giropay is a standard founded by the German banks Sparkasse, Postbank, Volks- und Raiffeisen Banken. The giropay online transfer has a number of advantages for merchants. Firstly giropay provides the vendor with a guarantee for payments of up to 10,000 euros; secondly the transfer is a prepayment which minimises the payment term. Finally the customer is using the familiar and trusted online banking of its own credit institution, just the same as with online banking.
In the first step the customer chooses the giropay payment method at the checkout of the online shop and selects its credit institution. The customer is then connected directly to its Sparkasse/bank and logs on as normal using a PIN. A pre-completed transfer form then appears. The customer need only enter their TAN to confirm the payment.
With online banking, the data disclosed in the online transfer is encrypted with SSL (Secure Sockets Layer) to prevent manipulation.
Logo
Info
giropay is an online bank transfer with PIN and TAN that provides you with access to nearly 40 million online banking users in Germany in Austria. Additionally to the full 100% payment guarantee the use of giropay is relatively low priced.
Notice: Please observe that a connection via iFrame is not possible due to existing regulations and will be technically prevented.
Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.
Amount in the smallest currency unit (e.g. EUR Cent). Please contact the Computop Helpdesk, if you want to capture amounts <100 (smallest currency unit).
Betrag in der kleinsten Währungseinheit (z.B. EUR Cent). Bitte wenden Sie sich an den Computop Helpdesk, wenn Sie Beträge < 100 (kleinste Währungseinheit) buchen möchten.
Complete URL which calls up Paygate if payment has been successful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between Paygate and shop, please use the parameter UserData.
Common notes:
We recommend to use parameter "response=encrypt" to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the "code"-value which indicates success/failure of the action. Only a result of "code=00000000" should be considered successful.
Vollständige URL, die das Paygate aufruft, wenn die Zahlung erfolgreich war. Die URL darf nur über Port 443 aufgerufen werden. Diese URL darf keine Parameter enthalten: Um Parameter durchzureichen nutzen Sie stattdessen den Parameter UserData.
Allgemeine Hinweise:
Wir empfehlen, den Parameter "response=encrypt" zu verwenden, um eine verschlüsselte Antwort von Paygate zu erhalten
Betrüger könnten das verschlüsselte DATA-Element kopieren, welches an URLFailure gesendet wurde, und betrügerisch dasselbe DATA an URLSuccess senden. Überprüfen Sie daher unbedingt den "code"-Wert des DATA-Elements. Nur eine Antwort mit "code=00000000" sollte als erfolgreich angesehen werden.
Complete URL which calls up Paygate if payment has been unsuccessful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between Paygate and shop, please use the parameter UserData.
Common notes:
We recommend to use parameter "response=encrypt" to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess/URLNotify. Therefore ensure to check the "code"-value which indicates success/failure of the action. Only a result of "code=00000000" should be considered successful.
Vollständige URL, die das Paygateaufruft, wenn die Zahlung gescheitert ist. Die URL darf nur über Port 443 aufgerufen werden. Diese URL darf keine Parameter enthalten: Um Parameter durchzureichen nutzen Sie stattdessen den Parameter UserData.
Allgemeine Hinweise:
Wir empfehlen, den Parameter "response=encrypt" zu verwenden, um eine verschlüsselte Antwort von Paygate zu erhalten
Betrüger könnten das verschlüsselte DATA-Element kopieren, welches an URLFailure gesendet wurde, und betrügerisch dasselbe DATA an URLSuccess/URLNotify senden. Überprüfen Sie daher unbedingt den "code"-Wert des DATA-Elements. Nur eine Antwort mit "code=00000000" sollte als erfolgreich angesehen werden.
Status response sent by Paygate to URLSuccess and URLFailure, should be encrypted. For this purpose, transmit Response=encrypt parameter.
Die Status-Rückmeldung, die das Paygate an URLSuccess und URLFailure sendet, sollte verschlüsselt werden. Dazu übergeben Sie den Parameter Response=encrypt.
Complete URL which Paygatecalls up in order to notify the shop about the payment result. The URL may be called up only via port 443. It may not contain parameters: Use the UserData parameter instead.
Common notes:
We recommend to use parameter "response=encrypt" to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess/URLNotify. Therefore ensure to check the "code"-value which indicates success/failure of the action. Only a result of "code=00000000" should be considered successful.
Vollständige URL, die das Paygate aufruft, um den Shop zu benachrichtigen. Die URL darf nur über Port 443 aufgerufen werden. Sie darf keine Parameter enthalten: Nutzen Sie stattdessen den Parameter UserData.
Allgemeine Hinweise:
Wir empfehlen, den Parameter "response=encrypt" zu verwenden, um eine verschlüsselte Antwort von Paygate zu erhalten
Betrüger könnten das verschlüsselte DATA-Element kopieren, welches an URLFailure gesendet wurde, und betrügerisch dasselbe DATA an URLSuccess/URLNotify senden. Überprüfen Sie daher unbedingt den "code"-Wert des DATA-Elements. Nur eine Antwort mit "code=00000000" sollte als erfolgreich angesehen werden.
To avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, Computop Paygate will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the Computop Paygate must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on Paygate does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the Paygate.
Um Doppelzahlungen (z.B. durch ETM) zu vermeiden, übergeben Sie einen alphanumerischen Wert, der Ihre Transaktion oder Aktion identifiziert und nur einmal vergeben werden darf. Falls die Transaktion oder Aktion mit derselben ReqID erneut eingereicht wird, führt das Computop Paygate keine Zahlung oder weitere Aktion aus, sondern gibt nur den Status der ursprünglichen Transaktion oder Aktion zurück.
Bitte beachten Sie, dass das Computop Paygate für die erste initiale Aktion (Authentifizierung/Autorisierung) einen abgeschlossenen Transaktionsstatus haben muss. Dies gilt nicht für 3-D Secure Authentifizierungen, die durch einem Timeout beendet werden. Der Status 3-D Secure Timeout gilt nicht als abgeschlossener Status, bei dem ReqID-Funktionalität am Paygate nicht greift. Einreichungen mit identischer ReqID auf einen offenen Status werden regulär verarbeitet.
Hinweis: Bitte beachten Sie, dass eine ReqID nur 12 Monate gültig ist, danach wird sie vom Paygate gelöscht.
Only with PPRO: configuration channel of the PPRO contract (account and ContractID are stored in the system). If it exists, it may overwrite channels stored in the system.
Nur bei PPRO: Konfigurationskanal des PPRO-Vertrags (Account und ContractID sind im System hinterlegt). Wenn vorhanden, überschreibt er eventuell im System hinterlegten Channel.
A single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID.
"Plain"-parameter is part of encrypted "Data" in Computop Paygate and therefore protected against manipulation.
Ein einzelner Wert, der von Ihnen gesetzt werden kann, um Informationen wieder unverschlüsselt in der Antwort bzw. im Notify zurückzugeben, z.B. die MID.
Da der "Plain"-Parameter Teil des verschlüsselten "Data" im Computop Paygate ist, ist dieser vor Manipulationen geschützt.
"Custom"-parameter is added to the request data before encryption and is part of encrypted "Data" in Computop Paygate request. By this they are protected against manipulation by a consumer.
The Custom-value is added to the Computop Paygate response in plain text and the "|" is replaced by a "&". By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose.
Der "Custom"-Parameter wird vor der Verschlüsselung an den Aufruf angehängt und ist Teil des verschlüsselten "Data" im Computop Paygate Aufruf. Dadurch ist der Wert gegen Manipulation geschützt.
Der Custom-Wert wird dann in Klartext an die Computop Paygate-Antwort angehängt und dabei wird "|" durch "&" ersetzt. Dadurch können Sie einen Custom-Wert übergeben und bekommen mehrere Key-Value-Paare zu Ihrer eigenen Verwendung in der Antwort zurück.
Capturing immediately after authorisation (default value).
MANUAL
Capturing made by the merchant. Capture is normally initiated at time of delivery.
ShoppingBasketCategory
a..8
O
Categorizes the shopping basket:
„DIGITAL“ for shopping baskets with solely digital goods
„PHYSICAL“ for shopping baskets with solely physical goods
„MIXED“ for shopping baskets with digital and physical goods
"ANONYMOUS_DONATION": The sopping basket solely is an anonymous donation
"AUTHORITIES_PAYMENT": The sopping basket solely contains payments for authorities
DeliveryMethod
ans..12
O
Delivery place STANDARD, PACKSTATION or STORE_PICKUP. The default value is STANDARD.
STANDARD: The goods will be delivered to a normal postal address.
PACKSTATION: The goods will be delivered to a packstation.
STORE_PICKUP: The goods will be picked-up within a branch store.
For express checkouts this field always has the value STANDARD and will not be updated depending on selected delivery option.
sdFirstName
ans..50
C
First name in the delivery address. Mandatory, if ShoppingBasketCategory IS NOT „AUTHORITIES_PAYMENT“ and IS NOT „ANONYMOUS_DONATION“
sdLastName
ans..50
C
Surname in the delivery address. Mandatory, if ShoppingBasketCategory IS NOT „AUTHORITIES_PAYMENT“ and IS NOT „ANONYMOUS_DONATION“
sdCompany
ans..100
O
Company name in the delivery address
sdAddressAddition
ans..30
O
Address addition in the delivery address
sdStreet
ans..100
C
Street name in the delivery address
Mandatory, if ShoppingBasketCategory IS NOT "DIGITAL" and IS NOT "AUTHORITIES_PAYMENT" and IS NOT "ANONYMOUS_DONATION"
sdStreetNr
ans..8
C
Street number in the delivery address
Mandatory, if ShoppingBasketCategory IS NOT "DIGITAL" and IS NOT "AUTHORITIES_PAYMENT" and IS NOT "ANONYMOUS_DONATION"
sdZip
n..5
C
Postcode in the delivery address
Mandatory, if ShoppingBasketCategory IS NOT "DIGITAL" and IS NOT "AUTHORITIES_PAYMENT" and IS NOT "ANONYMOUS_DONATION"
sdCity
ans..100
C
Town/city in the delivery address
Mandatory, if ShoppingBasketCategory IS NOT "DIGITAL" and IS NOT "AUTHORITIES_PAYMENT" and IS NOT "ANONYMOUS_DONATION"
sdCountryCode
an2
C
Country code in the delivery address
Mandatory, if ShoppingBasketCategory IS NOT "DIGITAL" and IS NOT "AUTHORITIES_PAYMENT" and IS NOT "ANONYMOUS_DONATION"
sdEMail
ans..100
C
Email address of the receiver
mandatory, if ShoppingBasketCategory = „DIGITAL“
MinAge
n..3
O
Using the field minimum age will result in the single option "giropay-Login" for the customers, because an age verification at the time is solely possible with an existing giropay account. Minumum age in years.
Parameters for online transfers with giropay
In case of using REST API
In case of using REST API you will always receive a link where the merchant has to redirect the consumer to complete the payment.
REST
Format
CND
Description
"paymentId": "..."
an32
M
May be "00000000000000000000000000000000" if not yet set by Computop Paygate
"_Links.self.type": "..."
an..20
M
"application/json"
"_Links.redirect.href": "..."
an..1024
M
Merchant needs to redirect consumer to this URL to complete payment
"_Links.redirect.type": "..."
an..20
M
"text/html"
Merchant can use inquire.aspx
In case of using Key-Value-Pair API
The following table gives the result parameters which Computop Paygate transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:
pls. be prepared to receive additional parameters at any time and do not check the order of parameters
the key (e.g. MerchantId, RefNr) should not be checked case-sentive
A single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID.
"Plain"-parameter is part of encrypted "Data" in Computop Paygate and therefore protected against manipulation.
Ein einzelner Wert, der von Ihnen gesetzt werden kann, um Informationen wieder unverschlüsselt in der Antwort bzw. im Notify zurückzugeben, z.B. die MID.
Da der "Plain"-Parameter Teil des verschlüsselten "Data" im Computop Paygate ist, ist dieser vor Manipulationen geschützt.
"Custom"-parameter is added to the request data before encryption and is part of encrypted "Data" in Computop Paygate request. By this they are protected against manipulation by a consumer.
The Custom-value is added to the Computop Paygate response in plain text and the "|" is replaced by a "&". By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose.
Der "Custom"-Parameter wird vor der Verschlüsselung an den Aufruf angehängt und ist Teil des verschlüsselten "Data" im Computop Paygate Aufruf. Dadurch ist der Wert gegen Manipulation geschützt.
Der Custom-Wert wird dann in Klartext an die Computop Paygate-Antwort angehängt und dabei wird "|" durch "&" ersetzt. Dadurch können Sie einen Custom-Wert übergeben und bekommen mehrere Key-Value-Paare zu Ihrer eigenen Verwendung in der Antwort zurück.
Result parameters for URLNotify, URLSuccess and URLFailure in case of giropay
Capture
Captures are possible via a Server-to-Server connection. To carry out a Capture for giropay via a Server-to-Server connection, please use the following URL:
Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.
Amount in the smallest currency unit (e.g. EUR Cent). Please contact the Computop Helpdesk, if you want to capture amounts <100 (smallest currency unit).
If specified at request, Paygate forwards the parameter with the payment result to the shop.
TransactionID
ans36
O
Unique transaction-ID of this capture (UUID). The value is assigned by the giropay system.
Result parameters for giropay captures
Credit with reference
Notice: Please observe that credits are possible only via PPRO.
Credits (refunds) are possible via a Server-to-Server connection. The Computop Paygate permits only credits for giropay that reference a previously made transaction via Computop Paygate. The amount of the credit is limited to the amount of the previous capture.
To carry out a credit with a reference transaction, please use the following URL:
Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.
Amount in the smallest currency unit (e.g. EUR Cent). Please contact the Computop Helpdesk, if you want to capture amounts <100 (smallest currency unit).
Betrag in der kleinsten Währungseinheit (z.B. EUR Cent). Bitte wenden Sie sich an den Computop Helpdesk, wenn Sie Beträge < 100 (kleinste Währungseinheit) buchen möchten.
Key
REST
Format
CND
Description
Beschreibung
Note
ans..37
O
Free text field that appears on the bank statement in the payment reference (DIRECT_SALE only).
Reason
ans..1024
O
Reason for the refund MERCHANT_TECHNICAL_PROBLEM: Technical problem during processing. MERCHANT_CAN_NOT_DELIVER_GOODS: Merchant cannot deliver the goods. REFUND_OBLIGINGNESS: Refund as a gesture of goodwill. CUSTOMER_RETURN_GOODS: Refund due to return of goods.
Parameters for credits of giropay payments
The following table describes the result parameters with which the Computop Paygate responds to your system
pls. be prepared to receive additional parameters at any time and do not check the order of parameters
the key (e.g. MerchantId, RefNr) should not be checked case-sentive
Notice: Is returned only if Status=FAILED. Use is possible only in agreement with Computop Helpdesk.
Nur bei PPRO: detaillierte PPRO-Fehlermeldung.
Hinweis: Wird nur bei Status=FAILED zurückgegeben. Nutzung nur in Abstimmung mit dem Computop Helpdesk möglich.
Result parameters for credits of giropay payments
Batch processing via the interface
Basic information about using Batch files and about their structure can be found in the Batch Manager manual. Within batch processing not alle functions are available which are usually available for the online interface.
This section describes the parameters which must be transferred within the data set (Record) for executing a giropay payment and which information can be found within the response file about the payment status.
Notice: Please note that Batch processing for giropay is possible only via PPRO connection.
Following table gives an overview of all batch versions that are possible for a specific action an their specialities:
Amount in the smallest currency unit (e.g. EUR Cent). Please contact the Computop Helpdesk, if you want to capture amounts <100 (smallest currency unit).
Betrag in der kleinsten Währungseinheit (z.B. EUR Cent). Bitte wenden Sie sich an den Computop Helpdesk, wenn Sie Beträge < 100 (kleinste Währungseinheit) buchen möchten.
The following table describes the response parameters which the Batch Manager saves in the Record area for each transaction (standard parameters not explained here, such as <TransID> or <RefNR> and request parameters are returned unchanged and correspond to the call as specified before):