PaymentSITE
During checkout, the website server should not have access to sensitive credit card data. Do not place credit card fields on the final checkout page. Instead, use one of the implementation methods below to redirect the user to a hosted payment page. (See “Implementation Methods” below.)
The hosted payment page accepts the sensitive credit card data and redirects the user back to the checkout page. The redirect returns the transaction response data as a URL parameter. (See “Transaction Response Data” below.)
Transaction Flow Options
Sale Transaction
The hosted payment page executes a cc:sale transaction and returns the approval (plus a token) to the website.
Before submitting the transaction information, the website should verify that it has not been modified.
AuthOnly Transaction
The hosted payment page executes a cc:authonly transaction and returns the approval (plus a token) to the website.
After executing the transaction, the website captures the transaction via the API.
Before submitting the transaction information, the website should verify that it has not been modified.
Token Transaction
The hosted payment page executes a cc:save transaction and returns a token to the website.
The website uses the returned token to execute the final transaction via the API.
Post Transaction Redirect URL
Preconfigure the redirect URL or send it as a URL parameter to the hosted payment page.
Use separate redirects for transaction approvals and declines with the xRedirectURL and/or xRedirectURL_NotApproved variables.
xRedirectURL: Set this on the backend or in the request (or both to override it).
xRedirectURL_NotApproved: This can be set on the backend or in the request (or both to override it).
xPostUrl: Used to get a postback/IPN. This can be set on the backend or in the request (or both to override it, if allowed in settings).
Redirect sends the returned parameters in the query string.
Example:
https://www.cardknox.com/?xCurrency=USD&xDate=6%2F29%2F2020%204%3A26%3A47%20PM&xResult=A&xStatus=Approved&xErrorCode=00000&xAuthCode=09379A&xAuthAmount=1.03&xRefNum=341260411&xToken=0p3q5479g1g3h2p34g5763008044gg0p&xBatch=5128197&xMID=xxxxxxxxxx9999&xTID=xxxxx6789&xAvsResult=Address%3A%20No%20Match%20&5_Digit_Zip%3A_No_Match&xAvsResultCode=NNN&xCvvResult=No%20CVV%20data%20available&xMaskedCardNumber=4xxxxxxxxxxx1111&xName=t%20test&xExp=0620&xCardType=Visa&xEntryMethod=Keyed&xCustom10=Payment%20Site
Implementation Methods
Redirect
The user is redirected to the hosted payment page.
Customize the hosted payment page with your logo.
iFrame
The hosted payment page is embedded in your own checkout page.
The user never leaves your website.
See a demo of this implementation at secure.cardknox.com/iframedemo.
Transaction Response Data
This table lists the fields returned in a redirect URL.
Variable Name | Description |
---|---|
xAuthAmount | Amount authorized on card |
xAuthCode | Authorization code |
xAvsResult | AVS result message |
xAvsResultCode | AVS result code |
xBatch | Batch number |
xCardType | Card type (Visa, Mastercard, etc.) |
xCvvResult | CVV result |
xCvvResultCode | CVV result code |
xErrorCode | Error code |
xMaskedCardNumber | Masked card number |
xName | Name on card |
xRefNum | Transaction reference number |
xResult | Result (Status Code) (A, D, E) |
xStatus | Result status message (Approved, Declined, Error) |
xToken | Token for use with subsequent transactions |
xError | Error message (if any) |