AUTOMATED CREDIT CARD PROCESSING

• ICZ Internal Gateway Support
• VeriSign PayFlowPro Plugin Integration
• IC Verify Plugin Integration
• Test Credit Card numbers
• Custom Integration of other Credit Card Processing Systems
• Command line parameters for CyberCash Module
• Processing Credit Card Authorization Retries
• Support for In-House Credit Cards
• Trigger Files
• Support 3 and 4 digit Credit Card Security Codes
• Address Verification

SendSafe accepts Visa, MasterCard, American Express, and Discover cards (support for additional cards or custom store cards can be added for a nominal fee). SendSafe also supports COD as a credit card alternative.

Enabling various cards or COD is done in the Storefront Admin Page.

Credit card processing is setup individually for each store front. This s a very flexible arrangement. You can use ICZ Internal Gateway Support, VeriSign PayFlowPro Plugin, CyberCash Cash Register Plugin, or IC Verify of each store front. You can mix processor support. One store front may use VeriSign and another store front managed by the same SendSafe robot can run IC Verify. 

TEST CREDIT CARD NUMBERS:

These international credit card numbers can be used to test the entire system. They are numbers that banks will reject as invalid without problem and are intended for system testing. 

ICZ INTERNAL GATEWAY SUPPORT

SendSafe's ICZ Internal Gateway processor includes support for 45 of the most popular online processors. This is the credit card processing setup that is the easiest to use; unless you have indepth technical knowledge of a gateway, you should not use the plugin interfaces discussed elsewhere in this document (i.e. PayflowPro, cyberCash, IC Verify, or custom plugins). In most cases ICZ Integrated gateway support will provide the highest processing speed compared to other SendSafe options.

Below is a list of the currently supported gateway processors:

3DSI EC-Linx	www.3dsi.com
ACH Payments	www.ach-payments.com
Authorize.Net	www.authorize.net
Bank Of America	www.bankofamerica.com
Concord EFSNET	www.concordefsnet.com
CyberCash	www.cybercash.net
DPI Link	www.dpicorp.com
ECHOnline	www.echo-inc.com
ECX QuickCommerce	www.ecx.com
eProcessing	www.eProcessingNetwork.com
Fast Transact	www.fasttransact.com
FirstData / CardService Int.	www.cardservice.com
FirstData / Cardservice Int.	www.firstdata.com
GoRealTime (Full-pass)	www.gorealtime.com
IBill Processing Plus	www.ibill.com
Innovative Gateway	www.innovativegateway.com
Intellipay ExpertLink	www.intellipay.com
Iongate	www.iongate.com
iTransact RediCharge HTML	www.itransact.com
LinkPoint	www.linkpoint.com
Merchant Anywhere	www.merchantanywhere.com
Merchant Partners	www.merchantpartners.com
Moneris	www.moneris.com
MPCS Weblink	www.merchantcommerce.net
NetBilling	www.netbilling.com
Network Merchants	www.networkmerchants.com
NOVA's Viaklix	www.viaklix.com
OGONE	www.ogone.be
Optimal Payments	www.optimalpayments.com
PayFlowLink - Verisign	www.verisign.com
PayFuse - First National MS	www.firstnationalmerchants.com
Paymentech - Orbital	www.paymentech.com
Payments Gateway	www.paymentsgateway.com
Payready Link	www.payready.net
Planet Payment	www.planetpayment.com
Plug 'n Pay	www.plugnpay.com
PRIGate	www.paymentresource.com
Protx	www.protx.com
PSIGate	www.psigate.com
RTWare WebLink	www.rtware.net
SkipJack	www.skipjack.com
SurePay / YourPay	www.surepay.com
TrustCommerce	www.trustcommerce.com
USA ePay	www.usaepay.com
uSight	gateway.usight.com
Verisign PayFlow Pro	www.verisign.com
YourPay	www.yourpay.com

Support for each gateway is configured in the storefront.config file. The following parameters must be set for the individual gateway. Not all of the parameters are required for every gateway and some gateways need addtional information or setup (some of the special setup requirements are listed below).

VeriSign PayFlowPro

• PayflowPro requires the pfpro.dll (from VeriSign). This file is included in the SendSafe installation directory and can be found in the root install directory with the other DLLS. You should make sure that this file is in the base directory or PATH from which SendSafe is run. This DLL from veriSign cannot be registered (regsvr32.exe). VeriSign also requires:
  1. Download the VeriSign PayFlowPro SDK for Windows NT/2000 from the download page on the VeriSign site.
  2. Unzip the SDK and locate the certificate (with filename like f73e89fd.0):
     Look in this subdirectory: X:\..\VeriSign\verisign\payflowpro\win32\certs
  3. Move this certificate to root SendSafe directory:
     X:\Program Files\SendSafe JSOF\ServerSideCode\CyberCash
  4. Set a system environment variable to the path to VeriSign certificate file you just moved to the SendSafe root directory:
     PFPRO_CERT_PATH = X:\Program Files\SendSafe JSOF\ServerSideCode\CyberCash

• ICZ TRANSX RETRY CODES = 8;11;25;26;100;101;102;103;104;106;109;115;116;1000

Sample configuration:

ICZ INTEGRATED = YES
ICZ TIMEOUT = 30

ICZ AUTH MODE = mauthcapture
ICZ HASH = <none>
; Set your partner code into ICZ PGATEWAYVALUE and Set ICZ PGATEWAYPARAM = PARTNER
; Partner code is optional if PARTNER = VeriSign
ICZ PGATEWAYPARAM = PARTNER
ICZ PGATEWAYVALUE = VeriSign
; Vendor code is optional and will default to VENDOR = USERID
ICZ PGATEWAY2NDPARAM = VENDOR
ICZ PGATEWAY2NDVALUE = myvenor

ICZ GATEWAY = 10
; PRODUCTION ICZ URLGATEWAY = payflow.verisign.com
; TEST MODE  ICZ URLGATEWAY = test-payflow.verisign.com
ICZ URLGATEWAY = payflow.verisign.com
ICZ USERID = myid
ICZ PASSWORD = shhhh

ICZ P12CERTPASSWORD = <none>
ICZ P12CERTIFICATE LOCATION = <none>
ICZ TRANSX RETRY CODES = 8;11;25;26;100;101;102;103;104;106;109;115;116;1000
ICZ IGNORECERTAUTH = NO

LinkPoint

• LinkPoint requires a client certificate issued by LinkPoint. This certificate must be converted from PEM to p12 and configured in SendSafe using the ICZ P12CERTIFICATE LOCATION and ICZ P12CERTPASSWORD config file keywords. Set ICZ USERID = store number.

• ICZ TRANSX RETRY CODES = NONE

Sample configuration:

ICZ INTEGRATED = YES
ICZ TIMEOUT = 30

ICZ AUTH MODE = mauthonly

ICZ HASH = <none>
ICZ PGATEWAYPARAM = <none>
ICZ PGATEWAYVALUE = <none>

ICZ GATEWAY = 30
ICZ URLGATEWAY = secure.linkpt.net:1129
ICZ USERID = 00000
ICZ PASSWORD = 000000

ICZ P12CERTPASSWORD = shhhhh
ICZ P12CERTIFICATE LOCATION = C:\PROJECT\JSOF SSL\jsof\WholesaleDirect.store\CyberCash\wholesalediscbrakes.p12
ICZ TRANSX RETRY CODES = <none>
ICZ IGNORECERTAUTH = NO

AUTHORIZE.NET

• ICZ HASH = (Optional MD5 Hash Security Feature - Hash code value provided by Authorize.net)

• ICZ PGATEWAYPARAM = Authorize.Net and ICZ PGATEWAYVALUE = AIM

• ICZ TRANSX RETRY CODES = NONE

Sample configuration:

ICZ INTEGRATED = YES
ICZ TIMEOUT = 30

ICZ AUTH MODE = mauthonly

ICZ HASH = <none>
ICZ PGATEWAYPARAM = Authorize.Net
ICZ PGATEWAYVALUE = AIM

ICZ PGATEWAY2NDVALUE = <none>
ICZ PGATEWAY2NDPARAM = <none>

ICZ GATEWAY = 1
ICZ URLGATEWAY = <none>
ICZ USERID = API Login ID
ICZ PASSWORD = Transaction Key

ICZ P12CERTPASSWORD = <none>
ICZ P12CERTIFICATE LOCATION = <none>
ICZ TRANSX RETRY CODES = <none>
ICZ IGNORECERTAUTH = NO

If you get the following error message:

"This account has not been given the permission(s) required for this request."

Partial List of Gateway Error Codes

Authorize.Net:

DPI:

eProcessing:

GoRealTime:

IBill:

Intellipay:

IOnGate:

ITransact:

NetBilling:

PayFlow Pro:

PayReady:

VIAKLIX:

USAePay:

PlugNPay:

Bank Of America:

Innovative:

Merchant Anywhere:

Skipjack:

ECHOnline:

3DSI EC-Linx:

Trust Commerce:

PSIGate:

PayFuse:

PayFlowLink:

LinkPoint/YourPay/FirstData

CYBERCASH CASH REGISTER INTEGRATION

CyberCash is now owned by VeriSign. As a result of this merger CyberCash accounts are no longer being issued. CyberCash support is provided with SendSafe to support businesses that currently have a CyberCash account.

To use CyberCash with SendSafe you do not need to configure a CyberCash Merchant Connection Kit (MCK), modify scripts, or play with html. SendSafe directly connects to CyberCash's Gateway servers and process your transactions. Build into SendSafe are ©CyberCash libraries that manage this connection. 

CyberCash on-line Setup Steps:

It is advised that you perform the steps in this order and the read through each step completely before beginning anything...
1	Contact your bank to setup an account that will work through CyberCash. Once your bank has setup an account, the bank will typically entered all the needed technical registration information. It is very important that your Business Name used by the bank MATCH the business name you enter in the following steps. This name is used by CyberCash to match up information entered by your bank with information you enter during on-line registration.
2	Register with CyberCash by going to this link https://amps.cybercash.com and selecting new merchant account.  You will not be using an MDP, so enter the name of your "ISP" and "SendSafe" as the I-Commerce system. Follow the on-line instructions and proceed through all the steps.  You may skip the download software step, since SendSafe is already configured with an MCK (Merchant Connection Kit).
3	When you get to the "Registration Completed Page" you will see a screen with the information listed below. This information is very important. It is the information you will need to load into SendSafe. It is advised to cut & paste this information to an ASCII file for accurate keeping. Merchant Connection Kit (MCK) Configuration Settings: Your Unique Configuration Settings: CyberCash ID (CYBERCASH_ID): yourcompanyname-nn Merchant Key (MERCHANT_KEY): hfkjdshfkjdshfoiuewyr9fdjflkds HASH_SECRET = 809437432urlkewhflkdsh;vldsh THE HASH SECRET IS NOT REQUIRED FOR PROPER OPERATION Note: The hash_secret is largely obsolete and is only used for older versions of the system, particularly Payment Components for Site Server, version 1.0. You can input it into the config file of all versions of the MCK just to be on the safe side. Settings for All Merchants: These settings should be preset in your MCK software as part of its standard installation. However, it is prudent to check these values to prevent any unneccesary problems. CCPS_SSL_HOST = https://cr.cybercash.com/cgi-bin/ CCPS_HOST = http://cr.cybercash.com/cgi-bin/ CCW_HOST = a.merchant.agilewallet.com If you have any questions, please contact our customer service at merchant-support@cybercash.com
4	Check your "Merchant Configuration" information (that was entered by your bank) for the following information: Processor> Authorization Type: authonly Your bank will allow either authonly or authcapture transations (see transaction type for setup info) which effects how you will interact CyberCash and how you will setup SendSafe.
5	Cut & Paste the  "CyberCash ID", "Merchant Key", and  "HASH_SECRET" into the SendSafe CyberCash configuration dialog Box, then setup the remainder of the SendSafe settings -  See below: "Setting up SendSafe for CyberCash" for more details See Address Verification System for decription of result codes
6	Test your new system running accounts using the Test Credit Card numbers.
7	GoLive!... Once you have completed testing and your are sure everything is working.
8	Run a few tests using real credit card numbers and then credit back amounts.

Setting up SendSafe for CyberCash:

The following information is needed to setup SendSafe to work with CyberCash. This information is stored in the "..\<storefront name>.store\CyberCash\merchant_conf" file (or the default location of "..\ServerSideCode\CyberCash\merchant_conf").

To setup this information open the SendSafe robot's menu Setup --> On-Line Credit Card Processing Integration.

It is recommended that you test CyberCash in Test Mode before going live. When you first register with CyberCash they will set you up on a test network. The transaction you make will not be real. If you do not have CyberCash account information yet, you can use the test values are listed below to run your system.

CYBERCASH_ID =	test-mck
CCPS_HOST =	http://cr.cybercash.com/cgi-bin/
HASH_SECRET=	secret-test-mck
MERCHANT_KEY =	gmRJp8rbzzcRdI5g8eLRScFeeQSWew5FsBzq6bxJDSJIiWhq7f

Once you are satisfied with Test mode operation, you can go live by Notifying CyberCash to move you from the Test Network to the Production network. It is advisable at this time to  place a few test orders and then refund the amount back to your credit card(s).

• To notify CyberCash that you wish to go live go to the Merchant Registration Site (http://amps.cybercash.com) and place your request.
• See Configuration file for manual configuration of CyberCash. 

The CyberCash MCK Kit:

1. Before you download and install the CyberCash Merchant Connection Kit (MCK) and all the relavent Adobe Actrobat documentation.
2. Before you can download this kit from CyberCash you must register as a CyberCash Merchant at http://amps.cybercash.com/. 
3. Your MCK can be downloaded from CyberCash at http://www.cybercash.com/cybercash/services/technology.html. 
4. Your will most likely want to down load the NT MCK.

Once the kit is installed it will create an installation directory with the name you specified (default="mck-3.2.0.4-nt" for NT Systems). You must build the kit by executing the batch file "build-merchant.bat". This file can be run from the CyberCash entry on your start menu. Follow your kit instructions for specific installation & building steps.

Settings to choice during build:

• Pick "Build an Express Merchant"
•  For script the type is "C" (not ASP or Perl)
• Select a web server directory where cgi files are placed. This directory must have both script and .exe execution permission.
• Allow the build program to copy the files out the web server.

The final goal of running the "build-merchant.bat" is to end up with a set of cgi-scripts and a config file. The basic directory structure will be something like this:

 x:\InetPub\YourStoreFront\mck-cgi
 x:\InetPub\YourStoreFront\logs
 x:\InetPub\YourStoreFront\mck-htdocs

The Directory ..\mck-3.2.0.4-nt\master-merchant\c-scripts\direct contains sample "C"  source files.

See Address Verification System for decription of result codes

 ADDRESS VERIFICATION SYSTEM (AVS) MODE: 

The following only applies to systems that have AVS checking enabled. To enable and configure AVS operation use the Setup for your specific payment gatewaye.

When using AVS mode you need to be aware that transactions will be approved while AVS fails unless you configure your gateway to specifically reject certain AVS scenerios.

When AVS is enabled, all transactions will be tagged with one of the codes listed below. For approved charges, this tag will be inserted after the Authorization code i.e. Approved: ET07 (AVSC=X). In this example the AVSC=X indicates an AVS code of 'X' (which means exact match - see table below).

If a transaction fails AVS but the charge was approved by the bank, then an additional line of explanation is included in all output (e-receipt, html reports, database, etc.). This line will explain why the AVS failed. In addition to this extra line of information each line will contain an AVS failed tag of: (AVSC1A). This tag can be searched for to find orders that may need human attention. This extra line of information in the e-receipt may be useful to the customer since they may have entered an incorrect zipcode or street number.

You may want to manually decline an order that has failed AVS. You should consult your merchant bank for information on their policies regarding AVS.

Note: To generate AVS failure reports from the database search for (AVSC1A) in the CCTxStatus column. i.e. Select * from Orders WHERE CCTxStatus LIKE '%(AVSC1A)%'

List of Raw AVS Codes returned by CyberCash.
These raw codes can be found in the appropriate SendSafe audit file, e-receipt, database, html reports, etc.

VERISIGN PAYFLOW PRO PLUG IN INTEGRATION

To use VeriSign with the SendSafe plugin you do not need to configure a PayFlowPro Kit (SDK), modify scripts, or play with html. SendSafe directly connects to VeriSign's Gateway servers and process your transactions. Build into SendSafe are ©VeriSign libraries that manage this connection. 

Like most i-commerce systems, SendSafe does not provide a VeriSign administrative interface. SendSafe submits credit card charges (it does not issue credits, perform end of day settlements, or other administrative functions). To perform these functions VeriSign provides an on-line management interface. To access this interface you should use the URL https://manager.verisign.com/login/login.cfm and userid/password that was assigned when you registered with VeriSign.

SendSafe can be customized by C Prompt to provide custom automated credit, void, and other credit card transactions.

Selecting the Versign Host:

• Use this host for testing: test-payflow.verisign.com
• Use this host for live operation: payflow.verisign.com
• In the storefront.config file the KEYWORDS that configure VeriSign as well as all other on-line processors all begin with the word "CYBERCASH".

VeriSign uses a unique code number called a "PNREF" to identify a given transaction. SendSafe includes this code number as part of the approval code (database column ApprovalCode).

i.e. Approved: NV68 (AVSC=X) PNREF=VSS82839920

VeriSign on-line Setup Steps:

VeriSign Configuration

The following information is needed to setup SendSafe to work with VeriSign PayFlowPro. This information is stored in the file "..\SendSafe\<your store name>.store.config"

To setup this information open the SendSafe robot's menu Setup --> On-Line Credit Card Processing Integration.

Testing and Trouble shooting:

1. The PayFlowProModule can be run stand-alone at a command prompt. A batch file with all the needed parameters can be found in the same directory and the module (testpayflow.bat). You will need to change the MerchantId, VendorId, Partner, & password parameters before running.
2. See Advance Config for more settings.

IC VERIFY INSTALLATION

To run SendSafe using IC Verify to authorize credit card orders you have to do the following:

1. Call up your bank to setup an account that will work through IC Verify
2. Install IC Verify Active-X Component
3. Install IC Verify
4. Register IC Verify with http://www.icverify.com
5. Configure SendSafe to use IC Verify
6. Test the system
7. Go live.

Installation Steps:

1. Install the IC Verify Active-X Component. Locate the subdirectory "IC Verify Active-X Component". This subdirectory can be found under the SendSafe directory i.e. "..\SendSafe JSOF\IC Verify Active-X Component".

1. From the "IC Verify Active-X Component" directory run the setup.exe program.
2. It is okay if IC Verify generates an Install error that "Msvcrt20.dll" is in use and cannot be installed. Press the [Ignore] button to proceed with the installation leaving the existing "Msvcrt20.dll" in place and running. DO NOT PRESS the [Abort] button.
3. Close the "Start Menu Addition" Window which may have been left open. This window is listing: ICVPay, Readme, License, Examples, and docs Startup menu entries.
4. When the setup dialog asks you to Finish the install. Press [Finish] and then [Okay].
5. This setup program will install and register the IC Verify Active-X component "ICVPay.dll".

2. Install IC Verify (after installation is complete follow the instructions that came with the IC Verify disks to setup IC Verify for your Merchant Account Processor or setup IC Verify in test - training mode). To begin the installation run the program "install.exe" from the IC Verify disks. IC Verify must be run in Multi-User mode in order for SendSafe to be able to submit credit card authorization jobs to IC Verify.

1. Insert the 1st IC Verify disk and execute the "install.exe" program.
2. It is okay if IC Verify generates an Install error that "Msvcrt20.dll" is in use and cannot be installed. Press the [Ignore] button to proceed with the installation leaving the existing "Msvcrt20.dll" in place and running. DO NOT PRESS the [Abort] button.
3. From the Start Menu, run the "IC Verify Multi-User" program.
4. Create a "Request Directory" suggested "c:\ICVWIN20\ReqDir".
5. Enter the path  "c:\ICVWIN20\ReqDir" that you just created into the "Request Directory" entry.
6. Enabling "Evaluated Response" mode. Execute the IC Verify Setup Program, select the "Merchant Information tab", in the "Evaluate Rsp Y/N/B/L/D/S" entry field enter "Y" for yes.
7. Setting up "Search Matching" for IC Verify 2.20 Interactive. Execute the IC Verify Setup Program, select the "Options tab", in the "Match 1st, 2nd Fields" entry field enter "N" for no. If you do not set this value to NO then when processing voids/ships the IC Verify GUI will generate "TRANSACTION NOT FOUND" error messages.

To run IC Verify in test - training mode:

(This is useful to test out the system without running actual credit card transactions)

1. Copy one of the "demoxx.set" files from the demoset subdirectory to the root IC Verify directory.
2. Rename the file "demoxx.set" to "icverify.set" replacing the existing file.
3. From the Start Menu, run the "IC Verify Multi-User" program.
4. Enter "/DD" in the Initialization String entry (do not enter the quotes "" only the /DD).
5. Create a "Request Directory" suggested "c:\ICVWIN20\ReqDir".
6. Enter the path  "c:\ICVWIN20\ReqDir" that you just created into the "Request Directory" entry.
7. Enabling "Evaluated Response" mode. Execute the IC Verify Setup Program, select the "Merchant Information tab", in the "Evaluate Rsp Y/N/B/L/D/S" entry field enter "Y" for yes.

3. Setup SendSafe to use IC Verify (click for details). This involves entering 7 item in SendSafe's "IC Verify Integration" menu (a sub menu of Setup).

4. Test the entire SendSafe + IC Verify system using test credit card numbers, then put through a real order and then void the transaction in IC Verify.

IC VERIFY INTEGRATION OF OFF-LINE PROCESSING SYSTEM

IC Verify is the industry leading credit card authorization system. C Prompt is an integration development partner with IC Verify. SendSafe and IC verify can be purchased separately or as a bundle. If you already own IC Verify, SendSafe can be seamlessly integrated with your existing IC Verify system.

SendSafe has the capability to perform integrated operations with IC Verify. SendSafe makes requests to  IC Verify to authorize credit card transaction. The entire process is fully automated. The authorization code is amended to the SendSafe i-commerce transaction record. Automated customer confirmation messages of approval or charge denied are generated and e-mailed.

IC Verify Multi-User Mode

SendSafe runs with IC Verify in multi-user mode. The IC Verify DLL operation used by SendSafe is hardwired to operate as substation 1. Currently this setting cannot be changed. Other substations configured for your IC Verify installation can be set to the substation numbers 2...n.

Configuring SendSafe and IC Verify

Set up IC Verify as you would for a standard installation (see IC verify documentation for detailed instruction).

If you are planning on using IC Verify you must install the IC Verify Active-X component. This component is not used as an Active-X Webpage object. It is run internally on the computer and is functionally a special case DLL provided by IC Verify. The IC Verify Active-X Component can be found a sub directory under where you installed SendSafe. To install this component run the setup.exe program by double clicking on it.

There are a few SendSafe specific configuration items:

1. IC Verify must be run in mutli user mode and the multi-user IC verify server program must be running.
2. IC Verify Active-X component must be installed.
3. A Request/Response directory needs to be created. This directory is not created during IC Verify installation. The recommend default is "d:\Icvwin20\ReqDir". This directory must be entered into both the IC Verify Multi-User GUI and the SendSafe Robot's "IC Verify Integration" setup dialog. 
4. Set the "Process Files Every N Seconds" entry in the IC Verify Multi-User GUI to 3 seconds.
5. In the IC Verify Setup the "Evaluated Response" field (under the Merchant Info tab of Advanced Setup) must be set to Y (yes).
6. In the Multi-User GUI the "Initialization String" entry should be empty, unless you are running in training mode; in which case the initialization string should be set to "/DD".
7. (Optional) If Modem Sharing is planned THEN IC Verify may need to be configured to quickly disconnect the phone when a verification task is complete. These settings can be found in the IC Verify Setup under the "hardware" tab. The entry that controls disconnection is labeled "Wait Hold". Three separate values can be entered into this field, each separated by a space. The first value determines the polling speed that ICVERIFY checks for transaction requests. The second value determines how long ICVERIFY will hold the line open once a connection is established with the processing network. The third value which can be entered is the name of the directory which will be used to process request and answer files. A typical SendSafe entry would be "3 1 d:\Icvwin20\ReqDir". This tells IC Verify to check for requests every 3 seconds,   to hold the line open for 1 second, and to use the request/response directory "d:\Icvwin20\ReqDir". Some tuning of these values may be required to get IC Verify to efficiently perform modem sharing. 

If IC Verify will also be used to manually process transactions, then a separate phone line is strongly recommended. This means that if you will be running the IC Verify GUI to manually enter transactions (in addition to SendSafe automatic transaction processing) THEN to avoid modem conflicts you should use a different line for Internet Access and IC Verify Credit Card Processing.

The SendSafe configuration options are located in the "IC Verify Integration" drop down menu (located under the Setup menu). In the "IC Verify Integration" dialog you will need to enter a few pieces of information. Optional Advanced IC Verify configuration is accomplished by modifying the jsof.config file. Please refer to the "IC Verify Quick Setup Guide" and "Windows User Manual" for additional information about these configuration parameters and installing IC Verify on your computer. Specific information about setting up IC Verify in Multiple User mode can be found on page 56 of the "Windows User Manual". 

It is recommended that you test IC Verify Integration with IC Verify set in Training Mode. This is accomplished by setting the Multi-User Initialization string to include "/DD". This will allow you to simulate IC Verify processing credit card transactions. See IC Verify documentation for more details.

Common IC Verify Configuration and Operation mistakes:

1. A very common error is running SendSafe without running the IC Verify server. If this happens SendSafe may appear to hang-up while processing a customer order. If you wait long enough, SendSafe will timeout after a several minutes and report an IC Verify error. Always run both SendSafe and IC Verify Multi-user server. You may want to place these programs in your startup folder or run them as NT Services using Microsoft's srvany.exe tool (provided in the NT Resource Kit).
2. If you get an "ICV-1020 Unrecognized IC Verify response error" then the most likely cause is that IC Verify is not configured for "Evaluated Response". Open the IC Verify Setup Program, select the "Merchant Information tab", in the "Evaluate Rsp Y/N/B/L/D/S" entry field enter "Y" for yes.

CUSTOM INTEGRATION AND OPERATION OF THE ON-LINE CREDIT CARD PROCESSING MODULE

All on-line processing services (i.e. VeriSign, CyberCash, etc.) will use this interface to a plug-in module. Plug-in modules are provided for CyberCash and VeriSign. Source Code for these modules is available so that you can create support for other on-line processors.

If you do not want to use CyberCash, VeriSign, or IC Verify, you can integrate any Credit Card Processing system you want. This does require programming experience. C Prompt can do this custom programming for you (cost about $2000), or you can do it yourself. C Prompt will also provide free of charge the c++ source for the CyberCash or VeriSign module so that you can modify it to work with your processor (the source code is provided on condition of a reciprocal agreement where you will provide to C Prompt royalty free any and all modification made to the module).

This custom integration is accomplished by replacing the CyberCash module with support for any Credit Card Processing system. The CyberCash module is a stand alone C++ program that processes credit card transactions. The program is a plug in module with a defined interface. It takes a set of command line parameters and returns the results in a file (or to stdout). The program must be a command line runnable object (C++, VB, Perl, etc.).

You must program your replacement module to take the following input and generate the specified output file. 

See Configuration file for manual configuration of CyberCash module and customization. 

Sample command line input for Cybercash Module:

cybercashmodule /ORDERID="CPROMPT00000005" /NAME="Bob Haveson" /AMOUNT="usd 10.00" /CCNUM="4111111111111111" /EXPDATE="02/02" /ADDRESS="1 Mocking Bird Lane" /CITY="Dallas" /STATE="TX" /ZIP="75230" /COUNTRY="USA" /CONFIGFILE="..\conf\merchant_conf" /OPERATIONCODE="mauthcapture" /FILEOUT="CPROMPT00000004.txt" 

Note:

• No spaces are allowed between NAME=VALUE example: /TEST /NAME=bob /AMOUNT=10.00 /CCNUM=4111111111111111
• If spaces are required in a parameter value then it must be enclosed in "" example: /ADDRESS="10 Mocking Bird Lane"

Results returned to SendSafe in a file:

The name of this file is passed to the module as the command line parameter "/FILEOUT"

SAMPLE OKAY TRANSACTION FILE:

[[RUNNING TRANSACTION]]=
ConfigFile = >> ..\conf\merchant_conf
OperationCode = >> mauthcapture
OrderID = >> CPROMPT00000005
Amount = >> usd 10.00
CCNumber = >> 4111111111111111
ExpDate = >> 02/02
Name = >> Bob Haveson
Address = >> 1 Mocking Bird Lane
City = >> Dallas
State = >> TX
Zip = >> 75230
Country = >> USA
[[END TRANSACTION]]
 
[[RESULTS]]=
0 card-exp => 01/04
1 aux-msg => Financial Institution Response: authorization approved.
2 cust-txn => 416750268
3 avs-code => X
4 paid-amount => usd 2625.06
5 card-number => 411111
6 card-type => vs
7 order-id => CPROMPT28380847
8 MStatus => success
9 ref-code => 00015612
10 auth-code => NV68
11 merch-txn => 416750268
12 action-code => 000
[[END RESULTS]]

Notes:

1. merch-txn will return a unique code identifying this transaction. In VeriSign this code is the PNREF code.

SAMPLE FAILED TRANSACTION FILE:

[[RUNNING TRANSACTION]]=
ConfigFile = >> ..\conf\merchant_conf
OperationCode = >> mauthcapture
OrderID = >> CPROMPT00000005
Amount = >> usd 10.00
CCNumber = >> 4111111111111111
ExpDate = >> 02/02
Name = >> Bob Haveson
Address = >> 1 Mocking Bird Lane
City = >> Dallas
State = >> TX
Zip = >> 75230
Country = >> USA
[[END TRANSACTION]]

[[RESULTS]]=
0 MErrMsg = > Duplicate: Order ID 'CPROMPT00000005' has been completed already
1 MStatus = > failure-hard
2 MErrCode = > CR-0045
[[END RESULTS]]

PROCESSING CREDIT CARD RETRIES:

(re-running orders, retrying orders)

Your bank or on-line processor can experience network outages. These outages will result in SendSafe not being able to authorize one or more transactions. These outages can result in some very odd status results coming back from your merchant bank or on-line processor (VeriSign, CyberCash, etc).

The SendSafe robot handles these outages by identifying that an outage is occuring and then retrying the authorization. SendSafe will retry the autorization five time before giving up. The time delay between retries grows exponetially. For example the first retry may occur in 10 minutes, the next in 40 minutes, and the one after that in 160 minutes.

If all reties fail then SendSafe will issue an e-receipt to the customer indicating that the order was not completed. SendSafe will also send admin e-mail and issue SMTP pager alerts when the outage occurs and if any orders fail to complete in retry.

You can manually force a retry for an order than will no longer be automatically retried. This can be done by following these steps:

1. Locate a backup copy of the original EMSG file in the Output directory and copy it to a temp directory

a. Example: 85631.1542.ASPSRC.EMSG.backup.1027237289.PresvBackup
Where 85631 = transactionId

b. Copy and Rename the EMSG backup file to: 85631.1542.ASPSRC.EMSG

2. Change status of the Order

a. Open the order in the AdminOrder page.

b. The status entry for the order record will look something like this: {RETRYCCFAILED};QBORDER;RetryStatus=0

c. Change {RETRYCCFAILED} to: {RETRYCC}

d. Change RetryStatus=0 to: RetryStatus=1

3. Copy the file 85631.1542.ASPSRC.EMSG into the “Input” directory (SendSafe input queue).

4. Optionally press the [ Force Check for Orders now ] button or wait for the system to recognize the order EMSG that you just dropped into the queue.

SUPPORT FOR IN-HOUSE CREDIT CARDS

In-House credit card acceptance is enabled by setting "Enable Charge Card Alterative IHC" to true in the storefront config. Accepting credit card security codes is also be enabled. IHC charges are automatically detected and processed by the robot; therefore enable/disable is controlled by enabling selection of IHC from storefront config admin page.

IHC can operate in one of two ways: (a) To connect to an outside system for charge approval OR (b) Integration with the SendSafe e-coupon system.

Charge approval requests are submitted using an HTTPS GET to a defined URL on a remote system. Responses come back as text values in an HTML page. The SendSafe will follow page redirects so the response can be the result of an HTTP redirect.

Transaction timeouts and system level errors will be retried.

To enable IHC, set the IHC entry in the storeconfig to true. On older systems there may not be an IHC entry (DB row in the storeconfig table). If this is the case then use the SQL Script "add IHC to storeconfig.sql" to add the DB row.

    100 - charge approved
    101 - invalid account number
    102 - wrong number of digits in account number
    103 - credit exceeded
    104 - charge declined
    

CREDIT CARD SECURITY CODES

SendSafe accepts and processes credit card security codes. These are the 3 or 4 digit codes used by MC/Visa/Amx. To properly handle theses codes you must configure SendSafe for them. These codes are handled in ICZ and IHC processing subsystems (other subsystems require customization).

To maintain compliance with industry security regulation SendSafe does not store security codes. Security codes are checked the first time a credit card is submitted or updated. QuickBuy transactions do not submit security codes because they cannot be retained in the secure offline database and still be in compliance with security regulations.

The recommend setup is to configure your payment gateway to:

1. Reject if CCV Code = N - Rejects a charge if the CCV code does not match
2. Accept if CCV Code = P - Accept a NOT PROCESSED status i.e. no CCV code was submitted
3. Accept if CCV Code = S - Accept an ON CARD BUT NOT SUBMITTED status i.e. no CCV code was submitted
4. Accept if CCV Code = U - Accept when an issuer is not certified or has not provided encryption key

Some older systems may not already have a CSV column in the secure DB. You can use the "Add SecureCC CSV Column.sql" script to setup this column.

FILE = "..\SendSafe\<your store name>.store.config" Before modifying any configuration file always make a backup copy of the file. To find a specific storefronts configuration file: see Location of Configuration files
Keyword	Default value	Explanation
CSV CODE	NO	This keyword enables and disables the processing of CSV codes which include (Visa/MC/Amx cards and IHC passwords).

TRIGGER FILE FORMAT

From: 
	Sub UploadCCNumber()
Handled by: 
	bool BPOrderObject::importAndParseASPSRCOrder()
	
fObjOrderRecordDebugDump.WriteLine( "SendSafeOrder=DBV1.00" )
fObjOrderRecordDebugDump.WriteLine( "StoreFrontID: " & storeFrontId )
fObjOrderRecordDebugDump.WriteLine( "Time Stamp: " & Now )
fObjOrderRecordDebugDump.WriteLine( "Account: " & ccNumber )
fObjOrderRecordDebugDump.WriteLine( "Expiration Date: " & expDate )
fObjOrderRecordDebugDump.WriteLine( "CSV: " & csvCode )
fObjOrderRecordDebugDump.WriteLine( "[<END OF RECORD>]" )

Notes:

1. The name of the trigger file contains the transactionId.
   example: 633508467.414629437.ASPSRC.EMSG the transactionid = 633508467
2. When an order first comes in and the triger files causes its loading; QuickBuy state is determind from the order status field Status
3. Since an In-House Credit card (IHC) can be any numeric string, it cannot be identified by the standard credit card prefix codes. IHC mode is therefore identified by the CSV code prefix of: IHC. This automatically assigned prefix is saved as part of the CSV code in the DB.
4. CSV codes (CSC, CVV2, CIS, and IHC) are processed if present and ignored if not present (this is determinded on a transaction by transactioni basis).

Example of a normal Trigger file

SendSafeOrder=DBV1.00
StoreFrontID: CPROMPT
Time Stamp: 7/11/2005 8:32:14 PM
Account: 4111-1111-1111-1111
Expiration Date: 12/17
CSV: 123
[<END OF RECORD>]

Notes:

1. State Status = {SUBMITTED PENDING}
2. The CSV field is optional

Example of a QuickBuy Trigger file

SendSafeOrder=DBV1.00
StoreFrontID: CPROMPT
Time Stamp: 7/11/2005 8:08:26 PM
Account: 736846355
Expiration Date: /
CSV:
[<END OF RECORD>]

Notes:

1. The Account number is the customerId
2. QuickBuy state Status = {QB SUBMITTED PENDING}
3. The Expiration date must be blank
4. The CSV must be blank
5. The CSV field is optional