Notification of Transaction Result

Notification of Transaction Result Format

Name

Description

Mandatory

Format

Max Length

Allowed Values

VPSProtocol

Protocol version used by the system supplied in the Transaction Registration POST.

Yes

Digits and periods
 

4.00

TxType

Same as supplied in the Transaction Registration POST

Yes

Uppercase letters

15 

  • PAYMENT
  • DEFERRED
  • AUTHENTICATE

VendorTxCode

Same as supplied in the Transaction Registration POST

Yes

Letters, digits, hyphens, periods, underscores, and curly brackets
     

40 

 

Status

When the Status is not OK, then the StatusDetail contains the reason why.

  • OK = The process executed without error.

  • NOTAUTHED = The details provided by the customer were incorrect or insufficient funds were available. The Opayo gateway could not Authorise the transaction and the transaction is completed.

  • PENDING = European Payment methods only. This Indicates a transaction has yet to fail or succeed. We report the Status in MySagePay when we receive notice from PPRO.

  • ABORT = The Transaction could not be completed because the user clicked the CANCEL button on the payment pages or was inactive for 15 minutes or more.

  • REJECTED = The Opayo System rejected the transaction, which failed to meet the fraud screening rules you have set on your account.Note: The bank may have authorised the transaction but your own rule bases for AVS/CV2 or 3D-Secure caused the transaction to be rejected.

  • AUTHENTICATED = The 3D-Secure checks are completed successfully and the card details secured at Opayo. This Status is only returned when TxType is AUTHENTICATE.

  • REGISTERED = 3D-Secure checks failed or could not be performed and the card details are still secured at Opayo. This Status is only returned when TxType is AUTHENTICATE.

  • ERROR = A problem occurred at Opayo which prevented transaction registration. Please notify us when a Status of ERROR is returned together with the message Vendor, VendorTxCode and the StatusDetail contents.

 

 

 

Uppercase letters

15
  • OK

  • NOTAUTHED

  • PENDING

  • ABORT

  • REJECTED

  • AUTHENTICATED

  • REGISTERED

  • ERROR

StatusDetail

Human-readable text providing extra detail for the Status message. Always check StatusDetail if the Status is not OK

Yes

Letters, digits, commas, periods, colons, spaces, and parentheses
      

255 

 

TxAuthNo

Opayo unique Authorisation Code for a successfully authorised transaction. Only present if Status is OK.

No

Digits

10 

 

AVSCV2

This is the response from AVS and CV2 checks. Provided for Vendor info and backward compatibility with the banks. Rules set up in MySagePay will accept or reject the transaction based on these values.

More detailed results are split out in the next three fields. Not present if the Status is AUTHENTICATED or REGISTERED.

Yes

Uppercase letters and spaces
 

50 

  • ALLMATCH

  • SECURITY CODE MATCH ONLY

  • ADDRESS MATCH ONLY

  • NO DATA MATCHES

  • DATA NOT CHECKED

AddressResult

The specific result of the checks on the cardholder’s address numeric from the AVS/CV2 checks.  Not present if the Status is AUTHENTICATED or REGISTERED

Yes

Uppercase letters 

20 

  • NOTPROVIDED NOTCHECKED

  • MATCHED

  • NOTMATCHED

PostCodeResult

The specific result of the checks on the cardholder’s Postcode from the AVS/CV2 checks.  Not present if the Status is AUTHENTICATED or REGISTERED

Yes

Uppercase letters

20 

  • NOTPROVIDED

  • NOTCHECKED

  • MATCHED

  • NOTMATCHED

CV2Result

The specific result of the checks on the cardholder’s CV2 code from the AVS/CV2 checks.  Not present if the Status is AUTHENTICATED or REGISTERED.

Yes

Uppercase letters

20 

  • NOTPROVIDED

  • NOTCHECKED

  • MATCHED

  • NOTMATCHED

GiftAid

This field is always present even when Gift Aid is not active on your account.

  • 0 = The Gift Aid box was not checked this transaction.

  • 1 = The customer checked the Gift Aid box on the payment page

Yes

BOOLEAN

  • 0

  • 1

3DSecureStatus

The results of the 3D-Secure checks (where appropriate):

  • OK = 3D-Secure checks carried out and user Authenticated correctly.

  • NOTCHECKED = 3D-Secure checks were not performed. This indicates that 3D-Secure was either switched off at an account level or disabled at transaction registration.

  • NOTAVAILABLE = The card used was either not part of the 3D-Secure Scheme, or the authorisation was not possible.

  • NOTAUTHED = 3D-Secure authentication checked, and the user failed the authentication.

  • INCOMPLETE = 3D-Secure authentication was unable to complete.  No authentication occurred.

  • ATTEMPTONLY = 3D-Secure attempted but cardholder was not enrolled.

  • ERROR = Authentication could not be attempted due to data errors or service unavailability in one of the parties involved in the check.

Yes

Uppercase letters

50

  • OK

  • NOTCHECKED

  • NOTAVAILABLE

  • NOTAUTHED

  • INCOMPLETE

  • ATTEMPTONLY

  • ERROR

CAVV

The encoded result code from the 3D-Secure checks (CAVV or UCAF). Only present if the 3DSecureStatus field is OK or ATTEMPTONLY.

No

Letters and digits
 

32

 

AddressStatus

PayPal Transactions Only.

When the AddressStatus is CONFIRMED and PayerStatus is VERIFIED, the transaction may be eligible for PayPal Seller Protection. Please contact PayPal directly to learn more about PayPal Seller Protection or visit paypal.com.

Yes

Uppercase letters

20 

  • NONE

  • CONFIRMED

  • UNCONFIRMED

PayerStatus

Whether the Paypal account holder identity is:

  • VERIFIED

  • UNVERIFIED

Yes

Uppercase letters

20 

  • VERIFIED

  • UNVERIFIED

CardType

The card type:

  • AMEX = American Express

  • DC = Diners Club International and Discover

  • DELTA = Visa Debit

  • JCB = Japan Credit Bureau

  • MAESTRO = Domestic and International issued Maestro

  • MC = MasterCard

  • MCDEBIT = Debit MasterCard

  • PAYPAL = PayPal

  • UKE = Visa Electron

  • VISA = Visa

 

Yes

Uppercase letters

15 

  • AMEX

  • DC

  • DELTA

  • JCB

  • MAESTRO

  • MC

  • MCDEBIT

  • PAYPAL

  • VISA

  • UKE

Last4Digits

The last 4 digits of the card number used in this transaction. PayPal transactions return 0000.

This field is supplied to allow merchants using wallet systems to identify the card to their customers.

Yes

Digits

 

VPSSignature

Added to detect any possible tampering with messages, your site should compute the same MD5 signature (which incorporates the SecurityKey provided here) and check it against VPSSignature.

  • You decide what to do with transactions that appear to have been tampered with.

  • MD5 value is returned in UPPER CASE.

  • If a field is returned without a value this should not be included in the string.

The value is the MD5 signature of the concatenation of the values of:

{VPSTxId} + VendorTxCode + Status + TxAuthNo + VendorName + AVSCV2 + SecurityKey + AddressResult + PostCodeResult + CV2Result + GiftAid + 3DSecureStatus + CAVV + AddressStatus + PayerStatus + CardType + Last4Digits + DeclineCode + ExpiryDate + FraudResponse + BankAuthCode + ACSTransID + DSTransID + SchemeTraceID

Important: ensure the VendorName is lower case prior to hashing.

Yes

 

100 

 

FraudResponse

  • ACCEPT = ReD recommends that the transaction is accepted.

  • DENY = ReD recommends that the transaction is rejected.

  • CHALLENGE = ReD recommends that the transaction is reviewed.  You have elected to have these transactions either automatically accepted or automatically denied at a vendor level. Please contact Opayo if you wish to change the behaviour you require for these transactions.

  • NOTCHECKED = ReD did not perform any fraud checking for this particular transaction

No

Uppercase letters

10 

  • ACCEPT

  • CHALLENGE

  • DENY

  • NOTCHECKED

Surcharge

Returns the surcharge amount charged. This is only present if a surcharge was applied to the transaction.

No

Digits, periods, and commas
  

 

0.01 to 100,000.00

DeclineCode

The decline code from the bank. These codes are specific to the bank. Please contact them for a description of each code.

No

Digits

 

ExpiryDate

Expiry date of the card used, in the format MMYY.

Yes

Digits

 

BankAuthCode

The authorisation code returned from the bank. For example, T99777.

No

Letters and digits
 

 

Token

The token generated by Opayo.

No

Letters, digits, hyphens, and curly brackets
   

38 

 

ACSTransID

The Access Control Server (ACS) transaction ID is a unique ID provided by the card issuer for 3DSv2 authentications. It is returned in future transaction requests that perform 3D-Secure authentication. It encourages a frictionless authentication, especially if a challenge authentication has occurred previously.

This value is returned to Opayo when you submit your Direct payment request using the threeDSReqPriorRef element found within the ThreeDSRequestorPriorAuthenticationInfoXML object.

No

 

36 

 

DSTransID

The Directory Server (DS) transaction ID is a unique ID provided by the card scheme for 3DSv2 authentications.

No

 

36

 

SchemeTraceID

This is the unique reference number associated with an authorisation request. It is required when you use a

stored Credential on File and links subsequent payments to the first payment.

Note: The SchemeTraceID will always be returned for a successful authorisation (where Status=OK).

No

ITU-T T.50 value codes.

ASCII range in hexadecimal from

20 to 7E (from

space to tilde ~)

56