php sfa guide

28
PHP Merchant Integration Guide 1 Copyright © ICICI Bank Limited. All rights reserved.

Upload: maanasa-bindumalyam

Post on 03-Apr-2015

728 views

Category:

Documents


2 download

TRANSCRIPT

Page 1: PHP Sfa Guide

PHP Merchant Integration Guide

1

Copyright © ICICI Bank Limited. All rights reserved.

Page 2: PHP Sfa Guide

Copyright Information

Copyright © ICICI Bank Ltd. All rights reserved. No part of this document may be reproduced, stored in retrieval form, adopted or transmitted in any form or by any means, electronic, mechanical, photographic, graphic, optic or otherwise, translated in any language or computer language, without prior written permission from ICICI Bank Ltd.

Disclaimer

This document has been prepared in accordance with the accepted techniques for solution specifications definition at ICICI Bank Ltd. The information represented herein, has been gathered after studying market trends and inputs supplied by expert consultants. The representations and related information contained in the document reflect ICICI Bank’s best understanding of the business. However, ICICI Bank makes no representation or warranties with respect to the contents hereof and shall not be responsible for any loss or damage caused to the user by the direct or indirect use of this document and the accompanying software package. Further, ICICI Bank reserves the right to alter, modify or otherwise change in any manner the content hereof, without the obligation to notify any person of such revision or changes.

About Payseal

Payseal is brought to you by ICICI Bank Ltd. Payseal provides secure electronic commerce payment solutions in the B2C & B2B environments.

2

Copyright © ICICI Bank Limited. All rights reserved.

Page 3: PHP Sfa Guide

About ICICI

ICICI Bank is India's second-largest bank with total assets of Rs. 3,997.95 billion (US$ 100 billion) at March 31, 2008 and profit after tax of Rs. 41.58 billion for the year ended March 31, 2008. ICICI Bank is second amongst all the companies listed on the Indian stock exchanges in terms of free float market capitalization*. The Bank has a network of about 1,308 branches and 3,950 ATMs in India and presence in 18 countries. ICICI Bank offers a wide range of banking products and financial services to corporate and retail customers through a variety of delivery channels and through its specialized subsidiaries and affiliates in the areas of investment banking, life and non-life insurance, venture capital and asset management. The Bank currently has subsidiaries in the United Kingdom, Russia and Canada, branches in Unites States, Singapore, Bahrain, Hong Kong, Sri Lanka, Qatar and Dubai International Finance Centre and representative offices in United Arab Emirates, China, South Africa, Bangladesh, Thailand, Malaysia and Indonesia. Our UK subsidiary has established branches in Belgium and Germany.

ICICI Bank's equity shares are listed in India on Bombay Stock Exchange and the National Stock Exchange of India Limited and its American Depositary Receipts (ADRs) are listed on the New York Stock Exchange (NYSE).After consideration of various corporate structuring alternatives in the context of the emerging competitive scenario in the Indian banking industry, and the move towards universal banking, the managements of ICICI and ICICI Bank formed the view that the merger of ICICI with ICICI Bank would be the optimal strategic alternative for both entities, and would create the optimal legal structure for the ICICI group's universal banking strategy. The merger would enhance value for ICICI shareholders through the merged entity's access to low-cost deposits, greater opportunities for earning fee-based income and the ability to participate in the payments system and provide transaction-banking services. The merger would enhance value for ICICI Bank shareholders through a large capital base and scale of operations, seamless access to ICICI's strong corporate relationships built up over five decades, entry into new business segments, higher market share in various business segments, particularly fee-based services, and access to the vast talent pool of ICICI and its subsidiaries. In October 2001, the Boards of Directors of ICICI and ICICI Bank approved the merger of ICICI and two of its wholly-owned retail finance subsidiaries, ICICI Personal Financial Services Limited and ICICI Capital Services Limited, with ICICI Bank. The merger was approved by shareholders of ICICI and ICICI Bank in January 2002, by the High Court of Gujarat at Ahmedabad in March 2002, and by the High Court of Judicature at Mumbai and the Reserve Bank of India in April 2002. Consequent to the merger, the ICICI group's financing and banking operations, both wholesale and retail, have been integrated in a single entity.

3

Copyright © ICICI Bank Limited. All rights reserved.

Page 4: PHP Sfa Guide

Technical Contact

Email [email protected] 91-022-66673128

Operations Contact

Email [email protected] 91-022- 66673918

4

Copyright © ICICI Bank Limited. All rights reserved.

Page 5: PHP Sfa Guide

Installing the SFA PHP Library

Pre-requisites – The Merchant's machine where SFA will be

installed should have PHP with java support enabled.

a. PHP version >= 4.3.4 (recommended version is >= 5.2)

b. JDK 1.4.2 or greater should be available (pre requisite for JavaBridge)

c. http://php-java- bridge.sourceforge.net/pjb/installation.php

d. Use javabridge version <= 4.0 (however the latest versions should work fine)

1. Public certificates of Verisign Intermediate CA and Verisign

Root CA who has issued the Payseal certificate needs to be

available in the java certificate store (cacerts file).

2. The Merchant must possess the key file generated by the

Payment Gateway (available in the zip as 00001003.key).

The file name should not be changed, where 00001003 is

the merchant ID.

Steps for obtaining the key file –

1. Login into the Merchant Web Interface using the Mer­

chant Super User login.

2. Click on the link “Personalize>> Key Download”

3. Save the “.key” file sent by the Payment Gateway in a

local folder.

Note – The key file can be downloaded only once. Please

keep the key file in a secure location. Contact PG System

Administrator in case the key file needs to be

5

Copyright © ICICI Bank Limited. All rights reserved.

Page 6: PHP Sfa Guide

regenerated.

Note:

1. Check php.ini for the java settings, java.java_home and

java.java. The property values needs to be set to the

JDK which was used for compilation (in case

JavaBridge has been compiled to produce a dynamic

module).

2. Enable Java Bridge logging during integration phase.

3. Verify java support by using the Test page (testjava.php)

shipped with PHP SFA library.

The PHP SFA comes bundled as 2 zip files -

1. SFAClient.zip - This zip file contains the components, which

provide the core SFA functionality and test pages

2. SFA_Dependencies.zip - This zip file contains the

components that are required for the SFA to function

The installation process for SFA_Dependencies.zip is as

follows –

1. Copy the ZIP file to a temporary location on the Merchant

site

2. The zip has the following files

1) cryptix32.jar – Required by SFA to encrypt the data sent

to the ePG

6

Copyright © ICICI Bank Limited. All rights reserved.

Page 7: PHP Sfa Guide

2) jcert.jar – Required to establish the SSL connection with

ePG

3) jnet.jar – Required to establish the SSL connection with

ePG

4) jsse.jar – Required to establish the SSL connection with

ePG

5) Servlet.jar – HTTP Request/Response handling

6) Sfa.jar – SFA Java library

3. Copy the folder to a desired location (folder path names

should not have spaces).

4. Set the Jar files in the system classpath. This is not needed

in case the jar files have been copied to the extension di­

rectory of JDK used.

Note: The extension directory can be checked from the

JavaBridge log as well. It is printed on startup of

JavaBridge. In case a J2EE backend (like tomcat or some

servlet engine) is configured for JavaBridge, then copy the

jars to the extension directory of the JDK used by the J2EE

backend.

5. Editing the sfa.properties file

a. Open the file sfa.jar using WINZIP. Open the

sfa.properties file.

Note - If WINZIP or a similar facility is not

available on the machine then the following

java command can be used for extracting

7

Copyright © ICICI Bank Limited. All rights reserved.

Page 8: PHP Sfa Guide

the properties file

Jar -xvf sfa.jar

To jar the file again use,

Jar -cvf sfa.jar com sfa.properties

b. For the parameter 'Key.Directory' in the properties

file set the name of the folder, which contains the

merchant key. A trailing slash has to be put at the

end of this value. The name of the file need not be

set. Save the file after making other relevant

changes.

c. For the parameter “traceLog”, set the name of the

folder to which sfa logs needs to be written. It shall

point to a folder to which write permissions are

available to java.

d. Enable the verbose parameter to “true” only when

necessary as the log generated might be consider­

able depending on the number of transactions.

e. To verify the success of the above operations open

the jar file again and check if the properties file has

the values set.

The Installation process for SFAClient.zip is as follows -

1. Copy the ZIP file to a temporary location on the Merchant

site

8

Copyright © ICICI Bank Limited. All rights reserved.

Page 9: PHP Sfa Guide

2. Unzipping shall create a folder called SFAClient.

3. SFAClient contains the following files/directories

1. Sfa – SFA Client library (contains the PHP Sfa library)

2. TestPages – Sample pages for transactions and a test

page (testjava.php) for testing java support.

The Merchants PHP pages can now start using the SFA library.

Test pages are shipped along with the distribution, which can

be used for test/understanding purposes.

Note:

Sfa folder should be copied to the folder where

TestPages/Merchant pages are present.

9

Copyright © ICICI Bank Limited. All rights reserved.

Page 10: PHP Sfa Guide

Appendix A

What’s in This Appendix?

The MOTO and the SSL Merchant’s use the Store Front

Adaptor for integrating with the Payment Gateway. This

appendix details the data that is passed from the Merchant to

the Payment Gateway via the Store Front Adaptor.

The following sections define the various parameters and their

definitions.

Note -

1. The information provided in the section “VBV fields for

MOTO Merchants” and “VBV fields for SSL Merchant” are

applicable only to the Merchants enrolled for MPI. For

MOTO merchants who support MPI, it is mandatory to

send the data received from the MPI to the Payment Gate­

way.

2. In case of the SSL Merchant, the Card details will be ac­

cepted by the Payment Gateway. Hence, the Object map­

ping to the Card details mentioned below need not be

populated.

10

Copyright © ICICI Bank Limited. All rights reserved.

Page 11: PHP Sfa Guide

Merchant Information

Function Name - setMerchantDetails

Sr No

Parameter Details Valid values Mandatory

1astrMerchantID

ID assigned by the Payment Gateway to the Merchant

Data with maximum size of 8 characters

Y

2 astrVendor Same as Merchant ID Data with maximum size of 8 characters

N

3 astrPartner Same as merchant ID Data with maximum size of 8 characters

N

4 astrCustIPAddress Corresponds to the IP Address of the Customer. In case of a SSL merchant this data will be captured by the Payment Gateway. However, a MOTO merchant has to pass this data to the Payment Gateway. This data is mandatory for a MOTO merchant and non-mandatory for the SSL merchant

Data with maximum size of 20 characters

N (for SSL)Y (for MOTO)

5 astrMerchantTxnID

Transaction number generated by the Merchant for reference. Root Transactions should have unique Transaction Reference Number.

Alpha-numeric data with maximum size of 50 characters

Y

6

astrOrderReferenceNo

Order number generated by the Merchant for his/her reference.

Alpha-numeric data with maximum size of 30 characters

N

7 astrRespURL URL of the Merchants site on which the Payment Gateway must post the results of the transaction. This parameter is valid only in case of a SSL merchant The MOTO merchant always receives the response via the PGResponse Object

Data with maximum size of 80 characters

Y (for SSL merchants only)

11

Copyright © ICICI Bank Limited. All rights reserved.

Page 12: PHP Sfa Guide

Sr No

Parameter Details Valid values Mandatory

8 astrRespMethod HTTP method (GET/POST) to be used by the Payment Gateway for posting the results of the transaction to the Merchants site. In case of SSL Merchants the value should be POST as the response is sent via a redirection.

Data with maximum size of 4 characters. (GET/POST)

Y

9 astrCurrCode Currency of the transaction Data with maximum size of 3 characters. ISO Alpha Currency Code‘INR’ for transactions in Rupees.

Y

10 astrInvoiceNo Invoice number generated by the Merchants application

Alpha-numeric data with maximum size of 20 characters

N

11 astrMessageType Indicates the type of transaction. This field can contain either of the values mentioned in the adjacent field

Data with maximum size of 20 characters.req.Preauthorizationreq.Sale

Y

12 astrAmount Amount of the transaction Numeric with maximum size of 15 digits. Maximum exponent is 5.For example, maximum possible data in the amount field can be 999999999999999.99999 but subject to the define exponent for currency

Y

13 astrGMTOffset GMT Time Offset of the Merchants sites locale

Data with maximum size of 9 charactersFormat: GMT+hh:mm

N

14 astrExt1 Additional fields provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

15 astrExt2 Additional field provided to Data with maximum N

12

Copyright © ICICI Bank Limited. All rights reserved.

Page 13: PHP Sfa Guide

Sr No

Parameter Details Valid values Mandatory

the Merchant for passing any specific data. Should be “true” for SSL merchant

size of 50 characters

16 astrExt3 Reserved Data with maximum size of 50 characters

N

17 astrExt4 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

18 astrExt5 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

13

Copyright © ICICI Bank Limited. All rights reserved.

Page 14: PHP Sfa Guide

Function Name - setMerchantRelatedTxnDetails

Sr No

Parameter Details Valid values Mandatory

1astrMerchantID

ID assigned by the Payment Gateway to the Merchant

Data with maximum size of 8 characters. Id given to the Merchant for identification by the PG

Y

2 astrVendor Same as Merchant ID Data with maximum size of 8 characters.

N

3 astrPartner Same as Merchant ID Data with maximum size of 8 characters.

N

4 astrMerchantTxnID

Transaction number generated by the Merchant for reference.

Alpha-numeric data with maximum size of 50 characters.

Y

5 astrRootTxnSysRefNum

Transaction reference number generated by the Payment Gateway for the original transaction and sent to the merchant. Example, for an Authorization transaction the Root Transaction System reference of Pre-Authorization needs to be given. Similarly, for a Refund transaction the Root Transaction System reference of Authorization needs to be given

Numeric data with maximum size of 15 characters

Y

6 astrRootPNRef RRN number sent by the Payment Gateway to the merchant for the original transaction. Example, for an Authorization transaction the

Numeric data with maximum size of 20 characters

Y

14

Copyright © ICICI Bank Limited. All rights reserved.

Page 15: PHP Sfa Guide

Sr No

Parameter Details Valid values Mandatory

RRN of Pre-Authorization needs to be given. Similarly, for a Refund transaction the RRN of Authorization needs to be given.

7 astrRootAuthCode Auth Code sent by the Payment Gateway to the merchant for the original transaction

Numeric data with maximum size of 6 characters

Y

8 astrCurrCode Currency of the transaction Data with maximum size of 3 characters. ISO Alpha Currency Code.‘INR’ for transactions in Rupees

Y

9 astrMessageType Indicates the type of transaction. This field can contain either of the values mentioned in the adjacent field

Data with maximum size of 20 characters.req.Refundreq.Authorization

Y

10 astrAmount Amount of the transaction Numeric with maximum size of 15 digits. Maximum exponent is 5.For example, maximum possible data in the amount field can be 999999999999999.99999

Y

15

Copyright © ICICI Bank Limited. All rights reserved.

Page 16: PHP Sfa Guide

Sr No

Parameter Details Valid values Mandatory

11 astrGMTOffset GMT Time Offset of the Merchants sites locale

Data with maximum size of 9 characters.GMT+hh:mm

N

12 astrExt1 Additional fields provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

13 astrExt2 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

14 astrExt3 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

15 astrExt4 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

16 astrExt5 Additional field provided to the Merchant for passing any specific data

Data with maximum size of 50 characters

N

16

Copyright © ICICI Bank Limited. All rights reserved.

Page 17: PHP Sfa Guide

Card Information

Function Name - setCardDetails

Sr No Field Details Valid valuesMandatory

1 astrCardType Data with maximum size of 5 characters.VISA –VisaMC- MasterCard

Y

2 astrCardNum Numeric data with maximum size of 20 Y

3 astrCVVNum AlphaNumeric data with maximum size of 5.

For VISA,This field should contain the value in the following formatCVVNum $ Presence IndicatorWhere CVVNum is a CVV valuePresence indicator is one of the following1 – CVV2 value is present2 – CVV2 value is on the Card, but is illegible9 – Cardholder states CVV2 is not present on the Card

e.g 010$1, 011$2 , $9

Y

4 astrExpDtYr yyyy Data with maximum size of 4 characters.

Y

5 astrExpDtMon mm Data with maximum size of 2 characters.

Y

6 astrNameOnCard Alphabetic data with maximum size of 80 characters

N

7 astrInstrType Mode of payment - Credit/ Debit

Data with maximum size of 5 characters.CREDI - For credit cardsDEBIT- For Debit Cards

Y

17

Copyright © ICICI Bank Limited. All rights reserved.

Page 18: PHP Sfa Guide

Ship To Address

Function Name - setAddressDetails

The Payment Gateway will store the Ship To Address details in its database only if all the details mentioned as mandatory are populated. If the merchant is not capturing the Address then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory

Sr No Field

Details Valid values Mandatory

1 astrAddrLine1 Alphabetic data with maximum size of 50 characters

Y

2 astrAddrLine2 Alphabetic data with maximum size of 50 characters

N

3 astrAddrLine3 Alphabetic data with maximum size of 50 characters

N

4 astrCity Alphabetic data with maximum size of 30 characters

Y

5 astrState Alphabetic data with maximum size of 30 characters

Y

6 astrZip Numeric data with maximum size of 10 digits

Y

7 astrCountryAlphaCode

Alphabetic data with maximum size of 3 characters IND for INDIA

Y

8 astrEmail Alpha-Numeric data with maximum size of 80 characters

N

18

Copyright © ICICI Bank Limited. All rights reserved.

Page 19: PHP Sfa Guide

Bill To Address

Function Name - setAddressDetailsThe Payment Gateway will store the Ship To Address details in its database only if all the details mentioned as mandatory are populated. If the merchant is not capturing the Address then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory

Sr No Field Details Valid values

Mandatory

1 astrCustomerId

If customer is a registered customer with the merchant, then his ID needs to be populated in this field.

Data with maximum size of 10 characters

N

2 astrCustomerName

Data with maximum size of 80 characters

N

3 astrAddrLine1 Alphabetic data with maximum size of 50 characters

Y

4 astrAddrLine2 Alphabetic data with maximum size of 50 characters

N

5 astrAddrLine3 Alphabetic data with maximum size of 50 characters

N

6 astrCity Alphabetic data with maximum size of 30 characters

Y

7 astrState Alphabetic data with maximum size of 30 characters

Y

8 astrZip Numeric data with maximum size of 10 digits

Y

9 astrCountryAlphaCode

Alphabetic data with maximum size of 3 characters IND for India

Y

10 astrEmail Alpha-Numeric data with maximum size of 80 characters

N

19

Copyright © ICICI Bank Limited. All rights reserved.

Page 20: PHP Sfa Guide

Customer Details (required for FDMS)

Function Name - setCustomerDetails

Customer information is sent to the Fraud Detection system for risk verification. If the merchant is not capturing the said details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory

Sr No Field Details Valid values Mandatory1 strFirstName Alphabetic data with

maximum size of 50 characters

Y

2 strLastName Alphabetic data with maximum size of 50 characters

N

3 OfficeAddress Object of Address Type N4 HomeAddress Object of Address Type N5 MobileNo Numeric data passed as

string. Max length of 15N

6 Registration Date yyyy-mm-dd Alphabetic data with maximum length of 10 characters

N

7 BillingShippingAddrMatch

Y or N Alphabetic data with maximum size of 1 characters.

Y

20

Copyright © ICICI Bank Limited. All rights reserved.

Page 21: PHP Sfa Guide

Address (for Home/Office address details)

Function Name - setAddressDetails

Home and Office address details are sent to the Fraud Detection system for risk verification. If the merchant is not capturing the Address details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory

Sr No Field Details Valid valuesMandatory

1 astrAddrLine1 Alphabetic data with maximum size of 50 characters

Y

2 astrAddrLine2 Alphabetic data with maximum size of 50 characters

N

3 astrAddrLine3 Alphabetic data with maximum size of 50 characters

N

4 astrCity Alphabetic data with maximum size of 30 characters

Y

5 astrState Alphabetic data with maximum size of 30 characters

Y

6 astrZip Numeric data passed as string with maximum size of 10 digits

Y

7 astrCountryAlphaCode

Alphabetic data with maximum size of 3 characters IND for INDIA

Y

8 astrEmail Alphabetic data with maximum size of 80 characters

N

21

Copyright © ICICI Bank Limited. All rights reserved.

Page 22: PHP Sfa Guide

Session Information

Function Name - setSessionDetails

Session information is sent to the Fraud Detection system for risk verification. The details have to be captured by the merchant if the merchant wishes to run the transaction through the FDMS system. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory

Sr No Field Details Valid values Mandatory1 strRemoteAddr IP Address of the

system from where the end customer is performing the transaction.

Y

2 strCookie The value stored in the cookie named “vsc”

Alphabetic data with maximum size of 50 characters

N

3 strBrowserCountry Alphabetic data with maximum size of 50 characters

N

4 strBroswerLanguage Alphabetic data with maximum size of 16 characters

Y

5 strBroswerLocalLanguageVariant

Alphabetic data with maximum size of 30 characters

N

6 strUserAgent Alphabetic data with maximum size of 30 characters

Y

22

Copyright © ICICI Bank Limited. All rights reserved.

Page 23: PHP Sfa Guide

Merchandise Information

Function Name - setMerchanDiseDetails

Merchandise information is sent to the Fraud Detection system for risk verification. The details along with Session, customer information are used by the FDMS for risk verification. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory. In case the purchased goods is related to Airline ticket, then this object need not be filled in and can be passed as null to the SFA. Instead the Airline details needs to be filled by the merchant.

Sr No Field Details Valid values Mandatory1 strItemPurchased e.g., Computer,

Shirts,Alphabetic data with maximum size of 24

Y

2 Quantity Numeric data passed as string with maximum length of 3

Y

3 strBrand Alphabetic data with maximum size of 24 characters

N

4 strModelNumber Alphabetic data with maximum size of 24 characters

N

5 strBuyer’s Name Alphabetic data with maximum size of 32 characters

N

6 MatchingCardBuyerNameFlag indicating whether CardName and BuyerName Matches Y or N

Alphabetic data with maximum size of 1 characters

N

23

Copyright © ICICI Bank Limited. All rights reserved.

Page 24: PHP Sfa Guide

Airline Transaction Information

Function Name - setAirLineTransactionDetails

Airline transaction information is sent to the Fraud Detection system for risk verification. The details along with Session, customer information are used by the FDMS for risk verification. In case the merchant is not capturing the details, then this object can be passed as null to the SFA. However, if the Class is instantiated and passed to the SFA, then it is necessary to populate the fields marked as mandatory. In case the purchased goods is related to merchandise, then this object need not be filled in and can be passed as null to the SFA. Instead the merchandise details needs to be filled by the merchant.

Sr No Field Details Valid values

Mandatory

1 strBookingDate yyyy-mm-dd Alphabetic data with maximum size of 10

Y

2 strFlightDate yyyy-mm-dd Alphabetic data with maximum size of 10

Y

3 strFlightTime Hh:mm (24 hr format)

Alphabetic data with maximum size of 5 characters

Y

4 strFlightNo Alphabetic data with maximum size of 12 characters

Y

5 strPassengerName Alphabetic data with maximum size of 32 characters

Y

6 NoOfTickets Numeric data passed as string with maximum length of 2 characters

N

7 MatchingCardBuyerName

Flag indicating whether Card Name and Buyer Name Matches Y or N

Alphabetic data with maximum size of 1 characters

N

8 strPNRAlphabetic data with maximum size of 24 Y

9 strSectorFromAlphabetic data with maximum size of 24 Y

10 strSectorToAlphabetic data with maximum size of 24 Y

24

Copyright © ICICI Bank Limited. All rights reserved.

Page 25: PHP Sfa Guide

VBV Fields for a MOTO MerchantFunction Name - setMPIResponseDetails

Sr No Field Details Valid values Mandatory1 astrECI Numeric value

associated with the VBV process provided by the MPI

Data of the size 2 characters.

Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same

2 astrXID This value is generated during the VBV validation process

Data with maximum size of 28 characters

Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same

3 astrVBVStatus

The result of the VBV validations.

Data with size of 1 character. Single character status indicated by either of Y - Authentication SuccessfulN - Authentication failedU - Processing FailureE - Not EnrolledA – Attempts

Y

4 astrCAVV This value is generated during the VBV validation process if the validation is successful

Data with maximum size of 28 characters

Conditional Mandatory(in case of VBV status Y).In all other cases, the values must be sent if the MPI has provided the same

25

Copyright © ICICI Bank Limited. All rights reserved.

Page 26: PHP Sfa Guide

Sr No Field Details Valid values Mandatory5

astrShoppingContext

The Payment Gateway currently stores the value of the Shopping Context that is passed to it. This value is not passed to the Acquirer.

Data with maximum size of 256 characters

N

6

astrPurchaseAmount

The Payment Gateway currently stores the value of the Purchase Amount that is passed to it. This value is not passed to the Acquirer

Data with maximum size of 20 characters.

N

7 astrCurrencyVal

The Payment Gateway currently stores the value of the Currency value that is passed to it. This value is not passed to the Acquirer

Data with a maximum size of 3 characters.

N

26

Copyright © ICICI Bank Limited. All rights reserved.

Page 27: PHP Sfa Guide

VBV Fields for a SSL Merchant

Function Name – setMPIRequestDetails

Sr No

Field Details Valid values Mandatory

1 astrPurchaseAmount

Amount of the transaction Data with maximum size of 20 characters. Unformatted purchase amount. It should not contain any special characters such as “$” etc. Example 100.20,100

Y

2 astrDisplayAmount

Formatted purchase amount. Data with maximum size of 20 characters. This field should contain a currency symbol, with an thousands separator (s), decimal point and ISO minor units defined for the currency specified in the Purchase Currency field. Ex. INR1,234.56

Y

3 astrCurrencyVal This is the currency code used by the merchant

Data with size of 3 characters. Data with size of 3 characters. ISO Numeric Currency Code. Example 356

Y

4 astrExponent Denotes the number of digits after the decimal point in the amount

Data with maximum size of 3 characters.If the amount is 100.20 then the exponent is 2

Y

5 astrOrderDesc Brief description of items pur­chased, determined by the Merchant

Data with a maximum size of 125 characters

Y

6 astrRecurFreq This field is calculated based on installments and the Recur End and it denotes the frequency of payment

Data with maximum size of 3 characters.Example: 12

Y

7 astrRecurEnd This field indicates the end date of recurring value. It should be less than the card expiry date. It is also an op­tional field

Data with maximum size of 8 characters.Example: 20011212

Y

8 astrInstallment Number of Installments Data with maximum size of 3 characters.Example: 12

Y

27

Copyright © ICICI Bank Limited. All rights reserved.

Page 28: PHP Sfa Guide

Sr No

Field Details Valid values Mandatory

9 astrDeviceCategory This attribute indicates mode of transaction. For an internet based transaction the value to be set is "0".

Always use value 0 Y

10 astrWhatIUse This field is used by the MPI to denote the browser version.

This field can be empty and is used by the MPI to denote the browser version.

N

11 astrAcceptHdr The Accept request-head­er field can be used to specify certain media types which are acceptable for the response. Accept head­ers can be used to indicate that the request is specifi­cally limited to a small set of desired types, as in the case of a request for an in-line image. The server property request.getHead­er("Accept") can be used for setting this value

This indicates the MIME type the client can accept.

Ex: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*

Y

12 astrAgentHdr The User-Agent-header contains information about the user agent (typically a newsreader) generating the article, for statistical purposes and tracing of standards violations to specific software needing correction. Although not one of the mandatory headers, posting agents SHOULD normally include it. The server property request.getHeader("User-Agent") can be used for setting this value.

This indicates the type and version of browser used by the cardholderEx: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)

Y

28

Copyright © ICICI Bank Limited. All rights reserved.