Pymt Auth - Account
Note: All of the credit card interfaces mentioned in the Payment Authorization sections require a separate license fee to use. Contact the Naviga Support Center for more information.
Important: If these settings are changed, you must close and relaunch all Graphical modules after the changes have been made.
1. Are credit card validation values (CID, CVV, CVV2) required when entering credit card payments? B (Non) A credit card validation value is a 3- or 4-digit security code found on the back of a credit card in the signature area. This setting can be overridden in Security.
ValueYes
The validation value is required when entering credit card payments.
No
The validation value is not required.
2. Should credit card validation values be retained until payment authorization is obtained? B (Non) A credit card validation value cannot, by law, be stored after the credit card is authorized. This setting determines if you will store these values long enough to obtain authorization.
ValueYes
Store the validation value until the credit card is authorized; then remove it.
No
Do not store validation values at all.
3. When not using real-time payment authorization, should authorized payments be exported by the batch export process? B (Non) This setting does not apply to real-time credit card authorization. Rather, it indicates whether you export credit card payments to a file that will be read by third-party software.
ValueYes
Export payments to a file. This is the on-premises default.
No
Do not create an export file.
4. Which product integration is used for real-time payment authorization? B (Non) Select the name of the system you use to authorize credit cards in real time. Currently, the possible settings are “DTI”, and “None” (the default).
ValueDTI
Use the DTI Payment Authorization Service.
None
No payment authorization integration is used. This is the on-premises default.
5. Should pre-authorized payments be sent to the authorization service as a forced transaction? B (Non) A Customer Service associate may be required to call the credit card company to obtain authorization. If the credit card company authorizes the card, they will give the associate an authorization number to enter in the credit card window. This type of transaction is considered a “force” transaction.
ValueYes
“Force” transactions are allowed.
No
“Force” transactions are not allowed. This is the on-premises default.
6. After how many seconds should the validation process stop trying to communicate with the authorization server? B (Client) When attempting to communicate with the authorization server, the validation process will eventually time-out. Enter the maximum number of seconds that validation should be attempted before timing out. The default is 60.
7. If using DTI Payment Authorization, which third party payment authorization product integration is being used? B (Client) If using the DTI Payment Authorization Service, select your credit card payment authorization vendor here. All vendors are licensed add-ons—contact Naviga Support for more information.
ValuebPoint
Payments will be authorized by bPoint.
Beanstream
Payments will be authorized by Beanstream.
Braintree
Select “Braintree” only if you use Off-Site Braintree (for off-site credit card storage). Select “None” if you use real-time Braintree (i.e., with on-premise credit card storage).
Cybersource
Payments will be authorized by the Cybersource hosted order page. Note that this product has been superseded by Cybersource SA and is no longer supported.
Cybersource SA
Payments will be authorized by Cybersource Secure Acceptance.
Edgil
Payments will be authorized by Payway Complete EdgCapture.
EPX
Payments will be authorized by EPX.
None
The DTI Payment Authorization Service will not be used.
PayPalHOP
Payments will be authorized by PayPal Payments Pro.
The settings of the next 3 Business Rules (8, 9, and 10), when combined into one string and entered in a web browser’s address bar, should open an XML document.
See the following example.
http://<iiS Host Name>/wspaymentauthorization/wspaymentauth.asmx?WSDL
In this example:
http://<iis Host Name>
is the host name,/wspaymentauthorization/
is the URL path, andwspaymentauth.asmx?WSDL
is the WSDL name.
8. If using DTI Payment Authorization, what is the host name for the DTI Payment Authorization server? BCP (Client) Enter the host name of the authorization service; for example: “http://qatest” or “http://10.121.1.186”.
9. If using DTI Payment Authorization, what is the URL Path for the DTI Payment Authorization service? BCP (Client) Enter the URL path of the authorization service. This setting defaults to the standard value used in the installation instructions; for example: “/wspaymentauthorization/”.
10. If using DTI Payment Authorization, what is the WSDL name for the DTI Payment Authorization service? BCP (Client) Enter the WSDL name. This setting defaults to the standard value used in the installation instructions; for example: “wspaymentauth.asmx?WSDL”
11. If using DTI Payment Authorization, do you want to prevent transactions from being processed against this database? BCP (Non) Set this Business Rule to “yes” during the initial setup of payment authorization while testing with a demo or test account. When switching over to live mode or when testing against a real merchant account, set this Business Rule to “no”.
12. If using Hosted Order Page, what is the host name of the service that you use? B (Client) If using the Hosted Order Page, enter the name, URL and redirect URL in these parameters. They will vary based on your payment authorization vendor.
13. If using Hosted Order Page, what is the host URL of the service that you use? B (Client)
14. If using Hosted Order Page, what is the host URL of the redirect page that you use? B (Client) The default redirect is “cmshare/http/echo.html”.
Beanstream
15. If using Beanstream, what is the web service URL for the authorization server? B (Client) The default is “https://www.beanstream.com/scripts/process_transaction.asp”.
16. If using Beanstream Hosted Page, what is the web service URL for the lookup request? B (Client) The default is “https://www.beanstream.com/scripts/payment_profile.asp”.
17. If using Beanstream Hosted Page, what merchant ID should be used in authorization requests? BC (Client) This will be provided by Beanstream.
18. If using Beanstream Hosted Page, what API access passcode should be used in authorization requests? BC (Client) This will be provided by Beanstream.
19. If using Beanstream Hosted Page, what hash key should be used in authorization requests? BC (Client) This will be provided by Beanstream.
bPoint
See FAQ #125: bPoint Hosted Order Page Setup
for more information about bPoint.
20. If using bPoint API, what merchant ID should be used in authorization requests? BC (Client)
21. If using bPoint API, what billing code should be used in authorization requests? BC (Client)
22. If using bPoint API, what user name should be used in authorization requests? BC (Client)
23. If using bPoint API, what password should be used in authorization requests? BC (Client)
24. If using bPoint API, what is the full URL for the bPoint authorization service? BC (Client)
25. If using bPoint API, what is the full URL for the bPoint token lookup service? BC (Client).
26. If using bPoint Hosted Page, should transactions be processed against the production environment? BC (Client) The default is blank for Cloud sites and “no” for on-premises sites. To implement bPoint skipping the Expire Date check (designed for use with Auto Renew), the value of TxnType can be set in the PAS (in version 8.11.50 and higher) to ‘RECURRING’ based on the name of the Batch. This change will set the TxnType flag to 'RECURRING' for any batch where the name begins with 'ZC' (case insensitive). 'ZC' is used for the names of the auto renew batches, so 'RECURRING' will be used for auto renew. This value (ZC) is set by default in the PAS, and can be changed by putting the following line in the AppSettings section of the web.config file:
<add key="BPointAutoRenewBatchStartsWith" value="ab" />
In this example, it would use the 'RECURRING' flag for any batch that begins with 'AB' (again, case insensitive). The following line can be used to force the hard coding of the TxnType parameter to either 'CALL_CENTRE' (which matches behavior before this change), or 'RECURRING' (which would prevent expire date checking for all transactions, even single payments).<add key="BPointTxnType" value="CALL_CENTRE" />
or<add key="BPointTxnType" value="RECURRING" />
Braintree
27. If using Braintree, what is the host name for the Braintree authorization server? B (Client) Enter the host name; for example, secure.braintreepaymentgateway.com.
28. If using Braintree, what is the URL path for the Braintree authorization server? B (Client) Enter the URL path; for example, /api/transact.php. The settings of this and the previous Business Rule, when combined into one string, should point to the location where transactions are sent. For example: https://secure.braintreepaymentgateway.com/api/transact.php
29. If using Braintree, what is the local port for the Braintree authorization server? B (Client) Enter the local port. The default is 443.
30. If using Braintree, what user name should be used in authorization requests? B (Client) Enter the user name for authorization requests. The answer will be encrypted.
31. If using Braintree, what password should be used in authorization requests? B (Client) Enter the password for authorization requests. The answer will be encrypted.
32. If using Braintree, what processor ID should be used in authorization requests? BC (Client) Enter the processor ID; for example, ccprocessora.
33. If using Braintree Hosted Page, what merchant ID should be used in authorization requests? BC (Client)
34. If using Braintree Hosted Page, what hosted page ID should be used in authorization requests? BC (Client)
35. If using Braintree Hosted Page, what public key should be used in authorization requests? BC (Client)
36. If using Braintree Hosted Page, what private key should be used in authorization requests? BC (Client)
37. If using Braintree Hosted Page, what merchant account ID should be used in authorization requests? BC (Client)
38. If using Braintree Hosted Page, should transactions be processed against the production environment? BC (Client) The default is “no”.
39. If using Braintree Hosted Page, do you allow payments to be entered for expired credit cards? BC (Client) This setting indicates whether the Hosted Order Page or the credit card processor validate the credit card expire date.
ValueYes
Payments can be entered for expired credit cards (validation by credit card processor).
No
Payments cannot be entered for expired credit cards (validation by the HOP).
Cybersource
40. If using Cybersource, what currency should be used in authorization requests? BC (Client)
41. If using Cybersource, what merchant ID should be used in authorization requests? BC (Client)
42. If using Cybersource, what is the host name for the Cybersource authorization server? B (Client)
43. If using Cybersource, what is the URL path for the Cybersource authorization server? B (Client)
44. If using Cybersource Hosted Order Page, what is the merchant ID that you use? BC (Client)
45. If using Cybersource Hosted Order Page, what is the serial number that you use? BC (Client)
46. If using Cybersource Hosted Order page, what is the shared secret key that you use? BC (Client)
47. If using Cybersource Secure Acceptance, what is the profile ID that you use? BC (Client) You will be given the profile ID when configuring Secure Acceptance at the Cybersource website. You should also answer this Business Rule in the iServices admin module, if applicable.
48. If using Cybersource Secure Acceptance, what is the access key that you use? BC (Client) You will be given the access key with the profile ID when configuring Secure Acceptance.
49. If using Cybersource Secure Acceptance, what is the locale that you use? BC (Client) The default is “EN” (English).
50. If using Cybersource Secure Acceptance, what is the shared secret key that you use? BC (Client) You will be given the secret key with the profile ID when configuring Secure Acceptance. You must set this Business Rule in the Oversized Rules option.
Edgil
51. If using Edgil, which version of Edgil are you using? BC (Client) Indicate which Edgil interface you are using. This setting dictates the Edgil version to which the remainder of the Edgil-related Business Rules apply.
Value.Net
The Edgil .Net interface is being used.
Original
The the original Edgil interface. This is the on-premises default.
Web Service
The Edgil Web Service interface is being used.
52. If using Edgil, what user name should be used in authorization requests? BC (Client) Enter the user name that should be sent for authorization requests.
53. If using Edgil, what password should be used in authorization requests? BC (Client) Enter the password that should be sent for authorization requests.
54. If using Edgil, what order entry process ID (OEP ID) should be used in authorization requests? BC (Client) The merchant and OEP IDs defined here will be exported to the Edgil file.
55. If using Edgil, what merchant ID should be used in authorization requests? BC (Client) The merchant and OEP IDs defined here will be exported to the Edgil file.
56. If using Edgil Web Service, should transactions be processed against the production environment? BC (Client) This setting indicates whether the production environment is in use when using the Web Service version of Edgil. The default setting is “no.”
EPX
57. If using EPX API, what customer number should be used in authorization requests? BC (Client) The customer number is required for authorization requests. It is provided by EPX.
58. If using EPX API, what merchant number should be used in authorization requests? BC (Client) The merchant number is required for authorization requests. It is provided by EPX.
59. If using EPX API, what DBA number should be used in authorization requests? BC (Client) The DBA number is required for authorization requests. It is provided by EPX.
60. If using EPX API, what terminal number should be used in authorization requests? BC (Client) The terminal number is required for authorization requests. It is provided by EPX.
61. If using EPX API, what merchant authorization code should be used in authorization requests? BC (Client) The merchant authorization code (MAC) is required for authorization requests. It is provided by EPX.
62. If using EPX API, what is the host name for the EPX authorization server? B (Client) Enter the host name of the EPX authorization service; for example, “https://secure.epxuap.com”. It is provided by EPX.
63. If using EPX Hosted Page, what is the KeyExchange URL that you use? BC (Client) Requests are made to the KeyExchange URL for a terminal authorization code (TAC) that is required to access the EPX Hosted Order Page. It is provided by EPX.
64. If using EPX Hosted Page, what is the Custom CSS URL that you use? BC (Client) This URL contains the custom stylesheet that will used with the hosted order page. Note: This setting is used only in testing environments. Custom CSS will reside on the server in the live environment.
65. If using EPX Hosted Page, what is the Custom JavaScript URL that you use? BC (Client) This URL contains the custom JavaScript that will used with the hosted order page. Note: This setting is used only in testing environments. Custom JavaScript will reside on the server in the live environment.
PayPal
66. If using PayPal, what currency should be used in authorization requests? BCP (Client) Enter the currency that should be sent for authorization requests.
67. If using PayPal, what partner name should be used in authorization requests? BCP (Client) Enter the partner name that should be sent for authorization requests.
68. If using PayPal, what vendor name should be used in authorization requests? BCP (Client) Enter the vendor name that should be sent for authorization requests.
69. If using PayPal, what user name should be used in authorization requests? BCP (Client) Enter the user name that should be sent for authorization requests.
70. If using PayPal, what password should be used in authorization requests? BCP (Client) Enter the password that should be sent for authorization requests.
71. If using PayPal, what is the URL used to obtain a secure token and access the authorization server? BCP (Client) Enter the URL; for example, https://pilot-payflowpro.paypal.com/
72. If using PayPal, what is the local port for the authorization server? BCP (Client) Enter the local port; for example, 443
Last updated