Get started with online payments
Here are the step-by-step guides for you to get started with test and live transactions.
Test transaction guide
- Receive a welcome email from Worldpay Customer Support with your new account details.
- Activate your account with Enterprise Business Center (EBC) within 24 hours using the link given in the email. Please contact the support team if the link expires.
- Create user accounts for your developers and key people. To do this, go to EBC > Account Management > Users</.
- Generate and download a unique Secure Acceptance Key for the test environment to submit transactions.
- Generate another Security Key for REST API authentication.
- Set your hosted payment pages.
- Update your website pages: security script, payment form, payment confirmation page, receipt page by modifying sample scripts provided in Ruby, PHP, Perl and ASP.net
- Run a test transaction with test cards.
- View transaction within Enterprise Business Center (EBC) once you complete your test.
Live transaction guide
- Receive a welcome email from Worldpay Customer Support with your new account details.
- Activate your account with Enterprise Business Center (EBC) within 24 hours using the link given in the email. Please contact the support team if the link expires.
- Create user accounts for your developers and key people. To do this, go to EBC > Account Management > Users
- Generate and download a unique Secure Acceptance Key for the live environment to submit transactions.
- Generate another Security Key for REST API authentication.
- Set your hosted payment pages.
- Update your website pages: security script, payment form, payment confirmation page, receipt page by modifying sample scripts provided in Ruby, PHP, Perl and ASP.net
- Update fraud setting, if required, via Fraud Management Essentials.
- Run a live transaction with live cards.
- View transaction within Enterprise Business Center (EBC).
- Set up reports, if required, in Enterprise Business Center (EBC).
- Set up dashboard using a link received in the email from Worldpay from FIS after your invoice is ready.
Prerequisites
To use the service, you must have a website where customers can input their data. This data (excluding the card data) is for payment and fraud screening and you must include it with your requests.
Your website must meet the following requirements:
- It must have a shopping cart or customer order creation software
- Dynamic scripting language that supports HMAC256 hashing algorithms
- Public Key Infrastructure (PKI) enabled to use SSL-based for POST submissions
- Capability to digitally sign customer data prior to submission
- Ability to generate SHA-256 hash of JSON payload to be sent in the HTTP header message for each request to the REST API
- Store pertinent fields for follow-on transactions using Tokens and Transaction/Request ID
Set up your account
You must obtain and activate a gateway Merchant ID (Organization ID) for integration, testing and live transactional processing.
Test accounts
The Enterprise Business Center (EBC) is a customer portal that allows you to view Test/Live transactions and perform other functions. Test EBC displays test transactions sent to test endpoints and Live EBC displays live transactions sent to live endpoints.
- Test Environment:
https://worldpay.ubctest.cybersource.com/ebc2/
- Live Environment:
https://worldpay.ubc.cybersource.com/ebc2/app/Home
Test EBC credentials:
- Organization IDs (Test):
provided with a boarding email
- Username ID and Password:
provided with a boarding email
New Gateway Merchants IDs (Test/Live) are configured with the appropriate payment methods, currencies and payment processor(s). Additionally, merchant IDs are configured with required value-added services such as Tokenization and Fraud Management Essentials.
For American Express payments, please contact ngwtechsupport@fisglobal.com
Authenticate and integrate
Create a profile ID
Log in to Enterprise Business Center (EBC) > Payment Configuration > Secure Acceptance Settings > New Profile.
Create Profile page is displayed.
Enter or verify the following profile details.
Profile detail Description Profile Name The Secure Acceptance profile name is required and it cannot exceed 40 alphanumeric characters. Profile Description The profile description cannot exceed 255 characters. Integration Method Check Hosted Checkout. Company Name The company name is required and it cannot exceed 40 alphanumeric characters. - Company Contact Name
- Company Contact Email
- Company Phone Number
Enter company contact information: name, email and phone number. Payment Tokenization Check Payment Tokenization. Click Submit.
Create secure acceptance security key
Secure acceptance security key consists of two components: an access key and a secret key.
You can create an access key
and a secret key
via Enterprise Business Center (EBC) > Security Keys > Generate new key.
To update a secure acceptance security key:
Log in to the Business Center environment (Test or Production) that contains the Secure Acceptance profile you are working with.
Select Payment Configuration > Secure Acceptance Settings.
From INACTIVE PROFILES, select the checkbox for the profile that you want to create keys for.
Select Edit Profile.
Select the SECURITY tab.
Select **Create Key **to generate a new key.
From the **Key Creation **screen, enter a descriptive Key Name.
NoteYour key cannot exceed 40 alphanumeric characters. Spaces and other special characters are not allowed.
Leave the following fields at the default:
- Signature Version as 1.
- Signature Method as HMAC-SHA256.
Select **CREATE **and then Confirm.
Within 30 seconds, copy and paste the displayed access key and secret key into a text editor or select the file download icon to save both in a .txt file.
NoteIf the windows closes before you are done, select View Key (View Key button) to display it again.
After seeing the new key listed under ACTIVE KEYS, set the profile to active by selecting BACK TO PROFILES, select the desired profile's checkbox.
Select Promote Profile, and Confirm.
Parameter | Value |
---|---|
Secret key | <101122de47ef4ed78375446c7b80099e8c3543e8e8ab41298cee13c09e6d867686d88c72bcce4cc3a134e2ffe68b7262221cca4128af4e88a8692dae6053890729990b1067f1457b9bca130d234726e2f73d5279cb54ae19146ffeb952e308c34acac61785040ff9b16fc8e411b79c543f825d7a6974b7ea4385c5aa765a4da> |
access_key | <2d408e78f0783c7cadbe205a4c4030d0> |
profile_id | <4BD69D22-6810-4BF8-9B0A-0B734F76685A> |
For REST API authentication, the merchant must generate another Shared Secret key for using HTTP Signature authentication.
Requests to the Cybersource REST API are sent via HTTP to one of our API endpoint URLs.
- Sandbox API Endpoint:
https://apitest.cybersource.com
- Production API Endpoint:
https://api.cybersource.com
Read more about the HTTP Response Code details here.