Hosted Payment Page (HPP)
The different HPP workflows for DDC scenarios are described below.
Scenario - The user enters the card or payment information and clicks Submit.
- Action - Disable the Submit button and call the Auth API.
- Contract - No Change.
Scenario - HPP receives the 200501 status code.
-
Action - HPP loads HTML from the web-method node in the invisible IFrame and starts a timer using the expiry node:
- Scenario 1 : Device Data Collected Successfully
- Scenario 2 : Device Data Collection Will Fail
- Scenario 3 : Device Data Collection Will Expire
-
Contract -
<?xml version="1.0" encoding="UTF-8"?> <root> <status code="200501">DDC verification required for Authorization</status> <web-method>{{html encoded data}}</web-method> <expiry>{{in_millisecond}}</expiry> </root>
Scenario - DDC is completed Successfully/ Failed.
-
Action - HPP will get JSON in the format shown below:
{ "id": "{{ddc_id}}", "collection_time": "{{in_millisecond}}", "expired": "{{boolean}}", "additional_info": { "info": [ { "key": "{{key}}", "value": "{{value}}" }, { "key": "{{key}}", "value": "{{value}}" } ] } }- Convert JSON to XML.
- Add expired": "{{boolean}}, "collection_time": "{{in_millisecond}}" in abobe json.
- Append XML to auth request Call Auth API.
-
Contract - Request : No Change +
<device_data_info> <id>{{ddc_id}}</id> <collection_time>{{in_millisecond}}</collection_time> <expired>{{boolean}}</expired> <additional_info> <info> <key>{{key}}</key> <value>{{value}}</value> </info> <info> <key>{{key}}</key> <value>{{value}}</value> </info> </additional_info> </device_data_info>
Scenario - DDC is expired.
- Action - The action includes the following:
- Exit IFrame.
- Populate the device_data_info node with these values:
- expired = true
- collection_time = assign times in millisecond
- Append to auth request and Call Auth API.
- Contract -
<device_data_info> <collection_time>{{in_millisecond}}</collection_time> <expired>true</expired> </device_data_info>
Scenario - HPP receives the 2005 status code.
- Action - Redirect.
- Contract -
<?xml version="1.0" encoding="UTF-8"?> <root> <status code="2005">3D verification required for Authorization</status> <web-method>{{html encoded data}}</web-method> or <parsed-challenge> ... </parsed-challenge> <device_collection_status> <status> <code>{{DDC Code}}</code> <description>3D verification required for Authorization</description> </status> </device_collection_status> </root>
Scenario - HPP receives the 2000 status code.
- Action - Show the error and allow the user to retry.
- Contract -
<?xml version="1.0" encoding="UTF-8"?> <root> <status code="2010">{{Msg}}</status> <device_collection_status> <status> <code>{{DDC Code}}</code> <description>3D verification required for Authorization</description> </status> </device_collection_status> </root>
Scenario - HPP receives the XX status code.
- Action - Show the error and allow the user to retry.
- Contract -
<?xml version="1.0" encoding="UTF-8"?> <root> <status code="XX">{{Msg}}</status> <device_collection_status> <status> <code>{{DDC Code}}</code> <description>3D verification required for Authorization</description> </status> </device_collection_status> </root>
Authorize Request from HPP/SDK
The code below is an example of the authorization request from HPP/SDK:
<root>
<authorize-payment account="{{account_id}}" client-id="{{client_id}}">
<transaction type-id="{{txn_type_id}}" id="{{txnid}}" store-card="false">
<card type-id="{{card_id}}">
<amount country-id="{{country_id}}" currency-id="{{currency_id}}">{{anount}}</amount>
<cvc>{{cvc}}</cvc>
<card-holder-name>{{card_holder_name}}</card-holder-name>
<card-number>{{card_no}}</card-number>
<expiry>{{exprity in mm/yy format}}</expiry>
<address country-id="{{country_id}}">
<first-name>{{billing_address_first_name}}</first-name>
<last-name>{{billing_address_last_name}}</last-name>
<street>{{billing_address_street}}</street>
<postal-code>{{billing_address_postal_code}}</postal-code>
<city>{{billing_address_city}}</city>
<state>{{billing_address_state}}</state>
<contact-details>
<mobile operator-id="{{operater_id}}" country-id="{{country_id}}">{{billing_address_mobile_no}}</mobile>
<email>{{billing_address_email}}</email>
</contact-details>
</address>
</card>
<device_data_info>
<id>{{ddc_id}}</id>
<collection_time>{{in_millisecond}}</collection_time>
<expired>{{boolean}}</expired>
<additional_info>
<info>
<key>{{key}}</key>
<value>{{value}}</value>
</info>
<info>
<key>{{key}}</key>
<value>{{value}}</value>
</info>
</additional_info>
</device_data_info>
</transaction>
<client-info language="{{lan}}" sdk-version="{{sdk_ver}}" version="{{ver}}" platform="{{plaform}}" profileid="{{profile_id}}">
<mobile operator-id="64000" country-id="640">2147483647</mobile>
<email>{{cust_email}}</email>
<customer-ref>{{cust_ref_id}}</customer-ref>
<ip>{{cust_public_id}}</ip>
</client-info>
</authorize-payment>
</root>
Contract Definition
The Contract Definitions are listed in the table below:
| Parameter | Type | Required | Description |
|---|---|---|---|
| device_data_info.id | String | No | ID returned by the provider after collecting DDC. |
| additional_info | No | additional_info will be populated if the DDC provider returns any additional information. | |
| additional_info.info.key | String | No | The key of additional information. |
| additional_info.info.key | String | No | The value of additional information. |
| expired | Boolean | Yes | Tells whether the DDC collection expired. |
| collection_time | Integer | Yes | Determines the time required to collect DDC. |
Authorize Response to HPP/SDK
<?xml version="1.0" encoding="UTF-8"?>
<root>
<status code="2005">3D verification required for Authorization</status>
<web-method>{{html encoded data}}</web-method> or <parsed-challenge> ... </parsed-challenge>
<device_collection_status>
<status>
<code>{{DDC Code}}</code>
<description>3D verification required for Authorization</description>
</status>
</device_collection_status>
</root>
Contract Definition
The Contract Definitions are listed in the table below:
| Parameter | Type | Required | Description |
|---|---|---|---|
| parsed-challenge | No | The authentication form post/get information in the form of Hidden Field. | |
| device_collection_status.status | No | Denotes the DDC status. | |
| device_collection_status.status.code | Integer | No | Defines the current status of DDC. |
| device_collection_status.status.description | String | No | Defines the description of the current status of DDC. |
Note: For additional fields, see Contract Definition in the 'API Workflow' section of this 3DS guide.
Updated 6 months ago