Payment message

The payment message is a collection of parameters and related values detailing a shopper’s AUTHORISED or CANCELLED transaction. The payment message is sent to a server-side script located on your server using the POST request method via HTTP(s).

Below is an example of the payment message body for an authorised transaction:

region=Cambridgeshire&authAmountString=%26%23163%3B10.99&_SP.charEnc=UTF-8&desc=&tel=0870+366+1233&address1=Worldpay+Ltd&countryMatch=S&cartId=test&address2=270-289+The+Science+Park&address3=Milton+Road&lang=en&callbackPW=your_password&rawAuthCode=A&transStatus=Y&amountString=<span style="line-height: normal;">%26%23163%3B10.99&authCost=10.99&currency=GBP&installation=211616&amount=10.99&countryString=United+Kingdom&displayAddress=Worldpay+Ltd%0A270-289+The+Science+Park%0AMilton+Road%0ACambridge%0ACambridgeshire&transTime=1331631533596&name=CARD+HOLDER&testMode=100&routeKey=VISA-SSL&ipAddress=

The header section of the payment message includes details of the encoding and protocols used to produce the message.

Below is an example of a Payment Message header:

Send: POST /cgi-bin/test.cgi?msgType=authResult&installation=204793 HTTP/1.0
Content-Length: 658
Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1
User-Agent: WJHRO/1.0 (WorldPay Java HTTP Request Object)
SendDetails of the Request Method, the URL query string for the location of your payment response server-side script and the protocol of how it is sent.

Note: We insert the msgType and installation parameters to the end of the URL query string.

Content-LengthA count of the number of characters that is contained in the body of the payment message.
Content-TypeDetails the encoding of the message and the character set used. The charset value may not always be set ISO-8859-1 - it is set to the charset used to display the payment page to the shopper.
HostThe name and port of the web server that the payment message is sent to.
User-AgentWe use a non standard user-agent to send you the payment message and therefore, may have an impact on the configuration of some server-side scripting.

Note: If you are using the User-Agent to control what is displayed to the shopper in the Shopper Response, we recommend that you capture the User-Agent that the shopper is using and include this value in your purchase token using a M_ variable.

Add your own variables

If you require additional parameters to be added to the HTTP(s) Payment Message, you need to add your own variables to the purchase token.

To send your own variables in the purchase token, they must have a prefix of either, M, MC or CM_, for example:

<input type="hidden" name="MC_myVariable" value="abcdef123456">

This is then returned in the body of the payment message:


Note: About additional information The values collected using your own variables are not stored by us once the payment message has been sent to your server. If you customise your payment page to include paymentTopFields.html, paymentMiddleFields.html or paymentBottomFields.html these files have input fields to collect additional information during the payment process. If the shopper cancels the purchase, the additional information collected is not returned to you in the Payment Message.

Change to GET request method

The Payment Message is always sent to your server using the POST request method. If your payment response server-side script uses the GET request method and requires the data to be included in the URL query string, you need to change your Payment Response URL to include WPDISPLAY ITEM tags.

A WPDISPLAY ITEM tag enables you to add a range of parameters to the end of your payment response URL. For a full list of all the parameters that can be included, refer toParameter descriptions for the Payment Message.


The example below shows you how to add multiple WPDISPLAY ITEM tags to your payment response URL:

Copied!<WPDISPLAY ITEM=transId>&reference=<WPDISPLAY ITEM=cartId>&name=<WPDISPLAY ITEM=name-urlenc>

For an authorised transaction, the URL for this is converted to:

Copied! Item&name=john smith

For a cancelled transaction, it is converted to:

Copied! Item&name=john smith

For parameters like name, address1, address2, town, region and email where the shopper has entered the value, we recommend that you add a -urlenc modifier to the WPDISPLAY ITEM tag, as shown above. This encodes certain characters so that they can be correctly sent and decoded by your payment response server-side script. The characters that require to be encoded are less than ASCII 34 ("), greater than ASCII 122 (z), and characters below:

!#$%^&()+=[ ]\`':;?@/<>