Merchant Initiated Transaction
Introduction
Merchant-Initiated Transactions (MIT) are payments initiated by the merchant without the interaction of the payer. They are characterized by a lack of involvement of the payer in triggering each individual payment.
Such payments require that:
- SCA is applied to the first transaction or action mandating the Merchant to initiate payment(s) and
- There is an agreement between the payer and the merchant for the provision of products or services and potential costs associated with these.
Such payments can happen in the following cases:
• Recurring Payments for fixed or variable amounts
• Merchant funded installments
• The final amount is higher than the amount used at authentication time.
This can happen when additional charges are added to the initially agreed amount such as, a minibar in a hotel or fines with a rented car.
In case you would prefer to register your customer and store his credit card credentials on file, you are obliged to obtain cardholder’s consent by using Strong Customer Authentication (SCA) in your transaction request.
In order to achieve that, your cardholders must authenticate themselves during transaction processing, once the cardholder is still in session. PSD2 and scheme rules demand a 3-D Secure challenge flow to be performed in such case.
All mentioned above needs to be indicated to the Gateway, so that proper transaction flagging is applied in the authorization message.
Merchant Initiated Transaction (FIRST)
The following documents represents examples of initial transaction using minimum set of elements through different integration components:
{
"requestType": "PaymentCardSaleTransaction",
"merchantTransactionId": "20899901361",
"order": {
"orderId": "20899901361",
"billing": {
"name": "James Johnson",
"contact": {
"phone": "9876543210",
"mobilePhone": "9876543210",
"fax": "NA",
"email": "[email protected]"
},
"address": {
"company": "NA",
"address1": "627 Ganga Vihar",
"address2": "627 Ganga Vihar",
"city": "Thane",
"region": "Maharashtra",
"postalCode": "400604",
"country": "India"
}
},
"shipping": {
"name": "James Johnson",
"contact": {
"phone": "9876543210",
"mobilePhone": "9876543210",
"fax": "NA",
"email": "[email protected]"
},
"address": {
"company": "NA",
"address1": "627 Ganga Vihar",
"address2": "627 Ganga Vihar",
"city": "Thane",
"region": "Maharashtra",
"postalCode": "400604",
"country": "India"
}
}
},
"transactionAmount": {
"total": "21.00",
"currency": "USD"
},
"storeId": "811676301111",
"paymentMethod": {
"paymentCard": {
"number": "414746XXXXXX0083",
"securityCode": "XXX",
"expiryDate": {
"month": "11",
"year": "30"
}
}
},
"authenticationRequest": {
"authenticationType": "Secure3D2AuthenticationRequest",
"termURL": "https://xxxxxx",
"methodNotificationURL": "https://xxxxxxx",
"challengeIndicator": "04",
"challengeWindowSize": "05"
},
"storedCredentials": {
"sequence": "FIRST",
"scheduled": false,
"initiator": "CARDHOLDER",
"indicatorSubcategory": "CREDENTIAL_ON_FILE_FIRST"
}
}
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<ns4:IPGApiOrderRequest
xmlns:ns4="http://ipg-online.com/ipgapi/schemas/ipgapi"
xmlns:ns2="http://ipg-online.com/ipgapi/schemas/v1"
xmlns:ns3="http://ipg-online.com/ipgapi/schemas/a1">
<ns2:Transaction>
<ns2:CreditCardTxType>
<ns2:StoreId>110995000</ns2:StoreId>
<ns2:Type>sale</ns2:Type>
</ns2:CreditCardTxType>
<ns2:CreditCardData>
<ns2:CardNumber>401200*****01006</ns2:CardNumber>
<ns2:ExpMonth>12</ns2:ExpMonth>
<ns2:ExpYear>28</ns2:ExpYear>
<ns2:CardCodeValue>XXX</ns2:CardCodeValue>
</ns2:CreditCardData>
<ns2:CreditCard3DSecure>
<ns2:AuthenticateTransaction>true</ns2:AuthenticateTransaction>
<ns2:TermUrl>https://test.ipg-online.com/webshop/simulator/secure3d/return</ns2:TermUrl>
<ns2:ThreeDSMethodNotificationURL>https://test.ipg-online.com/ipgconfirmation/services/secure3ds</ns2:ThreeDSMethodNotificationURL>
<ns2:ThreeDSRequestorChallengeIndicator>01</ns2:ThreeDSRequestorChallengeIndicator>
<ns2:ThreeDSRequestorChallengeWindowSize>01</ns2:ThreeDSRequestorChallengeWindowSize>
<ns2:ThreeDSRequestorAuthenticationIndicator>01</ns2:ThreeDSRequestorAuthenticationIndicator>
<ns2:deviceChannel>02</ns2:deviceChannel>
</ns2:CreditCard3DSecure>
<ns2:unscheduledCredentialOnFileType>FIRST</ns2:unscheduledCredentialOnFileType>
<ns2:Payment>
<ns2:ChargeTotal>15.00</ns2:ChargeTotal>
<ns2:Currency>EUR</ns2:Currency>
</ns2:Payment>
</ns2:Transaction>
</ns4:IPGApiOrderRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
<!-- #include file="ipg-util.asp"-->
<html>
<head><title>IPG Connect Sample for ASP</title></head>
<body>
<p><h1>Order Form</h1></p>
<form method="post" action=" https://test.ipg-online.com/connect/gateway/processing ">
<input type="hidden" name="txntype" value="preauth">
<input type="hidden" name="checkoutoption" value="combinedpage">
<input type="hidden" name="timezone" value="Europe/Berlin"/>
<input type="hidden" name="txndatetime" value="<% getDateTime() %>"/>
<input type="hidden" name="hash_algorithm" value="HMACSHA256"/>
<input type="hidden" name="hashExtended" value="<% call createExtendedHash( "10.00","978" ) %>"/>
<input type="hidden" name="storename" value="1109950006" />
<input type="hidden" name="mode" value="payonly"/>
<input type="hidden" name="paymentMethod" value="M"/>
<input type="text" name="chargetotal" value="10.00" />
<input type="hidden" name="currency" value="978"/>
<input type="hidden" name="authenticateTransaction" value="true"/>
<input type="hidden" name="threeDSRequestorChallengeIndicator" value="4"/>
<input type="hidden" name="unscheduledCredentialOnFileType" value="FIRST"/>
<input type="text" name="cardnumber" value="540215******2355">
<input type="text" name="expmonth" value="12">
<input type="text" name="expyear" value="24">
<input type="submit" value="Submit">
</form>
</body>
</html>
The following tables provides an overview of required parameters through APIs:
REST API | M/O/C | Description |
---|---|---|
sequence | M | Indicates if the transaction is first or subsequent. Valid values are "FIRST" and "SUBSEQUENT". |
scheduled | M | Indicates if the transaction is scheduled or part of an installment. Valid values are 'true' and 'false'. |
referencedSchemeTransactionId | C | The transaction ID received from schemes for the initial transaction. It is required if sequence value = "SUBSEQUENT". |
initiator | O | Indicates whether it is a merchant-initiated or explicitly consented to by cardholder. Valid values are "MERCHANT" and "CARDHOLDER". |
indicatorSubcategory | O | Valid values if initiator is CARDHOLDER: CREDENTIAL_ON_FILE_FIRST CREDENTIAL_ON_FILE_SUBSEQUENT STANDING_ORDER SUBSCRIPTION INSTALLMENT Valid values if initiator is MERCHANT: UNSCHEDULED_CREDENTIAL_ON_FILE STANDING_ORDER SUBSCRIPTION INSTALLMENT PARTIAL_SHIPMENT DELAYED_CHARGE NO_SHOW_CHARGE RESUBMISSION Not valid values will be ignored. |
SOAP API parameters:
SOAP API | M/O/C | Description |
---|---|---|
unscheduledCredentialOnFileType | M | This field allows you to flag transactions as unscheduled credential on file type. Value allowed for a subsequent MIT transaction = MERCHANT_INITIATED |
referencedSchemeTransactionId | M | This field allows you to include the payment scheme's transaction ID that has been returned in the response of the initial transaction (when credentials have been stored) in order to provide a reference to that original transaction |
After your transaction has been successfully authenticated, you will be provided with a schemeTransactionId
, what must be submitted in your next scheduled payment request (MIT or RecurringType=REPEAT).
Further details about 3-D Secure processing can be found here: 3-D Secure
NOTE
Please note, that this solution is available only if you utilize Fiserv as your 3DS service provider and your account is setup with respective services.
Subsequent Merchant Initiated Transaction
After you completed the previous step successfully with the initial transaction being fully authenticated, and you would like to initiate a subsequent MIT transaction without cardholder's participation, you can do that using APIs (REST and SOAP) including all mandatory parameters.
The following document represents an example of a subsequent MIT request using minimum set of elements submitted through REST and SOAP API (see different tabs):
{
"requestType" : "PaymentCardSaleTransaction",
"storeId" : "811676301111",
"transactionOrigin" : "ECOM",
"transactionAmount" : {
"total" : "21",
"currency" : "USD"
},
"paymentMethod" : {
"paymentCard" : {
"number" : "414746XXXXXX0083",
"expiryDate" : {
"month" : "12",
"year" : "30"
}
}
},
"storedCredentials" : {
"sequence" : "SUBSEQUENT",
"scheduled" : "false",
"initiator" : "MERCHANT",
"indicatorSubcategory" : "UNSCHEDULED_CREDENTIAL_ON_FILE",
"referencedSchemeTransactionId" : "TRACE_ID_061007"
}
}
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header/>
<SOAP-ENV:Body>
<ns4:IPGApiOrderRequest
xmlns:ns4="http://ipg-online.com/ipgapi/schemas/ipgapi"
xmlns:ns2="http://ipg-online.com/ipgapi/schemas/v1"
xmlns:ns3="http://ipg-online.com/ipgapi/schemas/a1">
<ns2:Transaction>
<ns2:CreditCardTxType>
<ns2:StoreId>11099500</ns2:StoreId>
<ns2:Type>sale</ns2:Type>
</ns2:CreditCardTxType>
<ns2:CreditCardData>
<ns2:CardNumber>401200*****01006</ns2:CardNumber>
<ns2:ExpMonth>12</ns2:ExpMonth>
<ns2:ExpYear>28</ns2:ExpYear>
<ns2:CardCodeValue>XXX</ns2:CardCodeValue>
</ns2:CreditCardData>
<ns2:unscheduledCredentialOnFileType>MERCHANT_INITIATED</ns2:unscheduledCredentialOnFileType>
<ns2:Payment>
<ns2:ChargeTotal>15.00</ns2:ChargeTotal>
<ns2:Currency>978</ns2:Currency>
</ns2:Payment>
<ns2:TransactionDetails>
<ns2:ReferencedSchemeTransactionId>0714MCC417474</ns2:ReferencedSchemeTransactionId>
</ns2:TransactionDetails>
</ns2:Transaction>
</ns4:IPGApiOrderRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Updated about 1 month ago