“Die First Cash Solution ist stets zuverlässig und bietet einen
super Service durch ständige Bereitschaft uns zu helfen
sowie schnelle und kompetente Antworten auf all unsere Fragen.”
Thomas Quindt,
Projektleiter SOCCERBEAT GmbH
EPS
1 About eps
1.1 General information about eps
In Austria, the 1cs Online Payment System supports online money transfer with the Austrian Electronic Payment Standard (EPS). EPS is an established system for e-commerce payments in Austria offering a payment guarantee to the merchant. The customer can use the familiar and trusted online banking of its own credit institution, just the same as with online banking.
Logo
| Info | Type |
| In Austria, the online bank transfer with eps is very widespread in E-commerce and thus an interesting addition to the payment mix. Additionally, the merchant gets a payment guarantee. | Payments by Online Bank Transfer |
Further information can be found on the webpage of eps / STUZZA (www.stuzza.at).
1.2 Process flow chart
eps process flow
2 1cs Online Payment System interface
2.1 Definitions
2.1.1 Data formats
| Format | Description |
| a | alphabetical |
| as | alphabetical with special characters |
| n | numeric |
| an | alphanumeric |
| ans | alphanumeric with special characters |
| ns | numeric with special characters |
| bool | boolean expression (true or false) |
| 3 | fixed length with 3 digits/characters |
| ..3 | variable length with maximum 3 digits/characters |
| enum | enumeration of allowed values |
| dttm | ISODateTime (YYYY-MM-DDThh:mm:ss) |
2.1.2 Abbreviations
| Abbreviation | Description | Comment |
| CND | condition | |
| M | mandatory | If a parameter is mandatory, then it must be present |
| O | optional | If a parameter is optional, then it can be present, but it is not required |
| C | conditional | If a parameter is conditional, then there is a conditional rule which specifies whether it is mandatory or optional |
Notice: Please note that the names of parameters can be returned in upper or lower case.
2.2 Calling the eps interface
The eps connection with a 1cs Online Payment System form can be either direct or via PPRO, where the interface form and process are largely identical. With the PPRO connection there are a few added parameters which are explained separately in the table. Subsequent credits and batch transfer credits can only be made with the PPRO connection.
To make a payment in Austria with eps online transfer via a 1cs Online Payment System form, please use the following URL:
https://www.computop-paygate.com/eps.aspx
Notice: For security reasons, the 1cs Online Payment System rejects all payment requests with formatting errors. Therefore please use the correct data type for each parameter.
Notice: An eps connection via iFrame is not possible due to eps regulations and will be prevented technically.
The following table describes the encrypted payment request parameters:
| Parameter | Format | CND | Description |
| MerchantID | ans..30 | M | MerchantID, assigned by First Cash Solution. Additionally, this parameter must be passed in plain language too. |
| TransID | ans..64 | M | TransactionID which should be unique for each payment |
| RefNr | ns..30 | M | Unique reference number Only ASCII characters are allowed. Special characters such as (“umlauts”, …) are not permitted and may have to be replaced by ASCII characters (e.g. ü → ue, é → e, …). |
| Amount | n..10 | M | Amount in the smallest currency unit (e.g. EUR Cent) Please contact the helpdesk, if you want to capture amounts < 100 (smallest currency unit). |
| Currency | a3 | M | Currency, three digits DIN / ISO 4217 Only EUR is permissible. Here is an overview: Currency table |
| OptionDate | ans10 | C | Desired payment execution date in the format YYYY-MM-DD |
| OrderDesc | ans..768 | M | Intended use on statement of account (max 35 digits) |
| OrderDesc2 | ans..384 | C | Number and description of purchased products, individual prices, comma-separated list, no special characters allowed |
| AccOwner | ans..50 | O | Name of account holder |
| IBAN | ans..34 | O | Iternational Bank Account Number for SEPA |
| BIC | ans..11 | O | Bank Identifier Code for SEPA |
| MAC | an64 | M | Hash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here: HMAC Authentication (Request) HMAC Authentication (Notify) |
| UserData | ans..1024 | O | If specified at request, the 1cs Online Payment System forwards the parameter with the payment result to the shop |
| URLSuccess | ans..256 | M | Complete URL which calls up the 1cs Online Payment System if payment has been successful. The URL may be called up only via port 443 This URL may not contain parameters: In order to exchange values between the 1cs Online Payment System and shop, please use the parameter UserData. General notes: We recommend using the parameter “response=encrypt” to receive an encrypted response from 1cs Online Payment system However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful. |
| URLFailure | ans..256 | M | Complete URL which calls up the 1cs Online Payment System if payment has been unsuccessful. The URL may be called up only via port 443 This URL may not contain parameters: In order to exchange values between the 1cs Online Payment System and shop, please use the parameter UserData. General notes: We recommend using the parameter “response=encrypt” to receive an encrypted response from 1cs Online Payment system However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful. |
| Response | a7 | O | Status response sent by the 1cs Online Payment System to URLSuccess and URLFailure, should be encrypted. For this purpose, transmit Response=encrypt parameter. |
| URLNotify | ans..256 | O | Complete URL which the 1cs Online Payment System calls up in order to notify the shop about the payment result. The URL may be called up only via port 443 It may not contain parameters: Use the UserData parameter instead. General notes: We recommend using the parameter “response=encrypt” to receive an encrypted response from 1cs Online Payment system However, fraudster may just copy the encrypted DATA-element which are sent to URLFailure and send the DATA to URLSuccess. Therefore ensure to check the “code”-value which indicates success/failure of the action. Only a result of “code=00000000” should be considered successful. |
| ReqID | ans..32 | O | To avoid double payments, enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction is submitted again with the same ReqID, the 1cs Online Payment System will not carry out the payment, but will just return the status of the original transaction. Please note that the 1cs Online Payment system must have a completed transaction status for the first initial action. Submissions with identical ReqID on an open status will be processed regularly. Please note that a ReqID is only valid for 12 months, after which it will be deleted from the 1cs Online Payment system. |
| Plain | ans..50 | O | A single value to be set by the merchant to return some information unencrypted in response/notify, e.g. the MID. “Plain”-parameter is part of encrypted “Data” in 1cs Online Payment System and therefore protected against manipulation. |
| Custom | ans..1024 | O | “Custom”-parameter is added to the request data before encryption and is part of encrypted “Data” in 1cs Online Payment System request. By this they are protected against manipulation by a consumer. The Custom-value is added to the 1cs Online Payment System response in plain text and the “|” is replaced by a “&”. By this you can put a single value into Custom-parameter and get multiple key-value-pairs back in response for your own purpose. |
Parameters for online transfers with eps
The following table gives the result parameters which the 1cs Online Payment System transmits to URLSuccess or URLFailure and URLNotify. If you have specified the Response=encrypt parameter, the following parameters are forwarded Blowfish encrypted to your system:
- pls. be prepared to receive additional parameters at any time and do not check the order of parameters
- the key (e.g. MerchantId, RefNr) should not be checked case-sentive
| Parameter | Format | CND | Description |
| MID | ans..30 | M | MerchantID, assigned by 1cs Online Payment system |
| PayID | an32 | M | ID assigned by the 1cs Online Payment System for the payment, e.g. for referencing in batch files. |
| XID | an32 | M | ID for all single transactions (authorisation, capture, credit note) for one payment assigned by 1cs online payment system |
| TransID | ans..64 | M | TransactionID provided by you which should be unique for each payment |
| Status | a..50 | M | OK, AUTHORIZED (URLSuccess) or FAILED (URLFailure). |
| Description | ans..1024 | M | Further details in the event that payment is rejected. Please do not use the Description but the Code parameter for the transaction status analysis! |
| Code | n8 | M | Error code according to the 1cs Online Payment System Response Codes Excel file |
| RefNr | ns..30 | O | Unique reference number Only ASCII characters are allowed. Special characters such as (“umlauts”, …) are not permitted and may have to be replaced by ASCII characters (e.g. ü → ue, é → e, …). |
| UserData | ans..1024 | O | If specified at request, the 1cs Online Payment System forwards the parameter with the payment result to the shop |
| MAC | an64 | M | Hash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here: HMAC Authentication (Request) HMAC Authentication (Notify) |
| AccOwner | ans..50 | M | Name of account holder |
| IBAN | ans..34 | O | International Bank Account Number for SEPA |
| BIC | ans..11 | O | Bank Identifier Code for SEPA |
| Plain | ans..50 | O | A single value that can be set by you to return information unencrypted in the response or notify, e.g. the MID. As the “Plain” parameter is part of the encrypted “Data” in 1cs Online Payment system, it is protected from manipulation. |
| Custom | ans..1024 | O | The “Custom” parameter is appended to the call before encryption and is part of the encrypted “Data” in the 1cs online payment system call. This protects the value against manipulation. The custom value is then appended in plain text to the 1cs online payment system response and “|” is replaced by “&”. This allows you to pass a custom value and get back several key-value pairs for your own use in the response. Custom=session=123|id=456 will change in the answer to Session=123&id=456 |
Result parameters for URLNotify, URLSuccess and URLFailure in case of eps.
2.3 Credit with reference
Credits (refunds) are possible via a Server-to-Server connection. Eps credits are only allowed with the PPRO connection. Paygate permits only credits for eps that reference on a capture previously made via Paygate. The amount of the Credit is limited to the amount of the previous capture.
To carry out a credit with a reference transaction, please use the following URL:
| https://www.computop-paygate.com/credit.aspx |
Notice: For security reasons, Computop Paygate rejects all payment requests with formatting errors. Therefore, please use the correct data type for each parameter.
The following table describes the encrypted payment request parameters:
| Key | REST | Format | CND | Description |
|---|---|---|---|---|
| MerchantID | BasicAuth.Username | ans..30 | M | MerchantID, assigned by Computop. Additionally this parameter has to be passed in plain language too. |
| PayID | “paymentId”: “…” | an32 | M | ID assigned by Paygate for the payment to be credited |
| TransID | “transactionId”: “…” | ans..64 | M | TransactionID provided by you which should be unique for each payment |
| MAC | — | an64 | M | Hash Message Authentication Code (HMAC) with SHA-256 algorithm. Details can be found here:HMAC Authentication (Request)HMAC Authentication (Notify) |
| Amount | “amount”: { “value”: …} | n..10 | M | Amount in the smallest currency unit (e.g. EUR Cent). Please contact the service@1cs.de, if you want to capture amounts <100 (smallest currency unit). |
| Currency | “amount”: { “currency”: “…”} | a3 | M | Currency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: A1 Currency table |
| ReqId | “requestId”: “…” | ans..32 | O | To avoid double payments or actions (e.g. by ETM), enter an alphanumeric value which identifies your transaction and may be assigned only once. If the transaction or action is submitted again with the same ReqID, Computop Paygate will not carry out the payment or new action, but will just return the status of the original transaction or action. Please note that the Computop Paygate must have a finalized transaction status for the first initial action (authentication/authorisation). This does not apply to 3-D Secure authentications that are terminated by a timeout. The 3-D Secure Timeout status does not count as a completed status in which the ReqID functionality on Paygate does not take effect. Submissions with identical ReqID for an open status will be processed regularly. Notice: Please note that a ReqID is only valid for 12 month, then it gets deleted at the Paygate. |
Parameters for credits of eps payments
The following table describes the result parameters with which the Computop Paygate responds to your system
pls. be prepared to receive additional parameters at any time and do not check the order of parameters
the key (e.g. MerchantId, RefNr) should not be checked case-sentive
| Key | REST | Format | CND | Description |
|---|---|---|---|---|
| mid | “merchantId”: “…” | ans..30 | M | MerchantID, assigned by Computop |
| PayID | “paymentId”: “…” | an32 | M | ID assigned by Paygate for the payment, e.g. for referencing in batch files as well as for capture or credit request. |
| XID | “xId”: “…” | an32 | M | ID for all single transactions (authorisation, capture, credit note) for one payment assigned by Paygate |
| TransID | “transactionId”: “…” | ans..64 | M | TransactionID provided by you which should be unique for each payment |
| Status | “status”: “OK”“status”: “AUTHORIZED”“status”: “FAILED” | a..50 | M | OK or AUTHORIZED (URLSuccess) as well as FAILED (URLFailure) |
| Description | “description”: “…” | ans..1024 | M | Further details in the event that payment is rejected. Please do not use the Descriptionbut the Code parameter for the transaction status analysis! |
| Code | “code”: … | n8 | M | Error code according to Paygate Response Codes (A4 Error codes) |
| ErrorText | “errorText”: “…” | ans..128 | C | Detailed PPRO error message.Notice: Is returned only if Status=FAILED. Use is possible only in agreement with service@1cs.de. |
Result parameters for credits of eps payments
3. Batch processing via the interface
Basic information about using Batch files and about their structure can be found in the Batch Manager manual. Within batch processing not alle functions are available which are usually available for the online interface.
This section describes the parameters which must be transferred with the data set (Record) for executing an eps credit and which information can be found within the response file about the payment status.
Notice: Please note that Batch processing for eps is possible only via PPRO connection.
Following table gives an overview of all batch versions that are possible for a specific action an their specialities:
| Action | Version | Description |
|---|---|---|
| Credit | 1.0 / 2.0 | Standard version without return of parameter Code |
| 1.x / 2.x | with RefNr (valid for all versions other than 1.0) |
Description of the possible batch versions
The structure for an eps credit within a Batch file to be submitted is the following:
HEAD,<MerchantID>,<Date>,<Version>EPS,Credit,<PayID>,<TransID>,(<RefNr>),<Amount>,<Currency>FOOT,<CountRecords>,<SumAmount> |
Example for Master MID function:
HEAD,[Master]MerchantID,Date,2.xType,Action,[Slave]MID,Amount,Currency,TransID,Data (depends on Action)FOOT,CountRecords,SumAmount |
The following table describes the individual fields and values used within the data set (record) in the batch file:
| Key | Format | CND | Description |
|---|---|---|---|
| Type | a..11 | M | HEAD for Header, FOOT for Footer, EPS for direct eps |
| Action | a..20 | M | The parameter Action defines the type of transaction: Credit |
| Amount | n..10 | M | Amount in the smallest currency unit (e.g. EUR Cent). Please contact the service@1cs.de, if you want to capture amounts <100 (smallest currency unit). |
| Currency | a3 | M | Currency, three digits DIN / ISO 4217, e.g. EUR, USD, GBP. Please find an overview here: A1 Currency table |
| TransID | ans..64 | M | TransactionID provided by you which should be unique for each payment |
| RefNr | ns..30 | O | Unique reference number.In case of PPRO: Only characters a-zA-Z0-9,-_ are allowed, format ans..40. |
| PayID | an32 | M | ID assigned by Paygate for this transaction |
Description of fields within the record for Batch files
The record area within the response file for Batch transactions looks the following way:
HEAD,<MerchantID>,<Date>,<Version>EPS,Credit,<PayID>,<TransID>,(<RefNr>),<Amount>,<Currency>,<Status>,<Code>FOOT,<CountRecords>,<SumAmount> |
The following table describes the response parameters which the Batch Manager saves in the Record area for each transaction (standard parameters not explained here, such as <TransID> or <RefNR> and request parameters are returned unchanged and correspond to the call as specified before):
| Key | Format | CND | Description |
|---|---|---|---|
| Action | a..20 | M | The parameter Action defines the type of transaction: Credit |
| PayID | an32 | M | ID assigned by Paygate for this transaction |
| Status | a..50 | M | OK (URLSuccess) or FAILED (URLFailure) |
| Code | n8 | M | Error code according to Paygate Response Codes (A4 Error codes) |
Description of result parameters within the record for Batch files
