Transcription of Secure Acceptance Checkout API Integration Guide
1 Title PageSecure Acceptance Checkout APII ntegration Guide2 Cybersource Contact InformationFor general information about our company, products, and services, go to sales questions about any Cybersource service, email or call 650-432-7350 or 888-330-2300 (toll free in the United States).For support information about any Cybersource service, visit the Support Center: 2021. Cybersource Corporation. All rights reserved. Cybersource Corporation ("Cybersource") furnishes this document and the software described in this document under the applicable agreement between the reader of this document ("You") and Cybersource ("Agreement"). You may use this document and/or software only in accordance with the terms of the Agreement.
2 Except as expressly set forth in the Agreement, the information contained in this document is subject to change without notice and therefore should not be interpreted in any way as a guarantee or warranty by Cybersource. Cybersource assumes no responsibility or liability for any errors that may appear in this document. The copyrighted software that accompanies this document is licensed to You for use only in strict accordance with the Agreement. You should read the Agreement carefully before using the software. Except as permitted by the Agreement, You may not reproduce any part of this document, store this document in a retrieval system, or transmit this document, in any form or by any means, electronic, mechanical, recording, or otherwise, without the prior written consent of Rights LegendsFor Government or defense agencies: Use, duplication, or disclosure by the Government or defense agencies is subject to restrictions as set forth the Rights in Technical Data and Computer Software clause at DFARS and in similar clauses in the FAR and NASA FAR civilian agencies.
3 Use, reproduction, or disclosure is subject to restrictions set forth in subparagraphs (a) through (d) of the Commercial Computer Software Restricted Rights clause at and the limitations set forth in Cybersource Corporation's standard commercial agreement for this software. Unpublished rights reserved under the copyright laws of the United , , and The Power of Payment are registered trademarks of Cybersource Corporation. Cybersource, Cybersource Payment Manager, Cybersource Risk Manager, Cybersource Decision Manager, and Cybersource Connect are trademarks and/or service marks of Cybersource Corporation. Visa, Visa International, Cybersource, the Visa logo, and the Cybersource logo are the registered trademarks of Visa International in the United States and other countries.
4 All other trademarks, service marks, registered marks, or registered service marks are the property of their respective : Acceptance Checkout API Integration Guide |3 CONTENTSC ontentsRecent Revisions to This Document7 About This Guide9 Audience and Purpose9 Web Site Requirements9 Conventions10 Important and Warning Statements10 Text and Command Conventions10 Related Documents11 Customer Support12 Chapter 1 Secure Acceptance Checkout API13 Required Browsers14 Secure Acceptance Profile14 Secure Acceptance Transaction Flow15 Payment Tokens16 Tokens That Represent a Card or Bank Account Only17 Subscription Payments17 Level II and III Data18 BIN Lookup18 Requirement18 Request BIN Lookup19 Payouts Payment Tokens19Go-Live with Secure Acceptance20 Chapter 2 Payment Configuration21 Creating a Checkout API Profile21 Payment
5 Method Configuration22 Adding Card Types and Currencies22 payer authentication Configuration23 Secure Acceptance Checkout API Integration Guide |4 ContentsConfiguring payer Authentication23 Enabling Automatic Authorization Reversals24 Enabling Echecks25 Enabling PayPal Express Checkout25 Security Keys26 Creating Security Keys27 Merchant Notifications28 Configuring Merchant Notifications28 Customer Receipts29 Configuring Customer Notifications29 Customer Response Page30 Configuring a Transaction Response Page31 Activating a Profile31 Additional Profile Options31 Samples in Scripting Languages32 Sample Transaction Process Using JSP32 Chapter 3 Portfolio Management for Resellers33 Creating a Checkout API Profile33 Payment Method Configuration34 Adding Card Types and Currencies34 payer authentication Configuration35 Configuring payer Authentication35 Enabling Automatic Authorization Reversals36 Enabling Echecks37 Enabling PayPal Express Checkout38 Service Fees38 Enabling Service Fees38 Security Keys 39 Creating Security Keys40 Merchant Notifications41 Configuring Merchant Notifications41 Customer Receipts42 Configuring Customer Notifications42 Customer Response Page43 Configuring a Transaction Response Page43 Activating a Profile44 Additional Profile Options44 Secure Acceptance Checkout API Integration Guide |5 ContentsChapter 4 Payment Transactions45 Endpoints and Transaction Types45 Required Signed
6 Fields46 Payment Tokens47 Creating a Payment Card Token47 Creating an Echeck Token49 Payment Token Transactions51 Requesting a Payment Card Transaction with a Token51 Recurring Payments55 Installment Payments57 Payment Token Updates59 Updating a Payment Card Token59 Updating an Echeck Token61 Chapter 5 Decision Manager63 Chapter 6 Test and View Transactions65 Testing Transactions65 Viewing Transactions in the Business Center66 Appendix AAPI Fields67 Data Type Definitions67 Request Fields68 Response Fields111 Reason Codes151 Types of Notifications154 AVS Codes155 International AVS Domestic AVS Codes155 CVN Codes157 Appendix BAmerican Express SafeKey Response Codes158 Appendix CIframe Implementation159 Clickjacking Prevention159 Secure Acceptance Checkout API Integration Guide |6 ContentsIframe Transaction Endpoints160 Appendix DVisa Secure Response Codes161 REVISIONSS ecure Acceptance Checkout API Integration Guide |7 Recent Revisions to This Added the request field cryptocurrency_purchase, page the first important note in " Secure Acceptance Checkout API," page the request field the profile_id and req_profile_id fields.
7 See Chapter 4, "Payment Transactions," on page 45, and Appendix A, "API Fields," on page the following healthcare request fields. See "Request Fields," page 68. health_care_#_amount health_care_#_amount_type industry_datatypeUpdated the first Important note in Appendix C, "Iframe Implementation," on page support for PINless debit support for the profile_id and req_profile_id CyberSource through VisaNet to Visa Platform Connect. Updated the customer_ip_address request field. Added the following request fields. See "Request Fields," page 68. customer_browser_color_depth customer_browser_java_enabled customer_browser_javascript_enabled customer_browser_language customer_browser_screen_height customer_browser_screen_width customer_browser_time_difference payer_authentication_acquirer_country payer_authentication_acs_window_size payer_authentication_indicator payer_authentication_merchant_fraud_rate payer_authentication_merchant_name payer_authentication_merchant_score payer_authentication_prior_authenticatio n_dataRecent Revisions to This DocumentSecure Acceptance Checkout API Integration Guide | (continued)
8 Payer_authentication_prior_authenticatio n_method payer_authentication_prior_authenticatio n_reference_id payer_authentication_prior_authenticatio n_timeAdded the following response fields. See "Response Fields," page 111. card_type_name payer_authentication_acs_transaction_id payer_authentication_challenge_type payer_authentication_network_score payer_authentication_pares_status_reason payer_authentication_type payer_authentication_white_list_status payer_authentication_white_list_status_s ource payment_account_reference Added endpoints and Business Center URLs for transactions in Example 11, "Request: Create a Payment Token for Installment Payments," on page 57 and Example 11, "Request: Create a Payment Token for Installment Payments," on page GUIDES ecure Acceptance Checkout API Integration Guide |9 About This GuideAudience and PurposeThis Guide is written for merchants who want to customize and control their own customer Checkout experience, including receipt and response pages.
9 After the customization, you will have full control to store and control customer information before sending it to Cybersource to process transactions, and to use the Business Center to review and manage all of your the Secure Acceptance Checkout API requires moderate scripting skills. You must create a security script and modify your HTML form to pass order information to Cybersource. Web Site RequirementsYour web site must meet the following requirements: It must have a shopping-cart or customer order creation software. It must contain product pages in one of the supported scripting languages. See "Sample Transaction Process Using JSP," page 32. The IT infrastructure must be Public Key Infrastructure (PKI) enabled to use SSL-based form POST submissions.
10 The IT infrastructure must be capable of digitally signing customer data prior to submission to Secure Acceptance . About This GuideSecure Acceptance Checkout API Integration Guide |10 ConventionsImportant and Warning Statements Text and Command ConventionsAn Important statement contains information essential to successfully completing a task or learning a Warning contains information or instructions, which, if not heeded, can resultin a security risk, irreversible loss of data, or significant cost in time or revenueor Field and service names in text; for example: Include the transaction_type field. Items that you are instructed to act upon; for example: Click text Code examples and samples. Text that you enter in an API environment; for example:Set the transaction_type field to This GuideSecure Acceptance Checkout API Integration Guide |11 Related DocumentsRefer to the Support Center for complete Cybersource technical documentation: 1 Related DocumentsSubjectDescriptionBusiness Center Business Center User Guide (PDF | HTML) describes how to use the Business ManagerThe following documents describe how to integrate and use the Decision Manager services.
