5
46
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.5Payflow transaction RESULT values and RESPMSG text (Continued)RESULTRESPMSG and Explanation
120Attempt to reference a failed transaction121Not enabled for feature
122Merchant sale total will exceed the credit cap with current transaction. ACH transactions only.
125Fraud Protection Services Filter — Declined by filters
126
Fraud Protection Services Filter — Flagged for review by filters
Important Note: Result code 126 indicates that a transaction triggered a fraud filter. This is not an error, but a notice that the transaction is in a review status. The
transaction has been authorized but requires you to review and to manually accept the transaction before it will be allowed to settle.
Result code 126 is intended to give you an idea of the kind of transaction that is
considered suspicious to enable you to evaluate whether you can benefit from using the Fraud Protection Services.
To eliminate result 126, turn the filters off.
For more information, see the Fraud Protection Services documentation for your payments solution. It is available on the PayPal Manager Documentation page.127Fraud Protection Services Filter — Not processed by filters
128Fraud Protection Services Filter — Declined by merchant after being flagged for review by filters
132Card has not been submitted for update133Data mismatch in HTTP retry request150Issuing bank timed out151Issuing bank unavailable200Reauth error201Order error
600Cybercash Batch Error601Cybercash Query Error
1000Generic host error. This is a generic message returned by your credit card processor. The RESPMSG will contain more information describing the error. 1001Buyer Authentication Service unavailable
1002Buyer Authentication Service — Transaction timeout1003Buyer Authentication Service — Invalid client version1004
Buyer Authentication Service — Invalid timeout value
Website Payments Pro Payflow Edition Developer’s Guide
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.5RESULT10111012101310141016
Payflow transaction RESULT values and RESPMSG text (Continued)RESPMSG and Explanation
Buyer Authentication Service unavailableBuyer Authentication Service unavailableBuyer Authentication Service unavailable
Buyer Authentication Service — Merchant is not enrolled for Buyer Authentication Service (3-D Secure).
Buyer Authentication Service — 3-D Secure error response received. Instead of receiving a PARes response to a Validate Authentication transaction, an error response was received.
Buyer Authentication Service — 3-D Secure error response is invalid. An error response is received and the response is not well formed for a Validate Authentication transaction.
Buyer Authentication Service — Invalid card type
Buyer Authentication Service — Invalid or missing currency codeBuyer Authentication Service — merchant status for 3D secure is invalidBuyer Authentication Service — Validate Authentication failed: missing or invalid PARES
Buyer Authentication Service — Validate Authentication failed: PARES format is invalid
Buyer Authentication Service — Validate Authentication failed: Cannot find successful Verify Enrollment
Buyer Authentication Service — Validate Authentication failed: Signature validation failed for PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid amount in PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid acquirer in PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid Merchant ID in PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid card number in PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid currency code in PARES
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid XID in PARES
5
1017
1021102210231041104210431044104510461047104810491050
Website Payments Pro Payflow Edition Developer’s Guide
47
5
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.5RESULT10511052
Payflow transaction RESULT values and RESPMSG text (Continued)RESPMSG and Explanation
Buyer Authentication Service — Validate Authentication failed: Mismatched or invalid order date in PARES
Buyer Authentication Service — Validate Authentication failed: This PARES was already validated for a previous Validate Authentication transaction
RESULT Values for Communications Errors
A RESULT value less than zero indicates that a communication error occurred. In this case, no transaction is attempted.
A value of -1 or -2 usually indicates a configuration error caused by an incorrect URL or by configuration issues with your firewall. A value of -1 or -2 can also be possible if the PayPal servers are unavailable, or an incorrect server/socket pair has been specified. A value of -1 can also result when there are internet connectivity errors. Contact customer support regarding any other errors.
For information on firewall configuration, see Chapter, “Downloading, Installing, and Activating.”
NOTE:To eliminate RESULT -31 and -108 errors described below, upgrade to a version 4
SDK or post directly to the Payflow servers via HTTPS. For details on determining the version of your SDK, see “Payflow SDK Version” on page9.
Details of the response message may vary slightly from that shown in the table, depending on your SDK integration.
TABLE5.6RESULT-1-2-5-6-7-8-9-10-11
RESULT values for communications errorsDescription
Failed to connect to hostFailed to resolve hostnameFailed to initialize SSL contextParameter list format error: & in name
Parameter list format error: invalid [ ] name length clauseSSL failed to connect to hostSSL read failedSSL write failed
Proxy authorization failed
48
Website Payments Pro Payflow Edition Developer’s Guide
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.6RESULT values for communications errors(Continued)RESULTDescription
-12Timeout waiting for response-13Select failure-14Too many connections-15Failed to set socket options-20Proxy read failed-21Proxy write failed
-22Failed to initialize SSL certificate-23Host address not specified-24Invalid transaction type-25Failed to create a socket-26Failed to initialize socket layer
-27Parameter list format error: invalid [ ] name length clause-28Parameter list format error: name-29Failed to initialize SSL connection-30Invalid timeout value
-31The certificate chain did not validate, no local certificate found
-32The certificate chain did not validate, common name did not match URL- 40Unexpected Request ID found in request. - 41Required Request ID not found in request-99Out of memory
-100Parameter list cannot be empty-103Context initialization failed-104Unexpected transaction state-105Invalid name value pair request-106Invalid response format
-107This XMLPay version is not supported-108The server certificate chain did not validate-109
Unable to do logging
Website Payments Pro Payflow Edition Developer’s Guide
5
49
5
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.6RESULT-111-113
RESULT values for communications errors(Continued)Description
The following error occurred while initializing from message file:
Unable to round and truncate the currency value simultaneously
50
Website Payments Pro Payflow Edition Developer’s Guide
Website Payments Pro Payflow Edition Developer’s Guide
For Professional Use Only
Currently only available in English.
A usage Professional Uniquement
Disponible en Anglais uniquement pour l’instant.
Last updated: March 2009
PayPal Website Payments Pro Payflow Editiion Developer’s GuideDocument Number: 200016.en_US-200903
? 2009 PayPal, Inc. All rights reserved. PayPal is a registered trademark of PayPal, Inc. The PayPal logo is a trademark of PayPal, Inc. Other trademarks and brands are the property of their respective owners.
The information in this document belongs to PayPal, Inc. It may not be used, reproduced or disclosed without the written approval of PayPal, Inc.
Copyright ? PayPal. All rights reserved. PayPal (Europe) S.à r.l. et Cie., S.C.A., Société en Commandite par Actions. Registered office: 22-24 Boulevard Royal, L-2449, Luxembourg, R.C.S. Luxembourg B 118 349.
Consumer advisory: The PayPal? payment service is regarded as a stored value facility under Singapore law. As such, it does not require the approval of the Monetary Authority of Singapore. You are advised to read the terms and conditions carefully.
Notice of non-liability:
PayPal, Inc. is providing the information in this document to you “AS-IS” with all faults. PayPal, Inc. makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. PayPal, Inc. assumes no liability for damages (whether direct or indirect), caused by errors or omissions, or resulting from the use of this document or the information contained in this document or resulting from the application or use of the product or service described herein. PayPal, Inc. reserves the right to make changes to any information herein without further notice.
Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
About This Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Intended Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7How to Contact Customer Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Chapter 1Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 9
About Website Payments Pro Payflow Edition. . . . . . . . . . . . . . . . . . . . . . . . . 9
Payflow SDK Version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Host Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
How Direct Payment Processing Works . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Chapter 2Downloading, Installing, and Activating . . . . . . . . . .11
Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11Preparing the Payflow Client Application . . . . . . . . . . . . . . . . . . . . . . . . . . 11Activating Your Payflow Pro Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Chapter 3Simple Payflow Transaction. . . . . . . . . . . . . . . . .13
Transaction Requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Request Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Data Modes for Sending. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Connection Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14User Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Sale Transaction Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Typical Sale Transaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Formatting Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Chapter 4Performing Direct Payment Credit Card Transactions . . .17
About Direct Payment Credit Card Processing . . . . . . . . . . . . . . . . . . . . . . . 17
Considerations Regarding Your Website Integration . . . . . . . . . . . . . . . . . . 17
Website Payments Pro Payflow Edition Developer’s Guide3
Contents
Parameters Used in Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Submitting Sale Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
When To Use a Sale Transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Additional Parameters For Sale Transactions. . . . . . . . . . . . . . . . . . . . . . 24Typical Sale Transaction Parameter String . . . . . . . . . . . . . . . . . . . . . . . 24Submitting Authorization/Delayed Capture Transactions . . . . . . . . . . . . . . . . . . 24
When To Use Authorization/Delayed Capture Transactions. . . . . . . . . . . . . . . 25Required Authorization Transaction Parameters . . . . . . . . . . . . . . . . . . . . 25Typical Authorization Transaction Parameter String. . . . . . . . . . . . . . . . . . . 25Required Delayed Capture Transaction Parameters . . . . . . . . . . . . . . . . . . 25Delayed Capture Transaction: Capturing Transactions for Lower Amounts. . . . . . . 27Delayed Capture Transaction: Capturing Transactions for Higher Amounts . . . . . . 28Delayed Capture Transaction: Error Handling and Retransmittal . . . . . . . . . . . . 28Submitting Credit Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Required Credit Transaction Parameters . . . . . . . . . . . . . . . . . . . . . . . . 28Credit Transaction Parameter Strings . . . . . . . . . . . . . . . . . . . . . . . . . . 30Submitting Void Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
When To Use a Void Transaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30Required Void Transaction Parameters . . . . . . . . . . . . . . . . . . . . . . . . . 31Example Void Transaction Parameter String . . . . . . . . . . . . . . . . . . . . . . 31Recharging to the Same Credit Card (Reference Transactions). . . . . . . . . . . . . . . 32
When To Use a Reference Transaction . . . . . . . . . . . . . . . . . . . . . . . . . 32Transaction Types that Can Be Used as the Original Transaction . . . . . . . . . . . 32Fields Copied From Reference Transactions . . . . . . . . . . . . . . . . . . . . . . 33Example Reference Transaction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Using Address Verification Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Example Address Verification Service Request . . . . . . . . . . . . . . . . . . . . . 34Example Address Verification Service Response . . . . . . . . . . . . . . . . . . . . 34Card Security Code Validation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Example CVV2 Request. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Example CVV2 Response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Chapter 5Responses to Transaction Requests . . . . . . . . . . . .37
Contents of a Response to a Transaction Request . . . . . . . . . . . . . . . . . . . . . 37Address Verification Service Responses From PayPal . . . . . . . . . . . . . . . . . . . 39Card Security Code Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Normalized Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41PayPal Card Security Code Results. . . . . . . . . . . . . . . . . . . . . . . . . . . 41PNREF Value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4
Website Payments Pro Payflow Edition Developer’s Guide
Contents
PNREF Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42RESULT Values and RESPMSG Text . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
RESULT Values for Transaction Declines or Errors . . . . . . . . . . . . . . . . . . . 42RESULT Values for Communications Errors . . . . . . . . . . . . . . . . . . . . . . 48
Chapter 6Testing Credit Card Transactions . . . . . . . . . . . . . .51
Testing Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Credit Card Numbers Used for Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Testing Result Code Responses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Appendix AVerbosity: Viewing Processor-Specific Transaction Results55
Supported Verbosity Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Changing the Verbosity Setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Appendix BCurrency Codes . . . . . . . . . . . . . . . . . . . . . . .59Appendix CCountry Codes . . . . . . . . . . . . . . . . . . . . . . .61Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
Website Payments Pro Payflow Edition Developer’s Guide5
Responses to Transaction Requests
PNREF Value
5
Normalized Results
If you submit the transaction request parameter for card security code (that is, the CVV2 parameter), the cardholder’s bank returns a normalized Yes/No response in the CVV2MATCH response parameter, as described in Table5.3.
TABLE5.3
CVV2MATCH response values
Description
The submitted value matches the data on file for the card.The submitted value does not match the data on file for the card.The cardholder’s bank does not support this service.
CVV2MATCH ValueYNX
PayPal Card Security Code Results
Table5.4, “Card security code response code mapping,” shows the detailed results returned by the PayPal processor for card security codes. If you want to obtain the PayPal processor value, set the VERBOSITY parameter to MEDIUM. The processor value is returned in the PROCCVV2 response parameter. For details on VERBOSITY, see AppendixD, “VERBOSITY: Viewing Processor-Specific Transaction Results.”
TABLE5.4
Card security code response code mapping
PayPal Processor Code DescriptionMatchNo MatchNot ProcessedService Not SupportedUnavailableNo Response
PROCVV2MATCHYNXXXXX
PayPal Processor CVV2 CodeMNPSUXAll other
PNREF Value
The PNREF is a unique transaction identification number issued by PayPal that identifies the transaction for billing, reporting, and transaction data purposes. The PNREF value appears in the TransactionID column in PayPal Manager reports.
Website Payments Pro Payflow Edition Developer’s Guide
41
5
Responses to Transaction Requests
RESULT Values and RESPMSG Text
z
The PNREF value is used as the ORIGID value (original transaction ID) in Delayed Capture transactions (TRXTYPE=D), Credits (TRXTYPE=C), Inquiries (TRXTYPE=I), and Voids (TRXTYPE=V).
The PNREF value is used as the ORIGID value (original transaction ID) value in reference transactions for Authorization (TRXTYPE=A) and Sale (TRXTYPE=S).
z
NOTE:The PNREF is also referred to as the Transaction ID in PayPal Manager.
PNREF Format
The PNREF is a 12-character string of printable characters, for example:
zz
VADE0B248932ACRAF23DB3C4
question mark (?). A PNREF typically contains letters and numbers only.
NOTE:Printable characters also include symbols other than letters and numbers such as the
The PNREF in a transaction response tells you that your transaction is connecting to PayPal.
RESULT Values and RESPMSG Text
The RESULT parameter and value is the first name-value pair returned in the response string. The value of RESULT indicates the overall status of the transaction attempt:
zz
A value of 0 (zero) indicates that no errors occurred and the transaction was approved. A value less than zero indicates that a communication error occurred. In this case, no transaction is attempted.
A value greater than zero indicates a decline or error (except in the case of RESULT 104. See the table below).
z
The response message (RESPMSG) provides a brief description for decline or error results.
RESULT Values for Transaction Declines or Errors
For non-zero RESULT values, the response string includes a RESPMSG name-value pair. The exact wording of the RESPMSG (shown in bold) may vary. Sometimes a colon appears after the initial RESPMSG followed by more detailed information.
When interpreting RESULT values for the PayPal processor, note the following:
z
When RESULT=0, warning information may be returned that is useful to the request applicaton. See the PayPal API documentation on Developer Central for detailed information on corrective actions.
42
Website Payments Pro Payflow Edition Developer’s Guide
Responses to Transaction Requests
RESULT Values and RESPMSG Text
5
z
When RESULT=104, you must log in to the PayPal website to determine if the transaction actually went through. If the transaction does not appear in the History section, you should retry it.
Payflow transaction RESULT values and RESPMSG text RESPMSG and ExplanationApproved.
User authentication failed. Error is caused by one or more of the following:zLogin information is incorrect. Verify that USER, VENDOR, PARTNER, and PASSWORD have been entered correctly. VENDOR is your merchant ID and USER is the same as VENDOR unless you created a Payflow Pro user. All fields are case sensitive.
zInvalid Processor information entered. Contact merchant bank to verify.
z\from an unknown IP address. See PayPal Manager online help for details on how to use Manager to update the allowed IP addresses.
zYou are using a test (not active) account to submit a transaction to the live PayPal servers. Change the host address from the test server URL to the live server URL.Invalid tender type. Your merchant bank account does not support the following credit card type that was submitted.
Invalid transaction type. Transaction type is not appropriate for this transaction. For example, you cannot credit an authorization-only transaction.
Invalid amount format. Use the format: “#####.##” Do not include currency symbols or commas.
Invalid merchant information. Processor does not recognize your merchant account information. Contact your bank account acquirer to resolve this problem. Invalid or unsupported currency code
Field format error. Invalid information entered. See RESPMSG.Not a transaction server
Too many parameters or invalid streamToo many line items
Client time-out waiting for response
Declined. Check the credit card number, expiration date, and transaction information to make sure they were entered correctly. If this does not resolve the problem, have the customer call their card issuing bank to resolve.
Referral. Transaction cannot be approved electronically but can be approved with a verbal authorization. Contact your merchant bank to obtain an authorization and submit a manual Voice Authorization transaction.
TABLE5.5RESULT01
23456789101112
13
Website Payments Pro Payflow Edition Developer’s Guide
43
5
44
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.5Payflow transaction RESULT values and RESPMSG text (Continued)RESULTRESPMSG and Explanation
19Original transaction ID not found. The transaction ID you entered for this transaction is not valid. See RESPMSG.20Cannot find the customer reference number22Invalid ABA number
23Invalid account number. Check credit card number and re-submit.24Invalid expiration date. Check and re-submit.
25
Invalid Host Mapping. Error is caused by one or more of the following:
zYou are trying to process a tender type such as Discover Card, but you are not set up with your merchant bank to accept this card type.
zYou are trying to process an Express Checkout transaction when your account is not set up to do so. Contact your account holder to have Express Checkout added to your account.26
Invalid vendor account. Login information is incorrect. Verify that USER, VENDOR, PARTNER, and PASSWORD have been entered correctly. VENDOR is your merchant ID and USER is the same as VENDOR unless you created a Payflow Pro user. All fields are case sensitive.
27Insufficient partner permissions28Insufficient user permissions
29Invalid XML document. This could be caused by an unrecognized XML tag or a bad XML format that cannot be parsed by the system.30Duplicate transaction
31Error in adding the recurring profile32Error in modifying the recurring profile33Error in canceling the recurring profile34Error in forcing the recurring profile35Error in reactivating the recurring profile36OLTP Transaction failed 37Invalid recurring profile ID
50Insufficient funds available in account51Exceeds per transaction limit99General error. See RESPMSG.100
Transaction type not supported by host
Website Payments Pro Payflow Edition Developer’s Guide
Responses to Transaction Requests
RESULT Values and RESPMSG Text
TABLE5.5RESULT101102103104105
Payflow transaction RESULT values and RESPMSG text (Continued)RESPMSG and ExplanationTime-out value too smallProcessor not available
Error reading response from host
Timeout waiting for processor response. Try your transaction again.
Credit error. Make sure you have not already credited this transaction, or that this transaction ID is for a creditable transaction. (For example, you cannot credit an authorization.)Host not available
Duplicate suppression time-out
Void error. See RESPMSG. Make sure the transaction ID entered has not already been voided. If not, then look at the Transaction Detail screen for this transaction to see if it has settled. (The Batch field is set to a number greater than zero if the transaction has been settled). If the transaction has already settled, your only recourse is a reversal (credit a payment or submit a payment for a credit).Time-out waiting for host responseReferenced auth (against order) Error
Capture error. Either an attempt to capture a transaction that is not an authorization transaction type, or an attempt to capture an authorization transaction that has already been captured.
Failed AVS check. Address and ZIP code do not match. An authorization may still exist on the cardholder’s account.
Merchant sale total will exceed the sales cap with current transaction. ACH transactions only.
Card Security Code (CSC) Mismatch. An authorization may still exist on the cardholder’s account.System busy, try again later
PayPal internal error. Failed to lock terminal number
Failed merchant rule check. One or more of the following three failures occurred:An attempt was made to submit a transaction that failed to meet the security settings specified on the PayPal Manager Security Settings page. If the transaction exceeded the Maximum Amount security setting, then no values are returned for AVS or CSC.AVS validation failed. The AVS return value should appear in the RESPMSG.CSC validation failed. The CSC return value should appear in the RESPMSG.Invalid keywords found in string fields
5
106107108
109110 111
112113114115116117
118
Website Payments Pro Payflow Edition Developer’s Guide
45
Performing Direct Payment Credit Card Transactions
Submitting Void Transactions
Required Void Transaction Parameters
To submit a Void transaction, you must pass the following parameter:ORIGID
TABLE4.6Void required parameterParameterDescription
ORIGID
(Required by some transaction types) ID of the original transaction that is being referenced. This ID is returned by the PNREF parameter and appears as the Transaction ID in PayPal Manager reports.Limitations: Case sensitive.
Set ORIGID to the PNREF (Transaction ID in PayPal Manager reports) value returned for the original transaction.
Fields Copied From the Original Transaction into the Void Transaction
The following fields are copied from the original transaction into the Void transaction (if they exist in the original transaction). If you provide a new value for any of these parameters when submitting the Void transaction, then the new value is used. (Exceptions are ACCT, EXPDATE, and SWIPE. These parameters retain their original values).
TABLE4.7 Fields copied from original transaction into the Void transaction
ACCTAMTCITYCOMMENT1COMMENT2COUNTRYCUSTCODECUSTIPEMAILEXPDATEFIRSTNAMEFREIGHTAMTINVNUMLASTNAMENOTE
PHONEUMSHIPTOCITYSHIPTOCOUNTRYSHIPTOFIRSTNAMESHIPTOLASTNAMESHIPTOSTATESHIPTOSTREETSHIPTOZIPSTATE
STREET
TAXAMT
ZIP
Example Void Transaction Parameter String
This is an example Void transaction parameter string:
“TRXTYPE=V&TENDER=C&PARTNER=PayPal&VENDOR=SuperMerchant&USER=SuperMerchant&PWD=SuperUserPassword&ORIGID=EFHP0D426A68”
Website Payments Pro Payflow Edition Developer’s Guide4
31
4
Performing Direct Payment Credit Card Transactions
Recharging to the Same Credit Card (Reference Transactions)
Recharging to the Same Credit Card (Reference Transactions)
If you need to recharge a credit card and you are not storing the credit card information in your local database, you can perform a reference transaction. A reference transaction takes the existing credit card information that is on file and reuses it.
When To Use a Reference Transaction
Say that Joe Smith purchases a holiday gift from your web site store and requests that it be sent by UPS ground service. That evening, Joe becomes concerned that the item might not arrive in time for the holiday. So he calls you to upgrade shipping to second-day air. You obtain his approval for charging an extra $10 for the upgrade. In this situation, you can create a reference transaction based on the original Sale and charge an additional $10 to Joe’s credit card without having to ask him again for his credit card information.
IMPORTANT:As a security measure, reference transactions are disallowed by default. Only
your account administrator can enable reference transactions for your
account. If you attempt to perform a reference transaction in an account for which reference transactions are disallowed, RESULT value 117 is returned. See PayPal Manager online help for instructions on setting reference transactions and other security features.
Sale and Authorization transactions can make use of a reference transaction as a source of transaction data. PayPal looks up the reference transaction and copies its transaction data into the new Sale or Authorization transaction. With the exception of dollar amount data, which triggers a filter if out of range, reference transactions are not screened by fraud filters.
IMPORTANT:When PayPal looks up the reference transaction, neither the transaction being
referenced nor any other transaction in the database is changed in any way. That is, a reference transaction is a read-only operation—only the new
transaction is populated with data and acted upon. No linkage is maintained between the reference transaction and the new transaction.
You can also initiate reference transactions from PayPal Manager. See PayPal Manager online help for details.
Transaction Types that Can Be Used as the Original Transaction
You can reference the following transaction types to supply data for a new Sale or Authorization transaction:
zz
Sale
Authorization (To capture the funds for an approved Authorization transaction, be sure to perform a Delayed Capture transaction—not a Reference transaction.)Void
Delayed Capture
zz
32Website Payments Pro Payflow Edition Developer’s Guide
Performing Direct Payment Credit Card Transactions
Recharging to the Same Credit Card (Reference Transactions)
z
Credit
Fields Copied From Reference Transactions
The following fields are copied from the reference transaction into the new Sale or
Authorization transaction (if they exist in the original transaction). If you provide a value for any of these parameters when submitting the new transaction, then the new value is used.
TABLE4.8Fields copied to new transactionACCTTYPESTREETACCTCITYEXPDATESTATEFIRSTNAMEZIPLASTNAME
COUNTRY
Example Reference Transaction
In this example, you authorize an amount of $100 for a shipment and charge $66 for the first partial shipment using a normal Delayed Capture transaction. You charge the $34 for the final part of the shipment using a reference transaction to draw credit card and shipping address information from the initial Authorization transaction.This example procedure creates a reference transaction:1.Submit the initial transaction, such as an Authorization.
You use an Authorization transaction for the full amount of the purchase of $100:
TRXTYPE=A&TENDER=C&PWD=password&PARTNER=partner&VENDOR=vendor&USER=user&ACCT=5555555555554444&EXPDATE=0308&AMT=100.00&INVNUM=123456789&STREET=5199 MAPLE&ZIP=94588
Note the value of the PNREF in the response:
RESULT=0&PNREF=EFHP0D426A51&RESPMSG=Approved&AVSADDR=N&AVSZIP=Y&CVV2MATCH=X&PPREF=6FS950632E172331R&CORRELATIONID=3c1a7c1c411a
2.Capture the authorized funds for a partial shipment of $66.
When you deliver the first $66 worth of product, you use a normal Delayed Capture transaction to collect the $66. Set ORIGID to the value of PNREF in the original
Authorization (See “Required Delayed Capture Transaction Parameters” on page25):
TRXTYPE=D&TENDER=C&PWD=password&PARTNER=partner&VENDOR=vendor&USER=user&ORIGID=VXYZ01234567&AMT=66.00
This is the response:
RESULT=0&PNREF=VXYZ01234568&AUTHCODE=25TEST&AVSADDR=Y&AVSZIP=N&CORRELATIONID=2dc60e253495e&PPREF=68W3371331353001F
Website Payments Pro Payflow Edition Developer’s Guide4
33
4
Performing Direct Payment Credit Card Transactions
Using Address Verification Service
3.Submit a new Sale or Authorization/Delayed Capture transaction of $34 for the rest of the shipment.Once you have shipped the remainder of the product, you can collect the remaining $34 in a Sale transaction that uses the initial Authorization as a reference transaction:
TRXTYPE=S&TENDER=C&PWD=password&PARTNER=partner&VENDOR=vendor&USER=user&ORIGID=VXYZ01234567&AMT=34.00
This is the response:
RESULT=0&PNREF=EFHP0D426A53&AUTHCODE=25TEST&AVSADDR=Y&AVSZIP=N&CORRELATIONID=2dc60e253495e&PPREF=68W3371331353001F
Using Address Verification Service
To qualify for the lowest bank rate, you must pass address verification service information—street address and ZIP (postal) code.
Address Verification Service compares the submitted billing street address and ZIP code with the values on file at the cardholder’s bank. The response includes values for AVSADDR and AVSZIP: Y, N, or X for the match status of the customer’s street address and ZIP code.
Y=match, N=nomatch, X=cardholder’s bank does not support Address Verification Service. The Address Verification Service result is for advice only. Banks do not decline transactions based on the Address Verification Service result—the merchant makes the
decision to approve or decline a transaction. Address Verification Service is supported by most U.S. banks and some international banks.
NOTE:Address Verification Service checks only for a street number match, not a street name
match, so 123MainStreet returns the same response as 123ElmStreet.
The International Address Verification Service (IAVS) response indicates whether the Address Verification Service response is international (Y), USA (N), or cannot be determined (X). SDK version 3.06 or later is required.
Example Address Verification Service Request
This example request include the address verification service request parameters STREET and ZIP:
TRXTYPE=A&TENDER=C&PWD=password&PARTNER=partner&VENDOR=vendor&USER=user&ACCT=5555555555554444&EXPDATE=0308&AMT=123.00&STREET=5199 Maple&ZIP=98765
Example Address Verification Service Response
In this example, the address value matches the value in the bank’s records, but the ZIP code does not. The IAVS response is X..
RESULT=0&PNREF=EFHP0D426A56&RESPMSG=APPROVED&AVSADDR=Y&AVSZIP=N&IAVS=X&CORRELATIONID=2dc60e253496a&PPREF=68W3371331353001F
34Website Payments Pro Payflow Edition Developer’s Guide
Performing Direct Payment Credit Card Transactions
Card Security Code Validation
Card Security Code Validation
The card security code is a 3- or 4-digit number (not part of the credit card number) that is printed on the credit card. Because the card security code appears only on the card and not on receipts or statements, the card security code provides some assurance that the physical card is in the possession of the buyer.
This fraud prevention tool has various names, depending on the payment network. Visa calls it CVV2 and MasterCard calls it CVC2. To ensure that your customers see a consistent name, PayPal recommends use of the term card security code on all end-user materials.
You must provide a CVV2 value as a transaction parameter for those credit cards that use card security code validation. The value is required for Visa and MasterCard cards.
IMPORTANT:To comply with credit card association regulations, do not store the CVV2
value.
On most cards, the card security code is printed on the back of the card (usually in the
signature field). All or part of the card number appears before the card security code (567 in the example). For American Express, the 4-digit number (1122 in the example) is printed on the front of the card, above and to the right of the embossed account number. Be sure to explain this to your customers.
For details on PayPal processor card security code responses, see “Card Security Code Results” on page40.
FIGURE4.1Card security code
Example CVV2 Request
This example request parameter string includes the CVV2 parameter.
TRXTYPE=A&TENDER=C&PWD=SuperUserPassword&PARTNER=PayPal&VENDOR=SuperMerchant&USER=SuperMerchant&ACCT=5555555555554444&EXPDATE=0308&AMT=123.00&CVV2=5670
Example CVV2 Response
In this example result, the card security code value matches the value in the bank’s records.
Website Payments Pro Payflow Edition Developer’s Guide4
35
4
36Performing Direct Payment Credit Card Transactions
Card Security Code Validation
RESULT=0&PNREF=VXW412345678&RESPMSG=APPROVED&CVV2MATCH=Y&PPREF=68W3371331353001F&CORRELATIONID=2dc60e2534971&PPREF=68W3371331353001F
Website Payments Pro Payflow Edition Developer’s Guide
5
Responses to Transaction Requests
When a transaction finishes, the Payflow server returns a response string made up of name-value pairs. This is an example response string.
RESULT=0&PNREF=EFHP0D426A53&RESPMSG=APPROVED&AUTHCODE=25TEST&AVSADDR=Y&AVSZIP=N&CVV2MATCH=Y&PPREF=68W3371331353001F&CORRELATIONID=2dc60e253495e
Contents of a Response to a Transaction Request
Table5.1 describes values that can be returned in response strings.
TABLE5.1Transaction response values
FieldDescription
TypeLengthPNREF
Payflow Transaction ID, a unique number that Alpha- 12
identifies the transaction. PNREF is described in numeric“PNREF Format” on page42.PPREFUnique transaction ID of the payment.
string17RESULT
The outcome of the attempted transaction. A Numeric
Variable
result of 0 (zero) indicates the transaction was approved. Any other number indicates a decline or error. RESULT values are described in “RESULT Values and RESPMSG Text” on page42.
NOTE:The PayPal processor may also return a
warning message in the RESPMSG string when RESULT=0. For more information on corrective actions, see the PayPal developer documentation on the Integration Center:
https://www.paypal.com/IntegrationCenter/ic_home.htmlCVV2MATCH
Result of the card security code (CVV2) check. Alpha
1
The issuing bank may decline the transaction if Y, N, X, or there is a mismatch. In other cases, the
no response
transaction may be approved despite a mismatch.
Website Payments Pro Payflow Edition Developer’s Guide
37
5
38
Responses to Transaction Requests
Contents of a Response to a Transaction Request
TABLE5.1Transaction response values(Continued)
FieldDescription
TypeLengthRESPMSG
The response message returned with the Alpha- Variable
transaction result. Exact wording varies. numeric
Sometimes a colon appears after the initial RESPMSG followed by more detailed
information. Response messages are described in “RESULT Values and RESPMSG Text” on page42.
NOTE:The PayPal processor may also return a
warning message in the RESPMSG string when RESULT=0. For more information on corrective actions, see the PayPal developer documentation on the Integration Center:
https://www.paypal.com/IntegrationCenter/ic_home.htmlAUTHCODE
Returned for Sale, Authorization, and Voice Alpha- 6
Authorization credit card transactions.
numeric
AUTHCODE is the approval code obtained over the telephone from the processing network.AUTHCODE is required when submitting a Force (F) transaction.
AVSADDR
Address Verification Service address response Alpha
1
returned if you are using Address Verification Y, N, X, or Service. Address Verification Service address no response
responses are for advice only. This process does not affect the outcome of the authorization. See “Using Address Verification Service” on page34.
AVSZIP
Address Verification Service zip code response Alpha
1
returned if you are using Address Verification Y, N, X, or Service. AVSZIP responses are for advice only. no response
This process does not affect the outcome of the authorization. See “Using Address Verification Service” on page34.
Website Payments Pro Payflow Edition Developer’s Guide
Responses to Transaction Requests
Address Verification Service Responses From PayPal
TABLE5.1Transaction response values(Continued)
FieldDescription
TypeLengthIAVS
International Address Verification Service Alpha
1
address responses may be returned if you are Y, N, X, or using Address Verification Service. IAVS no response
responses are for advice only. This value does not affect the outcome of the transaction.
Indicates whether Address Verification Service response is international (Y), US (N), or cannot be determined (X). Client version 3.06 or later is required.
See “Using Address Verification Service” on page34.
PROCAVSAddress Verification Service response from the Char1
processor when you use Address Verification Service and send a VERBOSITY request
parameter value of MEDIUM. See AppendixD, “VERBOSITY: Viewing Processor-Specific Transaction Results,” for details.
PROCCVV2CVV2 response from the processor when you Char1
send a VERBOSITY request parameter value of MEDIUM. See AppendixD, “VERBOSITY: Viewing Processor-Specific Transaction Results,” for details.
PAYMENTTYPEReturns instant if the payment is instant or String7echeck if the payment is delayed. (DP)CORRELATIONID
Value used for tracking this Direct Payment Alphanumeri13
transaction.
c
Address Verification Service Responses From PayPal
Table5.2, “Address Verification Service response value mapping,” compares the detailed response returned by the PayPal processor for address verification to the normalized response value (Y, N, or X) returned in the AVSADDR and AVSZIP response parameters. If you want to obtain the PayPal processor value, set the VERBOSITY parameter to MEDIUM. With this setting,
Website Payments Pro Payflow Edition Developer’s Guide
5
39
5
Responses to Transaction Requests
Card Security Code Results
the processor value is returned in the PROCAVS response parameter. For details on
VERBOSITY, see AppendixD, “VERBOSITY: Viewing Processor-Specific Transaction Results.”
TABLE5.2
Address Verification Service response value mapping
PayPal Processor Address Verification Service CodeABCDEFGINPRSUWXYZAll other
MeaningAddressInternational “A”International “N”International “X”
Not allowed for MOTO (Internet/Phone) transactionsUK-specific “X”Global UnavailableInternational UnavailableNo
Postal (International “Z”)Retry
Service not SupportedUnavailableWhole ZipExact MatchYesZip
AVSADDRYYNYXYXXNNXXXNYYNX
AVSZIPNNNYXYXXNYXXXYYYYX
Card Security Code Results
The CVV2MATCH parameter returns Y, N, or X.
The CVV2MATCH parameter returns Y, N, or X or a processor-specific response.
40
Website Payments Pro Payflow Edition Developer’s Guide