sha1hash is passed with relevant data to the xml template ”

Checking: scripts check if response has “00″ in the result tag.

Response: if successful “00″ , then response xml will have

XID
pareq
URL
SHA1HASH
ORDERID

Step2
Prepare ACS FORM post .

RETURN URL = https://yourdomain.com/checkout.php?asc_action=ConfirmOrder&process=3dsecure and the form syntax will be

form action=”URL” method=”POST”
input name=”PaReq” type=”hidden” value=”pareq”"
input name=”TermUrl” type=”hidden” value=”RETURN URL”
input name=”MD” type=”hidden” value=”MD”

Processing: while redirecting to above url we show a message “Redirecting to 3D Secure ACS server.. Please don’t press Back or Refresh button.”.

3d Secure gateway shows a window with text “Send Pares to TermURL” with textarea that has request variables and a submit button . In developer documentation it is mentioned that when account is made live this page will be replaced with a password box.

Response:  Once processed , lands to the RETURN URL provided above.

Step 3:
Response XML from ACS server

will get:

PARES
AZSESSID
MD

CURL post request xml is created.

sha1hash = timestamp.merchantid.orderid.total.currencycode.cardnumber

sha1hash is passed with relevant data to the xml template “request type=3ds-verifysig” as CURL POST to the url https://epage.payandshop.com/epage-3dsecure.cgi.

Checking: scripts check if response has “00″ in the result tag.

if result is 00 then response tag will have threedsecure tag that should be parsed to get following tags.

Response:
CAVV
XID
ECI
STATUS
algorithm

Step 4:
LAST step of the 3d secure processing to check payment authorization.

CURL post request xml is created.

sha1hash = timestamp.merchantid.orderid.total.currencycode.cardnumber

sha1hash is passed with relevant data to the xml template “request type=auth” as CURL POST to the url https://epage.payandshop.com/epage-remote.cgi.

CURL POST to the url https://epage.payandshop.com/epage-remote.cgi..

Checking: scripts check if response has “00″ in the result tag.

if result is 00 then payment transaction is successful and order details will appear in Realex payment gateway control panel.

There are website owners who may want payment gateway for e-commerce sites.  Paypal supports Buy Now option ( Seller is website owner and Buyer is the user ).

What if Seller’s are also users? Paypal won’t support this workflow but Amazon FPS (Flexiable payment service ) has a solution.

Here is how it works:

Owner must create FPS account.
Developer must have AWS account (sandbox enviornment to test transaction)
Seller must have Amazon personal account and finally
Buyer must have Amazon business account.

With AWS or FPS you will get AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and sample script to test FPS.

In order to make Buyer to Seller direct payment with a commission to Site Owner keep following points in mind.

1. Authorize buyers through e-commerce using Recipient API to get recipient token id. Store it in database to keep track at the time of purchase.

2. Authorize sellers for the payment using Multi-Use token, to get Sender Token ID.

3. Make payment using InvokePay() method with recipient token set us Receiver Token ID.