Below is a description of the variables that will be posted to the merchant’s CallbackURL when the cardholder needs to authenticate themselves directly with their bank. This will be returned in response to the initial payment request.
|
Variable Name |
Data Type |
Max Length |
Comments |
|
HashDigest |
A |
– |
A hashed string that contains all the variables passed and also data that is not passed but is known to both sides – namely the PreSharedKey and the gateway account password. (see section below) |
|
MerchantID |
A |
15 |
The merchant ID that was used to process the transaction |
|
StatusCode |
N |
– |
This indicates the status of the transaction |
|
Message |
A |
– |
This is the message returned by the gateway |
|
CrossReference |
A |
25 |
The cross reference of the transaction returned by the gateway |
|
OrderID |
A |
– |
The OrderID representing the transaction. Note: make sure that special characters in the OrderID are properly escaped, otherwise the hash digest will not match |
|
TransactionDateTime |
DT |
– |
The date & time (as seen by the gateway server) of the transaction. Will be in the form “YYYY-MM-DD HH:MM:SS +OO:OO”, with the time in 24 hour format, where OO:OO is the offset from UTC – e.g. “2008-12-01 14:12:00 +01:00” |
|
ACSURL |
A |
– |
If the card has been determined as requiring 3D Secure authentication, this gives the URL of the ACS server that the PaREQ must be sent to |
|
PaREQ |
A |
– |
If the card has been determined as requiring 3D Secure authentication, this gives the base64 encoded payment request that must be passed to the ACS for authentication. This must be sent to the ACS as “PaReq” |