--- developer:api_specification:xml_payment_features [2020/04/06 13:31]
robinc [Request Body Fields] added decline refund fields
+++ developer:api_specification:xml_payment_features [2022/03/04 11:44] (current)
lezlieh updated with secure token
@@ Line 31: / Line 31: @@
 | DATETIME |  Y  | Request date and time. Format: DD-MM-YYY:HH:MM:SS:SSS.|
 | TRACKDATA	|	N	| Track 2 data.\\ Should be present for a swiped cardholder present (CHP) transaction. If this is present then TERMINALTYPE should be set to 3 and TRANSACTIONTYPE should be set to 0.	|
-| CARDNUMBER	|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Card. |
+| CARDNUMBER	|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Token. |
 | GOOGLEPAYLOAD |	N	| When using google pay for payments, instead of the TRACKDATA or CARDNUMBER, you pass this field, with the Google Pay user data, received from your request, converted to Hexadecimal. |
 | APPLEPAYLOAD |	N	| When using apple pay for payments, instead of the TRACKDATA or CARDNUMBER, you pass this field, with the Apple Pay user data, received from your request, converted to Hexadecimal. |
-| CARDTYPE	|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Card to perform the transaction. |
+| CARDTYPE	|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Token to perform the transaction. |
 | CARDEXPIRY	|	N	| Expiry date of the card.\\ A 4 digit expiry field (MMYY), required if TRACKDATA is not being sent.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
 | CARDHOLDERNAME	|	N	| The name of the card holder, required if TRACKDATA is not being sent and not using a SecureCard. It should be as displayed on the front of the card.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
@@ Line 69: / Line 69: @@
 | FRAUDREVIEWSESSIONID	|	N	| This field should contain the value of THEIR_SESSION_ID parameter that a merchant integration uses to configure its session with Fraud Solution. See the **ND003 - Using Fraud Solution**, in the next section.	|
 | CREDENTIALONFILE	|	N	| Component of the request that can be added in case Credential on File feature is in use for the Terminal processing the Payment. See **ND008 - Credential on File**.	|
+| BYPASS_SURCHARGE	|	N	| Send a value of 'true' to identify that surcharge has not been applied to this payment. Only applicable if surcharging is enabled for the terminal. |
 </searchtable>
 \\
@@ Line 374: / Line 375: @@
 | FRAUDREVIEWRESPONSE | Component of the response that is going to be added in case the Threat Metrix feature is in use for the Terminal processing the Payment. See **ND002 - Fraud Solution Response** for more details. |
 | ADDITIONAL_FIELD | This field is used to send back data of interest of the merchant received by the gateway during the transaction. See **ND003 - Additional Information on Response**|
-| CARDREFERENCE | This field represents the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND004 - Secure Card Auto Registration**. |
+| CARDREFERENCE | This field represents the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Token within a Payment. Take a look at **ND004 - Secure Token Auto Registration**. |
-| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND004 - Secure Card Auto Registration**. |
+| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Tokens within a Payment. Take a look at **ND004 - Secure Token Auto Registration**. |
 | DATETIME | Response date and time for the transaction, created by the bank. Format: YYYY-MM-DDTHH:MM:SS. Note that this is intentionally in a different format to the request timestamp to highlight the fact that it is a different time.|
 | HASH | A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**, in the next section. |
@@ Line 434: / Line 435: @@
 \\
-**ND004 - Secure Card Auto Registration**
+**ND004 - Secure Token Auto Registration**
-This field is returned when a secure card is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Cards, and the request in place sends the details for a Secure Card (no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
+This field is returned when a secure token is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Token, and the request in place sends the details for a Secure Token (no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
 \\
@@ Line 492: / Line 493: @@
 |DATETIME |  Y  | Request date and time. Format: DD-MM-YYYY:HH:MM:SS:SSS. |
 | TRACKDATA			|	N	| Track 2 data.\\ Should be present for a swiped cardholder present (CHP) transaction. If this is present then TERMINALTYPE should be set to 3 and TRANSACTIONTYPE should be set to 0.	|
-| CARDNUMBER		|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Card. |
+| CARDNUMBER		|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Token. |
-| CARDTYPE			|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Card to perform the transaction. |
+| CARDTYPE			|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Token to perform the transaction. |
 | CARDEXPIRY		|	N	| Expiry date of the card.\\ A 4 digit expiry field (MMYY), required if TRACKDATA is not being sent.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
 | CARDHOLDERNAME	|	N	| The name of the card holder, required if TRACKDATA is not being sent and not using a SecureCard. It should be as displayed on the front of the card.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
@@ Line 705: / Line 706: @@
 | MASKEDCARDNUMBER | Customer's card obfuscated card number. |
 | PROCESSINGTERMINAL  | If the transaction was performed on a "routing terminal" then this is populated with processing terminal ID that the system selected to process the transaction.|
-| CARDREFERENCE | This field represents the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND004 - Secure Card Auto Registration**. |
+| CARDREFERENCE | This field represents the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Tokens within a Payment. Take a look at **ND004 - Secure Token Auto Registration**. |
 | ADDITIONAL_FIELD | This field is used to send back data of interest of the merchant received by the gateway during the transaction. See **ND002 - Additional Information on Response**|
-| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND003 - Secure Card Auto Registration**. |
+| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Tokens within a Payment. Take a look at **ND003 - Secure Token Auto Registration**. |
 | DATETIME | Response date and time for the transaction, created by the bank. Format: YYYY-MM-DDTHH:MM:SS. Note that this is intentionally in a different format to the request timestamp to highlight the fact that it is a different time.|
 | HASH | A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**, in the next section. |
@@ Line 740: / Line 741: @@
 \\
-**ND003 - Secure Card Auto Registration**
+**ND003 - Secure Token Auto Registration**
-This field is returned when a secure card is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Cards, and the request in place sends the details for a Secure Card (no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
+This field is returned when a secure token is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Tokens, and the request in place sends the details for a Secure Token(no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
 \\
@@ Line 809: / Line 810: @@
 | TERMINALID	|	Y	| A Terminal ID provided by Nuvei.	|
 | AMOUNT	|	Y	| The amount of the transaction.\\ A 2 digit decimal or an Integer value for JPY amounts.	|
-| CARDNUMBER	|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Card. |
+| CARDNUMBER	|	N	| Payment card number.\\ Required if TRACKDATA is not being sent.\\ If a SECURECARD is used (in CARDTYPE), this field should inform the CARDREFERENCE of the given Secure Token. |
-| CARDTYPE	|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Card to perform the transaction. |
+| CARDTYPE	|	Y	| Card Type used for the transaction.\\ For more details on this, visit **[[developer:api_specification:special_fields_and_parameters#the_card_types|Special Fields and Parameters - Card Types]]**.\\ This field can also admit the SECURECARD type, when using a Secure Token to perform the transaction. |
 | CARDEXPIRY	|	N	| Expiry date of the card.\\ A 4 digit expiry field (MMYY), required if TRACKDATA is not being sent.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
-| CARDHOLDERNAME	|	N	| The name of the card holder, required if TRACKDATA is not being sent and not using a SecureCard. It should be as displayed on the front of the card.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
+| CARDHOLDERNAME	|	N	| The name of the card holder, required if TRACKDATA is not being sent and not using a Secure Token. It should be as displayed on the front of the card.\\ This field should not be informed if the CARDTYPE is SECURECARD. |
 | CURRENCY	|	Y	| Currency of the transaction.\\ A 3 character code following the ISO 4217 Currency Code.	|
 | FOREIGNCURRENCYINFORMATION |	N	| Tag contains Dynamic Currency Conversion information. It has to be present in the eDCC enabled transactions.\\ See the next section, **ND004 - Using eDCC**, for more details on this field.	|
@@ Line 1132: / Line 1133: @@
 | FRAUDREVIEWRESPONSE | Component of the response that is going to be added in case the Fraud Solution feature is in use for the Terminal processing the Payment. See **ND002 - Fraud Solution Response** for more details. |
 | ADDITIONAL_FIELD | This field is used to send back data of interest of the merchant received by the gateway during the transaction. See **ND003 - Additional Information on Response**|
-| CARDREFERENCE | This field represents the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND004 - Secure Card Auto Registration**. |
+| CARDREFERENCE | This field represents the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Tokens within a Payment. Take a look at **ND004 - Secure Token Auto Registration**. |
-| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Card. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Cards within a Payment. Take a look at **ND004 - Secure Card Auto Registration**. |
+| MERCHANTREF | This field represents the merchant reference that is going to be considered for the token generated for the Secure Token. It's going to be returned when the Settings related to this payment enable the automatic generation of Secure Tokens within a Payment. Take a look at **ND004 - Secure Token Auto Registration**. |
 | DATETIME | Response date and time for the transaction, created by the bank. Format: YYYY-MM-DDTHH:MM:SS. Note that this is intentionally in a different format to the request timestamp to highlight the fact that it is a different time.|
 | HASH | A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**, in the next section. |
@@ Line 1190: / Line 1191: @@
 \\
-**ND004 - Secure Card Auto Registration**
+**ND004 - Secure Token Auto Registration**
-This field is returned when a secure card is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Cards, and the request in place sends the details for a Secure Card (no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
+This field is returned when a secure token is created based on the card data passed in the request. This is only going to happen when the settings on Merchant Portfolio and Terminal align to allow the auto creation and storage of Secure Tokens, and the request in place sends the details for a Secure Token(no TRACKDATA). If you are curious and want to know more about the settings, visit the **[[developer:important_integration_settings|| Important Integration Settings]]** page.
 \\
@@ Line 1243: / Line 1244: @@
 <searchtable>
 ^ **FIELD** ^ **REQUIRED** ^ **DESCRIPTION** ^
-| UNIQUEREF |	Y	| Refers the UNIQUEREF generate for the original pre-autorization. In case the unique ref configuration is enabled, it's mandatory, otherwise, the system is going to accept the original ORDERID used for the pre-authorization. |
+| UNIQUEREF |	Y	| Refers the UNIQUEREF generate for the original pre-authorization. In case the unique ref configuration is enabled, it's mandatory, otherwise, the system is going to accept the original ORDERID used for the pre-authorization. |
 | TERMINALID |	Y	| A Terminal ID provided by Nuvei.	|
 | AMOUNT |	Y	| The amount of the transaction.\\ A 2 digit decimal or an Integer value for JPY amounts.	|
 | FOREIGNCURRENCYINFORMATION |	N	| Tag contains Dynamic Currency Conversion information. It has to be present in the eDCC enabled transactions.\\ See the next section, **ND003 - Using eDCC**, for more details on this field.	|
 | DESCRIPTION	|	N	| A description of the transaction.	|
-| CVV |	N	| The security code entered by the card holder. It should be available when CVV is enabvled for the terminal and completing out of the 15% margin transaction. |
+| CVV |	N	| The security code entered by the card holder. It should be available when CVV is enabled for the terminal and completing out of the 15% margin transaction. |
 | DATETIME |  Y  | Request date and time. Format: DD-MM-YYYY:HH:MM:SS:SSS. |
 | HASH |  Y  | A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**, in the next section. |
@@ Line 1809: / Line 1810: @@
 ===== Unreferenced Refund =====
-Unreferenced refunds are refunds that do not require a payment transaction to be referenced. They are only available on certain accounts by request to ecomsupport@merchant-support.com and must also be approved by your Acquiring (merchant) bank. As an Unreferenced Refund does not refer to a payment transaction, it's necessary to inform the card on which the refund is going to. In this case, you have two possibilities: inform the card details (use the **CARDDETAILS** tag) or a valid Secure Card (use the **CARDREFERENCE** tag).
+Unreferenced refunds are refunds that do not require a payment transaction to be referenced. They are only available on certain accounts by request to ecomsupport@merchant-support.com and must also be approved by your Acquiring (merchant) bank. As an Unreferenced Refund does not refer to a payment transaction, it's necessary to inform the card on which the refund is going to. In this case, you have two possibilities: inform the card details (use the **CARDDETAILS** tag) or a valid Secure Token (use the **CARDREFERENCE** tag).
   * **Main Request body Tag**: <UNREFERENCEDREFUND>
@@ Line 1822: / Line 1823: @@
 | CURRENCY	|	N	| Currency of the transaction. \\ A 3 character code following the ISO 4217 Currency Code.	|
 | TERMINALID	|	Y	| A Terminal ID provided by Worldnet. NB - Please contact Worldnet to be issued with a test terminal ID.	|
-| CARDREFERENCE	|	N	| Secure Card reference generated and returned by the Payment Gateway when created. Either CARDREFERENCE or CARDETAILS should be used on request, never both. |
+| CARDREFERENCE	|	N	| Secure Token reference generated and returned by the Payment Gateway when created. Either CARDREFERENCE or CARDETAILS should be used on request, never both. |
 | CARDDETAILS   |	N	| Details of the card to which the refund is going to be done to. Take a look at **ND003 - Card Details** to see this tag's subelements. Either CARDREFERENCE or CARDETAILS should be used on request, never both. |
 | DECLINEDREFUNDUNIQUEREF	|	N	| In the case where the merchant is performing an Unreferenced Refund and linking it to a Declined Online Refund.This tag must be included when the terminal uses UNIQUEREF. The card specified for this Unreferenced Refund must be different than that of the original Declined Refund.	|
@@ Line 1841: / Line 1842: @@
 The general rule to build the HASH field is given on the **[[developer:api_specification:special_fields_and_parameters|Special Fields and Parameters]]** page, under the **[[developer:api_specification:special_fields_and_parameters#the_hash_parameter|Special Fields and Parameters]]** section. For this specific feature, you should use the following formats:
-When using a Secure Card (CARDREFERENCE) and a Single Currency Terminal, the string to generate the HASH field is going to formed using:
+When using a Secure Token (CARDREFERENCE) and a Single Currency Terminal, the string to generate the HASH field is going to formed using:
 <WRAP center box 100%>
@@ Line 1847: / Line 1848: @@
 </WRAP>
-When using a Secure Card (CARDREFERENCE) and a Multi Currency Terminal, the string to generate the HASH field is going to formed using:
+When using a Secure Token (CARDREFERENCE) and a Multi Currency Terminal, the string to generate the HASH field is going to formed using:
 <WRAP center box 100%>
@@ Line 1853: / Line 1854: @@
 </WRAP>
-When **NOT** using a Secure Card and using a Single Currency Terminal, the string to generate the HASH field is going to formed using:
+When **NOT** using a Secure Token and using a Single Currency Terminal, the string to generate the HASH field is going to formed using:
 <WRAP center box 100%>
@@ Line 1859: / Line 1860: @@
 </WRAP>
-When **NOT** using a Secure Card and using a Multi Currency Terminal, the string to generate the HASH field is going to formed using:
+When **NOT** using a Secure Token and using a Multi Currency Terminal, the string to generate the HASH field is going to formed using:
 <WRAP center box 100%>
@@ Line 1916: / Line 1917: @@
 \\
-  * **Scenario**: Request to a valid Secure Card.
+  * **Scenario**: Request to a valid Secure Token.
   * **Terminal**: 6491002.
-  * **Secure Card**: 2967534771694736 (CARDREFERENCE).
+  * **Secure Token**: 2967534771694736 (CARDREFERENCE).
   * **Terminal Secret**: x4n35c32RT.
@@ Line 2404: / Line 2405: @@
 <searchtable>
 ^ 	**FIELD**	^	**REQUIRED**	^	**DESCRIPTION**	^
-| TERMINALID	|	Y	| A Terminal ID provided by %CompanyName. NB - Please contact %CompanyName to be issued with a test terminal ID.	|
+| TERMINALID	|	Y	| A Terminal ID provided by Nuvei. NB - Please contact Nuvei to be issued with a test terminal ID.	|
-| UNIQUEREF 	|	Y	| Refers the UNIQUEREF generate for the original transaction response. |
+| UNIQUEREF 	|	Y/N	| Refers the UNIQUEREF generated for the original transaction response. The field is required when ORDERID is omitted from the request. |
+| ORDERID 	|	Y/N	| Required with UNIQUEREF is not populated. A search can be made using the ORDERID of the transaction. This requires the target terminal to have the setting 'Force Unique Order ID' enabled. |
 | DATETIME		|	Y	| Request date and time. Format: DD-MM-YYYY:HH:MM:SS:SSS.	|
 | HASH			| 	Y	| A HASH code formed by part of the request fields. The formation rule is given at the **ND001 - Hash Formation**, in the next section.	|
@@ Line 2417: / Line 2419: @@
 The general rule to build the HASH field is given on the **[[developer:api_specification:special_fields_and_parameters|Special Fields and Parameters]]** page, under the **[[developer:api_specification:special_fields_and_parameters#the_hash_parameter|Special Fields and Parameters]]** section. For this specific feature, you should use the following formats:
+**When using UNIQUEREF**
 <WRAP center box 100%>
 TERMINALID:UNIQUEREF:DATETIME:SECRET
+</WRAP>
+**When using ORDERID**
+<WRAP center box 100%>
+TERMINALID:ORDERID:DATETIME:SECRET
 </WRAP>
@@ Line 2444: / Line 2452: @@
 </code>
+<code xml>
+<?xml version="1.0" encoding="UTF-8"?>
+<GET_TRANSACTION_DETAILS>
+    <TERMINALID>6491002</TERMINALID>
+    <ORDERID>GCNQAWUUVZ</ORDERID>
+    <DATETIME>06-03-2018:17:41:08:273</DATETIME>
+    <HASH>73e340cfb2b7424252d1ced917e4f74704aaa66a9600039f4800434cefe87d721c342d2b915c6e2aeea88b34e749ba97665f7d9e50b1144ca0f0745361fc4896</HASH>
+</GET_TRANSACTION_DETAILS>
+</code>
 \\
 ==== Response Body Fields ====
@@ Line 2483: / Line 2500: @@
 <WRAP center box 100%>
-TERMINALID:UNIQUEREF:ORDERID:TRANSACTION_STATUS:TRANSACTION_DATE:OPERATOR:TRANSACTION_TYPE:CURRENCY:AUTHORIZEDAMOUNT:BATCH_NUMBER:BULK_NUMBER:PROCESSINGTERMINAL:RESPONSECODE:RESPONSETEXT:APPROVALCODE:CARDCURRENCY:CARDAMOUNT:CONVERSIONRATE:DESCRIPTION:DATETIME:SECRET
+TERMINALID:UNIQUEREF:TRANSACTION_STATUS:TRANSACTION_DATE:OPERATOR:TRANSACTION_TYPE:CURRENCY:AUTHORIZEDAMOUNT:BATCH_NUMBER:BULK_NUMBER:PROCESSINGTERMINAL:RESPONSECODE:RESPONSETEXT:APPROVALCODE:CARDCURRENCY:CARDAMOUNT:CONVERSIONRATE:DESCRIPTION:DATETIME:SECRET
 </WRAP>

Differences

Worldnet

Learn More

Request

Contact Us