php sfa guide
TRANSCRIPT
PHP Merchant Integration Guide
1
Copyright © ICICI Bank Limited. All rights reserved.
Copyright Information
Copyright © ICICI Bank Ltd. All rights reserved. No part of this document may be reproduced, stored in retrieval form, adopted or transmitted in any form or by any means, electronic, mechanical, photographic, graphic, optic or otherwise, translated in any language or computer language, without prior written permission from ICICI Bank Ltd.
Disclaimer
This document has been prepared in accordance with the accepted techniques for solution specifications definition at ICICI Bank Ltd. The information represented herein, has been gathered after studying market trends and inputs supplied by expert consultants. The representations and related information contained in the document reflect ICICI Bank’s best understanding of the business. However, ICICI Bank makes no representation or warranties with respect to the contents hereof and shall not be responsible for any loss or damage caused to the user by the direct or indirect use of this document and the accompanying software package. Further, ICICI Bank reserves the right to alter, modify or otherwise change in any manner the content hereof, without the obligation to notify any person of such revision or changes.
About Payseal
Payseal is brought to you by ICICI Bank Ltd. Payseal provides secure electronic commerce payment solutions in the B2C & B2B environments.
2
Copyright © ICICI Bank Limited. All rights reserved.
About ICICI
ICICI Bank is India's second-largest bank with total assets of Rs. 3,997.95 billion (US$ 100 billion) at March 31, 2008 and profit after tax of Rs. 41.58 billion for the year ended March 31, 2008. ICICI Bank is second amongst all the companies listed on the Indian stock exchanges in terms of free float market capitalization*. The Bank has a network of about 1,308 branches and 3,950 ATMs in India and presence in 18 countries. ICICI Bank offers a wide range of banking products and financial services to corporate and retail customers through a variety of delivery channels and through its specialized subsidiaries and affiliates in the areas of investment banking, life and non-life insurance, venture capital and asset management. The Bank currently has subsidiaries in the United Kingdom, Russia and Canada, branches in Unites States, Singapore, Bahrain, Hong Kong, Sri Lanka, Qatar and Dubai International Finance Centre and representative offices in United Arab Emirates, China, South Africa, Bangladesh, Thailand, Malaysia and Indonesia. Our UK subsidiary has established branches in Belgium and Germany.
ICICI Bank's equity shares are listed in India on Bombay Stock Exchange and the National Stock Exchange of India Limited and its American Depositary Receipts (ADRs) are listed on the New York Stock Exchange (NYSE).After consideration of various corporate structuring alternatives in the context of the emerging competitive scenario in the Indian banking industry, and the move towards universal banking, the managements of ICICI and ICICI Bank formed the view that the merger of ICICI with ICICI Bank would be the optimal strategic alternative for both entities, and would create the optimal legal structure for the ICICI group's universal banking strategy. The merger would enhance value for ICICI shareholders through the merged entity's access to low-cost deposits, greater opportunities for earning fee-based income and the ability to participate in the payments system and provide transaction-banking services. The merger would enhance value for ICICI Bank shareholders through a large capital base and scale of operations, seamless access to ICICI's strong corporate relationships built up over five decades, entry into new business segments, higher market share in various business segments, particularly fee-based services, and access to the vast talent pool of ICICI and its subsidiaries. In October 2001, the Boards of Directors of ICICI and ICICI Bank approved the merger of ICICI and two of its wholly-owned retail finance subsidiaries, ICICI Personal Financial Services Limited and ICICI Capital Services Limited, with ICICI Bank. The merger was approved by shareholders of ICICI and ICICI Bank in January 2002, by the High Court of Gujarat at Ahmedabad in March 2002, and by the High Court of Judicature at Mumbai and the Reserve Bank of India in April 2002. Consequent to the merger, the ICICI group's financing and banking operations, both wholesale and retail, have been integrated in a single entity.
3
Copyright © ICICI Bank Limited. All rights reserved.
Technical Contact
Email [email protected] 91-022-66673128
Operations Contact
Email [email protected] 91-022- 66673918
4
Copyright © ICICI Bank Limited. All rights reserved.
Installing the SFA PHP Library
Pre-requisites – The Merchant's machine where SFA will be
installed should have PHP with java support enabled.
a. PHP version >= 4.3.4 (recommended version is >= 5.2)
b. JDK 1.4.2 or greater should be available (pre requisite for JavaBridge)
c. http://php-java- bridge.sourceforge.net/pjb/installation.php
d. Use javabridge version <= 4.0 (however the latest versions should work fine)
1. Public certificates of Verisign Intermediate CA and Verisign
Root CA who has issued the Payseal certificate needs to be
available in the java certificate store (cacerts file).
2. The Merchant must possess the key file generated by the
Payment Gateway (available in the zip as 00001003.key).
The file name should not be changed, where 00001003 is
the merchant ID.
Steps for obtaining the key file –
1. Login into the Merchant Web Interface using the Mer
chant Super User login.
2. Click on the link “Personalize>> Key Download”
3. Save the “.key” file sent by the Payment Gateway in a
local folder.
Note – The key file can be downloaded only once. Please
keep the key file in a secure location. Contact PG System
Administrator in case the key file needs to be
5
Copyright © ICICI Bank Limited. All rights reserved.
regenerated.
Note:
1. Check php.ini for the java settings, java.java_home and
java.java. The property values needs to be set to the
JDK which was used for compilation (in case
JavaBridge has been compiled to produce a dynamic
module).
2. Enable Java Bridge logging during integration phase.
3. Verify java support by using the Test page (testjava.php)
shipped with PHP SFA library.
The PHP SFA comes bundled as 2 zip files -
1. SFAClient.zip - This zip file contains the components, which
provide the core SFA functionality and test pages
2. SFA_Dependencies.zip - This zip file contains the
components that are required for the SFA to function
The installation process for SFA_Dependencies.zip is as
follows –
1. Copy the ZIP file to a temporary location on the Merchant
site
2. The zip has the following files
1) cryptix32.jar – Required by SFA to encrypt the data sent
to the ePG
6
Copyright © ICICI Bank Limited. All rights reserved.
2) jcert.jar – Required to establish the SSL connection with
ePG
3) jnet.jar – Required to establish the SSL connection with
ePG
4) jsse.jar – Required to establish the SSL connection with
ePG
5) Servlet.jar – HTTP Request/Response handling
6) Sfa.jar – SFA Java library
3. Copy the folder to a desired location (folder path names
should not have spaces).
4. Set the Jar files in the system classpath. This is not needed
in case the jar files have been copied to the extension di
rectory of JDK used.
Note: The extension directory can be checked from the
JavaBridge log as well. It is printed on startup of
JavaBridge. In case a J2EE backend (like tomcat or some
servlet engine) is configured for JavaBridge, then copy the
jars to the extension directory of the JDK used by the J2EE
backend.
5. Editing the sfa.properties file
a. Open the file sfa.jar using WINZIP. Open the
sfa.properties file.
Note - If WINZIP or a similar facility is not
available on the machine then the following
java command can be used for extracting
7
Copyright © ICICI Bank Limited. All rights reserved.
the properties file
Jar -xvf sfa.jar
To jar the file again use,
Jar -cvf sfa.jar com sfa.properties
b. For the parameter 'Key.Directory' in the properties
file set the name of the folder, which contains the
merchant key. A trailing slash has to be put at the
end of this value. The name of the file need not be
set. Save the file after making other relevant
changes.
c. For the parameter “traceLog”, set the name of the
folder to which sfa logs needs to be written. It shall
point to a folder to which write permissions are
available to java.
d. Enable the verbose parameter to “true” only when
necessary as the log generated might be consider
able depending on the number of transactions.
e. To verify the success of the above operations open
the jar file again and check if the properties file has
the values set.
The Installation process for SFAClient.zip is as follows -
1. Copy the ZIP file to a temporary location on the Merchant
site
8
Copyright © ICICI Bank Limited. All rights reserved.
2. Unzipping shall create a folder called SFAClient.
3. SFAClient contains the following files/directories
1. Sfa – SFA Client library (contains the PHP Sfa library)
2. TestPages – Sample pages for transactions and a test
page (testjava.php) for testing java support.
The Merchants PHP pages can now start using the SFA library.
Test pages are shipped along with the distribution, which can
be used for test/understanding purposes.
Note:
Sfa folder should be copied to the folder where
TestPages/Merchant pages are present.
9
Copyright © ICICI Bank Limited. All rights reserved.
Appendix A
What’s in This Appendix?
The MOTO and the SSL Merchant’s use the Store Front
Adaptor for integrating with the Payment Gateway. This
appendix details the data that is passed from the Merchant to
the Payment Gateway via the Store Front Adaptor.
The following sections define the various parameters and their
definitions.
Note -
1. The information provided in the section “VBV fields for
MOTO Merchants” and “VBV fields for SSL Merchant” are
applicable only to the Merchants enrolled for MPI. For
MOTO merchants who support MPI, it is mandatory to
send the data received from the MPI to the Payment Gate
way.
2. In case of the SSL Merchant, the Card details will be ac
cepted by the Payment Gateway. Hence, the Object map
ping to the Card details mentioned below need not be
populated.
10
Copyright © ICICI Bank Limited. All rights reserved.
Merchant Information
Function Name - setMerchantDetails
Sr No
Parameter Details Valid values Mandatory
1astrMerchantID
ID assigned by the Payment Gateway to the Merchant
Data with maximum size of 8 characters
Y
2 astrVendor Same as Merchant ID Data with maximum size of 8 characters
N
3 astrPartner Same as merchant ID Data with maximum size of 8 characters
N
4 astrCustIPAddress Corresponds to the IP Address of the Customer. In case of a SSL merchant this data will be captured by the Payment Gateway. However, a MOTO merchant has to pass this data to the Payment Gateway. This data is mandatory for a MOTO merchant and non-mandatory for the SSL merchant
Data with maximum size of 20 characters
N (for SSL)Y (for MOTO)
5 astrMerchantTxnID
Transaction number generated by the Merchant for reference. Root Transactions should have unique Transaction Reference Number.
Alpha-numeric data with maximum size of 50 characters
Y
6
astrOrderReferenceNo
Order number generated by the Merchant for his/her reference.
Alpha-numeric data with maximum size of 30 characters
N
7 astrRespURL URL of the Merchants site on which the Payment Gateway must post the results of the transaction. This parameter is valid only in case of a SSL merchant The MOTO merchant always receives the response via the PGResponse Object
Data with maximum size of 80 characters
Y (for SSL merchants only)
11
Copyright © ICICI Bank Limited. All rights reserved.
Sr No
Parameter Details Valid values Mandatory
8 astrRespMethod HTTP method (GET/POST) to be used by the Payment Gateway for posting the results of the transaction to the Merchants site. In case of SSL Merchants the value should be POST as the response is sent via a redirection.
Data with maximum size of 4 characters. (GET/POST)
Y
9 astrCurrCode Currency of the transaction Data with maximum size of 3 characters. ISO Alpha Currency Code‘INR’ for transactions in Rupees.
Y
10 astrInvoiceNo Invoice number generated by the Merchants application
Alpha-numeric data with maximum size of 20 characters
N
11 astrMessageType Indicates the type of transaction. This field can contain either of the values mentioned in the adjacent field
Data with maximum size of 20 characters.req.Preauthorizationreq.Sale
Y
12 astrAmount Amount of the transaction Numeric with maximum size of 15 digits. Maximum exponent is 5.For example, maximum possible data in the amount field can be 999999999999999.99999 but subject to the define exponent for currency
Y
13 astrGMTOffset GMT Time Offset of the Merchants sites locale
Data with maximum size of 9 charactersFormat: GMT+hh:mm
N
14 astrExt1 Additional fields provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
15 astrExt2 Additional field provided to Data with maximum N
12
Copyright © ICICI Bank Limited. All rights reserved.
Sr No
Parameter Details Valid values Mandatory
the Merchant for passing any specific data. Should be “true” for SSL merchant
size of 50 characters
16 astrExt3 Reserved Data with maximum size of 50 characters
N
17 astrExt4 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
18 astrExt5 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
13
Copyright © ICICI Bank Limited. All rights reserved.
Function Name - setMerchantRelatedTxnDetails
Sr No
Parameter Details Valid values Mandatory
1astrMerchantID
ID assigned by the Payment Gateway to the Merchant
Data with maximum size of 8 characters. Id given to the Merchant for identification by the PG
Y
2 astrVendor Same as Merchant ID Data with maximum size of 8 characters.
N
3 astrPartner Same as Merchant ID Data with maximum size of 8 characters.
N
4 astrMerchantTxnID
Transaction number generated by the Merchant for reference.
Alpha-numeric data with maximum size of 50 characters.
Y
5 astrRootTxnSysRefNum
Transaction reference number generated by the Payment Gateway for the original transaction and sent to the merchant. Example, for an Authorization transaction the Root Transaction System reference of Pre-Authorization needs to be given. Similarly, for a Refund transaction the Root Transaction System reference of Authorization needs to be given
Numeric data with maximum size of 15 characters
Y
6 astrRootPNRef RRN number sent by the Payment Gateway to the merchant for the original transaction. Example, for an Authorization transaction the
Numeric data with maximum size of 20 characters
Y
14
Copyright © ICICI Bank Limited. All rights reserved.
Sr No
Parameter Details Valid values Mandatory
RRN of Pre-Authorization needs to be given. Similarly, for a Refund transaction the RRN of Authorization needs to be given.
7 astrRootAuthCode Auth Code sent by the Payment Gateway to the merchant for the original transaction
Numeric data with maximum size of 6 characters
Y
8 astrCurrCode Currency of the transaction Data with maximum size of 3 characters. ISO Alpha Currency Code.‘INR’ for transactions in Rupees
Y
9 astrMessageType Indicates the type of transaction. This field can contain either of the values mentioned in the adjacent field
Data with maximum size of 20 characters.req.Refundreq.Authorization
Y
10 astrAmount Amount of the transaction Numeric with maximum size of 15 digits. Maximum exponent is 5.For example, maximum possible data in the amount field can be 999999999999999.99999
Y
15
Copyright © ICICI Bank Limited. All rights reserved.
Sr No
Parameter Details Valid values Mandatory
11 astrGMTOffset GMT Time Offset of the Merchants sites locale
Data with maximum size of 9 characters.GMT+hh:mm
N
12 astrExt1 Additional fields provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
13 astrExt2 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
14 astrExt3 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
15 astrExt4 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
16 astrExt5 Additional field provided to the Merchant for passing any specific data
Data with maximum size of 50 characters
N
16
Copyright © ICICI Bank Limited. All rights reserved.
Card Information
Function Name - setCardDetails
Sr No Field Details Valid valuesMandatory
1 astrCardType Data with maximum size of 5 characters.VISA –VisaMC- MasterCard
Y
2 astrCardNum Numeric data with maximum size of 20 Y
3 astrCVVNum AlphaNumeric data with maximum size of 5.
For VISA,This field should contain the value in the following formatCVVNum $ Presence IndicatorWhere CVVNum is a CVV valuePresence indicator is one of the following1 – CVV2 value is present2 – CVV2 value is on the Card, but is illegible9 – Cardholder states CVV2 is not present on the Card
e.g 010$1, 011$2 , $9
Y
4 astrExpDtYr yyyy Data with maximum size of 4 characters.
Y
5 astrExpDtMon mm Data with maximum size of 2 characters.
Y
6 astrNameOnCard Alphabetic data with maximum size of 80 characters
N
7 astrInstrType Mode of payment - Credit/ Debit
Data with maximum size of 5 characters.CREDI - For credit cardsDEBIT- For Debit Cards
Y
17
Copyright © ICICI Bank Limited. All rights reserved.
Ship To Address
Function Name - setAddressDetails
The Payment Gateway will store the Ship To Address details in its database only if all the details mentioned as mandatory are populated. If the merchant is not capturing the Address then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory
Sr No Field
Details Valid values Mandatory
1 astrAddrLine1 Alphabetic data with maximum size of 50 characters
Y
2 astrAddrLine2 Alphabetic data with maximum size of 50 characters
N
3 astrAddrLine3 Alphabetic data with maximum size of 50 characters
N
4 astrCity Alphabetic data with maximum size of 30 characters
Y
5 astrState Alphabetic data with maximum size of 30 characters
Y
6 astrZip Numeric data with maximum size of 10 digits
Y
7 astrCountryAlphaCode
Alphabetic data with maximum size of 3 characters IND for INDIA
Y
8 astrEmail Alpha-Numeric data with maximum size of 80 characters
N
18
Copyright © ICICI Bank Limited. All rights reserved.
Bill To Address
Function Name - setAddressDetailsThe Payment Gateway will store the Ship To Address details in its database only if all the details mentioned as mandatory are populated. If the merchant is not capturing the Address then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory
Sr No Field Details Valid values
Mandatory
1 astrCustomerId
If customer is a registered customer with the merchant, then his ID needs to be populated in this field.
Data with maximum size of 10 characters
N
2 astrCustomerName
Data with maximum size of 80 characters
N
3 astrAddrLine1 Alphabetic data with maximum size of 50 characters
Y
4 astrAddrLine2 Alphabetic data with maximum size of 50 characters
N
5 astrAddrLine3 Alphabetic data with maximum size of 50 characters
N
6 astrCity Alphabetic data with maximum size of 30 characters
Y
7 astrState Alphabetic data with maximum size of 30 characters
Y
8 astrZip Numeric data with maximum size of 10 digits
Y
9 astrCountryAlphaCode
Alphabetic data with maximum size of 3 characters IND for India
Y
10 astrEmail Alpha-Numeric data with maximum size of 80 characters
N
19
Copyright © ICICI Bank Limited. All rights reserved.
Customer Details (required for FDMS)
Function Name - setCustomerDetails
Customer information is sent to the Fraud Detection system for risk verification. If the merchant is not capturing the said details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory
Sr No Field Details Valid values Mandatory1 strFirstName Alphabetic data with
maximum size of 50 characters
Y
2 strLastName Alphabetic data with maximum size of 50 characters
N
3 OfficeAddress Object of Address Type N4 HomeAddress Object of Address Type N5 MobileNo Numeric data passed as
string. Max length of 15N
6 Registration Date yyyy-mm-dd Alphabetic data with maximum length of 10 characters
N
7 BillingShippingAddrMatch
Y or N Alphabetic data with maximum size of 1 characters.
Y
20
Copyright © ICICI Bank Limited. All rights reserved.
Address (for Home/Office address details)
Function Name - setAddressDetails
Home and Office address details are sent to the Fraud Detection system for risk verification. If the merchant is not capturing the Address details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory
Sr No Field Details Valid valuesMandatory
1 astrAddrLine1 Alphabetic data with maximum size of 50 characters
Y
2 astrAddrLine2 Alphabetic data with maximum size of 50 characters
N
3 astrAddrLine3 Alphabetic data with maximum size of 50 characters
N
4 astrCity Alphabetic data with maximum size of 30 characters
Y
5 astrState Alphabetic data with maximum size of 30 characters
Y
6 astrZip Numeric data passed as string with maximum size of 10 digits
Y
7 astrCountryAlphaCode
Alphabetic data with maximum size of 3 characters IND for INDIA
Y
8 astrEmail Alphabetic data with maximum size of 80 characters
N
21
Copyright © ICICI Bank Limited. All rights reserved.
Session Information
Function Name - setSessionDetails
Session information is sent to the Fraud Detection system for risk verification. The details have to be captured by the merchant if the merchant wishes to run the transaction through the FDMS system. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory
Sr No Field Details Valid values Mandatory1 strRemoteAddr IP Address of the
system from where the end customer is performing the transaction.
Y
2 strCookie The value stored in the cookie named “vsc”
Alphabetic data with maximum size of 50 characters
N
3 strBrowserCountry Alphabetic data with maximum size of 50 characters
N
4 strBroswerLanguage Alphabetic data with maximum size of 16 characters
Y
5 strBroswerLocalLanguageVariant
Alphabetic data with maximum size of 30 characters
N
6 strUserAgent Alphabetic data with maximum size of 30 characters
Y
22
Copyright © ICICI Bank Limited. All rights reserved.
Merchandise Information
Function Name - setMerchanDiseDetails
Merchandise information is sent to the Fraud Detection system for risk verification. The details along with Session, customer information are used by the FDMS for risk verification. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory. In case the purchased goods is related to Airline ticket, then this object need not be filled in and can be passed as null to the SFA. Instead the Airline details needs to be filled by the merchant.
Sr No Field Details Valid values Mandatory1 strItemPurchased e.g., Computer,
Shirts,Alphabetic data with maximum size of 24
Y
2 Quantity Numeric data passed as string with maximum length of 3
Y
3 strBrand Alphabetic data with maximum size of 24 characters
N
4 strModelNumber Alphabetic data with maximum size of 24 characters
N
5 strBuyer’s Name Alphabetic data with maximum size of 32 characters
N
6 MatchingCardBuyerNameFlag indicating whether CardName and BuyerName Matches Y or N
Alphabetic data with maximum size of 1 characters
N
23
Copyright © ICICI Bank Limited. All rights reserved.
Airline Transaction Information
Function Name - setAirLineTransactionDetails
Airline transaction information is sent to the Fraud Detection system for risk verification. The details along with Session, customer information are used by the FDMS for risk verification. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory. In case the purchased goods is related to merchandise, then this object need not be filled in and can be passed as null to the SFA. Instead the merchandise details needs to be filled by the merchant.
Sr No Field Details Valid values
Mandatory
1 strBookingDate yyyy-mm-dd Alphabetic data with maximum size of 10
Y
2 strFlightDate yyyy-mm-dd Alphabetic data with maximum size of 10
Y
3 strFlightTime Hh:mm (24 hr format)
Alphabetic data with maximum size of 5 characters
Y
4 strFlightNo Alphabetic data with maximum size of 12 characters
Y
5 strPassengerName Alphabetic data with maximum size of 32 characters
Y
6 NoOfTickets Numeric data passed as string with maximum length of 2 characters
N
7 MatchingCardBuyerName
Flag indicating whether Card Name and Buyer Name Matches Y or N
Alphabetic data with maximum size of 1 characters
N
8 strPNRAlphabetic data with maximum size of 24 Y
9 strSectorFromAlphabetic data with maximum size of 24 Y
10 strSectorToAlphabetic data with maximum size of 24 Y
24
Copyright © ICICI Bank Limited. All rights reserved.
VBV Fields for a MOTO MerchantFunction Name - setMPIResponseDetails
Sr No Field Details Valid values Mandatory1 astrECI Numeric value
associated with the VBV process provided by the MPI
Data of the size 2 characters.
Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same
2 astrXID This value is generated during the VBV validation process
Data with maximum size of 28 characters
Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same
3 astrVBVStatus
The result of the VBV validations.
Data with size of 1 character. Single character status indicated by either of Y - Authentication SuccessfulN - Authentication failedU - Processing FailureE - Not EnrolledA – Attempts
Y
4 astrCAVV This value is generated during the VBV validation process if the validation is successful
Data with maximum size of 28 characters
Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same
25
Copyright © ICICI Bank Limited. All rights reserved.
Sr No Field Details Valid values Mandatory5
astrShoppingContext
The Payment Gateway currently stores the value of the Shopping Context that is passed to it. This value is not passed to the Acquirer.
Data with maximum size of 256 characters
N
6
astrPurchaseAmount
The Payment Gateway currently stores the value of the Purchase Amount that is passed to it. This value is not passed to the Acquirer
Data with maximum size of 20 characters.
N
7 astrCurrencyVal
The Payment Gateway currently stores the value of the Currency value that is passed to it. This value is not passed to the Acquirer
Data with a maximum size of 3 characters.
N
26
Copyright © ICICI Bank Limited. All rights reserved.
VBV Fields for a SSL Merchant
Function Name – setMPIRequestDetails
Sr No
Field Details Valid values Mandatory
1 astrPurchaseAmount
Amount of the transaction Data with maximum size of 20 characters. Unformatted purchase amount. It should not contain any special characters such as “$” etc. Example 100.20,100
Y
2 astrDisplayAmount
Formatted purchase amount. Data with maximum size of 20 characters. This field should contain a currency symbol, with an thousands separator (s), decimal point and ISO minor units defined for the currency specified in the Purchase Currency field. Ex. INR1,234.56
Y
3 astrCurrencyVal This is the currency code used by the merchant
Data with size of 3 characters. Data with size of 3 characters. ISO Numeric Currency Code. Example 356
Y
4 astrExponent Denotes the number of digits after the decimal point in the amount
Data with maximum size of 3 characters.If the amount is 100.20 then the exponent is 2
Y
5 astrOrderDesc Brief description of items purchased, determined by the Merchant
Data with a maximum size of 125 characters
Y
6 astrRecurFreq This field is calculated based on installments and the Recur End and it denotes the frequency of payment
Data with maximum size of 3 characters.Example: 12
Y
7 astrRecurEnd This field indicates the end date of recurring value. It should be less than the card expiry date. It is also an optional field
Data with maximum size of 8 characters.Example: 20011212
Y
8 astrInstallment Number of Installments Data with maximum size of 3 characters.Example: 12
Y
27
Copyright © ICICI Bank Limited. All rights reserved.
Sr No
Field Details Valid values Mandatory
9 astrDeviceCategory This attribute indicates mode of transaction. For an internet based transaction the value to be set is "0".
Always use value 0 Y
10 astrWhatIUse This field is used by the MPI to denote the browser version.
This field can be empty and is used by the MPI to denote the browser version.
N
11 astrAcceptHdr The Accept request-header field can be used to specify certain media types which are acceptable for the response. Accept headers can be used to indicate that the request is specifically limited to a small set of desired types, as in the case of a request for an in-line image. The server property request.getHeader("Accept") can be used for setting this value
This indicates the MIME type the client can accept.
Ex: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*
Y
12 astrAgentHdr The User-Agent-header contains information about the user agent (typically a newsreader) generating the article, for statistical purposes and tracing of standards violations to specific software needing correction. Although not one of the mandatory headers, posting agents SHOULD normally include it. The server property request.getHeader("User-Agent") can be used for setting this value.
This indicates the type and version of browser used by the cardholderEx: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
Y
28
Copyright © ICICI Bank Limited. All rights reserved.