Fiserv Payment Gateway - API Document

Platform

APIs

Backend

Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

NAME	DESCRIPTION
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal.

How to generate a message signature

Purpose To ensure data integrity, prevent replay attacks, and eliminate stale requests.

Details

Signature Algorithm: SHA256 HMAC

Signature Encoding: Base64

Signed with: Developer App Secret Key; provided to merchant when boarded The message data for the signature is the following items concatenated:

1. API_KEY: Developer App Api Key; provided to merchant when boarded
2. CLIENT_REQUEST_ID: Unique request id, 128-bit UUIDv4 format recommended
3. TIMESTAMP: Epoch timestamp in milliseconds
4. PAYLOAD: The request body if applicable

The ClientRequestID is a randomly generated number that is unique for each request. It is used as nonce and validated against all ClientRequestIDs received by First Data within a predetermined timeframe (five minutes is the default) to prevent replay attacks. First Data uses the timestamp of the request to validate against stale requests. Any request older than the specified duration is rejected.

Code Examples

copy


                                        import org.apache.commons.codec.binary.Base64; 

                                        import org.apache.commons.codec.binary.Hex;

                                        import org.apache.commons.codec.digest.HmacAlgorithms;

                                        import org.apache.commons.codec.digest.HmacUtils;

                                        

                                        public class Example {

                                        public static void main(String[] args) {

                                        final HmacUtils hmacHelper = new HmacUtils(HmacAlgorithms.HMAC_SHA_256,
                                        API_SECRET); 

                                        final Hex hexHelper = new Hex();

                                        

                                        final String msg = API_KEY + CLIENT_REQUEST_ID + TIMESTAMP +
                                        JSON_SERIALIZED_PAYLOAD;

                                        final byte[] raw = hmacHelper.hmac(msg);

                                        final byte[] hex = hexHelper.encode(raw);

                                        final String messageSignature = Base64.encodeBase64String(hex);

                                        }

                                        }

Step - 1 URL detail to post API request

URL detail to post API

Request URL: https://cert.api.firstdata.com/gateway/v2/payments

Header Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
transaction-id/order-id integer (header)	Gateway transaction identifier as returned in the parameter ipgTransactionId.
storeId integer (header)	An optional outlet ID for clients that support multiple stores in the same developer app.

Parameter Detail

Parameter Name	Sale	PreAuth	Type	Description
storeId	m	m	xs:string (max 20)	Your Store ID. The base currency is derived from the Store settings.
requestType	a	a	xs:string	Stores the transaction type. Possible values are sale, PaymentCardSaleTransaction, preAuth.
paymentMethod: paymentCard: number	a	a	xs:string	Stores the customer’s credit card number. Make sure that the string contains only digits, i.e. passing the number e.g. in the format xxxx-xxxx-xxxx-xxxx will result in an error returned by the Web Service API.
paymentMethod: expiryDate: month	a	a	xs:string	Stores the expiration month of the customer’s credit card. Make sure that the content of this element always contains two digits, i.e. a card expiring in July will have this element with value 07. For authorisations on the Nashville front-end only: for cases, where you do not know the credit card expiry date, please send the value 12.
paymentMethod: expiryDate: Year	a	a	xs:string	Stores the expiration year of the customer’s credit card. The same formatting restrictions as for the ExpMonth element apply here. For authorisations on the Nashville front-end only: for cases, where you do not know the credit card expiry date, please send the value 99.
paymentMethod: paymentCard: securityCode	o	o	xs:string	Stores the three or four digit card security code (CSC) – sometimes also referred to as card verification value (CVV) or code (CVC) – which is typically printed on the back of the credit card. For information about the benefits of CSC contact support.
paymentMethod: paymentCard: brand	o	o	xs:string	The brand of the card used for this transaction.
authenticationResult: verificationResponse	3	3	xs:string	Stores the VerificationResponse (VERes) of your Merchant Plug-in.
authenticationResult: authenticationAttemptResult	s	s	xs:string	Stores the PayerAuthenticationResponse (PARes) of your Merchant Plug-in.
authenticationResult: cavv	s	s	xs:string	Stores the AuthenticationValue (MasterCard: AAV or VISA: CAAV) of your Merchant Plug-in
authenticationResult: xid	s	s	xs:string	Stores the XID of your Merchant Plug-in.
authenticationResult: authenticationType	s	s	xs:boolean	Indicates, if transaction is going to be authenticated as 3DSecure transaction.If a card is enrolled, the response will contain the Verification Redirect Response element.
cardFunction:	o	o	xs:string	This field allows you to indicate the card function in case of combo cards which provide credit and debit functionality on the same card. It can be set to credit or debit.
createToken: value	1	1	xs:string	Stores the Hosted Data ID for the Data Vault product.
createToken: declineDuplicates	1	1	xs:string	Declines duplicate credit card or German direct debit accounts
createToken:	1	1
order: installmentOptions: numberOfInstallments	o	o	xs:string	Stores the number of instalments for a Sale transaction if the customer pays the amount in several parts
order: installmentOptions: installmentsInterest	d		xs:string	Indicates, if the installment interest has been applied; possible values "yes" or "no".
transactionAmount: total	m	m	xs:double	Stores the transaction amount. Make sure that the number of positions after the decimal point does not exceed 2, e.g. 3.123 would be invalid – however, 3.12, 3.1, and 3 are correct.
transactionAmount: currency	m	m	xs:string	Stores the currency as a three-digit ISO 4217 value (e. g. 356 for INR)
order: orderId	o	o	xs:string	Stores the order ID. This must be unique per Store ID. If no Order ID is transmitted, the Gateway will generate one automatically. Note: For cases where you plan to use EMV 3DS Authentication prior to the authoriazation, please use only the following characters in OrderId: A-Z, a-z, 0-9, ‘-‘
schemeTransactionId:	o	o	xs:string	Allows you to assign a unique ID for the transaction. This ID can be used to reference to this transactions in a Void request (ReferencedMerchantTransactionId) or to retrieve transaction details with the API action InquiryTransaction. Uniqueness needs to be enforced by the merchant.
transactionOrigin	D	d	xs:string	The source of the transaction. The possible values are ECI (if the order was received via email or Internet), MOTO (mail order / telephone order), MAIL (mail order), PHONE (telephone order) and RETAIL (face to face).
order: additionalDetails: invoiceNumber	o	o	xs:string	Stores the invoice number.
order: additionalDetails: purchaseOrderNumber	o	o	xs:string	Stores the purchase order number.
order: softDescriptor: dynamicMerchantName	o	o	xs:string	Stores a dynamic merchant name for the cardholder’s statement
order: additionalDetails: comments	o	o	xs:string	Stores the comments.
splitShipment: finalShipment			xs:boolean	Needs to be set to “true” in the final PostAuth of a series of split shipments.
order: billing: customerId:	o	o	xs:string	Stores your ID for your customer.
order: billing: name	o	o	xs:string	Stores the customer’s name. If provided, it will appear on your transaction reports.
order: billing: company	o	o	xs:string	Stores the customer’s company. If provided, it will appear on your transaction reports.
order: billing: address: address1	o	o	xs:string	Stores the first line of the customer’s address. If provided, it will appear on your transaction reports.
order: billing: address: address2	o	o	xs:string	Stores the second line of the customer’s address. If provided, it will appear on your transaction reports.
order: billing: address: city	o	o	xs:string	Stores the customer’s city. If provided, it will appear on your transaction reports.
order: billing: address: region	o	o	xs:string	Stores the customer’s state. If provided, it will appear on your transaction reports.
order: billing: address: postalCode	o	o	xs:string	Stores the customer’s zip code. If provided, it will appear on your transaction reports.
order: billing: address: country	o	o	xs:string	Stores the customer’s country. If provided, it will appear on your transaction reports.
order: billing: contact: phone	o	o	xs:string	Stores the customer’s phone number. If provided, it will appear on your transaction reports.
order: billing: contact: email:	o	o	xs:string	Stores the customer’s Email address. If provided, it will appear on your transaction reports. If you are using the email transaction notification feature, this email address will be used for notifications to your customer.
Shipping Type	o	o
order: shipping: name	o	o	xs:string	Stores the name of the recipient. If provided, it will appear on your transaction reports.
order: shipping: address: address1	o	o	xs:string	Stores the first line of the shipping address. If provided, it will appear on your transaction reports.
order: shipping: address: address2	o	o	xs:string	Stores the second line of the shipping address. If provided, it will appear on your transaction reports.
order: shipping: address: city	o	o	xs:string	Stores the recipient’s city. If provided, it will appear on your transaction reports.
order: shipping: address: region	o	o	xs:string	Stores the recipient’s state. If provided, it will appear on your transaction reports.
order: shipping: address: postalCode	o	o	xs:string	Stores the recipient’s zip code. If provided, it will appear on your transaction reports.
order: shipping: address: country	o	o	xs:string	Stores the recipient’s country. If provided, it will appear on your transaction reports.
ClientLocale: language	d	d	xs:string	If you are using the email transaction notification feature, this language will be used for notifications to your customer. Possible values are: de, en, it.
ClientLocale: country:	d	d	xs:string	Specifies the variant of the language. This member can only be set if the language is set. Possible values are: DE, GB, IT. If you do not define a country, a matching country will be chosen.

Sample Request message with required parameter

copy

{
"storeId": "3300000703",
"requestType": "PaymentCardSaleTransaction",
"transactionAmount": {
    "total": "10",
    "currency": "INR"
    },
"paymentMethod": {
    "paymentCard": {
        "number": "****************",
        "securityCode": "977",
        "expiryDate": {
            "month": "05",
            "year": "22"
            }
        }
    },
"order": {
    "orderId": "30072021-02"
    },
"authenticationRequest": {
    "authenticationType": "Secure3D10AuthenticationRequest"
    }
}

Sample Code

copy

{
    "storeId": "3300000703",
    "requestType": "PaymentCardSaleTransaction",
    "transactionAmount": {
        "total": "10",
        "currency": "INR"
        },
    "paymentMethod": {
        "paymentCard": {
        "number": "4035874000424977",
        "securityCode": "977",
            "expiryDate": {
                "month": "05",
                "year": "22"
                }
            }
        },
    "order": {
        "orderId": "045072021-01"
        },
    "merchantTransactionId": "23062021-031",
    "authenticationRequest": {
    "authenticationType": "Secure3D10AuthenticationRequest"
    }
}

Step - 2 IPG response with list of parameter value as mentioned below

Response Parameter

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	?:waiting authentication
paymentCard: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
country	The country where the card has been issued that has been used for this transaction.	IND etc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodType		CREDITCARD
TDate	Stores the TDate you have to supply when voiding this transaction (which is only possible for Sale and PostAuth transactions). In this case, pass its value in the v1:TDate element of the Void transaction you want to build.	1493130774
TDateFormatted		2017.04.25 16:32:54(CEST)
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1493130774
acsURL	Represents the target of the 3D Secure redirection	https://abc.com/xyz
payerAuthenticationRequest	Represents the PAReq data which has to be sent in the "PAReq" attribute to the ACS URL.
merchantData	Merchant Data from ACS redirection POST attribute ("MD"attribute). Please note, that this element might not be sent back by the issuer (ACS) in case of EMV 3DS protocol (3DS 2.0)
termURL	Represents the default TermURL, which should be used in order to process the response from the 3D Secure process. In case that a merchant would like to parse the response by himself, he has to specify the "TermUrl" parameter in the form with his custom URL, in which he will process the response and call the API with the response PARes and Merchant Data.	merchant response handling URL

Sample Response

copy

{
"clientRequestId": "9419471",
"apiTraceId": "YQOSQ0eY5al@ewZTIbK@dAAAAK0",
"ipgTransactionId": "84568781240",
"orderId": "30072021-01",
"transactionType": "SALE",
"transactionOrigin": "ECOM",
"paymentMethodDetails": {
    "paymentCard": {
        "expiryDate": {
        "month": "05",
        "year": "2022"
        },
        "bin": "403587",
        "last4": "4977",
        "brand": "VISA"
    },
    "paymentMethodType": "PAYMENT_CARD"
},
"country": "Germany",
"transactionTime": 1627624003,
"transactionStatus": "WAITING",
"authenticationResponse": {
    "type": "3D_SECURE",
    "version": "1.0",
    "params": {
    "payerAuthenticationRequest": "eJxVUU1TwjAQ/SsMV4cmTQs4zJIZkIMdB6dSPeitpqtEaFqSVNBfb1Ja0b1k39uP7L6Fx61GXGUoGo0c1mhM/o4DWcyH6eYhonTKKAtHNBxySBcbPHD4RG1kpXgY0IAB6aGr1WKbK8shF4dlcs9Za0A6CCXqZMXD1oCcEai8RJ6ss9EGjR0t0gRIS4GoGmX1F4/GEyA9gEbv+dba2swIOR6PgSyNdYWBqAKpgPgwkMskaeM949qdZMHlJM12+u7t6vX5o36K1T4zL8smprvveA7EZ0CRW+R+ZTqN6ICOZ/FkFkdAWh7y0s/BQ0qpW+sMoPZ/LP5G/jLghNWoRL9IjwBPdaXQZTiFfn0o0Ai3Qfdcxr+59bIK6wWMIxZfs2nolW0Z30s6dRij47aZB0B8DemORrrLOu/fxX8A1kGn2g==",
    "termURL": "https://test.ipg-online.com/connect/gateway/processing?execution=e1s1&_eventId=frommodirum&acsReturn=true&resumeTransaction=true&referencedTransactionId=84568781240",
    "merchantData": "MD__________021-0168e91d",
    "acsURL": "https://3ds-acs.test.modirum.com/mdpayacs/pareq"
    }
  }
}

Step - 3 Create Request message basis step 2 parameter to redirect to bank page

Request message parameter to redirect to bank page

Card Holder would need to be redirected to ACS URL obtained in the response of the above transaction.

Parameter Name	Description	Sample value
AcsURL	Represents the target of the 3D Secure redirection	https://abc.com/xyz
PaReq	Represents the PAReq data which has to be sent in the "PAReq" attribute to the ACS URL
MD	Merchant Data from ACS redirection POST attribute ("MD"attribute). Please note, that this element might not be sent back by the issuer (ACS) in case of EMV 3DS protocol (3DS 2.0)
TermUrl	Represents the default TermURL, which should be used in order to process the response from the 3D Secure process. In case that a merchant would like to parse the response by himself, he has to specify the "TermUrl" parameter in the form with his custom URL, in which he will process the response and call the API with the response PARes and Merchant Data.	merchant response handling URL

Sample Request Message

Browser Redirect 3DS.html page

Step - 4 Bank ACS will send authentication response to term URL configured of merchant.

Request Parameter

Parameter Name	Description	Sample value
PaReq	value need to collected from step 2
MD	value need to collected from step 2

Step - 5 Initiate request to IPG for Pares verification and transaction processing

Request URL: https://cert.api.firstdata.com/gateway/v2/payments/{IPGTransactionId}

Request Parameter:

Parameter Name	Description	Sample value
storeId	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	3300001111
authenticationType	Stores the transaction type. Sale, preAuth	sale/preAuth
payerAuthenticationResponse	Represents the PAReq data which has to be sent in the "PAReq" attribute to the ACS URL.
merchantData	Merchant Data from ACS redirection POST attribute ("MD"attribute). Please note, that this element might not be sent back by the issuer (ACS) in case of EMV 3DS protocol (3DS 2.0)
securityCode	Stores the three or four digit card security code (CSC) – sometimes also referred to as card verification value (CVV) or code (CVC) – which is typically printed on the back of the credit card. For information about the benefits of CSC contact support.	123

Sample request :

IpgTransactionId of the transaction in waiting state

Request URL:https://cert.api.firstdata.com/gateway/v2/payments/84568781240

Sample code :

copy

 {
 "storeId":"3300000703",
 "authenticationType": "Secure3D10AuthenticationUpdateRequest",
  "securityCode": "977",
  "payerAuthenticationResponse": "eJzlWFmv47aS/itB7qORaPWiwH0AapcsydYu+U37asnal19/ZZ/uTqeRwdwM5mGAEXBwyCJZrGIVv6/Ms5G2UUTrUTC00cdZjrrOS6JfsvDLrzdNxWD4iMIo8huM/PpxvgEt6t5Dj+MBxQ/4fhOOUdtldfWB/A7/jp6hb91NUxukXtV/nL2gIQXlA31/Z+hr9/yIWoH+QN7fGfrsnaE/l92GV6vbjJqz8CM73PSivcQ7382fJl6VencnBxwuVvzLGXrNOIdeH328rIWPGPwLvP8DP/yBY2foLT8/X+rAox423QgMw2foR8l5c7+NqmD5wPaHM/S9d47mZ11F24zN8u/tM/SncU+v+oB/+HDieNx0b9Kz4Xyc++zxV6P2xz/Q/Rl6y89d7/VD9+Geoa+tc+CN4wcAgCQdjgrUrQVYWhTEGXx+m7PvKecoyD7gTdHr/3sVKJO6zfr08TL1r4Iz9DIFesfv46xnSbVt1ka/zI+y6r78mvb98w8Imqbp9wn7vW4TCN0cgWAC2iaEXZb869fPVVEoVHH9caa8qq6ywCuz1eu3aMtRn9bhL983/DuVhvbSikAaQ/22qf0tQPDqt5cExpBXHkF/r/QHc/+TXX42vO2837rUe2Uv9JOij7MWxdErzNEvpiZ8+fVfP2Q1nSVR1/9Pdvy2248avumzvHKIPiDsrs/e7pIx16UrW8Yz13LQ+0dm11++rfuceYa+m/jV/m8R+O7L50STm9cD2qccZ/TPhycFEij7vXiVY6H2OdskcPK4a3rTGq1Q7W6PksCfXAJO8yNistOeeVRbih5ubBUysXCMmVw9PJbcZ4Q94H3C0C6LMEezf7O1TcHYSrQgqUOei2RXte7O0oCkNZWU6a6JGXRUYoZ6R1DTCZ6D9vCZ3pY5el9oVqNeCrDbVchMqwUi1w3faqNhkPsqnJ8FesUud5F88NH+BLPsXd3fhjIiahnS5qLiIR0ZocsaasmqFMwuFdgsr/060MJTwDTl0eg143KpOM1dncNlSYAXqzyAT87ppEaTZVgMHN0q/ml6FASuJ98/ +tvhAZ246g6yKgsyFMuvK8zg+ ",
 "merchantData": "MD91d"
}

Step - 6 Final Response Parameter

Final Response Parameter

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	Success response: Y:bankapproval code:IPG tranaction ID:AVSResponse :RRN or Failed response N:errorcode:error message or N:-errorcode:error message
paymentMethodDetails: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
country	The country where the card has been issued that has been used for this transaction.	IND eitc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodDetails: paymentMethodType		CREDITCARD
processor: authorizationCode	Bank generated approval code	123456
processor: responseCode	IPG transaction status code	00
processor: responseMessage	IPG transaction status message	Function performed error-free
terminalId	Terminal ID	12345678
transactionStatus	IPG trasnaction result	APPROVED
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1609914099

Sample Final Response Message

copy

{
    "clientRequestId": "3933868",
    "apiTraceId": "YQOVdXGz2arKWGMDPIH0MwAAAQs",
    "ipgTransactionId": "84568781240",
    "orderId": "30072021-01",
    "transactionType": "SALE",
    "transactionOrigin": "ECOM",
    "paymentMethodDetails": {
        "paymentCard": {
            "expiryDate": {
                "month": "05",
                "year": "2022"
            },
            "bin": "403587",
            "last4": "4977",
            "brand": "VISA"
        },
        "paymentMethodType": "PAYMENT_CARD"
    },
    "country": "Germany",
    "terminalId": "********",
    "merchantId": "********",
    "transactionTime": 1627624003,
    "approvedAmount": {
        "total": 10,
        "currency": "INR",
        "components": {
            "subtotal": 10
        }
    },
    "transactionStatus": "APPROVED",
    "secure3dResponse": {
        "responseCode3dSecure": "1"
    },
    "schemeTransactionId": "000000000000000",
    "processor": {
        "authorizationCode": "049764",
        "responseCode": "00",
        "responseMessage": "Function performed error-free",
        "avsResponse": {
            "streetMatch": "NO_INPUT_DATA",
            "postalCodeMatch": "NO_INPUT_DATA"
        }
    }
}

Step - 1 Post-Auth Parameter

URL detail to post API

Request URL: https://cert.api.firstdata.com/gateway/v2/payments

Header Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
transaction-id/order-id integer (header)	Gateway transaction identifier as returned in the parameter ipgTransactionId.
storeId integer (header)	An optional outlet ID for clients that support multiple stores in the same developer app.

Parameter Details

NAME	Description
requestType	Denotes Request Type of transaction
transactionAmount: total	Total amount for postAuth
transactionAmount: currency	Currency code of transaction

Sample Request

copy

{
    "requestType": "PostAuthTransaction",
    "transactionAmount": {
        "total": "1.00",
        "currency": "INR"
    }
}

Sample Code :

copy

{
"storeId": "3300000703",
"requestType": "PostAuthTransaction",
"transactionAmount": {
    "total": "10",
    "currency": "INR"
    },
"paymentMethod": {
    "paymentCard": {
        "number": "****************",
        "securityCode": "977",
        "expiryDate": {
            "month": "05",
            "year": "22"
            }
        }
    },
"order": {
    "orderId": "30072021-02"
    },
"authenticationRequest": {
    "authenticationType": "Secure3D10AuthenticationRequest"
    }
}

Step - 2 Post-Auth Response Parameter

Final Response Parameter

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	Success response: Y:bankapproval code:IPG tranaction ID:AVSResponse :RRN or Failed response N:errorcode:error message or N:-errorcode:error message
paymentMethodDetails: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
country	The country where the card has been issued that has been used for this transaction.	IND eitc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodDetails: paymentMethodType		CREDITCARD
processor: authorizationCode	Bank generated approval code	123456
processor: responseCode	IPG transaction status code	00
processor: responseMessage	IPG transaction status message	Function performed error-free
terminalId	Terminal ID	12345678
transactionStatus	IPG trasnaction result	APPROVED
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1609914099

Sample Response Message

copy

{
    "clientRequestId": "777988",
    "apiTraceId": "YQgqONbL3VwK1YmSH2yD4wAAAMQ",
    "ipgTransactionId": "84568998886",
    "orderId": "C-c001c9da-0f4c-4557-aebd-f2788020c226",
    "transactionType": "POSTAUTH",
    "transactionOrigin": "ECOM",
    "paymentMethodDetails": {
        "paymentCard": {
            "expiryDate": {
                "month": "12",
                "year": "2024"
            },
            "bin": "542606",
            "last4": "4979",
            "brand": "MASTERCARD"
        },
        "paymentMethodType": "PAYMENT_CARD"
    },
    "country": "Germany",
    "terminalId": "********",
    "merchantId": "***************",
    "transactionTime": 1627925048,
    "approvedAmount": {
        "total": 2.00,
        "currency": "INR",
        "components": {
            "subtotal": 2.00
        }
    },
    "transactionStatus": "APPROVED",
    "processor": {
        "authorizationCode": "000000",
        "responseCode": "00",
        "responseMessage": "Function performed error-free",
        "avsResponse": {
            "streetMatch": "NO_INPUT_DATA",
            "postalCodeMatch": "NO_INPUT_DATA"
        }
    }
}

Step - 1 Refund Parameter

URL detail to post API

Request URL: https://cert.api.firstdata.com/gateway/v2/orders/{orderId}

Header Parameters

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
transaction-id/order-id integer (header)	Gateway transaction identifier as returned in the parameter ipgTransactionId.
storeId integer (header)	An optional outlet ID for clients that support multiple stores in the same developer app.

Parameter Details

NAME	Description
storeId	storeID
requestType	ReturnTransaction
transactionAmount: total	Total amount for Refund
transactionAmount: currency	Currency code of transaction

Sample Request Message

copy

{
    "storeId":"3332000964",
  "requestType": "ReturnTransaction",
  "transactionAmount": {
    "total": "1.0",
    "currency": "356"
  }
}

Sample Code

copy

{
"storeId": "3300000703",
"requestType": "ReturnTransaction",
"transactionAmount": {
    "total": "10",
    "currency": "INR"
    },
}

Step - 2 Final Response Detail

Final Response Parameter

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	Success response: Y:bankapproval code:IPG tranaction ID:AVSResponse :RRN or Failed response N:errorcode:error message or N:-errorcode:error message
paymentMethodDetails: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
Country	The country where the card has been issued that has been used for this transaction.	IND eitc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodDetails: paymentMethodType		CREDITCARD
processor: authorizationCode	Bank generated approval code	123456
processor: responseCode	IPG transaction status code	00
processor: responseMessage	IPG transaction status message	Function performed error-free
terminalId	Terminal ID	12345678
transactionStatus	IPG trasnaction result	APPROVED
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1609914099

Sample Request Message

copy

{
    "clientRequestId": "777988",
    "apiTraceId": "YQgqONbL3VwK1YmSH2yD4wAAAMQ",
    "ipgTransactionId": "84568998886",
    "orderId": "C-c001c9da-0f4c-4557-aebd-f2788020c226",
    "transactionType": "return",
    "transactionOrigin": "ECOM",
    "paymentMethodDetails": {
        "paymentCard": {
            "expiryDate": {
                "month": "12",
                "year": "2024"
            },
            "bin": "542606",
            "last4": "4979",
            "brand": "MASTERCARD"
        },
        "paymentMethodType": "PAYMENT_CARD"
    },
    "country": "Germany",
    "terminalId": "********",
    "merchantId": "***************",
    "transactionTime": 1627925048,
    "approvedAmount": {
        "total": 2.00,
        "currency": "INR",
        "components": {
            "subtotal": 2.00
        }
    },
    "transactionStatus": "APPROVED",
    "processor": {
        "authorizationCode": "000000",
        "responseCode": "00",
        "responseMessage": "Function performed error-free",
        "avsResponse": {
            "streetMatch": "NO_INPUT_DATA",
            "postalCodeMatch": "NO_INPUT_DATA"
        }
    }
}

Step - 1 URL detail to Inquiry request

Request URL: https://cert.api.firstdata.com/gateway/v2/orders/{orderID}?storeId={storeId}

Header Parameters

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
transaction-id/order-id integer (header)	Gateway transaction identifier as returned in the parameter ipgTransactionId.
storeId integer (header)	An optional outlet ID for clients that support multiple stores in the same developer app.

Step - 1 Void Parameter

Request URL: https://cert.api.firstdata.com/gateway/v2/orders/{orderId}

Header Parameters

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
storeId integer (body)	An optional outlet ID for clients that support multiple stores in the same developer app.

Parameter Details

NAME	Description
storeId	storeID
requestType	VoidTransaction

Sample Request Message

copy

{
   "storeId":"3332000964",
  "requestType": "VoidTransaction",

}

Sample Code

copy

{
"storeId": "3300000703",
"requestType": "VoidTransaction"
}

Step - 2 Final Response Detail

Multiple transactions tag will appear based on transaction linked to order ID. If multiple action performed on same order ID than need to manage each transaction value tag.

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	Success response: Y:bankapproval code:IPG tranaction ID:AVSResponse :RRN or Failed response N:errorcode:error message or N:-errorcode:error message
paymentMethodDetails: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
country	The country where the card has been issued that has been used for this transaction.	IND eitc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodDetails: paymentMethodType		CREDITCARD
processor: authorizationCode	Bank generated approval code	123456
processor: responseCode	IPG transaction status code	00
processor: responseMessage	IPG transaction status message	Function performed error-free
terminalId	Terminal ID	12345678
transactionStatus	IPG trasnaction result	APPROVED
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1609914099

Sample response message

copy

{
    "clientRequestId": "3758510",
    "apiTraceId": "YQgqhsvJvO6UW7bZjUk@0QAAA6g",
    "orderId": "C-c001c9da-0f4c-4557-aebd-f2788020c226",
    "billing": {
        "name": "Rupay Test"
    },
    "transactions": [
        {
            "ipgTransactionId": "84568992145",
            "transactionType": "PREAUTH",
            "transactionOrigin": "ECOM",
            "paymentMethodDetails": {
                "paymentCard": {
                    "expiryDate": {
                        "month": "12",
                        "year": "2024"
                    },
                    "bin": "542606",
                    "last4": "4979",
                    "brand": "MASTERCARD"
                },
                "paymentMethodType": "PAYMENT_CARD"
            },
            "country": "Germany",
            "terminalId": "********",
            "merchantId": "*************",
            "transactionTime": 1627924965,
            "approvedAmount": {
                "total": 13.99,
                "currency": "INR",
                "components": {
                    "subtotal": 13.99
                }
            },
            "transactionState": "AUTHORIZED",
            "processor": {
                "authorizationCode": "000000",
                "responseCode": "00",
                "responseMessage": "Function performed error-free",
                "avsResponse": {
                    "streetMatch": "NO_INPUT_DATA",
                    "postalCodeMatch": "NO_INPUT_DATA"
                }
            }
        },
        {
            "ipgTransactionId": "84568998886",
            "transactionType": "POSTAUTH",
            "transactionOrigin": "ECOM",
            "paymentMethodDetails": {
                "paymentCard": {
                    "expiryDate": {
                        "month": "12",
                        "year": "2024"
                    },
                    "bin": "542606",
                    "last4": "4979",
                    "brand": "MASTERCARD"
                },
                "paymentMethodType": "PAYMENT_CARD"
            },
            "country": "Germany",
            "terminalId": "********",
            "merchantId": "***************",
            "transactionTime": 1627925048,
            "approvedAmount": {
                "total": 2,
                "currency": "INR",
                "components": {
                    "subtotal": 2
                }
            },
            "transactionState": "CAPTURED",
            "processor": {
                "authorizationCode": "000000",
                "responseCode": "00",
                "responseMessage": "Function performed error-free",
                "avsResponse": {
                    "streetMatch": "NO_INPUT_DATA",
                    "postalCodeMatch": "NO_INPUT_DATA"
                }
            }
        }
    ]
}

Step - 1 Initiate Standing transaction

URL detail to post API

Request URL: https://cert.api.firstdata.com/gateway/v2/payments

Header Parameters

NAME	Description
Content-Type string (header)	Content type. Available values : application/json Default value : application/json
Client-Request-Id string (header)	A client-generated ID for request tracking and signature creation, unique per request. This is also used for idempotency control. We recommend 128-bit UUID format.
Api-Key string (header)	Key given to merchant after boarding associating their requests with the appropriate app in Apigee.
Timestamp integer (header)	Epoch timestamp in milliseconds in the request from a client system. Used for Message Signature generation and time limit (5 mins).
Message-Signature string (header)	Used to ensure the request has not been tampered with during transmission. The Message-Signature is the Base64 encoded HMAC hash (SHA256 algorithm with the API Secret as the key.) For more information, refer to the supporting documentation on the Developer Portal. How to Create Message Signature
storeId integer (body)	An optional outlet ID for clients that support multiple stores in the same developer app.

Parameter Detail

Parameter Name	Sale	PreAuth	Type	Description
storeId	m	m	xs:string (max 20)	Your Store ID. The base currency is derived from the Store settings.
requestType	a	a	xs:string	Stores the transaction type. Possible values are sale, PaymentCardSaleTransaction, preAuth.
paymentMethod: paymentCard: number	a	a	xs:string	Stores the customer’s credit card number. Make sure that the string contains only digits, i.e. passing the number e.g. in the format xxxx-xxxx-xxxx-xxxx will result in an error returned by the Web Service API.
paymentMethod: expiryDate: month	a	a	xs:string	Stores the expiration month of the customer’s credit card. Make sure that the content of this element always contains two digits, i.e. a card expiring in July will have this element with value 07. For authorisations on the Nashville front-end only: for cases, where you do not know the credit card expiry date, please send the value 12.
paymentMethod: expiryDate: Year	a	a	xs:string	Stores the expiration year of the customer’s credit card. The same formatting restrictions as for the ExpMonth element apply here. For authorisations on the Nashville front-end only: for cases, where you do not know the credit card expiry date, please send the value 99.
transactionAmount: total	m	m	xs:double	Stores the transaction amount. Make sure that the number of positions after the decimal point does not exceed 2, e.g. 3.123 would be invalid – however, 3.12, 3.1, and 3 are correct.
transactionAmount: currency	m	m	xs:string	Stores the currency as a three-digit ISO 4217 value (e. g. 356 for INR)
order: orderId	o	o	xs:string	Stores the order ID. This must be unique per Store ID. If no Order ID is transmitted, the Gateway will generate one automatically. Note: For cases where you plan to use EMV 3DS Authentication prior to the authoriazation, please use only the following characters in OrderId: A-Z, a-z, 0-9, ‘-‘
order: InstallmentOptions: RecurringType	m	m	xs:string	ISTANDING_INSTRUCTIONS

Sample Request Message

copy

{
    "storeId":"3332000964",
    "requestType": "PaymentCardSaleTransaction",
    "transactionAmount": {
        "total": "1.5",
        "currency": "INR"
    },
    "paymentMethod": {
        "paymentCard": {
            "number": "xxxxxx",
            "expiryDate": {
                "month": "05",
                "year": "25"
            }
        }
    },
    "order": {
        "orderId":"#ADA#RN0508202101",
        "installmentOptions": {
            "recurringType": "STANDING_INSTRUCTION"
        }

    }
}

Step - 2 Final Response Detail

Final Response Parameter

Parameter Name	Description	Sample value
transactionStatus	Stores the approval code the transaction processor has created for this transaction. You do not need to provide this code in any further transaction. However, have that number ready, in case you detect any problems with your transaction and you want to contact support.	Success response: Y:bankapproval code:IPG tranaction ID:AVSResponse :RRN or Failed response N:errorcode:error message or N:-errorcode:error message
paymentMethodDetails: brand	The brand of the card used for this transaction.	VISA/MASTERCARD
country	The country where the card has been issued that has been used for this transaction.	IND eitc
orderId	This element contains the order ID. For Sale, PreAuth, ForceTicket, and Credit transactions, a new order ID is returned. For PostAuth, Return, and Void transactions, supply this number in the v1:OrderId element for making clear to which transaction you refer. The ipgapi:OrderId element of a transaction approval to a PostAuth, Return, or Void transaction simply returns the order ID, such a transaction has referred to.	abcd1234
ipgTransactionId		1234567890
paymentMethodDetails: paymentMethodType		CREDITCARD
processor: authorizationCode	Bank generated approval code	123456
processor: responseCode	IPG transaction status code	00
processor: responseMessage	IPG transaction status message	Function performed error-free
terminalId	Terminal ID	12345678
transactionStatus	IPG trasnaction result	APPROVED
transactionTime	The time stamp which is set by the Gateway before returning the transaction approval.	1609914099

Sample response message

copy

{
    "clientRequestId": "777988",
    "apiTraceId": "YQgqONbL3VwK1YmSH2yD4wAAAMQ",
    "ipgTransactionId": "84568998886",
    "orderId": "C-c001c9da-0f4c-4557-aebd-f2788020c226",
    "transactionType": "SALE",
    "transactionOrigin": "ECOM",
    "paymentMethodDetails": {
        "paymentCard": {
            "expiryDate": {
                "month": "12",
                "year": "2024"
            },
            "bin": "542606",
            "last4": "4979",
            "brand": "MASTERCARD"
        },
        "paymentMethodType": "PAYMENT_CARD"
    },
    "country": "Germany",
    "terminalId": "********",
    "merchantId": "***************",
    "transactionTime": 1627925048,
    "approvedAmount": {
        "total": 2.00,
        "currency": "INR",
        "components": {
            "subtotal": 2.00
        }
    },
    "transactionStatus": "VOIDED",
    "processor": {
        "authorizationCode": "000000",
        "responseCode": "00",
        "responseMessage": "Function performed error-free",
        "avsResponse": {
            "streetMatch": "NO_INPUT_DATA",
            "postalCodeMatch": "NO_INPUT_DATA"
        }
    }
}

Download

IPG REST Integration Pack
PHP-master.zip	Integration Pack Please Sign In to download

Request
const stripe = require('stripe') ('sk_test_4eC39HqLyjWDarjtT1zdp7dc'); const express = require('express'); const app = express(); app.use(express.static('.')); const YOUR_DOMAIN = 'http://localhost:4242'; app.post('/create-checkout-session', async (req, res) => { const session = await stripe.checkout.sessions.create({ payment_method_types: ['card'], line_items: [ { price_data: { currency: 'usd', product_data: { name: 'Stubborn Attachments', images: ['https://i.imgur.com/EHyR2nP.png'], }, unit_amount: 2000, }, quantity: 1, }, ], mode: 'payment', success_url: `${YOUR_DOMAIN}/success.html`, cancel_url: `${YOUR_DOMAIN}/cancel.html`, }); res.json({ id: session.id }); });

Request

Send Request

Response

How to generate a message signature

Purpose

To ensure data integrity, prevent replay attacks, and eliminate stale requests.

Details

Signature Algorithm: SHA256 HMAC

Signature Encoding: Base64

Signed with: Developer App Secret Key; provided to merchant when boarded

The message data for the signature is the following items concatenated:

API_KEY: Developer App Api Key; provided to merchant when boarded
CLIENT_REQUEST_ID: Unique request id, 128-bit UUIDv4 format recommended
TIMESTAMP: Epoch timestamp in milliseconds
PAYLOAD: The request body if applicable

Code Examples

PHP


$msg = $API_KEY . $CLIENT_REQUEST_ID . $TIMESTAMP . $JSON_SERIALIZED_PAYLOAD;
$hmac = hash_hmac('sha256', $msg, $API_SECRET);
$messageSignature = base64_encode($hmac);

Fiserv Payment Gateway - API Document

Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

Content-Type

Content type.

Client-Request-Id

Api-Key

Timestamp

Message-Signature

How to generate a message signature

Details

Code Examples

URL detail to post API

Header Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

Content-Type

Client-Request-Id

Api-Key

Timestamp

Message-Signature

transaction-id/order-id

storeId

Parameter Detail

Sample Request message with required parameter

Sample Code

Response Parameter

Sample Response

Request message parameter to redirect to bank page

Sample Request Message

Request Parameter

Request URL: https://cert.api.firstdata.com/gateway/v2/payments/{IPGTransactionId}

Request Parameter:

Sample request :

IpgTransactionId of the transaction in waiting state

Sample code :

Final Response Parameter

Sample Final Response Message

URL detail to post API

Header Parameters

Use this to originate a financial transaction like a sale, pre-authorization, or credit.

Content-Type

Client-Request-Id

Api-Key

Timestamp

Message-Signature

transaction-id/order-id

storeId

Parameter Details

Sample Request

Sample Code :

Sample Response Message

URL detail to post API

Header Parameters

Content-Type

Client-Request-Id

Api-Key

Timestamp

Message-Signature

transaction-id/order-id

storeId

Sample Request Message

Sample Code

Final Response Parameter

Sample Request Message

Header Parameters

Content-Type

Client-Request-Id

Api-Key

Timestamp

Message-Signature

transaction-id/order-id

storeId

Header Parameters

Content-Type

Client-Request-Id

Api-Key

Timestamp

Message-Signature

storeId

Sample Request Message