On this spage:
Overview
This is the plain text response part of the POST originated by your servers .
Response
The POST is encoded as Name=Value fields separated by carriage return and linefeeds (CRLF) as described in the following table
Name |
Description |
Mandatory |
Valid Characters |
Max Length |
Allowed Values |
---|---|---|---|---|---|
VPSProtocol |
Protocol version used by the system supplied in the Transaction Registration POST. |
Yes |
Digits and periods |
4 |
4.00 |
Status |
If the Status is not OK, the StatusDetail field will give more information about the problem.
|
Yes |
Uppercase letters
|
15 |
|
StatusDetail |
This text adds detail to the Status value. Always check StatusDetail when the Status is not OK.
|
Yes |
Letters, digits, commas, periods, colons, spaces, and parentheses
|
255 |
|
VPSTxId |
The VPSTxId is returned to you when the transaction is registered. Only present if the Status is OK or 3DAUTH. |
Yes |
Letters, digits, hyphens, and curly brackets
|
38 |
|
SecurityKey |
Opayo uses this security key to generate an MD5 hash to sign the Notification message. The signature is called VPSSignature.
This value is used to enable the detection of tampering with notifications from the Opayo gateway. It must be kept secret from the customer and held in your database.
Only present if Status is OK |
Yes |
Letters and digits |
10 |
|
TxAuthNo |
Unique Opayo Authorisation Code for a successfully authorised transaction. Only present if Status is OK. |
No |
|
10 |
|
AVSCV2 |
This is the response from AVS and CV2 checks. Provided for Vendor info and backward compatibility with the banks. Rules set up in MyOpayo will accept or reject the transaction based on these values.
More detailed results are split out in the next three fields. Not present if the Status is 3DAUTH, AUTHENTICATED, PPREDIRECT or REGISTERED. |
Yes |
Uppercase letters |
50 |
|
AddressResult |
The specific result of the checks on the cardholder’s address numeric from the AVS/CV2 checks. Not present if the Status is 3DAUTH, AUTHENTICATED, PPREDIRECT or REGISTERED. |
Yes |
Uppercase letters |
20 |
|
PostCodeResult |
The specific result of the checks on the cardholder’s Postcode from the AVS/CV2 checks. Not present if the Status is 3DAUTH, AUTHENTICATED, PPREDIRECT or REGISTERED. |
Yes |
Uppercase letters |
20 |
|
CV2Result |
The specific result of the checks on the cardholder’s CV2 code from the AVS/CV2 checks. Not present if the Status is 3DAUTH, AUTHENTICATED, PPREDIRECT or REGISTERED. |
Yes |
Uppercase letters |
20 |
|
3DSecureStatus |
This field details the results of the 3D-Secure checks (where appropriate).
|
Yes |
Uppercase letters
|
50 |
|
CAVV |
Cardholder Authentication Verification Value. The encoded result code from the 3D-Secure checks (CAVV or AAV or UCAF). Only present if the 3DSecureStatus field is OK or ATTEMPTONLY |
No |
|
32 |
|
Token |
The token generated by Opayo. |
No |
|
38 |
|
FraudResponse |
|
No |
Uppercase letters |
10 |
|
DeclineCode |
The decline code from the bank. These codes are specific to the bank. Please contact them for a description of each code. e.g. 00 |
No |
|
2 |
|
ExpiryDate |
Expiry date of the card used, in the format MMYY. |
Yes |
Digits |
4 |
|
BankAuthCode |
The authorisation code returned from the bank. e.g. T99777 |
No |
|
6 |
|
ACSTransID |
Access Control Server (ACS) transaction ID. This is a unique ID provided by the card issuer for 3DSv2 authentications. It can be returned in future transaction requests that will perform 3D-Secure authentication to increase the chances of a frictionless authentication, especially if a challenge authentication previously occurred. This value can be returned to Opayo when you submit your Direct payment request using the threeDSReqPriorRef element found within the ThreeDSRequestorPriorAuthenticationInfoXML object. |
No |
|
36 |
|
DSTransID |
Directory Server (DS) transaction ID. This is a unique ID provided by the card scheme for 3DSv2 authentications. |
No |
|
36 |
|
SchemeTraceID |
This is the unique reference number associated with an authorisation request. It is required when you use a stored Credential on File, and links subsequent payments with the first payment.
Note: The SchemeTraceID will always be returned for a successful authorisation (where Status=OK). However, the value returned when you first store a Credential on File, is the one that you should submit in your Direct payment request when using a stored credential.
|
No |
ITU-T T.50 value codes. ASCII range in hexadecimal from 20 to 7E (from space to tilde) |
56 |
|