1. About TWINT (via PPRO)

1.1 General information about TWINT

TWINT is the leading and one of the most popular payment app in Switzerland. Ninety-seven percent of the Swiss population are aware of TWINT and half of the Swiss population uses it on a regular basis. Ninety percent of all bank account holders in Switzerland are able to connect their accounts directly to the TWINT app.

Please note: In order for a merchant to receive a TWINT account, he must be able to show that his company is based in Switzerland.

Logo:

InfoType
Pay easily and absolutely secure with the TWINT E-Wallet solution using the leading payment app in Switzerland.

All you need to do is to scan a QR code and verify your identify using your smartphone.
Payments by Wallet

Further information you will find also on the TWINT webpage (https://www.twint.ch/).

1.2 How it works

When a user decides to pay with TWINT and taps corresponding payment button, either QR is presented for user to scan (Web payment) or TWINT app opens automatically to confirm payment (in-app payment or browsing on smartphone).

Please follow next link for overview how to pay online with TWINT:

https://www.twint.ch/en/private-customers/functions/onlineshop/?lang=en

1.3 Before you start

Once you have decided to support TWINT, there’s a set of steps have to be completed:

Register your company within TWINT here: https://portal.twint.ch.

1.Register your company within TWINT here: https://portal.twint.ch. (Info) If you’d like to have a test merchant and perform TWINT transaction in test mode, you can also register you company and create a shop on TWINT’s integration environment https://portal-int.twint.ch the same way as described below.

2. Create your Online shop from the home page of TWINT portal:

3. On the second step of the shop registration in the “Integration” section choose PSP (payment service provider) option and select Computop from the list of providers: 

4. After store has been created, provide store’s UUID to the First Cash Solution and ask to activate payment method TWINT:

1.4 Process flow chart

1.5 Use Cases

Supported use casesSupported interfaces
Use caseDescriptionSimple processS-2-SForm-basedBatchAnalytics
PayByLink
HPPCTSF
Authorization + CaptureMerchant wants to authorize payment and capture on deliveryMerchant has to complete capture within 7 days after authorization(Haken)(Haken)
SaleMerchant wants to collect money from customerMerchant’s shop initiates payment requestCustomer gets redirected to get QR code displayedCustomer scans QR-Code and confirms paymentMerchant’s shop gets a notification about successful payment(Haken)(Haken)
full or partial CreditMerchant wants to credit some money back to customer after a payment has been successfully completedMerchant initiates credit requestComputop collects details from referred payment and initiates creditMerchant’s shop gets a notification about successful credit(Haken)(Haken)
full or partial ReversalMerchant wants to cancel a payment which has not been completedonly supported for payment processes that have not been completedfor completed payment processes use Credit instead(Haken)
CTSFCTSF for reconcilliationdownload settlement file from service providercreate CTSF for merchantcoming soon

2 1cs Online Paymentsystem-interface

2.1 Definitions

Data forms:

FormatDescription
aalphabetical
asalphabetical with special characters
nnumeric
analphanumeric
ansalphanumeric with special characters
nsnumeric with special characters
boolboolean expression (true or false)
3fixed length with 3 digits/characters
..3variable length with maximum 3 digits/characters
enumenumeration of allowed values
dttmISODateTime (YYYY-MM-DDThh:mm:ss)

Abbrevations:

AbbreviationsDescriptionComment
CNDcondition
MmandatoryIf a parameter is mandatory, then it must be present
OoptionalIf a parameter is optional, then it can be present, but it is not required
CconditionalIf a parameter is conditional, then there is a conditional rule which specifies whether it is mandatory or optional

Notice: Please note that the names of parameters can be returned in upper or lower case.

2.2 Payment with TWINT over 1cs Online Paymentsystem

To make a TWINT payment over 1cs OPS form, please use the following URL:

https://www.computop-paygate.com/twint.aspx

Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

KeyFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
TransIDans..64MTransactionID provided by you which should be unique for each payment
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the 1cs Support if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Only CHF allowed. Please find an overview here: Currency table
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
OrderDescans..768MDescription of delivered products, services etc.
URLSuccessans..256MComplete URL which calls up 1cs OPS if payment has been successful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between 1cs OPS and shop, please use the parameter UserData.
Common notes:
We recommend to use parameter “response=encrypt” to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
URLFailureans..256MComplete URL which calls up 1cs OPS if payment has been successful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between 1cs OPS and shop, please use the parameter UserData.
Common notes:
We recommend to use parameter “response=encrypt” to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
Responsea7OStatus response sent by 2cs OPS to URLSuccess and URLFailure, should be encrypted. For this purpose, transmit Response=encrypt parameter.
URLNotifyans..256MComplete URL which calls up 1cs OPS if payment has been successful. The URL may be called up only via port 443. This URL may not contain parameters: In order to exchange values between 1cs OPS and shop, please use the parameter UserData.
Common notes:
We recommend to use parameter “response=encrypt” to get an encrypted response by Paygate
However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful.
UserDataans..1024OIf specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs OPS will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
Capturean..6OMDetermines the type and time of capture.
AUTOCapturing immediately after authorisation (default value).
MANUAL
Capturing made by the merchant. Capture is normally initiated at time of delivery.
<Number>
Delay in hours until the capture (whole number; 1 to 696).
Plainans..50OA single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID. 
“Plain”-parameter is part of encrypted “Data” in 1cs OPS and therefore protected against manipulation. 
Customans..1024O“Custom”-parameter is added to the request data before encryption and is part of encrypted “Data” in 1cs OPS request. By this they are protected against manipulation by a consumer. 
The Custom-value is added to the 1cs OPS response in plain text and the “|” is replaced by a “&”. By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose. 
Please find a samples here: Custom
Parameters for TWINT

The following table gives the result parameters which 1cs OPS transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive(info)

KeyFormatCNDDescription
midans..30MMerchantID, assigned by Computop
PayIDan32MID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDns..40MID for all single transactions (authorisation, capture, credit note) for one payment assigned by 1cs OPS
TransIDans…64MTransactionID provided by you which should be unique for each payment
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Statusa..50MOK or AUTHORIZE_REQUEST (URLSuccess) as well as FAILED (URLFailure)
If the First Cash Solution has activated Sale-transactions, “PAYMENT_IMMEDIATE” is triggered and the Status ist mostly OK or FAILED and only in some special cases AUTHORIZE_REQUEST. Paygate checks all AUTHORIZE_REQUEST payments from Twint, requests the status again and if the status does not change, a Cancel is executed. This typically is completed within 30 minutes after initial transaction.

If the First Cash Solution has not activated Sale-transactions, “PAYMENT_DEFERRED” is triggered and the Status ist always AUTHORIZE_REQUEST, because Twint waits für the merchant Confirmation (capture.aspx). Payments shall be captured within 7 days. Only then does the higher-level payment status changes to OK or FAILED.
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to Paygate Response Codes (Error codes)
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
UserDataans..1024O
If specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
TransactionIDan..20OUnique transaction number with TWINT (OrderUuid)
Plainans..50OA single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID. 
“Plain”-parameter is part of encrypted “Data” in 1cs OPS and therefore protected against manipulation. 
Customans.. 1024O“Custom”-parameter is added to the request data before encryption and is part of encrypted “Data” in 1cs OPS request. By this they are protected against manipulation by a consumer. 
The Custom-value is added to the 1cs OPS response in plain text and the “|” is replaced by a “&”. By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose. 
Please find a samples here: Custom
Return parameters for URLSuccess, URLFailure and URLNotify with TWINT

2.3 Capture

If your Computop MID isn’t configured for Sale operation, every initial TWINT payment (call to twint.aspx) should be confirmed using capture.aspx endpoint or canceled via reverse.aspx.

Captures (or confirmations in terms of TWINT) are possible via a Server-to-Server connection. To carry out a Capture via a Server-to-Server connection, please use the following URL:

https://www.computop-paygate.com/capture.aspx

Notice: For security reasons, 1cs OPS rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

KeyFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
PayIDan32MID assigned by 1cs OPS for the payment to be captured
TransIDans..64MTransactionID provided by you which should be unique for each payment
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the 1cs Support if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Only CHF allowed. Please find an overview here: Currency table
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs OPS will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
CompleteTypeans..3O
Specifies whether only a partial amount is being confirmed and authorization should be kept open. If <YES> is transferred, the possible open order is closed on capture.
Parameters for captures with TWINT via socket connection

The following table gives the result parameters which 1cs OPS transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

KeyFormatCNDDescription
midans..30MMerchantID, assigned by Computop
PayIDan32MID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDns..40MID for all single transactions (authorisation, capture, credit note) for one payment assigned by 1cs OPS
TransIDans…64MTransactionID provided by you which should be unique for each payment
Statusa..50MOOK (URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to Paygate Response Codes (Error codes)
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Response parameters for captures with TWINT via socket connection

 

2.4 Reversal

Reversals are possible via a Server-to-Server connection. In order to cancel a payment via a server-to-server communication, please use the following URL:

https://www.computop-paygate.com/reverse.aspx

Notice: For security reasons, 1cs OPS rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

KeyFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
PayIDan32MID assigned by 1cs OPS for the payment to be captured
TransIDans..64MTransactionID provided by you which should be unique for each payment
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the 1cs Support if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Only CHF allowed. Please find an overview here: Currency table
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
UserDataans..1024O
If specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs OPS will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
Parameters for reversals with TWINT via socket connection

The following table describes the result parameters which 1cs OPS transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

KeyFormatCNDDescription
midans..30MMerchantID, assigned by Computop
PayIDan32MID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDns..40MID for all single transactions (authorisation, capture, credit note) for one payment assigned by 1cs OPS
TransIDans…64MTransactionID provided by you which should be unique for each payment
Statusa..50MOOK (URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to Paygate Response Codes (Error codes)
Response parameters for reversals with TWINT via socket connection

2.5 Credit with reference

Credits (refunds) are possible via a Server-to-Server connection. For a Credit with reference to a capture the amount of the Credit is limited to the amount of the previous capture. To carry out a credit with a reference transaction, please use the following URL:

https://www.computop-paygate.com/credit.aspx

Notice: Please note that TWINT limits refunds in the production environment as well as on the test system – production mode: 180 days / test mode: 7 days.

Notice: For security reasons, 1cs OPS rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.

The following table describes the encrypted payment request parameters:

KeyFormatCNDDescription
MerchantIDans..30MMerchantID, assigned by First Cash Solution. Additionally this parameter has to be passed in plain language too.
PayIDan32MID assigned by 1cs OPS for the payment to be captured
TransIDans..64MTransactionID provided by you which should be unique for each payment
MACan64MHash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:
HMAC Authentication (Request)
HMAC Authentication (Notify)
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the 1cs Support if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Only CHF allowed. Please find an overview here: Currency table
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
UserDataans..1024O
If specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
ReqIdans..32OTo avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, 1cs OPS will not carry out the payment or new action, but will just return the status of the original transaction or action.
Please note that the 1cs OPS must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on 1cs OPS does not take effect. Submissions with identical ReqID for an open status will be processed regularly.
Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the 1cs OPS.
Parameters for credit payments with TWINT via socket connection

The following table describes the result parameters which 1cs OPS transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are sent Blowfish encrypted to your system:

(info) pls. be prepared to receive additional parameters at any time and do not check the order of parameters

(info) the key (e.g. MerchantId, RefNr) should not be checked case-sentive

KeyFormatCNDDescription
midans..30MMerchantID, assigned by Computop
PayIDan32MID assigned by 1cs OPS for the payment, e.g. for referencing in batch files as well as for capture or credit request.
XIDns..40MID for all single transactions (authorisation, capture, credit note) for one payment assigned by 1cs OPS
TransIDans…64MTransactionID provided by you which should be unique for each payment
Statusa..50MOOK (URLSuccess) or FAILED (URLFailure)
Descriptionans..1024MFurther details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis!
Coden8MError code according to Paygate Response Codes (Error codes)
UserDataans..1024OIf specified at request, 1cs OPS forwards the parameter with the payment result to the shop.
RefNrans..40OMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Response parameters for credit payments with TWINT via socket connection

3. Batch processing via the interface

Basic information about using Batch files and about their structure can be found in the Batch Manager manual. Within batch processing not alle functions are available which are usually available for the online interface.

This section describes the parameters which must be transferred within the data set (Record) for executing a Twint payment and information can be found within the response file about the payment status.

For Batch calls there must be considered batch versions, from which optional parameters depend. All version designations starting with „2.“ pertain calls for a group of enterprises. That means within a batch file for a particular MerchantID can be transferred transactions for other merchants with a separate Sub-MID

Following table gives an overview of all batch versions that are possible for a specific action an their specialities:

ActionVersionDescription
Credit1.0 / 2.0Standard version without return of parameter Code
1.x / 2.xwith RefNr (valid for all versions other than 1.0)

Description of the possible batch versions

The structure for a Twint payment within a Batch file to be submitted is as follows:

HEAD,<MerchantID>,<Date>,<Version>

Twint,Capture,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>

Twint,Credit,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>

Twint,Reverse,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>

FOOT,<CountRecords>,<SumAmount>

Example for Master MID function:

HEAD,[Master]MerchantID,Date,2.x

Type,Action,[Slave]MID,Amount,Currency,TransID,Data (depends on Action)

FOOT,CountRecords,SumAmount

The following table describes the individual fields and values used within the data set (record) in the batch file:

KeyFormatCNDDescription
Typea..11MHEAD for Header, FOOT for Footer, Twint for Twint
Actiona..20M
The parameter Action defines the type of transaction:
Capture
Credit
Reverse
Amountn..10MAmount in the smallest currency unit (e.g. EUR Cent). Please contact the First Cash Solution, if you want to capture amounts <100 (smallest currency unit).
Currencya3MCurrency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: Currency table
TransIDans..64MTransactionID provided by you which should be unique for each payment
RefNrans..40OID assigned by 1cs OPS for this transaction
PayIDan32MMerchant’s unique reference number. Only characters a-zA-Z0-9,-_ are allowed.
Description of fields within the record for Batch files

The record area within the response file for Batch transactions looks as follows:

HEAD,<MerchantID>,<Date>,<Version>

Twint,Capture,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>,<Status>,<Code>

Twint,Credit,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>,<Status>,<Code>

Twint,Reverse,<Amount>,<Currency>,<TransID>,(<RefNr>,)<PayID>,<Status>,<Code>

FOOT,<CountRecords>,<SumAmount>

The following table describes the response parameters which the Batch Manager saves in the Record area for each transaction (standard parameters not explained here, such as <TransID> or <RefNR> and request parameters are returned unchanged and correspond to the call as specified before):

KeyFormatCNDDescription
Actiona..20MThe parameter Action defines the type of transaction:
Capture
Credit
Reverse
PayIDan32MID assigned by 1cs OPS for this transaction
Statusa..50MOK (URLSuccess) or FAILED (URLFailure)
Coden8MError code according to Paygate Response Codes (Error codes)
Description of result parameters within the record for Batch files