|
■
|
To ensure the integrity of the reply fields, a signature is included in the response. This signature is generated using the same secret_key value that was used to generate the request signature.
To verify that the reply fields have not been tampered with, create a signature using the fields listed in the signed_field_names reply field. This signature must be the same value that is included in the signature response field. Refer to the receipt page that is included in the sample scripts (see Samples in Scripting Languages).
|
If configured, these reply fields are sent back to your Merchant POST URL or email. See Receiving Merchant Notifications. Your error handler should use the decision field to obtain the transaction result if it receives a reason code that it does not recognize.
|
|
Table 7
|
|
■
|
Y: Yes
|
|
■
|
N: No
|
|
■
|
X: Does not apply / Unknown
|
|
■
|
Y: Yes
|
|
■
|
N: No
|
|
■
|
X: Does not apply / Unknown
|
|
■
|
Y: Yes
|
|
■
|
N: No
|
|
■
|
X: Does not apply / Unknown
|
|
■
|
Y: Yes (assets greater than $10B)
|
|
■
|
N: No (assets less than $10B)
|
|
■
|
X: Does not apply / Unknown
|
|
■
|
Y: Yes
|
|
■
|
N: No
|
|
■
|
X: Does not apply / Unknown
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
Credit/debit
|
|
■
|
|
■
|
Indicates whether cross-border transactions are supported. Cross border means that the issuer and acquirer are in different countries. Possible values:
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
Indicates whether cross-border AFT transactions are supported on network specified by the network ID value. Cross border means that the issuer and acquirer are in different countries. Possible values:
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
Indicates whether domestic AFT transactions are supported on network specified by the network ID value. Domestic means that the issuer and acquirer are in the same country. Possible values:
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
Indicates whether cross-border OCT transactions are supported on network specified by the network ID value. Cross border means that the issuer and acquirer are in different countries. Possible values:
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
Indicates whether domestic OCT transactions are supported on network specified by the network ID value. Domestic means that the issuer and acquirer are in the same country. Possible values:
|
■
|
Y: Supported
|
|
■
|
N: Not supported
|
|
■
|
B: Issuer supports Fast Funds for all transactions.
|
|
■
|
D: Issuer supports Fast Funds only for domestic transactions.
|
|
■
|
N: Issuer does not support Fast Funds.
|
|
■
|
Y: Original credit transactions (OCTs) for gambling transactions are blocked.
|
|
■
|
N: Original credit transactions (OCTs) for gambling transactions are not blocked.
|
|
■
|
A: Accepts Visa Direct transactions.
|
|
■
|
B: Accepts Visa Direct transactions.
|
|
■
|
C: Accepts Visa Direct transactions.
|
|
■
|
N: Does not accept Visa Direct transactions.
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
05: Successful authentication.
|
|
■
|
06: Authentication attempted.
|
|
■
|
07: Failed authentication.
|
|
■
|
01: Merchant is liable.
|
|
■
|
02: Card issuer is liable.
|
|
■
|
internet: Card not enrolled or card type not supported by payer authentication. No liability shift.
|
|
■
|
js_attempted: JCB card not enrolled, but attempt to authenticate is recorded. Liability shift.
|
|
■
|
js_failure: J/Secure directory service is not available. No liability shift.
|
|
■
|
spa: Mastercard card not enrolled in the Identity Check program. No liability shift.
|
|
■
|
vbv_attempted: Visa card not enrolled, but attempt to authenticate is recorded. Liability shift.
|
|
■
|
vbv_failure: For payment processor Barclays, Streamline, AIBMS, or FDC Germany, you receive this result if Visa’s directory service is not available. No liability shift.
|
|
■
|
Y: Card enrolled or can be enrolled; you must authenticate. Liability shift.
|
|
■
|
N: Card not enrolled; proceed with authorization. Liability shift.
|
|
■
|
U: Unable to authenticate regardless of the reason. No liability shift.
|
|
■
|
B: Indicates that authentication was bypassed.
|
For rules-based payer authentication information see the Payer Authentication Using the SCMP API (PDF | HTML) or Payer Authentication Using the Simple Order API (PDF | HTML).
|
■
|
Y: Card enrolled or can be enrolled; you must authenticate. Liability shift.
|
|
■
|
N: Card not enrolled; proceed with authorization. Liability shift.
|
|
■
|
U: Unable to authenticate regardless of the reason. No liability shift.
|
|
■
|
B: Indicates that authentication was bypassed.
|
For rules-based payer authentication information see the Payer Authentication Using the SCMP API (PDF | HTML) or Payer Authentication Using the Simple Order API (PDF | HTML).
|
■
|
A: Proof of authentication attempt was generated.
|
|
■
|
N: Customer failed or canceled authentication. Transaction denied.
|
|
■
|
U: Authentication not completed regardless of the reason.
|
|
■
|
Y: Customer was successfully authenticated.
|
|
■
|
0: Authentication data not collected and customer authentication was not completed.
|
|
■
|
1: Authentication data not collected because customer authentication was not completed.
|
|
■
|
2: Authentication data collected. customer completed authentication.
|
Indicator that distinguishes Internet transactions from other types. The authentication failed if this field is not returned. For Visa, if your payment processor is Streamline, Barclays, AIBMS, or FDC Germany, you receive the value vbv_failure instead of internet when payer_authentication_eci is not present.
|
■
|
aesk: American Express SafeKey authentication verified successfully.
|
|
■
|
aesk_attempted: Card not enrolled in American Express SafeKey, but the attempt to authenticate was recorded.
|
|
■
|
internet: Authentication was not verified successfully.
|
|
■
|
js: J/Secure authentication verified successfully.
|
|
■
|
js_attempted: JCB card not enrolled in J/Secure, but the attempt to authenticate was recorded.
|
|
■
|
spa: Mastercard Identity Check authentication verified successfully.
|
|
■
|
spa_failure: Mastercard Identity Check failed authentication.
|
|
■
|
vbv: Visa Secure authentication verified successfully.
|
|
■
|
vbv_attempted: Card not enrolled in Visa Secure, but the attempt to authenticate was recorded.
|
|
■
|
vbv_failure: Visa Secure authentication unavailable.
|
|
■
|
-1: Invalid PARes.
|
|
■
|
0: Successful validation.
|
|
■
|
1: Cardholder is not participating, but the attempt to authenticate was recorded.
|
|
■
|
6: Issuer unable to perform authentication.
|
|
■
|
9: Cardholder did not complete authentication.
|
|
■
|
|
■
|
Value of the request ID returned from a PayPal get details service request.
Value of the request ID returned from a PayPal order setup service request.
|
■
|
|
■
|
address: Your customer did not include a confirmed shipping address, and your Payment Receiving preferences are set to manually accept or deny such payments. To change your preferences, go to the Preferences section of your PayPal profile.
|
|
■
|
authorization: The payment has been authorized but not settled. You need to capture the authorized amount.
|
|
■
|
echeck: Payment was made by an eCheck that has not yet cleared.
|
|
■
|
intl: You have a non-U.S. account and do not have a withdrawal mechanism. You must manually accept or deny this payment in your PayPal Account Overview.
|
|
■
|
multi-currency: You do not have a balance in the currency sent, and your Payment Receiving preferences are not set to automatically convert and accept this payment. You must manually accept or deny this payment in your PayPal Account Overview.
|
|
■
|
none: No pending reason.
|
|
■
|
order: The payment is part of an order that has been authorized but not settled.
|
|
■
|
paymentreview: The payment is being reviewed by PayPal for possible fraud.
|
|
■
|
unilateral: The payment was made to an email address that is not registered or confirmed.
|
|
■
|
verify: Your account is not yet verified. You must verify your account before you can accept this payment.
|
|
■
|
Canceled-Reversal: PayPal canceled the reversal, which happens when you win a dispute, and the funds for the reversal are returned to you.
|
|
■
|
Completed: PayPal completed the payment and added the funds to your account.
|
|
■
|
Denied: You denied a payment, which happens only if the payment was pending for the reason indicated in the reason_code field.
|
|
■
|
Expired: The authorization expired.
|
|
■
|
Failed: The payment failed. This event can happen only when the payment is made from your customer’s bank account.
|
|
■
|
In-Progress: The transaction is not complete yet.
|
|
■
|
None: No status.
|
|
■
|
Partially-Refunded: The payment was partially refunded.
|
|
■
|
Pending: The payment is pending for the reason indicated in the paypal_pending_reason field.
|
|
■
|
Processed: PayPal accepted the payment.
|
|
■
|
Refunded: You refunded the payment.
|
|
■
|
Reversed: PayPal reversed the payment for the reason specified in the reason_code field. The funds were transferred from your account to the customer’s account.
|
|
■
|
Voided: The authorization was voided.
|
|
■
|
Eligible: You are protected by the PayPal Seller Protection Policy for unauthorized payment and item not received.
|
|
■
|
PartiallyEligible: You are protected by the PayPal Seller Protection Policy for item not received.
|
|
■
|
Ineligible: You are not protected under the PayPal Seller Protection Policy.
|
|
■
|
Eligible: You are protected by the PayPal Seller Protection Policy for unauthorized payment and item not received.
|
|
■
|
ItemNotReceivedEligible: You are protected by the PayPal Seller Protection Policy for item not received.
|
|
■
|
UnauthorizedPaymentEligible: You are protected by the PayPal Seller Protection Policy for unauthorized payment.
|
|
■
|
Ineligible: You are not protected under the PayPal Seller Protection Policy.
|
Note To enable the paypal_protection_eligibility_type field, contact CyberSource Customer Support to have your account configured for this feature.
Possible value: expresscheckout
|
■
|
0: Preauthorization
|
|
■
|
1: Final authorization
|
|
■
|
AUTOCAPTURE: Automatic capture.
|
|
■
|
STANDARDCAPTURE: Standard capture.
|
|
■
|
verbal: Forced capture.
|
Set this field to AUTOCAPTURE and include it in a bundled request to indicate that you are requesting an automatic capture. If your account is configured to enable automatic captures, set this field to STANDARDCAPTURE and include it in a standard authorization or bundled request to indicate that you are overriding an automatic capture.
Set this field to verbal and include it in the authorization request to indicate that you are performing a forced capture; therefore, you receive the authorization code outside the CyberSource system.
Set this field to verbal and include it in the capture request to indicate that the request is for a verbal authorization.
|
■
|
Y: Bill payment or loan payment.
|
|
■
|
N (default): Not a bill payment or loan payment.
|
Example 12345-6789
Example A1B 2C3
Cielo and Comercio Latino
Possible values:
Possible values:
|
■
|
CR: Credit card
|
|
■
|
DB: Debit card
|
CyberSource through VisaNet
Possible values:
Possible values:
|
■
|
CH: Checking account
|
|
■
|
CR: Credit card account
|
|
■
|
SA: Savings account
|
In your request, send either the complete route field or the individual legs (journey_leg#_orig and journey_leg#_dest). If you send all the fields, the value of complete_route takes precedence over that of the journey_leg# fields.
|
■
|
true: Customer’s browser accepts cookies.
|
|
■
|
false: Customer’s browser does not accept cookies.
|
|
■
|
true: Customer requested gift wrapping.
|
|
■
|
false: Customer did not request gift wrapping.
|
|
■
|
true: Loan payment.
|
|
■
|
false (default): Not a loan payment.
|
Value: install
|
■
|
C: Checking
|
|
■
|
S: Savings (USD only)
|
|
■
|
X: Corporate checking (USD only)
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
|
■
|
ADT: Adult
|
|
■
|
CNN: Child
|
|
■
|
INF: Infant
|
|
■
|
YTH: Youth
|
|
■
|
STU: Student
|
|
■
|
SCR: Senior Citizen
|
|
■
|
MIL: Military
|
Tax amount to apply to the line item. # can range from 0 to 199. This value cannot be negative. The tax amount and the offer amount must be in the same currency.
Airport code for the destination leg of the trip designated by the pound (#) symbol in the field name. A maximum of 30 legs can be included in the request. This code is usually three digits long; for example: SFO = San Francisco. Do not use the colon (:) or the dash (-). For a complete list of airport codes, see IATA’s City Code Directory.
In your request, send either complete_route field or the individual legs (journey_leg#_orig and journey_leg#_dest). If you send all the fields, the complete route takes precedence over the individual legs.
Airport code for the origin leg of the trip designated by the pound (#) symbol in the field name. A maximum of 30 legs can be included in the request. This code is usually three digits long; for example: SFO = San Francisco. Do not use the colon (:) or the dash (-). For a complete list of airport codes, see IATA’s City Code Directory.
In your request, send either the complete_route field or the individual legs (journey_leg#_orig and journey_leg#_dest). If you send all the fields, the complete route takes precedence over the individual legs.
Merchant-defined data fields 1 to 4 are associated with the payment token and are used for subsequent token-based transactions. Merchant-defined data fields 5 to 100 are passed through to Decision Manager as part of the initial payment request and are not associated with the payment token.
|
■
|
|
■
|
|
■
|
|
■
|
true (default): Automatically renew.
|
|
■
|
false: Do not automatically renew.
|
|
■
|
|
■
|
|
■
|
sameday: Courier or same-day service
|
|
■
|
oneday: Next day or overnight service
|
|
■
|
twoday: Two-day service
|
|
■
|
threeday: Three-day service
|
|
■
|
lowcost: Lowest-cost service
|
|
■
|
pickup: Store pick-up
|
|
■
|
other: Other shipping method
|
|
■
|
none: No shipping method because
|
Indicates whether to skip Decision Manager. See Using Decision Manager. This field can contain one of the following values:
|
■
|
|
■
|
The reason_code field contains additional data regarding the decision response of the transaction. Depending on the decision of a transaction request, the CyberSource default receipt page or your receipt page is displayed to the customer. Both you and your customer can also receive an email receipt. See Receiving Merchant Notifications.
|
Table 8
|
Possible action: see the reply field invalid_fields to ascertain which fields are invalid. Resend the request with the correct information.
The access_key and transaction_uuid fields for this authorization request match the access_key and transaction_uuid fields of another authorization request that you sent within the past 15 minutes.
|
Table 9
|
- 1 If the retry limit is set to 0, the customer receives the decline message, Your order was declined. Please verify your information. before the merchant receives it. The decline message relates to either the processor declining the transaction or a payment processing error, or the customer entered their 3D Secure credentials incorrectly.