Versions Compared

Old Version 13

changes.mady.by.user Peter Posse

Saved on

compared with

New Version 14

changes.mady.by.user Admin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space ENWORK and version Documentation

About Hosted Payment Page

General information about Hosted Payment Page

The Hosted Payment Page is a checkout that contains only the step of selecting the payment method. It is a HTML form with responsive design that is displayed properly on all devices.

In the case of payments via Hosted Payment Page, the shop redirects its customers to the

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
HTML form where they selects their payment method. After confirming the selection depending on the payment method 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 forwards the customer to a 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 HTML form or to a form from an external service provider and notifies the shop after completion about the payment result.

Following table contains the payment methods which you can use via Hosted Payment Page

:

(click on header to sort by alphabet).

Table Filter
hideControlstrue
inversefalse
hidelabelstrue
sparkNameSparkline
hidePanetrue
disableSavetrue
separatorPoint (.)
defaultZahlart
isFirstTimeEnterfalse
hideColumnstrue
datepatterndd M yy
id1622203224221_-2117918858
worklog365|5|8|y w d h m|y w d h m
isORAND
order0
Multiexcerpt
MultiExcerptNameHPP_paytype

Payment type

Zahlart

PayType

Credit card

Kreditkarte

CC

PayPal

PayPal

PayPal

Apple PayApple PayApplePay
Google PayGoogle PayGooglePay

Direct debit

Lastschrift

EDD

EPSEPSEPS

giropay

giropay

giropay

PayPal

PayPal

PayPal

iDEAL

iDEAL

iDEAL

iDEAL via PPROiDEAL über PPROiDEALPP

Sofort

Sofort

Sofort

giropay

giropay

giropay

KlarnaKlarnaKlarnaPM

paydirekt

paydirekt

paydirekt

PostFinance

PostFinance

POSTFINPP

Sofort

Sofort

Sofort

paydirekt

paydirekt

paydirekt

Alipay

Alipay

Alipay

B4PaymentB4PaymentB4Payment

Bancontact

Bancontact

Bancontact

Bancontact

BanconPP

Bank Transfer

Bank Transfer

BankTranPP

BitPay

BitPay

BitPayPP

BluecodeBluecodeBluecode
BoletoBoletoBoletoPP
ChinapayChinapayChinapay
CUPCUPCUPPP

Dragonpay

Dragonpay

DragonPP

eNETS

eNETS

ENETSPP

Finland Online Bank Transfer

Finland Online Bank Transfer

FinOBTPP

Indonesia ATM

Indonesia ATM

IndoATMPP

Multibanco

Multibanco

MultibanPP

My Bank

My Bank

MyBankPP

MyClear FPX

MyClear FPX

MyClearPP

Przelewy 24

Przelewy 24

P24PP

POLi

POLi

POLiPP

PostFinance

PostFinance

POSTFINPP

paysafecard

paysafecard

PSCPP

RHB Bank

RHB Bank

RHBBankPP

SafetyPay

SafetyPay

SafetyPPP

7-Eleven

7-Eleven

SevenElePP

Skrill

Skrill

SkrillPP

TrustPay

TrustPay

TrustPayPP

Apple PayApple PayApplePay
Google PayGoogle PayGooglePay
B4PaymentB4PaymentB4Payment
BoletoBoletoBoletoPP
CUPCUPCUPPP
EPSEPSEPS

WechatWechatWechatPP
Linchpin Teaser
urlEntityId26247172
titleCookie-/session - handling
type0
url/x/BICQAQ


Table of Contents


Following table lists all card brands that can be uses via the Hosted Payment Page. When submitting the value CC in parameter PayTypes all brands are displayed that are configured for a certain merchant. Selecting specific brands can be done by submitting a string of the desired brand names separated by pipe signs.

Multiexcerpt
MultiExcerptNameHPP_schemes

Kreditkartenmarke / Scheme Names → values for CCBrand

AirPlus

AMEX

ARGENCARD

Aura

Bancontact

CABAL

Cartes Bancaires

Maestro

CBN

CENCOSUD

ComfortCard

CUP

Dankort

DINERS

Discover

Elo

Hipercard

JCB

Maestro

MasterCard

NARANJA

RuPay

SHOPPING

TOTAL

VISA

Process of payment

To make payments via the Hosted Payment Page you send a request to following URL with HTTPS GET or HTTPS POST:

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameBaseURL
PageWithExcerptWording
paymentPage.aspx

 

All details required for payment processing are forwarded as parameters. The parameters are encrypted with Blowfish to ensure that neither the customer nor a third party can manipulate the data.

When calling the form 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
decrypts the parameters and shows the HTML page with the payment methods. The customer selects the payment method and triggers the forwarding by clicking the button "Next".

After the payment has been made 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
redirects the customers back to a shop page via HTTPS GET (URLSuccess, URLFailure) and transmits the result of the payment as a Blowfish-encrypted parameter string to these URLs. In addition 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 transmits the result via HTTPS POST to the shop's Notify page (URLNotify). The shop accepts the payment result and decrypts the data in order to inform the customer about the status.


Calling the Hosted Payment Page

Calling the Hosted Payment Page starts with the correct composition of the parameters which consist of a key and a value and which are separated by an equals sign (=):

MerchantID=Test

 

All parameters are assembled in a character string and separated by the character &:

Amount=100&Currency=EUR&TransID=12345

 

Notice: Since the characters "=" and "&" are used as separating characters, these characters cannot be transmitted as values. All values which you transmit without BlowFish-encryption must be URL-Encoded.

A correct parameter character string for 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
contains three basic parameters: MerchantID, Len and Data. The parameters MerchantID and Len are unencrypted. Only the Data parameter is Blowfish-encrypted:

MerchantID=Test&Len=67&Data=0A67FE96a65d384350F50FF1

 

The Data parameter contains the sensitive payment details such as amount and currency. The encrypted bytes are Hex-encoded and completed to two characters from the left with a zero. Encryption is via Blowfish ECB and is available to you as source-code and components.

The Len parameter is very important for encryption because it contains the length of the unencrypted(!) character string in the Data parameter. Since the data quantity to be encrypted is increased by a multiple of 8 in the case of the Blowfish encryption, the correct length of the character string must be known for decryption. Otherwise accidental characters emerge at the end of the character string.

The parameters are transmitted via HTTPS POST or HTTPS GET. The recommended transmit method is HTTPS POST because the parameter character string in the case of GET is attached to the URL, which is limited to 2048 bytes depending on the browser.

Notice: Please note that the maximum length of a payment request is limited to 5120 characters. If you require longer strings please contact

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameHelpdesk-Name
PageWithExcerptWording
.

The following listings show the development of a payment request. The first listing is the unencrypted parameter character string:

MerchantID=Test&TransID=100000001&Amount=11&Currency=EUR&URLSuccess=https://www.shop.com/ok.html&URLFailure=https://www.shop.com/failed.html&URLNotify=https://www.shop.com/notify.cgi&OrderDesc=My order

 

Notice: Please note that a value is to be assigned to each parameter. Do not transmit empty parameters, as this can cause the payment to fail.

This character string is encrypted and transmitted as the Data parameter. The HTTPS GET request for the Hosted Payment Page looks like this:

<a href=

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameBaseURL
PageWithExcerptWording
paymentPage.aspx?MerchantID=Test&Len=162&Data=E98D40FFFD622C5FE7414F73539A1852C2CE7C8B09D34DF217E27FA2E194B9968DE9ABAE3B1F44B5485EFE3EF2597C7395BADBAD4340CDFD000DD57129EEFAA0BE904A7E2339DCF9363DA6ACDBE5EF98E169FC3092B160252A037135421FD0CE092C174A7D1D63517BD45099AC2B682F5E3CD2C942A6F0E741A833C0&Language=en&URLBack=https://www.shop.com/canceled”>


Notice: Please note that parameters like Language or URLBack are transmitted unencrypted. A table with all possible unencrypted parameters can be found also witihn this document.


Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 interface

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameDefinition
PageWithExcerptDefinition EN


Parameters of the Hosted Payment Page

These parameters are mandatory for all payment methods and has to be submitted Blowfish-encrypted within the Data parameter to the Hosted Payment Page.

Notice: Please take all further parameters specifically for a payment method from the manual of that respective payment method.

The following table describes the encrypted payment request parameters:

Table Filter
defaultBeschreibung
isFirstTimeEnterfalse
hideColumnstrue
sparkNameSparkline
hidePanetrue
datepatterndd M yy
id1622197488766_-1462250635
worklog365|5|8|y w d h m|y w d h m
isORAND
separatorPoint (.)
order0
Multiexcerpt
MultiExcerptNameHPP_request
Table Transformer
dateFormatdd M yy
export-wordfalse
show-sourcefalse
export-csvfalse
id1622197488771_-163318905
transposefalse
worklog365|5|8|y w d h m|y w d h m
separator.
export-pdffalse
sqlSELECT * FROM T*

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameRequest_AmountMac
DisableCachingtrue
PageWithExcerptReuse API

Table Excerpt Include
statictrue
nameTransID
pageTransID
typepage

Key

Format

CND

Description

Beschreibung

RefNr

ns..30

O

Unique reference number
(warning) exact format depends on the available paymethods for your MerchantId. Please choose your format in that way that all paymethods are covered.

eindeutige Referenznummer
(warning) das genaue Format hängt von den Zahlarten Ihrer MerchantId ab. Wählen Sie das Format so, dass alle möglichen Zahlarten kompatibel sind.

OrderDesc

ans..384

M

Description of purchased goods, unit prices etc.

Please note: The first 27 characters appear on the customer-account statement. You can view the full data in

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameBackoffice-Name
PageWithExcerptWording
.

Beschreibung der gekauften Waren, Einzelpreise etc.

Bitte beachten Sie: Die ersten 27 Zeichen erscheinen auf dem Kontoauszug des Kunden. In 

Multiexcerpt include
SpaceWithExcerptDE
MultiExcerptNameBackoffice-Name
PageWithExcerptDE:Wording
können Sie die kompletten Daten einsehen.

Table Excerpt Include
statictrue
nameUserData
pageUserData
typepage

Table Excerpt Include
statictrue
nameURLSuccess
pageURLSuccess
typepage

Table Excerpt Include
statictrue
nameURLFailure
pageURLFailure
typepage

Table Excerpt Include
statictrue
nameResponse
pageResponse
typepage

Table Excerpt Include
statictrue
nameURLNotify
pageURLNotify
typepage

Parameters for Hosted Payment Page


Following parameters are optional and can be submitted unencrypted to the Hosted Payment Page:

Table Filter
defaultBeschreibung
isFirstTimeEnterfalse
hideColumnstrue
sparkNameSparkline
hidePanetrue
datepatterndd M yy
id1622197983032_-523742253
worklog365|5|8|y w d h m|y w d h m
isORAND
separatorPoint (.)
order0
Multiexcerpt
MultiExcerptNameHPP_request_template
Table Transformer
dateFormatdd M yy
export-wordfalse
show-sourcefalse
export-csvfalse
id1622197983033_233632018
transposefalse
worklog365|5|8|y w d h m|y w d h m
separator.
export-pdffalse
sqlSELECT * FROM T*

Key

Format

CND

Description

Beschreibung
Templateans..20O

Name of XSLT-file with your own layout for the HPP pay form.

Name der XSLT-Datei mit Ihrem individuellen Layout für das HPP Bezahlformular.

CCTemplate

ans..20

O

Name of XSLT-file with your own layout for the pay form. If you want to use the redesigned and downwards compatible 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePartner-Name
PageWithExcerptWording
template, please transfer the template name “ct_compatible”. If you want to use the responsive 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePartner-Name
PageWithExcerptWording
 template for mobile devices, please transfer the template name “ct_responsive”.

The payment method "Bancontact" can also be called via payssl.aspx. Therefore "template=ct_bcmc" has to be submitted mandatory, in order to the special Bancontact template will be used. It should be noted that Bancontact must already be selectable as a payment method in the checkout process. The template cannot be modified and must be used in exactly the same way, as it is based on strict Bancontact guidelines. This is only valid for integration with Omnipay: EMS payment solutions.|

Name der XSLT-Datei mit Ihrem individuellen Layout für das Bezahlformular. Wenn Sie das neugestaltete und abwärtskompatible

Multiexcerpt include
SpaceWithExcerptDE
MultiExcerptNamePartner-Name
PageWithExcerptDE:Wording
-Template nutzen möchten, übergeben Sie den Templatenamen „ct_compatible“. Wenn Sie das responsive
Multiexcerpt include
SpaceWithExcerptDE
MultiExcerptNamePartner-Name
PageWithExcerptDE:Wording
-Template für mobile Endgeräte nutzen möchten, übergeben Sie den Templatenamen „ct_responsive“.

Die Zahlungsart "Bancontact" kann ebenfalls über die payssl.aspx aufgerufen werden. Dazu muss "template=ct_bcmc" als Pflichtparameter übergeben werden, damit das spezielle Bancontact-Template aufgerufen werden kann. Dabei ist zu beachten, dass Bancontact als Zahlungsart im Checkout-Prozess bereits auswählbar sein muss. Das Template ist nicht modifizierbar und muss genauso verwendet werden, da es sich an strikten Bancontact-Richtlinien orientiert. Diese Variante gilt nur in Verbindung mit "Omnipay: EMS payment solutions".

SDDTemplate

ans..20

O

Name of XSLT-file with your own layout for the direct debit form. This is used only if the customer selects direct debit as payment method and clicks on „Next“ button.

If you don't submit a value the responsive 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePartner-Name
PageWithExcerptWording
direct debit form template is displayed.

Name der XSLT-Datei mit Ihrem individuellen Layout für das Lastschriftenformular. Dies greift nur, wenn der Kunde Lastschrift als Zahlart auswählt und auf die Schaltfläche „Weiter“ klickt.

Wenn Sie keinen Wert übergeben, wird das responsive

Multiexcerpt include
SpaceWithExcerptDE
MultiExcerptNamePartner-Name
PageWithExcerptDE:Wording
-Lastschriftenformular-Template angezeigt.

Language

a2 (enum)

O

Language code: <de> German, <al> Albanian, <at> Austrian, <cz/cs> Czech, <dk> Danish, <en> English, <fi> Finish, <fr> French, <gr> Greek, <hu> Hungarian, <it> Italian, <jp> Japanese,  <nl> Dutch, <no> Norwegian, <pl> Polish, <pt> Portuguese, <ro> Romanian, <ru> Russian, <es> Spanish, <se> Swedish, <sk> Slovakian, <sl> Slovenian, <tr> Turkey, <zh> Simplified Chinese.

No details means the language is German.

(info) The supported languages may vary depending on the selected template.

Sprachcode: <de> deutsch, <al> albanisch, <at> österreichisch, <cz/cs> tsche-chisch, <dk> dänisch, <en> englisch, <fi> finnisch, <fr> französisch, <gr> grie-chisch, <hu> ungarisch, <it> italienisch, <jp> japanisch, <nl> holländisch, <no> norwegisch, <pl> polnisch, <pt> portugiesisch, <ro> rumänisch, <ru> russisch, <es> spanisch, <se> schwedisch, <sk> slowakisch, <sl> slowenisch, <tr> tür-kisch, <zh> Simplified Chinese

Ohne Angabe ist die Sprache Deutsch.

(info) Die tatsächlich unterstützten Sprachen hängen vom verwendeten Template ab.

Table Excerpt Include
statictrue
nameURLBack
pageURLBack
typepage

Key

Format

CND

Description

Beschreibung

PayTypes

ans..256

O

With this parameter you can override the payment methods to be displayed, i.e. you can decide within this parameter separated by pipe which of the available payment methods are displayed.

Take the possible values from the column PayType within the table of payment methods given above.

Example: …&PayTypes=CC|EDD|Alipay

Mit diesem Parameter können Sie die anzuzeigenden Zahlarten übersteuern, d.h. sie können in diesem Parameter Pipe-getrennt entscheiden, welche der zur Verfügung stehenden Zahlarten angezeigt werden.

De möglichen Werte entnehmen Sie aus der Spalte PayType in der obigen Tabelle der Zahlarten.

Beispiel: …&PayTypes=CC|EDD|Alipay

Optional parameters for Hosted Payment Page



General response parameters of the Hosted Payment Page

These parameters are equally for all payment methods. With the parameter pt you can see which payment method the customer used. Please take all further parameters specifically for a payment method from the manual of that respective payment method.

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameResponse_IntroURL
PageWithExcerptReuse API

Table Filter
defaultBeschreibung
isFirstTimeEnterfalse
hideColumnstrue
sparkNameSparkline
hidePanetrue
datepatterndd M yy
id1655966184201_-1115852397
worklog365|5|8|y w d h m|y w d h m
isORAND
separatorPoint (.)
order0
Multiexcerpt
MultiExcerptNameHPP_response
Table Transformer
dateFormatdd M yy
export-wordfalse
show-sourcefalse
export-csvfalse
id1655966184204_-984836840
transposefalse
worklog365|5|8|y w d h m|y w d h m
separator.
export-pdffalse
sqlSELECT * FROM T*

Table Excerpt Include
statictrue
nameMID
pagemid
typepage

Key

Format

CND

Description

Beschreibung

ptans..256OInformation about the used paytype according to the table of payment types aboveInformationen über die verwendete Zahlungsart gemäß obiger Tabelle der Zahlungsarten

Table Excerpt Include
statictrue
namePayID
pagePayID
typepage

Table Excerpt Include
statictrue
nameXID
pageXID
typepage

Table Excerpt Include
statictrue
nameTransID
pageTransID
typepage

Table Excerpt Include
statictrue
nameStatus_OK_AUTHORIZE_REQUEST
pageStatus
typepage

Table Excerpt Include
statictrue
nameDescription
pageDescription
typepage

Table Excerpt Include
statictrue
nameCode
pageCode
typepage

Table Excerpt Include
statictrue
nameMAC
pageMAC
typepage

Table Excerpt Include
statictrue
nameUserData
pageUserData
typepage

Table Excerpt Include
statictrue
namePlain
pagePlain
typepage

Table Excerpt Include
statictrue
nameCustom
pageCustom
typepage

General response parameters for URLNotify, URLSuccess and URLFailure


Corporate PaymentPage: XSLT layout for forms

You can change the parameter Template to create an individual layout for your Hosted Payment Page form which exactly matches the shop layout To this end your graphic designer can design an HTML-template in the shop-design based on XSLT (Extensible Stylesheet Language Transformation). 

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameHelpdesk-Name
PageWithExcerptWording
copies this XSLT-template to our 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 Server. If you enter the name of your XSLT-file in the Template parameter, the 
Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNamePlatform-Kurz
PageWithExcerptWording
 form will appear in your layout.

The XSLT templates for the Hosted Payment Page form have several advantages:

  1. Merchants can bypass the costly PCI-security authorisation
  2. The Hosted Payment Page is responsive, i.e. it works on Smartphones, Tablets or on the Laptop

For general information about XSLT see www.w3.org.


The subsequent conventions apply for the use of the Corporate Paypage with XSLT:

File names

A XSL file designed by you defines your individual layout. The associated XML file contains the texts that are to be displayed on the form. Hence, multilingualism is easy. Always use your MerchantID in the names of the files.

PurposeNaming
XSL templateMerchantID_PaymentPage.xsl
XML text fileMerchantID_PaymentPage.xml
Sub folder for pictures, CSS- and JS-filesTemplates/imagesMerchantID_PaymentPage


In order not to receive safety notices, please ensure that external image sources are retrieved via SSL.

In order to call the individual layout, use the ‘Template’ parameter with your MerchantID and attach it unencrypted to the call of the form of Hosted Payment Page, for example:

Multiexcerpt include
SpaceWithExcerptEN
MultiExcerptNameBaseURL
PageWithExcerptWording
paymentPage.aspx?MerchantID=IhreMID&Len=123&Data=AGSDJ…ASDF&template=IhreMerchantID


Hidden Fields

The following hidden fields must be implemented so that the values can be passed on when sending the form:

Value ofName of hidden field
MerchantID"MerchantID"
Request length"Len"
Request data"Data"
Template"Template"
Language"Language"
URL for back button"URLBack"
Payment method"PaymentMethod"
Credit card brand"CreditCardBrand"

Language selection

The language selection on the Hosted Payment Page form occurs automatically depending on the parameter Language. Other language areas are filtered out. If you wish to access the field of another language area e.g. with JavaScript, you can do so via the following path: paygate/language/@name.

XML structure

The ‘Language’ parameter controls which section of the XML text file is read out. German ‘de’ is always used as standard.

The XML file should have the following basic structure:

Multiexcerpt
MultiExcerptNameHPP_XML_structure
Code Block
languagexml
<?xml version="1.0" encoding="utf-16"?>
      </languages>
            <language name="de">
                  <title>Zahlung</title>
                  ...
            </language>
            <language name="en">
                  <title>Payment</title>
                  ...
            </language>
      </languages>

‘UTF-8’ is also possible for the encoding.

With <xsl:variablename=““ select=“paygate/language/@name”/> you can directly address an XML language section from the XSL file.

For an overview of which parameters are rendered by the Hosted Payment Page, please examine the following structure (XSL file is rendered against the following XML string):

Multiexcerpt
MultiExcerptNameHPP_XML_sample
Code Block
languagexml
strXML = "<?xml version='1.0' encoding='windows-1252'?>" & _
<paygate>
      <merchantID>...</merchantID>
      <len>257</len>
      <data>E98D4...F7065</data>
      <template>
      <urlBack><![CDATA[http://www.google.de]]></urlBack>
      <paymentMethods>
            <VISA type="CC" displayName="Visa"/>
            <MasterCard type="CC" displayName="MasterCard"/>
            <AMEX type="CC" displayName="American Express"/>
            <DINERS type="CC" displayName="Diners Club International"/>
            <Discover type="CC" displayName="Discover"/>
            <JCB type="CC" displayName="JCB"/>
            <EDD lowercase="edd">
            <PayPal lowercase=="paypal">
            <iDEAL lowercase=="ideal">
      </paymentMethods>
      <language name="de">
            <title>Zahlung</title>
            ...
      </language>
</paygate>
In your XSL file you can access each single value within this XML structure which is rendered in the backend based on the XML language file and additional values.

JavaScript

You can find individual JavaScript methods either in the HEAD section of your XSL file or within the file main.js that can be found in the images folder at Templates/imagesMerchantID_PaymentPage/js.

Notice: Please do not use any external links to your JavaScript!