DPSAUTH COM OBJECTDPSAuth is a COM object that encapsulates the XML interface to a Payment Express® Server. DPSAuthSSL COM object can be used instead with a similar component reference, but sending https posts to the Payment Express® Host directly, without the need for the PX Application Server. For customers using Microsoft Site Server software, please see DPSAuthP for a separate software component.
Files Installed/Updated
Only DPSAUTH.DLL is required for operation. If automated removal (uninstall) is not required, DPSRAUTH.EXE may be deleted after install. Uninstalling DPSAUTHTo uninstall DPSAUTH from a computer, use the Settings/Control Panel/ Add/Remove programs utility. Select DPSAuth and press "Add/Remove". Using DPSAUTH.DLLLoad appropriate COM properties (Amount, TxnType etc) and then call method DoAuthorize to perform a transaction, either purchase, refund, authorisation or completion. MethodsDPSAUTH.DLL control offers a number of methods to initiate transactions, connect to the Payment Express Server and alter settings and retrieve information. This section details the available methods and their intended uses. DoAuthorizeAmount, ClientId, CardHolderName, CardNumber, DateExpiry and TxnType properties must be loaded before calling DoAuthorize. Output properties are set before the return from the DoAuthorize method. Input Properties
Note1: CardNumber, ClientType,DateExpiry and IssuerName are not required for Completion transactions and are ignored if present. Note2: ClientInfo is required for internet transactions. It is used to record the addressof the end user browser that initiated the transaction. Note3: DpxTxnRef is required for a Refund transaction only. Must contain the DpsTxnRef returned by the transaction to be refunded. Note4: The PreAuthNumber is required for Completion transactions. It is ignored for other transaction types. Output PropertiesThese properties are set when the DoAuthorize method returns.
DoDelaySuspends execution in a CPU-efficient manner for 5 seconds. A convenient delay for ASP or Visual Basic programmers to use between calls to DoStatus. The delay is configurable from 1 second to 60 seconds for system wide users via a registry setting if desired. DoGenerateTxnRefCertain applications need to know what the TxnRef value is going to be prior to a transaction starting. This would cater for the situation where a program calling DpsAUth crashes while a transaction is in flight. The calling application can call DoGenerateTxnRef to generate a TxnRef which is returned in TxnRef property. This value may be stored by teh caller to hard disk or other non volatile storage and then DoAuthorize is called. DoAuthorize will use the TxnRef generated by DoGenerateTxnRef. Alternatively, the calling application can supply its own TxnRef as input to DoAuthorize (DoGenerateTxnref is not used). DoStatusDoStatus is used when a call to DoAuthorize fails and the StatusNeeded property of the DPSAuth object is set true. If DoAuthorize returns with the StatusNeeded value set to true, it indicates that DPSAuth has transmitted a transaction request to Payment Express Server, but a response was not received within a timeout period or the link to Payment Express Server or beyond failed while awaiting a response. In either of these circumstances, the result of the transaction is indeterminate. The DoStatus method should be used to retrieve the actual completion status. DoStatus uses the original ClientId and TxnRef values which uniquely identify the transaction to lookup the transaction at the Payment Express Host and return the results. Example: Client Application instantiates DPSAuth object.
Once the client application has confirmed the result of the transaction with the Payment Express Server with the DoStatus call, normal processing of subsequent transactions using DoAuthorize method can resume. ClientId and TxnRef property must be loaded before calling DoStatus. Output properties are set before the return from the DoAuthorize method. This method is provided to retrieve information about a previous transaction started by DoAuthorize. This would not ordinarily be required, but should be performed automatically if the DoAuthorize method does not return a host-originated response. That is, if the StatusNeeded property is returned as True. DoStatus is called with the original transaction reference, as returned in TxnRef property after calling DoAuthorize. Ensure that this TxnRef value is loaded in TxnRef property before calling DoStatus. Payment Express Host maintains transaction results for at least 48 hours. Therefore, calls to DoStatus can rely on results being available for at least this period following transmission of the original transaction. If a DoStatus method is made for a transaction that was successfully processed by Payment Express Host and was accepted by the bank, then the DoStatus method will result in the DPSAuth properties being set exactly as they would have been for the original transaction result, regardless of whether the original transaction result was actually received by the DPSAuth object. Properties returned upon DoStatus completionOnly the following properties are returned by a successful call to DoStatus method.
Exception HandlingRefer to DoStatus method. The Payment Express
architecture does not provide for customer applications to "reverse" or "back
out" transactions once started. Exception conditions arise when the link
between the customer application (DPSAuth COM Object interface) and the Payment
Express Server is interrupted the Payment Express Server has transmitted a
response to a transaction request. In this circumstance, the result of the
transaction is indeterminate for the customer application because no response
was received from the Payment Express server.
PropertiesThe following section provides a detailed description of each DPSAuth property and indicates if the property is used as input or as output. If a property is marked as input, it is not updated or output when a call to DoAuthorize or DoStatus returns. This is important when a call is made to DoStatus for example, the original contents of Amount as input to the DoAuthorize call are not output by DoStatus. Address1 (input) Datatype: BSTR Max 32
Bytes
Cardholder Billing Address Line1 - may be used by Payment Express Host for
additional verification purposes. Not currently implemented.
Address2 (input) Datatype: BSTR Max 32
Bytes
Cardholder Billing Address Line2 - may be used by Payment Express Host for
additional verification purposes. Not currently implemented.
Address3 (input) Datatype: BSTR Max 32
Bytes
Cardholder Billing Address Line3 - may be used by Payment Express Host for
additional verification purposes. Not currently implemented.
Amount (input) Datatype: BSTR Max 12 bytes
Total Purchase, Refund, Auth or Completion amount. Format is d.cc where d is
dollar amount (no currency indicator) and cc is cents amount. for example,
$1.80 (one dollar and eighty cents) is represented as "1.80", not "1.8". A
string value is used rather than the conventional Currency Datatype to allow
for easy integration with Web applications. Note that the original value
used as input to DoAuthorize is not
returned by any subsequent DoStatus and must be stored
by the application if required. Maximum value allowable is $99,999.99. Note
that acquirer or card limits may be lower than this amount.
AuthCode (output) Datatype: BSTR Max 64
bytes
Authorisation code. A variable length string returned by Card Acquirer. For
credit card transactions, contains the authorisation code. For
Auth/Completion operation, store this value after an Auth transaction
and use the contents as input to the PreAuthNumber
prior to the subsequent Completion transaction.
AllowClientStandIn (input) Boolean
true/false
Default false. If set to true, allows Payment Express Client to "Stand In" for
the Payment Express Server if communications or other temporary problems
prevent online authorisation. This functionality is not implemented in the
current Payment Express Server and this property is reserved for future use.
AllowServerStandIn (input) Boolean
true/false
Default false. If set to true, allows Payment Express Server to "Stand In" for
the Bank Host if communications or other temporary problems prevent online
authorisation. This functionality is not implemented in the current Payment
Express Server and this property is reserved for future use.
BillingId (input/output) Datatype: BSTR
Max 32 bytes
BillingId generated by the customer system. This could be a customer number and
is used as input to DoAuthorize to rebill an existing customer. If
EnableAddBillCard
CardHolderResponseText (output)
Data type: String Max 32 bytes
Brief (Max 32 character) response text intended for card holder.
CardHolderResponseDescription
(output) Data type: String Max 32 bytes
More detailed explanation of result. Intended for card holder.
CardHolderHelpText (output) Data
type: String Max 32 bytes
More detailed explanation of result. Intended for card holder.
CardHolderName (input) Datatype:
BSTR Max 64 bytes
The cardholder name as it appears on customer card. Optional and may be
left blank.
CardNumber (input) Datatype: BSTR Max
20 bytes
The card number. No leading or embedded blanks are permitted. Must contain a
numeric value.
CardName (output) Datatype: BSTR Max 16
bytes
The card type used for the transaction. Note that the list may be expanded as
support for new cards is added. The CardName format is to capitalize the first
letter with remaining letters in lowercase. This field is returned only for
Purchase, Refund and Auth transactions. It is not returned for Completion
transactions, because a completion transaction assumes a matching, successful
Auth transaction.
Cavv (input) Datatype: BSTR Max 28
bytes
Set the CAVV (Cardholder authentication Verification Value) when a transaction has been authenticated through 3D authentication. CAVV contains a 20 byte value that has been Base64 encoded to 28
bytes result. The merchant and acquirer will need to include the CAVV in the
authorization in order to demonstrate that authentication occurred. ClientId (output) Datatype: BSTR Max 8
bytes
Uniquely identifies a client accessing DPSAUTH. This value is set by DPSAuth COM
object upon object instantiation. Not usually used.
ClientInfo (input) Datatype: BSTR Max
64 bytes
Internet Address of the browser. Not usually used.
ClientType (input) Datatype: BSTR Max
1 byte
Type of client transaction - Choose from the following values
The ClientType property describes the origin of the transaction, for example; Vending machine or from a Web Server. It is also possible to capture magnetic stripe information (Track2 data) for Card Swipe transactions. (e.g.: a car park kiosk using a magnetic swipe to capture customer card information. Currency (output) Datatype: BSTR Max 4
bytes
Indicates currency used for this transaction. Currency will be determined by the
bank account used which is selected using the Account property.
E.g.: NZD or AUD or USD.
Cvc2 (input) Datatype: BSTR Max 4
bytes
Card Verification Code 2 number. Some payment cards are issued with
additional identifying information. These cards will have the account number
printed on the signature panel of the card followed by a three or four digit
value. This value is generated by the issuing bank and can be verified by the
bank. Payment card brands have varying names for the value:
American Express: Four-digit batch code (4DBC) Supplying this value provides an indication of that the person participating in a transaction had physical possession of the card at some point in time. DateExpiry (input) Datatype: BSTR Max
4 bytes
Indicates card expiry date. Format is MMYY where MM is month 01-12 and Year
00-99. do not insert "/" or other delimiter.
DateSettlement (output) Datatype: BSTR
Max 8 bytes
Indicates Date of settlement (when money will be deposited in Merchant bank
account) if this is supported by the Acquirer, otherwise contains the
date the transaction was processed in YYYYMMDD format.
DpsBillingId (input/output) Datatype: BSTR
Max 16 bytes
Returned for a successful billing transaction if EnableAddBillCard
is set. Supplied as input to rebill a transaction if BillingId is not used. It
is not allowed to specify both a BillingId and a
DpsBillingId when rebilling a transaction.
DpsTxnRef (input/output) Datatype: BSTR Max
16 bytes
Returned for every transaction. If the transaction was approved, DpsTxnRef can
be used as input to a Refund transaction. Used to specifiy a transaction for
refund without supplying the original card number and expiry date.
HostDate (output) Datatype: BSTR Max 8
bytes
Indicates Date of transaction as recorded by Bank Host in YYYYMMDD format. This
field may be blank if the transaction was rejected locally or otherwise not
processed by the bank host.
HostTime (output) Datatype: BSTR Max 6
bytes
Indicates Time of transaction as recorded by Bank Host in HHMMSS format. This
field may be blank if the transaction was rejected locally or otherwise not
processed by the bank host.
IssuerName (input) Datatype: BSTR Max 32
bytes
Name of bank that issued the credit card. Eg: ANZ, Westpac etc.
MerchantReference (input) Datatype:
BSTR Max 64 bytes
Free Text Field for use by merchant (could be order number, customer number
etc.).
PaReq (input) Datatype:
BSTR Set PAReq (Payer Authentication Request) message that was used when a transaction has been authenticated through 3D authentication. The merchant and acquirer will need to include the CAVV in the
authorization in order to demonstrate that authentication occurred.
PaRes (input) Datatype:
BSTR
Set the PARes (Payer Authentication Response) message that was received from the ACS server, when a transaction has been authenticated through 3D authentication. The merchant and acquirer will need to include the CAVV in the
authorization in order to demonstrate that authentication occurred.
EnablePaxInfo (input) Data type: Boolean True/False
Used for Airline Reservation Systems. Enable collection of extended booking data
to go through to the acquirer. Value will need to be true (1) if ticket information is included with the transaction.
PaxDateDepart (input) Data type: String Max
8 bytes Used for Airline Reservation Systems. Date departing in YYYYMMDD format. Numeric.
PaxName (input) Data type: String Max
20 bytes Used for Airline Reservation Systems. Passenger Name. Alphanumeric.
PaxLeg1 (input) Data type: String Max
3 bytes Used for Airline Reservation Systems. Leg 1 flight information. Alphanumeric.
PaxLeg2 (input) Data type: String Max
3 bytes Used for Airline Reservation Systems. Leg 2 flight information. Alphanumeric.
PaxLeg3 (input) Data type: String Max
3 bytes Used for Airline Reservation Systems. Leg 3 flight information. Alphanumeric.
PaxLeg4 (input) Data type: String Max
3 bytes Used for Airline Reservation Systems. Leg 4 flight information. Alphanumeric.
PaxOrigin (input) Data type: String Max
3 bytes Used for Airline Reservation Systems. Passenger Origin of departure. Alphanumeric.
PaxTicketNumber (input) Data type: String Max
14 bytes Used for Airline Reservation Systems. Passenger Ticket Number. Format:
AAATTTTTTTTTTC. AAA is airline code, TTTTTTTTTT (10 chars) is actual ticket number and C is check digit. Numeric.
PaxCarrier (input) Data type: String Max
2 bytes Used for Airline Reservation Systems. 2 character airline identifier. Alphanumeric.
PaxTravelAgentInfo (input) Data type: String Max
25 bytes Used for Airline Reservation Systems. Travel Agent description field. Also known as the Booking Reference on some of DPS screens. Alphanumeric free text field.
Retry (output) Datatype: Boolean True/False
If true, then the transaction should be resent - the transaction was declined
due to a communication error or transmission error. If false, then the
transaction should not be resent regardless of whether it was accepted or
declined.
PreAuthNumber (input) Datatype:
BSTR Max 64 bytes
PreAuth Number - only used for Completion of Auth/Completion
transactions. This is the value returned by a successful Auth transaction in
AuthCode.
Password (input) Data type: String Max
32 bytes
Used with Username to determine account for settlement.
Payment Express clients can be set up with more than one bank account. Each
transaction may be designated for a specific account if required.
ResponseCode (output) Datatype: BSTR
Max 2 bytes
Response Code generated by DPS Server (for locally declined transactions) or by
the Card Acquirer (for host originated responses). The ResponseCode
should not be checked by the client application using DPSAUTH as these
values differ according to acquirer. Use the Success property
to check for successful completion of a transaction. Refer to section
Response Codes for a list of valid response codes generated by
acquirers and locally by the Payment Express Server or DPSAUTH control.
ReceiptEmailAddress (input) Data
type: String Max 64 bytes
Email address to send a transaction receipt. If not blank, this must be a valid
email address in the form user@x.y.z. Not
currently implemented.
ServerAddress (input) Data type:
String Max 32 bytes
Address of Payment Express Server in either "255.255.255.255" numeric format or
alphanumeric "hostname" format. If blank, defaults to local host address. This
value is written by the DPSAuth control to the system registry - it is
preserved and will be used for subsequent connects until changed by a new value
set in ServerAddress.
ServerPort (input) Datatype: long
Listener port of Payment Express Server. Default is 3007. Leave this value as
blank unless the system administrator has reassigned the listener port. This
value is written by the DPSAuth control to the system registry - it is
preserved and will be used for subsequent connects until changed by a new value
set in ServerPort.
StatusNeeded (output) Datatype: Boolean
True/False
If false, indicates that the result was successfully retrieved from the
Payment Express Server or that no message was sent to Payment Express
because of a local error. No further action is required in this case. If true
after a call to DoAuthorize, a message was sent to
Payment Express, but a valid response was not received. In this, case, the
result of the transaction is undetermined and error - recovery is required. See
DoStatus method for further information.
Success (output) Datatype: Boolean
true/false
Indicates success or failure of a method call.
TestMode (output) Datatype: Boolean
true/false
If true, indicates the transaction was performed to a Test account, not a live
merchant account. A Test account will never result in funds transfer even if a
valid card is used.
TxnRef (output) Datatype: BSTR Max 6
bytes
Reference number for the transaction. Maximum 6 alphanumeric characters.
Combined with ClientId value to form a unique
transaction reference. This is generated and maintained by DPSAuth for each
transaction and returned on output. Used as input for DoStatus
transactions.
TxnType (input) Datatype: BSTR 1
byte
Username (input) Data type: String Max
32 bytes
Used with Password to determine account for settlement.
Payment Express clients can be set up with more than one bank account. Each
transaction may be designated for a specific account if required.
VersionMajor (output) Data type:
BSTR Max 20 bytes
Control Major version number. Reserved for future use.
VersionMinor (output) Datatype: BSTR
Max 16 bytes
Control Minor version number. Reserved for future use.
VersionRevision (output) Datatype: BSTR Max 16 bytes
Control Revision number. Reserved for future use.
Xid (input) Datatype: BSTR Max 28 bytes
Set the Xid (Transaction Identifier) for transactions processed via 3D secure authentication.
The merchant and acquirer will need to include the CAVV in the
authorization in order to demonstrate that authentication occurred.
Response CodesThe client application should not interpret the ResponseCode property contents - it is provided as informational only. The Success property determines if the the transaction was successful or not and the StatusNeeded property determines if DoStatus error recovery is needed. Troubleshooting DPSAuth Socket ErrorsA socket error is indicated by S1-S5 in the ResponseCode result after a call to DoAuthorize or DoStatus. The following table provides assistance in troubleshooting these errors.
It is recommended that developers utilize the following approach to display transaction results to the web browser: Accepted TransactionAn accepted transaction is indicated by a Success property being set to true. In this case, display contents of CardHolderResponseText on the Browser. Declined or Rejected transaction Scenario #1This result is conveniently indicated by the Success property being set to false and the StatusNeeded property being set to false. It is essential that the web application checks both properties. In this case the web application should display the contents of CardHolderResponseText. Additional information should ideally be displayed from CardHolderResponseDescription For Display of cardholder response information, Display the contents of A more detailed description of the reason for declination is available in the CardHolderResponseDescription property Declined or Rejected transaction Scenario #2WhenStatusNeeded is True the result of the transaction (accepted or otherwise) is not known for sure. This scenario is covered in the section of this document entitled "Exception Handling ". Registry SettingsSeveral registry settings are read by DPSAUTH. All Subkeys are registered in the path: HKEY_LOCAL_MACHINE\SOFTWARE\DirectPaymentSolutions For example, to specify a value for the ADDRESS option create a key of type
REG_SZ in the following path: SERVER Subkey
Debugging/Trace OutputDPSAuth can produce a detailed log of its operation if the registry DWORD value HKEY_LOCAL_MACHINE\SOFTWARE\DirectPaymentSolutions is set to 1. Output filename is DPSAUTH.LOG. This file will be created in the same directory as the DPSAUTH.DLL object resides. It is appended to (not created afresh after each instantiation of DPSAuth). Note: size of this file is limited to approximately 5 megabytes. If the file grows to this size, further trace info is discarded to prevent disk space issues. Sample output for the log file: 11-02-2000 01:00:07 00000248/00000259 D_1B6F75>DPSAuth Init:
ClientId=D_1B6F75 Each line consists of date, time, process ID, thread ID, ClientID followed by the trace/debug text. Transaction LogDPSAuth can produce a log of transactions transmitted and received if the registry DWORD value: HKEY_LOCAL_MACHINE\SOFTWARE\DirectPaymentSolutions is set to 1. Output filename is DPSAUTH_TXNLOG.LOG. This file will be created in the same directory as the DPSAUTH.DLL object resides. It is appended to (not created afresh after each instantiation of DPSAuth). Note: size of this file is limited to approximately 5 megabytes. If the file grows to this size, further trace info is discarded to prevent disk space issues. Sample output for the log file: 14-05-2000 17:59:42 000000f9/00000071 D_230641>TX:AuthMsg: PreauthNum: TxnRef:00003eREF DATA Amt: Account:9997 Amt:000000000123 ClientType:W TxnInfo:TxnInfo Cvc2:1234 TxnType:P DaEx:0102 PAN:411111......1111 F48: CardHolderName:LastName Initials ReceiptEmail:expresstest@dps.co.nz ClientTypeEx: ClientVersion: SelectCaid: SelectCatid: HostDate: HostTime: LogonToken: ClientInfo: 14-05-2000 17:59:46 000000f9/00000071 D_230641>Rx:DPS AuthResponseMessage:AuthCode:075559F48: PreAuth: DateSettle:20000515 Stan:10 CardName:VISA TxnDate:14052000 TxnTime:175558 DaEx: Pan:...... TxnRef:00003eREF DATA ReCo:00 RespText:ACCEPTED Caid:10009053010 Catid:00905310 LogonToken: Currency: TestMode:1 Auth-CompletionOverviewPayment Express supports Auth/Completion. An "Auth" transaction verifies that funds are available for the requested card and amount and reserves the specified amount. A "Completion" transaction is sent at a later date to cause funds transfer for the previously authorised amount, or a smaller amount if the total original value is no longer required. This transaction set is useful when the merchant needs to ensure that funds up to a certain limit are available but the actual total amount is not yet known or goods or services have not yet been delivered. Operation1) AuthorizationCall DoAuthorize with TxnType set to "A" for for the amount to be authorised. The Auth response contains a DpsTxnRef. The funds are not transferred from the cardholder account. 2) CompletionAfter a successful Authorization transaction, but within 7 days maximum, a "completion" (TxnType="C") transaction must be sent containing the DpsTxnRef returned by the "auth" transaction. Token BillingOverviewToken Billing allows for regular billing of a cardholder card, under the control of the merchant, without requiring the merchant to either store sensitive card data securely or to obtain credit card details every time a new payment is requested. This functionality is implemented by proving the ability for a merchant to request payment express to capture and store credit card number and expiry date and to link these stored details to a merchant supplied "BillingId". The BillingId is a 32 character field that contains a reference that is unique to the merchant's customer, that will be associated with the credit card information stored securely at Payment Express. This is undertaken during the Setup Phase. For subsequent charges to the card (Rebill Phase), the merchant does not need to supply the card number or exopiry date, only the BillingId originally associated during the Setup Phase Setup PhaseA setup phase involves loading a card into Payment Express. Optionally the setup phase can include an online $1.00 authorisation (Validate) transaction which will determine that the card is valid and not on hot or stolen card lists and that it has the correct expiry date. Customers will typically integrate directly into their call centre or web application for the setup phase. DPS has numerous applications available for integrating with common merchant applications. To add a card for future rebilling, call the DoAuthorize method with the TxnType property set to "BillAddCard". If the BillAddCard request is made, the following properties need to be loaded: CardHolderName (optional, strongly recommended) Rebill PhaseThe merchant application or Batch processor requests a new transaction and supplies the appropriate BillingId, or DpsBillingId a MerchantReference which appears on reports and the amount to be charged. Payment Express retrieves the credit card number and expiry date stored in the Setup Phase and a purchase transaction is formatted and processed to the card acquirer. RefundsDPS Auth is capable of handling refunds (credit) transactions, however you will need to match the original Purchase or Complete transaction for this to happen. The matching is done with the DpsTxnRef given from the response of a purchase or complete transaction. You are able to do multiple refund transactions to the maximum amount of the original matched transaction. The Payment Manager is provided to merchants with all integrated solutions by DPS, so there is a ready built interface to handle refund transactions already. However, if you wish to integrate refunds into your own interfaces the following input properties need to be provided for a refund transaction:
TxnType = R Extended Airline Booking DataThe COM object is capable of taking extended booking information, which is used to display on cardholders statements. If you would like to add booking information to your transaction details you will need to set the EnablePaxInfo input property to true (1) and you will be able to use the following properties - Sample data: |
