Developer's Guide

ManualsBrandsPayPal ManualsSoftwarePayPal Gateway - 2014

Table Of Contents

Content
Preface
- Scope
- Related Documentation
- Intended Audience
  - Who Should Use This Document
- Revision History
Introducing the Gateway Checkout Solutions
- About the Gateway Checkout Solutions
  - Summary of the Gateway Checkout Solutions
  - Gateway Product Details
- About the Gateway Transaction Flow
- About Security
- The PayPal Manager Website
- Processing Platforms Supporting Card-Present Transactions
- Supported Payment Types
- Supported Languages
- Recurring Billing Service
- Fraud Protection Service
Secure Token
- About the Secure Token
- Integrating the Secure Token With the Hosted Checkout Pages
- Integrating the Secure Token Without the Hosted Checkout Pages: Transparent Redirect
- Secure Token Errors
- Posting To the Hosted Checkout Page
Configuring Hosted Checkout Pages
- Configuring Hosted Checkout Pages
- Configuring Hosted Pages Using PayPal Manager
- Using a Secure Token to Pass Hosted Pages Customization Parameters
- Using the PARMLIST Parameter
- Hosted Pages and Mobile Browsers
  - Mobile Optimized Checkout Pages
- Silent Posts
  - Force Silent Post Confirmation
  - Data Returned by the Silent Post Features
- Passing Other Data to Your Server Using Post or Silent Post
Payflow SDK
- Preparing the Payflow Gateway Client Application
- Activating Your Payflow Gateway Account
- Host URL Addresses
Sending a Simple Transaction to the Server
- About Name-Value Pairs
- Payflow Connection Parameters
- User Parameter Data
- Sale Transaction Example
  - Typical Sale Transaction
- Formatting Payflow Gateway Transactions
Submitting Credit Card Transactions
- Obtaining an Internet Merchant Account
- About Credit Card Processing
- Credit Card Features
- Planning Your Gateway Integration
  - Complying With E-commerce Indicator
  - Handling Credit Card Type Information
- Core Credit Card Parameters
- Submitting Account Verifications
  - When To Use Account Verifications
  - Required Account Verification Parameters
  - Example Account Verification String
- Submitting Authorization/Delayed Capture Transactions
  - When to Use Authorization/Delayed Capture Transactions
  - Required Authorization Transaction Parameters
- Submitting Balance Inquiry Transactions
  - Processing Platforms Supporting Balance Inquiry Transactions
  - Required Balance Inquiry Parameters
  - Example Balance Inquiry Transaction String
- Submitting Card Present (SWIPE) Transactions
  - Processing Platforms Supporting Card-Present Transactions
  - Card Present Transaction Syntax
- Submitting Credit (Refund) Transactions
  - Required Credit Transaction Parameters
- Submitting Inquiry Transactions
  - When To Use an Inquiry Transaction
  - Required Parameters When Using the PNREF
  - Inquiry Transaction Parameter String Using the PNREF
  - Required Parameters When Using the CUSTREF
  - Inquiry Transaction Parameter String Using the CUSTREF
  - Required Parameters When Using the Secure Token
  - Inquiry Parameter String Using the Secure Token
- Submitting Partial Authorizations
  - When To Use Partial Authorizations
  - Required Partial Authorization Parameters
  - Example Partial Authorization
- Submitting Purchasing Card Transactions
- Submitting Reference Transactions (Tokenization)
  - When To Use a Reference Transaction
  - Transaction Types That Can Be Used As the Original Transaction
  - Fields Copied From Reference Transactions
  - Example Reference Transaction
  - Data Upload - Storing Credit Card Data on the Gateway Server
- Submitting Sale Transactions
  - When To Use a Sale Transaction
  - Additional Parameters For Sale Transactions
  - Typical Sale Transaction Parameter String
- Submitting Soft Merchant Information
  - About Soft Merchant Information
  - Ways to Send Soft Merchant Information
- Submitting Voice Authorization Transactions
  - When To Use a Voice Authorization Transaction
  - Required Voice Authorization Transaction Parameters
- Submitting Void Transactions
  - When To Use a Void Transaction
  - Required Void Transaction Parameters
  - Fields Copied From the Original Transaction Into the Void Transaction
  - Example Void Transaction Parameter String
- Using Address Verification Service
  - Example Address Verification Service Parameter String
- Using Card Security Code
- Information for the PayPal Acquirer
  - Countries and Regions Supported by PayPal
  - PayPal Currency Codes
Testing Transactions
- Setting Up The Payflow Gateway Testing Environment
- Testing Guidelines
- Processors Other Than PayPal
- PayPal Processor
  - Credit Card Numbers for Testing
  - Result Values Based On Amount
Transaction Responses
- Credit Card Transaction Responses
- Address Verification Service Responses From PayPal
- Card Security Code Results
  - Normalized Card Security Code Results
- BALAMT Response and Stored Value Cards
  - American Express Stored Value Card Example
- PNREF
- RESULT Values and RESPMSG Text
  - RESULT Values For Communications Errors
- Processor-specific Response Parameters
  - Litle Response Parameters
Processors Requiring Additional Transaction Parameters
- American Express Additional Credit Card Parameters
- Elavon Additional Credit Card Parameters
- First Data Merchant Services Nashville, Additional Credit Card Parameters
- First Data Merchant Services North, Additional Credit Card Parameters
- Heartland, Additional Credit Card Parameters
- Litle Additional Credit Card Parameters
- Cielo Payments, Additional Credit Card Parameters
- Paymentech Salem (New Hampshire) Additional Credit Card Parameters for American Express
- PayPal Credit Card Transaction Request Parameters
- SecureNet Additional Credit Card Parameters for American Express
- Vantiv Additional Credit Card Parameters
  - Additional Credit Card Parameters
  - Soft Merchant Descriptor Parameters
- WorldPay Additional Credit Card Parameters
TeleCheck Electronic Check Processing
- TeleCheck NFTF Overview of Services
- TeleCheck NFTF Processing Overview
- TeleCheck Parameters
  - Required TeleCheck Parameters
- Testing TeleCheck Transactions
  - Example Test Transaction
- Preparing for TeleCheck Production Transactions
- Responses to TeleCheck Transactions
  - Transaction Responses Common to All Tender Types
- Response Code Values
- TeleCheck Authorization Requirements
  - Authorization – Sales Consent
  - Authorization – Sales Decline/Error
Payflow Header Parameters
- Sending Requests Directly to PayPal Bypassing Payflow
- Posting Transactions Directly Without the Payflow SDK
Submitting Purchasing Card Level 2 and 3 Transactions
- About Purchasing Cards
- About Program Levels
  - Accepted BIN Ranges
- About American Express Purchasing Card Transactions
- American Express Purchasing Card Transaction Processing
- Elavon (Formerly Nova) Purchasing Card Transaction Processing
- First Data Merchant Services (FDMS) Nashville Purchasing Card Transaction Processing
  - FDMS Nashville Commercial Card Parameters
- First Data Merchant Services (FDMS) North Purchasing Card Transaction Processing
  - FDMS North Purchasing Parameters
  - FDMS North Purchasing Card Line Item Parameters
- First Data Merchant Services South (FDMS) Purchasing Card Transaction Processing
- Global Payments - Central Purchasing Card Transaction Processing
  - Global Payments - Central Level 2 Parameters
- Global Payments - East Purchasing Card Transaction Processing
  - Global Payments - East Level 2 Parameters
  - Example Global Payments - East Level 2 Visa or MasterCard Transaction Parameter String
- Heartland Purchasing Card Transaction Processing
- Litle Purchasing Card Transaction Processing
  - Litle Level 2 Parameters
  - Litle Level 3 Parameters
- Cielo Payments Purchasing Card Transaction Processing
- Paymentech Salem (New Hampshire) Purchasing Card Transaction Processing
  - Paymentech Salem (New Hampshire) Level 2 Parameters for American Express
  - Paymentech Salem (New Hampshire) Level 3 Purchasing Card Parameters
- Paymentech Tampa Level 2 Purchasing Card Transaction Processing
- SecureNet Purchasing Card Transaction Processing
- TSYS Acquiring Solutions Purchasing Card Transaction Processing
- Vantiv Purchasing Card Transaction Processing
  - Vantiv Purchasing Parameters
  - Vantiv Purchasing Card Line Item Parameters
- WorldPay Purchasing Cards Transaction Processing
  - WorldPay Level 2 Parameters
  - WorldPay Level 3 Parameters
VERBOSITY: Processor-Specific Transaction Results
Country Codes
Codes Used by FDMS South Only
- MasterCard Country Codes for FDMS South Only
- Visa Country Codes
- Units of Measure
Additional Processor Information
- Moneris Solutions
Payflow Link Migration
- Migrating from a legacy Payflow Link Integration
Payflow Gateway MagTek Parameters
- MagTek MagneSafe Secure Card Readers and Qwick Codes
  - MagneSafe Secure Card Reader Authenticators
  - MagTek Qwick Codes
- Passing Encrypted Card Swipe Data and Qwick Codes to the Payflow Gateway
  - Encrypted Card Swipe Payflow Example
  - Qwick Code (PCode) Payflow Example
- Parameters for Encrypted Card Swipe Transactions
- Parameters for MagTek Qwick Code (PCode) Transactions
- MagTek Error Codes and Messages
Payflow Gateway FAQs

Gateway Developer Guide and Reference 07 January 2014 35

Secure Token

Secure Token Errors

NOTE: The secure token is valid for 30 minutes, and you can only use it one time. If you

attempt to use the token after the time limit has expired, your transaction will fail with

Result value 7, “Secure Token Expired.” If you attempt to reuse the token, you receive

an error.

1. Set SECURETOKENID to a unique alphanumeric value up to 36 characters in length.

SECURETOKENID=9a9ea8208de1413abc3d60c86cb1f4c5

2. Set CREATESECURETOKEN to the value Y to request that the Gateway server return a token.

CREATESECURETOKEN=Y

3. Set SILENTTRAN to the value TRUE to suppress the display of hosted pages.

SILENTTRAN=TRUE

Transparent Redirect Example

The following is an example of an authorization parameter string that suppresses hosted pages.

TRXTYPE=A&BILLTOSTREET=123 Main St.&BILLTOZIP=95131&AMT=24.35&INVNUM=INV123

45&PONUM=PO12345&CURRENCY=USD&CREATESECURETOKEN=Y&SECURETOKENID=9a9ea8208de

1413abc3d60c86cb1f4c5&SILENTTRAN=TRUE

The Gateway server returns a SECURETOKEN and SECURETOKENID in the response. A tag

follows the SECURETOKEN to indicate the length of the token value returned.

RESULT=0&RESPMSG=Approved&SECURETOKEN[25]=Fj+1AFUWft0+I0CUFOKh5WA==&SECURET

OKENID=9a9ea8208de1413abc3d60c86cb1f4c5

When the customer enters their sensitive data into the credit card fields on your website and

clicks Submit, the browser posts the data to the Gateway server rather than to your website.

NOTE: It is highly recommended that you add scripting to ensure the the browser posts the

sensitive data directly to the PayPal Gateway server rather than to your website.

If you are using the PARMLIST parameter with the Transparent Redirect, see “Using the

PARMLIST Parameter” on page 46 for more information.

Secure Token Errors

A successful Payflow transaction will return RESULT=0 in the response. If your Secure Token

transaction is unsuccessful, you can pass the token 2 more times to Payflow before the token

expires.

A Payflow Secure Token will expire:

 If the same Secure Token is passed to Payflow a total of 3 times.