Below are the variable outputs from the gateway during the multiple stages in the SERVER Result Delivery Method. Also, the required hashing variables are listed separately, and in what order to use them during variable hashing. As explained above, this will help identify variable tampering.
| Variable Name | Data Type | Max Length | Comments | ||
| HashDigest | A |
– |
A hashed string that contains all the variables passed and also data that is not passed but is known to both sides – namely the PreSharedKey and the gateway account password. (see section below) |
||
| MerchantID | A |
15 |
The merchant ID that was used to process the transaction | ||
| StatusCode | N |
– |
This indicates the status of the transaction:
|
||
| Message | A |
512 |
This gives a more detailed description of the status of the
transaction |
||
| PreviousStatusCode | N |
– |
If thetransaction wasdeemed tobea duplicatetransaction, this indicates the status of the previous transaction | ||
| PreviousMessage | A |
512 |
If the transaction was deemed to be a duplicate transaction, this gives a more detailed description of the status of the previous
transaction |
||
| CrossReference | A |
24 |
This is the unique cross reference for this transaction. If the transaction was determined to be a duplicate transaction, this value will hold the cross reference of the previous transaction (which this transaction was deemed a duplicate of) | ||
| AddressNumericCheckResult |
A |
– |
If requested (input variable “EchoAVSCheckResult
= true”) this gives the results of the address numeric check – will be PASSED, FAILED, PARTIAL, NOT_CHECKED or UNKNOWN |
||
| PostCodeCheckResult |
A |
– |
If requested (input variable “EchoAVSCheckResult
= true”) this gives the results of the post code check – will be PASSED, FAILED, PARTIAL, NOT_CHECKED or UNKNOWN |
||
| CV2CheckResult |
A |
– |
If requested (input variable “EchoCV2CheckResult
= true”) this gives the results of the CV2 check – will be PASSED, FAILED, NOT_CHECKED or UNKNOWN |
||
| ThreeDSecureAuthenticationCheckResult |
A |
– |
If requested (input variable “EchoThreeDSecureAuthenticationCheckResult = true”) this gives the results of the 3D Secure check – will be PASSED, FAILED, NOT_CHECKED or UNKNOWN | ||
| FraudProtectionCheckResult |
A |
– |
If requested (input variable “EchoFraudProtectionCheckResult = true”) this gives the results of the Fraud protection check – will be PASSED, FAILED, CHALLENGE or ERROR | ||
| CardType |
A |
– |
If requested (input variable “EchoCardType = true”) this gives the card type of the transaction | ||
| CardClass |
A |
– |
If requested (input variable “EchoCardType = true”) this gives the card class of the transaction | ||
| CardIssuer |
A |
– |
If requested (input variable “EchoCardType =
true”) this gives the card issuer (if known) |
||
| CardIssuerCountryCode |
N |
3 |
If requested (input variable “EchoCardType = true”) this gives the 3 digit code of the country the card was issued in (if known) | ||
| CardNumberFirstSix |
N |
6 |
If requested (input variable “EchoCardNumberFirstSix = true”) this gives the first 6 digits of the card number of the transaction | ||
| CardNumberLastFour |
N |
4 |
If requested (input variable “EchoCardNumberLastFour = true”) this gives the last 4 digits of the card number of the
transaction |
||
| CardExpiryDate |
DT |
5 |
If requested (input variable “EchoCardExpiryDate
= true”) this gives the expiry date of the card of the transaction. Will be in the form “MM/YY” e.g. “12/14” |
||
| Amount | N |
13 |
The amount, in minor currency, of the transaction that was processed | ||
| DonationAmount |
N |
13 |
If requested (input variable
“EchoDonationAmount = true”) this gives the donation amount in minor currency |
||
| CurrencyCode | N |
3 |
The currency code of the transaction that was processed. ISO 4217 e.g. GBP: 826 | ||
| OrderID | A |
50 |
The order ID of the transaction that was processed. Note: make sure that special characters in the OrderID are properly escaped, otherwise the hash digest will not match | ||
| TransactionType | – |
– |
The transaction type of the transaction that was processed. Will be either SALE or PREAUTH | ||
| TransactionDateTime | DT |
– |
The date & time (as seen by the gateway server) of the transaction. Will be in the form “YYYY-MM-DD HH:MM:SS ±OO:OO”, with the time in 24 hour format, where OO:OO is the offset from UTC – e.g. “2008-12-01 14:12:00 +01:00″ | ||
| OrderDescription | A |
256 |
The order description of the transaction that was processed. Note: make surethatspecialcharactersintheOrderDescriptionare
properly escaped, otherwise the hash digest will not match |
||
| CustomerName | A |
100 |
The name of the customer as it was submitted to the gateway | ||
| Address1 | A |
100 |
Customer’s billing address line 1 as it was submitted to the gateway | ||
| Address2 | A |
50 |
Customer’s billing address line 2 as it was submitted to the gateway | ||
| Address3 | A |
50 |
Customer’s billing address line 3 as it was submitted to the gateway | ||
| Address4 | A |
50 |
Customer’s billing address line 4 as it was submitted to the gateway | ||
| City | A |
50 |
Customer’s billing city as it was submitted to the gateway | ||
| State | A |
50 |
Customer’s billing state as it was submitted to the gateway | ||
| PostCode | A |
50 |
Customer’s billing post code as it was submitted to the gateway | ||
| CountryCode | N |
3 |
Customer’s billing country code as it was submitted to the gateway. ISO 3166-1 e.g. United Kingdom: 826 | ||
| EmailAddress |
A |
100 | The customer’s email address as it was submitted to the gateway |
| PhoneNumber |
A |
30 | The customer’s phone number as it was submitted to the gateway |
| DateOfBirth |
A |
10 | The customer’s date of birth as it was submitted to the gateway |
| PrimaryAccountName |
A |
100 | The name of the primary account holder as it was submitted to the gateway |
| PrimaryAccountNumb er |
A |
50 | The account number of the primary account as it was submitted to the gateway |
| PrimaryAccountDateO fBirth |
A |
10 | The date of birth of the primary account holder as it was submitted to the gateway |
| PrimaryAccountPostCo de |
A |
50 | The post code of the primary account holder as it was submitted to the gateway |