Accept a new card payment
Use and modify the sample scripts to generate a secure payment form for your websites so that you can submit payment requests. Use notifications sent to your merchant POST URL to understand payment outcomes.
The PHP example below demonstrates the required fields for the request.
To start the sample application run the payment_form.php provided in the sample PHP script.
POST
to the URLs:Test:
https://testsecureacceptance.cybersource.com/pay
Production:
https://secureacceptance.cybersource.com/pay
<form id="payment_confirmation" action=" https://testsecureacceptance.cybersource.com/pay" method="post" />
Include the following schema in your form.
Field Description Data type Example access_key Required for authentication. Generated through Enterprise Business Center portal. Alphanumeric String (32) 2ad5c980feb838f1b3ec8b4477bb959e profile_id Identifies the profile to use with each transaction. Generated through Enterprise Business Center portal. - D599681B-023C-4C3C-BF38-B42BF474F990& transaction_uuid Unique merchant generated order reference or tracking number for each transaction. Enter unique number. Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (40) 61f1d92624938& signed_field_names A comma-separated list of request fields that are signed. This field is used to generate a signature that is used to verify the content of the transaction to protect it from tampering. AlphaNumeric Variable access_key, profile_id, transaction_uuid, signed_field_names unsigned_field_names A comma-separated list of request fields that are not signed. - signed_date_time, locale, transaction_type, reference_number, amount, currency, bill_to_surname, bill_to_forename, bill_to_address_line1, bill_to_address_postal_code, bill_to_address_countr, bill_to_email, bill_to_address_city, override_custom_cancel_page, override_custom_receipt_page, override_backoffice_post_url, payer_authetication_transaction_mode. amount Total amount for the payment, including major and minor components separated by decimal. String (15) 100.01 currency Used for the order ISO Currency Code. Alpha String (3) GBP locale Used to present fields in English Alpha String (5) en reference_number Unique merchant generated order reference or tracking number for each transaction (Enter Unique Number). Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (50) 1643239719138 signed_date_time The date and time that the signature was generated. Used to detect duplicates. Must be in UTC Date & Time separated by 'T'.
Format: YYYY-MM-DDThh:mm:ssZISO 8601 Date 2020-08-11T22:47:57Z transaction_type Used to instruct the sale/authorization. String (enumerated)
Possible values:- sale - recommended
- authorization - you must capture your funds for settlement
sale partner_solution_id Will be allocated to each partner that refers merchants to Worldpay.
Not necessary for a direct integration.String (100) - bill_to_surname Customer's last name. This name must be the same as the name on the card. Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (60) Appleseed bill_to_forename Customer's first name. This name must be the same as the name on the card. Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (60) John bill_to_email Customer's email address, including the full domain name. Email String (255) john.appleseed@email.com bill_to_address_line1 First line of the billing address. String (60) 22 York Road bill_to_address_city City in the billing address. String (50) Guildford bill_to_address_postal_code Postcode in the billing address. Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (10) GU1 2AB bill_to_address_country ISO Country Code Alpha String (2) GB payer_authentication_transaction_mode Identifies the channel from which the transaction originates.
Use 'S' for e-Commerce.String (1) S override_backoffice_post_url Your POST URL to which Cybersource payment responses will be sent.
URL must be HTTPS and support TLS 1.2 or later.URL String (255) https://www.notifications.worldpay.com override_custom_cancel_page Your cancel page URL to which a customer who cancels the page will be redirected.
URL must be HTTPS and support TLS 1.2 or later.URL String (255) https://www.cancel.worldpay.com override_custom_receipt_page Your receipt page URL to which a customer whose payment is authorized will be redirected.
URL must be HTTPS and support TLS 1.2 or later.URL String (255) https://www.success.worldpay.com card_cvn Card verification number (also called Card verification value or Card secure code).
Typically 3 digits, but 4 digits for AMEX.Numeric String (4) 123 processingInformation.commerceIndicator Optional field used to indicate the type of transaction. By default this field indicates an eCommerce checkout.
Set this field to "MOTO" if you are taking MOTO payments. This transaction type must be used with the MOTO MID provided.String MOTO Enter the following test details to complete a test transaction.
Field Value Visa Visa Card Number REMOVED Expiry Month 12 Expiry Year 2024 Security Code 123
Payment response notifications will be sent to the POST URL specified in the override_backoffice_ post_url
field of your request.
They will reference the transaction_uuid
.
Response schema
The response notifications will follow the schema given below:
Name | Description | Data type | Example |
---|---|---|---|
decision | The result of your request. Possible values:
| String (7) | Accept |
reason_code | Numeric value corresponding to the result of the payment card transaction request. Refer to reason code table for the description. | String (5) | 204 |
req_transaction_uuid | Unique merchant-generated identifier that you included in the payment request. | Alphanumeric including ! "#$%&'()*+,-./:;=?@^_~ - (40) | 61f1d92624938& |
transaction_id | The transaction identifier returned from the payment gateway that you will use for managing payments via the REST API. | String (26) | - |
signature | The Base64 signature returned by the server. | String (44) | - |
payer_authentication_validate_result | Raw authentication data received from the card issuing bank that indicates whether authentication was successful and whether liability shift occurred. This field contains one of these values:
| String (255) | 0 |
payer_authentication_reason_code | Numeric value corresponding to the result of the payer authentication request. | String (5) | 476 |
payment_token | Identifier for the payment details. The payment token retrieves the card data, billing information and shipping information from the payment repository. | String (26) | 3529893314302230000000 |
To ensure the integrity of the response fields, a signature is included in the response. This signature is generated using the same secret_key
value that was used to generate the request signature.