www.belassist.by

Versions Compared

Old Version 198

changes.mady.by.user Oksana Chizhikova

Saved on

compared with

New Version Current

changes.mady.by.user Oksana Chizhikova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Name

Manda-
tory

Accepted values

Default value

Description

Merchant_ID

Yes

Number


Merchant identification number in IPS Assist

Login

Yes

String


Service Login

Password

Yes

String


Password

OrderNumber

Yes/No

128 symbols


Order number (order identification on the merchant side)

OrderAmount

Yes

Number, 15 digits, two digits after the delimiter (delimiter '.')


Payment amount (ex.: 10.34)

OrderCurrency

No

3 symbols

Default currency of enterprise or merchant

Order currency code (for OrderAmount value)

Ex.: RUB, USD, EUR and so on.

OrderComment

No

4000 symbols


Order comment

Delay

No

0 - one stage payment,
1- two stage payment

0

Flag for selection of one or two payment stages

Language

No

RU - Russian
EN - English

Enterprise or merchant language

Language of payment pages

ClientIP

No/Yes



IP-address of customer. IP-address of customer. The parameter is mandatory for the 3-D Secure protocol version 2.

Cardtype

No

1 - VISA
2 - EC/MC
3 - DCL
4 - JCB
5 - AMEX
6 - MIR


Card type

Cardnumber

Yes



Card number

Cardholder

No*

70 letters (no digits). Space as delimiter


Card-holder

Expiremonth

Yes

1-12


Card expiration month

Expireyear

Yes

Year in YYYY format


Card expiration year

Cvc2

Yes



CVC2 code

Lastname

No*

70 letters (no digits)


Customer second name

Firstname

No*

70 letters (no digits)


Customer first name

Middlename

No

70 letters (no digits)


Customer middle name

Email

No*

128 symbols


E-mail of customer

Address

No

256 symbols


Customer address

HomePhone

No

64 symbols


Customer home phone

WorkPhone

No

20 symbols


Customer work phone

MobilePhone

No

20 symbols


Customer mobile phone

Country

No

3 symbols


Customer's country code

State

No

3 symbols


Customer's region code

City

No

70 symbols


Customer's city

Zip

No

25 symbols


Customer's postal index

isConvert

No

0 - don't convert to the base currency

1 - don't convert to the base currency if possible

2 - always convert to the base currency

1

Currency conversion indicator

Format

No

1 - CSV
3 - XML
4 - SOAP
5 - JSON

1

Results format. If the request is sent in SOAP or in JSON format, then the response will also be in SOAP or in JSON respectively, in other cases, in accordance with the passed format value.

Signature

No

String


The string is joined according to determined rules.

Then  the  MD5   hash   prepared   from   this   string.   Hash   is   signed   by   private   RSA   key   of   the   merchant.   Key   length   -   1024.   Received   bit   sequence   is   a   signature.   Signature   is   transferred   BASE64   coded   string.

Warning

Attention! The parameter is necessary in order to protect the transmitted data from the possibility of their substitution by intruders. You should also enable the  setting  for check value or signature in the Personal account.

RecurringIndicator

No

1 –recurring - recurring payment

0 - standard payment

0

Recurring payment indicator

RecurringMinAmount

No/Yes

Number, 15 digits, two digits after the delimiter (delimiter '.')


Minimum payment amount for recurring payments

Mandatory when RecurringIndicator = 1

RecurringMaxAmount

No/Yes

Number, 15 digits, two digits after the delimiter (delimiter '.')


Maximum payment amount for recurring payments

Mandatory when RecurringIndicator = 1

RecurringPeriod

No/Yes

3 digits number


Recurring interval in days

Mandatory when RecurringIndicator = 1

RecurringMaxDate

No/Yes

Date in string representation DD.MM.YYYY


Finish date of recurring payments

Mandatory when RecurringIndicator = 1

CustomerNumber

No

32 symbols


Merchant's internal customer identification

SaveCard

No

1 - the card is stored to this customer number;

0 - the card is not stored.

0

This parameter permits to store the card to this client number for subsequent payments, if the current payment is successful.

If this card for this client number already has been saved before, the parameter is ignored.

Disable3DSNo

0 - perform 3D-Secure authorization according to the merchant settings;

1 - fulfill payment without  3-D Secure

0

Flag of disabling 3-D Secure.

The use of this operating mode is possible in agreement with Assist. To configure it, you need to contact the support service (support@belassist.by).

When using this parameter, it must also be added to the order signature, which is built according to  determined rules .


...

In case of unsuccessful payment the responsecode is one of AS100-AS998 values (except AS110 code that is returned when 3-D Secure authorization required - see here, for details).

If the request can't be processed the firstcode and secondcode parameters have non-zero values.

...

Name

Accepted values

Description

HEADER_HTTP_USER_AGENT

String (255 chars)

Header User Agent http from http request

HEADER_HTTP_ACCEPT

String (255 chars)

Header Accept http from http request

HEADER_HTTP_ACCEPT_LANGUAGE

String (128 chars)

Header Accept Language http from http request

HEADER_HTTP_REFERER

String (255 chars)

Header Referer http from http request

HEADER_REMOTE_HOST

String (16 chars)

Customer IP-address

HEADER_HTTP_FORWARDED

String (16 chars)

Header Forwarded http from http request

HEADER_HTTP_X_FORWARDED_FOR

String (16 chars)

Header Xforwarded-For http from http request

HEADER_HTTP_VIA

String (128 chars)

Header Via http from http request

CLIENT_JS_VER

String (16 chars)

Java script interpreter version

CLIENT_LOCAL_TIME

String (128 chars)

Customer local time

CLIENT_SCREEN_RES

String (16 chars)

Customer screen resolution (<width>x< high>)

CLIENT_SCREEN_COLORS

Decimal (numbers from 1 to 24)

Color depth of customer screen

CLIENT_JS_BROWSER_NAME

String (255 chars)

Customer browser name

CLIENT_TIME_ZONE

Decimal (5)

Customer time zone GMT offset in hours. Conversion formula is (- GMT_H). For example, offset GMT+2 is equal to - 2.

CLIENT_COOKIES

String (16 chars)

Unique browser identity from external system

CLIENT_JAVA

Logical (true, false)

Java script support enabled indicator

CLIENT_STYLESHEETS

Logical (true, false)

css styles support

CLIENT_BROWSER_PLATFORM

String (64 chars)

Browser platform name

CLIENT_SYSTEM_LANGUAGE

String (5 chars)

Language code of customer operational system

CLIENT_BROWSER_LANGUAGE

String (5 chars)

Language code of the browser

CLIENT_USER_LANGUAGE

String (5 chars)

Customer language code

CLIENT_PROCESSOR

String (16 chars)

Processor name of customer computer

CLIENT_CONNECTION

String (16 chars)

HTTP connection type

CLIENT_HOSTADDRESS

String (16 chars)

DNS lookup based on HOST_ADDRESS

CLIENT_HOSTNAME

String (70 chars)

Customer host name

...

The additional fields are also added in the silentpay response packet. These fields allow the merchant to provide additional payer authentication using 3-D Secure technologies (VISA cards) and Mastercard SecureCode  (Mastercard catds).

Currently, for For cards of international payment systems VISA and Mastercard in most cases version 2 of the 3D-Secure protocol is used by additional authentication of the customer, the most issuing banks operate according to the 3-D Secure protocol version 1 for all types of cards.For a more secure authentication process, issuing banks and payment systems are switching to a new version 2 of protocol for all types of cards (VISA, Mastercard). To support a new generation protocol, a merchant has to make changes to the customer authentication process.same version of the protocol is also used for UPI cards. For cards of the BELKART payment system, authentication is carried out according to version 1 of the protocol.

To start the order payment, the merchant sends an authorization request to the IPS Assist server. The following data about the customer device and browser must be added to the usual request parameters, if this has not been done before for operating with the SOFI. This data is required in the new 3-D Secure protocol version 2.

Name

Accepted values

Description

HEADER_HTTP_ACCEPT

String (255 chars)

Header Accept http from http request

HEADER_HTTP_USER_AGENT

String (255 chars)

Header User Agent http from http request

CLIENT_JAVA

Logical (true, false)

Java script support enabled indicator navigator.javaEnabled()

CLIENT_BROWSER_LANGUAGE

String (5 chars)

Language code of the browser navigator. language

CLIENT_SCREEN_COLORS

Decimal (15)

Color depth of customer screen Screen.pixelDepth

CLIENT_SCREEN_RES

String (16 chars)

Customer screen resolution Screen.width + 'x' + screen.height

ChallengeWindowSize

2 chars (01 - 250x400, 02 - 390x400, 03 - 500x600, 04 - 600x400, 05 - Full screen)

IFrame size for cardholder verification

ClientIP

Maximum of 15 digits, 4 delimiters «.»

IP-address of the customer

...

After the receiving of the reply from Issuer-Bank the shop has to transfer the 3D-Secure authorization result (pares value) to the IPS Assist. Web-service get3DSec can be used for it.

Get3DSec - transfer of the 3D-Secure authorization result

...

Code Block
languagexml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<send3dsparams xmlns="urn:assist-processor">
<merchant_id>Merchant ID</merchant_id>
<login>Login</login>
<password>Password</password>
<ordernumber>Order number</ordernumber>
<language>Language</language>
<pares>value pares which is received from issuer-bank</pares>
</send3dsparams>
<s:Body>
<s:Envelope>

Return values - the same as in the silentpay request result.

...

Name

Accepted values

Description

In the response of the service1

version

11(1.0.0, 1.0.2)
21 (2.0, 2.1.0, 2.2.0)

3-D Secure Protocol version

1,2

threeDSServerTransID

String

3DS Server transaction ID

1,2

threeDSMethodURL

String (255 chars)

The ACS URL that will be used by the 3DS Method

1

threeDSMethodData

String (255 chars)

Request body (Base64 encoded)

1

alphaauthresult

Y - success, N - fail, A - Attempt, U - unable to authenticate, R - rejected, E - error, I - Informational Only

Authentication result will be received in case of Frictionless Flow authentication.

1,2

challenge

F - Frictionless Flow
C - Challenge Flow
D - Decoupled Authentication

Interaction with the customer (C - required, F - not needed, D - decoupled authentication)

1,2

challengeurl2

Full URL like

https://acs....

2048 symbols maximum

The ACS URL for payer verification

1,2

challengerequest2

String

Request body (Base64 encoded) for challengeurl request

1,2

...

1The parameter may be contained in the response of the service: 1- silentpay; 2 - get3dserver2.

Anchor
2t
2t


2 In case of authorization without additional interaction with the customer (Frictionless Flow), the parameters challengeurl and challengerequest will not be returned.

...

In those work scenarios that require the generation of a hidden HTML iFrame, at step 7 in the threedsdata unit, the merchant will receive the necessary threeDSMethodData and threeDSMethodURL parameters for generating a POST request (unit 9). The result of sending the request can be positive (HTTP code 200), negative (any other HTTP code), or the request sending timeout value will be exceeded (set to 10 seconds). After receiving the HTTP code or the timeout has expired, a request must be sent to the get3dsecver2 service (unit 10) to continue the authentication process.

get3dserver2 - web service of the 3D-Secure authentication continuation

...

The response to the request in this case will contain one of the final response codes (AS000 - operation completed successfully, AS100-AS109 - denial of authorization), all response fields described  above, and an additional threedsdata data block in which the challenge parameter is F, and the alphaauthresult field contains the authentication result (Y, N, U, R, I).

...