paysafecard (via PPRO)

1. About paysafecard (via PPRO)

1.1 General information about paysafecard

Paysafecard is a prepaid card that consumers buy in shops in order to subsequently shop online. Since this is a prepaid means of payment, this system is free from chargebacks. In addition it offers merchants a payment guarantee.

Paysafecard is widespread in the gaming, gambling and adult content sectors. The previous Wallie-card has now been adopted into the paysafecard system. You can tap into additional target groups with this prepaid system:

  • customers who do not want to disclose personal data such as bank account or credit card number
  • young people who are denied access to classic payment systems such as credit cards
  • customers who do not obtain a credit card from their bank
  • as well as customers who prefer to pay with paysafecard

The prepaid system is international: the paysafecard Group operates in 27 countries in Europe as well as in North and Latin America and processes around 20 million prepaid payments annually.

InfoTyp
paysafecard is a prepaid card which is a widespread micropayment method for gaming, gambling and adult-content.Payments by prepaid

Further information can be found on the webpage of paysafecard (www.paysafecard.com).

1.2 Connections to paysafecard

You can link paysafecard payment methods either directly or via PPRO. If via PPRO, all transactions are posted as sales without further posting. However cancellation and batch processing is not possible. In this case the additional PPRO parameters are required.

With direct connection via the 1cs OPS the merchant can choose whether to carry out sales transactions or separately posted transactions. Please contact First Cash Solution for help with the necessary merchant configuration. In the variant with separate posting you can also carry out cancellations for the whole amount or for amounts not yet posted. In addition in this case batch processing is also possible for postings and cancellations.

1.3 Process flow chart

2 1cs Online Payment System-interface

2.1 Definitions

Data formats:

FormatDescription
aalphabetical
asalphabetical with special characters
nnumeric
analphanumeric
ansalphanumeric with special characters
nsnumeric with special characters
boolboolean expression (true or false)
3fixed length with 3 digits/characters
..3variable length with maximum 3 digits/characters
enumenumeration of allowed values
dttmISODateTime (YYYY-MM-DDThh:mm:ss)

Abbreviations:

AbbreviationDescriptionComment
CNDcondition
MmandatoryIf a parameter is mandatory, then it must be present
OoptionalIf a parameter is optional, then it can be present, but it is not required
CconditionalIf a parameter is conditional, then there is a conditional rule which specifies whether it is mandatory or optional

Notice: Please note that the names of parameters can be returned in upper or lower case.

2.2 Payment with paysafecard via 1cs OPS form interface

To make a payment with paysafecard over a 1cs OPS form, please use the following URL:

https://www.computop-paygate.com/psc.aspx

Notice: For security reasons, the 1cs Online Payment System rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

KeyFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
TransIDans..64M
TransactionID provided by you which should be unique for each payment
RefNrans..40OUnique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the 1cs Support, if you want to capture amounts <100 (smallest currency unit).
Currencya3M
Currency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Only PLN and EUR is permissible. Please find an overview here: Currency table
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
OrderDescans..768MDescription of goods and prices. Intended purpose on the statement of account.
Capturean..6OMDetermines the type and time of capture.
AUTO
Capturing immediately after authorisation (default value).
MANUAL
Capturing made by the merchant. Capture is normally initiated at time of delivery.
<Number>
Delay in hours until the capture (whole number; 1 to 696).
Languagea2OLanguage: German (default), English
URLSuccessans..256MComplete URL which calls up 1cs Online Payment System if payment has been successful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between 1cs Online Payment Systemand shop, please use the parameter UserData.
Common notes: We recommend to use parameter “response=encrypt” to get an encrypted response by 1cs OPS.
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
URLFailureans..256M
Complete URL which calls up 1cs Online Payment System if payment has been unsuccessful. The URL may not be called up only via port 443. In order to exchange values between 1cs OPS and shop, please use the parameter User Data.
Common notes: We recommend to use parameter “response=encrypt” to get an encrypted response by 1cs OPS.
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess/URLNotify. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
Responsea7OStatus response sent by 1cs OPS to URLSuccess and URLFailure, should be encrypted. For this purpose, transmit Response=encrypt parameter.
URLNotifyans..256MComplete URL which 1cs OPS calls up in order to notify the shop about the payment result. The URL may be called up only via port 443. It may not contain parameters: Use the UserData parameter instead.
Common notes: We recommend to use parameter “response=encrypt” to get an encrypted response by 1cs OPS.
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess/URLNotify. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
UserDataans..1024OIf specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs Online Payment System will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
CustomerIDans..50MID for uniquely identifying the customer
DispositionRestrictionAgen..3OAge restriction for the paysafecard user account
DispositionRestrictionKYCans..20ORestriction of KYC level (Know Your Customer)
DispositionRestrictionCountrya2ORestriction to a given country. Two characters country code according to ISO 3166
SubIDans..8OSupport for reporting filters for paysafecard payments; must be agreed with paysafecard.
SellingPointans..50OSelling point
Serviceans..50Oproducts or service sold
AccOwnerans3..50MName of account holder
AddrCountryCodea2MCountry code for the account holder’s invoicing address, 2 characters according to ISO 3166. Only PL allowed, defined within the code.
Plainans..50OA single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID. 
“Plain”-parameter is part of encrypted “Data” in 1cs OPS and therefore protected against manipulation. 
Customans..1024O“Custom”-parameter is added to the request data before encryption and is part of encrypted “Data” in 1cs OPS request. By this they are protected against manipulation by a consumer. 
The Custom-value is added to the 1cs OPS response in plain text and the “|” is replaced by a “&”. By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose. 
Please find a samples here: Custom
Parameters for payments with paysafecard

The following table gives the result parameters which 1cs Online Payment System transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

ParameterFormatCNDDescription
midans..30MMerchantID, assigned by the First Cash Solution
PayIDan32M
ID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDan32MID for all single transactions (authorisation, capture, credit note) for one payment assigned by the 1cs OPS
TransIDans..64MTransactionID provided by you which should be unique for each payment
Refnrans..40O
Merchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Statusa…50M
OK or AUTHORIZE_REQUEST (URLSuccess) as well as FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to 1cs OPS Response Codes (Error codes)
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
UserDataans..1024OIf specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
PaymentGuaranteea..12OValue + Description:
NONE – no payment guarantee
VALIDATED – customer account valid, but no payment guarantee
FULL – payment guarantee

Notice: This parameter is only returned if the Status=OK.
ErrorTextans..128CDetailed PPRO error message.
Notice: Is returned only if Status=FAILED. Use is possible only in agreement with the First Cash Solution
TransactionIDan..20OUnique transaction number with PPRO
Plainans..50OA single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID. 
“Plain”-parameter is part of encrypted “Data” in the 1cs OPS and therefore protected against manipulation. 
Customans..1024O“Custom”-parameter is added to the request data before encryption and is part of encrypted “Data” in 1cs OPS request. By this they are protected against manipulation by a consumer. 
The Custom-value is added to 1cs OPS response in plain text and the “|” is replaced by a “&”. By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose. 
Please find a samples here: Custom
Return parameters for URLSuccess, URLFailure and URLNotify with paysafecard

2.3 Capture of a payment with paysafecard

Captures are possible via a Server-to-Server connection. Captures are possible only if you have a direct connection to paysafecard and if this is configured for the merchant at First Cash Solution. To carry out a Capture for paysafecard via a Server-to-Server connection, please use the following URL:

https://www.computop-paygate.com/credit.aspx

Notice: For security reasons, 1cs OPS rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

ParameterFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by the First Cash Solution. Additionally this parameter has to be passed in plain language too.
PayIDan32M
ID assigned by 1cs OPS for the payment to be credited
TransIDans..64MTransactionID provided by you which should be unique for each payment
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the First Cash Solution, if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: Currency table
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs Online Payment System will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
Parameters for credit payments with paysafecard via socket connection

The following table describes the result parameters with which the 1cs OPS responds to your system

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

ParameterFormatCNDDescription
midans..30MMerchantID, assigned by the First Cash Solution
PayIDan32M
ID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDan32MID for all single transactions (authorisation, capture, credit note) for one payment assigned by the 1cs OPS
TransIDans..64MTransactionID provided by you which should be unique for each payment
Statusa…50MOK or /URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to 1cs OPS Response Codes (Error codes)
Response parameters for credit payments with paysafecard via socket connection

2.4 Reversal

Reversals are possible via a Server-to-Server connection. Reversals are possible only if you have a direct connection to paysafecard and if this is configured for the merchant at 1cs OPS. The 1cs OPS permits only reversals that reference on a capture previously made via 1cs OPS. Depending on the previous transaction status all as-yet unposted amounts can be cancelled.To carry out a reversal with a reference transaction, please use the following URL:

https://www.computop-paygate.com/reverse.aspx

Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

ParameterFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by the First Cash Solution
PayIDan32M
ID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
TransIDans..64MTransactionID provided by you which should be unique for each payment
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact First Cash Solution, if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: Currency table
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs Online Payment System will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
Response parameters for credit payments with paysafecard via socket connection

3. Batch processing via the interface

Basic information about using Batch files and about their structure can be found in the Batch Manager manual. Within batch processing not alle functions are available which are usually available for the online interface.

This section describes the parameters which must be transferred within the data set (Record) for executing credits with Blik and which information can be found within the response file about the payment status.

Following table gives an overview of all batch versions that are possible for a specific action and their specialities:

ActionVersionDescription
Credit1.0 / 2.0Standard version without return of parameter Code
1.x / 2.xwith RefNr (valid for all versions other than 1.0)
Description of the possible batch versions

The structure for paysafecard within a Batch file to be submitted is the following:

HEAD,<MerchantID>,<Date>,<Version>

Paysafecard,Capture,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>

Paysafecard,Reverse,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>

FOOT,<CountRecords>,<SumAmount>

Example for Master MID function:

HEAD,[Master]MerchantID,Date,2.x

Type,Action,[Slave]MID,Amount,Currency,TransID,Data (depends on Action)

FOOT,CountRecords,SumAmount

The following table describes the individual fields and values used within the data set (record) in the batch file:

KeyFormatCNDDescription
Typea..11MHEAD for Header, FOOT for Footer, paysafecard for paysafecard
Actiona..20MThe parameter Action defines the type of transaction:
Credit
Reverse (cancellation)
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the First Cash Solution, if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: Currency table
TransIDans..64MTransactionID provided by you which should be unique for each payment
RefNrans..40OUnique reference number. Only characters a-zA-Z0-9,-_ are allowed.
PayIDan32MID assigned by 1cs OPS for this transaction
Description of fields within the record for Batch files

The record area within the response file for Batch transactions looks the following way:

HEAD,<MerchantID>,<Date>,<Version>

Paysafecard,Capture,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>,<Status>, <Code>

Paysafecard,Reverse,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>,<Status>, <Code>

FOOT,<CountRecords>,<SumAmount>

The following table describes the response parameters which the Batch Manager saves in the Record area for each transaction (standard parameters not explained here, such as <TransID> or <RefNR> and request parameters are returned unchanged and correspond to the call as specified before):

KeyFormatCNDDescription
Actiona..20MThe parameter Action defines the type of transaction:
Credit
PayIDan32MID assigned by 1cs OPS for this transaction
Statusa..50MOK (URLSuccess) or FAILED (URLFailure)
Coden8MError code according to 1cs OPS Response Codes (Error codes)
Description of result parameters within the record for Batch files