Digital Wallet Transactions
Quick Find
Go straight to the section you need.
1.0 Gateway Integration →
2.0 New Transactions →
3.0 Management Requests →
4.0 AVS/CV2 Checking →
5.0 3-D Secure Authentication →
11 Receipts and Notifications →
17 Advanced Data →
17.7 Device Information Fields
19 Gateway Wallet →
26 Digital Wallet Transactions →
Appendix
A-1 Response Codes
A-1.1 Authorisation Response Codes
A-2 AVS / CV2 Check Response Codes
A-3 Secure Authentication Data
A-4 3-D Secure Enrolment/Authentication Only
A-9 Duplicate Transaction Checking
A-10 Capture Delay
A-13 Sample Signature Calculation
A-14 Transaction Life cycle
A-14.1 Authorise, Capture and Settlement
A-15.2 Mail Order/Telephone Order (MOTO)
A-15.3 Continuous Authority (CA)
A-16 Payment Tokenisation
A-16.1 PREAUTH, SALE, REFUND, VERIFY requests
A-16.3 CANCEL or CAPTURE requests
A-16.5 SALE or REFUND Referred Authorisation requests
A-18 PSD2 SCA Compliance
A-18.1 Obtaining Strong Customer Authentication
A-18.3 Exemptions to Strong Customer Authentication
A-19 Hosted Payment Page Options
A-20 Integration Libraries
A-20.1 Gateway Integration Library
A-20.2 Hosted Payment Page Library
A-20.3 Hosted Payment Fields Library
A-21 Example HTTP Requests
A-22 Example Integration Code
A-23 Example Library Code
A-23.1 Gateway Integration Library
26.0 Digital Wallet Transactions
26.1 Background
The Gateway supports payments made using the following Digital Wallets, Apple Pay, Android Pay and Google Pay™. These wallets can be used to enhance mobile purchasing experiences for customers with supported devices and produce a payment token which can be passed to the Gateway instead of the Cardholder’s actual card details.
You can use these wallets with any Merchant Account that has been configured to accept them.
For more information on how to accept payment tokens, please contact customer support.
Digital Wallets are currently supported by the Direct Integration only. They are not supported by the Hosted or Batch Integration.
Digital wallet support is not available with all Acquirers and must be enabled on your Merchant Account before they can be used. Please contact support to find out whether your Acquirer supports the and which can be enabled on your Merchant Account.
26.2 Benefits and Limitations
26.2.1 Benefits
- The payment details are stored externally to the Gateway and can be used with any Merchant that supports the appropriate payment tokens.
- Customers can select from previously stored payment details, making the checkout process more streamlined, resulting in fewer abandoned carts and thus increasing sales.
- Compatible with existing card base fraud solutions such as Address Verification Service (AVS), 3-D Secure and third-party fraud providers.
- There are no extra costs to add these payment methods to your Gateway account.
- The transactions are controlled within the Merchant Management System (MMS) in the same manner as normal card transactions.
26.2.2 Limitations
- Your Customer will need a digital wallet enabled device with some stored card details in order to make full use of this payment method.
- The device needs to be integrated with the gateway using third-party provided software.
- Repeat transactions using the retrieved payment details are supported.
26.3 Configuration
The Merchant Account being used for the payments must be configured with your Digital Wallet credentials so that the Gateway can decrypt the payment token.
26.3.1 Apple Pay configuration
Apple Pay requires the Gateway to generate public/private key pair and then the public key must be shared with your Android Pay enabled application in the guise of an Apple Pay payment process certificate.
To configure an Apple Pay payment processing certificate you must have enrolled in the Apple Developer Program and created a unique Apple Pay merchant identifier.
The payment processing certificate is associated with your merchant identifier and used to encrypt payment information. The certificate expires every 25 months. If the certificate is revoked, you can recreate it.
You would normally use the Merchant Management System (MMS) to configure your payment processing certificate by following the steps outlined below:
- Open the Apple Developer Certificates, Identifiers & Profiles webpage and select ‘Identifiers’ from the sidebar.
- Under ‘Identifiers’, select ‘Merchant IDs’ using the filter in the top-right.
- On the right, select your merchant identifier.
- Under ‘Apple Pay Payment Processing Certificate’, click ‘Create Certificate’.
- Download our certificate signing request (CSR) from the MMS and save to a file.
- Click ‘Choose File’ and select the CSR you just downloaded.
- Click ‘Continue’.
- Click ‘Download’ to download the payment processing certificate and save to a file.
- Upload the payment processing certificate to the MMS.
26.3 Configuration
The Merchant Account being used for the payments must be configured with your Digital Wallet credentials so that the Gateway can decrypt the payment token.
26.3.1 Apple Pay configuration
Apple Pay requires the Gateway to generate public/private key pair and then the public key must be shared with your Android Pay enabled application in the guise of an Apple Pay payment process certificate.
To configure an Apple Pay payment processing certificate you must have enrolled in the Apple Developer Program and created a unique Apple Pay merchant identifier.
The payment processing certificate is associated with your merchant identifier and used to encrypt payment information. The certificate expires every 25 months. If the certificate is revoked, you can recreate it.
You would normally use the Merchant Management System (MMS) to configure your payment processing certificate by following the steps outlined below:
- Open the Apple Developer Certificates, Identifiers & Profiles webpage and select ‘Identifiers’ from the sidebar.
- Under ‘Identifiers’, select ‘Merchant IDs’ using the filter in the top-right.
- On the right, select your merchant identifier.
- Under ‘Apple Pay Payment Processing Certificate’, click ‘Create Certificate’.
- Download our certificate signing request (CSR) from the MMS and save to a file.
- Click ‘Choose File’ and select the CSR you just downloaded.
- Click ‘Continue’.
- Click ‘Download’ to download the payment processing certificate and save to a file.
- Upload the payment processing certificate to the MMS.
26.3.2 Android Pay configuration
Android Pay is currently a deprecated payment method and as such you will need to contact our customer support for information on how to configure this payment method.
26.3.3 Google Pay configuration
Google Pay requires no specific configuration however you must use our Gateway identifier of ‘crst’ and the correct Merchant Account identifier when configuring your Google Pay enabled application.
26.4 Hosted Implementation
Transactions using these Digital Wallet payment methods are currently not supported by the Hosted Integration.
26.5 Direct Implementation
Digital Wallet payments require the secure payment token generated by the wallet enabled application to be sent to the Gateway in the paymentToken field. The type of token must be specified by also sending the paymentMethod field with a value of ‘applepay’, ‘androidpay’ or ‘googlepay’.
26.6 Request Fields
These fields should be sent instead of the standard card details together with the fields in section 2.1.
Field Name
Mandatory?
Description
applepay – to indicate an Apple Pay token
androidpay – to indicate an Android Pay token
googlepay – to indicate a Google Pay token
Field Name
Mandatory?
Description
26.7 Response Fields
There are no additional response fields.
26.8 Digital Wallet Tokens
Digital Wallet payments operate the same as normal card payments, the main difference is that the card details are passed from the wallet application within an encrypted payment token. Once the Gateway has extracted the card details then it can use it with 3-D Secure and Fraud checking services as normal.
26.8.1 FPAN/DPAN tokens
Apple Pay, Android Pay and Google Pay (Mobile) payment tokens contain an EMV tokenised card number also known as a device-specific number (DPAN) rather than the Cardholder’s actual card number (FPAN). With these tokens the expiry date is the date the DPAN expires rather than the value printed on the Cardholder’s card. The card mask returned by the Gateway will be the masked DPAN, the Gateway is not able to return the last 4 digits of the FPAN. The card issuing details return should the same as those of the original FPAN.
Google Pay (Web) payment tokens contain the Cardholder’s original card number (FPAN) and expiry date. This means that the card mask and expiry date will be those of the original card.
26.8.2 AVS/CV2 Checking
Digital wallet payment tokens do not contain any address or CVV details. The Cardholder’s billing address can be passed in the transaction along with the payment token so that address checking can be performed.
The Gateway and Acquirer will not perform CVV checks with these payment tokens effectively disabling CVV checks for the transaction disregarding your preferences.
26.8.3 3-D Secure Authentication
DPAN based tokens will usually contain 3-D Secure data and so the Gateway will send this data to the Acquirer to gain the benefits of an authenticated transaction without the need to challenge the Cardholder. This makes using the digital wallet a much simpler and frictionless method of payment.
FPAN based tokens can be passed to the Gateway’s 3-D Secure processing and undergo the normal authentication journey as a manually entered card number.
26.8.4 Risk Checking
Both FPAN and DPAN based tokens can be used with risk checking via Kount in the same manner as a normal card transaction.
26.8.5 Transaction Lifecycle and Recurring Transactions
Both FPAN and DPAN based tokens will follow the standard transaction lifecycle and can be cancelled, captured, refunded or used as the basis of subsequent transactions in the same manner as a normal card transaction.