string name/value format delimited by ampersands. For example: variable1=value1&variable2=value2&variable3=value3

Customer Vault

The Customer Vault was designed specifically for businesses of any size to address concerns about handling customer payment information. Visa and MasterCard have instituted the Payment Card Industry (PCI) Data Security to protect cardholder data, wherever it resides, ensuring that members, merchants, and service providers maintain the highest information security standards.

These associations have also deemed that merchants will be held liable for any breach of cardholder data. This has become a major concern for merchants who handle credit card or electronic check payments. The Customer Vault is designed for these merchants who desire to avoid the tremendous costs and resources involved in becoming PCI compliant under these circumstances.

The Customer Vault does this by allowing merchants to transmit their payment information through a Secure Sockets Layer (SSL) connection for storage in our Level 1 PCI certified data facility. Once the customer record has been securely transmitted to the Customer Vault, the merchant can then initiate transactions remotely without having to access cardholder information directly. This process is accomplished without the merchant storing the customer's payment information in their local database or payment application.

Transaction Types
Direct Post API

Sale (sale)

Transaction sales are submitted and immediately flagged for settlement.

Authorization (auth)

Transaction authorizations are authorized immediately but are not flagged for settlement. These transactions must be flagged for settlement using the capture transaction type.

Capture (capture)

Transaction captures flag existing authorizations for settlement. Only authorizations can be captured. Captures can be submitted for an amount equal to or less than the original authorization.

Void (void)

Transaction voids will cancel an existing sale or captured authorization. In addition, non-captured authorizations can be voided to prevent any future capture. Voids can only occur if the transaction has not been settled.

Refund (refund)

Transaction refunds will reverse a previously settled transaction. If the transaction has not been settled, it must be voided instead of refunded.

Credit (credit)

Transaction credits apply an amount to the cardholder's card that was not originally processed through the Gateway. In most situations credits are disabled as transaction refunds should be used instead.

Validate (validate)

This action is used for doing an "Account Verification" on the cardholder's credit card without actually doing an authorization.

Update (update)

Transaction updates can be used to update previous transactions with specific order information, such as a tracking number and shipping carrier.

Transaction Variables
Direct Post API

Sale/Authorization/Credit/Validate/Offline

Variable NameDescription
type*The type of transaction to be processed.
Values: 'sale', 'auth', 'credit', 'validate', or 'offline'
username*Username assigned to merchant account.
password*Password for the specified username.
ccnumber**Credit card number.
ccexp**Credit card expiration date.
Format: MMYY
cvvThe card security code. While this is not required, it is strongly recommended.
checkname***The name on the customer's ACH account.
checkaba***The customer's bank routing number.
checkaccount***The customer's bank account number.
account_holder_type***The type of ACH account the customer has.
Values: 'business' or 'personal'
account_type***The ACH account entity of the customer.
Values: 'checking' or 'savings'
sec_code***The Standard Entry Class code of the ACH transaction.
Values: 'PPD', 'WEB', 'TEL', or 'CCD'
amountTotal amount to be charged. For validate, the amount must be omitted or set to 0.00.
Format: x.xx
currencyThe transaction currency. Format: ISO 4217
payment***The type of payment.
Default: 'creditcard'
Values: 'creditcard' or 'check'
processor_idIf using Multiple MIDs, route to this processor (processor_id is obtained under Settings->Load Balancing in the Control Panel).
authorization_codeSpecify authorization code. For use with "offline" action only.
dup_secondsSets the time in seconds for duplicate transaction checking on supported processors. Set to 0 to disable duplicate checking.
descriptorSet payment descriptor on supported processors.
descriptor_phoneSet payment descriptor phone on supported processors.
descriptor_addressSet payment descriptor address on supported processors.
descriptor_citySet payment descriptor city on supported processors.
descriptor_stateSet payment descriptor state on supported processors.
descriptor_postalSet payment descriptor postal code on supported processors.
descriptor_countrySet payment descriptor country on supported processors.
descriptor_mccSet payment descriptor mcc on supported processors.
descriptor_merchant_idSet payment descriptor merchant id on supported processors.
descriptor_urlSet payment descriptor url on supported processors.
billing_methodShould be set to 'recurring' to mark payment as a recurring transaction.
Values: 'recurring'
order_descriptionOrder description.
Legacy variable includes: orderdescription
orderidOrder Id
ipaddressIP address of cardholder, this field is recommended.
Format: xxx.xxx.xxx.xxx
tax****Total tax amount.
shipping****Total shipping amount
ponumber****Original purchase order
first_nameCardholder's first name.
Legacy variable includes: firstname
last_nameCardholder's last name
Legacy variable includes: lastname
companyCardholder's company
address1Card billing address
address2Card billing address, line 2
cityCard billing city
stateCard billing state.
Format: CC
zipCard billing zip code
countryCard billing country.
Country codes are as shown in ISO 3166. Format: CC
phoneBilling phone number
faxBilling fax number
emailBilling email address
social_security_numberCustomer's social security number, checked against bad check writers database if check verification is enabled.
drivers_license_numberDriver's license number.
drivers_license_dobDriver's license date of birth.
drivers_license_stateThe state that issued the customer's driver's license.
shipping_firstnameShipping first name
shipping_lastnameShipping last name
shipping_companyShipping company
shipping_address1Shipping address
shipping_address2Shipping address, line 2
shipping_cityShipping city
shipping_stateShipping state
Format: CC
shipping_zipShipping zip code
shipping_countryShipping country
Country codes are as shown in ISO 3166. Format: CC
shipping_emailShipping email address
merchant_defined_field_#You can pass custom information in up to 20 fields.
Format: merchant_defined_field_1=Value
customer_receiptIf set to true, when the customer is charged, they will be sent a transaction receipt.
Values: 'true' or 'false'
cardholder_auth‡‡Set 3D Secure condition.
Values: 'verified' or 'attempted'
eci‡‡E-commerce indicator.
Values: '2', '5', or '7'
cavv‡‡Cardholder authentication verification value.
Format: base64 encoded
xid‡‡Cardholder authentication transaction id.
Format: base64 encoded
Recurring specific fields
recurringRecurring action to be processed.
Values: add_subscription
plan_idCreate a subscription tied to a Plan ID if the sale/auth transaction is successful.
plan_paymentsThe number of payments before the recurring plan is complete.
Note: Use '0' for 'until canceled'
plan_amountThe plan amount to be charged each billing cycle.
Format: x.xx
day_frequencyHow often, in days, to charge the customer. Cannot be set with 'month_frequency' or 'day_of_month'.
month_frequencyHow often, in months, to charge the customer. Cannot be set with 'day_frequency'. Must be set with 'day_of_month'.
Values: 1 through 24
day_of_monthThe day that the customer will be charged. Cannot be set with 'day_frequency'. Must be set with 'month_frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
start_dateThe first day that the customer will be charged.
Format: YYYYMMDD
Customer Vault specific fields
customer_vaultAssociate payment information with a Customer Vault record if the transaction is successful.
Values: 'add_customer' or 'update_customer'
customer_vault_idSpecifies a customer vault id. If not set, the payment gateway will randomly generate a customer vault id.
Level III specific order fields
shippingFreight or shipping amount included in the transaction amount
Default: '0.00'
Format: x.xx
taxThe sales tax, included in the transaction amount, associated with the purchase. Setting tax equal to '-1' indicates an order that is exempt from sales tax.
Default: '0.00'
Format: x.xx
ponumberPurchase order number supplied by cardholder
orderidIdentifier assigned by the merchant. This defaults to gateway transaction id.
shipping_countryShipping country (e.g. US)
Format: CC
shipping_postalPostal/ZIP code of the address where purchased goods will be delivered. This field can be identical to the 'ship_from_postal' if the customer is present and takes immediate possession of the goods.
ship_from_postalPostal/ZIP code of the address from where purchased goods are being shipped, defaults to merchant profile postal code.
summary_commodity_code4 character international description code of the overall goods or services being supplied. The acquirer or processor will provide a list of current codes.
duty_amountAmount included in the transaction amount associated with the import of purchased goods.
Default: '0.00'
Format: x.xx
discount_amountAmount included in the transaction amount of any discount applied to complete order by the merchant.
Default: '0.00'
Format: x.xx
national_tax_amountThe national tax amount included in the transaction amount.
Default: '0.00'
Format: x.xx
alternate_tax_amountSecond tax amount included in the transaction amount in countries where more than one type of tax can be applied to the purchases.
Default: '0.00'
Format: x.xx
alternate_tax_idTax identification number of the merchant that reported the alternate tax amount.
vat_tax_amountContains the amount of any value added taxes which can be associated with the purchased item.
Default: '0.00'
Format: x.xx
vat_tax_rateContains the tax rate used to calculate the sales tax amount appearing. Can contain up to 2 decimal places, e.g. 1% = 1.00.
Default: '0.00'
Format: x.xx
vat_invoice_reference_numberInvoice number that is associated with the VAT invoice.
customer_vat_registrationValue added tax registration number supplied by the cardholder.
merchant_vat_registrationGovernment assigned tax identification number of the merchant for whom the goods or services were purchased from.
order_datePurchase order date, defaults to the date of the transaction.
Format: YYMMDD
Level III specific line item detail fields
item_product_code_#Merchant defined description code of the item being purchased.
item_description_#Description of the item(s) being supplied.
item_commodity_code_#International description code of the individual good or service being supplied. The acquirer or processor will provide a list of current codes.
item_unit_of_measure_#Code for units of measurement as used in international trade.
Default: 'EACH'
item_unit_cost_#Unit cost of item purchased, may contain up to 4 decimal places.
item_quantity_#Quantity of the item(s) being purchased.
Default: '1'
item_total_amount_#Purchase amount associated with the item. Defaults to: 'item_unit_cost_#' x 'item_quantity_#' rounded to the nearest penny.
item_tax_amount_#Amount of tax on specific item, amount should not be included in 'total_amount_#'.
Default: '0.00'
item_tax_rate_#Percentage representing the value-added tax applied.
Default: '0.00'
item_discount_amount_#Discount amount which can have been applied by the merchant on the sale of the specific item. Amount should not be included in 'total_amount_#'.
item_discount_rate_#Discount rate for the line item. 1% = 1.00.
Default: '0.00'
item_tax_type_#Type of value-added taxes that are being used.
item_alternate_tax_id_#Tax identification number of the merchant that reported the alternate tax amount.
*Always required
**Required for credit card transactions
***Required for ACH transactions
****Required for Level 2 transactions
Required for Level 3 transactions
Required for offline transactions
‡‡Required for 3D Secure transactions

Notes:

  • Level II fields are required for Level II processing.
  • Level II and Level III fields are required for Level III processing.
  • You can pass only credit card or e-check transaction variables in a request, not both in the same request.
  • Certain banks may require some optional fields.

Capture

Variable NameDescription
type*Type of transaction.
Values: 'capture'
username*Username assigned to merchant account.
password*Password for the specified username.
transactionid*Original payment gateway transaction id
amount*Total amount to be settled. This amount must be equal to or less than the original authorized amount.
Format: x.xx
tracking_numberShipping tracking number
shipping_carrierShipping carrier.
Values: 'ups', 'fedex', 'dhl', or 'usps'
orderidOrder id.
*Always required

Void

Variable NameDescription
type*Type of transaction.
Values: 'void'
username*Username assigned to merchant account.
password*Password for the specified username.
transactionid*Original payment gateway transaction id
void_reason**Reason the EMV transaction is being voided.
Values: 'fraud', 'user_cancel', 'icc_rejected', 'icc_card_removed', 'icc_no_confirmation', or 'pos_timeout'
*Always required
**Conditionally required for EMV transactions

Refund

Variable NameDescription
type*Type of transaction.
Values: 'refund'
username*Username assigned to merchant account.
password*Password for the specified username.
transactionid*Original payment gateway transaction id
amountTotal amount to be refunded. This amount may be equal to or less than the settled amount.
Format: x.xx
*Always required

Update

Variable NameDescription
type*Type of transactions.
Values: 'update'
username*Username assigned to merchant account.
password*Password for the specified username.
transactionid*Original payment gateway transaction id
tracking_numberShipping tracking number
shippingTotal shipping amount.
Format: x.xx
shipping_postalPostal/ZIP code of the address where purchased goods will be delivered. This field can be identical to the 'ship_from_postal' if the customer is present and takes immediate possession of the goods.
ship_from_postalPostal/ZIP code of the address from where purchased goods are being shipped, defaults to merchant profile postal code.
shipping_countryShipping Country Code.
shipping_carrierShipping carrier.
Values: 'ups', 'fedex', 'dhl', or 'usps'
shipping_dateShipping date.
Format: YYYYMMDD
order_descriptionOrder Description.
Legacy variable includes: orderdescription
order_dateOrder date.
Format: YYYYMMDD
customer_receiptIf set to true, when the customer is charged, they will be sent a transaction receipt.
Values: 'true' or 'false'
ponumberCardholder's purchase order number.
summary_commodity_code4 character international description code of the overall goods or services being supplied. The acquirer or processor will provide a list of current codes.
duty_amountAmount included in the transaction amount associated with the import of purchased goods.
Format: x.xx
discount_amountAmount included in the transaction amount of any discount applied to complete order by the merchant.
Format: x.xx
taxTax amount.
Format: x.xx
national_tax_amountThe national tax amount included in the transaction amount.
Format: x.xx
alternate_tax_amountSecond tax amount included in the transaction amount in countries where more than one type of tax can be applied to the purchases.
Format: x.xx
alternate_tax_idTax identification number of the merchant that reported the alternate tax amount.
vat_tax_amountContains the amount of any value added taxes which can be associated with the purchased item.
vat_tax_rateContains the tax rate used to calculate the sales tax amount appearing. Can contain up to 2 decimal places, e.g. 1% = 1.00.
vat_invoice_reference_numberInvoice number that is associated with the VAT invoice.
customer_vat_registrationValue added tax registration number supplied by the cardholder.
merchant_vat_registrationGovernment assigned tax identification number of the merchant for whom the goods or services were purchased from.
merchant_defined_field_#Merchant Defined Fields.
Format: merchant_defined_field_1=Value
*Always required

Retail Data
Direct Post API

Passing Unencrypted Retail Magnetic Stripe Data

Variable NameDescription
track_1Raw Magnetic Stripe Data
track_2Raw Magnetic Stripe Data
track_3Raw Magnetic Stripe Data

Passing MagTek Magensa Encrypted Magnetic Stripe Data

Variable NameDescription
magnesafe_track_1Raw MagTek Magensa Data
magnesafe_track_2Raw MagTek Magensa Data
magnesafe_magneprintRaw MagTek Magensa Data
magnesafe_ksnRaw MagTek Magensa Data
magnesafe_magneprint_statusRaw MagTek Magensa Data

Passing IDTech M130 Encrypted Swipe Data

Variable NameDescription
encrypted_track_1Raw encrypted data
encrypted_track_2Raw encrypted data
encrypted_track_3Raw encrypted data
encrypted_ksnRaw encrypted data

Passing IDTech M130 Encrypted Keyed Data

Variable NameDescription
encrypted_dataRaw encrypted data

Passing Ingenico Telium 2 Chip Card Data

Variable NameDescription
entry_modeThe type of transaction data to be processed.
Value: 'emv_icc'
emv_auth_request_dataEMV Data for the transaction as received from the EMV Chip Card SDK.
emv_deviceThe EMV - capable card reader.
Value: 'ingenico_rba'
verification_methodMethod used to verify the EMV transaction.
Values: 'signature', 'offline_pin', 'offline_pin_signature', or 'none'
encrypted_ksnRaw encrypted data
encrypted_track_2Raw encrypted data

Passing Ingenico Telium 2 Swipe Data

Variable NameDescription
entry_modeThe type of transaction data to be processed.
Value: 'swiped'
emv_deviceThe EMV - capable card reader.
Value: 'ingenico_rba'
encrypted_ksnRaw encrypted data
encrypted_track_2Raw encrypted data

Passing Ingenico Telium 2 NFC Data

Variable NameDescription
entry_modeThe type of transaction data to be processed.
Value: 'nfc_msd'
emv_deviceThe EMV - capable card reader.
Value: 'ingenico_rba'
encrypted_ksnRaw encrypted data
encrypted_track_2Raw encrypted data

Passing Ingenico Telium 2 Keyed Data

Variable NameDescription
entry_modeThe type of transaction data to be processed.
Value: 'keyed'
emv_deviceThe EMV - capable card reader.
Value: 'ingenico_rba'
encrypted_ksnRaw encrypted data
encrypted_track_2Raw encrypted data

Apple Pay
Direct Post API

Supported Processors

Currently Apple Pay is supported only on the Vital platform.

Configuring Apple Pay

Creating an Apple Merchant ID
First, you must obtain an Apple Merchant ID before you can generate the Certificate Signing Request that Apple requires. You will need to set up an Apple Merchant ID in your iOS Developer Account. Follow these steps to complete the setup:
  1. Go to Apple's Developer Portal and log in to the Member Center to create a new Merchant ID.
  2. Navigate to the Certificates, Identifiers, and Profiles area of the Member Center, and then begin the Register Merchant ID process.
  3. You must then set the Apple Merchant ID within your gateway Control Panel under Settings -> Apple Pay.
Generating the Certificate Signing Request
Next, you will need to associate a Certificate with the Merchant ID in Apple's Developer Portal. After downloading the Certificate Signing Request from the gateway's options page, follow these steps.
  1. In Apple's Developer Portal, click on the Merchant ID and then click "Edit".
  2. Click "Create Certificate".
  3. You are obtaining a CSR file from a Payment Provider so you will not have to create one. Click "Continue" to proceed to the upload page.
  4. Click "Choose File..." and select the Gateway.certSigningRequest file you downloaded from the gateway's options page.

How to Obtain Apple Pay Payment Data

PassKit provides the payment data in the (PKPayment *)payment that is returned to your app's paymentAuthorizationViewController:didAuthorizePayment:completion method. The Apple Pay encrypted payment data is found in payment.token.paymentData.

payment.token.paymentData is a binary (NSData) object, so you must encode it as a hexadecimal string before it can be passed to the Gateway.

Passing Apple Pay Payment Data

To submit a payment with Apple Pay, send the encrypted token data into the applepay_payment_data variable. There is no need to decrypt the data in your app. Only the Gateway will have access to the private key that can decrypt the token.

Notes

When passing in applepay_payment_data, you should not include the variables ccnumber or ccexp; they are extracted from the token data.

Important Note: The authorization amount must match the amount the customer approves in the app. If you pass in a currency, that must also match the currency approved in the app. If omitted, the currency from the app is used.

For working example code, including how to obtain the PKPayment object and how to pass a simple transaction to the Gateway, download the sample project.

Variables

Variable NameDescription
applepay_payment_data The encrypted Apple Pay payment data (payment.token.paymentData) from PassKit encoded as a hexadecimal string


Troubleshooting

If you receive the error "Failed to decrypt Apple Pay data. Ensure that the Apple Pay Merchant ID is correct in the Gateway Settings and that the certificate was generated from a Gateway Certificate Signing Request.", try these steps:
  1. Verify that the Merchant ID that Apple has in the developer portal exactly matches the Merchant ID in the Gateway's settings.
  2. Verify that your app's PKPaymentRequest's merchantIdentifier exactly matches the Merchant ID in the Gateway's settings.
  3. Ensure that the correct Merchant ID is checked in the Apple Pay section of the Capabilities tab in your project's target settings.
  4. Try creating a new Merchant ID. Reusing an existing Merchant ID with a new certificate may sometimes cause issues with encryption.

Recurring Variables
Direct Post API

Add a Plan

Variable NameDescription
recurring*Add a recurring plan that subscriptions can be added to in the future.
Value: 'add_plan'
plan_payments*The number of payments before the recurring plan is complete.
Notes: '0' for until canceled
plan_amount*The plan amount to be charged each billing cycle.
Format: x.xx
plan_name*The display name of the plan.
plan_id*The unique plan ID that references only this recurring plan.
day_frequency**How often, in days, to charge the customer. Cannot be set with 'month_frequency' or 'day_of_month'.
month_frequency***How often, in months, to charge the customer. Cannot be set with 'day_frequency'. Must be set with 'day_of_month'.
Values: 1 through 24
day_of_month***The day that the customer will be charged. Cannot be set with 'day_frequency'. Must be set with 'month_frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
*Always required
**Required unless 'month_frequency' and 'day_of_month' is set.
***Required unless 'day_frequency' is set.

Add a Subscription to an Existing Plan

Variable NameDescription
recurring*Associate payment information with a recurring plan.
Value: add_subscription
plan_id*The plan ID of the plan that the subscription will be associated with.
start_dateThe first day that the customer will be charged.
Format: YYYYMMDD
ccnumber**Credit card number.
ccexp**Credit card expiration.
Format: MMYY
payment***The type of payment.
Default: 'creditcard'
Values: 'creditcard' or 'check'
checkname***The name on the customer's ACH account.
checkaccount***The customer's bank account number.
checkaba***The customer's bank routing number.
account_type***The customer's ACH account type.
Values: 'checking' or 'savings'
account_holder_type***The customer's ACH account entity.
Values: 'personal' or 'business'
sec_codeACH standard entry class codes.
Values: 'PPD', 'WEB', 'TEL', or 'CCD'
first_nameCardholder's first name.
Legacy variable includes: firstname
last_nameCardholder's last name.
Legacy variable includes: lastname
address1Card billing address.
cityCard billing city
stateCard billing state.
zipCard billing postal code.
countryCard billing country code.
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
orderidOrder ID
order_descriptionOrder Description
merchant_defined_field_#Can be set up in merchant control panel under 'Settings'->'Merchant Defined Fields'.
ponumberCardholder's purchase order number.
processor_idIf using Multiple MIDs, route to this processor (processor_id is obtained under Settings->Load Balancing in the Control Panel).
customer_receiptIf set to true, when the customer is charged, they will be sent a transaction receipt.
Values: 'true' or 'false'
*Always required
**Required for credit card transactions
***Required for ACH transactions

Adding a Custom Subscription

Variable NameDescription
recurring*Add a custom recurring subscription that is NOT associated with an existing plan
Value: 'add_subscription'
plan_payments*The number of payments before the recurring plan is complete.
Notes: '0' for until canceled
plan_amount*The plan amount to be charged each billing cycle.
Format: x.xx
day_frequency**How often, in days, to charge the customer. Cannot be set with 'month_frequency' or 'day_of_month'.
month_frequency***How often, in months, to charge the customer. Cannot be set with 'day_frequency'. Must be set with 'day_of_month'.
Values: 1 through 24
day_of_month***The day that the customer will be charged. Cannot be set with 'day_frequency'. Must be set with 'month_frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
start_dateThe first day that the customer will be charged.
Format: YYYYMMDD
ccnumber****Credit card number.
ccexp****Credit card expiration.
Format: MMYY
paymentThe type of payment.
Default: 'creditcard'
Values: 'creditcard' or 'check'
checknameThe name on the customer's ACH account.
checkaccountThe customer's bank account number.
checkabaThe customer's bank routing number.
account_typeThe customer's ACH account type.
Values: 'checking' or 'savings'
account_holder_typeThe customer's ACH account entity.
Values: 'personal' or 'business'
sec_codeACH standard entry class codes.
Values: 'PPD', 'WEB', 'TEL', or 'CCD'
first_nameCardholder's first name.
Legacy variable includes: firstname
last_nameCardholder's last name.
Legacy variable includes: lastname
address1Card billing address.
cityCard billing city
stateCard billing state.
zipCard billing postal code.
countryCard billing country code.
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
orderidOrder ID
order_descriptionOrder Description
Legacy variable includes: orderdescription
merchant_defined_field_#Can be set up in merchant control panel under 'Settings'->'Merchant Defined Fields'.
ponumberCardholder's purchase order number.
processor_idIf using Multiple MIDs, route to this processor (processor_id is obtained under Settings->Load Balancing in the Control Panel).
customer_receiptIf set to true, when the customer is charged, they will be sent a transaction receipt.
Values: 'true' or 'false'
*Always required
**Required unless 'month_frequency' and 'day_of_month' is set.
***Required unless 'day_frequency' is set.
****Required for credit card transactions
Required for ACH transactions

Update a Subscription's Billing Information

Variable NameDescription
recurring*Update the subscription's billing information.
Value: 'update_subscription'
subscription_id*The subscription ID that will be updated.
*Always required

Delete a Subscription

Variable NameDescription
recurring*Delete the subscription. Customer will no longer be charged.
Value: 'delete_subscription'
subscription_id*The subscription ID that will be deleted.
*Always required

Customer Vault Variables
Direct Post API

Add/Update Customer Record

VariablesDescription
customer_vault*Add/Update a secure customer vault record.
Values: 'add_customer' or 'update_customer'
customer_vault_idSpecifies a customer vault id. If not set, the payment gateway will randomly generate a customer vault id.
billing_idBilling id to be assigned or updated. If none is provided, one will be created or the billing id with priority '1' will be updated.
username*Username assigned to merchant account.
password*Password assigned to merchant account.
ccnumber**Credit card number.
ccexp**Credit card expiration.
Format: MMYY
checkname***The name on the customer's ACH account.
checkaba***The customer's bank routing number.
checkaccount***The customer's bank account number.
account_holder_type***The customer's ACH account entity.
Values: 'personal' or 'business'
account_type***The customer's ACH account type.
Values: 'checking' or 'savings'
sec_codeACH standard entry class codes.
Values: 'PPD', 'WEB', 'TEL', or 'CCD'
currencySet transaction currency.
paymentSet payment type to ACH or credit card.
Values: 'creditcard' or 'check'
orderidOrder id
order_descriptionOrder Description
Legacy variable includes: orderdescription
merchant_defined_field_#Can be set up in merchant control panel under 'Settings'->'Merchant Defined Fields'.
Format: merchant_defined_field_1=Value
ponumber****Cardholder's purchase order number.
tax****Total tax amount.
Format: x.xx
tax_exempt****Set whether cardholder is tax exempt.
Values: 'true' or 'false'
shipping****Total shipping amount
first_nameCardholder's first name.
Legacy variable includes: firstname
last_nameCardholder's last name.
Legacy variable includes: lastname
address1Card billing address.
cityCard billing city
stateCard billing state.
zipCard billing postal code.
countryCard billing country code.
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
shipping_idShipping entry id. If none is provided, one will be created or the billing id with priority '1' will be updated.
shipping_firstnameShipping first name.
shipping_lastnameShipping last name.
shipping_companyShipping company.
shipping_address1Shipping address.
shipping_address2Shipping address, line 2.
shipping_cityShipping city
shipping_stateShipping state.
shipping_zipShipping postal code.
shipping_countryShipping country code.
shipping_phoneShipping phone number.
shipping_faxShipping fax number.
shipping_emailShipping email address.
*Always required
**Required for credit card transactions
***Required for ACH transactions
****Required for Level 2 transactions

Customer Vault initiated Sale/Auth/Credit/Offline

VariableDescription
username*Username assigned to merchant account.
password*Password assigned to merchant account.
customer_vault_id*Specifies a customer vault id.
amountTotal amount to be charged. For validate, the amount must be omitted or set to 0.00.
Format: x.xx
currencyThe transaction currency. Format: ISO 4217
processor_idIf using Multiple MIDs, route to this processor (processor_id is obtained under Settings->Load Balancing in the Control Panel).
descriptorSet payment descriptor on supported processors.
descriptor_phoneSet payment descriptor phone on supported processors.
order_descriptionOrder description.
Legacy variable includes: orderdescription
orderidOrder ID
*Always required

Delete Customer Record

VariableDescription
customer_vault*Deletes a secure customer vault record.
Values: 'delete_customer'
customer_vault_id*Specifies a customer vault id.
username*Username assigned to merchant account.
password*Password assigned to merchant account.
*Always required

Notes:

  • If you do not pass a customer_vault_id, our system will randomly generate one. If you include a customer_id and customer_vault_id, they must match.
  • You can only pass Credit Card or Electronic Check transaction variables.

Partial Payment Information
Direct Post API

Request Details

VariableDescription
partial_payment_idUnique identifier returned when making the original transaction. This should only be used for secondary transactions.
partial_paymentsThis variable allows the following two values to be passed to it:
settle_partial: Settles any amount of tender collected (captured partial auth's and approved partial sales) at cut off.
payment_in_full: Required that any split tendered transaction is collected in-full before settlement gets initiated.
typeThis variable can be passed the value 'complete_partial_payment' which will complete a payment_in_full transaction that has not been collected in full. This allows industries that require payment_in_full but subsequently decide to still settle the transaction even though it has not been collected in full.

Response Details

VariableDescription
partial_payment_idA numeric identifier which is used when submitting subsequent transactions.
partial_payment_balanceReturns the payment's remaining balance.
amount_authorizedProvides the amount that was authorized.

Examples

Example 1: In this request, if nothing more was done, a transaction for 30.00 would settle at the next cut-off.

Request...type=sale&partial_payments=settle_partial&ccnumber=4111111111111111&ccexp=1016&amount=100.00...
Response...response=1&partial_payment_id=123456789&partial_payment_balance=70.00&amount=30.00...

Example 2: In this request, payment_in_full was required and two transaction were collected - this transaction would settle at the next cut-off.

Request 1...type=sale&partial_payments=payment_in_full&ccnumber=4111111111111111&ccexp=1016&amount=100.00...
Response 1...response=1&partial_payment_id=123456789&partial_payment_balance=70.00&amount=30.00...
Request 2...type=sale&partial_payment_id=123456789&partial_payments=payment_in_full&ccnumber=4000000000000002&ccexp=1016&amount=70.00...
Response 2...response=1& partial_payment_id=123456789&partial_payment _balance=0.00&amount=70.00...

Example 3: In this example, payment_in_full was required and two transactions were attempted, but only one collected. The merchant decided to force it out anyways - this transaction would settle at the next cut-off.

Request 1...type=sale&partial_payments=payment_in_full&ccnumber=4111111111111111&ccexp=1016&amount=100.00...
Response 1...response=1&partial_payment_id=123456789&partial_payment_balance=70.00&amount=30.00...
Request 2...type=sale&partial_payment_id=123456789&partial_payments=payment_in_full&ccnumber=4000000000000002&ccexp=1016&amount=70.00...
Response 2...response=2&partial_payment_id=123456789&partial_payment_balance=70.00&amount=70.00...
Request 3...type=complete_partial_payment& partial_payment_id=123456789&partial_payments=payment_in_full&amount=70.00...
Response 3...response=1& partial_payment_id=123456789&partial_payment_balance=0.00&amount=70.00...

Transaction Response Variables
Direct Post API

Standard Response

Variable NameDescription
response 1 = Transaction Approved
2 = Transaction Declined
3 = Error in transaction data or system error
responsetextTextual response
authcodeTransaction authorization code.
transactionidPayment gateway transaction id.
avsresponseAVS response code (See Appendix 1).
cvvresponseCVV response code (See Appendix 2).
orderidThe original order id passed in the transaction request.
response_codeNumeric mapping of processor responses (See Appendix 3).
emv_auth_response_dataThis will optionally come back when any chip card data is provided on the authorization. This data needs to be sent back to the SDK after an authorization.

Testing Information
Direct Post API

Transaction testing credentials

Transactions can be tested using one of two methods. First, transactions can be submitted to any merchant account that is in test mode. Keep in mind that if an account is in test mode, all valid credit cards will be approved but no charges will actually be processed.

The Payment Gateway demo account can also be used for testing at any time. Please use the following username and password for testing with this account:

username:demo
password:password

Transaction POST URL

Transaction details should be POST'ed to the following URL:

POST URL:https://velox.transactiongateway.com/api/transact.php

Test Data

Transactions can be submitted using the following information:

Visa:4111111111111111
MasterCard:5431111111111111
Discover:6011601160116611
American Express:341111111111111
Credit Card Expiration:10/25
account (ACH):123123123
routing (ACH):123123123

Triggering Errors in Test Mode

  • To cause a declined message, pass an amount less than 1.00.
  • To trigger a fatal error message, pass an invalid card number.
  • To simulate an AVS match, pass 888 in the address1 field, 77777 for zip.
  • To simulate a CVV match, pass 999 in the cvv field.

Appendix 1
Direct Post API

AVS Response Codes

XExact match, 9-character numeric ZIP
YExact match, 5-character numeric ZIP
DExact match, 5-character numeric ZIP
MExact match, 5-character numeric ZIP
2Exact match, 5-character numeric ZIP, customer name
6Exact match, 5-character numeric ZIP, customer name
AAddress match only
BAddress match only
3Address, customer name match only
7Address, customer name match only
W9-character numeric ZIP match only
Z5-character ZIP match only
P5-character ZIP match only
L5-character ZIP match only
15-character ZIP, customer name match only
55-character ZIP, customer name match only
NNo address or ZIP match only
CNo address or ZIP match only
4No address or ZIP or customer name match only
8No address or ZIP or customer name match only
UAddress unavailable
GNon-U.S. issuer does not participate
INon-U.S. issuer does not participate
RIssuer system unavailable
ENot a mail/phone order
SService not supported
0AVS not available
OAVS not available
BAVS not available

Appendix 2
Direct Post API

CVV Response Codes

MCVV2/CVC2 match
NCVV2/CVC2 no match
PNot processed
SMerchant has indicated that CVV2/CVC2 is not present on card
UIssuer is not certified and/or has not provided Visa encryption keys

Appendix 3
Direct Post API

Result Code Table

100Transaction was approved.
200Transaction was declined by processor.
201Do not honor.
202Insufficient funds.
203Over limit.
204Transaction not allowed.
220Incorrect payment information.
221No such card issuer.
222No card number on file with issuer.
223Expired card.
224Invalid expiration date.
225Invalid card security code.
240Call issuer for further information.
250Pick up card.
251Lost card.
252Stolen card.
253Fraudulent card.
260Declined with further instructions available. (See response text)
261Declined-Stop all recurring payments.
262Declined-Stop this recurring program.
263Declined-Update cardholder data available.
264Declined-Retry in a few days.
300Transaction was rejected by gateway.
400Transaction error returned by processor.
410Invalid merchant configuration.
411Merchant account is inactive.
420Communication error.
421Communication error with issuer.
430Duplicate transaction at processor.
440Processor format error.
441Invalid transaction information.
460Processor feature not available.
461Unsupported card type.

Methodology
Three-Step

Method Overview

  • Step One: Submit all transaction details to the Payment Gateway except the customer's sensitive payment information. The Payment Gateway will return a variable form-url.

  • Step Two: Create an HTML form that collects the customer's sensitive payment information and use the form-url that the Payment Gateway returns as the submit action in that form.

  • Step Three: Once the customer has been redirected, obtain the token-id and complete the transaction through an HTTPS POST including the token-id which abstracts the sensitive payment information that was collected directly by the Payment Gateway.

Detailed Explanation

To start step one, your payment application will submit a behind-the-scenes HTTPS direct POST that includes transaction variables, including an additional variable redirect-url, which is a URL that must exist on your web server that handles a future browser redirect. Sensitive payment information such as cc-number, cc-exp, and cvv cannot be submitted during step one. The Payment Gateway will generate and return the form-url variable containing a unique URL to be used in Step 2.

Next, during step two, you must develop an HTML form that collects at least the customer's sensitive payment information such as cc-number, cc-exp, and cvv. You must use the form-url obtained in step one as the action in the HTML of your payment form. When the customer submits the form, the customer's browser will transparently POST the contents of the payment form directly to the Payment Gateway. This methodology keeps your web server and payment application from seeing or transmitting any credit card data or other sensitive data. Once the Payment Gateway has collected the customer's sensitive payment details, the customer's browser will be instructed to return to the redirect-url on your web server. Furthermore, the Payment Gateway will generate and append a unique variable named token-id to the redirect-url in the GET query string. This token-id is an abstraction of the customer's sensitive payment information that the Payment Gateway collected. Your redirect-url script must parse the token-id for use in step three.

To complete the transaction, you will submit another behind-the-scenes HTTPS direct POST including only the token-id and api-key. This token-id is used to "tie" together the initial customer information with the sensitive payment information that the payment gateway collected directly.

Step One
Three-Step: Transactions

Sale/Auth/Credit/Validate/Offline XML Request

XML ElementDescription
<sale|auth|credit|validate|offline>Type of transaction to perform.
api-key*api-key is obtained in the security keys section of the control panel settings.
redirect-url*A URL on your web server that the gateway will redirect your customer to after sensitive data collection.
amount*Total amount to be charged (For "validate" actions, amount must be 0.00 or omitted).
authorization-code**Specify authorization code. For use with "offline" action only.
ip-addressCardholder's IP address.
Format: xxx.xxx.xxx.xxx
industrySpecify industry classification of transaction.
Values: 'ecommerce', 'moto', or 'retail'
billing-methodSet additional billing indicators.
Values: 'recurring' or 'installment'
billing-numberSpecify installment billing number, on supported processors. For use when "billing-method" is set to installment.
Values: 0-99
billing-totalSpecify installment billing total on supported processors. For use when "billing-method" is set to installment.
processor-idIf using multiple processors, route to specified processor. Obtained under Settings->Load Balancing in the merchant control panel.
sec-codeACH standard entry class codes.
Values: 'PPD', 'WEB', 'TEL', 'CCD', 'POP', or 'ARC'
descriptorSet payment descriptor on supported processors.
descriptor-phoneSet payment descriptor phone on supported processors.
descriptor-addressSet payment descriptor address on supported processors.
descriptor-citySet payment descriptor city on supported processors.
descriptor-stateSet payment descriptor state on supported processors.
descriptor-postalSet payment descriptor postal code on supported processors.
descriptor-countrySet payment descriptor country on supported processors.
descriptor-mccSet payment descriptor mcc on supported processors.
descriptor-merchant-idSet payment descriptor merchant id on supported processors.
descriptor-urlSet payment descriptor url on supported processors.
currencySet transaction currency.
Format: ISO 4217
order-descriptionOrder description.
customer-idCustomer identification.
customer-vault-idLoad customer details from an existing customer vault record. If set, no payment information is required during step two.
merchant-receipt-emailSend merchant receipt to email
customer-receiptSend receipt if billing email included.
Values: 'true' or 'false'
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
tracking-numberShipping tracking number.
shipping-carrierShipping carrier.
Values: 'ups', 'fedex', 'dhl', or 'usps'
order-id***Order id.
po-number***Cardholder's purchase order number.
tax-amount***The sales tax included in the transaction amount associated with the purchase. Setting tax equal to '-1' indicates an order that is exempt from sales tax.
Default: '0.00'
Format: x.xx
shipping-amount***Total shipping amount.
ship-from-postal****Postal/ZIP code of the address from where purchased goods are being shipped. Defaults to merchant profile postal code.
summary-commodity-code****A code representing the type of commodity being purchased. The acquirer or processor will provide a list of current codes.
duty-amountAmount included in the transaction amount associated with the import of the purchased goods.
Default: '0.00'
discount-amountAmount included in the transaction amount of any discount applied to the complete order by the merchant.
Default: '0.00'
national-tax-amountThe national tax amount included in the transaction amount.
Default: '0.00'
alternate-tax-amountSecond tax amount included in the transaction amount in countries where more than one type of tax can be applied to the purchases.
Default: '0.00'
alternate-tax-idTax identification number of the merchant that reported the alternate tax amount.
vat-tax-amountContains the amount of any value added taxes which can be associated with the purchased item.
Default: '0.00'
vat-tax-rateContains the tax rate used to calculate the sales tax amount appearing. Can contain up to 2 decimal places, ie 1% = 1.00.
Default: '0.00'
vat-invoice-reference-numberInvoice number that is associated with the VAT invoice.
customer-vat-registrationValue added tax registration number supplied by the cardholder.
merchant-vat-registrationGovernment assigned tax identification number of the merchant from whom the goods or services were purchased.
order-datePurchase order date. Defaults to the date of the transaction.
Format: YYMMDD
cardholder-authSet 3D Secure condition.
Values: 'verified' or 'attempted'
eciE-commerce indicator.
Values: '2', '5', or '7'
cavvCardholder authentication verification value.
Format: base64 encoded
xidCardholder authentication transaction id.
Format: base64 encoded
dup-secondsOverride duplicate transaction detection time in seconds.
avs-rejectThe transaction is rejected if the address verification result is a code in this list. Values are letters obtained under Settings->Address Verification in the control panel.
Format: x|x|x|x...
cvv-rejectThe transaction is rejected if the card ID verification result is a code in this list. Values are letters obtained under Settings->Card ID Verification in the control panel.
Format: x|x|x|x...
<billing>The customer's billing information
billing-idSpecify billing id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-type§The customer's ACH account type.
Values: 'checking' or 'savings'
entity-type§The customer's ACH account entity.
Values: 'personal' or 'business'
</billing>
<shipping>The customer's shipping information.
shipping-idSpecify shipping id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping billing address.
cityShipping city.
stateShipping state/province.
Format: CC
postal****Shipping postal code.
country****Shipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
</shipping>
<product>Product line item detail. Multiple product elements are allowed.
product-code****¶Merchant defined description code of the item being purchased.
description****Description of the item(s) being supplied.
commodity-code****International description code of the individual good or service being supplied. The acquirer or processor will provide a list of current codes.
unit-of-measure****Code for units of measurement as used in international trade.
Default: 'EACH'
unit-cost****Unit cost of item purchased. May contain up to 4 decimal places.
quantity****Quantity of the item(s) being purchased.
Default: '1'
total-amount****Purchase amount associated with the item. Default to 'unit-cost' x 'quantity' rounded to the nearest penny.
tax-amount****Amount of tax on specific item. Amount should not be included in item-total-amount.
Default: '0.00'
tax-rate****Percentage representing the value-added tax applied. 1% = 1.00.
Default: '0.00'
discount-amountDiscount amount which can have been applied by the merchant on the sale of the specific item. Amount should not be included in 'item-total-amount'.
discount-rateDiscount rate for the line item. 1% = 1.00.
Default: '0.00'
tax-typeType of value-added taxes that are being used.
alternate-tax-idTax identification number of the merchant that reported the alternate tax amount.
</product>
<add-subscription>Perform a simultaneous 'hybrid' recurring action while processing a transaction.
start-dateThe first day that the customer will be charged. Format: YYYYMMDD
<plan>
plan-idThe unique plan ID that references only this recurring plan.
paymentsThe number of payments before the recurring plan is complete.
Note: Use '0' for 'until canceled'
amountThe plan amount to be charged each billing cycle.
Format: x.xx
day-frequencyHow often, in days, to charge the customer. Cannot be set with 'month-frequency' or 'day-of-month'.
month-frequencyHow often, in months, to charge the customer. Cannot be set with 'day-frequency'. Must be set with 'day-of-month'.
Values: 1 through 24
day-of-monthThe day that the customer will be charged. Cannot be set with 'day-frequency'. Must be set with 'month-frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
</plan>
</add-subscription>
<add-customer|update-customer>Perform a simultaneous 'hybrid' customer vault action while processing a transaction. This tag can be blank if submitting an 'add-customer' without specifying a 'customer-vault-id'.
customer-vault-idSpecify customer vault id. If omitted, will be auto-generated and returned in response. Required for 'update-customer'.
</add-customer|update-customer>
partial-payments††Specify whether a partial amount or full amount of the transaction should be settled.
Format: 'settle_partial' or 'payment_in_full'
partial-payment-id††Specify a partial payment ID. Required to collect an additional amount associated with an existing Partial Payment Transaction. Do not use on initial transaction.
</sale|auth|credit|validate|offline>
*Always required
**Required for offline transactions
***Required for Level 2 and Level 3 transactions
****Required for Level 3 transactions
Required for 3D-Secure transactions
Required for Override transactions
††Required for Partial Payment Transactions
§Required for ACH transactions
Required for Line Item Reporting

Sale/Auth/Credit/Validate/Offline XML Response

XML ElementDescription
<response>
result 1=Approved
2=Declined
3=Error in transaction data or system error
result-textTextual response.
transaction-idPayment Gateway transaction id.
result-codeNumeric mapping of processor responses (See Appendix 3).
form-urlURL used as the action of the HTML form in step two.
</response>

Step Two
Three-Step: Transactions

HTML Form Fields Request

HTML Form FieldsDescription
billing-cc-number*Credit card number.
billing-cc-exp*Credit card expiration.
Format: MMYY
billing-cvvCard security code.
billing-account-name**The name on the customer's ACH Account.
billing-account-number**The customer's bank account number.
billing-routing-number**The customer's bank routing number.
billing-account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
billing-entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
billing-micrPhysical check's Magnetic ink strip, on supported check processors. For use with 'POP' or 'ARC' sec-code.
billing-track-1***Raw magnetic stripe data, track 1.
billing-track-2***Raw magnetic stripe data, track 2.
billing-track-3***Raw magnetic stripe data, track 3.
billing-magnesafe-track-1***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-2***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-3***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-ksn***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-magneprint***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-magneprint-status***Raw MagTek Magensa encrypted reader data.
billing-social-security-number****Customer's social security number, checked against bad check writers database if check verification is enabled.
billing-drivers-license-number****Driver's license number, checked against bad check writers' database if check verification is enabled.
billing-drivers-license-dob****Driver's license date of birth.
billing-drivers-license-state****Customer's driver's license state.
Format: CC
billing-first-nameCardholder's first name. Overwrites value if passed during step one.
billing-last-nameCardholder's last name. Overwrites value if passed during step one..
billing-address1Cardholder's billing address. Overwrites value if passed during step one.
billing-cityCard billing city. Overwrites value if passed during step one.
billing-stateCard billing state/province. Overwrites value if passed during step one.
Format: CC
billing-postalCard billing postal code. Overwrites value if passed during step one.
billing-countryCard billing country code. Overwrites value if passed during step one.
Format: CC/ISO 3166
billing-phoneBilling phone number. Overwrites value if passed during step one.
billing-emailBilling email address. Overwrites value if passed during step one.
billing-companyCardholder's company. Overwrites value if passed during step one.
billing-address2Card billing address, line 2. Overwrites value if passed during step one.
billing-faxBilling fax number. Overwrites value if passed during step one.
shipping-first-nameShipping first name. Overwrites value if passed during step one.
shipping-last-nameShipping last name. Overwrites value if passed during step one.
shipping-address1Shipping billing address. Overwrites value if passed during step one.
shipping-cityShipping city. Overwrites value if passed during step one.
shipping-stateShipping state/province. Overwrites value if passed during step one.
shipping-postalShipping postal code. Overwrites value if passed during step one.
shipping-countryShipping country code. Overwrites value if passed during step one.
shipping-phoneShipping phone number. Overwrites value if passed during step one.
shipping-emailShipping email address. Overwrites value if passed during step one.
shipping-companyShipping company. Overwrites value if passed during step one.
shipping-address2Shipping address, line 2. Overwrites value if passed during step one.
shipping-faxShipping fax number. Overwrites value if passed during step one.
*Required for keyed credit card transactions.
**Required for ACH transactions.
***Used for retail transactions. Variables used dependent on swipe device.
****Required for check verification.
Required for check scanning.

HTML Form Fields Response

Once the Payment Gateway has collected the customer's sensitive payment details, the customer's browser will immediately be redirected back to the redirect-url on your web server. A variable named token-id will be appended to the redirect-url in the GET query string as described below:

https://redirect-url/?token-id=[token]

Step Three
Three-Step: Transactions

Complete Transaction XML Request

XML ElementDescription
<complete-action>
api-key*api-key is obtained in the security keys section of the control panel settings.
token-id*Customer payment token returned during step two.
</complete-action>
*Required

Complete Transaction XML Response

XML ElementDescription
<response>
result 1=Transaction Approved
2=Transaction Declined
3=Error in transaction data or system error
result-textTextual response.
transaction-idPayment Gateway transaction ID
result-codeNumeric mapping of processor responses. (See Appendix 3)
authorization-codeTransaction authorization code.
avs-resultAVS response code. (See Appendix 1)
cvv-resultCVV response code. (See Appendix 2)
action-typeAction type that was initially specified.
Values: 'sale', 'auth', 'credit', 'validate', or 'offline'
amountTotal amount charged.
Format: x.xx
amount-authorizedReturns the amount authorized.
Format: x.xx
ip-addressCardholder's IP address.
Format: xxx.xxx.xxx.xxx
industryIndustry classification of transaction.
Values: 'ecommerce', 'moto', or 'retail'
billing-methodBilling indicators used.
Values: 'recurring' or 'installment'
processor-idProcessor transaction was made through.
sec-codeACH standard entry class codes.
Values: 'PPD', 'WEB', 'TEL', 'CCD', 'POP', or \ARC'
descriptorPayment descriptor.
descriptor-phonePayment descriptor phone.
descriptor-addressSet payment descriptor address on supported processors.
descriptor-citySet payment descriptor city on supported processors.
descriptor-stateSet payment descriptor state on supported processors.
descriptor-postalSet payment descriptor postal code on supported processors.
descriptor-countrySet payment descriptor country on supported processors.
descriptor-mccSet payment descriptor mcc on supported processors.
descriptor-merchant-idSet payment descriptor merchant id on supported processors.
descriptor-urlSet payment descriptor url on supported processors.
currencyTransaction currency used. (Table 1.b)
order-descriptionOrder description.
customer-idCustomer identification.
customer-vault-idCustomer vault id used or created during action.
merchant-receipt-emailMerchant receipt email.
customer-receiptCustomer email receipt sent.
Values: 'true' or 'false'
partial-payment-balanceReturns the payment's remaining balance.
partial-payment-idNumeric identifier used to submit subsequent partial payment transactions.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
tracking-numberShipping tracking number.
shipping-carrierShipping carrier.
Values: 'ups', 'fedex', 'dhl', or 'usps'
order-idOrder id.
po-numberCardholder's purchase order number.
tax-amountThe sales tax included in the transaction amount associated with the purchase.
Format: x.xx
shipping-amountTotal shipping amount.
Format: x.xx
ship-from-postalPostal/ZIP code of the address from where purchased goods are being shipped.
summary-commodity-codeA code representing the type of commodity being purchased. The acquirer or processor will provide a list of current codes.
duty-amountAmount included in the transaction amount associated with the import of the purchased goods.
Format: x.xx
discount-amountAmount included in the transaction amount of any discount applied to the complete order by the merchant.
Format: x.xx
national-tax-amountThe national tax amount included in the transaction amount.
Format: x.xx
alternate-tax-amountSecond tax amount included in the transaction amount in countries where more than one type of tax can be applied to the purchases.
Default: '0.00'
Format: x.xx
alternate-tax-idTax identification number of the merchant that reported the alternate tax amount.
vat-tax-amountContains the amount of any value added taxes which can be associated with the purchased item.
Format: x.xx
vat-tax-rateContains the tax rate used to calculate the sales tax amount appearing. Can contain up to 2 decimal places, ie 1% = 1.00.
Format: x.xx
vat-invoice-reference-numberInvoice number that is associated with the VAT invoice.
customer-vat-registrationValue added tax registration number supplied by the cardholder.
merchant-vat-registrationGovernment assigned tax identification number of the merchant from whom the goods or services were purchased.
order-datePurchase order date.
Format: YYMMDD
cardholder-auth3D Secure condition.
Values: 'verified' or 'attempted'
eciE-commerce indicator.
Values: '2', '5', or '7'
cavvCardholder authentication verification value.
Format: base64 encoded
xidCardholder authentication transaction id.
Format: base64 encoded
dup-secondsOverride duplicate transaction detection checking in seconds.
avs-rejectValues are letters obtained under Settings->Address Verification in the control panel.
cvv-rejectValues are letters obtained under Settings->Card ID Verification in the control panel.
<billing>The customer's billing information
billing-idBilling id used or created for this action.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
social-security-numberCustomer's social security number
drivers-license-numberDriver's license number.
drivers-license-dobDriver's license date of birth.
drivers-license-stateCustomer's driver's license state.
Format: CC
cc-numberMasked credit card number.
Format: XXXXXX********XXXX
cc-expCredit card expiration
Format: MMYY
account-nameThe name on the customer's bank account.
account-numberMasked bank account number.
Format: X****XXXX
routing-numberMasked bank routing number.
Format: X****XXXX
account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
priorityBilling id priority.
Format: Numeric, 1-255
</billing>
<shipping>The customer's shipping information.
shipping-idShipping id used or created for this action. Recommended when using customer vault hybrid action; will be ignored if no hybrid add/update-customer is done.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping billing address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
priorityShipping id priority.
Format: Numeric, 1-255
</shipping>
<product>Product line item detail. Multiple product elements are allowed.
product-codeMerchant defined description code of the item being purchased.
descriptionDescription of the item(s) being supplied.
commodity-codeInternational description code of the individual good or service being supplied. The acquirer or processor will provide a list of current codes.
unit-of-measureCode for unites of measurement as used in international trade.
unit-costUnit cost of item purchased. May contain up to 4 decimal places.
quantityQuantity of the item(s) being purchased.
total-amountPurchase amount associated with the item.
Format: x.xx
tax-amountAmount of tax on specific item. Amount should not be included in item-total-amount.
Format: x.xx
tax-ratePercentage representing the value-added tax applied. 1% = 1.00.
Format: x.xx
discount-amountDiscount amount which can have been applied by the merchant on the sale of the specific item.
Format: x.xx
discount-rateDiscount rate for the line item. 1% = 1.00
Format: x.xx
tax-typeType of value-added taxes that are being used.
alternate-tax-idTax identification number of the merchant that reported the alternate tax amount.
</product>
</response>

Additional Operations
Three-Step: Transactions

Capture XML Request

ElementDescription
<capture>
api-key*api-key is obtained in the security keys section of the control panel settings.
transaction-id*Original Payment Gateway transaction id.
amountTotal amount to be settled, this amount may be equal to or less than the authorized amount.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
tracking-numberShipping tracking number.
shipping-carrierShipping carrier used.
Values: 'ups', 'fedex', 'dhl', or 'usps'
order-idOrder ID.
</capture>
*Required

Void XML Request

ElementDescription
<void>
api-key*api-key is obtained in the security keys section of the control panel settings.
transaction-id*Original Payment Gateway transaction id.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
</void>
*Required

Refund XML Request

ElementDescription
<refund>
api-key*api-key is obtained in the security keys section of the control panel settings.
transaction-id*Original Payment Gateway transaction id.
amountTotal amount to be settled, this amount may be equal to or less than the authorized amount.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
</refund>
*Required

Update XML Request

ElementDescription
<update>
api-key*api-key is obtained in the security keys section of the control panel settings.
transaction-id*Original Payment Gateway transaction id.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
tracking-numberShipping tracking number.
shipping-carrierShipping carrier used.
Values: 'ups', 'fedex', 'dhl', or 'usps'
order-idOrder ID.
</update>
*Required

Complete Partial Payment XML Request

ElementDescription
<complete-partial-payment>
api-key*api-key is obtained in the security keys section of the control panel settings.
partial-payment-id*Specify a partial payment ID. Required to collect an additional amount associated with an existing Partial Payment Transaction. Do not use on initial transaction.
</complete-partial-payment>
*Required

Step One
Three-Step: Customer Vault

Add/Update Customer XML Request

XML ElementDescription
<add-customer|update-customer>Type of transaction to perform.
api-key*api-key is obtained in the security keys section of the control panel settings.
redirect-url* A URL on your web server that the gateway will redirect your customer to after sensitive data collection. Value is not required for 'update-customer' requests when sensitive data is not being presented.
Example: Updating an address or zip code only.
customer-vault-idLoad customer details from an existing customer vault record. If set, no payment information is required during step two.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<billing>The customer's billing information
billing-idSpecify billing id. Required for 'update-customer' if multiple billing-ids exist, optional for 'add-billing'.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
prioritySpecify priority (If omitted, will be auto-generated and returned in response).
Format: Numeric, 1-255
</billing>
<shipping>The customer's shipping information.
shipping-idSpecify shipping id (Required for update-customer if multiple shipping-ids exist. Optional for add-billing).
first-nameShipping first name.
last-nameShipping last name.
address1Shipping billing address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
prioritySpecify priority, if omitted, will be auto-generated and returned in response.
Format: Numeric, 1-255
</shipping>
</add-customer|update-customer>
*Required

XML Response

XML ElementDescription
<response>
result 1=Approved
2=Declined
3=Error in transaction data or system error
result-textTextual response.
result-codeNumeric mapping of processor responses. (See Appendix 3)
form-urlURL used as the action of the HTML form in step two.
</response>

Step Two
Three-Step: Customer Vault

HTML Form Fields Request

HTML Form FieldsDescription
billing-cc-number*Credit card number.
billing-cc-exp*Credit card expiration.
Format: MMYY
billing-cvvCard security code.
billing-account-name**The name on the customer's ACH Account.
billing-account-number**The customer's bank account number.
billing-routing-number**The customer's bank routing number.
billing-account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
billing-entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
billing-micrPhysical check's Magnetic ink strip, on supported check processors. For use with 'POP' or 'ARC' sec-code.
billing-track-1***Raw magnetic stripe data, track 1.
billing-track-2***Raw magnetic stripe data, track 2.
billing-track-3***Raw magnetic stripe data, track 3.
billing-magnesafe-track-1***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-2***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-3***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-ksn***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-magneprint-status***Raw MagTek Magensa encrypted reader data.
billing-social-security-number****Customer's social security number (Checked against bad check writers database if check verification is enabled).
billing-drivers-license-number****Driver's license number (Checked against bad check writers database if check verification is enabled).
billing-drivers-license-dob****Driver's license date of birth.
billing-drivers-license-state****Customer's driver's license state.
Format: CC
billing-first-nameCardholder's first name, overwrites value if passed during step one.
billing-last-nameCardholder's last name, overwrites value if passed during step one.
billing-address1Cardholder's billing address, overwrites value if passed during step one.
billing-cityCard billing city, overwrites value if passed during step one.
billing-stateCard billing state/province, overwrites value if passed during step one.
Format: CC
billing-postalCard billing postal code, overwrites value if passed during step one.
billing-countryCard billing country code, overwrites value if passed during step one.
Format: CC/ISO 3166
billing-phoneBilling phone number, overwrites value if passed during step one.
billing-emailBilling email address, overwrites value if passed during step one.
billing-companyCardholder's company, overwrites value if passed during step one.
billing-address2Card billing address, line 2, overwrites value if passed during step one.
billing-faxBilling fax number, overwrites value if passed during step one.
shipping-first-nameShipping first name, overwrites value if passed during step one.
shipping-last-nameShipping last name, overwrites value if passed during step one.
shipping-address1Shipping billing address, overwrites value if passed during step one.
shipping-cityShipping city, overwrites value if passed during step one.
shipping-stateShipping state/province, overwrites value if passed during step one.
Format: CC
shipping-postalShipping postal code, overwrites value if passed during step one.
shipping-countryShipping country code, overwrites value if passed during step one.
Format: CC/ISO 3166
shipping-phoneShipping phone number, overwrites value if passed during step one.
shipping-emailShipping email address, overwrites value if passed during step one.
shipping-companyShipping company, overwrites value if passed during step one.
shipping-address2Shipping address, line 2, overwrites value if passed during step one.
shipping-faxShipping fax number, overwrites value if passed during step one.
*Required for keyed credit card transactions.
**Required for ACH transactions.
***Used for retail transactions. Variables used dependent on swipe device.
****Required for check verification.
Required for check scanning.

HTML Form Fields Response

Once the Payment Gateway has collected the customer's sensitive payment details, the customer's browser will immediately be redirected back to the redirect-url on your web server. A variable named token-id will be appended to the redirect-url in the GET query string as described below:

https://redirect-url/?token-id=[token]

Step Three
Three-Step: Customer Vault

Complete Action XML Request

XML ElementDescription
<complete-action>
api-key*api-key is obtained in the security keys section of the control panel settings.
token-id*Customer payment token returned during step two.
</complete-action>
*Required

Complete Action XML Response

XML ElementDescription
<response>
result 1=Transaction Approved
2=Transaction Declined
3=Error in transaction data or system error
result-textTextual response.
result-codeNumeric mapping of processor responses. (See Appendix 3)
action-typeAction type that was initially specified.
Values: 'sale', 'auth', 'credit', 'validate', or 'offline'
customer-vault-idCustomer vault id used or created during action.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<billing>The customer's billing information.
billing-idBilling id used or created for this action.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
social-security-numberCustomer's social security number
drivers-license-numberDriver's license number.
drivers-license-dobDriver's license date of birth.
drivers-license-stateCustomer's driver's license state.
Format: CC
cc-numberMasked credit card number.
Format: XXXXXX********XXXX
cc-expCredit card expiration.
Format: MMYY
account-nameThe name on the customer's bank account.
account-numberMasked bank account number.
Format: X****XXXX
routing-numberMasked bank routing number.
Format: X****XXXX
account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
priorityBilling id priority.
Format: Numeric, 1-255
</billing>
<shipping>The customer's shipping information.
shipping-idShipping id used or created during action.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping billing address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
priorityShipping id priority.
Format: Numeric, 1-255
</shipping>
</response>

Additional Operations
Three-Step: Customer Vault

Add/Update Billing Request (Step 1)

XML ElementDescription
<add-billing|update-billing>Type of transaction to perform.
api-key*api-key is obtained in the security keys section of the control panel settings.
redirect-url* A URL on your web server that the gateway will redirect your customer to after sensitive data collection. Value is not required for 'update-billing' requests when sensitive data is not presented.
Example: Updating an address or zip code only.
customer-vault-id*Load customer details from an existing customer vault record. If set, no payment information is required during step two.
<billing>The customer's billing information
billing-idSpecify billing id. Required for update-customer if multiple billing ids exist, optional for add-billing.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
prioritySpecify priority (If omitted, will be auto-generated and returned in response.)
Format: Numeric, 1-255
</billing>
</add-billing|update-billing>
*Required

Customer Vault initiated Sale/Auth/Credit/Validate/Offline XML Request

ElementDescription
<sale|auth|credit|validate|offline>Any and all optional fields described here can be appended to this request.
api-key*api-key is obtained in the security keys section of the control panel settings.
amount*Total amount to be charged (For "validate" actions, amount must be 0.00 or omitted).
Format: x.xx
authorization-codeSpecify authorization code. For use with "offline" action only.
processor-idIf using multiple MIDs, route to this processor. The values for 'processor-id' are obtained under 'Settings'->'Load Balancing' in the Control Panel.
customer-vault-id*Load Customer details from an existing Customer Vault record.
<billing>The customer's billing information.
billing-idLoad Billing ID details from an existing Billing record. If not set, the billing-id with the highest priority will be used by default.
</billing>
<shipping>The customer's shipping information.
shipping-idLoad shipping id details from an existing shipping record. If unset, the billing-id with the highest priority will be used by default.
</shipping>
</sale|auth|credit|validate|offline>
*Required

Delete Customer XML Request

ElementDescription
<delete-customer>
api-key*api-key is obtained in the security keys section of the control panel settings.
customer-vault-id*Specify customer to be deleted.
</delete-customer>
*Required

Delete Billing XML Request

ElementDescription
<delete-billing>
api-key*api-key is obtained in the security keys section of the control panel settings.
customer-vault-id*Load customer details from an existing customer vault record. If set, no payment information is required during step two.
<billing>
billing-id*Specify billing id to delete.
</billing>
</delete-billing>
*Required

Add/Update/Delete Shipping XML Request

These requests can be made the by replacing the billing section with shipping

Step One
Three-Step: Recurring

Add Subscription to an Existing Plan

ElementDescription
<add-subscription>Associate payment information with a recurring plan.
api-key*api-key is obtained in the Security Keys section of the Control Panel Settings.
redirect-url*A URL on your web server that the gateway will redirect your customer to after sensitive data collection. Value is not required when sensitive data is not presented.
Example: Adding a Subscription using a Customer Vault ID.
customer-vault-idLoad customer details from an existing customer vault record. If set, no payment information is required during step two.
start-dateThe first day that the customer will be charged.
Format: YYYYMMDD
order-idOrder id.
po-numberCardholder's purchase order number.
order-descriptionOrder description.
currencySet transaction currency.
Format: ISO 4217
tax-amountThe sales tax included in the transaction amount associated with the purchase. Setting tax equal to '-1' indicates an order that is exampt from sales tax.
Default: 0.00'
Format: x.xx
shipping-amountTotal shipping amount.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<plan>
plan-id*The unique plan ID that references only this recurring plan.
</plan>
<billing>The customer's billing information
billing-idSpecify billing id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-type**The customer's ACH account type.
Values: 'checking' or 'savings'
entity-type**The customer's ACH account entity.
Values: 'personal' or 'business'
</billing>
<shipping>The customer's shipping information.
shipping-idSpecify shipping id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
</shipping>
</add-subscription>
*Always required
**Required for ACH transactions

Add Subscription to a Custom Plan

ElementDescription
<add-subscription>Associate payment information with a recurring plan.
api-key*api-key is obtained in the Security Keys section of the Control Panel Settings.
redirect-url*A URL on your web server that the gateway will redirect your customer to after sensitive data collection. Value is not required when sensitive data is not presented.
Example: Adding a Subscription using a Customer Vault ID.
customer-vault-idLoad customer details from an existing customer vault record. If set, no payment information is required during step two.
start-dateThe first day that the customer will be charged.
Format: YYYYMMDD
order-idOrder id.
po-numberCardholder's purchase order number.
order-descriptionOrder description.
currencySet transaction currency.
Format: ISO 4217
tax-amountThe sales tax included in the transaction amount associated with the purchase. Setting tax equal to '-1' indicates an order that is exampt from sales tax.
Default: '0.00'
Format: x.xx
shipping-amountTotal shipping amount.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<plan>
payments*The number of payments before the recurring plan is complete.
Notes: '0' for until canceled
amount*The plan amount to be charged each billing cycle.
Format: x.xx
day-frequency***How often, in days, to charge the customer. Cannot be set with 'month-frequency' or 'day-of-month'.
month-frequency****How often, in months, to charge the customer. Cannot be set with 'day-frequency'. Must be set with 'day-of-month'.
Values: 1 through 24
day-of-month****The day that the customer will be charged. Cannot be set with 'day-frequency'. Must be set with 'month-frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
</plan>
<billing>The customer's biling information
billing-idSpecify billing id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-type**The customer's ACH account type.
Values: 'checking' or 'savings'
entity-type**The customer's ACH account entity.
Values: 'personal' or 'business'
</billing>
<shipping>The customer's shipping information.
shipping-idSpecify shipping id. Recommended when using customer vault hybrid action. Will be ignored if no hybrid add/update-customer is done.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
</shipping>
</add-subscription>
*Always required
**Required for ACH transactions
***Required unless 'month-frequency' and 'day-of-month' is set.
****Required unless 'day-frequency' is set.

Update Subscription Information

ElementDescription
<update-subscription>Update Customer's information for a subscription.
api-key*api-key is obtained in the Security Keys section of the Control Panel Settings.
redirect-url*A URL on your web server that the gateway will redirect your customer to after sensitive data collection. Value is not required when sensitive data is not presented.
Example: Updating a Subscription using a Customer Vault ID.
subscription-id*The subscription that will be updated.
order-idOrder id.
po-numberCardholder's purchase order number.
order-descriptionOrder description.
currencySet transaction currency.
Format: ISO 4217
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<billing>The customer's billing information
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
account-type**The customer's ACH account type.
Values: 'checking' or 'savings'
entity-type**The customer's ACH account entity.
Values: 'personal' or 'business'
</billing>
<shipping>The customer's shipping information.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
</shipping>
</update-subscription>
*Always Required.
**Required for ACH subscriptions.

Step Two
Three-Step: Recurring

HTML Form Fields Request

HTML Form FieldsDescription
billing-cc-number*Credit card number.
billing-cc-exp*Credit card expiration.
Format: MMYY
billing-cvvCard security code.
billing-account-name**The name on the customer's ACH Account.
billing-account-number**The customer's bank account number.
billing-routing-number**The customer's bank routing number.
billing-account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
billing-entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
billing-micrPhysical check's Magnetic ink strip, on supported check processors. For use with 'POP' or 'ARC' sec-code.
billing-track-1***Raw magnetic stripe data, track 1.
billing-track-2***Raw magnetic stripe data, track 2.
billing-track-3***Raw magnetic stripe data, track 3.
billing-magnesafe-track-1***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-2***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-track-3***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-ksn***Raw MagTek Magensa encrypted reader data.
billing-magnesafe-magneprint-status***Raw MagTek Magensa encrypted reader data.
billing-social-security-number****Customer's social security number, checked against bad check writers database if check verification is enabled.
billing-drivers-license-number****Drivers license number, checked against bad check writers database if check verification is enabled.
billing-drivers-license-dob****Drivers license date of birth.
billing-drivers-license-state****Customer's drivers license state.
Format: CC
billing-first-nameCardholder's first name. Overwrites value if passed during step one.
billing-last-nameCardholder's last name. Overwrites value if passed during step one.
billing-address1Cardholder's billing address. Overwrites value if passed during step one.
billing-cityCard billing city. Overwrites value if passed during step one.
billing-stateCard billing state/province. Overwrites value if passed during step one.
Format: CC
billing-postalCard billing postal code. Overwrites value if passed during step one.
billing-countryCard billing country code. Overwrites value if passed during step one.
Format: CC/ISO 3166
billing-phoneBilling phone number. Overwrites value if passed during step one.
billing-emailBilling email address. Overwrites value if passed during step one.
billing-companyCardholder's company. Overwrites value if passed during step one.
billing-address2Card billing address, line 2. Overwrites value if passed during step one.
billing-faxBilling fax number. Overwrites value if passed during step one.
shipping-first-nameShipping first name. Overwrites value if passed during step one.
shipping-last-nameShipping last name. Overwrites value if passed during step one.
shipping-address1Shipping address. Overwrites value if passed during step one.
shipping-cityShipping city. Overwrites value if passed during step one.
shipping-stateShipping state/province. Overwrites value if passed during step one.
shipping-postalShipping postal code. Overwrites value if passed during step one.
shipping-countryShipping country code. Overwrites value if passed during step one.
shipping-phoneShipping phone number. Overwrites value if passed during step one.
shipping-emailShipping email address. Overwrites value if passed during step one.
shipping-companyShipping company. Overwrites value if passed during step one.
shipping-address2Shipping address, line 2. Overwrites value if passed during step one.
shipping-faxShipping fax number. Overwrites value if passed during step one.
*Required for keyed credit card transactions.
**Required for ACH transactions.
***Used for retail transactions. Variables used dependant on swipe device.
****Required for check verification.
Required for check scanning.

HTML Form Fields Response

Once the Payment Gateway has collected the customer's sensitive payment details, the customer's browser will immediately be redirected back to the redirect-url on your web server. A variable named token-id will be appended to the redirect-url in the GET query string as described below:

https://redirect-url/?token-id=[token]

Step Three
Three-Step: Recurring

Complete Action XML Request

XML ElementDescription
<complete-action>
api-key*api-key is obtained in the security keys section of the control panel settings.
token-id*Customer payment token returned during step two.
</complete-action>
*Required

Complete Action XML Response

XML ElementDescription
response
result 1=Transaction Approved
2=Transction Declined
3=Error in transaction data or system error
result-textTextual response.
result-codeNumeric mapping of processor responses. (See Appendix 3)
action-typeAction type that was initially specified.
Values: 'sale', 'auth', 'credit', 'validate', or 'offline'
subscription-idSubscription ID used or created during action.
merchant-defined-field-#Merchant specified custom fields.
Format: <merchant-defined-field-1>Value</merchant-defined-field-1>
<plan>
paymentsThe number of payments before the recurring plan is complete.
Notes: '0' for until canceled
amountThe plan amount to be charged each billing cycle.
Format: x.xx
nameThe display name of the plan.
plan-idThe plan ID that is associated with this subscription.
day-frequencyHow often, in days, to charge the customer. Cannot be set with 'month-frequency' or 'day-of-month'.
month-frequencyHow often, in months, to charge the customer. Cannot be set with 'day-frequency'. Must be set with 'day-of-month'.
Values: 1 through 24
day-of-monthThe day that the customer will be charged. Cannot be set with 'day-frequency'. Must be set with 'month-frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
</plan>
<billing>The customer's billing information.
billing-idBilling id used or created for this action.
first-nameCardholder's first name.
last-nameCardholder's last name.
address1Cardholder's billing address.
cityCard billing city.
stateCard billing state/province.
Format: CC
postalCard billing postal code.
countryCard billing country code.
Format: CC/ISO 3166
phoneBilling phone number.
emailBilling email address.
companyCardholder's company.
address2Card billing address, line 2.
faxBilling fax number.
social-security-numberCustomer's social security number
drivers-license-numberDrivers license number.
drivers-license-dobDrivers license date of birth.
drivers-license-stateCustomer's drivers license state.
Format: CC
cc-numberMasked credit card number.
Format: XXXXXX********XXXX
cc-expCredit card expiration.
Format: MMYY
account-nameThe name on the customer's bank account.
account-numberMasked bank account number.
Format: X****XXXX
routing-numberMasked bank routing number.
Format: X****XXXX
account-typeThe customer's ACH account type.
Values: 'checking' or 'savings'
entity-typeThe customer's ACH account entity.
Values: 'personal' or 'business'
priorityBilling id priority.
Format: Numeric, 1-255
</billing>
<shipping>The customer's shipping information.
shipping-idShipping id used or created during action.
first-nameShipping first name.
last-nameShipping last name.
address1Shipping address.
cityShipping city.
stateShipping state/province.
Format: CC
postalShipping postal code.
countryShipping country code.
Format: CC/ISO 3166
phoneShipping phone number.
emailShipping email address.
companyShipping company.
address2Shipping address, line 2.
faxShipping fax number.
priorityShipping id priority.
Format: Numeric, 1-255
</shipping>
</response>

Additional Operations
Three-Step: Recurring

Add Plan XML Request

ElementDescription
<add-plan>Add a recurring plan that subscriptions can be added to in the future.
api-key*api-key is obtained in the Security Keys section of the Control Panel Settings.
<plan>
payments*The number of payments before the recurring plan is complete.
Notes: '0' for until canceled
amount*The plan amount to be charged each billing cycle.
Format: x.xx
name*The display name of the plan.
plan-id*The unique plan ID that references only this recurring plan.
day-frequency**How often, in days, to charge the customer. Cannot be set with 'month-frequency' or 'day-of-month'.
month-frequency***How often, in months, to charge the customer. Cannot be set with 'day-frequency'. Must be set with 'day-of-month'.
Values: 1 through 24
day-of-month***The day that the customer will be charged. Cannot be set with 'day-frequency'. Must be set with 'month-frequency'.
Values: 1 through 31 - for months without 29, 30, or 31 days, the charge will be on the last day
</plan>
</add-plan>
*Always required
**Required unless 'month-frequency' and 'day-of-month' is set.
***Required unless 'day-frequency' is set.

Delete a Subscription

ElementDescription
<delete-subscription>Delete the subscription. Customer will no longer be charged.
api-key*api-key is obtained in the Security Keys section of the Control Panel Settings.
subscription-id*The subscription ID that will be deleted.
</delete-subscription>
*Always required

Testing Information
Three-Step

Transaction Testing Credentials

Transactions can be tested using one of two methods. First, transactions can be submitted to any merchant account that is in test mode. Keep in mind that if an account is in test mode, all valid credit cards will be approved but no charges will actually be processed.

The Payment Gateway demo account can also be used for testing at any time. Please use the following api-key for testing with this account:

api-key:2F822Rw39fx762MaV7Yy86jXGTC7sCDy

Transaction POST URL

In step one and step three, transaction details should be POST'ed using XML to the following URL:

POST URLhttps://velox.transactiongateway.com/api/v2/three-step

Test Data

Transactions can be submitted using the following information:

Visa:4111111111111111
MasterCard:5431111111111111
Discover:6011601160116611
American Express:341111111111111
Credit Card Expiration:10/25
account (ACH):123123123
routing (ACH):123123123
amount1.00 (Amounts under 1.00 generate failure).

Triggering Errors in Test Mode

  • To cause a declined message, pass an amount less than 1.00.
  • To trigger a fatal error message, pass an invalid card number.
  • To simulate an AVS match, pass 888 in the address1 field, 77777 for zip.
  • To simulate a CVV match, pass 999 in the cvv field.

Appendix 1
Three-Step

AVS Response Codes

XExact match, 9-character numeric ZIP
YExact match, 5-character numeric ZIP
DExact match, 5-character numeric ZIP
MExact match, 5-character numeric ZIP
2Exact match, 5-character numeric ZIP, customer name
6Exact match, 5-character numeric ZIP, customer name
AAddress match only
BAddress match only
3Address, customer name match only
7Address, customer name match only
W9-character numeric ZIP match only
Z5-character ZIP match only
P5-character ZIP match only
L5-character ZIP match only
15-character ZIP, customer name match only
55-character ZIP, customer name match only
NNo address or ZIP match only
CNo address or ZIP match only
4No address or ZIP or customer name match only
8No address or ZIP or customer name match only
UAddress unavailable
GNon-U.S. issuer does not participate
INon-U.S. issuer does not participate
RIssuer system unavailable
ENot a mail/phone order
SService not supported
0AVS not available
OAVS not available
BAVS not available

Appendix 2
Three-Step

CVV Response Codes

MCVV2/CVC2 match
NCVV2/CVC2 no match
PNot processed
SMerchant has indicated that CVV2/CVC2 is not present on card
UIssuer is not certified and/or has not provided Visa encryption keys

Appendix 3
Three-Step

Result Code Table

100Transaction was approved.
200Transaction was declined by processor.
201Do not honor.
202Insufficient funds.
203Over limit.
204Transaction not allowed.
220Incorrect payment information.
221No such card issuer.
222No card number on file with issuer.
223Expired card.
224Invalid expiration date.
225Invalid card security code.
240Call issuer for further information.
250Pick up card.
251Lost card.
252Stolen card.
253Fraudulent card.
260Declined with further instructions available. (See response text)
261Declined-Stop all recurring payments.
262Declined-Stop this recurring program.
263Declined-Update cardholder data available.
264Declined-Retry in a few days.
300Transaction was rejected by gateway.
400Transaction error returned by processor.
410Invalid merchant configuration.
411Merchant account is inactive.
420Communication error.
421Communication error with issuer.
430Duplicate transaction at processor.
440Processor format error.
441Invalid transaction information.
460Processor feature not available.
461Unsupported card type.

Methodology
Query

Overview

While our online reporting interface allows merchants to quickly and easily retrieve detailed information about past transactions, a need for additional flexibility may be required. For example, a merchant may have custom accounting software that requires up-to-date information about the settlement status of all credit card transactions every day.

This document describes how developers can query our reporting engine directly to retrieve transaction reports in a machine readable format. Once the data has been retrieved, it can then be parsed and imported into a variety of software applications.

Communication

The communication protocol used to send messages to the Payment Gateway is through the HTTP protocol over an SSL connection (HTTPS). The format you must use is name/value pairs delimited by ampersand.

URL:https://velox.transactiongateway.com/api/query.php
Example Query String:username=username&password=password&transaction_id=123456789

You may use either GET or POST to pass your request to the Query API. The name/value pairs that are accepted by the Payment Gateway can be found in the 'Variables' section of this API.

The Query API can be tested with live credentials or a dedicated test account only. Please contact your Merchant Service Provider for more information.

The Query API will respond in Universal Time Coordinated (UTC).

Variables
Query

Variable NameDescription(Allowed Values)[Format]
username*Merchant username.
password*Merchant password.
condition A combination of values listed below can be passed and should be separated by commas. For example, to retrieve all transactions pending settlement or complete, the following could be used:

Example: condition=pendingsettlement,complete
pending: 'Auth Only' transactions that are awaiting capture.
pendingsettlement: This transaction is awaiting settlement.
in_progress: This Three-Step Redirect API transaction has not yet been completed. The transaction condition will change to 'abandoned' if 24 hours pass with no further action.
abandoned: This Three-Step Redirect API transaction has not been completed, and has timed out.
failed: This transaction has failed.
canceled: This transaction has been voided.
complete: This transaction has settled.
unknown: An unknown error was encountered while processing this transaction.
transaction_typeRetrieves only transactions with the specified transaction type. Use one of the following to specify payment type:
cc: A credit card transaction.
ck: A check transaction.
action_type Retrieves only transactions with the specified action types. A combination of the values can be used and should be separated by commas. For example, to retrieve all transactions with credit or refund actions, use the following:

Example: action_type=refund,credit
sale: Sale transactions.
refund: Refund transactions.
credit: Credit transactions.
auth: 'Auth Only' transactions.
capture: Captured transactions.
void: Voided transactions.
return: Electronic Check (ACH) transactions that have returned before (return) or after settlement (late_return).
transaction_idSpecify a transaction ID or a comma separated list of transaction IDs to retrieve information on. Alternatively, provide a Subscription ID to retrieve processed (approved and declined) transactions associated with it.
partial_payment_idRetrieves only transactions with the specified partial payment ID.
order_idRetrieves only transactions with the specified Order ID.
last_nameRetrieves only transactions with the specified last name.
emailRetrieves only transactions with the specified billing email address.
cc_numberRetrieves only transactions with the specified credit card number. You can use either the full number or the last 4 digits of the credit card number.
merchant_defined_field_#Retrieves only transactions with the specified merchant defined field value.
Replace the '#' with a field number (1-20) (Example: merchant_defined_field_12=value)
start_dateOnly transactions that have been modified on or after this date will be retrieved. Note that any actions performed on a transaction will cause the modified date to be updated.

Format: YYYYMMDDhhmmss
end_dateOnly transactions that have been modified on or before this date will be retrieved. Note that any actions performed on a transaction will cause the modified date to be updated.

Format: YYYYMMDDhhmmss
report_type Allows customer vault information or a html receipt to be returned. If you would like to query the Customer Vault to view what customer information is stored in the Customer Vault, you must set the customer_vault variable.
If you omit the customer_vault_id, the system will return all customers that are stored in the vault. If you include a customer_vault_id, it will return the customer record associated with that ID.
Example: report_type=customer_vault&customer_vault_id=123456789
receipt: Will return an html receipt for a specified transaction id.
customer_vault: Set the Query API to return Customer Vault data.
gateway_processors: Will return Processor details a user has permissions for. Specify a "user" by querying with that username/password.
mobile_device_license Retrieves only transactions processed using the specified mobile device.
The device IDs for this parameter are available in the License Manager.
Use 'any_mobile' to retrieve all mobile transactions.
A combination of the values can be used and should be separated by commas.
Can not be used with 'mobile_device_nickname'.

Example 1: mobile_device_license=D91AC56A-4242-3131-2323-2AE4AA6DB6EB
Example 2: mobile_device_license=any_mobile
mobile_device_nickname Retrieves only transactions processed using mobile devices with the specified nickname.
The nicknames for this parameter are available in the License Manager.
Can not be used with 'mobile_device_license'.

Example (URL encoded): mobile_device_nickname=Jim's%20iPhone
customer_vault_idSet a specific Customer Vault record. Should only be used when report_type=customer_vault.

Sample Response
Query


<nm_response>
    <transaction>
        <transaction_id>2612675976</transaction_id>
        <partial_payment_id></partial_payment_id>
        <partial_payment_balance></partial_payment_balance>
        <platform_id></platform_id>
        <transaction_type>cc</transaction_type>
        <condition>complete</condition>
        <order_id>1234567890</order_id>
        <authorization_code>123456</authorization_code>
        <ponumber></ponumber>
        <order_description></order_description>
        <first_name>John</first_name>
        <last_name>Smith</last_name>
        <address_1>123 Main St</address_1>
        <address_2>Apt B</address_2>
        <company></company>
        <city>New York City</city>
        <state>NY</state>
        <postal_code>10001</postal_code>
        <country>US</country>
        <email>johnsmith@example.com</email>
        <phone>1234567890</phone>
        <fax></fax>
        <cell_phone></cell_phone>
        <customertaxid></customertaxid>
        <customerid></customerid>
        <website></website>
        <shipping_first_name></shipping_first_name>
        <shipping_last_name></shipping_last_name>
        <shipping_address_1></shipping_address_1>
        <shipping_address_2></shipping_address_2>
        <shipping_company></shipping_company>
        <shipping_city></shipping_city>
        <shipping_state></shipping_state>
        <shipping_postal_code></shipping_postal_code>
        <shipping_country></shipping_country>
        <shipping_email></shipping_email>
        <shipping_carrier></shipping_carrier>
        <tracking_number></tracking_number>
        <shipping_date></shipping_date>
        <shipping>1.00</shipping>
        <shipping_phone></shipping_phone>
        <cc_number>4xxxxxxxxxxx1111</cc_number>
        <cc_hash>f6c609e195d9d4c185dcc8ca662f0180</cc_hash>
        <cc_exp>1215</cc_exp>
        <cavv></cavv>
        <cavv_result></cavv_result>
        <xid></xid>
        <avs_response>N</avs_response>
        <csc_response>M</csc_response>
        <cardholder_auth></cardholder_auth>
        <cc_start_date></cc_start_date>
        <cc_issue_number></cc_issue_number>
        <check_account></check_account>
        <check_hash></check_hash>
        <check_aba></check_aba>
        <check_name></check_name>
        <account_holder_type></account_holder_type>
        <account_type></account_type>
        <sec_code></sec_code>
        <drivers_license_number></drivers_license_number>
        <drivers_license_state></drivers_license_state>
        <drivers_license_dob></drivers_license_dob>
        <social_security_number></social_security_number>
        <processor_id>processora</processor_id>
        <tax>1.00</tax>
        <currency>USD</currency>
        <surcharge></surcharge>
        <tip></tip>
        <card_balance></card_balance>
        <card_available_balance></card_available_balance>
        <entry_mode>Keyed</entry_mode>
                <cc_bin>411111</cc_bin>
        <product>
            <sku>RS-100</sku>
            <quantity>1.0000</quantity>
            <description>Red Shirt</description>
            <amount>10.0000</amount>
        </product>
        <action>
            <amount>11.00</amount>
            <action_type>sale</action_type>
            <date>20150312215205</date>
            <success>1</success>
            <ip_address>1.1.1.1</ip_address>
            <source>virtual_terminal</source>
            <username>demo</username>
            <response_text>SUCCESS</response_text>
            <batch_id>0</batch_id>
            <processor_batch_id></processor_batch_id>
            <response_code>100</response_code>
            <processor_response_text>NO MATCH</processor_response_text>
            <processor_response_code>00</processor_response_code>
            <requested_amount>11.00</requested_amount>
            <device_license_number></device_license_number>
            <device_nickname></device_nickname>
        </action>
        <action>
            <amount>11.00</amount>
            <action_type>level3</action_type>
            <date>20150312215205</date>
            <success>1</success>
            <ip_address>1.1.1.1</ip_address>
            <source>virtual_terminal</source>
            <username>demo</username>
            <response_text></response_text>
            <batch_id>0</batch_id>
            <processor_batch_id></processor_batch_id>
            <response_code>100</response_code>
            <processor_response_text></processor_response_text>
            <processor_response_code></processor_response_code>
            <device_license_number></device_license_number>
            <device_nickname></device_nickname>
        </action>
        <action>
            <amount>11.00</amount>
            <action_type>settle</action_type>
            <date>20150313171503</date>
            <success>1</success>
            <ip_address></ip_address>
            <source>internal</source>
            <username></username>
            <response_text>ACCEPTED</response_text>
            <batch_id>76158269</batch_id>
            <processor_batch_id>782</processor_batch_id>
            <response_code>100</response_code>
            <processor_response_text></processor_response_text>
            <processor_response_code>0000000000021980</processor_response_code>
            <device_license_number></device_license_number>
            <device_nickname></device_nickname>
        </action>
    </transaction>
</nm_response>

Methodology
QuickClick

Button Types

  • Shopping Cart Button: Will connect products built with this button type so customers can add several products to the cart system. Also supports Recurring Billing.
  • Fixed Price Button: Does not connect to the 'Shopping Cart' system and will only process one item at a time.
  • Donation/Payment Button: Allows the customer to enter an amount and checkout.

Adding Buttons to Your Site

HTML

QuickClick buttons can be added to your website using an HTML form. This form can be created using our Button Generator or using the values found in the 'Variables' section. The form should use the "POST" method and the action should be https://velox.transactiongateway.com/cart/cart.php.

Link Alternative

Some websites do not allow for entry of HTML, and can sometimes act finicky. If this is the case with your website, you have the option of using the Link Alternative which can be pasted on your website as a link. The only way to create this link is by using the Button Generator.

Please note that use of this link will nullify any shopping cart product options or text input (amount) fields as these options appear alongside the HTML button.

IFrame Support

Please note that QuickClick is NOT supported via iframes as there are documented browser bugs (notably in Safari) that do not allow the user to view QuickClick due to Safari's documented blocking of third party cookies.

Customization
QuickClick

You will need to have the Administrative Options permission set in order to access QuickClick settings. These can be found by clicking on the QuickClick link under Settings(the link, not in Integration).

Look and Feel

Choose a Profile

In order to choose a pre-existing profile, select 'Make Default' to the right of the profile name. If there is no 'Make Default' link, the profile is already set.

Add New Profile

  1. Name the profile (no spaces).
  2. Choose the colors of the Text, Form fields, Form Headers, Required Fields/Errors, and Background. If you do not see the HEX value desired, you can input any web friendly HEX value into the fields provided.
  3. Enter in one of the following: a Direct Link to an image file (ex: http://www.mywebsite.com/images/logo.png) or a direct link to an HTML/PHP file that contains a header with the same look of the Merchant Website. (ex: http://www.mywebsite.com/header.html)
  4. Within Header Text, you can paste a style sheet HTML string like so: <link rel="stylesheet" href="http://www.mywebsite.com/css/style.css" /> and QuickClick will use that style sheet to make the form look like forms on the Merchant website.
  5. You may use a Footer file as well to round out the page, but do NOT enter the same style sheet link into the footer text field.
  6. Click Save. This will bring you back to the Look and Feel page, and you will see your new profile in the list. To make it active, click 'Make Default'.

Customer Information

While field names can not be altered, fields that are not required can be hidden if not needed. Here, you will see a list of all available QuickClick fields.

  • It is recommended to choose 'Required' for the Card Security Code.
  • You may choose Hidden' for any other fields not wanted/needed.
  • If you have created any Merchant Defined Fields and want them visible on the Form, please make them 'Optional' or 'Required' at the bottom of the list as they are Hidden by default.
  • Click 'Save' at the bottom of the page when you are done.

Payment Methods

This is where you can decide which payment methods (Credit Card, Electronic Check) will be accepted by QuickClick.

Security

QuickClick 'Verification' involves a hashing so that malicious users are unable to alter the button HTML. This can be turned on and off using this interface. If you do not wish to use Verification you must uncheck 'Require that all values be verified using a security key'. This will associate your Buttons with your GATEWAY USERNAME.

Please advise that buttons can become void if a username is ever deleted from the Gateway. Using Verification eliminates this possibility.

QuickClick also has the option of requiring your customers to enter a CAPTCHA entry in order to process. This makes it more difficult for fraudsters to use your button for fraud using a bot or brute force tool. This can be disabled and enabled using this interface.

Tax

In order to set tax, choose the State from the drop-down, and enter the percentage Tax Rate in the field to the right. When you click 'Save', QuickClick will automatically calculate Tax based on the State entered into the Billing Address form when checking out. Tax will NOT appear until this occurs. This setting is specific to the Shopping Cart Button and does not apply to Fixed Price or Donation Buttons.

Shipping

Rather than charging shipping on a 'per item basis' most merchants prefer to use the Shipping threshold module. The threshold is based off of dollar amount. For example, the very first threshold should be below the lowest priced item -- it's suggested to use .01 as the first threshold, and then set both the domestic and international rate. It is not possible to exclude the International field from this threshold.

For example: if you want to offer free shipping on purchases over $100.00, enter shipping threshold as such:

ThresholdDomesticInternational
100.000.000.00

You can also choose specific shipping types and mark them up by percentages (including 0% if necessary). For example, if 'Ground' is checked, and a 15% markup entered, QuickClick will use the Threshold table and add 15% to the total Shipping dependent on the total amount in the cart. As an example:

Shipping Threshold is 50.00 @ 15.00 Domestic. If I, as the customer, buy 53.00 of product and choose Ground Shipping, my total shipping cost will now be $17.25.

Convenience Fee/Surcharging Configuration

The Gateway supports a Convenience Fee/Surcharge feature which can be used with QuickClick. To change these settings, please navigate to 'Settings'->'Convenience Fee/Surcharging Configuration' and activate the option, set the fixed and percentages and the Default Type and click 'Save'.

Once those are saved, the Default Surcharge Type for QuickClick can be set.

Button Generator Fields
QuickClick

Shopping Cart Button

Product Information

  • Item Description: This is the description a customer will see in their Cart. A detailed, but not lengthy, description of the item should be typed here.
  • Item ID (SKU): This is the SKU or Unique ID for that product. This can also be a SKU associated with a Recurring Plan. If this isn't a recurring charge, do not enter a Plan SKU in this field.
  • Item Price: Enter the price of the item in this field without including any currency symbols. (ex: 10.00)
  • Shopping Cart Language: There is the option of having the cart display in English or Spanish. Choose accordingly.
  • 'Quantity' checkbox: This option is a little unclear. If you check this box, a field will display on the Merchant's website. If you do not, the customer will be able to change the quantity when on the cart page.

URLs

  • Cancel URL: Enter a Fully Qualified URL to direct customers to should they wish to empty their cart and exit the system. (ex: http://www.mywebsite.com/cancel-purchase).
  • Continue URL: Enter a Fully Qualified URL to direct customers back to the merchant's website to add more product. Typically merchants prefer this link to be that of their shop page. (ex: http://www.mywebsite.com/shop)
  • Finish URL: Enter a Fully Qualified URL to send customers to after they've successfully checked out. Typically merchants prefer a thank you page. (ex: http://www.mywebsite.com/thank-you) or something similar.

Shipping Amount

  • If you want to charge shipping on a PER ITEM basis, use this field. If not, leave it blank. This field will not accept a 0.00 entry.

Product Options

You are not required to use these, but they are helpful if the product has variations or special features. These fields appear alongside the button itself, and NOT within the actual cart system.

An example of the use of these fields would be sizes (Small, Medium, Large, etc.) and/or colors (Blue, Red, Yellow, etc.). Some developers even use these to customize monogrammed items. Here is an example of both:

  • Size Variation
    • Option Name: Size
    • Field Type: Dropdown Menu
    • Option Choices: (Enter each option and hit 'enter' after, so they are stacked.)
      • Small
      • Medium
      • Large
  • Text Entry Option
    • Option Name: Custom Monogram
    • Field Type: Text Entry
    • Option Choices: *Leave Blank*

Key Verification

It is strongly recommended that you always select a key and not 'No Verification'. This protects the button HTML and prohibits malicious users from altering the code.

Fixed Price Button

Product Information

  • Item Description: This is the description a customer will see in their Cart. A detailed, but not lengthy, description of the item should be typed here.
  • Item Price: Enter the price of the item in this field without including any currency symbols. (ex: 10.00)
  • Shopping Cart Language: There is the option of having the cart display in English or Spanish. Choose accordingly.

URLs

  • Finish URL: Enter a Fully Qualified URL to send customers to after they've successfully checked out. Typically merchants prefer a thank you page. (ex: http://www.mywebsite.com/thank-you) or something similar.

Key Verification

It is strongly recommended that you always select a key and not 'No Verification'. This protects the button HTML and prohibits malicious users from altering the code.

Note: This button does not support shipping and/or tax options.

Donation Button

Product Information

  • Item Description: This is the description a customer will see in their Cart. A detailed, but not lengthy, description of the item should be typed here.
  • Shopping Cart Language: There is the option of having the cart display in English or Spanish. Choose accordingly.

URLs

  • Finish URL: Enter a Fully Qualified URL to send customers to after they've successfully checked out. Typically merchants prefer a thank you page. (ex: http://www.mywebsite.com/thank-you) or something similar.

Key Verification

It is strongly recommended that you always select a key and not 'No Verification'. This protects the button HTML and prohibits malicious users from altering the code.

Note: This button can also be used for Bill Pay. Once the button has been generated, you can change the button text from 'Donate' to 'Pay Now' or your desired text by altering this line of code:

<input type="submit" name="submit" value="Donate" />

Variables
QuickClick

All Buttons

NameValue: Description
actionshow_cart: Displays the customer's shopping cart.
process_cart: Adds one or more products to the customer's cart.
process_variable: This processes a variable amount transaction. During the checkout process, the cardholder is given the ability to specify the amount. This is useful for donations.
process_fixed: This processes a fixed amount, single item transaction. This is basically a "Buy Now" type transaction. The customer is not able to specify an amount during checkout.
usernameSpecifies a merchant username. Either this or a key_id is required. Using a key_id method is the preferred.
key_idSpecifies a development key id. Either this or username is required, this method is preferred.
hash The hash field is used to pass a verification hash. By using a verification hash, you can ensure that no one will be able to pass an unauthorized price, SKU, shipping price, or tax information.
product_taxable_# Controls whether the product will be affected by the tax rates configured in your QuickClick tax options. Set this to '0' or 'false' to ensure that a customer doesn't get charged taxes on a product/service. The default is true.'
order_descriptionSpecifies a description for the product.
currency Applies to USD and CAD currencies only. The currency is included with the hash, so it will need to be hashed outside of the button generator, or hashing will need to be turned off.
languageSpecifies the language to be used for the cart and checkout webpages. Current valid values are 'en' for English and 'es' for Spanish.
url_finish Specifies a page that the customer should be sent to after finishing their order. This page will receive several pieces of information concerning the completed order. If you have some programming knowledge, you can have your page process and store this information. The information can be useful for order fulfillment, amongst other things. Please ensure URLs are fully qualified (example: http://www.example.com).
return_linkUsed in place of url_finish in order to skip the QuickClick receipt page. Value should be the url to your own receipt/thank you page.
return_methodUsed to skip the QuickClick receipt page. Value should equal "redirect"
profileSpecify the profile the button should use.
customer_receiptSpecifies whether to email the customer a receipt after their transaction is complete. If multiple customer email receipts exist, the name of the desired receipt can be passed as the value, otherwise 'true' should be passed.
merchant_receipt_email Specifies a list of email addresses to send merchant receipts to. Our system will send merchant receipts to all of the specified recipients in addition to any users that are configured to receive transaction receipts in the Merchant Control Panel. If there are multiple recipients, separate them with a comma. You can also set this to 'false' if you do not want any merchant receipts to be send.
merchant_defined_field_# A merchant defined field can be used to pass any type of information you'd like. For example, if you wish the user to specify their mother's maiden name, you could use a merchant defined field. This information shows up in reports and customer/merchant receipts. The # can be any number 1-20. Descriptions for the merchant defined fields can be set within the Merchant Control Panel's 'Gateway Options'.
shipping_same Indicates whether the shipping information is the same as the billing information. The default setting is 1 (true). Set this to 0 to always ask the customer for separate shipping information. If you plan on passing other shipping_ parameters (i.e. shipping_first_name), ensure that you set this to 0. For additional options regarding the Shipping Address, examine the QuickClick Customer Information Options in your Merchant Control Panel.
first_nameThe customer's first name.
last_nameThe customer's last name.
address_1The first part of the customer's street address.
address_2The second part of the customer's street address.
cityThe customer's city.
companyA company name.
postal_codeThe customer's postal (zip) code.
state If they're in the US, this should be the customer's 2 letter state code. Otherwise, this can be used to pass a province or region.
countryThe customer's 2 letter country code.
phoneThe customer's phone number.
faxThe customer's fax number.
websiteThe customer's website address.
emailThe customer's email address.
shipping_first_nameThe receiver's first name.
shipping_last_nameThe receiver's last name.
shipping_address_1The first part of the receiver's street address.
shipping_address_2The second part of the receiver's street address.
shipping_cityThe receiver's city.
shipping_companyA receiving company name.
shipping_postal_codeThe receiver's postal (zip) code.
shipping_state If they're in the US, this should be the receiver's 2 letter state code. Otherwise, this can be used to pass a province or region.
shipping_countryThe receiver's 2 letter country code.
shipping_emailThe receiver's email address.

Fixed/Donation Buttons Only

amountSpecifies the amount, in US dollars. This is used only for fixed and variable price buttons.

Shopping Cart Buttons Only

product_description_#Specifies a description for the given product.
product_sku_#Specifies a SKU for a given product to uniquely identify it.
product_quantity_#Specifies the quantity for a given product number. If this parameter isn't passed, '1' is assumed.
product_amount_#Specifies the amount, in US dollars, for the given product.
product_option_#_#

Product options can allow your customers to make some additional choices before adding a product to their cart. For example, if you're selling a T-Shirt, you may want to allow the customer to define a size (Small, Medium, or Large) before adding the product to their cart. Up to 3 product options can be defined for a single product. The first number field is the product option number, and the last number field is the product number. For product #1, the product option field names would follow this form:

product_option_1_1 (option #1, product #1)
product_option_2_1 (option #2, product #1)
product_option_3_1 (option #3, product #1)

Ultimately, any option values passed in are appended to the product description. This can be very useful when fulfilling orders. If your T-Shirt was defined to have a color option and a size option, the resulting description might look like this:

T-Shirt (Red) (Large) The value can be anything you want, and you can utilize any form elements to pass it in (i.e. text, a dropdown, or radio buttons). Also note that our Button Creator is able to generate buttons with product options.

product_option_values_#_# The product_option_values field can be used for two main purposes:
  • Unless the product_option_values field is used, a customer would technically be able to pass any option values they want. For most merchants, this is not of great concern, but if this is a concern for you, the product_option_values field can be used to restrict which options can be passed in. Setting a product_option_values field to "Red|Green", for example, would only allow Red or Green to be passed in as options for a particular product. In this case, passing anything else would generate an error.
  • The product_option_values field can also be used to create an option that increases the price of an item. For example, a large T-Shirt may cost slightly more than a smaller T-Shirt. Setting a product_option_values field to "Small|Medium:1.00|Large:2.00" would ensure that medium shirts would be charged $1.00 more than the product's amount, large shirts would be charged $2.00 more than the product's amount, and that small shirts would not be charged extra at all.
The product_option_values field's naming convention is very similar to that of the product_option field.

The first number field is the product option number, and the last number field is the product number. For product #1, the product option field names would follow this form:

product_option_values_1_1 (option #1, product #1)
product_option_values_2_1 (option #2, product #1)
product_option_values_3_1 (option #3, product #1)
product_shipping_#

Specifies a set of shipping overrides for a particular product. This field allows you override shipping prices on a per-product and per-country basis. The shipping parameter overrides any settings configured in the Merchant Control Panel QuickClick Options.

Examples
fixed|10.00Charge $10.00 per item for shipping.
fixed|10.00|5.00Charge $10.00 for the first item, and $5.00 for each additional item.
fixed|10.00|5.00|country:CA|15.00|10.00
  • When shipped within Canada, charge $15.00 for the first item, and $10.00 for each additional item.
  • When shipped elsewhere, charge $10.00 for the first item, and $5.00 for each additional item.
url_continueSpecifies a page that the customer should be sent to when they wish to continue shopping. This only applies to shopping cart buttons. Please ensure URLs are fully qualified (example: http://www.example.com).
url_cancelSpecifies a page that the customer should be sent to after they cancel their order. This only applies to shopping cart buttons. Please ensure URLs are fully qualified (example: http://www.example.com).
checkout When set to true, the shopping cart page is skipped and the customer is sent immediately to the customer information screen or directly to checkout. This is useful if you need to pass SKUs, but still want a 'Buy Now' feel to the checkout process.

Testing Information
QuickClick

Transaction testing credentials

Transactions can be tested using one of two methods. First, transactions can be submitted to any merchant account that is in test mode. Keep in mind that if an account is in test mode, all valid credit cards will be approved but no charges will actually be processed.

The Payment Gateway demo account can also be used for testing at any time. Please use the following key id or username for testing with this account:

key_id:3785894
username:demo

Transaction POST URL

Transaction details should be POST'ed to the following URL:

POST URL:https://velox.transactiongateway.com/cart/cart.php

Test Data

Transactions can be submitted using the following information:

Visa:4111111111111111
MasterCard:5431111111111111
Discover:6011601160116611
American Express:341111111111111
Credit Card Expiration:10/25
account (ACH):123123123
routing (ACH):123123123

Triggering Errors in Test Mode

  • To cause a declined message, pass an amount less than 1.00.
  • To trigger a fatal error message, pass an invalid card number.
  • To simulate an AVS match, pass 888 in the address1 field, 77777 for zip.
  • To simulate a CVV match, pass 999 in the cvv field.

Example Response
QuickClick

QuickClick buttons will return a response to the 'Finish URL' using a query string which can be read in using GET. Here are the variables that will be passed back:

Response Variables

  • type
  • response
  • responsetext
  • authcode
  • avsresponse
  • transactionid
  • orderid
  • amount
  • cvvresponse
  • first_name
  • last_name
  • address_1
  • address_2
  • company
  • city
  • state
  • country
  • phone
  • postal_code
  • email
  • ip_address
  • key_id
  • action
  • product_sku_#
  • product_description_#
  • product_amount_#
  • product_shipping_#
  • url_continue
  • url_cancel
  • url_finish
  • customer_receipt
  • hash
  • referrer_url
  • merchant_defined_field_#

Finish Methods
QuickClick

Below are some examples of alternative redirect methods available when using QuickClick HTML. This functionality is not available by default through the button generator and must be added after the fact. Enhanced functionality is not available on Link Alternative URLs.

All URLs provided must be fully qualified (Example: http://www.example.com)

No Return/Redirect:

If no redirection is wanted after the transaction a receipt is displayed, leave the 'Finish URL' field blank in the Button Generator or exclude url_finish variable from button HTML.

Standard Return/Redirect:

This displays a receipt to the customer and asks them to click 'Continue' to finalize the order.

When the customer clicks on continue, the non-sensitive transaction response data is returned via GET to the page included. This allows the Merchant's website to record a SUCCESSFUL transaction in cases where a programmer has built logic to read our response.

In the button generator, enter a fully qualified URL in the 'Finish URL' field or include url_finish variable within the button HTML.

Example:

<input type="hidden" name="url_finish" value="http://www.example.com/finish.html" />
        

POST Back with No Data:

This displays a receipt to the customer and asks them to click Continue to finalize the order. When the customer clicks on continue, they are sent to the page included but the transaction data is not posted back to that page.

Useful if a return to the website is needed, but the site is not recording the transaction data. Not available through the button generator or link alternative. Code must be customized.

Example:

<input type="hidden" name="return_link" value="http://www.example.com/finish.html" />
<input type="hidden" name="return_method" value="post" />
        

Skip the Gateway Receipt page:

This skips our receipt page and automatically redirects the consumer to the return link URL automatically without clicking Continue to finalize the order. The transaction data is posted back to the website as normal.

Quickclick will not display success to the customer, so the page must be built/programmed to tell the customer that the charge went through. To use this method, do not include the 'url_finish' variable within your HTML.

Example:

<input type="hidden" name="return_link" value="http://www.example.com/finish.html" />
<input type="hidden" name="return_method" value="redirect" />
        

Methodology
Mobile SDK

Overview

There are two parts to the Mobile SDK, the end-to-end encryption method and the swipe device library.

End-to-End Encryption

The end-to-end encryption library allows credit card data to be encrypted on a mobile device before sending it to the Merchant's back-end server. During the sale process, the Merchant's server can send the encrypted card data to the Payment Gateway, where it is decrypted and treated like a normal credit card. This gives the merchant more control of mobile transactions without having to increase compliance costs.

The merchant's encryption key is an RSA public key that is unique to them. This means that the encrypted credit card data will only be able to be used to make a transaction in that merchant's payment gateway account. Only the Payment Gateway has access to the private key that corresponds to this public key.

Card data is encrypted using AES encryption with a new randomly generated key for every card. This key is then encrypted with the public key along with the card data. This packet (the encrypted card and AES key) is unreadable to anybody without the private key which is only known to the Payment Gateway.

Note: The public key cannot be used to decrypt an encrypted card. Once encrypted, the card is unusable except by the Gateway when it processes the payment for the merchant. For this reason, there is no need to keep the public key a secret.

Swipe Device Library

This library supports the encrypted card readers supported by the payment gateway. This includes parsing the data and notifying you when a card reader is connected, disconnected, ready to receive a swipe, etc.

Using the Library
Mobile SDK: Android

Creating a Project

The fastest way to get started is to check out the Client Encryption Example project that can be downloaded from the downloads section. Or if you prefer to create your own project, use these steps:

    These directions are specific to Android Studio.
  1. Download and extract the zip file from the integration section of the Payment Gateway.
  2. In Android Studio's Quick Start menu, select 'Start a new Android Studio project'.
  3. Add SDK to project
    1. In the Project view(Alt + F1), select Project in the drop down menu instead of Android on top of the side-bar.
    2. Copy and paste the SDK into the libs folder underneath app.
  4. Modify gradle build file.
    1. Open build.gradle file located in the app directory.
    2. Add the following code snippet:
      repositories {
          flatDir {
              dirs 'libs'
          }
      }
    3. In the dependencies section, add this code(replace {applicationId} with the applicationId in your default config):
      compile '{applicationId}:payment:gateway@aar'

Network Usage Note

You may notice the library attempting to connect to IDTECH's website to download a file. Since the audio jack capabilities of different Android devices vary, the IDTECH Shuttle's library uses different communication settings for each supported device. IDTECH frequently updates a list of the supported devices and the communication settings for each which the library may attempt to download from IDTECH. Internet permission is required.

End-to-End Encryption
Mobile SDK: Android

Acquiring a Public Key

  1. After logging into the Payment Gateway, navigate to Settings -> Security Keys -> View Mobile SDK Key. You can click on the Java example button to get a version that can easily be copied and pasted into your project.

  2. Use the Query API. In order to get the public key, you will need to use 'report_type=sdk_key'. The key will be returned in the <sdk_key> tag.

Encrypting a Card

The following is an example of the entire encryption process:

import com.SafeWebServices.PaymentGateway.PGEncrypt;

PGEncrypt pg = new PGEncrypt();
Pg. setKey(
    "***999|MIIEEjCCA3ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBvTELMAkGA1UEBh"
    "MCVVMxETAPBgNVBAgTCElsbGlub2lzMRMwEQYDVQQHEwpTY2hhdW1idXJnMRgwFg"
                    [Several lines omitted]
    "cNAQEEBQADgYEAKY8xYc91ESNeXZYTVxEsFA9twZDpRjSKShDCcbutgPlC0XcHUt"
    "a2MfFPsdgQoq0I8y1nEn1qJiOuEG1t9Uwux4GAvAPzsWSsKyKQkZhqxrxkJUB39K"
    "Pg57pPytfJnlQTgYiSrycCEVHdDvhk92X7K2cab3aVV1+j0rKlR/Sy6b4=***");


PGKeyedCard cardData = new PGKeyedCard(cardNumber, expiration, cvv);
Boolean includeCVV = true;
String encryptedCardData = pg.encrypt(cardData, includeCVV);

In this example, 'encryptedCardData' would now contain a string that can be passed to the Payment Gateway in place of credit card information. The parameter name to use when passing this value is 'encrypted_payment'.

For example, a simple DirectPost API string would look something like this:

(This example assumes your Merchant server is running a PHP script that has received the encrypted card data through a POST parameter called 'cardData'.)


//Business logic, validation, etc.  When ready to process the payment...
$cardData = $_POST['cardData'];
$postString = "username=demo&password=1234&type=sale&amount=1.00&encrypted_payment=$cardData";

//Post to Gateway            

We suggest using POST instead of GET to reduce the possibility of the data being kept in a log file. For more information on how to communicate with the Payment Gateway, see the API documentation.

Swipe Devices
Mobile SDK: Android

Permissions

You will need to grant the application multiple permissions in order to use a swipe device. This can be done by modifying the manifest file by adding:

<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.INTERNET" />

In the class that intends to handle swipe events, add a PGSwipeController property called swipeController, and then in your init function, initialize the object with this line:

//This example is for the iPS Encrypted Mobile Card ReaderswipeController = new PGSwipeController(this, PGSwipeDevice.SwipeDevice.IPS);

If you want to change the default settings, you can change them now. Here are some examples:

swipeController.getDevice().setSwipeTimeout(30);
swipeController.getDevice().setAlwaysAcceptSwipe(false);
swipeController.getDevice().setActivateReaderOnConnect(false);

Your class will have to implement the PGSwipeListener protocol. If you are only interested in knowing when a card is swiped, you can safely leave every other event handler empty, as shown here (or add your own code to, for example, display an image indicating that the swipe reader is ready for a swipe). In this example, when the swipe is received, the card data is saved in a property (swipedCard) for eventual transmission to the Gateway (not shown), and two TextView variables (cardNumberField and expirationField) are set to show the masked card number and expiration date. If a bad swipe occurs, onSwipedCard is still called, but "card" will be null.

@Override
public void onDeviceConnected(final PGSwipeDevice device)
{
}
@Override
Public void onDeviceDisconnected(final PGSwipeDevice device)
{
}

@Override
public void onDeviceActivationFinished(final PGSwipeDevice device)
{
}
@Override
public void onDeviceDeactivated(final PGSwipeDevice device)
{
}
@Override
public void onDeviceReadyForSwipe(final PGSwipeDevice device)
{
}
@Override
public void onDeviceUnreadyForSwipe(final PGSwipeDevice device,
    PGSwipeDevice.ReasonUnreadyForSwipe reason)
{
}
@Override
public void onSwipedCard(final PGSwipedCard card, final PGSwipeDevice device)
{
    if (card != null) {
      this.runOnUiThread(new Runnable() {
      public void run() {
          TextView cardNumberField = (TextView)findViewById(R.id.cardNumber);
        cardNumberField.setText((CharSequence)card.getMaskedCardNumber());
        }
      }
    } else {
        //A null card means that there was a swipe but it was unsuccessful.    }
}

Classes Overview
Mobile SDK: Android

PGEncrypt

The PGEncrypt class contains all necessary to encrypt data to be sent to the payment gateway. Merchants wanting to send transaction data to their servers before processing the transaction will want to use this method in order to prevent their server from touching sensitive data.

  • void setKey(String key)

    This method takes in the public key and sets it to be used with the encrypt method.

  • String encrypt(String plaintext)

    This method accepts a string to be encrypted. Although any string can be passed, the Payment Gateway will only pull fields related to credit cards from the encrypted text.

  • String encrypt(PGCard card, boolean includeCVV)

    This is the preferred way of getting the encrypted card data. It will format and encrypt the card data for you to pass on to the gateway.

PGSwipeDevice

This class represents the functionality that is common to the swipe reader devices. A PGSwipeDevice object is passed along with every even generated by the devices in order to identify the device type and access device-specific features by casting it to the specific swipe device.

  • enum ReasonUnreadyForSwipe {DISCONNECTED, TIMED_OUT, CANCELED, REFRESHING, SWIPE_DONE }

    Used to explain why the device can no longer accept a swipe.

  • enum SwipeDevice { UNIMAG, IPS, ENTERPRISE }

    Used to identify the type of device being used.

  • boolean getIsConneced()

    Returns true if the swipe device is connected.

  • boolean getIsActivated()

    Returns true if the swipe device is activated.

  • boolean getIsReadyForSwipe()

    Returns true if the swipe device is ready.

  • SwipeDevice getDeviceType()

    Returns the current device type.

  • void setListener(SwipeListener value)

    Sets the event listener.

  • boolean setSwipeTimeout(int seconds)

    Sets the timeout interval for the swipe device.

  • void setAlwaysAcceptSwipe(boolean alwaysAcceptSwipe)

    True by default, if this is set to false, a swipe must be requested once the device is ready.

  • void setActivateReaderOnConnect(boolean activateReaderOnConnect)

    True by default, if this is to false, the device must be activated before it can be used.

  • boolean requestSwipe()

    Notifies the reader to start waiting for a swipe. The device must be active before this can be called.

  • void cancelSwipeRequest()

    Cancels a swipe request.

  • void stopSwipeController()

    Cancels the current swipe request, unregisters the swipe device, and frees resources. Will not receive any information from the device until it is resumed.

  • void restartSwipeController()

    Registers the swipe device. Should only be called after calling stopSwipeController()

  • String getDefaultMsg()

    Returns the default message for the current device state.

PGSwipeEnterprise extends PGSwipeDevice

This class handles communications with the iPS Enterprise Encrypted Mobile Card Reader.

  • void InitializeReader(Context ctx)

    This class is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeEnterprise instance to interact with the iPS Enterprise device.

PGSwipeIPS extends PGSwipeDevice

This class handles communications with the iPS Encrypted Mobile Card Reader.

  • void InitializeReader(Context ctx)

    This class is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeIPS instance to interact with the IPS device.

PGSwipeUniMag extends PGSwipeDevice

This class handles communication with the IDTECH Unimag device.

  • void InitializeReader(Context ctw)

    This class is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create an instance of PGSwipeUniMag to interact with the Shuttle device.

  • void updateCompatableDeviceList()

    The UNIMAG device uses an xml compatibility list that consists of specific device settings that are unique to every device. This function should be called to handle new devices.

PGCard

This is a simple base class for the different types of cards that can be used. There is no reason to ever explicitly declare this.

  • void setCVV(String CVV)

    Sets the CVV for the credit card data.

  • String getCVV()

    Returns the CVV for the card.

  • String getDirectPostString(boolean includeCVV)

    Returns a query string consisting of the card data that can be passed to the Payment Gateway through the Direct Post API.

PGKeyedCard extends PGCard

This class should be used when accepting credit card information from a keyboard.

  • PGKeyedCard(String ccnumber, String expiration, String cvv)

    The standard constructor for this class. It should be used most of the time.

  • PGKeyedCard(String ccnumber, String expiration, String cvv, String startDate, String issueNum)

    This constructor accepts two more values that would be used for Maestro cards.

  • void setCardNumber(String value)

    Sets the card number to be used for the current card.

  • void setExpirationDate(String value)

    Sets the expiration date to be used for the current card.

  • void setCardStartDate(String value)

    Sets the start date for the current card.

  • void setCardIssueNumber(String value)

    Sets the issue number for the current card.

  • String getCardNumber()

    Returns the current card number.

  • String getExpirationDate()

    Returns the current expiration date.

  • String getCardStartDate()

    Returns the current start date.

  • String getCardIssueNumber()

    Returns the current issue number.

PGSwipedCard extends PGCard

This class should only be used along with an unencrypted swipe device.

  • PGSwipedCard(String track1, String track2, String track3, String cvv)

    The constructor that sets the card data accordingly.

  • void setTrack1(String value)

    Sets track1 for the current card.

  • void setTrack2(String value)

    Sets track2 for the current card.

  • void setTrack3(String value)

    Sets track3 for the current card.

  • void setMaskedCardNumber(String value)

    Sets the masked card number for the current card.

  • void setCardholderName(String value)

    Sets the name on the current card.

  • void setExpirationDate(String value)

    Sets the expiration date for the current card.

  • String getTrack1()

    Returns the track1 data.

  • String getTrack2()

    Returns the track2 data.

  • String getTrack3()

    Returns the track3 data.

  • String getMaskedCardNumber()

    Returns the masked card number. This should be used when trying to display card information to the user.

  • String getCardholderName()

    Returns the name on the card.

  • String getExpirationDate()

    Returns the expiration date.

PGEncryptedSwipedCard extends PGSwipedCard

This class should be used for all encrypted swipe devices.

  • PGEncryptedSwipedCard(String track1, String track2, String track3, String ksn, String cvv)

    The constructor accepts all class variables.

  • void setKsn(String value)

    Sets the KSN that is used to decrypt the card information at the gateway.

  • String getKsn()

    Returns the KSN.

PGSwipeController

The PGSwipeController class is used to maintain the swipe device.

  • PGSwipeController(Object source, PGSwipeDevice.SwipeDevice deviceType)

    This constructor sets the type of device to be used and initializes it.

  • PGSwipeController(SwipeListener listener, Context ctx, PGSwipeDevice.SwipeDevice deviceType)

    This constructor can be used if the activity can not be passed. It also sets the type of device to be used and initializes it.

  • PGSwipeDevice getDevice()

    Returns the device that is currently initialized. Only one should be initialized at a time.

  • PGSwipeEnterprise getEnterprise()

    Can be used instead of getDevice, will produce the same result as long as an IPS Enterprise device is being used.

  • PGSwipeIPS getIPS()

    Can be used instead of getDevice, will produce the same result as long as an IPS device is being used.

  • PGSwipeUniMag getUnimag()

    Can be used instead of getDevice, will produce the same result as long as a UNIMAG device is being used.

PGSwipeController.SwipeListener

This interface must be implemented in order to receive events from the card readers

  • void onSwipedCard(PGSwipedCard card, PGSwipeDevice swipeDevice)

    Method called when a card is swiped. It accepts the card data and the device used.

  • void onDeviceReadyForSwipe(PGSwipeDevice swipeDevice)

    Called when the device is ready to read a swipe.

  • void onDeviceUnreadyForSwipe(PGSwipeDevice swipeDevice, PGSwipeDevice.ReasonUnreadyForSwipe reason)

    Is called when the device can no longer read a card. It is passed the device and the reason it can no longer accept a swipe.

  • void onDeviceConnected(PGSwipeDevice swipeDevice)

    This method is called when the swipe device is connected.

  • void onDeviceDisconnected(PGSwipeDevice swipeDevice)

    This method is called when the swipe device is unplugged from the android device.

  • void onDeviceActivationFinished(PGSwipeDevice swipeDevice)

    This method is called when a swipe can be requested.

  • void onDeviceDeactivated(PGSwipeDevice swipeDevice)

    This method is called when the device is stopped. Once this is called, the device has to be restarted to function again.

Using the Library
Mobile SDK: iOS

Creating a Project

The fastest way to get started is to check out the PaymentGatewayEncryptionExample and PaymentGatewaySwipeExample projects that can be downloaded from the Payment Gateway's Integration section. If you prefer to create your own project instead, use these steps (current as of Xcode 6.0):

  1. Download the Mobile SDK .zip file from the Integration Portal by using the "Downloads" link under the Mobile SDK section. This file contains both the iOS and Android libraries.
  2. Create a new Xcode Project.
  3. Add PGMobileSDK.a and PGMobileSDK directory containing the headers to your project. These are found in the .zip file under Apple iOS -> Payment Gateway SDK.
  4. Under the project's Build Phases settings, add these libraries to the Link Binary With Libraries section:
    • AudioToolbox.framework
    • AVFoundation.framework
    • ExternalAccessory.framework
    • MediaPlayer.framework
    • Security.framework
    • CoreBluetooth.framework
    • libstdc++.6.0.9.dylib
    • PGMobileSDK.a
  5. (Optional - see note below) - In your Info.plist, add a row for "Supported external accessory protocols", and add "com.gatewayprocessingservices.iprocess" as Item 0. This enables connection to the iDynamo swipe reader.

Note: You may wish to skip step 5 if you do not need to support the iDynamo. Apple requires manufacturers of accessories that use the dock connector to add your app to their product plan before approving your app for the app store. You will need to contact MagTek in order to have your app added to their product plan. Contact MagTek for more details.

Viewing documentation in Xcode

Adding the doc set to Xcode allows the most up-to-date, relevant documentation to appear in the IDE as you type. To enable access to the SDK documentation from inside Xcode:

  1. Under the Xcode menu, click Preferences
  2. Navigate to the Downloads page
  3. On the Documentation tab, click Add.
  4. On the "Enter a doc set feed URL" window that pops up, enter: https://secure.safewebservices.com/merchants/resources/integration/docset/iOSSDK.atom
  5. Click Add
  6. Click the newly-added install button

Important Info About the App Store

The Apple App Store's current policy is to require mobile apps to purchase digital goods (e.g. downloadable content, etc.) through the App Store. For that reason, this SDK is intended only for use in apps selling real-world goods and services. Please direct questions about Apple's App Store policies to Apple. Their policies are subject to change at their discretion.

End-to-End Encryption
Mobile SDK: iOS

Acquiring a Public Key

  1. After logging into the Payment Gateway, navigate to Settings->Security Keys->View Mobile SDK Key. You can click on the Objective-C example link to get a version that can easily be copied and pasted into your project.

  2. Use the Query API. In order to get the public key, you will need to use 'report_type=sdk_key'. The key will be returned in the <sdk_key> tag.

Encrypting a Card

#import "PGEncrypt.h"
#import "PGCards.h"

PGEncrypt encryption = [[PGEncrypt alloc] init];
[encryption setKey:
    @"***999|MIIEEjCCA3ugAwIBAgIBADANBgkqhkiG9w0BAQQFADCBvTELMAkGA1UEBh"
    "MCVVMxETAPBgNVBAgTCElsbGlub2lzMRMwEQYDVQQHEwpTY2hhdW1idXJnMRgwFg"
                    [Several lines omitted]
    "cNAQEEBQADgYEAKY8xYc91ESNeXZYTVxEsFA9twZDpRjSKShDCcbutgPlC0XcHUt"
    "a2MfFPsdgQoq0I8y1nEn1qJiOuEG1t9Uwux4GAvAPzsWSsKyKQkZhqxrxkJUB39K"
    "Pg57pPytfJnlQTgYiSrycCEVHdDvhk92X7K2cab3aVV1+j0rKlR/Sy6b4=***"];


PGCard *cardData = [[PGKeyedCard alloc] initWithCardNumber:cardNumberField.text
                                            expirationDate:expirationField.text
                                                       cvv:cvvField.text];

NSString *encryptedCardData = [encryption encrypt:cardData includeCVV:NO];

encryptedCardData will contain a string that can be passed to the Payment Gateway in place of credit card information. The parameter name to use when passing this value through DirectPost is "encrypted_payment". For example, a simple DirectPost API string would look something like this:

(This example assumes your Merchant server is running a PHP script that has received the encrypted card data through a POST parameter called 'cardData'.)


//Business logic, validation, etc.  When ready to process the payment...
$cardData = $_POST['cardData'];
$postString = "username=demo&password=1234&type=sale&amount=1.00&encrypted_payment=$cardData";

//Post to Gateway            

For more information on how to communicate with the Payment Gateway, see the API documentation.

Swipe Devices
Mobile SDK: iOS

Creating the Controller

In the class that intends to handle swipe events, create a PGSwipeController object in your init method. Initialize the object with one of these lines to support specific readers:

swipeController = [[PGSwipeController alloc] initWithDelegate:self audioReader:AudioJackReaderIpsEnterprise];
swipeController = [[PGSwipeController alloc] initWithDelegate:self audioReader:AudioJackReaderIps];
swipeController = [[PGSwipeController alloc] initWithDelegate:self audioReader:AudioJackReaderUnimag];

Only a single model of audio jack-connected reader can be enabled at a time. The audioReader parameter allows you to choose which type you want to allow. See the PGSwipeController's initWithDelegate:audioReader: documentation for more details.

Your class will have to implement the PGSwipeDelegate protocol. If you are only interested in knowing when a card is swiped, you can safely leave every other event handler empty, as shown here (or add your own code to, for example, display an image indicating that the swipe reader is ready for a swipe). In this example, when the swipe is received, the card data is saved in a property (swipedCard) for eventual transmission to the Gateway (not shown), and two UITextField properties (cardNumberField and expirationField) are set to show the masked card number and expiration date.

If a bad swipe occurs, didSwipeCard:device: may still be called, but "card" will be nil. An error message is displayed in this example. Note: Not all card reader models give feedback when a bad swipe is received.

-(void)deviceConnected:(PGSwipeDevice *)sender
{
}

-(void)deviceDisconnected:(PGSwipeDevice *)sender
{
}

-(void)deviceActivationFinished:(PGSwipeDevice *)sender result:(SwipeActivationResult)result
{
}

-(void)deviceDeactivated:(PGSwipeDevice *)sender
{
}

-(void)deviceBecameReadyForSwipe:(PGSwipeDevice *)sender
{
}

-(void)deviceBecameUnreadyForSwipe:(PGSwipeDevice *)sender reason:(SwipeReasonUnreadyForSwipe)reason;
{
}

-(void)didSwipeCard:(PGSwipedCard *)card device:(PGSwipeDevice *)sender
{
    if (card != nil) {

        swipedCard = [card retain];

        cardNumberField.text = card.maskedCardNumber;
        expirationField.text = card.expirationDate;

    } else {

        //A nil card means that there was a swipe but it was unsuccessful.
        UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Swipe Error"
                                                        message:@"The reader was not able to read the card. Please Try Again."
                                                       delegate:nil
                                              cancelButtonTitle:@"OK"
                                              otherButtonTitles:nil];

        [alert show];
        [alert release];
    }

}

Classes Overview
Mobile SDK: iOS

PGSwipeController

The PGSwipeController contains a set of swipe reader classes that control individual swipe readers. This is the main Mobile Swipe SDK class required for using swipe devices, intended to be instantiated near the app's startup. The delegate you set on the PGSwipeController is the object that will receive all of the SDK's swipe events.

Through this class, you can access the controller classes for individual swipe device types (PGSwipeIpsEnterprise * ipsEnterpriseReader, PGSwipeIps *ipsReader, PGSwipeIDynamo *iDynamoReader, and PGSwipeUniMag *uniMagReader).

You should be sure to call initWithDelegate rather than the parameterless init because during initialization a check is made to see if any devices are already connected and sends a deviceConnected event if they are. If the parameterless init is used, the initial connection message will be missed.

  • -(id)initWithDelegate:(id<PGSwipeDelegate>)delegate audioReader:(AudioJackReaderType)readerType

    Initializes the PGSwipeController and the individual swipe reader classes. Init checks if any devices are connected and sends a deviceConnected event if they are, so initWithDelegate: should always be used rather than init to ensure that a connection event is received if the device is already connected.

    The audioReader: parameter selects which type of audio jack-connected card reader to enable. Only one type of audio jack-connected reader can be used at a time to prevent more than one device library from attempting to access the audio system at the same time. AudioJackReaderIpsEnterprise enables the IPS Enterprise Encrypted Card Reader library, AudioJackReaderIps enables the IPS Encrypted Card Reader library, and AudioJackReaderUnimag enables the Shuttle library. You may also select AudioJackReaderNone to disable both libraries, or AudioJackReaderAutodetectOnConnect to allow the SDK to attempt to determine the type on connection. Autodetection has several drawbacks. See PGSwipeController beginAutodetectAudioJackCardReader for more information.

  • -(void)setAudioJackReaderType:(AudioJackReaderType)audioJackReaderType messageOptions:(PGSwipeUniMagMessageOptions *)messageOptions

    Sets the enabled audioJackReaderType. This can be used to enable support for either the IPS Enterprise Encrypted Card Reader, IPS Encrypted Card Reader, or the UniMag (Shuttle) reader. Since the underlying libraries may not always unload cleanly, you should avoid calling this repeatedly to change the supported device type. Doing so could cause the reader to malfunction or be damaged. Setting this to AudioJackReaderAutodetectOnConnect will disable any currently selected audioJackReaderType and autodetect upon device connection.

    messageOptions will be used only when audioJackReaderType is AudioJackReaderUnimag to replace the default message options. For any other AudioJackReaderType, or to use the default message options for AudioJackReaderUnimag, this should be nil.

  • -(void)beginAutodetectAudioJackCardReader;

    Asynchronously attempts to detect the card reader type currently attached to the audio jack.

    A communication test is first attempted for an IPS Enterprise reader, then IPS reader and finally, an attempt is made to power up a UniMag (Shuttle) card reader. If either test succeeds, the audioJackReaderType is set to the correct value, and the device will be made ready for use. The result of the autodetect is reported to the delegate through deviceAutodetectComplete:.

    Note: All tests produce very loud tones through the audio jack. If speakers or headphones are attached, the tones would be unpleasant to the user. It is recommended that the user be warned and allowed to remove headphones before calling this function. This library suppresses user notifications from the UniMag reader during autodetect.

    Because the device is powered up in order to test it, you will not receive connection / activation / ready for swipe events during detection. When your delegate receives its deviceAutodetectComplete message, check the isConnected, isActive, and isReadyForSwipe properties for its current state and to complete any initialization.

    In order to detect the devices, all of the underlying card reader libraries must be loaded. Under some circumstances, these libraries may not unload cleanly, resulting in unreliable use of the card reader. Autodetect is also a very slow process. For these reasons, you should not rely on autodetection for each use of the app.

    Because communication through the audio jack is not always perfect, autodetect does not always return a correct result. The most common failure type is returning CardReaderAutodetectResultFail even though a supported device is connected.

    If it is known in advance which card reader type will be used, that type should be specified when initializing the PGSwipeController. If multiple devices must be supported, it is strongly recommended that the result of the autodetect be saved (e.g. in NSUserDefaults) and re-used on app startup.

PGSwipeDevice

The PGSwipeDevice class represents the functionality that is common to the swipe reader devices.

A PGSwipeDevice object is passed along with every event generated by the swipe devices to allow you to identify the device type and access device-specific features by casting to the specific swipe type.

  • bool isConnected

    True when the reader is physically attached to the device.

  • bool isActivated

    True when the reader is powered up / initialized.

  • bool isReadyForSwipe

    True when the reader is able to accept card swipes from the user.

  • id<PGSwipeDelegate>delegate

    Sets the delegate that will receive the device's events. You should not set the delegate directly. Setting the delegate on the PGSwipeController sets the delegate for each of its members.

PGSwipeDelegate

The PGSwipeDelegate protocol must be implemented by the class that intends to receive swipe reader events. The following event handlers will need to be implemented.

  • -(void)didSwipeCard:(PGSwipedCard *)card device:(PGSwipeDevice *)sender

    This event is sent whenever the user swipes a card. Normally "card" will be either a PGEncryptedSwipedCard or PGMagnesafeSwipedCard (depending on the swipe reader) with track data, masked card number, expiration date, and cardholder name. If the swiped card cannot be read, "card" will be nil.

  • -(void)deviceBecameReadyForSwipe:(PGSwipeDevice *)sender

    This event is sent when isReadyForSwipe becomes true. Between this event and the receipt of deviceBecameUnreadyForSwipe, any swipe should produce a didSwipeCard event.

  • -(void)deviceBecameUnreadyForSwipe:(PGSwipeDevice *)sender reason:(SwipeReasonUnreadyForSwipe)reason

    This event is sent when isReadyForSwipe becomes false. There are many reasons the reader could become unready to receive swipe events, e.g. the swipe request times out, the device is disconnected, etc. Check the value of "reason" to determine the cause.

    On Shuttle readers, if you have set the device to alwaysAcceptSwipe, the reason may be set to SwipeReasonUnreadyForSwipeRefreshing. In that case, there is no need to request a new swipe. The "unready" state is momentary while the device automatically renews after a timeout, swipe, or other event.

  • -(void)deviceConnected:(PGSwipeDevice *)sender;

    Occurs when the reader is physically connected to the device. With audio-port connected devices, this event can be sent when the user attaches headphones.

  • -(void)deviceDisconnected:(PGSwipeDevice *)sender;

    Occurs when the reader is physically disconnected from the device. With audio-port connected devices, this event can be sent when the user detaches headphones.

  • -(void)deviceActivationFinished:(PGSwipeDevice *)sender result:(SwipeActivationResult)result;

    Occurs when the device has finished an attempt to power up/initialize. This may occur at the same time as deviceConnected or later, depending on the device and settings. See the individual device documentation for specifics.

    Receiving this event does not mean the initialization succeeded. Be sure to check the value of "result" to verify that it is SwipeActivationResultSuccess.

  • -(void)deviceDeactivated:(PGSwipeDevice *)sender;

    Occurs when the device has powered down. This may occur when the device is disconnected or, for certain swipe readers, when you make a call to power down the device.

  • -(void)deviceAutodetectStarted;

    Occurs when an attempt to detect the type of an audio jack-connected card reader has started. This can be triggered by a manual call to PGSwipeController beginAutodetectAudioJackCardReader or automatically when the PGSwipeController is in AudioReaderAutodetectOnConnect mode and an object is attached to the audio jack by the user.

  • -(void)deviceAutodetectComplete:(CardReaderAutodetectResult)result;

    Occurs when an attempt to detect the type of an audio jack-connected card reader has finished. The result may be CardReaderAutodetectResultIpsEnterprise,CardReaderAutodetectResultIps, CardReaderAutodetectResultUniMag, or CardReaderAutodetectResultFail if the type could not be determined.

    When this message is received, the PGSwipeController's audioJackReaderType will have been set to the appropriate value and the card reader will be activated. Since the device is powered up while autodetecting, no events for connection, activation, or readyForSwipe will be received. Check the isConnected, isActivated, and isReadyForSwipe properties to determine the device's state.

PGSwipeIpsEnterprise

This class is the interface to the IPS Enterprise Encrypted Card Reader. It is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeIpsEnterprise instance to interact with the IPS Enterprise device.

  • id delegate;

    Gets or sets the delegate that will receive events. You should not set this directly. When the PGSwipeController's delegate is set, it will pass it through to this delegate.

  • -(void)shutdown;

    Closes the card reader's connections and disables event handling to allow it to be deallocated. You should not call this directly. It is called by the PGSwipeController when necessary.

  • -(void)beginTestCommunication(id)delegate;

    Asynchronously sends a communication test message to the card reader device and waits for a response. This can be used to detect whether the connected device is an IPS Enterprise Encrypted Card Reader. A message is sent via the audio jack and if no response is received from the device within 5 seconds, the attached object is assumed not to be an IPS Enterprise reader. Note that calling this will produce a short, loud tone through the audio jack if headphones are attached.

    The result is returned to the delegate by calling ipsEnterpriseCommunicationTestCompleteWithResult:(BOOL)succes with success set to YES or NO, depending on if a response was sent by the device.

PGSwipeIps

This class is the interface to the IPS Encrypted Card Reader. It is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeIps instance to interact with the IPS device.

  • id delegate;

    Gets or sets the delegate that will receive events. You should not set this directly. When the PGSwipeController's delegate is set, it will pass it through to this delegate.

  • -(void)shutdown;

    Closes the card reader's connections and disables event handling to allow it to be deallocated. You should not call this directly. It is called by the PGSwipeController when necessary.

  • -(void)beginTestCommunication(id)communicationTestDelegate;

    Asynchronously sends a communication test message to the card reader device and waits for a response. This can be used to detect whether the connected device is an IPS Encrypted Card Reader. A message is sent via the audio jack and if no response is received from the device within 5 seconds, the attached object is assumed not to be an IPS reader. Note that calling this will produce a short, loud tone through the audio jack if headphones are attached.

    The result is returned to the communcationTestDelegate by calling ipsCommunicationTestCompleteWithResult:(BOOL)succes with success set to YES or NO, depending on if a response was sent by the device.

PGSwipeIDynamo

This class is the interface to the iDynamo reader. It is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeIDynamo instance to interact with the iDynamo device.

The iDynamo has no configurable options. When the device is attached, it is active and ready for swipe. The only property for the PGSwipeIDynamo class is a delegate to receive events, which should not be set directly. When the delegate is set for the PGSwipeController, the same delegate is passed to the PGSwipeIDynamo instance it contains.

PGSwipeUniMag

This class is the interface to the IDTECH Shuttle reader. It is not intended to be instantiated directly. Instantiate a PGSwipeController instead. The PGSwipeController will create a PGSwipeUniMag instance to interact with the Shuttle device.

There are several flags and methods available for the Shuttle. For an app that does not need much specific control of the swipe device and is mostly interested in the swipe event, the defaults can be kept and the device will power up and become ready for swipe when attached.

  • id delegate;

    Gets or sets the delegate that will receive events. You should not set this directly. When the PGSwipeController's delegate is set, it will pass it through to this delegate.

  • PGSwipeUniMagMessageOptions *messageOptions;

    Contains a set of options for interactions with the user, e.g. whether to prompt before powering up the Shuttle and the text of error messages. See the PGSwipeUniMagMessageOptions section for specific settings.

  • BOOL activateReaderOnAttach;

    If this is true, the SDK will attempt to power-up the reader when attachment is detected. There are 3 things to be aware of:

    1. If the user attaches headphones to the mobile device, it will be treated as a swipe reader and an attempt to power it up will be made.
    2. Before the attempt to activate the reader, if messageOptions.activateReaderWithoutPromptingUser is set to false (it is false by default), the user will receive a prompt asking to confirm activation. If they decline, no activation will be attempted.
    3. If you call powerDown to deactivate the device, leaving activateReaderOnAttach set to true will cause the device to immediately power back up.
  • BOOL automaticallySetVolumeToMaxOnActivate;

    If this is set to true, the device's volume will be set to maximum immediately before any attempt to power on the reader. Since the reader requires full volume to activate, this defaults to true and should normally remain true.

  • BOOL alwaysAcceptSwipe;

    The Shuttle does not accept swipes from the user unless a swipe has been requested. If alwaysAcceptSwipe is true, the SDK will immediately request a swipe and renew the request any time the old swipe request times out or ends. You will still receive periodic didBecomeUnreadyForSwipe: messages, but the reason will be SwipeReasonUnreadyForSwipeRefreshing to indicate that you should be receiving a didBecomeReadyForSwipe: message immediately after without any interaction.

    The mobile device's battery may deplete faster if the swipe reader is always awaiting a swipe. If battery life is a concern, consider setting this to false and using requestSwipe when a swipe is expected, or only setting alwaysAcceptSwipe to true when a swipe is expected.

    If alwaysAcceptSwipe is true, you should not use requestSwipe or cancelSwipeRequest. By default, alwaysAcceptSwipe is true.

  • -(void)powerUpDevice:(BOOL)powerUp;

    Powers up the reader if powerUp is true or cancels a power up if powerUp is false. If activateReaderOnAttach is true, this is called automatically after connection to power up the device. If you wish to only power up the device after user interaction, you should wait until a deviceConnected: event is received, then call powerUpDevice:YES when they choose to power up. This should only be used if activateReaderOnAttach is false.

  • -(void)powerDown;

    Powers down the reader. This may extend mobile device battery life. A deviceConnected event will be received after shut-down, which will trigger a power-up if activateReaderOnAttach is true, so be sure to set activateReaderOnAttach to false before powering down. It is not necessary to power down the reader before disconnecting it from the device.

  • -(void)requestSwipe;

    Starts listening for swipe events. You will never need to call this if you set alwaysAcceptSwipe to true (it is true by default). After receipt of a didBecomeUnreadyForSwipe message, you may request a new swipe (unless the reason is SwipeUnreadyForSwipeReasonRefreshing). The request will timeout after 20 seconds, or the amount of time you set in setSwipeTimeoutDuration:.

  • -(void)cancelSwipeRequest;

    Cancels a swipe request to stop listening for swipe events. You should not use this if you did not manually start the swipe request with a call to requestSwipe.

  • -(void)setSwipeTimeoutDuration:(int)seconds;

    Sets the time between requestSwipe and when swipes will no longer be accepted. Default and maximum are 20 seconds. The minimum is 3 seconds. This still applies even if alwaysAcceptSwipe is true, but the swipe request will be automatically renewed in that case.

PGSwipeUniMagMessageOptions

This class contains a set of user-interaction options for the Shuttle device.

  • BOOL activateReaderWithoutPromptingUser;

    If this is set to true (false by default), the reader is activated automatically immediately after you receive a deviceConnected: event. If this is false, you will need to call powerUpDevice: during or after the deviceConnected event to power the device or cancel powering up.

  • BOOL showInitializingReaderMessage;

    If true, an "Initializing Card Reader…" alert is shown while the reader powers up and is dismissed once power-up completes.

  • NSString *cardReaderActivationPrompt;

    Gets or sets the prompt that will be displayed to confirm that the user would like to power up the reader. If you change this prompt, you should also change cardReaderActivationAtMaxVolumePrompt. Note: an activation prompt is only shown before activation if messageOptions.activateReaderWithoutPromptingUser is false. This message is meant to include a warning to indicate that the volume will be set to max. If automaticallySetVolumeToMaxOnActivate is false, cardReaderActivationAtMaxVolumePrompt is shown instead of this.

  • NSString *cardReaderActivationAtMaxVolumePrompt;

    Gets or sets the prompt that will be displayed to confirm that the user would like to power up the reader. If you change this prompt, you should also change cardReaderActivationPrompt. Note: an activation prompt is only shown before activation if messageOptions.activateReaderWithoutPromptingUser is false. If automaticallySetVolumeToMaxOnActivate is true and the volume is not at maximum, cardReaderActivationPrompt is shown instead of this.

  • NSString *cardReaderTimeoutMessage;

    Gets or sets the alert that is shown if the reader times out while attempting to power up. If you prefer to handle this differently, set this message to nil to prevent it from being shown, then handle the activationDidComplete:result: message with a result of SwipeActivationResultTimeout.

  • NSString *volumeTooLowMessage;

Supported Devices


IPS Enterprise and IPS Encrypted Card Readers

The IPS devices are audio jack-connected card readers. Unlike the IDTECH Shuttle, these readers are powered by an internal battery. The IPS devices have a fast startup time and do not produce a constant tone through the audio jack.

Because the IPS devices connect through the audio port and there is no way to immediately detect the device type, you will receive a deviceConnected: event even if the user has only plugged in headphones. Since there is no activation with the IPS devices, a deviceActivated: and deviceBecameReadyForSwipe: will also be sent immediately. In order to be sure that the device is an IPS Enterprise or IPS, the PGSwipeIpsEnterprise and PGSwipeIps provide a beginTestCommunication: method you can use to attempt to communicate with the devices. Success is returned when the device has been successfully identified. This is not done by default to eliminate a delay before the device becomes active.

iDynamo

The iDynamo connects to the mobile device via Apple's dock connector and is only compatible with iOS devices that use the older 30-pin (non-Lightning) dock connector.

When physically attached, the iDynamo is almost immediately ready to receive swipe events. When connected, the Swipe Delegate should expect a deviceConnected: message, immediately followed by a deviceActivationFinished: message, then a deviceBecameReadyForSwipe: message.

When the device is physically detached, the delegate receives the events in reverse order, i.e. deviceBecameUnreadyForSwipe:, deviceDeactivated:, deviceDisconnected:.

App Store: To support the iDynamo on an app distributed through the App Store, Apple may require you to contact MagTek for information before they will process your submission. To disable iDynamo support, do not add it to "Supported external accessory protocols" in your info.plist. You will still receive connect and disconnect events, but activation will fail, so be sure to check if the sending device is the iDynamo object and ignore it if so.

Known Issue with the iDynamo: There is an issue with device disconnection with the iDynamo and iOS's ExternalAccessory framework. Upon disconnection, the stream communicating with the device is closed, during which you may receive the warning: [NSCondition dealloc]: condition (<NSCondition: 0x1d54ce90> '(null)') deallocated while still in use. After reconnecting, a later disconnect may randomly cause the app to crash with an attempt to send a message to the deallocated instance. This does not occur frequently, and is more likely to occur when rapidly opening and closing the application (which sends a disconnect followed by a reconnect when the app re-opens). This issue is with Apple's accessory-handling framework. Apple is aware of the issue and may fix it in a future iOS release.

IDTECH Shuttle

The Shuttle (referred to in code as a UniMag device) is an audio jack-connected card reader. It is powered by a tone from the iPod / iPad / mobile phone. Before the Shuttle can receive swipes, it must be powered up.

Because the Shuttle connects through the audio port and there is no way to detect the device type until the device is activated, you will receive deviceConnected events whenever any device is attached to that port. For example, if the user attaches headphones, you will receive a connection event from the Mobile SDK.

The Mobile SDK can be configured to automatically attempt to power on the swipe reader immediately (this is the default), or you can disable the automatic activation and only activate the device when desired (e.g. on a payment screen, or when the user clicks a button).

Important: When powering on the device, the audio volume must be at maximum (done automatically by default). The tone generated through the audio port to activate the device can be very painful to a listener if they have connected speakers or headphones. For this reason, swipeController.uniMagReader.messageOptions.activateReaderWithoutPromptingUser is set to NO by default, causing the SDK to prompt the user for confirmation before activating the reader.

The Shuttle saves battery by only allowing swipes when a swipe has been requested, and a timeout occurs if a swipe is not received quickly enough (20 seconds by default). For simplicity, the SDK defaults to automatically requesting a swipe on activation and continuously renewing the swipe request. If you have issues with battery life, you can set swipeController.uniMagReader.alwaysAcceptSwipe to NO and manually call [swipeController.uniMagReader requestSwipe] when ready for a swipe.

Methodology
EMV Chip Card SDK

Overview

The EMV Chip Card SDK is a Windows based software development kit that abstracts the complexities of interfacing directly with hardware terminals. Leveraging the chip card SDK, merchants can avoid months or even years of effort by eliminating the requirement of performing an EMV certification.

Supported Devices

The EMV Chip Card SDK is certified for all devices in the Ingenico Telium 2 family (partial listing below). All devices will need to have the correct RBA firmware and our provided configuration file installed, as well as the proper encryption key(s).

The Ingenico iPP320 is available for purchase directly through the gateway, and arrives fully configured and inserted with the correct encryption information for a truly plug-and-play experience.

Other devices that could be configured to work with the EMV Chip Card SDK:

  • iPP350
  • iCMP
  • iSC Touch 250
  • iSC Touch 480


' ***** DISCLAIMER *****
' This code is to be used as an example and not in production.
' It lacks thorough testing and debugging.  The Results below will be
    ' returned when posting against a gateway Test Account or an Active Account with Test Mode Enabled



GatewayUsername = "[[Gateway Username Here]]"
GatewayPassword = "[[Gateway Password Here]]"

' Returns True on Success, False on Failure
Function GatewaySale(amount, ccnumber, ccexp, cvv, name, address, zip)
    Set OGateway = Server.CreateObject("MSXML2.ServerXMLHTTP")
    OGateway.Open "POST", "https://velox.transactiongateway.com/api/transact.php", false
    OGateway.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
    DataToSend = "username=" & Server.URLEncode(GatewayUsername) &_
             "&password=" & Server.URLEncode(GatewayPassword) &_
             "&ccnumber=" & Server.URLEncode(ccnumber) &_
             "&ccexp=" & Server.URLEncode(ccexp) &_
             "&cvv=" & Server.URLEncode(cvv) &_
             "&amount=" & Server.URLEncode(amount) &_
             "&firstname=" & Server.URLEncode(name) &_
             "&address1=" & Server.URLEncode(address) &_
             "&zip=" & Server.URLEncode(zip)

    OGateway.Send DataToSend

    ResponseString = OGateway.responseText
    Results = Split(ResponseString, "&")

    GatewaySale = False
    For Each i in Results
        Result = Split(i,"=")
        If UBound(Result)>0 Then
            If  LCase(Result(0))="response" Then
                If Result(1) = "1" Then
                    GatewaySale = True
                End If
            End If
        End If
    Next
End Function

Results = GatewaySale("10.00","4111111111111111","0112","","John Smith","123 Main St", "60123")
Response.Write("This should be true: " & Results & "
") Results = GatewaySale("0.99","4111111111111111","0112","","John Smith","123 Main St", "60123") Response.Write("This should be false: " & Results & "
")

///###########################################################
///#                                                         #
///#  D I S C L A I M E R                                    #
///#                                                         #
///#  WARNING: ANY USE BY YOU OF THE SAMPLE CODE PROVIDED    #
///#  IS AT YOUR OWN RISK.                                   #
///#                                                         #
///#  This code is provided "as is" without                  #
///#  warranty of any kind, either express or implied,       #
///#  including but not limited to the implied warranties    #
///#  of merchantability and/or fitness for a particular     #
///#  purpose.                                               #
///#                                                         #
///#                                                         #
///###########################################################


///###########################################################
///#                                                         #
///#  Direct Post Transaction Submission Methodology         #
///#                                                         #
///###########################################################
///#                                                         #
///#  1. You gather all the required transaction data on     #
///#  your secure web site.                                  #
///#                                                         #
///#  2. The transaction data gets submitted (via HTTPS      #
///#  POST) to the gateway as one long string, consisting    #
///#  of specific name/value pairs.                          #
///#                                                         #
///#  3. When performing the HTTPS POST operation, you       #
///#  remain on the same web page from which you've          #
///#  performed the operation.                               #
///#                                                         #
///#  4. The Gateway immediately returns a transaction       #
///#  response string to the same web page from which you    #
///#  have performed the HTTPS POST operation.               #
///#                                                         #
///#  5. You may then parse the response string and act      #
///#  upon certain response criteria, according to your      #
///#  business needs.                                        #
///#                                                         #
///#                                                         #
///###########################################################

<%@ Import Namespace="System.Net" %>
<%@ Import Namespace="System.IO" %>
<script language="C#" runat="server">
void Page_Load(Object Src, EventArgs E) {

// Process readHtmlPage function
  myPage.Text = readHtmlPage("https://velox.transactiongateway.com/api/transact.php");
}



private String readHtmlPage(string url)
{

//setup some variables

String username  = "demo";
String password  = "password";
String firstname = "John";
String lastname  = "Smith";
String address1  = "1234 Main St.";
String city      = "Chicago";
String state     = "IL";
String zip       = "60193";

//setup some variables end

  String result = "";
  String strPost = "username=" + username + "&password=" + password
     + "&firstname=" + firstname + "&lastname=" + lastname
     + "&address1=" + address1 + "&city=" + city + "&state=" + state
     + "&zip=" + zip + "&payment=creditcard&type=sale"
     + "&amount=1.00&ccnumber=4111111111111111&ccexp=1015&cvv=123";
  StreamWriter myWriter = null;

  HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(url);
  objRequest.Method = "POST";
  objRequest.ContentLength = strPost.Length;
  objRequest.ContentType = "application/x-www-form-urlencoded";

  try
  {
     myWriter = new StreamWriter(objRequest.GetRequestStream());
     myWriter.Write(strPost);
  }
  catch (Exception e)
  {
     return e.Message;
  }
  finally {
     myWriter.Close();
  }

  HttpWebResponse objResponse = (HttpWebResponse)objRequest.GetResponse();
  using (StreamReader sr =
     new StreamReader(objResponse.GetResponseStream()) )
  {
     result = sr.ReadToEnd();

     // Close and clean up the StreamReader
     sr.Close();
  }
  return result;
}
</script>
<html>
<body>
<b>The content on this web page is the result of an HTTP POST operation to the Gateway, using the Direct Post method.<br>
<br/>
</b><hr/>
<asp:literal id="myPage" runat="server"/>
</body>
</html>

ccon.cfm


<CFLOCK Name="#session.sessionID#" timeout="10" Type ="Exclusive">
<CFPARAM NAME="session.status" Default="none">
<CFPARAM NAME="emsg" Default="A connection with the financial gateway failed.">
<CFSET oid = ''>
<CFSET em = 0>

<CFIF not IsDefined('URL.ccinterim')>
<CFSET em = 100>
<CFELSEIF not IsDefined('session.store')>
<CFSET em = 101>
<CFELSEIF not session.active>
<CFSET em = 102>
<CFELSEIF not session.store>
<CFSET em = 103>
<CFELSEIF #session.retry# gt 2>
<CFSET em = 400>
</CFIF>
<CFIF em gt 0>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLtoken#&em=#em#">
</CFIF>

<CFSET start = GetTickCount()>
<CFPARAM NAME="result" DEFAULT="false">
<CFPARAM NAME="com_error" DEFAULT="none">
<CFPARAM NAME="session.redirect" Default="x">
<CFPARAM NAME="session.status" Default="none">
<CFPARAM NAME="theactioncode" Default="">
<CFSET oid = session.ponumber>

<!--- fix date for 4 digits only now 09/09--->
<CFSET ccmonth = SpanExcluding(session.exprdate, '/')>
<CFSET ccyear = Mid(session.exprdate, 4, 2)>
<CFSET session.exprdate = '#ccmonth##ccyear#'>
<!--- the session.cvv value is set to a form default in ccinterim --->

<!--- the session order values come from paydirect and the cc values from ccinterim --->
<!--- Tax(default=0), shipping(default=0), and PO Number provide Level II processing --->
<CFHTTP url="https://velox.transactiongateway.com/api/transact.php"
method="POST" resolveurl="yes" throwonerror="yes"
PATH="d:\html\users\cfxa2\zanaducom\html\Test\CardTech\" FILE="tempfile.txt">
<CFHTTPPARAM type="FORMFIELD" name="username" value="#session.TRNSID#">
<CFHTTPPARAM type="FORMFIELD" name="password" value="#session.TRNSKEY#">
<CFHTTPPARAM type="FORMFIELD" name="type" value="#session.TRNSTYPE#">
<CFHTTPPARAM type="FORMFIELD" name="amount" value="#session.ustotal#">
<CFHTTPPARAM type="FORMFIELD" name="ccnumber" value="#session.ccnumber#">
<CFHTTPPARAM type="FORMFIELD" name="ccexp" value="#session.exprdate#">
<CFHTTPPARAM type="FORMFIELD" name="address1" value="#session.ccaddress#">
<CFHTTPPARAM type="FORMFIELD" name="zip" value="#session.cczip#">
<CFHTTPPARAM type="FORMFIELD" name="orderid" value="#session.ponumber#">
<CFHTTPPARAM type="FORMFIELD" name="cvv" value="#session.cvv#">
<CFHTTPPARAM type="FORMFIELD" name="tax" value="#session.ustax#">
<CFHTTPPARAM type="FORMFIELD" name="shipping" value="#session.usshipping#">
<!---CFHTTPPARAM type="FORMFIELD" name="transactionid" value="#form.transid#"--->
</CFHTTP>
<!---CFSET result = cfhttp.filecontent would be the usual method of getting the
stored reply;  however, when working in a shared server environment with ColdFusion,
the user may not have authorization to access this storage area and instead will
have to specify the full path within their domain for the file storage location
and again specify the path for a file read action. With multiple domains in a
sandbox environment, any of the domains can be used for saving the reply file.  On
each transaction this file gets over written.--->
<CFFILE ACTION="read"
FILE="d:\html\users\cfxa2\zanaducom\html\Test\CardTech\tempfile.txt"
VARIABLE="result">

<CFIF IsDefined('result')>
<!--- create array of names and then loop to populate a query structure
called "crdck".  Map mynames to Island names for standardization. If
this is a first time gateway setup, the mapping will not be necessary.  Simply
parse the names and values.--->
<CFSET mystring = result>
<!--- CFSET mynames = "response,responsetext,authcode,transactionid,avsresponse,cvvresponse,orderid,type" --->
<!--- create arrays from the strings --->
<CFSET myarray = ListToArray(mystring, "&")>
<CFSET islandnames = "ActionCode,Status,AuthNumber,MerchantTransaction,AVSCode,CVVcode,OrderID,Referencecode">
<CFSET islandnamearray = ListToArray(islandnames, ",")>
<!--- create a new array called crdck and then populate it in a loop with the Island
names and the values.  This is done to remain compatible with previous
instances of other gateways without having to change all of the downstream syntax. --->
<CFSET crdck = QueryNew(islandnames)>
<CFSET temp = QueryAddRow(crdck)>
<!--- loop to populate array with desired names (island names) and values --->
<CFLOOP  INDEX="k" FROM="1" TO="#ArrayLen(myarray)#">
<CFSET sz = Len(myarray[k])>
<CFSET m = FindNoCase("=", myarray[k], 1)>
<CFIF m is 0><!--- create dummy value in case the = sign not found --->
<CFSET temp = QuerySetCell(crdck, islandnamearray[k], "xxx")>
<CFELSE>
<CFSET n = Find("=", myarray[k], m+sz)>
<CFSET avalue = Mid(myarray[k], m+1, sz)>
<CFSET temp = QuerySetCell(crdck, islandnamearray[k], avalue)>
</CFIF>
<CFIF #k# gt 20><CFBREAK></CFIF><!--- prevent an endless loop for any reason --->
</CFLOOP>
</CFIF>

<CFIF IsDefined('crdck.Actioncode')>
<CFSET theactioncode = crdck.Actioncode>
<!--- this call will timeout based on server configuration --->

<CFSET thedate = DateFormat(now(), 'mm/dd/yy')>

<!--- some mapping is required because CardTech gateway uses their Responsetext 
field, our STATUS field, for both status and error messages. --->

<!--- In our database STATUS is a short advisory to the merchant on the order
summary page.  Their 'response' is our actioncode--->
<CFSET thestatus = crdck.Actioncode>
<CFIF thestatus eq 1>
<CFSET thestatus = 'auth-settle::1'>
<CFELSEIF thestatus eq 2>
<CFSET thestatus = 'retry-auth(credit)::2'>
<CFELSEIF thestatus eq 3>
<CFSET thestatus = 'retry-auth(data)::3'>
<CFELSEIF thestatus eq "">
<CFSET thestatus = 'retry-auth(comm)::'>
</CFIF>

<!--- A short statement for the 'trnsmsg' on the order detail page. CardTech
returns 'success' in their responsetext field when actioncode=1 --->
<CFSET msg = crdck.status>
<CFIF crdck.Actioncode is not 1>
<CFSET msg = 'declined'>
</CFIF>

<!--- CardTech Responsetext(our status) is a message which is mapped to our
error message when 'success' (CardTech actioncode is not equal to 1)is not
returned. The emsg(error message) is for the customer and order detail page. --->
<CFSET emsg = crdck.status>
<CFIF crdck.Actioncode is 1>
<CFSET emsg = 'no-error'>
</CFIF>

<!--- zero lenth not allowed in database table entry --->
<CFSET oid = crdck.OrderID>
<CFIF #Len(oid)# is 0>
<CFSET oid = #session.ponumber#>
</CFIF>

<CFSET avs = crdck.AVSCode>
<CFIF Len(avs) is 0>
<CFSET avs = 'no return'>
</CFIF>

<CFSET cvv = crdck.CVVCode>
<CFIF Len(cvv) is 0>
<CFSET cvv = 'no return'>
</CFIF>

<CFSET authnum = crdck.AuthNumber>
<CFIF Len(authnum) is 0>
<CFSET authnum = 'xxx'>
</CFIF>

<CFSET trnsmsg = '#authnum#::#msg#::#crdck.ActionCode#'>
<CFSET trnsid = '#crdck.MerchantTransaction#::#crdck.ReferenceCode#'>

<CFQUERY NAME="logpayment" DATASOURCE="#application.ordersDSN#">
	UPDATE #session.table#
	SET	TRNSMSG = '#trnsmsg#',<!--- this is RESULT entry on order detail page --->
		STATUS = '#thestatus#',
		AVS = '#avs#',
		TRNSRSV = '#cvv#',
		ERRORMSG = '#emsg#',
		TRANSID = '#trnsid#' <!--- this is Authorize ID on order detail page --->
		WHERE
		PONUMBER = '#oid#'
</CFQUERY>

<CFSET session.retry = session.retry +1>
<CFSET end = GetTickCount()>
<CFSET session.duration = evaluate((end - session.start)/1000)>

<CFIF crdck.Actioncode is 1>
<CFLOCATION URL = "../Templates/cc_good.cfm?#session.URLToken#&ccon=1">

<CFELSEIF crdck.Actioncode is 2>
<CFSET em = 401>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLToken#&em=#em#&emsg=#emsg#">

<CFELSEIF crdck.ActionCode is 3 AND FindNoCase('expiration', emsg,1) gt 0>
<CFSET em = 402>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLToken#&em=#em#&emsg=#emsg#">

<CFELSEIF crdck.ActionCode is 3 AND FindNoCase('invalid', emsg,1) gt 0>
<CFSET em = 405>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLToken#&em=#em#&emsg=#emsg#">

<CFELSEIF crdck.ActionCode is 3>
<CFSET em = 404>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLToken#&em=#em#&emsg=#emsg#">
</CFIF>
</CFIF><!--- end of crdck.actioncode defined --->

<CFIF theactioncode is ""><!--- from the default value modified by crdck.actioncode --->
<CFSET em = 406>
<CFLOCATION URL="../Templates/process_error.cfm?#session.URLToken#&em=#em#&emsg=""">
</CFIF>
</CFLOCK>

mytest.htm


<DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html><head><title>ColdFusion test</title>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<meta http-equiv="Expires" content="Mon,23 Sept 1998 00:00:00 GMT">
<meta name='description' content=''>
<meta name='keywords' content=''>
<meta name='author' content='ImagineNation'>
<meta name='url' content='http://www.ImagineNation.com'>
<!--- COPYRIGHT:===============================================
Any commercial use or duplication, in part or in whole, of this		
copyright material without prior licensing is forbidden by 
federal law.  Violators may be subject to civil and/or criminal
penalties, (Title 17, Sections 501 and 506). 
========================================================== --->
<!-- script language="JavaScript1.1" src="whatever.js" type="text/javascript" -->
<script language="JavaScript1.1" type="text/javascript">
//<!-- ==========================Hide SCRIPT=============================
//onError = null
//===============================The End============================= -->
</script>
<style>
body{background-color:#cadaca; margin: 5px 0px 0px 5px; 
font-family:verdana; font-size:12pt; font-weight:bold; color:#78ac41!important;; color:#78ac41!important; color:#000000;
}
.toptable{background-color:#daeaca; font-family:Verdana; font-size:10pt;
font-weight:bold; color:#78ac41!important;; color:#78ac41!important; color:#000000; padding:10px; width:350px; height:150px;
border-width:2px; border-color:#b07050; border-style:solid; float:left; 
display:inline; 
}
.cr{color:#000000; font-family:Ariel; font-size:8pt;
font-weight:normal; font-style:italic;
}
</style>
</head>

<body>
<h4>HTML Test File<br>
Submits to the ColdFusion process.cfm File</h4>
<div class="toptable" align="right">
The names in parenthesis are the processing names which are
populated with values in the form fields.  The values demo and password allow
test transactions on the gateway.<br>
<form name="testtrans" action="process.cfm" method="post">
username:  <input type="text" name="username" size=20 value="demo"><br>
password:  <input type="text" name="password" size=20 value="password"><br>
amount:  <input type="text" name="amount" size=20 value="2.00"><br>
transtype:  <input type="text" name="transtype" size=20 value="auth"><br>
ccnumber:  <input type="text" name="ccnumber" size=20 value="4111111111111111"><br>
ccexp:  <input type="text" name="ccexp" size=20 value="0407"><br>
address1:  <input type="text" name="ccaddress" size=20 value="20 demo lane"><br>
zip:  <input type="text" name="cczip" size=20 value="20123"><br>
cvv:  <input type="text" name="cvv" size=20 value="444"><br>
orderid:  <input type="text" name="orderid" size=20 value="UM12345678"><br>
tax:  <input type="text" name="tax" size=20 value="1.20"><br>
transid:  <input type="text" name="transid" size=20 value=""><br>
<input type="submit" value=" SUBMIT ">
</form><br>
Transid is the transaction ID number returned and the number that must be used 
to capture an authorization or make a return.
</div>

<center class="cr">
<p> <p><a href="http://ImagineNation.com" target="_blank">ImagineNation</a><br>© 1996 - 2006
</center>
</body></html>

process.cfm


<!--- It is advisable to run this file in a managed application with a lock on
the session to avoid interference from some other operation while waiting for
the return information. --->

<CFLOCK Name="testfiles" timeout="10" Type ="Exclusive">
<CFSET begin =GetTickCount()>

<!--- These default values are provided to prevent errors of omission. --->
<CFPARAM NAME="form.username" DEFAULT="xx">
<CFPARAM NAME="form.password" DEFAULT="xx">
<CFPARAM NAME="form.amount" DEFAULT="xx">
<CFPARAM NAME="form.transtype" DEFAULT="xx">
<CFPARAM NAME="form.ccnumber" DEFAULT="xx">
<CFPARAM NAME="form.ccexp" DEFAULT="xx">
<CFPARAM NAME="form.ccaddress" DEFAULT="xx">
<CFPARAM NAME="form.cczip" DEFAULT="xx">
<CFPARAM NAME="form.orderid" DEFAULT="xx">
<CFPARAM NAME="form.ccv" DEFAULT="">
<CFPARAM NAME="form.tax" DEFAULT="0.75">
<CFPARAM NAME="form.transid" DEFAULT="">
<CFPARAM NAME="result" DEFAULT="xx">

<!--- CFSET result = cfhttp.filecontent would be the usual method of getting the
stored reply from a post action without specifying a path;  however, when working
in a shared server environment with ColdFusion, the user may not have authorization
to access this storage area and instead will have to specify the full path within
their own domain for the file storage location and again specify the same path for
a file read action.  With multiple domains in a sandbox environment, any of the
domains can be used for saving the reply file.  On each transaction this file gets
over written.  The example below is specific to ImagineNation and must be changed
for your own testing.--->

<!--- This is the post to the gateway server. --->
<cfhttp url="https://velox.transactiongateway.com/api/transact.php"
method="POST" resolveurl="yes" throwonerror="yes"
PATH="d:\html\users\cfxa2\zanaducom\html\Test\CardTech\" FILE="tempfile.txt">
<cfhttpparam type="FORMFIELD" name="username" value="#form.Username#">
<cfhttpparam type="FORMFIELD" name="password" value="#form.Password#">
<cfhttpparam type="FORMFIELD" name="amount" value="#form.Amount#">
<cfhttpparam type="FORMFIELD" name="type" value="#form.transtype#">
<cfhttpparam type="FORMFIELD" name="ccnumber" value="#form.CCNumber#">
<cfhttpparam type="FORMFIELD" name="ccexp" value="#form.CCExp#">
<cfhttpparam type="FORMFIELD" name="address1" value="#form.ccaddress#">
<cfhttpparam type="FORMFIELD" name="zip" value="#form.cczip#">
<cfhttpparam type="FORMFIELD" name="orderid" value="#form.orderid#">
<cfhttpparam type="FORMFIELD" name="cvv" value="#form.cvv#">
<cfhttpparam type="FORMFIELD" name="tax" value="#form.tax#">
<cfhttpparam type="FORMFIELD" name="transactionid" value="#form.transid#">
</CFHTTP>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html><head><title>ImagineNation: ColdFusion process</title>
<style>
body{background-color:#cadaca; margin: 5px 0px 0px 5px; 
font-family:verdana; font-size:12pt; font-weight:bold; color:#78ac41!important;; color:#78ac41!important; color:#000000;
}
.toptable{background-color:#daeaca; font-family:Verdana; font-size:10pt;
font-weight:bold; color:#78ac41!important;; color:#78ac41!important; color:#000000; padding:10px; width:350px; height:150px;
border-width:2px; border-color:#b07050; border-style:solid; float:left; 
display:inline; 
}
.cr{color:#000000; font-family:Ariel; font-size:8pt;
font-weight:normal; font-style:italic;
}
</style>
</head>

<body>
<h4>Transaction results appear here.</h4>
<CFFILE ACTION="read"
FILE="d:\html\users\cfxa2\zanaducom\html\Test\CardTech\tempfile.txt"
VARIABLE="result">
<CFOUTPUT>
<CFIF IsDefined('result')>
<b>The returned string is:<br>
<font size="-1">#result#</font></b>
<CFELSE>
<b>
No return found</b>
</CFIF>
<div class="toptable">
The string can be converted to an array of name/value pairs by splitting on the "&" sign.<br><br>
<CFSET responsearray = ListToArray(result, "&")>
The array length is #ArrayLen(responsearray)#
<br><br>
The returned array values are:<br><br>
<CFLOOP INDEX="k" FROM="1" TO="#ArrayLen(responsearray)#">
#responsearray[k]#<br>
<CFIF #k# gt 20><CFBREAK></CFIF><!--- prevent an endless loop for any reason --->
</CFLOOP>
</CFOUTPUT><br><br>
If this was a type=auth transaction, you can return to the <a href="mytest.htm">
form page</a> and enter the transaction id and change type to capture to test
the capture mode.
</div>

<CFOUTPUT>
<p><CFSET end =GetTickCount()>
process duration = #Evaluate((end-begin)/1000)# seconds
</CFOUTPUT>
</CFLOCK>

<center class="cr">
<p> <p><a href="http://ImagineNation.com" target="_blank">ImagineNation</a><br>© 1996 - 2006
</center>
</body></html>


import java.util.*;
import java.io.*;
import java.net.*;
import java.security.*;
import java.text.*;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;

class PaymentGateway {

  protected String server;
  protected String port;
  protected String path;
  protected String username;
  protected String password;

  public PaymentGateway(String user, String pass)
  {

    server = "velox.transactiongateway.com";
    port = "443";
    path = "https://velox.transactiongateway.com/api/transact.php";
    username = user;
    password = pass;

  }

  public HashMap doSale( double amount,
                           String ccNumber,
                           String ccExp
                           ) throws Exception
  {
      HashMap result = new HashMap();
      HashMap request = new HashMap();

      DecimalFormat form = new DecimalFormat("#.00");

      request.put("amount", form.format(amount));
      request.put("type", "sale");
      request.put("ccnumber", ccNumber);
      request.put("ccexp", ccExp);

      String data_out = prepareRequest(request);

      String error = "";
      String data_in = "";
      boolean success = true;
      try {
          HashMap retval = postForm(data_out);
          data_in = (String)retval.get("response");
          result.put("transactionid", retval.get("transactionid"));
      } catch (IOException e) {
          success = false;
          error = "Connect error, " + e.getMessage();
      } catch (Exception e) {
          success = false;
          error = e.getMessage();
      }
      if (!success) {
          throw new Exception(error);
      }

      return result;
  }

  // Utility Functions

  public String prepareRequest(HashMap request) {

      if (request.size() == 0) {
         return "";
      }

      request.put("username", username);
      request.put("password", password);

      Set s = request.keySet();
      Iterator i = s.iterator();
      Object key = i.next();
      StringBuffer buffer = new StringBuffer();



      buffer.append(key).append("=")
            .append(URLEncoder.encode((String) request.get(key)));

      while (i.hasNext()) {
          key = i.next();
          buffer.append("&").append(key).append("=")
                .append(URLEncoder.encode((String) request.get(key)));
      }

      return buffer.toString();

  }

  protected HashMap postForm(String data) throws Exception {

     HashMap result = new HashMap();

     HttpURLConnection postConn;

     HostnameVerifier hv = new HostnameVerifier() {
        public boolean verify(String urlHostName, SSLSession session) {
            return true;
        }
     };

     HttpsURLConnection.setDefaultHostnameVerifier(hv);

     URL post = new URL("https", server, Integer.parseInt(port), path);
     postConn = (HttpURLConnection)post.openConnection();

     postConn.setRequestMethod("POST");
     postConn.setDoOutput(true);

     PrintWriter out = new PrintWriter(postConn.getOutputStream());
     out.print(data);
     out.close();

     BufferedReader in =
        new BufferedReader(new InputStreamReader(postConn.getInputStream()));

     String inputLine;
     StringBuffer buffer = new StringBuffer();
     while ((inputLine = in.readLine()) != null) {
        buffer.append(inputLine);
     }
     in.close();


     String response = buffer.toString();

     result.put("response", response);

     // Parse Result
     StringTokenizer st = new StringTokenizer(response, "&");
     while (st.hasMoreTokens()) {
        String varString = st.nextToken();
        StringTokenizer varSt = new StringTokenizer(varString, "=");
        if (varSt.countTokens() > 2 || varSt.countTokens()<1) {
            throw new Exception("Bad variable from processor center: " + varString);
        }
        if (varSt.countTokens()==1) {
            result.put(varSt.nextToken(), "");
        } else {
            result.put(varSt.nextToken(), varSt.nextToken());
        }
     }

     if (result.get("response")=="") {
        throw new Exception("Bad response from processor center" + response);
     }

     if (!result.get("response").toString().equals("1")) {
        throw new Exception(result.get("responsetext").toString());
     }

     return result;
  }

}

public class TestPaymentGateway
{
    public static void main(String arg[])
    {
        HashMap retval = new HashMap();
        PaymentGateway gw = new PaymentGateway("demo", "password");

        try {
            retval = gw.doSale(10.05, "4111111111111111", "0909");
            System.out.println("Success\nTransId: " + retval.get("transactionid") + "\n");
        } catch (Exception e) {
            System.out.println("Error: " + e.getMessage());
        }

    }
}



define("APPROVED", 1);
define("DECLINED", 2);
define("ERROR", 3);

class gwapi {

// Initial Setting Functions

  function setLogin($username, $password) {
    $this->login['username'] = $username;
    $this->login['password'] = $password;
  }

  function setOrder($orderid,
        $orderdescription,
        $tax,
        $shipping,
        $ponumber,
        $ipaddress) {
    $this->order['orderid']          = $orderid;
    $this->order['orderdescription'] = $orderdescription;
    $this->order['tax']              = $tax;
    $this->order['shipping']         = $shipping;
    $this->order['ponumber']         = $ponumber;
    $this->order['ipaddress']        = $ipaddress;
  }

  function setBilling($firstname,
        $lastname,
        $company,
        $address1,
        $address2,
        $city,
        $state,
        $zip,
        $country,
        $phone,
        $fax,
        $email,
        $website) {
    $this->billing['firstname'] = $firstname;
    $this->billing['lastname']  = $lastname;
    $this->billing['company']   = $company;
    $this->billing['address1']  = $address1;
    $this->billing['address2']  = $address2;
    $this->billing['city']      = $city;
    $this->billing['state']     = $state;
    $this->billing['zip']       = $zip;
    $this->billing['country']   = $country;
    $this->billing['phone']     = $phone;
    $this->billing['fax']       = $fax;
    $this->billing['email']     = $email;
    $this->billing['website']   = $website;
  }

  function setShipping($firstname,
        $lastname,
        $company,
        $address1,
        $address2,
        $city,
        $state,
        $zip,
        $country,
        $email) {
    $this->shipping['firstname'] = $firstname;
    $this->shipping['lastname']  = $lastname;
    $this->shipping['company']   = $company;
    $this->shipping['address1']  = $address1;
    $this->shipping['address2']  = $address2;
    $this->shipping['city']      = $city;
    $this->shipping['state']     = $state;
    $this->shipping['zip']       = $zip;
    $this->shipping['country']   = $country;
    $this->shipping['email']     = $email;
  }

  // Transaction Functions

  function doSale($amount, $ccnumber, $ccexp, $cvv="") {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Sales Information
    $query .= "ccnumber=" . urlencode($ccnumber) . "&";
    $query .= "ccexp=" . urlencode($ccexp) . "&";
    $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    $query .= "cvv=" . urlencode($cvv) . "&";
    // Order Information
    $query .= "ipaddress=" . urlencode($this->order['ipaddress']) . "&";
    $query .= "orderid=" . urlencode($this->order['orderid']) . "&";
    $query .= "orderdescription=" . urlencode($this->order['orderdescription']) . "&";
    $query .= "tax=" . urlencode(number_format($this->order['tax'],2,".","")) . "&";
    $query .= "shipping=" . urlencode(number_format($this->order['shipping'],2,".","")) . "&";
    $query .= "ponumber=" . urlencode($this->order['ponumber']) . "&";
    // Billing Information
    $query .= "firstname=" . urlencode($this->billing['firstname']) . "&";
    $query .= "lastname=" . urlencode($this->billing['lastname']) . "&";
    $query .= "company=" . urlencode($this->billing['company']) . "&";
    $query .= "address1=" . urlencode($this->billing['address1']) . "&";
    $query .= "address2=" . urlencode($this->billing['address2']) . "&";
    $query .= "city=" . urlencode($this->billing['city']) . "&";
    $query .= "state=" . urlencode($this->billing['state']) . "&";
    $query .= "zip=" . urlencode($this->billing['zip']) . "&";
    $query .= "country=" . urlencode($this->billing['country']) . "&";
    $query .= "phone=" . urlencode($this->billing['phone']) . "&";
    $query .= "fax=" . urlencode($this->billing['fax']) . "&";
    $query .= "email=" . urlencode($this->billing['email']) . "&";
    $query .= "website=" . urlencode($this->billing['website']) . "&";
    // Shipping Information
    $query .= "shipping_firstname=" . urlencode($this->shipping['firstname']) . "&";
    $query .= "shipping_lastname=" . urlencode($this->shipping['lastname']) . "&";
    $query .= "shipping_company=" . urlencode($this->shipping['company']) . "&";
    $query .= "shipping_address1=" . urlencode($this->shipping['address1']) . "&";
    $query .= "shipping_address2=" . urlencode($this->shipping['address2']) . "&";
    $query .= "shipping_city=" . urlencode($this->shipping['city']) . "&";
    $query .= "shipping_state=" . urlencode($this->shipping['state']) . "&";
    $query .= "shipping_zip=" . urlencode($this->shipping['zip']) . "&";
    $query .= "shipping_country=" . urlencode($this->shipping['country']) . "&";
    $query .= "shipping_email=" . urlencode($this->shipping['email']) . "&";
    $query .= "type=sale";
    return $this->_doPost($query);
  }

  function doAuth($amount, $ccnumber, $ccexp, $cvv="") {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Sales Information
    $query .= "ccnumber=" . urlencode($ccnumber) . "&";
    $query .= "ccexp=" . urlencode($ccexp) . "&";
    $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    $query .= "cvv=" . urlencode($cvv) . "&";
    // Order Information
    $query .= "ipaddress=" . urlencode($this->order['ipaddress']) . "&";
    $query .= "orderid=" . urlencode($this->order['orderid']) . "&";
    $query .= "orderdescription=" . urlencode($this->order['orderdescription']) . "&";
    $query .= "tax=" . urlencode(number_format($this->order['tax'],2,".","")) . "&";
    $query .= "shipping=" . urlencode(number_format($this->order['shipping'],2,".","")) . "&";
    $query .= "ponumber=" . urlencode($this->order['ponumber']) . "&";
    // Billing Information
    $query .= "firstname=" . urlencode($this->billing['firstname']) . "&";
    $query .= "lastname=" . urlencode($this->billing['lastname']) . "&";
    $query .= "company=" . urlencode($this->billing['company']) . "&";
    $query .= "address1=" . urlencode($this->billing['address1']) . "&";
    $query .= "address2=" . urlencode($this->billing['address2']) . "&";
    $query .= "city=" . urlencode($this->billing['city']) . "&";
    $query .= "state=" . urlencode($this->billing['state']) . "&";
    $query .= "zip=" . urlencode($this->billing['zip']) . "&";
    $query .= "country=" . urlencode($this->billing['country']) . "&";
    $query .= "phone=" . urlencode($this->billing['phone']) . "&";
    $query .= "fax=" . urlencode($this->billing['fax']) . "&";
    $query .= "email=" . urlencode($this->billing['email']) . "&";
    $query .= "website=" . urlencode($this->billing['website']) . "&";
    // Shipping Information
    $query .= "shipping_firstname=" . urlencode($this->shipping['firstname']) . "&";
    $query .= "shipping_lastname=" . urlencode($this->shipping['lastname']) . "&";
    $query .= "shipping_company=" . urlencode($this->shipping['company']) . "&";
    $query .= "shipping_address1=" . urlencode($this->shipping['address1']) . "&";
    $query .= "shipping_address2=" . urlencode($this->shipping['address2']) . "&";
    $query .= "shipping_city=" . urlencode($this->shipping['city']) . "&";
    $query .= "shipping_state=" . urlencode($this->shipping['state']) . "&";
    $query .= "shipping_zip=" . urlencode($this->shipping['zip']) . "&";
    $query .= "shipping_country=" . urlencode($this->shipping['country']) . "&";
    $query .= "shipping_email=" . urlencode($this->shipping['email']) . "&";
    $query .= "type=auth";
    return $this->_doPost($query);
  }

  function doCredit($amount, $ccnumber, $ccexp) {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Sales Information
    $query .= "ccnumber=" . urlencode($ccnumber) . "&";
    $query .= "ccexp=" . urlencode($ccexp) . "&";
    $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    // Order Information
    $query .= "ipaddress=" . urlencode($this->order['ipaddress']) . "&";
    $query .= "orderid=" . urlencode($this->order['orderid']) . "&";
    $query .= "orderdescription=" . urlencode($this->order['orderdescription']) . "&";
    $query .= "tax=" . urlencode(number_format($this->order['tax'],2,".","")) . "&";
    $query .= "shipping=" . urlencode(number_format($this->order['shipping'],2,".","")) . "&";
    $query .= "ponumber=" . urlencode($this->order['ponumber']) . "&";
    // Billing Information
    $query .= "firstname=" . urlencode($this->billing['firstname']) . "&";
    $query .= "lastname=" . urlencode($this->billing['lastname']) . "&";
    $query .= "company=" . urlencode($this->billing['company']) . "&";
    $query .= "address1=" . urlencode($this->billing['address1']) . "&";
    $query .= "address2=" . urlencode($this->billing['address2']) . "&";
    $query .= "city=" . urlencode($this->billing['city']) . "&";
    $query .= "state=" . urlencode($this->billing['state']) . "&";
    $query .= "zip=" . urlencode($this->billing['zip']) . "&";
    $query .= "country=" . urlencode($this->billing['country']) . "&";
    $query .= "phone=" . urlencode($this->billing['phone']) . "&";
    $query .= "fax=" . urlencode($this->billing['fax']) . "&";
    $query .= "email=" . urlencode($this->billing['email']) . "&";
    $query .= "website=" . urlencode($this->billing['website']) . "&";
    $query .= "type=credit";
    return $this->_doPost($query);
  }

  function doOffline($authorizationcode, $amount, $ccnumber, $ccexp) {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Sales Information
    $query .= "ccnumber=" . urlencode($ccnumber) . "&";
    $query .= "ccexp=" . urlencode($ccexp) . "&";
    $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    $query .= "authorizationcode=" . urlencode($authorizationcode) . "&";
    // Order Information
    $query .= "ipaddress=" . urlencode($this->order['ipaddress']) . "&";
    $query .= "orderid=" . urlencode($this->order['orderid']) . "&";
    $query .= "orderdescription=" . urlencode($this->order['orderdescription']) . "&";
    $query .= "tax=" . urlencode(number_format($this->order['tax'],2,".","")) . "&";
    $query .= "shipping=" . urlencode(number_format($this->order['shipping'],2,".","")) . "&";
    $query .= "ponumber=" . urlencode($this->order['ponumber']) . "&";
    // Billing Information
    $query .= "firstname=" . urlencode($this->billing['firstname']) . "&";
    $query .= "lastname=" . urlencode($this->billing['lastname']) . "&";
    $query .= "company=" . urlencode($this->billing['company']) . "&";
    $query .= "address1=" . urlencode($this->billing['address1']) . "&";
    $query .= "address2=" . urlencode($this->billing['address2']) . "&";
    $query .= "city=" . urlencode($this->billing['city']) . "&";
    $query .= "state=" . urlencode($this->billing['state']) . "&";
    $query .= "zip=" . urlencode($this->billing['zip']) . "&";
    $query .= "country=" . urlencode($this->billing['country']) . "&";
    $query .= "phone=" . urlencode($this->billing['phone']) . "&";
    $query .= "fax=" . urlencode($this->billing['fax']) . "&";
    $query .= "email=" . urlencode($this->billing['email']) . "&";
    $query .= "website=" . urlencode($this->billing['website']) . "&";
    // Shipping Information
    $query .= "shipping_firstname=" . urlencode($this->shipping['firstname']) . "&";
    $query .= "shipping_lastname=" . urlencode($this->shipping['lastname']) . "&";
    $query .= "shipping_company=" . urlencode($this->shipping['company']) . "&";
    $query .= "shipping_address1=" . urlencode($this->shipping['address1']) . "&";
    $query .= "shipping_address2=" . urlencode($this->shipping['address2']) . "&";
    $query .= "shipping_city=" . urlencode($this->shipping['city']) . "&";
    $query .= "shipping_state=" . urlencode($this->shipping['state']) . "&";
    $query .= "shipping_zip=" . urlencode($this->shipping['zip']) . "&";
    $query .= "shipping_country=" . urlencode($this->shipping['country']) . "&";
    $query .= "shipping_email=" . urlencode($this->shipping['email']) . "&";
    $query .= "type=offline";
    return $this->_doPost($query);
  }

  function doCapture($transactionid, $amount =0) {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Transaction Information
    $query .= "transactionid=" . urlencode($transactionid) . "&";
    if ($amount>0) {
        $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    }
    $query .= "type=capture";
    return $this->_doPost($query);
  }

  function doVoid($transactionid) {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Transaction Information
    $query .= "transactionid=" . urlencode($transactionid) . "&";
    $query .= "type=void";
    return $this->_doPost($query);
  }

  function doRefund($transactionid, $amount = 0) {

    $query  = "";
    // Login Information
    $query .= "username=" . urlencode($this->login['username']) . "&";
    $query .= "password=" . urlencode($this->login['password']) . "&";
    // Transaction Information
    $query .= "transactionid=" . urlencode($transactionid) . "&";
    if ($amount>0) {
        $query .= "amount=" . urlencode(number_format($amount,2,".","")) . "&";
    }
    $query .= "type=refund";
    return $this->_doPost($query);
  }

  function _doPost($query) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, "https://velox.transactiongateway.com/api/transact.php");
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
    curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

    curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
    curl_setopt($ch, CURLOPT_POST, 1);

    if (!($data = curl_exec($ch))) {
        return ERROR;
    }
    curl_close($ch);
    unset($ch);
    print "\n$data\n";
    $data = explode("&",$data);
    for($i=0;$i<count($data);$i++) {
        $rdata = explode("=",$data[$i]);
        $this->responses[$rdata[0]] = $rdata[1];
    }
    return $this->responses['response'];
  }
}

$gw = new gwapi;
$gw->setLogin("demo", "password");
$gw->setBilling("John","Smith","Acme, Inc.","123 Main St","Suite 200", "Beverly Hills",
        "CA","90210","US","555-555-5555","555-555-5556","support@example.com",
        "www.example.com");
$gw->setShipping("Mary","Smith","na","124 Shipping Main St","Suite Ship", "Beverly Hills",
        "CA","90210","US","support@example.com");
$gw->setOrder("1234","Big Order",1, 2, "PO1234","65.192.14.10");

$r = $gw->doSale("50.00","4111111111111111","1010");
print $gw->responses['responsetext'];
    

###########################################################
#                                                         #
#  D I S C L A I M E R                                    #
#                                                         #
#  WARNING: ANY USE BY YOU OF THE SAMPLE CODE PROVIDED    #
#  IS AT YOUR OWN RISK.                                   #
#                                                         #
#  The code is  provided  "as is" without                 #
#  warranty of any kind, either express or implied,       #
#  including but not limited to the implied warranties    #
#  of merchantability and/or fitness for a particular     #
#  purpose.                                               #
#                                                         #
#                                                         #
###########################################################



import pycurl
import urllib
import urlparse
import StringIO


class gwapi():

    def __init__(self):
        self.login= dict()
        self.order = dict()
        self.billing = dict()
        self.shipping = dict()
        self.responses = dict()

    def setLogin(self,username,password):
        self.login['password'] = password
        self.login['username'] = username

    def setOrder(self, orderid, orderdescription, tax, shipping, ponumber,ipadress):
        self.order['orderid'] = orderid;
        self.order['orderdescription'] = orderdescription
        self.order['shipping'] = '{0:.2f}'.format(float(shipping))
        self.order['ipaddress'] = ipadress
        self.order['tax'] = '{0:.2f}'.format(float(tax))
        self.order['ponumber'] = ponumber


    def setBilling(self,
            firstname,
            lastname,
            company,
            address1,
            address2,
            city,
            state,
            zip,
            country,
            phone,
            fax,
            email,
            website):
        self.billing['firstname'] = firstname
        self.billing['lastname']  = lastname
        self.billing['company']   = company
        self.billing['address1']  = address1
        self.billing['address2']  = address2
        self.billing['city']      = city
        self.billing['state']     = state
        self.billing['zip']       = zip
        self.billing['country']   = country
        self.billing['phone']     = phone
        self.billing['fax']       = fax
        self.billing['email']     = email
        self.billing['website']   = website

    def setShipping(self,firstname,
            lastname,
            company,
            address1,
            address2,
            city,
            state,
            zipcode,
            country,
            email):
        self.shipping['firstname'] = firstname
        self.shipping['lastname']  = lastname
        self.shipping['company']   = company
        self.shipping['address1']  = address1
        self.shipping['address2']  = address2
        self.shipping['city']      = city
        self.shipping['state']     = state
        self.shipping['zip']       = zipcode
        self.shipping['country']   = country
        self.shipping['email']     = email


    def doSale(self,amount, ccnumber, ccexp, cvv=''):

        query  = ""
        # Login Information

        query = query + "username=" + urllib.quote(self.login['username']) + "&"
        query += "password=" + urllib.quote(self.login['password']) + "&"
        # Sales Information
        query += "ccnumber=" + urllib.quote(ccnumber) + "&"
        query += "ccexp=" + urllib.quote(ccexp) + "&"
        query += "amount=" + urllib.quote('{0:.2f}'.format(float(amount))) + "&"
        if (cvv!=''):
            query += "cvv=" + urllib.quote(cvv) + "&"
        # Order Information
        for key,value in self.order.iteritems():
            query += key +"=" + urllib.quote(str(value)) + "&"

        # Billing Information
        for key,value in self.billing.iteritems():
            query += key +"=" + urllib.quote(str(value)) + "&"

        # Shipping Information
        for key,value in self.shipping.iteritems():
            query += key +"=" + urllib.quote(str(value)) + "&"

        query += "type=sale"
        return self.doPost(query)



    def doPost(self,query):
        responseIO = StringIO.StringIO()
        curlObj = pycurl.Curl()
        curlObj.setopt(pycurl.POST,1)
        curlObj.setopt(pycurl.CONNECTTIMEOUT,30)
        curlObj.setopt(pycurl.TIMEOUT,30)
        curlObj.setopt(pycurl.HEADER,0)
        curlObj.setopt(pycurl.SSL_VERIFYPEER,0)
        curlObj.setopt(pycurl.WRITEFUNCTION,responseIO.write);

        curlObj.setopt(pycurl.URL,"https://velox.transactiongateway.com/api/transact.php")

        curlObj.setopt(pycurl.POSTFIELDS,query)

        curlObj.perform()

        data = responseIO.getvalue()
        temp = urlparse.parse_qs(data)
        for key,value in temp.iteritems():
            self.responses[key] = value[0]
        return self.responses['response']

# NOTE: your username and password should replace the ones below
gw = gwapi()
gw.setLogin("demo", "password");

gw.setBilling("John","Smith","Acme, Inc.","123 Main St","Suite 200", "Beverly Hills",
        "CA","90210","US","555-555-5555","555-555-5556","support@example.com",
        "www.example.com")
gw.setShipping("Mary","Smith","na","124 Shipping Main St","Suite Ship", "Beverly Hills",
        "CA","90210","US","support@example.com")
gw.setOrder("1234","Big Order",1, 2, "PO1234","65.192.14.10")

r = gw.doSale("5.00","4111111111111111","1212",'999')
print gw.responses['response']

if (int(gw.responses['response']) == 1) :
    print "Approved"
elif (int(gw.responses['response']) == 2) :
    print "Declined"
elif (int(gw.responses['response']) == 3) :
    print "Error"



###########################################################
#                                                         #
#  D I S C L A I M E R                                    #
#                                                         #
#  WARNING: ANY USE BY YOU OF THE SAMPLE CODE PROVIDED    #
#  IS AT YOUR OWN RISK.                                   #
#                                                         #
#  The code is  provided  "as is" without                 #
#  warranty of any kind, either express or implied,       #
#  including but not limited to the implied warranties    #
#  of merchantability and/or fitness for a particular     #
#  purpose.                                               #
#                                                         #
#                                                         #
###########################################################



require 'rubygems'
require 'curb'
require 'uri'
require 'addressable/uri'



class GwApi

    def initialize()
        @login = {}
        @order = {}
        @billing = {}
        @shipping = {}
        @responses = {}
    end

    def setLogin(username,password)
        @login['password'] = password
        @login['username'] = username
    end

    def setOrder( orderid, orderdescription, tax, shipping, ponumber,ipadress)
        @order['orderid'] = orderid;
        @order['orderdescription'] = orderdescription
        @order['shipping'] = "%.2f" % shipping
        @order['ipaddress'] = ipadress
        @order['tax'] = "%.2f" % tax
        @order['ponumber'] = ponumber
    end

    def setBilling(
            firstname,
            lastname,
            company,
            address1,
            address2,
            city,
            state,
            zip,
            country,
            phone,
            fax,
            email,
            website)
        @billing['firstname'] = firstname
        @billing['lastname']  = lastname
        @billing['company']   = company
        @billing['address1']  = address1
        @billing['address2']  = address2
        @billing['city']      = city
        @billing['state']     = state
        @billing['zip']       = zip
        @billing['country']   = country
        @billing['phone']     = phone
        @billing['fax']       = fax
        @billing['email']     = email
        @billing['website']   = website
    end

    def setShipping(firstname,
            lastname,
            company,
            address1,
            address2,
            city,
            state,
            zipcode,
            country,
            email)
        @shipping['firstname'] = firstname
        @shipping['lastname']  = lastname
        @shipping['company']   = company
        @shipping['address1']  = address1
        @shipping['address2']  = address2
        @shipping['city']      = city
        @shipping['state']     = state
        @shipping['zip']       = zipcode
        @shipping['country']   = country
        @shipping['email']     = email

    end

    def doSale(amount, ccnumber, ccexp, cvv='')

        query  = ""
        # Login Information

        query = query + "username=" + URI.escape(@login['username']) + "&"
        query += "password=" + URI.escape(@login['password']) + "&"
        # Sales Information
        query += "ccnumber=" + URI.escape(ccnumber) + "&"
        query += "ccexp=" + URI.escape(ccexp) + "&"
        query += "amount=" + URI.escape("%.2f" %amount) + "&"
        if (cvv!='')
            query += "cvv=" + URI.escape(cvv) + "&"
        end

        # Order Information
        @order.each do | key,value|
            query += key +"=" + URI.escape(value) + "&"
        end

        # Billing Information
        @billing.each do | key,value|
            query += key +"=" + URI.escape(value) + "&"
        end
        # Shipping Information

        @shipping.each do | key,value|
            query += key +"=" + URI.escape(value) + "&"
        end

        query += "type=sale"
        return doPost(query)
    end


    def doPost(query)


        curlObj = Curl::Easy.new("https://velox.transactiongateway.com/api/transact.php")
        curlObj.connect_timeout = 30
        curlObj.timeout = 30
        curlObj.header_in_body = false
        curlObj.ssl_verify_peer=false
        curlObj.post_body = query
        curlObj.perform()
        data = curlObj.body_str

        # NOTE: The domain name below is simply used to create a full URI to allow URI.parse to parse out the query values
        # for us. It is not used to send any data
        data = '"https://velox.transactiongateway.com/api/transact.php?' + data
        uri = Addressable::URI.parse(data)
        @responses = uri.query_values
        return @responses['response']
    end

    def getResponses()
        return @responses
    end
end

gw = GwApi.new()
# NOTE: your username and password should replace the ones below
gw.setLogin("demo", "password");

gw.setBilling("John","Smith","Acme, Inc.","123 Main St","Suite 200", "Beverly Hills",
        "CA","90210","US","555-555-5555","555-555-5556","support@example.com",
        "www.example.com")

gw.setShipping("Mary","Smith","na","124 Shipping Main St","Suite Ship", "Beverly Hills",
        "CA","90210","US","support@example.com")

gw.setOrder("1234","Big Order",1, 2, "PO1234","65.192.14.10")

r = gw.doSale("5.00","4111111111111111","1212",'999')
myResponses = gw.getResponses

print myResponses['response'] + "  "

if (myResponses['response'] == '1')
    print "Approved \n"
elsif (myResponses['response'] == '2')
    print "Declined \n"
elsif (myResponses['response'] == '3')
    print "Error \n"
end


function testXmlQuery($username,$password,$constraints)
{
    // transactionFields has all of the fields we want to validate
    // in the transaction tag in the XML output
    $transactionFields = array(
        'transaction_id',
        'transaction_type',
        'condition',
        'order_id',
        'authorization_code',
        'ponumber',
        'order_description',
        'avs_response',
        'csc_response',


        'first_name',
        'last_name',
        'address_1',
        'address_2',
        'company',
        'city',
        'state',
        'postal_code',
        'country',
        'email',
        'phone',
        'fax',
        'cell_phone',
        'customertaxid',
        'customerid',
        'website',

        'shipping_last_name',
        'shipping_address_1',
        'shipping_address_2',
        'shipping_company',
        'shipping_city',
        'shipping_state',
        'shipping_postal_code',
        'shipping_country',
        'shipping_email',
        'shipping_carrier',
        'tracking_number',

        'cc_number',
        'cc_hash',
        'cc_exp',
        'cc_bin',
        'avs_response',
        'csc_response',
        'cardholder_auth',

        'processor_id',

        'tax');
    // actionFields is used to validate the XML tags in the
    // action element
     $actionFields = array(
         'amount',
         'action_type',
         'date',
         'success',
         'ip_address',
         'source',
         'response_text'
          );

    $mycurl=curl_init();
    $postStr='username='.$username.'&password='.$password. $constraints;
    $url="https://velox.transactiongateway.com/api/query.php?". $postStr;
    curl_setopt($mycurl, CURLOPT_URL, $url);
    curl_setopt($mycurl, CURLOPT_RETURNTRANSFER, 1);
    $responseXML=curl_exec($mycurl);
    curl_close($mycurl);

    $testXmlSimple= new SimpleXMLElement($responseXML);

    if (!isset($testXmlSimple->transaction)) {
            throw new NmExUser('No transactions returned');
    }

    $transNum = 1;
    foreach($testXmlSimple->transaction as $transaction) {
        foreach ($transactionFields as $xmlField) {
            if (!isset($transaction->{$xmlField}[0])){
                throw new NmExUser('Error in transaction_id:'. $transaction->transaction_id[0] .' id  Transaction tag is missing  field ' . $xmlField);
            }
        }
        if (!isset ($transaction->action)) {
            throw new nmExUser('Error, Action tag is missing from transaction_id '. $transaction->transaction_id[0]);
        }

        $actionNum = 1;
        foreach ($transaction->action as $action){
            foreach ($actionFields as $xmlField){
                if (!isset($action->{$xmlField}[0])){
                    throw new NmExUser('Error with transaction_id'.$transaction->transaction_id[0].'
                                        Action number '. $actionNum . ' Action tag is missing field ' . $xmlField);
                }
            }
            $actionNum++;
        }
        $transNum++;
    }

    return;
}

try {

    $constraints = "&action_type=sale&start_date=20060913";
    $result = testXmlQuery('test123','test1234',$constraints);
    print "Success.\n";

} catch (Exception $e) {

    $e->outputText();

}

Download example as a ZIP file

Example Files:

[ Back to Top ]

c_sharp/step1.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="step1.aspx.cs" Inherits="ThreeStepExample._Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
       
    <title>Collect non-sensitive Customer Info</title>
    <style type="text/css">
        .style1
        {
            margin-left: 150px;
        }
    </style>
</head>
<body>
    
        
        <form id="form1" runat="server" action="step1.aspx" >
       
            <h2>Step One: Collect non-sensitive payment information.<br /></h2>

            <h3> Customer Information</h3>
            <h4> Billing Details</h4>

              <table>
                  <tr><td>Customer Vault Id  </td><td><asp:TextBox ID="CustomerVaultId" runat="server"></asp:TextBox></td></tr>
                  <tr><td>Company</td><td><asp:TextBox ID="billingAddressCompany" runat="server">Acme, Inc.</asp:TextBox> </td></tr>
                  <tr><td>First Name </td><td><asp:TextBox ID="billingAddressFirstName" runat="server"> John</asp:TextBox></td></tr>
                  <tr><td>Last Name </td><td><asp:TextBox ID="billingAddressLastName" runat="server" value="Smith"/></td></tr>
                  <tr><td>Address </td><td><asp:TextBox ID="billingAddressAddress1" runat="server" value="1234 Main St."/></td></tr>
                  <tr><td>City </td><td><asp:TextBox ID="billingAddressCity" runat="server" value="Beverly Hills"/></td></tr>
                  <tr><td>State/Province </td><td><asp:TextBox ID="billingAddressState" runat="server" value="CA"/></td></tr>
                  <tr><td>Zip/Postal </td><td><asp:TextBox ID="billingAddressZip" runat="server" value="90210"/></td></tr>
                  <tr><td>Country </td><td><asp:TextBox ID="billingAddressCountry" runat="server" value="US"/></td></tr>
                  <tr><td>Phone Number </td><td><asp:TextBox ID="billingAddressPhone" runat="server" value="555-555-5555"/></td></tr>
                  <tr><td>Email Address </td><td><asp:TextBox ID="billingAddressEmail" runat="server" value="test@example.com"/></td></tr>

		          <tr><td><h4><br /> Shipping Details</h4> </td></tr>
                  <tr><td>First Name </td><td><asp:TextBox ID="shippingAddressFirstName" runat="server" value="Mary"/></td></tr>
                  <tr><td>Last Name </td><td><asp:TextBox ID="shippingAddressLastName" runat="server" value="Smith"/></td></tr>
                  <tr><td>Address </td><td><asp:TextBox ID="shippingAddressAddress1" runat="server" value="1234 Main St."/></td></tr>
                  <tr><td>Suite</td><td><asp:TextBox ID="shippingAddressAddress2" runat="server" value="Unit #2"/></td></tr>
                  <tr><td>City </td><td><asp:TextBox ID="shippingAddressCity"  runat ="server"    value="Beverly Hills"/></td></tr>
                   <tr><td>State/Province </td><td><asp:TextBox ID="shippingAddressState" runat="server"  value="CA"/></td></tr>
                  <tr><td>Zip/Postal </td><td><asp:TextBox ID="shippingAddressZip" runat="server" value="90210"/></td></tr>
                  <tr><td>Country</td><td><asp:TextBox ID="shippingAddressCountry" runat="server" value="US"/></td></tr>
                  <tr><td>Phone Number </td><td><asp:TextBox ID="shippingAddressPhone" runat="server" value="555-555-5555"/></td></tr>
                  <tr><td colspan="2"> </td></tr>
	              <tr><td colspan="2" align="center">Total Amount $12.00 </td></tr>
                  <tr><td colspan="2" align="center"><asp:Button   runat="server"    Text="Submit Step One"
                           ID="submitStepOne" onclick="stepOneSubmit_Click" ></asp:Button> </td></tr>
              </table>
          
        </form>
        
        
      
    
</body>
</html>

[ Back to Top ]

c_sharp/step1.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Windows.Forms;
using System.Web.UI;
using System.Xml;
using System.Web.UI.WebControls;
using System.IO;
using System.Net;
using System.Text;
using System.Security.Cryptography.X509Certificates;

namespace ThreeStepExample
{
	public class Program :ICertificatePolicy {
		public bool CheckValidationResult (ServicePoint sp, 
			X509Certificate certificate, WebRequest request, int error)
		{
			return true;
		}
}
    public partial class _Default :System.Web.UI.Page 
    {
        protected void Page_Load(object sender, EventArgs e)
        {

            if (Request["token-id"] != null)
            {
                //MessageBox.Show(Request["token-id"]);
                XmlDocument xmlRequest = new XmlDocument();

                XmlDeclaration xmlDecl = xmlRequest.CreateXmlDeclaration("1.0", "UTF-8", "yes");

                XmlElement root = xmlRequest.DocumentElement;
                xmlRequest.InsertBefore(xmlDecl, root);


                XmlElement xmlCompleteTransaction = xmlRequest.CreateElement("complete-action");

                XmlElement xmlApiKey = xmlRequest.CreateElement("api-key");
				
                xmlApiKey.InnerText = "2F822Rw39fx762MaV7Yy86jXGTC7sCDy";
				
                xmlCompleteTransaction.AppendChild(xmlApiKey);


                XmlElement xmlTokenId = xmlRequest.CreateElement("token-id");
                xmlTokenId.InnerText = Request["token-id"];
                xmlCompleteTransaction.AppendChild(xmlTokenId);


                xmlRequest.AppendChild(xmlCompleteTransaction);


                string responseFromServer = this.sendXMLRequest(xmlRequest);
                XmlReader responseReader = XmlReader.Create(new StringReader(responseFromServer));


                XmlDocument xDoc = new XmlDocument();
                xDoc.Load(responseReader);
                XmlNodeList response = xDoc.GetElementsByTagName("result");
                XmlNodeList responseText = xDoc.GetElementsByTagName("result-text");
                
                Session["data"] = responseFromServer;
                Session["result"] = response[0].InnerText;
                Session["result-text"] = responseText[0].InnerText;

                responseReader.Close();
                Server.Transfer("step3.aspx");

            }
                      

        }

        protected void stepOneSubmit_Click(object sender, EventArgs e)
        {
          

            XmlDocument  xmlRequest = new XmlDocument();

            XmlDeclaration xmlDecl = xmlRequest.CreateXmlDeclaration("1.0","UTF-8","yes");
            
            XmlElement root = xmlRequest.DocumentElement;
            xmlRequest.InsertBefore(xmlDecl, root);


            XmlElement xmlSale = xmlRequest.CreateElement("sale");

            XmlElement xmlApiKey = xmlRequest.CreateElement("api-key");

			xmlApiKey.InnerText = "2F822Rw39fx762MaV7Yy86jXGTC7sCDy";
			
            xmlSale.AppendChild(xmlApiKey);

            XmlElement xmlRedirectUrl = xmlRequest.CreateElement("redirect-url");
            xmlRedirectUrl.InnerText = Request.ServerVariables["HTTP_REFERER"];
            xmlSale.AppendChild(xmlRedirectUrl);

            XmlElement xmlAmount = xmlRequest.CreateElement("amount");
            xmlAmount.InnerText = "12.00";
            xmlSale.AppendChild(xmlAmount);

            XmlElement xmlRemoteAddr = xmlRequest.CreateElement("ip-address");
            xmlRemoteAddr.InnerText = Request.ServerVariables["REMOTE_ADDR"];
            xmlSale.AppendChild(xmlRemoteAddr);

            XmlElement xmlCurrency = xmlRequest.CreateElement("currency");
            xmlCurrency.InnerText = "USD";
            xmlSale.AppendChild(xmlCurrency);

            XmlElement xmlOrderId = xmlRequest.CreateElement("order-id");
            xmlOrderId.InnerText = "1234";
            xmlSale.AppendChild(xmlOrderId);

            XmlElement xmlOrderDescription = xmlRequest.CreateElement("order-description");
            xmlOrderDescription.InnerText = "Small Order";
            xmlSale.AppendChild(xmlOrderDescription);

            XmlElement xmlMDF1 = xmlRequest.CreateElement("merchant-defined-field-1");
            xmlMDF1.InnerText = "Red";
            xmlSale.AppendChild(xmlMDF1);

            XmlElement xmlMDF2 = xmlRequest.CreateElement("merchant-defined-field-2");
            xmlMDF2.InnerText = "Medium";
            xmlSale.AppendChild(xmlMDF2);

            XmlElement xmlTax = xmlRequest.CreateElement("tax-amount");
            xmlTax.InnerText = "0.00";
            xmlSale.AppendChild(xmlTax);

            XmlElement xmlShipping = xmlRequest.CreateElement("shipping-amount");
            xmlShipping.InnerText = "0.00";
            xmlSale.AppendChild(xmlShipping);

            if (!(CustomerVaultId.Text.Equals("") || CustomerVaultId.Text.Equals('0')))
            {
                XmlElement xmlCustomerVaultId = xmlRequest.CreateElement("customer-vault-id");
                xmlCustomerVaultId.InnerText = CustomerVaultId.Text;
                xmlSale.AppendChild(xmlCustomerVaultId);

            }
            //To Add a customer
           /* else
            {
                XmlElement xmlAddCustomer = xmlRequest.CreateElement("add-customer");

                XmlElement xmlCustomerVaultId = xmlRequest.CreateElement("customer-vault-id");
                xmlCustomerVaultId.InnerText = "411";
                xmlAddCustomer.AppendChild(xmlCustomerVaultId);
                
                xmlSale.AppendChild(xmlAddCustomer);
            }
            */ 
    


            XmlElement xmlBillingAddress = xmlRequest.CreateElement("billing");

            XmlElement xmlFirstName = xmlRequest.CreateElement("first-name");
            xmlFirstName.InnerText = billingAddressFirstName.Text;
            xmlBillingAddress.AppendChild(xmlFirstName);

            XmlElement xmlLastName = xmlRequest.CreateElement("last-name");
            xmlLastName.InnerText = billingAddressLastName.Text;
            xmlBillingAddress.AppendChild(xmlLastName);

            XmlElement xmlAddress1 = xmlRequest.CreateElement("address1");
            xmlAddress1.InnerText = billingAddressAddress1.Text;
            xmlBillingAddress.AppendChild(xmlAddress1);

            XmlElement xmlCity = xmlRequest.CreateElement("city");
            xmlCity.InnerText = billingAddressCity.Text;
            xmlBillingAddress.AppendChild(xmlCity);

            XmlElement xmlState = xmlRequest.CreateElement("state");
            xmlState.InnerText = billingAddressState.Text;
            xmlBillingAddress.AppendChild(xmlState);

            XmlElement xmlZip = xmlRequest.CreateElement("postal");
            xmlZip.InnerText = billingAddressZip.Text;
            xmlBillingAddress.AppendChild(xmlZip);

            XmlElement xmlCountry = xmlRequest.CreateElement("country");
            xmlCountry.InnerText = billingAddressCountry.Text;
            xmlBillingAddress.AppendChild(xmlCountry);

            XmlElement xmlPhone = xmlRequest.CreateElement("phone");
            xmlPhone.InnerText = billingAddressPhone.Text;
            xmlBillingAddress.AppendChild(xmlPhone);

            XmlElement xmlCompany = xmlRequest.CreateElement("company");
            xmlCompany.InnerText = billingAddressCompany.Text;
            xmlBillingAddress.AppendChild(xmlCompany);

            XmlElement xmlAddress2 = xmlRequest.CreateElement("address2");
            xmlAddress2.InnerText = billingAddressAddress1.Text;
            xmlBillingAddress.AppendChild(xmlAddress2);

            XmlElement xmlFax = xmlRequest.CreateElement("fax");
            xmlFax.InnerText = "";
            xmlBillingAddress.AppendChild(xmlFax);

            
            xmlSale.AppendChild(xmlBillingAddress);

            //////////

            XmlElement xmlShippingAddress = xmlRequest.CreateElement("shipping");

            XmlElement xmlSFirstName = xmlRequest.CreateElement("first-name");
            xmlSFirstName.InnerText = shippingAddressFirstName.Text;
            xmlShippingAddress.AppendChild(xmlSFirstName);

            XmlElement xmlSLastName = xmlRequest.CreateElement("last-name");
            xmlSLastName.InnerText = shippingAddressLastName.Text;
            xmlShippingAddress.AppendChild(xmlSLastName);

            XmlElement xmlSAddress1 = xmlRequest.CreateElement("address1");
            xmlSAddress1.InnerText = shippingAddressAddress1.Text;
            xmlShippingAddress.AppendChild(xmlSAddress1);

            XmlElement xmlSCity = xmlRequest.CreateElement("city");
            xmlSCity.InnerText = shippingAddressCity.Text;
            xmlShippingAddress.AppendChild(xmlSCity);

            XmlElement xmlSState = xmlRequest.CreateElement("state");
            xmlSState.InnerText = shippingAddressState.Text;
            xmlShippingAddress.AppendChild(xmlSState);

            XmlElement xmlSZip = xmlRequest.CreateElement("postal");
            xmlSZip.InnerText = shippingAddressZip.Text;
            xmlShippingAddress.AppendChild(xmlSZip);

            XmlElement xmlSCountry = xmlRequest.CreateElement("country");
            xmlSCountry.InnerText = shippingAddressCountry.Text;
            xmlShippingAddress.AppendChild(xmlSCountry);

            XmlElement xmlSPhone = xmlRequest.CreateElement("phone");
            xmlSPhone.InnerText = shippingAddressPhone.Text;
            xmlShippingAddress.AppendChild(xmlSPhone);

            XmlElement xmlSCompany = xmlRequest.CreateElement("company");
            xmlSCompany.InnerText = "";
            xmlShippingAddress.AppendChild(xmlSCompany);

            XmlElement xmlSAddress2 = xmlRequest.CreateElement("address2");
            xmlSAddress2.InnerText = shippingAddressAddress1.Text;
            xmlShippingAddress.AppendChild(xmlSAddress2);

            XmlElement xmlSFax = xmlRequest.CreateElement("fax");
            xmlFax.InnerText = "";
            xmlShippingAddress.AppendChild(xmlSFax);


            xmlSale.AppendChild(xmlShippingAddress);

            ////////////////

            XmlElement xmlProduct = xmlRequest.CreateElement("product");

            XmlElement xmlSku = xmlRequest.CreateElement("product-code");
            xmlSku.InnerText = "SKU-123456";
            xmlProduct.AppendChild(xmlSku);

            XmlElement xmlDescription = xmlRequest.CreateElement("description");
            xmlDescription.InnerText = "Books";
            xmlProduct.AppendChild(xmlDescription);

            XmlElement xmlQuantity = xmlRequest.CreateElement("quantity");
            xmlQuantity.InnerText = "1";
            xmlProduct.AppendChild(xmlQuantity);

            XmlElement xmlUnit = xmlRequest.CreateElement("unit-of-measure");
            xmlUnit.InnerText = "1";
            xmlProduct.AppendChild(xmlUnit);

           
            XmlElement xmlUnitAmount = xmlRequest.CreateElement("total-amount");
            xmlUnitAmount.InnerText = "1";
            xmlProduct.AppendChild(xmlUnitAmount);

            XmlElement xmlUnitDiscount = xmlRequest.CreateElement("discount-amount");
            xmlUnitDiscount.InnerText = "0.00";
            xmlProduct.AppendChild(xmlUnitDiscount);


            XmlElement xmlUnitTax = xmlRequest.CreateElement("tax-amount");
            xmlUnitTax.InnerText = "0.00";
            xmlProduct.AppendChild(xmlUnitTax);


            XmlElement xmlTaxRate = xmlRequest.CreateElement("tax-rate");
            xmlTaxRate.InnerText = "0.01";
            xmlProduct.AppendChild(xmlTaxRate);



            xmlSale.AppendChild(xmlProduct);
            ///////////////

            XmlElement xmlProduct2 = xmlRequest.CreateElement("product");

            XmlElement xmlSku2 = xmlRequest.CreateElement("product-code");
            xmlSku2.InnerText = "SKU-654321";
            xmlProduct2.AppendChild(xmlSku2);

            XmlElement xmlDescription2 = xmlRequest.CreateElement("description");
            xmlDescription2.InnerText = "Videos";
            xmlProduct2.AppendChild(xmlDescription2);

            XmlElement xmlQuantity2 = xmlRequest.CreateElement("quantity");
            xmlQuantity2.InnerText = "1";
            xmlProduct2.AppendChild(xmlQuantity2);

            XmlElement xmlUnit2 = xmlRequest.CreateElement("unit-of-measure");
            xmlUnit2.InnerText = "";
            xmlProduct2.AppendChild(xmlUnit2);



            XmlElement xmlUnitAmount2 = xmlRequest.CreateElement("total-amount");
            xmlUnitAmount2.InnerText = "2";
            xmlProduct2.AppendChild(xmlUnitAmount2);

            XmlElement xmlUnitDiscount2 = xmlRequest.CreateElement("discount-amount");
            xmlUnitDiscount2.InnerText = "0.00";
            xmlProduct2.AppendChild(xmlUnitDiscount2);


            XmlElement xmlUnitTax2 = xmlRequest.CreateElement("tax-amount");
            xmlUnitTax2.InnerText = "0.00";
            xmlProduct2.AppendChild(xmlUnitTax2);


            XmlElement xmlTaxRate2 = xmlRequest.CreateElement("tax-rate");
            xmlTaxRate2.InnerText = "0.01";
            xmlProduct2.AppendChild(xmlTaxRate2);



            xmlSale.AppendChild(xmlProduct2);


            xmlRequest.AppendChild(xmlSale);


            string responseFromServer = this.sendXMLRequest(xmlRequest);

            
            XmlReader responseReader = XmlReader.Create(new StringReader(responseFromServer));
        

            XmlDocument xDoc = new XmlDocument();
            xDoc.Load(responseReader);
            XmlNodeList response = xDoc.GetElementsByTagName("result");
            if (response[0].InnerText.Equals("1"))
            {
                XmlNodeList formUrl = xDoc.GetElementsByTagName("form-url");
                Session["formURL"] = "";
                Session["formURL"] =  formUrl[0].InnerText;
                responseReader.Close();
                Server.Transfer("step2.aspx");

            }
        }
	
        protected string sendXMLRequest(XmlDocument xmlRequest)
        {
		ServicePointManager.CertificatePolicy = new Program ();
            string uri = "https://velox.transactiongateway.com/api/v2/three-step";
			
            WebRequest req = WebRequest.Create(uri);
            //req.Proxy = WebProxy.GetDefaultProxy(); // Enable if using proxy
            req.Method = "POST";        // Post method
            req.ContentType = "text/xml";     // content type
            // Wrap the request stream with a text-based writer
            StreamWriter writer = new StreamWriter(req.GetRequestStream());
            // Write the XML text into the stream
            
            xmlRequest.Save(writer);
            
            writer.Close();
            // Send the data to the webserver
            WebResponse rsp = req.GetResponse();

            Stream dataStream = rsp.GetResponseStream();
            // Open the stream using a StreamReader 
            StreamReader reader = new StreamReader(dataStream);
            // Read the content.
            string responseFromServer = reader.ReadToEnd();

            // int index = responseFromServer.IndexOf("<?");
            //string substr = responseFromServer.Substring(index);
            // Display the content.
            //MessageBox.Show(responseFromServer);
            // Clean up the streams.

            reader.Close();
            dataStream.Close();
            rsp.Close();

            return responseFromServer;

        }
       
      
    }

    


}


[ Back to Top ]

c_sharp/step1.aspx.designer.cs

// ------------------------------------------------------------------------------
//  <autogenerated>
//      This code was generated by a tool.
//      Mono Runtime Version: 4.0.30319.1
// 
//      Changes to this file may cause incorrect behavior and will be lost if 
//      the code is regenerated.
//  </autogenerated>
// ------------------------------------------------------------------------------

namespace ThreeStepExample {
	
	
	public partial class _Default {
		
		protected System.Web.UI.HtmlControls.HtmlForm form1;
		
		protected System.Web.UI.WebControls.TextBox CustomerVaultId;
		
		protected System.Web.UI.WebControls.TextBox billingAddressCompany;
		
		protected System.Web.UI.WebControls.TextBox billingAddressFirstName;
		
		protected System.Web.UI.WebControls.TextBox billingAddressLastName;
		
		protected System.Web.UI.WebControls.TextBox billingAddressAddress1;
		
		protected System.Web.UI.WebControls.TextBox billingAddressCity;
		
		protected System.Web.UI.WebControls.TextBox billingAddressState;
		
		protected System.Web.UI.WebControls.TextBox billingAddressZip;
		
		protected System.Web.UI.WebControls.TextBox billingAddressCountry;
		
		protected System.Web.UI.WebControls.TextBox billingAddressPhone;
		
		protected System.Web.UI.WebControls.TextBox billingAddressEmail;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressFirstName;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressLastName;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressAddress1;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressAddress2;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressCity;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressState;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressZip;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressCountry;
		
		protected System.Web.UI.WebControls.TextBox shippingAddressPhone;
		
		protected System.Web.UI.WebControls.Button submitStepOne;
	}
}

[ Back to Top ]

c_sharp/step2.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="step2.aspx.cs" Inherits="ThreeStepExample.WebForm1" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title></title>
</head>
<body>
     <form id="form1"  runat="server" action="step2.aspx" >
       
            <h2>Step Two: Collect sensitive payment information and POST directly to payment gateway<br /></h2>

            <h3> Payment Information</h3>
            

              <table>
                  <tr><td>Credit Card Number  </td><td><asp:TextBox ID="cc_number" name="cc_number" runat="server" >4111111111111111</asp:TextBox></td></tr>
                  <tr><td>Expiration Date</td><td><asp:TextBox ID="cc_exp"  name="cc_exp" runat="server">1012</asp:TextBox> </td></tr>
                  <tr><td>CVV </td><td><asp:TextBox ID="cvv" name="cvv" runat="server"> </asp:TextBox></td></tr>
                  <tr><td colspan="2"> </td></tr>
	              <tr><td colspan="2" align="center">Total Amount $12.00 </td></tr>
                  <tr><td colspan="2" align="center"><asp:Button   runat="server"    Text="Submit Step Two"
                           ID="submitStepTwo"></asp:Button> </td></tr>
              </table>
          
        </form>
        
</body>
</html>

[ Back to Top ]

c_sharp/step2.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Windows.Forms;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace ThreeStepExample
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            form1.Action = (string)Session["formUrl"];
            
        }
        
    }
}

[ Back to Top ]

c_sharp/step2.aspx.designer.cs

// ------------------------------------------------------------------------------
//  <autogenerated>
//      This code was generated by a tool.
//      Mono Runtime Version: 4.0.30319.1
// 
//      Changes to this file may cause incorrect behavior and will be lost if 
//      the code is regenerated.
//  </autogenerated>
// ------------------------------------------------------------------------------

namespace ThreeStepExample {
	
	
	public partial class WebForm1 {
		
		protected System.Web.UI.HtmlControls.HtmlForm form1;
		
		protected System.Web.UI.WebControls.TextBox cc_number;
		
		protected System.Web.UI.WebControls.TextBox cc_exp;
		
		protected System.Web.UI.WebControls.TextBox cvv;
		
		protected System.Web.UI.WebControls.Button submitStepTwo;
	}
}

[ Back to Top ]

c_sharp/step3.aspx

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="step3.aspx.cs" Inherits="ThreeStepExample.step3" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
   <title>Step Three - Complete Transaciton</title>
</head>
<body>
   
       
   
    <form id="form1" runat="server">
    <pre>
    <p><h2>Step Three: Script automatically completes the transaction </h2></p>
    
        <% if(Session["result"].Equals("1")) 
        
           { %> 
            
            <p><h3> Transaction was Approved.</h3></p>
        
        <% }
           else if (Session["result"].Equals("2"))
           { %> 
           
            <p><h3> Transaction was Declined.</h3>Decline Description: </p>
           
        <% }
           else
           { %>
           
           <p><h3> Transaction caused an Error.</h3></p>
           Error Description:
          
                
         <%} %> 
        
        
        <asp:Label ID="LabelResponseText" runat="server" Height="20px" Text="Label" Width="20px"></asp:Label>
        <p><h3>XML response was:</h3></p>
        <asp:Label ID="LabelResponse"  runat="server" Height="150px" Text="Label" Width="350px"></asp:Label> 
		</pre>
   
    </form>
   
</body>
</html>

[ Back to Top ]

c_sharp/step3.aspx.cs

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace ThreeStepExample
{
    public partial class step3 : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            LabelResponse.Text = Server.HtmlEncode(Session["data"].ToString());
            if (!Session["result"].Equals("1"))
            {
                LabelResponseText.Text = (string)Session["result-text"];
            }
            else
            {
                LabelResponseText.Text = "";
            }
        }
    }
}

[ Back to Top ]

c_sharp/step3.aspx.designer.cs

// ------------------------------------------------------------------------------
//  <autogenerated>
//      This code was generated by a tool.
//      Mono Runtime Version: 4.0.30319.1
// 
//      Changes to this file may cause incorrect behavior and will be lost if 
//      the code is regenerated.
//  </autogenerated>
// ------------------------------------------------------------------------------

namespace ThreeStepExample {
	
	
	public partial class step3 {
		
		protected System.Web.UI.HtmlControls.HtmlForm form1;
		
		protected System.Web.UI.WebControls.Label LabelResponseText;
		
		protected System.Web.UI.WebControls.Label LabelResponse;
	}
}

// API Setup parameters
$gatewayURL = 'https://velox.transactiongateway.com/api/v2/three-step';
$APIKey = '2F822Rw39fx762MaV7Yy86jXGTC7sCDy';


// If there is no POST data or a token-id, print the initial shopping cart form to get ready for Step One.
if (empty($_POST['DO_STEP_1']) && empty($_GET['token-id'])) {

    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
    print '
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title>Collect non-sensitive Customer Info </title>
      </head>
      <body>
      <p><h2>Step One: Collect non-sensitive payment information.<br /></h2></p>

      <h3> Customer Information</h3>
      <h4> Billing Details</h4>

        <form action="" method="post">
          <table>
          <tr><td>Customer Vault Id  </td><td><input type="text" name="customer-vault-id" value=""></td></tr>
          <tr><td>Company</td><td><input type="text" name="billing-address-company" value="Acme, Inc."></td></tr>
          <tr><td>First Name </td><td><input type="text" name="billing-address-first-name" value="John"></td></tr>
          <tr><td>Last Name </td><td><input type="text" name="billing-address-last-name" value="Smith"></td></tr>
          <tr><td>Address </td><td><input type="text" name="billing-address-address1" value="1234 Main St."></td></tr>
          <tr><td>Address 2 </td><td><input type="text" name="billing-address-address2" value="Suite 205"></td></tr>
          <tr><td>City </td><td><input type="text" name="billing-address-city" value="Beverly Hills"></td></tr>
          <tr><td>State/Province </td><td><input type="text" name="billing-address-state" value="CA"></td></tr>
          <tr><td>Zip/Postal </td><td><input type="text" name="billing-address-zip" value="90210"></td></tr>
          <tr><td>Country </td><td><input type="text" name="billing-address-country" value="US"></td></tr>
          <tr><td>Phone Number </td><td><input type="text" name="billing-address-phone" value="555-555-5555"></td></tr>
          <tr><td>Fax Number </td><td><input type="text" name="billing-address-fax" value="555-555-5555"></td></tr>
          <tr><td>Email Address </td><td><input type="text" name="billing-address-email" value="test@example.com"></td></tr>

          <tr><td><h4><br /> Shipping Details</h4>
          <tr><td>Company</td><td><input type="text" name="shipping-address-company" value="Acme, Inc."></td></tr>
          <tr><td>First Name </td><td><input type="text" name="shipping-address-first-name" value="Mary"></td></tr>
          <tr><td>Last Name </td><td><input type="text" name="shipping-address-last-name" value="Smith"></td></tr>
          <tr><td>Address </td><td><input type="text" name="shipping-address-address1" value="1234 Main St."></td></tr>
          <tr><td>Address 2</td><td><input type="text" name="shipping-address-address2" value="Suite 205"></td></tr>
          <tr><td>City </td><td><input type="text" name="shipping-address-city" value="Beverly Hills"></td></tr>
          <tr><td>State/Province </td><td><input type="text" name="shipping-address-state" value="CA"></td></tr>
          <tr><td>Zip/Postal </td><td><input type="text" name="shipping-address-zip" value="90210"></td></tr>
          <tr><td>Country</td><td><input type="text" name="shipping-address-country" value="US"></td></tr>
          <tr><td>Phone Number </td><td><input type="text" name="shipping-address-phone" value="555-555-5555"></td></tr>
          <tr><td colspan="2"> </td>
          <tr><td colspan="2" align=center>Total Amount $12.00 </td></tr>
          <tr><td colspan="2" align=center><input type="submit" value="Submit Step One"><input type="hidden" name ="DO_STEP_1" value="true"></td></tr>
          </table>

        </form>
      </body>
    </html>

    ';
}else if (!empty($_POST['DO_STEP_1'])) {

    // Initiate Step One: Now that we've collected the non-sensitive payment information, we can combine other order information and build the XML format.
    $xmlRequest = new DOMDocument('1.0','UTF-8');

    $xmlRequest->formatOutput = true;
    $xmlSale = $xmlRequest->createElement('sale');

    // Amount, authentication, and Redirect-URL are typically the bare minimum.
    appendXmlNode($xmlRequest, $xmlSale,'api-key',$APIKey);
    appendXmlNode($xmlRequest, $xmlSale,'redirect-url',$_SERVER['HTTP_REFERER']);
    appendXmlNode($xmlRequest, $xmlSale, 'amount', '12.00');
    appendXmlNode($xmlRequest, $xmlSale, 'ip-address', $_SERVER["REMOTE_ADDR"]);
    //appendXmlNode($xmlRequest, $xmlSale, 'processor-id' , 'processor-a');
    appendXmlNode($xmlRequest, $xmlSale, 'currency', 'USD');

    // Some additonal fields may have been previously decided by user
    appendXmlNode($xmlRequest, $xmlSale, 'order-id', '1234');
    appendXmlNode($xmlRequest, $xmlSale, 'order-description', 'Small Order');
    appendXmlNode($xmlRequest, $xmlSale, 'merchant-defined-field-1' , 'Red');
    appendXmlNode($xmlRequest, $xmlSale, 'merchant-defined-field-2', 'Medium');
    appendXmlNode($xmlRequest, $xmlSale, 'tax-amount' , '0.00');
    appendXmlNode($xmlRequest, $xmlSale, 'shipping-amount' , '0.00');

    /*if(!empty($_POST['customer-vault-id'])) {
        appendXmlNode($xmlRequest, $xmlSale, 'customer-vault-id' , $_POST['customer-vault-id']);
    }else {
         $xmlAdd = $xmlRequest->createElement('add-customer');
         appendXmlNode($xmlRequest, $xmlAdd, 'customer-vault-id' ,411);
         $xmlSale->appendChild($xmlAdd);
    }*/


    // Set the Billing and Shipping from what was collected on initial shopping cart form
    $xmlBillingAddress = $xmlRequest->createElement('billing');
    appendXmlNode($xmlRequest, $xmlBillingAddress,'first-name', $_POST['billing-address-first-name']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'last-name', $_POST['billing-address-last-name']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'address1', $_POST['billing-address-address1']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'city', $_POST['billing-address-city']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'state', $_POST['billing-address-state']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'postal', $_POST['billing-address-zip']);
    //billing-address-email
    appendXmlNode($xmlRequest, $xmlBillingAddress,'country', $_POST['billing-address-country']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'email', $_POST['billing-address-email']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'phone', $_POST['billing-address-phone']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'company', $_POST['billing-address-company']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'address2', $_POST['billing-address-address2']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'fax', $_POST['billing-address-fax']);
    $xmlSale->appendChild($xmlBillingAddress);


    $xmlShippingAddress = $xmlRequest->createElement('shipping');
    appendXmlNode($xmlRequest, $xmlShippingAddress,'first-name', $_POST['shipping-address-first-name']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'last-name', $_POST['shipping-address-last-name']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'address1', $_POST['shipping-address-address1']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'city', $_POST['shipping-address-city']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'state', $_POST['shipping-address-state']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'postal', $_POST['shipping-address-zip']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'country', $_POST['shipping-address-country']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'phone', $_POST['shipping-address-phone']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'company', $_POST['shipping-address-company']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'address2', $_POST['shipping-address-address2']);
    $xmlSale->appendChild($xmlShippingAddress);


    // Products already chosen by user
    $xmlProduct = $xmlRequest->createElement('product');
    appendXmlNode($xmlRequest, $xmlProduct,'product-code' , 'SKU-123456');
    appendXmlNode($xmlRequest, $xmlProduct,'description' , 'test product description');
    appendXmlNode($xmlRequest, $xmlProduct,'commodity-code' , 'abc');
    appendXmlNode($xmlRequest, $xmlProduct,'unit-of-measure' , 'lbs');
    appendXmlNode($xmlRequest, $xmlProduct,'unit-cost' , '5.00');
    appendXmlNode($xmlRequest, $xmlProduct,'quantity' , '1');
    appendXmlNode($xmlRequest, $xmlProduct,'total-amount' , '7.00');
    appendXmlNode($xmlRequest, $xmlProduct,'tax-amount' , '2.00');

    appendXmlNode($xmlRequest, $xmlProduct,'tax-rate' , '1.00');
    appendXmlNode($xmlRequest, $xmlProduct,'discount-amount', '2.00');
    appendXmlNode($xmlRequest, $xmlProduct,'discount-rate' , '1.00');
    appendXmlNode($xmlRequest, $xmlProduct,'tax-type' , 'sales');
    appendXmlNode($xmlRequest, $xmlProduct,'alternate-tax-id' , '12345');

    $xmlSale->appendChild($xmlProduct);

    $xmlProduct = $xmlRequest->createElement('product');
    appendXmlNode($xmlRequest, $xmlProduct,'product-code' , 'SKU-123456');
    appendXmlNode($xmlRequest, $xmlProduct,'description' , 'test 2 product description');
    appendXmlNode($xmlRequest, $xmlProduct,'commodity-code' , 'abc');
    appendXmlNode($xmlRequest, $xmlProduct,'unit-of-measure' , 'lbs');
    appendXmlNode($xmlRequest, $xmlProduct,'unit-cost' , '2.50');
    appendXmlNode($xmlRequest, $xmlProduct,'quantity' , '2');
    appendXmlNode($xmlRequest, $xmlProduct,'total-amount' , '7.00');
    appendXmlNode($xmlRequest, $xmlProduct,'tax-amount' , '2.00');

    appendXmlNode($xmlRequest, $xmlProduct,'tax-rate' , '1.00');
    appendXmlNode($xmlRequest, $xmlProduct,'discount-amount', '2.00');
    appendXmlNode($xmlRequest, $xmlProduct,'discount-rate' , '1.00');
    appendXmlNode($xmlRequest, $xmlProduct,'tax-type' , 'sales');
    appendXmlNode($xmlRequest, $xmlProduct,'alternate-tax-id' , '12345');

    $xmlSale->appendChild($xmlProduct);

    $xmlRequest->appendChild($xmlSale);

    // Process Step One: Submit all transaction details to the Payment Gateway except the customer's sensitive payment information.
    // The Payment Gateway will return a variable form-url.
    $data = sendXMLviaCurl($xmlRequest,$gatewayURL);

    // Parse Step One's XML response
    $gwResponse = @new SimpleXMLElement($data);
    if ((string)$gwResponse->result ==1 ) {
        // The form url for used in Step Two below
        $formURL = $gwResponse->{'form-url'};
    } else {
        throw New Exception(print " Error, received " . $data);
    }

    // Initiate Step Two: Create an HTML form that collects the customer's sensitive payment information
    // and use the form-url that the Payment Gateway returns as the submit action in that form.
    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';


    print '

        <html>
        <head>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
            <title>Collect sensitive Customer Info </title>
        </head>
        <body>';
    // Uncomment the line below if you would like to print Step One's response
    // print '<pre>' . (htmlentities($data)) . '</pre>';
    print '
        <p><h2>Step Two: Collect sensitive payment information and POST directly to payment gateway<br /></h2></p>

        <form action="'.$formURL. '" method="POST">
        <h3> Payment Information</h3>
            <table>
                <tr><td>Credit Card Number</td><td><INPUT type ="text" name="billing-cc-number" value="4111111111111111"> </td></tr>
                <tr><td>Expiration Date</td><td><INPUT type ="text" name="billing-cc-exp" value="1012"> </td></tr>
                <tr><td>CVV</td><td><INPUT type ="text" name="cvv" > </td></tr>
                <tr><Td colspan="2" align=center><INPUT type ="submit" value="Submit Step Two"></td> </tr>
            </table>
        </form>
        </body>
        </html>
        ';

} elseif (!empty($_GET['token-id'])) {

    // Step Three: Once the browser has been redirected, we can obtain the token-id and complete
    // the transaction through another XML HTTPS POST including the token-id which abstracts the
    // sensitive payment information that was previously collected by the Payment Gateway.
    $tokenId = $_GET['token-id'];
    $xmlRequest = new DOMDocument('1.0','UTF-8');
    $xmlRequest->formatOutput = true;
    $xmlCompleteTransaction = $xmlRequest->createElement('complete-action');
    appendXmlNode($xmlRequest, $xmlCompleteTransaction,'api-key',$APIKey);
    appendXmlNode($xmlRequest, $xmlCompleteTransaction,'token-id',$tokenId);
    $xmlRequest->appendChild($xmlCompleteTransaction);


    // Process Step Three
    $data = sendXMLviaCurl($xmlRequest,$gatewayURL);


    $gwResponse = @new SimpleXMLElement((string)$data);
    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
    print '
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title>Step Three - Complete Transaction</title>
      </head>
      <body>';

    print "
        <p><h2>Step Three: Script automatically completes the transaction <br /></h2></p>";

    if ((string)$gwResponse->result == 1 ) {
        print " <p><h3> Transaction was Approved, XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';

    } elseif((string)$gwResponse->result == 2)  {
        print " <p><h3> Transaction was Declined.</h3>\n";
        print " Decline Description : " . (string)$gwResponse->{'result-text'} ." </p>";
        print " <p><h3>XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';
    } else {
        print " <p><h3> Transaction caused an Error.</h3>\n";
        print " Error Description: " . (string)$gwResponse->{'result-text'} ." </p>";
        print " <p><h3>XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';
    }
    print "</body></html>";



} else {
  print "ERROR IN SCRIPT<BR>";
}


  function sendXMLviaCurl($xmlRequest,$gatewayURL) {
   // helper function demonstrating how to send the xml with curl


    $ch = curl_init(); // Initialize curl handle
    curl_setopt($ch, CURLOPT_URL, $gatewayURL); // Set POST URL

    $headers = array();
    $headers[] = "Content-type: text/xml";
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); // Add http headers to let it know we're sending XML
    $xmlString = $xmlRequest->saveXML();
    curl_setopt($ch, CURLOPT_FAILONERROR, 1); // Fail on errors
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // Allow redirects
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return into a variable
    curl_setopt($ch, CURLOPT_PORT, 443); // Set the port number
    curl_setopt($ch, CURLOPT_TIMEOUT, 30); // Times out after 30s
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlString); // Add XML directly in POST

    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);


    // This should be unset in production use. With it on, it forces the ssl cert to be valid
    // before sending info.
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

    if (!($data = curl_exec($ch))) {
        print  "curl error =>" .curl_error($ch) ."\n";
        throw New Exception(" CURL ERROR :" . curl_error($ch));

    }
    curl_close($ch);

    return $data;
  }

  // Helper function to make building xml dom easier
  function appendXmlNode($domDocument, $parentNode, $name, $value) {
        $childNode      = $domDocument->createElement($name);
        $childNodeValue = $domDocument->createTextNode($value);
        $childNode->appendChild($childNodeValue);
        $parentNode->appendChild($childNode);
  }



// API Setup Parameters
$gatewayURL = 'https://velox.transactiongateway.com/api/v2/three-step';
$APIKey = '2F822Rw39fx762MaV7Yy86jXGTC7sCDy';


// If there is no POST data or a token-id, print the initial Customer Information form to get ready for Step One.
if (empty($_POST['DO_STEP_1'])&& empty($_GET['token-id'])) {

    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
    print '
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title>Collect non-sensitive Customer  Vault Info </title>
      </head>
      <body>
      <p><h2>Step One: Collect non-sensitive Customer Vault information.<br /></h2></p>

      <h3> Customer Information</h3>
      <h4> Billing Details</h4>

        <form action="" method="post">
          <table>
          <tr><td>Customer Vault Id  </td><td><input type="text" name="customer-vault-id" value=""></td></tr>
          <tr><td>Company</td><td><input type="text" name="billing-address-company" value="Acme, Inc."></td></tr>
          <tr><td>First Name </td><td><input type="text" name="billing-address-first-name" value="John"></td></tr>
          <tr><td>Last Name </td><td><input type="text" name="billing-address-last-name" value="Smith"></td></tr>
          <tr><td>Address </td><td><input type="text" name="billing-address-address1" value="1234 Main St."></td></tr>
          <tr><td>City </td><td><input type="text" name="billing-address-city" value="Beverly Hills"></td></tr>
          <tr><td>State/Province </td><td><input type="text" name="billing-address-state" value="CA"></td></tr>
          <tr><td>Zip/Postal </td><td><input type="text" name="billing-address-zip" value="90210"></td></tr>
          <tr><td>Country </td><td><input type="text" name="billing-address-country" value="US"></td></tr>
          <tr><td>Phone Number </td><td><input type="text" name="billing-address-phone" value="555-555-5555"></td></tr>
          <tr><td>Email Address </td><td><input type="text" name="billing-address-email" value="test@example.com"></td></tr>

          <tr><td><h4><br /> Shipping Details</h4>
          <tr><td>First Name </td><td><input type="text" name="shipping-address-first-name" value="Mary"></td></tr>
          <tr><td>Last Name </td><td><input type="text" name="shipping-address-last-name" value="Smith"></td></tr>
          <tr><td>Address </td><td><input type="text" name="shipping-address-address1" value="1234 Main St."></td></tr>
          <tr><td>Suite</td><td><input type="text" name="shipping-address-address2" value="Unit #2"></td></tr>
          <tr><td>City </td><td><input type="text" name="shipping-address-city" value="Beverly Hills"></td></tr>
          <tr><td>State/Province </td><td><input type="text" name="shipping-address-state" value="CA"></td></tr>
          <tr><td>Zip/Postal </td><td><input type="text" name="shipping-address-zip" value="90210"></td></tr>
          <tr><td>Country</td><td><input type="text" name="shipping-address-country" value="US"></td></tr>
          <tr><td colspan="2"> </td>
          <tr><td colspan="2" align=center><input type="submit" value="Submit Step One"><input type="hidden" name ="DO_STEP_1" value="true"></td></tr>
          </table>

        </form>
      </body>
    </html>

    ';
}else if (!empty($_POST['DO_STEP_1'])) {

    // Initiate Step One: Now that we've collected the non-sensitive customer information, we can combine other customer information and build the XML format.
    $xmlRequest = new DOMDocument('1.0','UTF-8');

    $xmlRequest->formatOutput = true;
    $xmlSale = $xmlRequest->createElement('add-customer');

    // Authentication, Redirect-URL  are typically the bare minimum.
    appendXmlNode($xmlRequest, $xmlSale,'api-key',$APIKey);
    appendXmlNode($xmlRequest, $xmlSale,'redirect-url',$_SERVER['HTTP_REFERER']);


    // Some additonal fields may have been previously decided by user

    appendXmlNode($xmlRequest, $xmlSale, 'merchant-defined-field-1' , 'Red');
    appendXmlNode($xmlRequest, $xmlSale, 'merchant-defined-field-2', 'Medium');


    if(!empty($_POST['customer-vault-id'])) {
        appendXmlNode($xmlRequest, $xmlSale, 'customer-vault-id' , $_POST['customer-vault-id']);
    }


    // Set the Billing & Shipping from what was collected on initial shopping cart form
    $xmlBillingAddress = $xmlRequest->createElement('billing');
    appendXmlNode($xmlRequest, $xmlBillingAddress,'first-name', $_POST['billing-address-first-name']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'last-name', $_POST['billing-address-last-name']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'address1', $_POST['billing-address-address1']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'city', $_POST['billing-address-city']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'state', $_POST['billing-address-state']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'postal', $_POST['billing-address-zip']);
    //billing-address-email
    appendXmlNode($xmlRequest, $xmlBillingAddress,'country', $_POST['billing-address-country']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'email', $_POST['billing-address-email']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'phone', $_POST['billing-address-phone']);
    appendXmlNode($xmlRequest, $xmlBillingAddress,'company', $_POST['billing-address-company']);
    $xmlSale->appendChild($xmlBillingAddress);


    $xmlShippingAddress = $xmlRequest->createElement('shipping');
    appendXmlNode($xmlRequest, $xmlShippingAddress,'first-name', $_POST['shipping-address-first-name']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'last-name', $_POST['shipping-address-last-name']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'address1', $_POST['shipping-address-address1']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'city', $_POST['shipping-address-city']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'state', $_POST['shipping-address-state']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'postal', $_POST['shipping-address-zip']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'country', $_POST['shipping-address-country']);
    appendXmlNode($xmlRequest, $xmlShippingAddress,'address2', $_POST['shipping-address-address2']);
    $xmlSale->appendChild($xmlShippingAddress);




    $xmlRequest->appendChild($xmlSale);

    // Process Step One: Submit all customer details to the Payment Gateway except the customer's sensitive payment information.
    // The Payment Gateway will return a variable form-url.
    $data = sendXMLviaCurl($xmlRequest,$gatewayURL);

    // Parse Step One's XML response
    $gwResponse = @new SimpleXMLElement($data);
    if ((string)$gwResponse->result ==1 ) {
        // The form url for used in Step Two below
        $formURL = $gwResponse->{'form-url'};
    } else {
        throw New Exception(print " Error, received " . $data);
    }

    // Initiate Step Two: Create an HTML form that collects the customer's sensitive payment information
    // and use the form-url that the Payment Gateway returns as the submit action in that form.
    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';


    print '

        <html>
        <head>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
            <title>Collect sensitive Customer Info </title>
        </head>
        <body>';
    // Uncomment the line below if you would like to print Step One's response
    // print '<pre>' . (htmlentities($data)) . '</pre>';

    print '
        <p><h2>Step Two: Collect sensitive payment information and POST directly to payment gateway<br /></h2></p>

        <form action="'.$formURL. '" method="POST">
        <h3> Payment Information</h3>
            <table>
                <tr><td>Credit Card Number</td><td><INPUT type ="text" name="billing-cc-number" value="4111111111111111"> </td></tr>
                <tr><td>Expiration Date</td><td><INPUT type ="text" name="billing-cc-exp" value="1014"> </td></tr>
                <tr><Td colspan="2" align=center><INPUT type ="submit" value="Submit Step Two"></td> </tr>
            </table>
        </form>
        </body>
        </html>
        ';
    // NOTE: CVV cannot be stored, per PCI Requirements

} elseif (!empty($_GET['token-id'])) {

    // Step Three: Once the browser has been redirected, we can obtain the token-id and complete
    // the Customer Vault Add through another XML HTTPS POST including the token-id which abstracts the
    // sensitive payment information that was previously collected by the Payment Gateway.
    $tokenId = $_GET['token-id'];
    $xmlRequest = new DOMDocument('1.0','UTF-8');
    $xmlRequest->formatOutput = true;
    $xmlCompleteTransaction = $xmlRequest->createElement('complete-action');
    appendXmlNode($xmlRequest, $xmlCompleteTransaction,'api-key',$APIKey);
    appendXmlNode($xmlRequest, $xmlCompleteTransaction,'token-id',$tokenId);
    $xmlRequest->appendChild($xmlCompleteTransaction);


    // Process Step Three
    $data = sendXMLviaCurl($xmlRequest,$gatewayURL);


    $gwResponse = @new SimpleXMLElement((string)$data);
    print '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
    print '
    <html>
      <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <title>Step Three - Complete Add Customer </title>
      </head>
      <body>';

    print "
        <p><h2>Step Three: Script automatically completes the process of adding the Customer Vault record <br /></h2></p>";

    if ((string)$gwResponse->result == 1 ) {
        print " <p><h3> Customer Vault was Added, XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';

    } elseif((string)$gwResponse->result == 2)  {
        print " <p><h3> Customer Vault was Not Added</h3>\n";
        print "  Reason : " . (string)$gwResponse->{'result-text'} ." </p>";
        print " <p><h3>XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';
    } else {
        print " <p><h3> Customer Vault Add caused an Error.</h3>\n";
        print " Error Description: " . (string)$gwResponse->{'result-text'} ." </p>";
        print " <p><h3>XML response was:</h3></p>\n";
        print '<pre>' . (htmlentities($data)) . '</pre>';
    }
    print "</body></html>";



} else {
  print "ERROR IN SCRIPT<BR>";
}


  function sendXMLviaCurl($xmlRequest,$gatewayURL) {
   // helper function demonstrating how to send the xml with curl


    $ch = curl_init(); // Initialize curl handle
    curl_setopt($ch, CURLOPT_URL, $gatewayURL); // Set POST URL

    $headers = array();
    $headers[] = "Content-type: text/xml";
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); // Add http headers to let it know we're sending XML
    $xmlString = $xmlRequest->saveXML();
    curl_setopt($ch, CURLOPT_FAILONERROR, 1); // Fail on errors
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // Allow redirects
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // Return into a variable
    curl_setopt($ch, CURLOPT_PORT, 443); // Set the port number
    curl_setopt($ch, CURLOPT_TIMEOUT, 30); // Times out after 30s
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $xmlString); // Add XML directly in POST


    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);


    // This should be unset in production use. With it on, it forces the ssl cert to be valid
    // before sending info.
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

    if (!($data = curl_exec($ch))) {
        print  "curl error =>" .curl_error($ch) ."\n";
        throw New Exception(" CURL ERROR :" . curl_error($ch));

    }
    curl_close($ch);

    return $data;
  }

  // Helper function to make building xml dom easier
  function appendXmlNode($domDocument, $parentNode, $name, $value) {
        $childNode      = $domDocument->createElement($name);
        $childNodeValue = $domDocument->createTextNode($value);
        $childNode->appendChild($childNodeValue);
        $parentNode->appendChild($childNode);
  }



<?
// Insert your security key ID here
$gw_merchantKeyId = '[[Gateway Key ID Here]]';
// Insert your security key here
$gw_merchantKeyText = '[[Gateway Key Text Here]]';

function gw_printField($name, $value = "") {
    global $gw_merchantKeyText;
    static $fields;

    // Generate the hash
    if($name == "hash") {
        $stringToHash = implode('|', array_values($fields)) .
            "|" . $gw_merchantKeyText;
        $value = implode("|", array_keys($fields)) . "|" . md5($stringToHash);
    } else {
        $fields[$name] = $value;
    }
    print "<INPUT TYPE=HIDDEN NAME=\"$name\" VALUE=\"$value\">\n";
}
?>

<FORM METHOD=POST
    ACTION="https://velox.transactiongateway.com/cart/cart.php">
<INPUT TYPE=HIDDEN NAME="customer_receipt" VALUE="true">
<INPUT TYPE=HIDDEN NAME="key_id" VALUE="<?=$gw_merchantKeyId?>">
<INPUT TYPE=HIDDEN NAME="url_finish" VALUE="http://example.org/finsh_url.html">
<?
    // Print the description, SKU, shipping, and amount using the gw_printField
    // function. Don't call the gw_printField function for fields that you
    // wish to omit (ie. shipping)
?>
<? gw_printField("action", "process_fixed"); ?>
<? gw_printField("order_description", "Product #1"); ?>
<? gw_printField("shipping", "fixed|5.00"); ?>
<? gw_printField("amount", "7.95"); ?>
<?
    // Once all product information fields are printed, print the hash field
    // There is no need to specify a value when printing the hash field.
?>
<? gw_printField("hash"); ?>

<INPUT TYPE=SUBMIT VALUE="Buy">
</FORM>



<%
' Do not forget obtain md5_lib.asp from our code samples page:'
' https://velox.transactiongateway.com/merchants/resources/examples.php'
%>
<!--#include virtual="md5_lib.asp"-->
<%
' A security key id and key text can be obtained within the Merchant Control'
' Panel, under Options>Security Keys'
Private Const gw_merchantKeyId = "[[Gateway Key ID Here]]"
Private Const gw_merchantKeyText = "[[Gateway Key Text Here]]"

Private gw_hashNames
Private gw_hashValues

Function gw_printField(name, value)
	if IsNull(value) Then
		gw_hashValues = gw_hashValues & gw_merchantKeyText
		hashedResult = MD5(gw_hashValues)
		value = gw_hashNames & hashedResult

		gw_hashNames = Null
		gw_hashValues = Null
	Else
		gw_hashNames = gw_hashNames & name & "|"
		gw_hashValues = gw_hashValues & value & "|"
	End If

	gw_printField = "<INPUT TYPE=HIDDEN NAME=""" & name & _
        """ VALUE=""" & value & """>" & vbCrLf
End Function
%>
<FORM
	METHOD=POST
	ACTION="https://velox.transactiongateway.com/cart/cart.php">
<INPUT TYPE=HIDDEN NAME="customer_receipt" VALUE="true">
<INPUT TYPE=HIDDEN NAME="key_id" VALUE="<%=gw_merchantKeyId%>">
<%
' Print the description, SKU, shipping, and amount using the gw_printField
' function
%>
<%=gw_printField("action", "process_cart") %>
<%=gw_printField("product_description_1", "Product #1") %>
<%=gw_printField("product_sku_1", "BK001") %>
<%=gw_printField("product_shipping_1", "fixed|3.95|2.00") %>
<%=gw_printField("product_amount_1", "7.95") %>
<%
' Once all product information fields are printed, print the hash field.
' There is no need to specify a value when printing the hash field.'
%>
<%=gw_printField("hash", NULL) %>

How many books do you want?
<INPUT TYPE=TEXT NAME="product_quantity_1" SIZE=3><BR>
<INPUT TYPE=SUBMIT VALUE="Place Order">
</FORM>

Velox Payment Gateway Integration Portal

Integration Overview

There are multiple ways to incorporate the payment gateway within a website or mobile device. These options vary based upon ease of integration, required resources, features, and additional security.

Transaction Request APIs

Three-Step Redirect API

  • The Three Step Redirect is the preferred API for customized web-based payment processing. Using this integration method significantly reduces a merchant's PCI footprint without sacrificing end-user look and feel. This method is required when using Verified by Visa/Mastercard SecureCode (Payer Authentication).

Direct Post API

  • The Direct Post method is the simplest integration method for both web-based and non web-based payment applications, however, merchants using this integration method should have passed a PCI vulnerability scan before use.

Mobile SDK

  • The Mobile SDK supports iOS and Android based devices. These SDKs include a mobile card reader library which simplifies integrations for applications requiring encrypted mobile card readers. Additionally, an end-to-end encryption library is included, allowing merchants to send both swiped and keyed-in payment information without ever touching any sensitive data.

EMV Chip Card SDK

  • The EMV Chip Card SDK is a Windows-based software development kit that abstracts the complexities of interfacing directly with hardware terminals.

Transaction Retrieval API

Query API

  • The Query API allows merchants to download a detailed stream of transaction data. This dataset can then be used to create in-house reports and analytics.

Turnkey Shopping Carts

QuickClick Shopping Cart

  • QuickClick is a great option for e-commerce merchants who do not have an IT team or developer on staff. A button-generator is included, which allows merchants to create website links to products and services without any previous development experience.

Third Party Shopping Carts

  • There are a number of third party shopping carts that have integrated to the payment gateway. This is the best option for merchants who need a full featured turn-key shopping cart out of the box.