Developer's Guide
Table Of Contents
- Content
- Preface
- Introducing the Gateway Checkout Solutions
- Secure Token
- Configuring Hosted Checkout Pages
- Payflow SDK
- Sending a Simple Transaction to the Server
- Submitting Credit Card Transactions
- Obtaining an Internet Merchant Account
- About Credit Card Processing
- Credit Card Features
- Planning Your Gateway Integration
- Core Credit Card Parameters
- Submitting Account Verifications
- Submitting Authorization/Delayed Capture Transactions
- Submitting Balance Inquiry Transactions
- Submitting Card Present (SWIPE) Transactions
- Submitting Credit Transactions
- Submitting Inquiry Transactions
- When To Use an Inquiry Transaction
- Required Parameters When Using the PNREF
- Inquiry Transaction Parameter String Using the PNREF
- Required Parameters When Using the CUSTREF
- Inquiry Transaction Parameter String Using the CUSTREF
- Required Parameters When Using the Secure Token
- Inquiry Parameter String Using the Secure Token
- Submitting Partial Authorizations
- Submitting Purchasing Card Transactions
- Submitting Reference Transactions (Tokenization)
- Submitting Sale Transactions
- Submitting Soft Merchant Information
- Submitting Voice Authorization Transactions
- Submitting Void Transactions
- Using Address Verification Service
- Using Card Security Code
- Testing Transactions
- Transaction Responses
- Processors Requiring Additional Transaction Parameters
- American Express Additional Credit Card Parameters
- Elavon Additional Credit Card Parameters
- First Data Merchant Services Nashville, Additional Credit Card Parameters
- First Data Merchant Services North, Additional Credit Card Parameters
- Heartland, Additional Credit Card Parameters
- Litle Additional Credit Card Parameters
- Merchant e-Solutions, Additional Credit Card Parameters
- Paymentech Salem (New Hampshire) Additional Credit Card Parameters for American Express
- PayPal Credit Card Transaction Request Parameters
- SecureNet Additional Credit Card Parameters for American Express
- Vantiv Additional Credit Card Parameters
- WorldPay Additional Credit Card Parameters
- TeleCheck Electronic Check Processing
- Submitting Purchasing Card Level 2 and Level 3 Transactions
- About Purchasing Cards
- About Program Levels
- About American Express Purchasing Card Transactions
- American Express Purchasing Card Transaction Processing
- Elavon (Formerly Nova) Purchasing Card Transaction Processing
- First Data Merchant Services (FDMS) Nashville Purchasing Card Transaction Processing
- First Data Merchant Services (FDMS) North Purchasing Card Transaction Processing
- First Data Merchant Services South (FDMS) Purchasing Card Transaction Processing
- Global Payments - Central Purchasing Card Transaction Processing
- Global Payments - East Purchasing Card Transaction Processing
- Heartland Purchasing Card Transaction Processing
- Litle Purchasing Card Transaction Processing
- Merchant e-Solutions Purchasing Card Transaction Processing
- Paymentech Salem (New Hampshire) Purchasing Card Transaction Processing
- Paymentech Tampa Level 2 Purchasing Card Transaction Processing
- SecureNet Purchasing Card Transaction Processing
- TSYS Acquiring Solutions Purchasing Card Transaction Processing
- Vantiv Purchasing Card Transaction Processing
- WorldPay Purchasing Cards Transaction Processing
- VERBOSITY: Viewing Processor- Specific Transaction Results
- ISO Country Codes
- Codes Used by FDMS South Only
- PayPal Acquirer
- Additional Processor Information
- Payflow Link Migration
Gateway Developer Guide and Reference 31 July 2012 23
Introducing the Gateway Checkout Solutions
About Security
1
Secure Token
The secure token stores request transaction data on the Gateway server. It eliminates the need
to resend the parameter data for display in a hosted checkout page where the data might be
subject to compromise.
Hosted Checkout Pages
The Gateway enables the use of hosted checkout pages, which help you achieve PCI
compliance. The hosted checkout pages enable you to pass transaction data securely to the
server and to collect credit card acceptance data.
NOTE: You are required to use hosted pages with PayPal Payments Advanced and Payflow
Link.
The following figure shows the transaction flow when using hosted pages and a secure token.
Numbers in the figure correspond to the numbered comments below:
1. The customer clicks Buy to purchase merchandise on your website.
2. You request a secure token by passing a token ID to the Gateway server.
3. The Gateway server returns the secure token and your token ID to your website.
4. You submit the secure token and token ID in an HTTP post to pages hosted on the Gateway
server and redirect the customer’s browser to the hosted pages.
5. The Gateway server uses the secure token to retrieve the amount and other transaction data.
The customer submits their credit card number, expiration date, and other sensitive data
directly to the host pages rather than to your website, easing your PCI compliance
requirements.