How to integrate Realex Payment's 3D secure process for my website?

Question

For the integration of Realex Payment (3D secure) in my website I have used the following code, which I got from an example.

For doing payment for our customer, I can request in xml file with merchantid, orderid, card holder name, exp date, card number, amount etc thus:

<request type='auth' timestamp='123123123123'>
<merchantid>name of merchant</merchantid>
<account>internet</account>
<orderid>  order id </orderid>
<amount currency='GBP'>20</amount>
<card>
<number>1234567894561235</number>
<expdate>0912</expdate>
<type>Visa</type>
<chname>card holder name</chname>
</card>
<autosettle flag='1'/>
<md5hash>1bb4baxse4534g541sdw233c4ac20ba</md5hash>
<tssinfo>
<address type='billing'>
<country> country code </country>
</address>
</tssinfo>
</request>

In the response, I am getting this:

<response timestamp="20120808063848">
<merchantid>Name Of Merchant</merchantid>
<account>internet</account>
<orderid>orderid</orderid>
<authcode>something</authcode>
<result>00</result>
<cvnresult>U</cvnresult>
<avspostcoderesponse>U</avspostcoderesponse>
<avsaddressresponse>U</avsaddressresponse>
<batchid> batchid </batchid>
<message>[ test system ] Authorised 111111 </message>
<pasref>14digit number</pasref>
<timetaken>1</timetaken>
<authtimetaken>1</authtimetaken>

<cardissuer>
<bank> name of bank </bank>
<country> country name </country>
<countrycode> country code </countrycode>
<region>EUR</region>
</cardissuer>

<md5hash>3656d456Hfgfdac45dsf453d96a08d7d9</md5hash>
</response>

Further ahead, we need to add 3D secure process for verification.

I am not sure what your question is. From what I can tell from your question, you make an XML request and receive an XML response. What exactly is not working? That would be enough to make the payment, I should think? — halfer, Aug 09 '12 at 21:20
Also (**very** important) - I see you are handling credit card numbers directly. I mean no offence, but if you need to ask about integrating this system, then perhaps you should not be handling payment information yourself. The number of security issues to be aware of is huge - could you instead integrate a solution where a trusted/tested third party handles credit card numbers for you? — halfer, Aug 09 '12 at 21:22

score 0 · Answer 1 · edited Jan 20 '13 at 01:22

0

Use:

request type='3ds-verifyenrolled'

instead of:

request type='auth'

edited Jan 20 '13 at 01:22

andr

15,970
10
45
59

answered Jan 20 '13 at 01:01

Slava

1

How to integrate Realex Payment's 3D secure process for my website?

1 Answers1