Comments (6)
It may be that we have two card types that can be passed into a payment request: a temporary card token (with mechantSessionKey) and a reusable card token (which can be saved for further use if needed).
The Response\CardIdentifier is the temporary card token, and payments support that only in this library right now. The Response\Model\Card is the (optionally) reusable card token.
from sagepay-integration.
Fairly new documation page shows what the reusable card looks like:
http://integrations.sagepay.co.uk/content/tokens
It shows how the dropin scripts can be used to link the CVV to the reusable card token, without the need for that CVV to be sent to the merchant site.
With a CVV attached, payment is done like this:
"paymentMethod": {
"card": {
"merchantSessionKey": "<merchant-session-key>",
"cardIdentifier": "<card-identifier>",
"reusable": true
}
},
without a CVV attached, it looks like this:
"paymentMethod": {
"card": {
"cardIdentifier": "<card-identifier>",
"reusable": true
}
},
Not forgetting that both of these will need save: true
included if the card is to continue to be reusable (TBC though, as the docs are a little ambiguous).
from sagepay-integration.
I think I have it now.
The Request Card model is a temporary card token using the session key and the card identifier, with an optional "save" parameter. It will be used as a payment method.
The Response Card model is the card details returned to the merchant site. This may be a reusable card token or a non-reusable card. If reusable then it can be used as a payment method in another transaction without any further changes, since it now implements the payment method interface.
from sagepay-integration.
It seems to the case that once a card has been used with the save
flag set on its first use, it will remain reusable for all subsequent uses without the need to keep setting save
. In fact, setting save
to false
on a subsequent use leaves the card reusable. That doesn't seem right, and I'll check up on that with Sage Pay.
from sagepay-integration.
These are essentially the options for sending a card as a payment method:
- card-identifier+session-key = tokenised on front end.
- card-identifier+session-key+reusable = saved card with a new CVV attached.
- card-identifier+reusable = saved card with no CVV attached.
These are three different card objects, which we will call:
- SessionCard (lasts 400 seconds, then discarded)
- ReusableCvvCard (must be used within 400 seconds, then link must be refreshed)
- ReusableCard (lasts until it is explicitly removed)
All three can take the "saved" parameter. 2 and 3 seem to ignore the value of that parameter at this time.
from sagepay-integration.
These are the four valid combinations of fields that make up a card payment type. Both reusable/save flags default to FALSE, so setting the field to "false" or leaving it blank are equivalent:
card-identifier | session-key | reusable | save | notes |
---|---|---|---|---|
first-use string | string | FALSE | TRUE | Card tokenised on the front end; saved as reusable after transaction. |
first-use string | string | FALSE | FALSE | Card tokenised on the front end; not reusable after transaction. |
second-use string | n/a | TRUE | FALSE | Reusing a saved card; no CVV checks. |
second-use string | string | TRUE | FALSE | Reusing a saved card; with CVV checks. |
All other combinations (e.g. TRUE+TRUE, or FALSE+any+missing session-key) are invalid. So it looks like the save
flag is not supported for a reusable card and so withSave()
can be removed from those. (TBC - awaiting confirmation from SP - yes, confirmed the above is correct)
from sagepay-integration.
Related Issues (20)
- Remove the RecurringIndicator HOT 1
- 3D Secure object structure fix HOT 1
- Add void support
- Some general restructuring HOT 2
- Support security-code action
- Expand supported currencies HOT 2
- Create state machine for a single-form payment
- RepeatPayment supports giftAid option HOT 1
- mathiasverraes/money is abandoned
- Create OmniPay 3.0 wrapper
- Support Deferred transaction type and abort/release instructions HOT 3
- Is Academe\SagePay\Psr7\Response\Model\Amount used? HOT 3
- Workaround for card surcharges HOT 2
- Void is a reserved word in PHP 7 HOT 1
- Pull out Avs cvc check object HOT 1
- Extraneous output from var_dump in Money\Amount::withMajorUnit HOT 5
- No travis tests running under PHP 7 HOT 4
- Code generation from OpenAPI description HOT 1
- Rename/rebrand/3DS v2 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sagepay-integration.