Samples in Scripting Languages

Secure Acceptance can support any dynamic scripting language that supports HMAC256 hashing algorithms.

Select to download the sample script for the scripting language that you use:

■ JSP	■ ASP.NET (C#)	■ Ruby
■ PHP	■ Perl	■ VB

Sample Transaction Process Using JSP

1	signedatafields.jsp file—paste your access key and profile ID into their respective fields. The customer enters billing, shipping, and other information. POST the fields to your server to sign and create the signature. The fields must be included in the signed_field_names field as a CSV list.

2	security.jsp file—security algorithm signs fields and creates a signature using the signed_field_names field. Modify the security script to include the Secret Key that you generated on Creating a Security Key. Enter your security key in the SECRET_KEY field.

The security algorithm in each security script sample is responsible for:

■

Request authentication—the signature is generated on the merchant server by the keyed-hash message authentication code (HMAC) signing the request parameters using the shared secret key. This process is also carried out on the Secure Acceptance server, and the two signatures are compared for authenticity.

■	Response authentication—the signature is generated on the Secure Acceptance server by HMAC signing the response parameters, using the shared secret key. This process is also carried out on the merchant server, and the two signatures are compared for authenticity.

3	unsigneddatafields.jsp file—customer enters their payment information: card type, card number, and card expiry date. Include these fields in the unsigned_field_names field. POST the transaction to the Secure Acceptance endpoint.