Retrieve Merchant

Request to retrieve merchant's configuration on ANZ eGate payment gateway.

POST https://anzworldline.gateway.mastercard.com/api/nvp/version/62

Authentication

This operation requires authentication via one of the following methods:


  • Certificate authentication.
  • To authenticate to the API two additional NVP parameters must be supplied in the request. Provide 'MSO.<your gateway MSO ID>' in the apiUsername field and your API password in the apiPassword field.

Request

Fields

apiOperation String = RETRIEVE_MERCHANT FIXED

Any sequence of zero or more unicode characters.

correlationId String OPTIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.id Alphanumeric + additional characters REQUIRED

The unique identifier issued to you by your payment provider.

This identifier can be up to 12 characters in length.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 36
mso Alphanumeric + additional characters REQUIRED

The identifier that uniquely identifies you or an MSO that has authorized you to use this operation on their behalf.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_', ' ', '&', '+', '!', '$', '%', '.'

Min length: 1 Max length: 16

Response

Fields

correlationId String CONDITIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
merchant ALWAYS PROVIDED

The merchant's details.

merchant.acquirerLink CONDITIONAL

Details about the merchant acquirer link.

Please note:

  • Not all fields are supported for all acquirers, please refer to the Online Integration Guide for details.
  • You cannot delete a merchant acquirer link, however you can set merchantAcquirerLink.status to DISABLED.

merchant.address ALWAYS PROVIDED

The address of the merchant.

merchant.address.city String ALWAYS PROVIDED

The city or town of the merchant's billing address.

Data can consist of any characters

Min length: 1 Max length: 30
merchant.address.countryCode Upper case alphabetic text ALWAYS PROVIDED

The country of the merchant's billing address.

The value must be a three-letter country code according to ISO 3166-1 alpha-3.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
merchant.address.postcode String ALWAYS PROVIDED

The zip or postal code of the merchant's billing address.

Data can consist of any characters

Min length: 1 Max length: 16
merchant.address.stateProvince String ALWAYS PROVIDED

The state or province code of the merchant's billing address.

For merchants in the United States provide the 2-letter ISO 3166-2 state code. For US military bases provide one of AE, AA, AP.

For Canadian merchants provide the 2-letter ISO 3166-2 province code.

Data can consist of any characters

Min length: 1 Max length: 30
merchant.address.street1 String ALWAYS PROVIDED

The street address of the merchant's billing address.

Data can consist of any characters

Min length: 1 Max length: 40
merchant.address.street2 String CONDITIONAL

The street address of the merchant's merchant's billing address.

Data can consist of any characters

Min length: 1 Max length: 40
merchant.authentication CONDITIONAL

The authentication details of the merchant.

merchant.authentication.3ds2 CONDITIONAL

Details about the 3D-Secure 2 configuration for this merchant profile.

merchant.authentication.3ds2.verifiedByVisa CONDITIONAL

Details about the Verified by Visa (3D-Secure 2) configuration for this merchant profile.

merchant.authentication.3ds2.verifiedByVisa.requestorId String CONDITIONAL

3D Secure 2.0 DS Requestor ID provided to the merchant by their acquirer when they registered to use Verified by Visa (3-D Secure).

Data can consist of any characters

Min length: 1 Max length: 35
merchant.authentication.3ds2.verifiedByVisa.requestorName String CONDITIONAL

3D Secure 2.0 DS Requestor Name provided to the merchant by their acquirer when they registered to to use Verified by Visa (3-D Secure).

Data can consist of any characters

Min length: 1 Max length: 40
merchant.cardMaskingFormat Enumeration ALWAYS PROVIDED

The card number masking format applied by the gateway when the merchant supplied the card number.

This format will be used for transactions originating from Web Services API and Merchant Administration.

Formats for masking card numbers.

Value must be a member of the following list. The values are case sensitive.

DISPLAY_0_4

Display last 4 digits of Card Number.

DISPLAY_6_3

Display first 6 and last 3 digits of Card Number.

DISPLAY_6_4

Display first 6 and last 4 digits of Card Number.

DISPLAY_FULL

Display Full Card Number.

DISPLAY_NONE

Display No Card Number.

merchant.categoryCode Digits ALWAYS PROVIDED

A 4 digit industry specific code that describes the business or industry the merchant operates in.

Data is a string that consists of the characters 0-9.

Min length: 4 Max length: 4
merchant.certificateSetId String CONDITIONAL

The Certificate Set ID is a unique identifier that you have assigned to uniquely identify a merchant's test and production SSL certificates.

Provide this field if the merchant will use SSL certificates to authenticate to the gateway when using the API. If not provided, the merchant will be enabled for Password Authentication.
If your customer has multiple gateway merchant profiles, then they can share the same Certificate Set. In this case, provide the same Certificate Set ID for each of their gateway merchant profiles.
You can create Certificate Sets for your merchants from the Merchant Manager UI.

Data can consist of any characters

Min length: 0 Max length: 50
merchant.contactName String CONDITIONAL

The name of the person to contact within the merchant's business.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.currencyConversion CONDITIONAL

Configuration details to enable the Dynamic Currency Conversion (DCC) service.

DCC enables merchants to accept payments from payers in their currency, which can differ from the merchant's currency for the order.

merchant.currencyConversion.baseCurrency Upper case alphabetic text CONDITIONAL

The base currency registered for the merchant ID at the DCC provider.

The value must be expressed as an ISO 4217 alpha code.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
merchant.currencyConversion.dccProviderAcquirerId Alpha CONDITIONAL

The identifier for the acquirer the merchant has registered with the DCC provider.

Data may consist of the characters a-z, A-Z

Min length: 3 Max length: 3
merchant.currencyConversion.dccProviderId Enumeration ALWAYS PROVIDED

DCC rate quote providers.

Value must be a member of the following list. The values are case sensitive.

FEXCO

FEXCO DCC provider.

FTT

FTT Global DCC provider.

GLOBAL_PAYMENTS

GLOBAL_PAYMENTS DCC provider.

IBM

IBM DCC provider.

TRAVELEX_CURRENCY_SELECT

Travelex DCC provider.

UNICREDIT

UNICREDIT DCC provider.

merchant.currencyConversion.dccProviderMerchantId Alphanumeric CONDITIONAL

The unique identifier for the merchant account at the DCC provider.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 16
merchant.currencyConversion.dccRefundRate Enumeration ALWAYS PROVIDED

The currency conversion rate that will apply to a refund transaction executed against an exiting order.

The currency conversion rate that will apply to a refund transaction executed against an existing order.

Value must be a member of the following list. The values are case sensitive.

CURRENT

A new rate quote is being requested to provide the actual rate at the refund transaction date.

HISTORICAL

The rate used when the order was created.

merchant.currencyConversion.disclosureRegion.visa Enumeration ALWAYS PROVIDED

Specifies the Visa disclosure region for the merchant.

This determines the Dynamic Currency Conversion offer and receipt texts presented to the payer.

Value must be a member of the following list. The values are case sensitive.

EUROPE

The Visa disclosure rules for Europe

INTERNATIONAL

The Visa disclosure rules for the International region

merchant.debtRepayment CONDITIONAL

Use this parameter group to enable and configure a merchant for debt repayments.

merchant.debtRepayment.fundingMethods Comma separated enumeration CONDITIONAL

To enable the merchant for debt repayments you must provide at least one funding method for which debt repayments are allowed.

When submitting a debt repayment the merchant must indicate on the transaction request that it is for a debt repayment and may have to provide additional information about the payment recipient. Where the gateway is unable to detect the funding method (UNKNOWN) for a transactions request, the gateway will always reject the transaction if it is a debt repayment.

Value must be one or more comma separated members of the following list. The values are case sensitive.

CREDIT

Debt transactions can be processed using Credit Card.

DEBIT

Debt transactions can be processed using Debit Card.

CHARGE

Debt transactions can be processed using Charge Card.

merchant.defaultOrderCertainty Enumeration CONDITIONAL

Sets the default value used for order certainty when the merchant does not provide a value on the API request.If you do not specify this value it will be set to FINAL.

Value must be a member of the following list. The values are case sensitive.

ESTIMATED

Merchant's orders will be assumed to have an order certainty of ESTIMATED where none is specified in WS-API requests.

FINAL

Merchant's orders will be assumed to have an order certainty of FINAL where none is specified in WS-API requests.

merchant.email Email CONDITIONAL

The email address of the person to contact within the merchant's business.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

merchant.escalationPhone String CONDITIONAL

The phone number to call in case the regular phone number is not available.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.excessiveCaptureLimit Integer CONDITIONAL

Defines the excess amount permitted to be captured on the original authorized amount, as a percentage.

A number comprising the digits 0-9, having at least one digit. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger.)

Min value: 0 Max value: 2147483647
merchant.faxNumber String CONDITIONAL

The fax number of the merchant's business.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.goodsDescription String ALWAYS PROVIDED

Description of the merchant's goods, for example, books or electronics.

Data can consist of any characters

Min length: 1 Max length: 80
merchant.id Alphanumeric + additional characters ALWAYS PROVIDED

The unique identifier issued to you by your payment provider.

This identifier can be up to 12 characters in length.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 36
merchant.locale String ALWAYS PROVIDED

The default language displayed in Merchant Administrator unless overridden by the Operator.

The value must be provided in the format '<Language>_<Country>', e.g. 'en_US'. <Language> must be a two-letter language code according to ISO 639-1. <Country> must be a two-letter country code according to ISO 3166-1 alpha-2.

Data can consist of any characters

Min length: 2 Max length: 5
merchant.masterPassOnline CONDITIONAL

Details regarding the merchant's MasterPass Online configuration.

merchant.masterPassOnline.checkoutIdentifier Alphanumeric ALWAYS PROVIDED

A unique identifier for the merchant in the MasterPass Online system, issued by MasterPass Online when boarding the merchant.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 255
merchant.masterPassOnline.collectShippingAddressAtMasterPassOnline Boolean CONDITIONAL

If enabled, the payer's shipping address is collected at MasterPass Online and returned to the merchant in the transaction response

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.masterPassOnline.consumerKey String CONDITIONAL

The consumer key value as issued by Masterpass for the merchant's production profile.

Data can consist of any characters

Min length: 97 Max length: 97
merchant.masterPassOnline.sandboxConsumerKey String CONDITIONAL

The consumer key value as issued by Masterpass for the merchant's sandbox profile.

Data can consist of any characters

Min length: 97 Max length: 97
merchant.masterPassOnline.shippingLocationId Alphanumeric CONDITIONAL

The shipping location defines which countries the merchant ships to and restricts the customer's shipping address selection in MasterPass Online accordingly.

If provided, this shipping location applies for all MasterPass Online transactions. If not provided, MasterPass Online uses the preferred shipping profile configured against the merchant's MasterPass Online profile.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 8
merchant.merchantOrganization[n] Alphanumeric + additional characters CONDITIONAL

The merchant organizations that this merchant belongs to.

Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 16
merchant.mobilePhone String CONDITIONAL

The mobile phone number to call in case the regular phone number is not available.

Data can consist of any characters

Min length: 1 Max length: 16
merchant.name String ALWAYS PROVIDED

The merchant's registered business, trading or organization name.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.orderEntryConfiguration CONDITIONAL
merchant.orderEntryConfiguration.taxAndProductDetailsSection String CONDITIONAL

The configuration that will be applied to this merchant for the 'Tax and Product Details' section on the Order Entry page in Merchant Administration.

Data can consist of any characters

Min length: 1 Max length: 50
merchant.partnerId String CONDITIONAL

A unique ID of the reseller partner or a referral partner the merchant has signed up with, to use the services offered by the MSO.

Providing this ID will help in tracking and analyzing the relationship between partners and their merchants, which may be useful for billing and reporting purposes.

Data can consist of any characters

Min length: 1 Max length: 40
merchant.phone String CONDITIONAL

The phone number of the merchant's business.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.privilege[n] Enumeration CONDITIONAL

The privileges available to the merchant.

Value must be a member of the following list. The values are case sensitive.

ALLOW_ACQUIRER_TRACE_ID

Enables the merchant to provide Trace ID in the API request. Trace id is the unique identifier that allows issuer to link related transactions.

ALLOW_LEVEL_2_ORDER_CREATION

Enables the merchant to create level 2 orders, i.e. provide level 2 specific data when creating an order.

AMEX_SAFEKEY_2

May perform 3DS 2.0 American Express SafeKey authentications.

AUTHORIZATIONS

Enables the merchant to perform authorizations.

AUTO_AUTH_REVERSAL_ON_EXPIRY

The gateway will automatically reverse any outstanding Authorization amounts where an Authorization has expired.

AUTO_AUTH_REVERSAL_ON_PARTIAL_CAPTURE

Where the merchant indicates on a Partial Capture transaction that it is the last Capture they are intending to submit against the Authorization, the gateway will automatically reverse the outstanding Authorization amount.

AVS_TRANSACTION_FILTERING_RULES_OVERRIDE

Enables the merchant to submit a transaction request with Transaction Filtering rules for AVS response codes that override the ones configured for all of their transactions.

BULK_CAPTURES

Enables the merchant to perform multiple captures using a single action in Merchant Administration.

BYPASS_AUTHENTICATION_CAPABILITY_VALIDATION

The gateway rejects financial transaction requests with payer authentication data if the acquirer integration does not have support for this data. If you enable this privilege, the gateway will instead process the financial transaction (i.e. ignore the authentication data).

BYPASS_CARD_CHANGE_FOR_AGREEMENT_VALIDATION

The gateway ensures that when the card used for a recurring, installment, unscheduled or other agreement changes, the merchant must submit a customer-initiated payment. Where this privilege is enabled, this validation is not applied for this merchant.

BYPASS_UNUSUAL_TRANSACTION_PROTECTION

The gateway's Unusual Transaction Protection Service helps to protect merchants from processing unusual transactions. If you decide to opt out from the Unusual Transaction Protection Service, this protection will not be applied and the number of unauthorized excessive transactions (and other similar occurrences) processed by the merchant may increase. By opting out of the Unusual Transaction Protection Service, you accept and agree that you are solely responsible for this increased risk, including any increased charges the merchant may incur in relation to the processing of excessive or unusual transactions.

CAPTURES

Enables the merchant to perform captures.

CARD_ON_FILE

Enables the Merchant to indicate whether the card is stored on file by default.

CARTE_BANCAIRE_3DS2

May perform 3DS 2.0 Carte Bancaire authentications.

CASH_ADVANCE

Enables the merchant to submit Cash Advance transactions.

CHANGE_MERCHANT_TRANSACTION_SOURCE

Enables the merchant to provide the source of the transaction when creating the transaction. If not enabled or not provided by the merchant, the gateway automatically assigns the default transaction source.

CHANGE_ORDER_CERTAINTY

Enables the merchant to make use of a value of order certainty other than their configured default (see defaultOrderCertainty) by supplying it in WS-API requests or in the Create Order UI.

CHANGE_TRANSACTION_FREQUENCY

Enables the merchant to change the frequency of a transaction. Note: Values set for transaction frequency only apply if the merchant uses version 53 and lower of the API.

CREDIT_CARD_BILL_PAYMENTS

Enables the merchant to submit credit card bill payments that disburse funds to the recipient's credit card account.

ENABLE_REFUND_REQUESTS

Enables an operator to request approval for a refund transaction. The refund transaction is not submitted to the acquirer.

ENFORCE_CARD_NUMBER_MASKING_FOR_INPUT

Enforces card masking when entering a payer's card number in Merchant Administration.

ENFORCE_GATEWAY_TOKEN_FOR_CARD_STORED_ON_FILE_TRANSACTIONS

Where enabled, the gateway will enforce the use of gateway tokens for all transactions that indicate that stored card details are used.

ENFORCE_REFUNDS_WITHOUT_AUTHORIZATIONS

Where supported by the acquirer, the gateway attempts to submit an Authorization to the issuer before submitting the Refund to the acquirer. When this privilege is enabled, the gateway will not attempt to submit an Authorization for the Refund.

ENFORCE_UNIQUE_MERCHANT_TRANSACTION_REFERENCE

Enforces a unique Merchant Transaction Reference for every transaction submitted by the merchant. Transactions without a unique Merchant Transaction Reference are rejected by the gateway.

ENFORCE_UNIQUE_ORDER_REFERENCE

Enforces a unique Order Reference across all orders submitted by the merchant. Transactions without a uniqueOrder Reference are rejected by the gateway.

EXCESSIVE_REFUNDS

Enables the merchant to perform refunds for amounts greater than the authorized amount.

GAMING_WINNINGS_PAYMENTS

Enables the merchant to submit transactions that disburse gaming winnings to the payer's account.

IDENTITY_CHECK_EXPRESS

Enables a merchant with privileges and configuration enabling them to use EMV 3DS to make use of SCA Delegation functionality, so that they can provide their customers a frictionless authentication process where they have already authenticated the customer using an approved authentication mechanism.

INSTANT_REFUNDS

Where supported by the acquirer, the gateway attempts to submit refunds for processing in near real time so that the money will instantly be available in the payer's account. 

MANUAL_BATCH_CLOSURE

Enables the merchant to manually trigger settlement for a batch in Merchant Administration or via the 'Close Batch' Web Services API operation.

MASTERCARD_INSTALLMENTS_ENHANCED_AUTHORIZATION_DATA

Enables the merchant to offer issuer Mastercard Installments (MCI) using enhanced authorization data. If enabled the gateway will ask the issuer for available offers. Where offers are available the merchant can then present them to the payer.

MOTO

Enables the merchant to manually create orders in Merchant Administration.

NO_CARDS_SUBMITTED_THROUGH_API_SAQ_A

Support merchant to meet SAQ-A obligation when using merchant user interfaces

NO_CARDS_SUBMITTED_THROUGH_UI_SAQ_A

Support merchant to meet SAQ-A obligation when using merchant user interfaces.

ORDER_DOWNLOAD

Enables the merchant to download order level data in CSV format.

PROCESS_AUTHORIZATION_AS_PURCHASE

May process Authorizations as Purchase

PSD2_EXEMPTIONS

Enables the merchant to claim an exemption from the Regulatory Technical Standards (RTS) requirements for Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2) regulations in the European Economic Area. When enabled the merchant can indicate the type of exemption being claimed when using the Authenticate Payer operation or submitting an Authorize or Pay transaction request.

PURCHASES

Enables the merchant to perform purchases.

REFUNDS

Enables the merchant to create refunds. A refund is the transfer of funds from a merchant to the payer's account.

SECURECODE_2

May perform 3DS 2.0 MasterCard SecureCode authentications.

STANDALONE_CAPTURES

Enables the merchant to perform a capture without first performing an authorization. The merchant must perform the authorization externally, and provide the corresponding authorization code as input to the stand alone capture.

STANDALONE_REFUNDS

Enables the merchant to perform a refund without first creating an order (with a capture or purchase).

STATEMENT_DESCRIPTOR

Enables the merchant to print their contact information on payer's account statements.

SURCHARGE_RULES

Enables the merchant to configure rules for calculating surcharge amounts.

TXN_DOWNLOAD

Enables the merchant to download transaction level data in CSV format.

UPDATE_AUTHORIZATION

Enables the merchant to update an existing authorization, allowing to update the authorized amount or expand the validity period for the order.

VERIFIED_BY_VISA_2

May perform 3DS 2.0 Verified by Visa authentications.

VIEW_SETTLEMENT_PAGES

Enables the merchant to view batch settlement details in Merchant Administration.

VOIDS

Enables the merchant to void transactions. A void is the cancellation of a previous transaction. Voids can only be performed if the transaction is in an unreconciled batch and if the operation is supported by the acquirer.

merchant.risk CONDITIONAL

Details regarding the merchant's risk configuration.

merchant.risk.externalRisk CONDITIONAL

Configuration details for the external risk profile

merchant.risk.externalRisk.gatekeeper CONDITIONAL

Configuration details for the GateKeeper profile

merchant.risk.externalRisk.gatekeeper.assessmentInitiation Enumeration CONDITIONAL

Defines when the gateway sends the transaction to the external risk provider for risk scoring.

Value must be a member of the following list. The values are case sensitive.

AFTER_TRANSACTION_PROCESSING

The request includes relevant data elements from the merchant's transaction request, a globally unique transaction identifier, a risk assessment identifier generated by the payment gateway together with relevant transaction response data from the Acquirer. AVS and CSC results are available for risk assessment.

BEFORE_TRANSACTION_PROCESSING

The request includes relevant data elements from the merchant's transaction request, a globally unique transaction identifier, and a risk assessment identifier generated by the payment gateway. No AVS, CSC or other Acquirer response data is available. Please note that, if you select external risk only (i.e. not internal risk) and "May Use Verification Only for AVS/CSC Risk Assessment" then "Before transaction processing" is not a valid option. This is because the only reason to use the Verification Only transaction is to obtain AVS and CVC results for use in risk assessment. If the risk assessment decision has already been made then performing the Verification Only transaction is an additional and unnecessary action.

merchant.risk.externalRisk.gatekeeper.defaultActionWhenUnableToRiskScore Enumeration CONDITIONAL

Indicates the action to be taken when the gateway is unable to get risk scoring from GateKeeper, for example, due to connectivity issues.

Value must be a member of the following list. The values are case sensitive.

ACCEPT_NOT_CHECKED

The gateway allows the order to progress and risk assessment will not be performed. The risk recommendation for the order will be set to "Not Checked".

REVIEW

The merchant must review the order and accept or reject the order.

merchant.risk.externalRisk.gatekeeper.enableRiskScoring Enumeration CONDITIONAL

The risk scoring status for the external risk provider.

Value must be a member of the following list. The values are case sensitive.

TEST_AND_PRODUCTION

The external risk provider will assess both test and live transactions for risk scoring.

TEST_ONLY

The external risk provider will assess only test transactions for risk scoring.

merchant.risk.externalRisk.gatekeeper.productionCredentials CONDITIONAL
merchant.risk.externalRisk.gatekeeper.productionCredentials.merchantId String CONDITIONAL

The GateKeeper merchant ID used to identify the GateKeeper profile linked to this merchant profile.

Data can consist of any characters

Min length: 1 Max length: 36
merchant.risk.externalRisk.gatekeeper.profileId String CONDITIONAL

The unique identifier for this external risk profile.

When using an existing profile this must be the profile name as defined at the external risk provider. When creating a new profile, the name cannot be subsequently updated and should indicate the merchant or merchant group assigned.

Data can consist of any characters

Min length: 1 Max length: 150
merchant.risk.externalRisk.gatekeeper.sendGatewayMerchantId Enumeration CONDITIONAL

Indicates if the gateway should submit the merchant ID for the merchant's gateway profile to Gatekeeper when submitting transactions for risk assessment.

If selected, this will apply to all gateway merchant profiles configured to use this Gatekeeper profile.

Value must be a member of the following list. The values are case sensitive.

DO_NOT_SEND

Do not send the merchant ID for the merchant's gateway profile to Gatekeeper when submitting transactions for risk assessment.

SEND

Send the merchant ID for the merchant's gateway profile to Gatekeeper when submitting transactions for risk assessment.

merchant.risk.externalRisk.gatekeeper.serviceLevel Enumeration CONDITIONAL

The service level offering that the Merchant has signed up to with GateKeeper.

Value must be a member of the following list. The values are case sensitive.

GOLD

The Gold service level.

merchant.risk.externalRisk.gatekeeper.supportRiskScoringFor Enumeration CONDITIONAL

A GateKeeper Profile can support risk scoring for one or many Merchant Profiles. An organisation with multiple Merchant Profiles may use a single GateKeeper Profile to minimise risk management overheads and to leverage their collective experience of trading with customers. However, if the Merchant Profiles have significantly different business models such as different typical order values or customer purchase patterns, consideration should be given to setting up separate GateKeeper Profiles.

Value must be a member of the following list. The values are case sensitive.

MULTIPLE_MERCHANT_PROFILES

The profile supports being assigned to multiple merchants.

SINGLE_MERCHANT_PROFILE

The profile only supports being assigned to a single merchant.

merchant.risk.externalRisk.gatekeeper.testCredentials CONDITIONAL
merchant.risk.externalRisk.gatekeeper.testCredentials.merchantId String CONDITIONAL

The GateKeeper merchant ID used to identify the GateKeeper profile linked to this merchant profile.

Data can consist of any characters

Min length: 1 Max length: 36
merchant.risk.externalRisk.interceptas CONDITIONAL

Configuration details for the Interceptas profile

merchant.risk.externalRisk.interceptas.assessmentInitiation Enumeration CONDITIONAL

Defines when the gateway sends the transaction to the external risk provider for risk scoring.

Value must be a member of the following list. The values are case sensitive.

AFTER_TRANSACTION_PROCESSING

The request includes relevant data elements from the merchant's transaction request, a globally unique transaction identifier, a risk assessment identifier generated by the payment gateway together with relevant transaction response data from the Acquirer. AVS and CSC results are available for risk assessment.

BEFORE_TRANSACTION_PROCESSING

The request includes relevant data elements from the merchant's transaction request, a globally unique transaction identifier, and a risk assessment identifier generated by the payment gateway. No AVS, CSC or other Acquirer response data is available. Please note that, if you select external risk only (i.e. not internal risk) and "May Use Verification Only for AVS/CSC Risk Assessment" then "Before transaction processing" is not a valid option. This is because the only reason to use the Verification Only transaction is to obtain AVS and CVC results for use in risk assessment. If the risk assessment decision has already been made then performing the Verification Only transaction is an additional and unnecessary action.

merchant.risk.externalRisk.interceptas.billingContact CONDITIONAL
merchant.risk.externalRisk.interceptas.billingContact.email Email CONDITIONAL

The Interceptas tenant's billing contact email.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

merchant.risk.externalRisk.interceptas.billingContact.name String ALWAYS PROVIDED

The Interceptas tenant's billing contact name.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.risk.externalRisk.interceptas.billingContact.phone String CONDITIONAL

The Interceptas tenant's billing contact phone.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.risk.externalRisk.interceptas.businessContact CONDITIONAL
merchant.risk.externalRisk.interceptas.businessContact.email Email CONDITIONAL

The Interceptas tenant's business contact email.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

merchant.risk.externalRisk.interceptas.businessContact.name String CONDITIONAL

The Interceptas tenant's business contact name.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.risk.externalRisk.interceptas.businessContact.phone String CONDITIONAL

The Interceptas tenant's business contact phone.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.risk.externalRisk.interceptas.businessType Enumeration CONDITIONAL

This identifies the type of business that your Merchant is in and influences the risk assessment that will be performed by Interceptas.

Value must be a member of the following list. The values are case sensitive.

AIRLINE_TRAVEL_AGENT

Airline/Travel Agent.

RETAILER_OF_DIGITAL_GOODS

Retailer of digital goods.

RETAILER_OF_PHYSICAL_GOODS

Retailer of physical goods.

merchant.risk.externalRisk.interceptas.currency Upper case alphabetic text CONDITIONAL

Currency is used by Interceptas to define the risk rules (e.g. average order size).

Any transactions submitted to Interceptas using a different currency will be converted to the corresponding value in the base currency before being risk assessed. The value must be expressed as an ISO 4217 alpha code.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
merchant.risk.externalRisk.interceptas.defaultActionWhenUnableToRiskScore Enumeration CONDITIONAL

Indicates the action to be taken when the gateway is unable to get risk scoring from Interceptas, for example, due to connectivity issues. For a merchant with the service level "Bronze", the only valid option is "Accept - Not Checked" as the merchant cannot perform a review.

Value must be a member of the following list. The values are case sensitive.

ACCEPT_NOT_CHECKED

The gateway allows the order to progress and risk assessment will not be performed. The risk recommendation for the order will be set to "Not Checked".

REVIEW

The merchant must review the order and accept or reject the order.

merchant.risk.externalRisk.interceptas.enableRiskScoring Enumeration CONDITIONAL

The risk scoring status for the external risk provider.

Value must be a member of the following list. The values are case sensitive.

TEST_AND_PRODUCTION

The external risk provider will assess both test and live transactions for risk scoring.

TEST_ONLY

The external risk provider will assess only test transactions for risk scoring.

merchant.risk.externalRisk.interceptas.locale String CONDITIONAL

The default language which will be used when users sign into Interceptas.

The value must be provided in the format '<Language>_<Country>', e.g. 'en_US'. <Language> must be a two-letter language code according to ISO 639-1. <Country> must be a two-letter country code according to ISO 3166-1 alpha-2.

Data can consist of any characters

Min length: 2 Max length: 5
merchant.risk.externalRisk.interceptas.productionCredentials CONDITIONAL
merchant.risk.externalRisk.interceptas.productionCredentials.password String CONDITIONAL

The password used to authenticate this merchant profile on the Interceptas scoring module.

Data can consist of any characters

Min length: 1 Max length: 32
merchant.risk.externalRisk.interceptas.productionCredentials.scoringUrl Url CONDITIONAL

The Interceptas URL to which the payment gateway sends the risk scoring request.

Ensure that the URL begins with 'https' and is longer than 11 characters.

merchant.risk.externalRisk.interceptas.productionCredentials.tenantId String CONDITIONAL

The tenant ID used to identify the Interceptas tenant linked to this merchant profile.

Data can consist of any characters

Min length: 1 Max length: 36
merchant.risk.externalRisk.interceptas.productionCredentials.userName String CONDITIONAL

The user name used to identify this merchant profile on the Interceptas scoring module.

Data can consist of any characters

Min length: 1 Max length: 256
merchant.risk.externalRisk.interceptas.profileId String CONDITIONAL

The unique identifier for this external risk profile.

When using an existing profile this must be the profile name as defined at the external risk provider. When creating a new profile, the name cannot be subsequently updated and should indicate the merchant or merchant group assigned.

Data can consist of any characters

Min length: 1 Max length: 150
merchant.risk.externalRisk.interceptas.serviceLevel Enumeration CONDITIONAL

The service level offering that the Merchant has signed up to with Accertify.

Value must be a member of the following list. The values are case sensitive.

BRONZE

The Bronze service level.

GOLD

The Gold service level.

SILVER

The Silver service level.

merchant.risk.externalRisk.interceptas.supportRiskScoringFor Enumeration CONDITIONAL

An Interceptas Tenant can support risk scoring for one or many Merchant Profiles. An organisation with multiple Merchant Profiles may use a single Interceptas Tenant to minimise risk management overheads and to leverage their collective experience of trading with customers. However, if the Merchant Profiles have significantly different business models such as different typical order values or customer purchase patterns, consideration should be given to setting up separate Interceptas Tenants.

Value must be a member of the following list. The values are case sensitive.

MULTIPLE_MERCHANT_PROFILES

The tenant supports being assigned to multiple merchants.

SINGLE_MERCHANT_PROFILE

The tenant only supports being assigned to a single merchant.

merchant.risk.externalRisk.interceptas.technicalContact CONDITIONAL
merchant.risk.externalRisk.interceptas.technicalContact.email Email CONDITIONAL

The Interceptas tenant's technical contact email.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

merchant.risk.externalRisk.interceptas.technicalContact.name String ALWAYS PROVIDED

The Interceptas tenant's technical contact name.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.risk.externalRisk.interceptas.technicalContact.phone String CONDITIONAL

The Interceptas tenant's technical contact phone.

Data can consist of any characters

Min length: 1 Max length: 20
merchant.risk.externalRisk.interceptas.testCredentials CONDITIONAL
merchant.risk.externalRisk.interceptas.testCredentials.password String CONDITIONAL

The password used to authenticate this merchant profile on the Interceptas scoring module.

Data can consist of any characters

Min length: 1 Max length: 32
merchant.risk.externalRisk.interceptas.testCredentials.scoringUrl Url CONDITIONAL

The Interceptas URL to which the payment gateway sends the risk scoring request.

Ensure that the URL begins with 'https' and is longer than 11 characters.

merchant.risk.externalRisk.interceptas.testCredentials.tenantId String CONDITIONAL

The tenant ID used to identify the Interceptas tenant linked to this merchant profile.

Data can consist of any characters

Min length: 1 Max length: 36
merchant.risk.externalRisk.interceptas.testCredentials.userName String CONDITIONAL

The user name used to identify this merchant profile on the Interceptas scoring module.

Data can consist of any characters

Min length: 1 Max length: 256
merchant.risk.externalRisk.interceptas.timeZone String CONDITIONAL

The default timezone which will be used when users sign into Interceptas.

The value must be provided in the form '<Continent>/<City>', e.g. 'America/New_York'. For a complete list of timezones please refer to http://twiki.org/cgi-bin/xtra/tzdatepick.html.

Data can consist of any characters

Min length: 1 Max length: 40
merchant.risk.externalRisk.providerId Enumeration CONDITIONAL

The unique identifier for this external risk provider issued by the gateway.

Merchant Boarding API supported external risk providers

Value must be a member of the following list. The values are case sensitive.

GATEKEEPER
INTERCEPTAS
NUDETECT
merchant.risk.privilege[n] Enumeration CONDITIONAL

Risk management privileges assigned to the merchant.

Value must be a member of the following list. The values are case sensitive.

RISK_VERIFY_ONLY

Allows the gateway to submit a Verification Only transaction to the acquirer to obtain the AVS and CSC results for use in risk assessment. This avoids having to perform the financial transaction before risk assessment and the need to release the hold on cardholder funds in the event the transaction is rejected due to risk assessment.

SYSTEM_REFUND

Allows the gateway to refund against an order if risk assessment rejects the order after the financial transaction has successfully been performed. This privilege is required only, if the Refunds privilege is not enabled.

merchant.risk.transactionRiskManagement CONDITIONAL

Configuration details for the transaction risk management functionality for the merchant.

The transaction risk management functionality ensures that the merchant's transactions are submitted to the Risk Service Provider for risk assessment and blocked if they are identified as fraudulent.

Only provide the fields in this parameter group if you want to override the default configuration for the transaction risk management functionality that you have configured in Merchant Manager on the 'Risk Management - Transaction Risk Management' page.

To apply the default configuration to the merchant, do not include this parameter group.

merchant.risk.transactionRiskManagement.assessmentInitiation Enumeration CONDITIONAL

Determines if the transaction is submitted to the Risk Service Provider for risk assessment before or after being submitted to the acquirer for processing.

You must provide this field if the request contains merchant.risk.transactionRiskManagement.status=ENABLED.

Value must be a member of the following list. The values are case sensitive.

AFTER_TRANSACTION_PROCESSING

Transactions will be submitted to the Risk Service Provider for risk assessment before being submitted to the acquirer for processing.

BEFORE_TRANSACTION_PROCESSING

Transactions will be submitted to the Risk Service Provider for risk assessment after being submitted to the acquirer for processing. The gateway will be able to include acquirer response details in the risk assessment request to the Risk Service Provider.

merchant.risk.transactionRiskManagement.status Enumeration CONDITIONAL

Determines if the transaction risk management functionality should be applied to the merchant's transaction requests.

If you provide this field you are overriding the default configuration for the transaction risk management functionality that you have configured in Merchant Manager on the 'Risk Management - Transaction Risk Management' page.

Value must be a member of the following list. The values are case sensitive.

DISABLED

The transaction risk management functionality is disabled for the merchant.

ENABLED

The transaction risk management functionality is enabled for the merchant.

merchant.secureRemoteCommerce CONDITIONAL

Details regarding the merchant's Secure Remote Commerce (SRC) enrollment and enablement.

merchant.secureRemoteCommerce.scheme[n] CONDITIONAL

Details regarding the merchant's Secure Remote Commerce (SRC) configuration for the scheme as defined in merchant.secureRemoteCommerce.scheme[n].name.

merchant.secureRemoteCommerce.scheme[n].dpaid String CONDITIONAL

Unique identifier assigned to the merchant (called Digital Payment Application) by the Secure Remote Commerce (SRC) System for this scheme.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.secureRemoteCommerce.scheme[n].enrolmentStatus Enumeration CONDITIONAL

Indicates if the merchant has enrolled for Secure Remote Commerce (SRC) for this scheme.

Value must be a member of the following list. The values are case sensitive.

ENROLLED

The merchant has successfully enrolled for Secure Remote Commerce (SRC) for this scheme.

ENROLLMENT_FAILED

The merchant has attempted to enroll for Secure Remote Commerce (SRC) for this scheme but enrollment was not successful.

ENROLLMENT_IN_PROGRESS

The merchant has requested to be enrolled for Secure Remote Commerce (SRC) and the scheme is in the process of completing the enrollment.

ENROLLMENT_PENDING

The merchant has requested to be enrolled for Secure Remote Commerce (SRC) for this scheme and the scheme has not yet responded.

NOT_ENROLLED

The merchant has not yet enrolled for Secure Remote Commerce (SRC) for this scheme.

UPDATE_FAILED

The merchant has successfully enrolled for Secure Remote Commerce (SRC) for the scheme and a subsequent attempt to update the enrollment details has failed.

UPDATE_IN_PROGRESS

The merchant has successfully enrolled for Secure Remote Commerce (SRC) for the scheme and subsequently requested to update the enrollment details. The scheme is in the process of completing the update.

merchant.secureRemoteCommerce.scheme[n].name Enumeration CONDITIONAL

The scheme for which the merchant's Secure Remote Commerce (SRC) enrollment status is provided.

Value must be a member of the following list. The values are case sensitive.

AMERICAN_EXPRESS

American Express.

MASTERCARD

Mastercard.

VISA

Visa.

merchant.secureRemoteCommerce.status Enumeration CONDITIONAL

Indicates if the merchant has enabled Secure Remote Commerce (SRC) on their merchant profile.

Value must be a member of the following list. The values are case sensitive.

DISABLED

The merchant has disabled Secure Remote Commerce (SRC) on their merchant profile.The merchant cannot retrieve payment details for SRC interactions via the gateway and SRC will not be offered as a checkout option in Hosted Checkout.

ENABLED

The merchant has enabled Secure Remote Commerce (SRC) on their merchant profile.The merchant can retrieve payment details for SRC interactions via the gateway and SRC will be offered as a checkout option in Hosted Checkout.

merchant.service[n] Enumeration CONDITIONAL

A gateway feature that you can enable for a merchant.

Use this field to enable a service on this merchant profile.
Note: the options available to you are determined by your gateway configuration and in addition to the rules defined by the merchant themselves.

Value must be a member of the following list. The values are case sensitive.

ENABLE_AMEX_EXPRESS_CHECKOUT

Enables the merchant to use the Amex Express Checkout digital wallet to collect the payer's payment details.

ENABLE_BATCH

Enables the merchant to integrate with the gateway via the Batch API. The Authentication mode is set to 'Password Authentication'.

ENABLE_CHECKOUT

Enables the merchant to collect the payer's payment details using a Hosted Checkout.

ENABLE_DECRYPT_APPLE_PAY

Enables the merchant to present Apple Pay payment tokens.

ENABLE_DECRYPT_GOOGLE_PAY

Enables the merchant to present Google Pay payment tokens.

ENABLE_DECRYPT_SAMSUNG_PAY

Enables the merchant to present Samsung Pay payment tokens.

ENABLE_DEVICE_PAYMENTS

Enables the merchant to use supported device payment methods such as Apple Pay, Android Pay or Samsung Pay.

ENABLE_HOSTED_PAYMENT_FORM

Enables the merchant to collect the payer's payment details through their own payment form while submitting them directly from the payer's browser to the gateway.

ENABLE_MASTERPASS_ONLINE

Enables the merchant to use the MasterPass Online digital wallet to collect the payer's payment details.

ENABLE_MSO_CONFIGURED_TRANSACTION_FILTERING

Enables you to configure transaction filtering rules for this merchant. If you enable this service, you should also configure the rules you want to apply in the merchant.transactionFiltering parameter group.

ENABLE_NOTIFICATIONS

Enables the merchant to configure merchant email notifications as well as customer email notifications.

ENABLE_PAYMENTS_WITHOUT_AUTHENTICATION

Enables the merchant to process payments without any merchant authentication.

ENABLE_REPORTING_API

Enables the merchant to integrate with the gateway via the Reporting API.

ENABLE_SUBGATEWAY_PROCESSING

Enables the merchant to act as a subgateway. A subgateway can submit requests to the gateway on behalf of their client merchants to access gateway services. Client merchants of the subgateway do not need merchant profiles created on the gateway.

ENABLE_VISA_CHECKOUT

Enables the merchant to use the Visa Checkout digital wallet to collect the payer's payment details.

ENABLE_WEB_SERVICES_API

Enables the merchant to integrate with the gateway via the Web Services API. The Authentication mode is set to 'Password Authentication'.

merchant.state Enumeration CONDITIONAL

Use this field to indicate whether or not the merchant may use gateway features configured on their merchant profile.

By default this field is set to ENABLED.

Value must be a member of the following list. The values are case sensitive.

DISABLED

The merchant cannot use any of the gateway features configured on their merchant profile and cannot log into merchant UIs.

ENABLED

The merchant may use all of the gateway features configured on their merchant profile and may also log into merchant UIs.

merchant.subgateway CONDITIONAL

Information about a merchant you have enabled to act as a subgateway.

These fields only apply if you have set ENABLE_SUBGATEWAY_PROCESSING in the merchant.service[n] field.

Use these fields to provide information so that our gateway can process requests submitted by this merchant on behalf of their client merchants.

merchant.subgateway.acquirerMerchantIds[n] Alphanumeric + additional characters CONDITIONAL

This lets you limit the scope of this subgateway to the client merchants that they own.

The gateway will only process requests from this subgateway merchant that have a acquirer.merchantId value that is in this list.

The acquirer.merchantId is the Bank Merchant ID/SE Number/account name or such issued by this acquirer. You can specify a comma-separated list of either:

  • • merchant ids, or
  • • a dash separated range (inclusive) of merchant ids.
If a merchant id includes a dash, comma or backslash, then those characters can be escaped with a backslash. For example, the value:
  • kddfg\-x, eam1340-eam1343,a8-a11,009-011,x y
allows ids:
  • kddfg-x, eam1340, eam1341, eam1342, eam1343, a8, a9, a10, a11, 009, 010, 011, x y
Not providing this value is an empty list, which will prevent this merchant transacting as a subgateway. Providing the special value <<ANY>> allows the subgateway to submit any acquirer.merchantId.

Data may consist of the characters 0-9, a-z, A-Z, '-'

Min length: 1 Max length: 100
merchant.systemCapturedCardMaskingFormat Enumeration ALWAYS PROVIDED

The card number masking format applied by the gateway when the card number was supplied by the customer rather than the merchant.

This format will be used for transactions originating from Hosted Payment Form integrations.

Formats for masking card numbers.

Value must be a member of the following list. The values are case sensitive.

DISPLAY_0_4

Display last 4 digits of Card Number.

DISPLAY_6_3

Display first 6 and last 3 digits of Card Number.

DISPLAY_6_4

Display first 6 and last 4 digits of Card Number.

DISPLAY_FULL

Display Full Card Number.

DISPLAY_NONE

Display No Card Number.

merchant.timeZone String ALWAYS PROVIDED

Defines the default time zone used for merchant operators in Merchant Administration, unless overridden by the operator.

It is used to display the transaction time. The value must be provided in the form '<Continent>/<City>', e.g. 'America/New_York'. For a complete list of timezones please refer to http://twiki.org/cgi-bin/xtra/tzdatepick.html.

Data can consist of any characters

Min length: 1 Max length: 40
merchant.tokenization CONDITIONAL

Configuration details for the Tokenization functionality.

merchant.tokenization.aetsSchemeTokenUsage Enumeration CONDITIONAL

Enable the use of AETS scheme tokens from the selected token repository for this merchant.

Where enabled, the gateway will use the scheme token (rather than the actual card details) stored against the gateway token when processing a request with this gateway token. Tokenization of card details with AETS requires additional configuration on the merchant.tokenization.tokenRepository.schemeTokenization.aets group.

Value must be a member of the following list. The values are case sensitive.

ENABLE_FOR_PRODUCTION_AND_TEST_MERCHANT_PROFILE

Enable use of network tokens for the production as well as the test merchant profile.

ENABLE_FOR_TEST_MERCHANT_PROFILE_ONLY

Enable use of network tokens for the test merchant profile only.

merchant.tokenization.mdesSchemeTokenUsage Enumeration CONDITIONAL

Enable the use of MDES scheme tokens from the selected token repository for this merchant.

Where enabled, the gateway will use the scheme token (rather than the actual card details) stored against the gateway token when processing a request with this gateway token. Tokenization of card details with MDES requires additional configuration on the merchant.tokenization.tokenRepository.schemeTokenization.mdes group.

Value must be a member of the following list. The values are case sensitive.

ENABLE_FOR_PRODUCTION_AND_TEST_MERCHANT_PROFILE

Enable use of network tokens for the production as well as the test merchant profile.

ENABLE_FOR_TEST_MERCHANT_PROFILE_ONLY

Enable use of network tokens for the test merchant profile only.

merchant.tokenization.tokenMaintenanceService Boolean CONDITIONAL

The Token Maintenance Service attempts to ensure that the card details stored against a token are current thereby increasing the likelihood of successfully processing a recurring payment that uses the token.

The Token Maintenance Service uses the Account Updater functionality. Therefore the Account Updater functionality must be enabled for at least one Merchant-Acquirer-Link for the merchant. Only tokens with payment details for which requests would be processed via such a Merchant-Acquirer-Link can be updated.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.tokenization.tokenRepository CONDITIONAL

Details regarding the token repository configuration.

merchant.tokenization.tokenRepository.schemeTokenization CONDITIONAL

Provide the merchant credentials for accessing a scheme tokenization service provider such as Mastercard Digital Enablement Service (MDES).

Where provided, the gateway will perform scheme tokenization for gateway tokens (that contain card details).

merchant.tokenization.tokenRepository.schemeTokenization.aets CONDITIONAL

Configuration details for the American Express Tokenization Service (AETS).

merchant.tokenization.tokenRepository.schemeTokenization.aets.clientId String ALWAYS PROVIDED

An identifier assigned by American Express Token Service (AETS) for authentication to the service.

The merchant can find the Client ID value in the AETS Dashboard.

Data can consist of any characters

Min length: 1 Max length: 64
merchant.tokenization.tokenRepository.schemeTokenization.aets.encryptionKeyId String ALWAYS PROVIDED

The identifier of the static 256-bit AES encryption key provided by American Express Token Service (AETS).

This is used to identify the static AES key in the encrypted cardholder account data sent to the service and in the encrypted token data returned by the service. The merchant can find the Encryption Key ID value on the AETS Dashboard.

Data can consist of any characters

Min length: 1 Max length: 64
merchant.tokenization.tokenRepository.schemeTokenization.aets.tokenRequestorId String ALWAYS PROVIDED

A unique identifier assigned to a merchant by American Express Token Service (AETS).

This identifier will be used for all merchants using this token repository.
Once configured, it cannot be updated. A new token repository would have to be assigned to the merchant.

Data can consist of any characters

Min length: 1 Max length: 64
merchant.tokenization.tokenRepository.schemeTokenization.mdes CONDITIONAL

Configuration details for the Mastercard Digital Enablement Service (MDES).

merchant.tokenization.tokenRepository.schemeTokenization.mdes.tokenRequestorId String ALWAYS PROVIDED

A unique identifier assigned to a merchant by Mastercard Digital Enablement Service (MDES).

This identifier will be used for all merchants using this token repository.
Once configured, it cannot be updated. A new token repository would have to be assigned to the merchant.

Data can consist of any characters

Min length: 11 Max length: 11
merchant.tokenization.tokenRepository.schemeTokenization.vts CONDITIONAL

Configuration details for the VISA Tokenization Service (VTS).

merchant.tokenization.tokenRepository.schemeTokenization.vts.merchantSpecificKeysProvided Boolean CONDITIONAL

Indicates whether a set of merchant specific keys for authenticating to the Visa Token Service (VTS) has been configured for this token repository.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.tokenization.tokenRepository.schemeTokenization.vts.relationshipId String ALWAYS PROVIDED

A unique identifier assigned to the merchant by Visa Token Service (VTS).

This identifier is used to identify the merchant in requests submitted by the gateway to VTS.
Note that the same identifier will be used for all merchants using this token repository.
Once configured, the value cannot be updated.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.tokenization.tokenRepository.schemeTokenization.vts.tokenRequestorId String ALWAYS PROVIDED

A unique identifier assigned to a merchant by Visa Token Service (VTS).

This identifier will be used for all merchants using this token repository.
Once configured, it cannot be updated. A new token repository would have to be assigned to the merchant.

Data can consist of any characters

Min length: 11 Max length: 11
merchant.tokenization.tokenRepository.tokenGeneration Enumeration CONDITIONAL

Defines the strategy used to generate a token.

Mandatory, if repository must be created.

Value must be a member of the following list. The values are case sensitive.

MERCHANT_SUPPLIED

Tokens are supplied by the merchant. Any merchant supplied token is validated to not be a valid card number.

PRESERVE_6_4

Tokens are generated preserving the first 6 and last 4 digits of the account identifier, e.g. card number. The remaining digits are randomized, and the token is guaranteed to fail a Luhn (Mod-10) check so that it does not create a valid card number.

RANDOM_WITH_LUHN

Tokens are generated as random numbers. It starts with a '9' (so that is does not create a valid card number) and passes a Luhn (Mod-10) check.

merchant.tokenization.tokenRepository.tokenManagementStrategy Enumeration CONDITIONAL

Defines how tokens within the repository are managed by the gateway.

Mandatory, if repository must be created.

Value must be a member of the following list. The values are case sensitive.

UNIQUE_TOKEN

A unique token is assigned every time an account identifier is saved in the token repository, defining a one-to-many relationship between an account identifier and the token.

merchant.tokenization.tokenRepositoryId ASCII Text CONDITIONAL

Unique identifier of the token repository.

Token repositories can be shared across merchants; however, a single merchant can be associated with only one token repository at a given time. Every token repository has a corresponding test token repository, which only the merchants with the corresponding test profiles can access. For example, if the repository ID is ABC, the test repository ID will be TestABC. Hence, the system displays an error if you specify a repository ID that starts with 'Test'

Data consists of ASCII characters

Min length: 1 Max length: 16
merchant.tokenization.verificationStrategy Enumeration CONDITIONAL

The type of verification performed by the gateway for payment details stored against a token repository for this merchant.

Value must be a member of the following list. The values are case sensitive.

ACQUIRER

The gateway performs a Web Services API Verify request. Depending on the payment type, you may need to provide additional details to enable the submission of a Verify request.

BASIC

The gateway validates the format of the payment details. For cards it also validates that the card number falls within a valid BIN range. For ACH payment details it also validates the check digit for the routing number

NONE

The gateway does not perform any verification.

merchant.tokenization.vtsSchemeTokenUsage Enumeration CONDITIONAL

Enable the use of VTS scheme tokens from the selected token repository for this merchant.

Where enabled, the gateway will use the scheme token (rather than the actual card details) stored against the gateway token when processing a request with this gateway token. Tokenization of card details with VTS requires additional configuration. This configuration is currently only available in Merchant Manager.

Value must be a member of the following list. The values are case sensitive.

ENABLE_FOR_PRODUCTION_AND_TEST_MERCHANT_PROFILE

Enable use of network tokens for the production as well as the test merchant profile.

ENABLE_FOR_TEST_MERCHANT_PROFILE_ONLY

Enable use of network tokens for the test merchant profile only.

merchant.tradingId String CONDITIONAL

A unique identifier allocated to the merchant by ANZ Worldline Payment Solutions if different from the Merchant ID.

Data can consist of any characters

Min length: 1 Max length: 16
merchant.tradingName String CONDITIONAL

The trading name of the merchant's business if it is different to that of the company name.

Data can consist of any characters

Min length: 1 Max length: 100
merchant.transactionFiltering CONDITIONAL

Configuration of transaction filtering rules that apply to transactions processed by this merchant.

You only need to set this if you want to define rules for this merchant, in addition to those that you have configured to apply to all of your merchants, and in addition to the rules defined by the merchant themselves.
The gateway complies with all configured rules when determining if a transaction should be processed.

merchant.transactionFiltering.3DSecure CONDITIONAL

Transaction filtering rules based on the results of 3-D Secure payer authentication.

These rules enable the gateway to reject or mark transactions for review, based on rules you can configure.

You only need to use this parameter group if you want to specify rules to apply to this merchant and therefore override any global filtering rules you have set.

You can set values for only one of customFilter, managedFilters, or noFilter. If you provide none of these values, the gateway will apply any global filtering rules that you have specified.

merchant.transactionFiltering.3DSecure.customFilter String CONDITIONAL

The name of the 3DS1 custom rule set that you want to apply to this merchant's transactions.

Use this field if the managed rules provided by the gateway are not suitable. Note: You must first provide the gateway with your custom rule set using the MSO UI.

Data can consist of any characters

Min length: 1 Max length: 256
merchant.transactionFiltering.3DSecure.customFilter3DS2 String CONDITIONAL

The name of the 3DS2 custom rule set that you want to apply to this merchant's transactions.

Use this field if the managed rules provided by the gateway are not suitable. Note: You must first provide the gateway with your custom rule set using the MSO UI.

Data can consist of any characters

Min length: 1 Max length: 256
merchant.transactionFiltering.3DSecure.managedFilters CONDITIONAL

This group lets you select filtering rules managed by the gateway.

If you use this, then you must select at least one field in this parameter group.

merchant.transactionFiltering.3DSecure.managedFilters.reject3DSNotAttempted Boolean CONDITIONAL

Block e-commerce transactions where 3-D Secure authentication of the payer has not been attempted.

That is, a directory server lookup was not attempted, or an 'Enrolled' response was not followed by an ACS interaction.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.3DSecure.managedFilters.rejectNoLiabilityShift Boolean CONDITIONAL

Block e-commerce transactions where 3-D Secure authentication of the payer has not resulted in liability shift to the issuer.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.3DSecure.managedFilters.rejectNotFullyAuthenticated Boolean CONDITIONAL

Block e-commerce transactions where the cardholder has not been successfully authenticated with 3-D Secure.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.3DSecure.managedFilters.rejectOnGatewayRecommendation Boolean CONDITIONAL

Block e-commerce transactions based on the gateway's evaluation of the 3-D Secure authentication results against recommendations for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Based on this assessment, the transaction will be blocked or processed as fully authenticated, authentication attempted, or as an unauthenticated transaction.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.3DSecure.noFilter Boolean CONDITIONAL

No 3-D Secure filtering is applied to the merchant's transactions.

Use this option when you have configured global 3-D Secure filters that apply to all of your merchants and do not want that filtering to apply to this merchant.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.blockedBinRange[n] CONDITIONAL

Transaction filtering rules based on card BIN ranges.Block transactions for this merchant where the BIN for the card number is in this range.

Note that you can either configure a set of BIN ranges for which requests will be blocked (blacklist)or a set of BIN ranges for which requests will be allowed (whitelist), but not both.

When defining a blacklist, all requests with card numbers outside the defined BIN ranges are allowed.When defining a whitelist, all requests with card numbers outside the defined BIN ranges will be blocked.

merchant.transactionFiltering.blockedBinRange[n].end Integer CONDITIONAL

The last BIN of the BIN range you want blocked.

A number comprising the digits 0-9, having at least one digit. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger.)

Min value: 100000 Max value: 999999
merchant.transactionFiltering.blockedBinRange[n].start Integer ALWAYS PROVIDED

The first BIN of the BIN range you want blocked.

A number comprising the digits 0-9, having at least one digit. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger.)

Min value: 100000 Max value: 999999
merchant.transactionFiltering.blockedIpAddressRange[n] CONDITIONAL

Transaction filtering rules for IP addresses.

Transactions originating from an IP address in these ranges will be blocked.

merchant.transactionFiltering.blockedIpAddressRange[n].end IpAddress CONDITIONAL

The last IP address of an IP address range to be blocked, in nnn.nnn.nnn.nnn format.

Ensure that the IpAddress is in the format n.n.n.n, where each n is in the range of 0 to 255

merchant.transactionFiltering.blockedIpAddressRange[n].start IpAddress ALWAYS PROVIDED

The first IP address of an IP address range to be blocked, in nnn.nnn.nnn.nnn format.

Ensure that the IpAddress is in the format n.n.n.n, where each n is in the range of 0 to 255

merchant.transactionFiltering.cardSecurityCode[n] Enumeration CONDITIONAL

Block transactions based on the absence of the Card Security Code (CSC) or the response from the card issuer.

Value must be a member of the following list. The values are case sensitive.

REJECT_CSC_NOT_PRESENT_ON_CARD

Rejects transactions where the merchant has indicated that CSC is not present on the card.

REJECT_ISSUER_NOT_CERTIFIED

Rejects transactions for which the issuer is not certified for CSC processing.

REJECT_NOT_PROCESSED

Rejects transactions where the CSC is not processed.

REJECT_NO_CSC_MATCH

Rejects transactions where the CSC submitted is invalid or does not match the one associated with the card.

merchant.transactionFiltering.dynamic3DSecure Boolean CONDITIONAL

Enable Dynamic 3-D Secure Authentication for this merchant.

The merchant can only be enabled for this functionality if they are configured for at least one 3-D Secure authentication scheme and also configured to use an external risk provider (merchant.risk parameter group).

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.ipCountry CONDITIONAL

Transaction filtering rules for countries based on IP address.

Transactions originating from IP addresses associated with the countries you specify will be blocked. You can also choose to block transactions from unidentified countries or anonymous proxy servers.

merchant.transactionFiltering.ipCountry.rejectAnonymousProxy Boolean CONDITIONAL

Block transactions originating from anonymous proxy servers.

Do not set to 'false' if merchant.transactionFiltering.ipCountry.rejectCountry is populated.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.ipCountry.rejectCountry[n] Alpha CONDITIONAL

Block transactions originating from IP addresses associated with this country.

Provide the 3 character ISO 3166-1 alpha-3 country code of the country to be blocked.

Data may consist of the characters a-z, A-Z

Min length: 3 Max length: 3
merchant.transactionFiltering.ipCountry.rejectUnknownCountry Boolean CONDITIONAL

Block transactions from IP addresses when the gateway cannot identify the country from which it originated.

Do not set to 'false' if merchant.transactionFiltering.ipCountry.rejectCountry is populated.

The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)

merchant.transactionFiltering.whiteListedBinRange[n] CONDITIONAL

Transaction filtering rules based on card BIN ranges.Allow transactions for this merchant where the BIN for the card number is in this range.

Note that you can either configure a set of BIN ranges for which requests will be blocked (blacklist)or a set of BIN ranges for which requests will be allowed (whitelist), but not both.

When defining a blacklist, all but requests with card numbers within the defined BIN ranges are allowed.When defining a whitelist, all but requests with card numbers within the defined BIN ranges will be blocked.

merchant.transactionFiltering.whiteListedBinRange[n].end Integer CONDITIONAL

The last BIN of the BIN range you want whitelisted.

A number comprising the digits 0-9, having at least one digit. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger.)

Min value: 100000 Max value: 999999
merchant.transactionFiltering.whiteListedBinRange[n].start Integer ALWAYS PROVIDED

The first BIN of the BIN range you want whitelisted.

A number comprising the digits 0-9, having at least one digit. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger.)

Min value: 100000 Max value: 999999
merchant.updated DateTime ALWAYS PROVIDED

The time stamp indicating the last update to the merchant's profile configuration.

An instant in time expressed in ISO8601 date + time format - "YYYY-MM-DDThh:mm:ss.SSSZ"

merchant.webSite Url CONDITIONAL

URL of the merchant's website.

This is mandatory if the merchant is enrolled in a 3DSecure scheme.

Ensure that the URL begins with 'https' and is longer than 11 characters.

result Enumeration ALWAYS PROVIDED

A system-generated high level overall result of the operation.

Value must be a member of the following list. The values are case sensitive.

FAILURE

The operation was declined or rejected by the gateway, acquirer or issuer

PENDING

The operation is currently in progress or pending processing

SUCCESS

The operation was successfully processed

UNKNOWN

The result of the operation is unknown

Errors

error

Information on possible error conditions that may occur while processing an operation using the API.

error.cause Enumeration

Broadly categorizes the cause of the error.

For example, errors may occur due to invalid requests or internal system failures.

Value must be a member of the following list. The values are case sensitive.

INVALID_REQUEST

The request was rejected because it did not conform to the API protocol.

REQUEST_REJECTED

The request was rejected due to security reasons such as firewall rules, expired certificate, etc.

SERVER_BUSY

The server did not have enough resources to process the request at the moment.

SERVER_FAILED

There was an internal system failure.

error.explanation String

Textual description of the error based on the cause.

This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.

Data can consist of any characters

Min length: 1 Max length: 1000
error.field String

Indicates the name of the field that failed validation.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Data can consist of any characters

Min length: 1 Max length: 100
error.supportCode String

Indicates the code that helps the support team to quickly identify the exact cause of the error.

This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.

Data can consist of any characters

Min length: 1 Max length: 100
error.validationType Enumeration

Indicates the type of field validation error.

This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.

Value must be a member of the following list. The values are case sensitive.

INVALID

The request contained a field with a value that did not pass validation.

MISSING

The request was missing a mandatory field.

UNSUPPORTED

The request contained a field that is unsupported.

result Enumeration

A system-generated high level overall result of the operation.

Value must be a member of the following list. The values are case sensitive.

ERROR

The operation resulted in an error and hence cannot be processed.