Menu

Corporate exemptions

Within the corporate world, there are some business-to-business transactions that will qualify for Corporate Exemptions.

A typical example is when a lodged or virtual card is used to book the travel for anyone in a company.

In such a case, the transactions between Company X and the travel agency take place within a secure corporate environment, and it is not possible for authentication to take place.

Instead of subjecting these transactions to potential soft declines and authentication, you can apply a corporate exemption.

Prerequisite

You do not need to have any exemption product for this feature to work.

If you are a merchant who uses the Exemption Engine Turn-Key, process corporate exemptions under a separate merchant code. This keeps corporate exemptions separate from other types of exemption.

Integration

This page describes how to process corporate exemptions in a secure corporate environment.

Exemption Request

You can request an exemption for the following three paymentMethodMask values:

  • CARD-SSL
  • VISA-SSL
  • ECMC-SSL

Exemption types

You must submit an additional element of <exemption> with attributes type and placement (both required). You must include placement="AUTHORISATION". Failure to include this attribute results in an XML validation error with the following message: Attribute placement is required and must be specified for element type exemption.

AttributeValue
typePossible Values:
  • CP - Corporate Exemption
placementPossible Values:
  • AUTHORISATION- Applies exemption in the authorisation flow.

The following request example uses <exemption type="CP" placement="AUTHORISATION">:

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN" "http://dtd.worldpay.com/paymentService_v1.dtd" >
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
    <submit>
        <order orderCode='YOUR_ORDER_CODE'>
            <description>test order</description>
            <amount value="100" currencyCode="EUR" exponent="2"/>
            <orderContent>
                <![CDATA[]]>
            </orderContent>
            <paymentDetails>
                <CARD-SSL>
                    <cardNumber>4444********1111</cardNumber>
                    <expiryDate>
                        <date month="06" year="2020"/>
                    </expiryDate>
                    <cardHolderName>CORPORATE NAME</cardHolderName>
                    <cvc>666</cvc>
                    <cardAddress>
                        <address>
                            <address1>Worldpay</address1>
                            <address2>270-289 The Science Park</address2>
                            <address3>Milton Road</address3>
                            <postalCode>CB4 0WE</postalCode>
                            <city>Cambridge</city>
                            <countryCode>GB</countryCode>
                        </address>
                    </cardAddress>
                </CARD-SSL>
                <session shopperIPAddress="127.0.0.1" id="ssn194781884"/>
            </paymentDetails>
            <shopper>
                <shopperEmailAddress>sp@worldpay.com</shopperEmailAddress>
                <browser>
                    <acceptHeader>text/html</acceptHeader>
                    <userAgentHeader>Mozilla/5.0 ...</userAgentHeader>
                </browser>
            </shopper>
            <!-- Exemption -->
                 <exemption type="CP" placement="AUTHORISATION"/>
        </order>
    </submit>
</paymentService>

Exemption Response

The response message contains information about the exemption result, type of exemption (if applied), and outcome.

Keep in mind that an issuer may reject an exemption request.

FieldAttributeDescription
lastEventN/AThis field reflects either the status of the payment as AUTHORISED or REFUSED
exemptionResponseresultOne of the following values:
  • HONOURED
  • REJECTED
  • OUT_OF_SCOPE
exemptionResponsereasonOne of the following values based upon result attribute (bold)

HONOURED
  • ISSUER_HONOURED

OUT_OF_SCOPE
  • MIT
  • MOTO
  • CONTACTLESS
  • OLO

REJECTED
  • ISSUER_REJECTED
  • HIGH_RISK
  • INVALID
  • UNSUPPORTED_SCHEME
  • UNSUPPORTED_ACQUIRER

Response Messages

Response Message - HONOURED

The issuer honoured the exemption and authorised the payment.

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN"
                                "http://secure.worldpay.com/dtd/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
    <reply>
        <orderStatus orderCode='YOUR_ORDER_CODE'>
            <payment>
                <paymentMethod>VISA_CREDIT-SSL</paymentMethod>
                <amount value="100" currencyCode="EUR" exponent="2" debitCreditIndicator="credit"/>
                <lastEvent>AUTHORISED</lastEvent>
                <balance accountType="IN_PROCESS_AUTHORISED">
                    <amount value="100" currencyCode="EUR" exponent="2" debitCreditIndicator="credit"/>
                </balance>
                <cardNumber>4444********1111</cardNumber>
            </payment>
            <!-- Exemption -->
            <exemptionResponse result="HONOURED" reason="ISSUER_HONOURED">
                <exemption type="CP" placement="AUTHORISATION"/>
            </exemptionResponse>
        </orderStatus>
    </reply>
</paymentService>

Response Message - REJECTED + ISSUER_REJECTED

Worldpay returns a <lastEvent> value of REFUSED. Additionally we are sending an element of <ISO8583ReturnCode> with attributes code="65" and description="AUTHENTICATION REQUESTED".

Note: You must have extended response codes enabled to identify soft declines.

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN" "http://secure.worldpay.com/dtd/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
    <reply>
        <orderStatus orderCode='YOUR_ORDER_CODE'>
            <payment>
                <paymentMethod>VISA_CREDIT-SSL</paymentMethod>
                <amount value="100" currencyCode="EUR" exponent="2" debitCreditIndicator="credit"/>
                <lastEvent>REFUSED</lastEvent>
                <ISO8583ReturnCode code="65" description="Authentication requested"/>
            </payment>
            <!-- Exemption -->
            <exemptionResponse result="REJECTED" reason="ISSUER_REJECTED">
                <exemption type="CP" placement="AUTHORISATION"/>
            </exemptionResponse>
        </orderStatus>
    </reply>
</paymentService>

Response Message - OUT_OF_SCOPE

The following example shows a message with <exemptionResponse> result of OUT_OF_SCOPE and a reason of OLO. The EE determines the OUT_OF_SCOPE condition (result/response), but the issuer can still return values of AUTHORISED or REFUSED for <lastEvent>.

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN"
                                "http://secure.worldpay.com/dtd/paymentService_v1.dtd">
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
    <reply>
        <orderStatus orderCode='YOUR_ORDER_CODE'>
            <payment>
                <paymentMethod>VISA_CREDIT-SSL</paymentMethod>
                <amount value="100" currencyCode="EUR" exponent="2" debitCreditIndicator="credit"/>
                <lastEvent>AUTHORISED</lastEvent>
                <balance accountType="IN_PROCESS_AUTHORISED">
                    <amount value="100" currencyCode="EUR" exponent="2" debitCreditIndicator="credit"/>
                </balance>
                <cardNumber>4444********1111</cardNumber>
            </payment>
             <!-- Exemption -->
            <exemptionResponse result="OUT_OF_SCOPE" reason="OLO"/>
        </orderStatus>
    </reply>
</paymentService>

Response Message - REJECTED

The following example shows a message with <exemptionResponse> result of REJECTED and a reason of HIGH_RISK. This would occur if the payment is refused by the risk tool:

Testing Corporate Exemptions

The following sections provide information about testing corporate exemptions in various scenarios.

Submit the values to test corporate exemptions in the authorisation flow and receive known responses. The system returns the response data shown in the last column below.

Issuer responses
Magic ValueOverviewResponse Data
EE.HONOURED_ISSUER_HONOURED.AUTHORISED
The gateway honoured the exemption and the issuer AUTHORISED the payment.
Exemption: CP
Path: Happy
lastEvent = AUTHORISED
result = HONOURED
reason = ISSUER_HONOURED
EE.REJECTED_ISSUER_REJECTED.SOFT_DECLINED
The gateway honoured the exemption, but the issuer REFUSED (soft declined) the payment.
Exemption: CP
Path: Unhappy
lastEvent = REFUSED
result = REJECTED
reason = ISSUER_REJECTED
High Risk
Magic ValueOverviewResponse Data
EE.REJECTED_HIGH_RISK.AUTHORISED
The gateway rejected the exemption for high risk, but the issuer AUTHORISED the payment.
Exemption: CP
Risk: High
Path: Happy
lastEvent = AUTHORISED
result = REJECTED
reason = HIGH_RISK
EE.REJECTED_HIGH_RISK.SOFT_DECLINED
The gateway rejected the exemption for high risk and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Risk: High
Path: Unhappy
lastEvent = REFUSED
result = REJECTED
reason = HIGH_RISK
Out-of-Scope Payment (MIT)
Magic ValueOverviewResponse Data
EE.OUT_OF_SCOPE_MIT.AUTHORISED
The gateway excludes the exemption, because it was identified as MIT, but the issuer AUTHORISED the payment.
Exemption: CP
Payment Type: MIT
Path: Happy
lastEvent = AUTHORISED
result = OUT_OF_SCOPE
reason = MIT
EE.OUT_OF_SCOPE_MIT.SOFT_DECLINED
The gateway excludes the exemption, because it was identified as MIT and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: MIT
Path: Unhappy
lastEvent = REFUSED
result = OUT_OF_SCOPE
reason = MIT
Out-of-Scope Payment (MOTO)
Magic ValueOverviewResponse Data
EE.OUT_OF_SCOPE_MOTO.AUTHORISED
The gateway excludes the exemption, because it was identified as MOTO, but the issuer AUTHORISED the payment.
Exemption: CP
Payment Type: MOTO
Path: Happy
lastEvent = AUTHORISED
result = OUT_OF_SCOPE
reason = MOTO
EE.OUT_OF_SCOPE_MOTO.SOFT_DECLINED
The gateway excludes the exemption, because it was identified as CONTACTLESS and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: MOTO
Path: Unhappy
lastEvent = REFUSED
result = OUT_OF_SCOPE
reason = MOTO
Out-of-Scope Payment (Contactless)
Magic ValueOverviewResponse Data
EE.OUT_OF_SCOPE_CONTACTLESS.AUTHORISED
The gateway excludes the exemption, because it was identified as CONTACTLESS, but the issuer AUTHORISED the payment.
Exemption: CP
Payment Type: CONTACTLESS
Path: Happy
lastEvent = AUTHORISED
result = OUT_OF_SCOPE
reason = CONTACTLESS
EE.OUT_OF_SCOPE_CONTACTLESS.SOFT_DECLINED
The gateway excludes the exemption, because it was identified as CONTACTLESS and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: CONTACTLESS
Path: Unhappy
lastEvent = REFUSED
result = OUT_OF_SCOPE
reason = CONTACTLESS
Out-of-Scope Payment (OLO)
Magic ValueOverviewResponse Data
EE.OUT_OF_SCOPE_OLO.AUTHORISED
The gateway excludes the exemption, because it was identified as OLO, but the issuer AUTHORISED the payment.
Exemption: CP
Payment Type: OLO
Path: Happy
lastEvent = AUTHORISED
result = OUT_OF_SCOPE
reason = OLO
EE.OUT_OF_SCOPE_OLO.SOFT_DECLINED
The gateway excludes the exemption, because it was identified as OLO and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: OLO
Path: Unhappy
lastEvent = REFUSED
result = OUT_OF_SCOPE
reason = OLO
Incorrect Exemption Request
Magic ValueOverviewResponse Data
EE.REJECTED_INVALID.AUTHORISED
The gateway rejected the exemption, because it was an invalid exemption but the issuer AUTHORISED the payment.
Exemption: CP
Path: Happy
lastEvent = AUTHORISED
result = REJECTED
reason = INVALID
EE.REJECTED_INVALID.SOFT_DECLINED
The gateway rejected the exemption, because it was an invalid exemption and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: CP
Path: Unhappy
lastEvent = REFUSED
result = REJECTED
reason = INVALID
Unsupported Scheme
Magic ValueOverviewResponse Data
EE.REJECTED_UNSUPPORTED_SCHEME.AUTHORISED
The gateway rejected the exemption, because of an unsupported scheme, but the issuer AUTHORISED the payment.
Exemption: CP
Path: Happy
lastEvent = AUTHORISED
result = REJECTED
reason = UNSUPPORTED_SCHEME
EE.REJECTED_UNSUPPORTED_SCHEME.SOFT_DECLINED
The gateway rejected the exemption, because it was an unsupported scheme and the issuer REFUSED (soft declined) the payment.
Exemption: CP
Payment Type: CP
Path: Unhappy
lastEvent = REFUSED
result = REJECTED
reason = UNSUPPORTED_SCHEME

Full Payment Request example

Copied!
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE paymentService PUBLIC "-//WorldPay//DTD WorldPay PaymentService v1//EN" "http://dtd.worldpay.com/paymentService_v1.dtd" >
<paymentService version="1.4" merchantCode="YOUR_MERCHANT_CODE">
    <submit>
        <order orderCode='YOUR_ORDER_CODE'>
            <description>test order</description>
            <amount value="100" currencyCode="EUR" exponent="2"/>
            <orderContent>
                <![CDATA[]]>
            </orderContent>
            <paymentDetails>
                <CARD-SSL>
                    <cardNumber>4444********1111</cardNumber>
                    <expiryDate>
                        <date month="06" year="2020"/>
                    </expiryDate>
                    <cardHolderName>CORPORATE NAME</cardHolderName>
                    <cvc>666</cvc>
                    <cardAddress>
                        <address>
                            <address1>Worldpay</address1>
                            <address2>270-289 The Science Park</address2>
                            <address3>Milton Road</address3>
                            <postalCode>CB4 0WE</postalCode>
                            <city>Cambridge</city>
                            <countryCode>GB</countryCode>
                        </address>
                    </cardAddress>
                </CARD-SSL>
                <session shopperIPAddress="127.0.0.1" id="ssn194781884"/>
            </paymentDetails>
            <shopper>
                <shopperEmailAddress>a.shopper@worldpay.com</shopperEmailAddress>
                <browser>
                    <acceptHeader>text/html</acceptHeader>
                    <userAgentHeader>Mozilla/5.0 ...</userAgentHeader>
                </browser>
            </shopper>
            <!-- Exemption -->
                 <exemption type="CP" placement="AUTHORISATION"/>
                 <deviceSession>
                   <sessionId>55f9c219-4e98-4130-972e-8c8b2f3c2125</sessionId>
                 </deviceSession>
        </order>
    </submit>
</paymentService>