----------------------------------------------------------------------
TrustCommerce Developer's Guide 2.5
http://www.trustcommerce.com
developer@trustcommerce.com
----------------------------------------------------------------------
Table of Contents
I. Introduction
II. Connecting via TCLink
III. Transaction Types
IV. Input Parameters
V. Return Parameters
VI. Credit Card Preauths and Sales
VII. Card Verification Value (CVV)
VIII. Card-Present Transactions
IX. ACH
X. Postauths, Credits, and Chargebacks
XI. Citadel (Billing IDs)
XII. Recurring Billing
XIII. TC Wallet
XIV. CrediGuard - Neural Network Fraud Scoring
XV. CrediGuard - Blacklists
XVI. CrediGuard - Velocity Control
XVII. Purchase Level II (Commercial Cards)
XVIII. Automated Fulfillment
XIX. Batch Processing
XX. Vault Query API
Appendix A - Test Data
Appendix B - Troubleshooting
Appendix C - Connecting via HTTPS POST
Appendix D - Currency Table
Appendix E - Input Field List
----------------------------------------------------------------------
I. Introduction
This guide is for developers. If you are seeking to add payment processing
functionality to a software package or website using the TrustCommerce,
platform and language neutral, transaction processing API, then this guide
is for you. If you are connecting via a pre-integrated commerce package,
including shopping carts such as StoreForge, Mal's e-Commerce, or
osCommerce, then you do not need this document.
An overview of payment processing and information about the TrustCommerce
Vault website are presented in the TrustCommerce User's Guide and will not
be covered here. If you are not familiar with the basics of credit card
processing (such as the difference between an auth and capture), then you
should probably read the User's Guide first. The User's Guide also
describes the Vault's reporting capabilities, which you may find useful to
confirm that your test transactions are working as expected.
There are two methods of connecting to the TrustCommerce gateway at the
programming level: TCLink client software and HTTPS POST to the Vault
server. TCLink is HIGHLY recommend, as it offers support for
TrustCommerce's advanced features such as automated failover, 2048-bit
encryption and server certificate verification. It's available for many
platforms and languages, and installation is straightforward. If you are
unable to use TCLink, the HTTPS POST method will still allow you to access
most features of the TrustCommerce processing engine, but be aware that it
cannot match the speed and especially the reliability of TCLink.
II. Connecting via TCLink
The TCLink API is available for download from the Vault website. Be sure
to choose the version that matches the platform and language that you are
using. Win32 developers will typically want the COM object, which contains
support for a number of different languages on the Win32 platform,
including ASP, Cold Fusion, Perl, PHP, and Python.
Installation instructions specific to the TCLink version you download can
be found in the readme file contained within the archive. It will also
contain a version of the TCTest program specific to the language you are
using. Review this example, and use it as the basis for your own code. In
fact, we recommend that you look over the code sample now to get a feel
for the API, and then return to reading this document.
Versions of TCLink for high-level languages (including PHP, Perl, Python,
and Java) with built in support for hashes only have one method: Send().
This method accepts a single parameter, a hash of input values, and
returns a single parameter, a hash of output values. The only other method
available is GetVersion(), which returns the version string for TCLink.
TCLink for other languages (including C/C++, Win32 COM, and CFX) contains
four basic methods: Create(), PushParam(), Send(), and GetResponse().
These four methods map to the four stages of running a transaction:
initialize, push a number of parameters describing the transaction, send
the transaction to the TrustCommerce gateway for processing, and finally
get details about the transaction results.
The only method which contacts the TC servers is Send(). This function
will block for one or two seconds while the transaction is processed.
Afterward, you can retrieve response parameters at your leisure; they are
stored internally in TCLink.
C-style TCLink functions are described in the table below.
TCLink Function Names
+------------------------------------------------------------------------------+
| Function Name | Description |
|---------------------+--------------------------------------------------------|
| CreateLink() | Create a new transaction handle. |
|---------------------+--------------------------------------------------------|
| PushParam() | Push a parameter into the transaction. |
|---------------------+--------------------------------------------------------|
| Send() | Submit a transaction to the gateway. |
|---------------------+--------------------------------------------------------|
| GetResponse() | Retrieve a response parameter from the transaction. |
|---------------------+--------------------------------------------------------|
| GetEntireResponse() | Get the entire response for the transaction, primarily |
| | use for debugging or logging. |
|---------------------+--------------------------------------------------------|
| Destroy() | Deallocate any memory associated with the transaction |
| | handle. |
|---------------------+--------------------------------------------------------|
| GetVersion() | Get the version string for the TCLink API in use. |
+------------------------------------------------------------------------------+
III. Transaction Types
You may wish to read the section of the TC User's Guide which describes
the transaction types and the authorization/capture process, especially if
you are not already familiar with credit card processing.
In terms of parameters passed, preauths and sales are almost identical.
They take account data and personal information about the customer, along
with a transaction amount. The transaction is authorized and the response
values returned. In the case of a sale, the item is also immediately
submitted for capture. Preauths are not captured until they are
postauthed.
Postauths and credits are also very similar to one another. They indicate
a capture or a return of funds for a previous transaction, and no personal
data about the customer or their payment method is passed.
There are three other types of transaction. Store and unstore are covered
in the Billing ID section of this document. Walletsale is covered under
the TC Wallet section .
IV. Input Parameters
There are a large number of parameters available for describing
transactions. Not all parameters are accepted for all transaction types,
and most parameters are optional. Most transactions can be sent with only
a few parameters. The only parameters always required are custid,
password, and action.
Parameters are carefully checked for format and size before the
transaction is sent. If there are any errors in the parameters you've
entered, the transaction will be aborted and detailed information about
the errors will be returned. These return values are described in more
detail in the next section.
All transaction types use the parameters presented in the following
tables.
Required Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| amount | Amount of the transaction, in cents. (example: "500" is |
| | $5.00) |
|----------------+-------------------------------------------------------------|
| custid | The customer ID number assigned to you by TrustCommerce. |
|----------------+-------------------------------------------------------------|
| password | The password for your custid as assigned by TrustCommerce. |
|----------------+-------------------------------------------------------------|
| action | The transaction type; can be one of preauth, sale, |
| | postauth,credit, store, unstore, walletsale, or chargeback |
+------------------------------------------------------------------------------+
Optional Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| | When set to "y", the transaction will be a test transaction |
| | only. |
| | |
| | This parameter is useful for testing. Demo transactions |
| demo | allow you to submit transactions from your processing |
| | system without charging real money to a card and without |
| | incurring any transaction fees. Demo transactions are also |
| | flagged separately in the Vault database and will not |
| | appear in the regular accounting reports. |
|----------------+-------------------------------------------------------------|
| | Free-form text field intended for storing ticket number or |
| | order number associated with the transaction, to aid |
| | merchants in order tracking and reporting. |
| | |
| ticket | The ticket parameter is passed to the acquiring bank in the |
| | settlement process as the "purchase identifier." This may |
| | aid in reconciling the TrustCommerce transactions with the |
| | deposits made into the merchant bank account. If no ticket |
| | is passed, then the TrustCommerce transID will be sent to |
| | the bank instead. |
|----------------+-------------------------------------------------------------|
| | Free-form text field intended for recording the operator |
| | that entered the transaction, to aid merchants in order |
| operator | track and reporting. Enterprise-class customers will note |
| | that this field corresponds to the username assigned to |
| | operators in the Vault. |
+------------------------------------------------------------------------------+
V. Return Parameters
Any transaction sent will return several parameters describing the success
or failure of the transaction. Properly formatted transactions will always
return a transaction ID (or "transID".) The transaction ID is the unique
identifier for this transaction, and can be used to retrieve the
transaction from the Vault website, or otherwise access the transaction in
the future. (For example, in order to credit a previous transaction, you
will need to send the transID of the original transaction.)
Transactions always return a status parameter which describes the success
or failure of the transaction. Status can be set to one of the following:
Status
+------------------------------------------------------------------------------+
| Status Value | Description |
|--------------+---------------------------------------------------------------|
| approved | The transaction was successfully authorized. |
|--------------+---------------------------------------------------------------|
| accepted | The transaction has been successfully accepted into the |
| | system. |
|--------------+---------------------------------------------------------------|
| decline | The transaction was declined, see declinetype for further |
| | details. |
|--------------+---------------------------------------------------------------|
| baddata | Invalid parameters passed, see error for further details. |
|--------------+---------------------------------------------------------------|
| error | System error when processing the transaction, see errortype |
| | for details. |
+------------------------------------------------------------------------------+
The difference between approved and accepted is subtle, but important.
Approved means that the transaction was an authorization of some sort, and
has been successfully cleared with the bank. Accepted only means that the
transaction was queued into the system without errors, but may be rejected
at some later time. An example of the difference is a sale versus a
credit. A sale is a real-time authorization, so it returns approved on
success. A credit is not real-time; there is no such thing as a "credit
authorization." Instead it is queued up for processing by the bank and
there is the small but non-zero possibility that it will be rejected at a
later time. In practice, however, this rarely happens, so the developer
need not worry unduly.
When status is set to decline, the parameter declinetype will contain one
of the following:
Decline Type
+------------------------------------------------------------------------------+
| Declinetype Value | Description |
|-------------------+----------------------------------------------------------|
| decline | This is a "true" decline, it almost always is a result |
| | of insufficient funds on the card. |
|-------------------+----------------------------------------------------------|
| avs | AVS failed; the address entered does not match the |
| | billing address on file at the bank. |
|-------------------+----------------------------------------------------------|
| | CVV failed; the number provided is not the correct |
| cvv | verification number for the card. (See CVV section for |
| | more details.) |
|-------------------+----------------------------------------------------------|
| | The card must be authorized manually over the phone. You |
| call | may choose to call the customer service number listed on |
| | the card and ask for an offline authcode, which can be |
| | passed in the offlineauthcode field. |
|-------------------+----------------------------------------------------------|
| expiredcard | The card has expired. Get updated expiration date from |
| | cardholder. |
|-------------------+----------------------------------------------------------|
| carderror | Card number is invalid, which could be a typo, or |
| | sometimes a card reported stolen. |
|-------------------+----------------------------------------------------------|
| authexpired | Attempt to postauth an expired (more than 14 days old) |
| | preauth. |
|-------------------+----------------------------------------------------------|
| fraud | CrediGuard fraud score was below requested thershold. |
|-------------------+----------------------------------------------------------|
| blacklist | CrediGuard blacklist value was triggered. |
|-------------------+----------------------------------------------------------|
| velocity | CrediGuard velocity control was triggered. |
|-------------------+----------------------------------------------------------|
| dailylimit | Daily limit in transaction count or amount as been |
| | reached. |
|-------------------+----------------------------------------------------------|
| weeklylimit | Weekly limit in transaction count or amount as been |
| | reached. |
|-------------------+----------------------------------------------------------|
| monthlylimit | Monthly limit in transaction count or amount as been |
| | reached. |
+------------------------------------------------------------------------------+
A status of baddata indicates that no transaction was attempted because
one or more parameters was invalid. In this case, the parameter error will
indicate the problem, and the offender's parameter will list the offending
input fields. The error parameter may be set to one of the following:
Bad Data
+------------------------------------------------------------------------------+
| Error Value | Description |
|--------------------+---------------------------------------------------------|
| missingfields | One or more parameters required for this transaction |
| | type were not sent. |
|--------------------+---------------------------------------------------------|
| extrafields | Parameters not allowed for this transaction type were |
| | sent. |
|--------------------+---------------------------------------------------------|
| badformat | A field was improperly formatted, such as non-digit |
| | characters in a number field. |
|--------------------+---------------------------------------------------------|
| badlength | A field was longer or shorter than the server allows. |
|--------------------+---------------------------------------------------------|
| | The merchant can't accept data passed in this field. If |
| | the offender is "cc", for example, it usually means |
| merchantcantaccept | that you tried to run a card type (such as American |
| | Express or Discover) that is not supported by your |
| | account. If it was "currency", you tried to run a |
| | currency type not supported by your account. |
|--------------------+---------------------------------------------------------|
| mismatch | Data in one of the offending fields did not cross-check |
| | with the other offending field. |
+------------------------------------------------------------------------------+
A status of error indicates the an error occurred while processing the
transaction. These are almost always networking errors; see the
Troubleshooting section for more details. If the status is error, then the
errortype parameter will be set to one of the following:
Errortype
+------------------------------------------------------------------------------+
| Errortype Value | Description |
|-----------------+------------------------------------------------------------|
| cantconnect | Couldn't connect to the TrustCommerce gateway. Check your |
| | Internet connection to make sure it is up. |
|-----------------+------------------------------------------------------------|
| dnsfailure | The TCLink software was unable to resolve DNS hostnames. |
| | Make sure you have name resolving ability on the machine. |
|-----------------+------------------------------------------------------------|
| linkfailure | The connection was established, but was severed before the |
| | transaction could complete. |
|-----------------+------------------------------------------------------------|
| | The bank servers are offline and unable to authorize |
| failtoprocess | transactions. Try again in a few minutes, or try a card |
| | from a different issuing bank. |
+------------------------------------------------------------------------------+
Other parameters (such as avs or billingid) may be returned by the
transaction depending on the action; see sections covering the transaction
type you're running for detailed information on the specialized return
values.
VI. Credit Card Preauths and Sales
The 'preauth' and 'sale' actions are identical in terms of parameters and
function. The only difference is that a sale submits the item for capture
as well, while preauths run the authorization only and can be postauthed
at another time.
The parameters that can be passed with these action types are described in
the following two tables. The first table list required fields that you
must pass in order to send the transaction. The second table lists
optional fields that you can pass if you wish, but are not required.
Required Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| amount | Amount of the transaction, in cents. (example: "500" is |
| | $5.00) |
|----------------+-------------------------------------------------------------|
| cc | Credit card number, digits only (no spaces or dashes) |
|----------------+-------------------------------------------------------------|
| exp | Credit card expiration date, in MMYY format. |
+------------------------------------------------------------------------------+
Optional Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Default Value | Description |
|-----------------+---------------+--------------------------------------------|
| media | cc | "cc" for credit card or "ach" for ACH. |
|-----------------+---------------+--------------------------------------------|
| currency | usd | Currency code (see the Currency Table for |
| | | a list of allowed codes.) |
|-----------------+---------------+--------------------------------------------|
| | | AVS requested, "y" or "n". |
| | | |
| | | NOTE: |
| | | The AVS system is a useful way to help |
| | | screen for fraud. Unfortunately, card |
| | | issuers do not provide uniform support for |
| | | AVS; approximately 30% of US-based credit |
| | | cards do not have AVS capability, and AVS |
| | | is not available with any non-US cards at |
| | | all. The ONLY time that a transaction will |
| | | be declined due to AVS is in cases where |
| | | AVS is available and the address data |
| | | submitted with the transaction does not |
| | | match the data on file at the bank. If AVS |
| | | is unavailable, it will not cause the |
| | | transaction to fail. For this reason, you |
| avs | n | may wish to screen AVS results closely. |
| | | |
| | | Only the numeric parts of the address |
| | | (street address and zip code) are |
| | | verified. It should also be noted that on |
| | | occasion, AVS data is incorrect or not |
| | | entirely up-to-date. Treat AVS as a |
| | | helpful tool which can be used in |
| | | combination with other methods (dependent |
| | | upon your business model) for screening |
| | | transactions. If you trust AVS too |
| | | blindly, you may risk losing legitimate |
| | | sales. Some merchants (again, dependent |
| | | upon business model) choose to turn AVS |
| | | off altogether. You should analyze your |
| | | customer base and make the decision that |
| | | will work best for your business. |
|-----------------+---------------+--------------------------------------------|
| name | | Cardholder's name. |
|-----------------+---------------+--------------------------------------------|
| address1 | | First line of cardholder's street address. |
|-----------------+---------------+--------------------------------------------|
| address2 | | Second line of cardholder's street |
| | | address. |
|-----------------+---------------+--------------------------------------------|
| city | | Cardholder's city. |
|-----------------+---------------+--------------------------------------------|
| | | Two-character code for the cardholder's |
| state | | state, or the full region/province for |
| | | international addresses. |
|-----------------+---------------+--------------------------------------------|
| | | Cardholder's zip code, five or nine digits |
| zip | | with no spaces or dashes, or the full |
| | | postal code for international addresses. |
|-----------------+---------------+--------------------------------------------|
| country | | Cardholder's country, leave blank for US. |
|-----------------+---------------+--------------------------------------------|
| phone | | Cardholder's phone number. |
|-----------------+---------------+--------------------------------------------|
| email | | Cardholder's email address. |
|-----------------+---------------+--------------------------------------------|
| | | Customer's originating TCP/IP address |
| | | (e-commerce only). This is not your |
| | | server's IP, but that of the customer's |
| ip | | computer, as reported by the web server. |
| | | For example, in PHP the global variable |
| | | $_SERVER{'REMOTE_ADDR'} contains the |
| | | incoming IP address which should be passed |
| | | in this field. |
|-----------------+---------------+--------------------------------------------|
| | | Six-digit numeric code used to "force" the |
| | | transaction. |
| | | |
| | | NOTE: |
| | | |
| | | Some cards returned a declinetype of call. |
| | | This indicates that the card cannot be |
| | | automatically authorized. If you call the |
| | | card issuer, they may be able to give you |
| offlineauthcode | | a manual authorization, which will consist |
| | | of a six-digit auth code. You may then |
| | | push the transaction through by entering |
| | | that code into the offlineauthcode field. |
| | | Offline authorizations via offlineauthcode |
| | | can only be used with sale transactions. |
| | | Since offlineauthcode skips the |
| | | authorization phase altogether, it is not |
| | | guaranteed in the same way as a normal |
| | | authorization. Be careful with the use of |
| | | this parameter. |
+------------------------------------------------------------------------------+
AVS Returns Codes
+------------------------------------------------------------+
| Code | Description |
|------+-----------------------------------------------------|
| X | Exact match, 9 digit zip code. |
|------+-----------------------------------------------------|
| Y | Exact match, 5 digit zip code. |
|------+-----------------------------------------------------|
| A | Street address match only. |
|------+-----------------------------------------------------|
| W | 9 digit zip code match only. |
|------+-----------------------------------------------------|
| Z | 5 digit zip code match only. |
|------+-----------------------------------------------------|
| N | No match on street address or zip code. |
|------+-----------------------------------------------------|
| U | AVS unavailable on this card. |
|------+-----------------------------------------------------|
| G | Non-US card issuer, AVS unavailable. |
|------+-----------------------------------------------------|
| R | Card issuer system currently down, try again later. |
|------+-----------------------------------------------------|
| E | Error, ineligible - not a mail/phone order. |
|------+-----------------------------------------------------|
| S | Service not supported. |
|------+-----------------------------------------------------|
| 0 | General decline or other error. |
+------------------------------------------------------------+
Preauth/Sale Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'preauth',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
'name': 'Jennifer Smith',
'address1': '123 Test St.',
'city': 'Somewhere',
'state': 'CA',
'zip': '90001',
'avs': 'y'
}
result = tclink.send(params)
if (result['status'] == 'approved'):
print 'Transaction was successful'
elif (result['status'] == 'decline'):
print 'Transaction declined. Reason: ', result['declinetype']
elif (result['status'] == 'baddata'):
print 'Improperly formatted data. Offending fields: ', result['offenders']
else:
print 'An error occurred: ', result['errortype']
print 'Here are the full details:'
print result
VII. Card Verification Value (CVV)
Another method for cardholder verification is the CVV system. Visa cards
use what is called a CVV(II) or CVV2 code; MasterCard calls it CVC2, and
American Express calls it CID. CVV(II) and CVC2 (Visa/MC) are located on
the back of the credit card, printed in ink on the signature strip. The
number is the last three digits on the right hand side of the long string
of numbers on the strip. In the case of CID (AmEx), the number is a
four-digit value located on the front of the card, printed just above the
card number on the left hand side. This value is passed to TCLink through
the following parameter.
CVV Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| cvv | A three or four digit CVV number. |
|----------------+-------------------------------------------------------------|
| checkcvv | Set to "n" to disable CVV check, even if the value is |
| | passed. Default is "y". |
+------------------------------------------------------------------------------+
The CVV value will be checked if anything is passed in this parameter. (If
you don't include the parameter, no CVV test will be run.) If the CVV
matches, the transaction will run as normal. If it does not, you will
receive a status of decline, and a declinetype of cvv.
In some cases you may wish to pass the CVV code without actually checking
to confirm that it is correct. In that case set checkcvv=n.
CVV Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
'cvv': '123'
}
result = tclink.send(params)
if (result['status'] == 'decline'):
if (result['declinetype'] == 'cvv'):
print 'The CVV number is not valid.'
VIII. Card-Present Transactions
In a retail environment with a card swiper, you may wish to pass magnetic
stripe data along with the other credit card information on a preauth or
sale. There are two parameters which you can use to send this data, named
track1 and track2. Each one is for a different type of track data, and
depends on the type of card reader being used.
Card-Present Parameters
+--------------------------------------------------+
| Parameter Name | Description |
|----------------+---------------------------------|
| track1 | Up to 79 bytes of Track 1 data. |
|----------------+---------------------------------|
| track2 | Up to 40 bytes of Track 2 data. |
+--------------------------------------------------+
You can include all data read from the track, but only data between the
start sentinel (a '%' character for track1 and a ';' for track2) and the
end sentinel ('?') will be used. Everything outside the start and end
sentinels (such as the trailing LRC character) will be discarded.
The cc and exp fields may be passed, but are not required, since they will
be extracted from the track data. If you do pass one or both of these
fields, however, and it does not match the data extracted from the track
data, a status of baddata and an error mismatch will be returned.
If both track1 and track2 data are passed, the system will choose track1
by default for the authorization, and track2 will be discarded.
Generally AVS and address data are not necessary for swiped transactions,
but you may pass them anyway if you choose. All data passed will be saved
in the vault and can be downloaded for reports and later analysis.
Card Present Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500'
}
params['track1'] = CardReader.readMagStripe()
result = tclink.send(params)
IX. ACH
ACH, also known as electronic checks, is very different from credit cards
in that it allow a direct debit or credit to a checking account. The
concept of "authorization" does not exist; it is purely a money transfer.
For this reason, the only transaction types available for ACH are sale and
credit. ACH credits are identical to all other types of credits in the
TrustCommerce system, so please refer to postauths, credits and
chargebacks for details on issuing credits.
ACH sales take the same parameters as credit card sales, with the
exception of the "cc" and "exp" fields. Instead, use the following
parameters.
ACH Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| routing | The routing number of the bank being debited. |
|----------------+-------------------------------------------------------------|
| account | The account number of the person or business being debited. |
+------------------------------------------------------------------------------+
AVS is not available for ACH transactions, so the AVS setting is ignored.
There is only one declinetype returned from unsuccessful ACH sales, and
that is "decline."
ACH Example
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'sale',
'media': 'ach',
'amount': '1000',
'routing': '789456124',
'account': '55544433221'
}
tclink.send(params)
X. Postauths, Credits, and Chargebacks
These three transaction types are similar in that they reference a
successful transaction previously executed through the TrustCommerce
system. These transaction types will not accept credit card information or
other personal information fields. There is only one required parameter.
Required Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| transid | The transaction ID (format: nnn-nnnnnnnnnn) of the |
| | referenced transaction. |
+------------------------------------------------------------------------------+
In addition, postauths and credits can take an optional amount parameter.
Optional Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| amount | The amount, in cents, to credit or postauth if it is not |
| | the same as the original amount. |
+------------------------------------------------------------------------------+
If no amount is passed, the default will be to take the amount from the
original transaction. If, however, you wish to credit or postauthorize
less than the original amount, you may pass this parameter.
Credit Example
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'credit',
'transid': '001-0000111101'
}
tclink.send(params)
if (result['status'] != 'accepted'):
print 'Credit unsuccessful.'
XI. Citadel (Billing IDs)
The Citadel enables you to store customer billing information in an
encrypted TrustCommerce database. This information can then be recalled
with a single six-character alphanumeric code known as a billing ID.
Besides offloading the liability of storing sensitive data such as credit
card numbers from your business to TrustCommerce, the Citadel can also
simplify application development on your servers.
The Citadel has two unique actions, store and unstore. These transction
types allow you to create, update, and deactivate billing IDs. Once
stored, the billing ID will be passed in place of the many billing
information fields for preauth and sale transactions.
Store Parameters
The store transaction looks very similar to a preauth or sale. You may
pass credit card information , billing and shipping address, or even ACH
information.
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| verify | When set to "y", a $1.00 preauth will be run on the card to |
| | ensure that it is valid. |
|----------------+-------------------------------------------------------------|
| billingid | Pass if you wish to update values of an existing billing |
| | ID. |
+------------------------------------------------------------------------------+
You can update information on existing billing IDs by passing the
billingid field along with the store transaction. If you wish to erase the
data contained in a field, pass the exact string "null" (four characters,
all lower case) as the parameter value.
The verify parameter is useful for ensuring that the card number is valid
if you are not planning to bill the customer right away. It has no effect
for ACH billing IDs, because there is no such thing as an ACH preauth. It
is recommended that you pass avs=y for further verification of the
cardholder's data. Please note: normally, billing ID storage returns a
status of accepted, because the card is unverified. If you use the verify
parameter, however, it will return approved upon success.
Unstore Parameters
The unstore action takes a single parameter:
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| billingid | The six-character alphanumeric billing ID returned by a |
| | previous store transaction. |
+------------------------------------------------------------------------------+
Unstore removes the billing ID from active use, and you won't be able to
run further transactions on it. For your convenience, however, it does
remain visible in Vault (flagged as an inactive ID), so you can still look
up old IDs if needed.
Billing ID Example
To run a billing ID transaction, pass the billingid parameter to a preauth
or a sale in place of all of the usual billing info fields (name, cc, exp,
routing, account, etc). That's all there is to it! You'll find that your
sale or preauth transactions are now only a few parameters: custid,
password, billingid, and amount.
# First, store a new ID.
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'store',
'cc': '4111111111111111',
'exp': '0412',
'name': 'Jennifer Smith'
}
result = tclink.send(params)
if (result['status'] == 'accepted'):
# It was successfully stored. Now try running a transaction on the new ID.
billingid = result['billingid']
params2 = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'sale',
'billingid': billingid,
'amount': '995'
}
tclink.send(params2);
# Unstore the ID now that we are done.
params3 = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'unstore',
'billingid': billingid
}
tclink.send(params3)
XII. Recurring Billing
Recurring billing (also called "subscription billing") is an extension of
the billing ID system. There are four parameters that are added to a store
which turn the billing ID into a recurring billing ID. They are described
below.
Recurring Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Required? | Default Value | Description |
|--------------------+-----------+---------------+-----------------------------|
| cycle | X | | Repeat cycle in days, |
| | | | weeks, months, or years. |
|--------------------+-----------+---------------+-----------------------------|
| amount | X | | Amount to bill in cents. |
|--------------------+-----------+---------------+-----------------------------|
| | | | Date to start, or else |
| start | | | offset from current date |
| | | | (defaults to now). |
|--------------------+-----------+---------------+-----------------------------|
| payments | | 0 | Number of payments to make |
| | | | (defaults to infinite). |
|--------------------+-----------+---------------+-----------------------------|
| | | | If 'y', performs the card |
| | | | authorization immediately. |
| authnow | | n | Funds will be captured upon |
| | | | first payment cycle. |
| | | | (requires start date) |
|--------------------+-----------+---------------+-----------------------------|
| | | | If 'y', the final payment |
| lastpaymentunstore | | y | in the billing cycle will |
| | | | result in the billing ID |
| | | | being unstored. |
+------------------------------------------------------------------------------+
Cycle is in the format of a number between 1 and 99 followed by a
character representing the time frame: 'd' for days, 'w' for weeks, 'm'
for months or 'y' for years. For example, a value of "3d" in this field
would cause the charge to recur every three days, whereas a value of "2m"
would cause it to recur every two months.
Amount is identical to the amount passed to a sale or a preauth, and
indicates the amount of each charge made during the subscription.
Start is an optional field which allows the delay of the cycle's start. By
default, the cycle starts the day the billing ID is stored. If it is
specified in the format YYYY-MM-DD, it indicates a date when the first
payment should be made. (For example, "2005-02-01" would be February 1,
2005.) If it is in the same format as the cycle (a number followed by a
character), it indicates an offset from the current date. (For example,
"1d" would start the billing tomorrow.)
If there is no start parameter, the first transaction is run immediately
(and can cause the store action to return a "decline" or other result you
would expect from a sale). Other return parameters associated with auths,
such as avs code, will be returned as well.
If you pass authnow=y, an immediate authorization will be performed for
the payment amount, but the funds will not be captured until the start
date is reached. This is handy for free trial accounts: because the funds
are authorized immediately, you are assured the money. If they cancel
sometime between the time the billing ID is stored and the start date of
the billing cycle, you can unstore the ID and they will never be charged.
Their free trial will be the time between the billing ID store and the
billing cycle start date. Authnow requires that a start date be specified.
The payments field is also optional; left blank or set to zero it will
continue the billing cycle until it is manually interrupted by an unstore,
or by updating the billing ID with cycle set to "null". Once the final
payment is made, the billing ID will be unstored, unless
lastpaymentunstore is set to 'n'. lastpaymentunstore should only be used
when the number of payments is specified.
There is only one instance in which the cycle parameter is not required,
and that is a one-time future payment. By setting payments to "1" and
passing a start date, the payment will be made on that date and then the
billing ID unstored. The cycle parameter may be included with a one-time
future payment, but it will have no effect.
Recurring Billing Example
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'store',
'cc': '4111111111111111',
'exp': '0412',
'name': 'Jennifer Smith',
'amount': '1200'
}
mode = chooseSubscriptionMode()
if (mode == 1):
# Make a payment every day, infinitely (or until someone manually disables it)
params['cycle'] = '1d';
elif (mode == 2):
# Make a payment once a month for one year
params['cycle'] = '1m';
params['payments'] = '12';
elif (mode == 3):
# Make a payment every six weeks, starting one week from now
params['cycle'] = '62';
params['start'] = '1w';
elif (mode == 4):
# Make annual payments, and don't start until September 1, 2007
params['cycle'] = '1y';
params['start'] = '2007-09-01';
elif (mode == 5):
# Make a one time payment in 45 days
params['start'] = '45d';
params['payments'] = '1';
tclink.send(params)
XIII. TC Wallet
The TC Wallet is an additional service offered by the TrustCommerce
gateway that allows you to run many small micro payments which are later
lumped together and submitted as a single, large payment. This can offer a
substantial savings for the merchant in transaction fees, as merchant
account providers tend to penalize merchants that run small payments.
Wallet Parameters
The Wallet is an extension of the billing ID system. It adds three new
parameters to the store action, described below.
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| wallet | "y" to enable the wallet. |
|----------------+-------------------------------------------------------------|
| walletsize | Accumulated amount, in cents, before the wallet is |
| | submitted for capture. |
|----------------+-------------------------------------------------------------|
| walletexposure | Length of time to wait before capturing the wallet. |
+------------------------------------------------------------------------------+
In order to enable wallets for the billing ID that you are storing, set
the "wallet" parameter to "y". The other two parameters are optional, as
there are default values attached to your TC account. If you wish to
change these default values (which are normally $10.00 and 72 hours)
please contact TrustCommerce. If you wish to change the values for an
individual billing ID without changing your defaults, include these
parameters.
Once the billing ID is stored, it is possible to use a new action type on
the ID called walletsale. It is identical to a sale in all ways, except
that it can only be used on wallet-enabled billing IDs, and it can accept
amounts anywhere from $0.01 up to the size of the wallet. Walletsale will
usually return "approved", but it may return "decline" if the stored
credit card fails to re-authorize when the current wallet is exceeded.
Except for these two modifications (the wallet parameters on the store,
and changing sales to walletsales), there is no extra development to be
done client-side to make wallets work. Captures happen automatically after
walletexposure has expired or the walletamount has been used up;
reauthorizations also happen automatically.
Wallet Example
# First, store a new ID with the wallet enabled.
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'store',
'cc': '4111111111111111',
'exp': '0412',
'name': 'Jennifer Smith',
'wallet': 'y'
}
result = tclink.send(params)
if (result['status'] == 'approved'):
# We have a new wallet at our disposal. Run a micropayment on it.
billingid = result['billingid']
params2 = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'walletsale',
'billingid': billingid,
'amount': '995'
}
tclink.send(params)
XIV. CrediGuard - Neural Network Fraud Scoring
When the CrediGuard Neural Network is enabled, a fraud score is assigned
to each transaction based on its appearance of fraud or legitimacy. This
score is determined by running each transaction through an advanced
artificial intelligence neural network that is trained to recognize
fraudulent transactions.
The fraud score represents an evaluation of how legitimate or fraudulent
the transaction appears. A fraud score close to 0 means that the
transaction is likely to be fraudulent, while a fraud score close to 100
means that the transaction is likely to be legitimate.
The CrediGuard Score Threshold is a number from 0 to 100 that controls how
restrictive the CrediGuard fraud screening system should be. Any
transaction with a fraud score less than the CrediGuard score threshold
will be declined. All other transactions will be accepted as per usual.
The following chart sums up the effects of the possible CrediGuard score
threshold ranges:
+--------------------------------------------+
| Score Threshold Range | Blocking Effect |
|-----------------------+--------------------|
| 0 | Allow All |
|-----------------------+--------------------|
| 1 - 25 | Allow Most |
|-----------------------+--------------------|
| 26 - 50 | Normal |
|-----------------------+--------------------|
| 51 - 75 | Restrictive |
|-----------------------+--------------------|
| 76 - 100 | Highly Restrictive |
+--------------------------------------------+
The default score threshold can be configured within the Vault web
interface. To override the default score threshold, you can optionally
pass in an extra parameter to set a different score threshold for the
current transaction only:
CrediGuard Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| | The fraud threshold for the current transaction. If the |
| threshold | transaction receives a Fraud Score below this threshold, it |
| | will be declined. |
+------------------------------------------------------------------------------+
With Neural Network scoring enabled, the return parameters for each
transaction will contain an additional parameter for the calculated fraud
score:
CrediGuard Return Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| fraudscore | The actual numeric score, 0 to 100, that the Crediguard |
| | Neural Network gave to the transaction. |
+------------------------------------------------------------------------------+
CrediGuard Neural Network Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
'threshold': '45',
}
result = tclink.send(params)
if (result['status'] == 'decline'):
if (result['declinetype'] == 'fraud'):
print 'Transaction declined based on fraud score.'
You may also wish to handle the score result yourself, perhaps with fuzzy
logic that treats a certain range of low scores as out-and-out declines, a
high range as approvals, and a middle range as accepting pending further
processing. The last category of transactions could be set aside in your
local database or perhaps trigger an email to a customer service rep, who
could manually review the transaction, and perhaps call the customer for
verification.
CrediGuard Fuzzy Logic Scoring Example
score_bottom = 30
score_top = 70
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
'threshold': score_bottom
}
result = tclink.send(params)
if (result['status'] == 'decline'):
if (result['declinetype'] == 'fraud'):
print 'Transaction declined, score was too low.'
if (result['status'] == 'approved'):
if (result['fraudscore'] > score_top):
print 'Transaction approved'
else:
print 'Transaction accepted pending review'
XV. CrediGuard - Blacklists
Blacklists are used to block specific cardholder information that you know
to be fraudlent. The most common example would be a customer who keeps
using a credit card that caused chargebacks in the past. You can block the
customer from running charges on the card by entering their credit card
number as a blacklist value.
Blacklist rules are configured from within the Vault web interface and
apply to all transactions, so there are no blacklist input parameters that
you need to pass in with TCLink.
If a transaction is declined because it matches a blacklist rule that you
have created, the reason for this decline will be returned via the
following parameters:
Blacklist Return Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| | The name of the input field that contained the blacklisted |
| blacklistfield | value. This can be one of "name", "cc", "zip", "address1", |
| | "state", "country", "email", "phone", or "ip". |
|----------------+-------------------------------------------------------------|
| | The input value that triggered the blacklist decline. For |
| blacklistvalue | instance, if the decline was due to a blacklisted IP |
| | address, the offending IP address would be returned here. |
+------------------------------------------------------------------------------+
Blacklist Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
}
result = tclink.send(params)
if (result['status'] == 'decline'):
if (result['declinetype'] == 'blacklist'):
print 'Transaction declined based on blacklist rule.'
print 'The offending field was: ' + result['blacklistfield']
print 'And the blacklisted value was: ' + result['blacklistvalue']
XVI. CrediGuard - Velocity Control
In the world of payment processing, 'velocity' refers to limiting the
number or amount of transactions which occur over a set period of time.
This allows you, the merchant, to control your risk. The most common use
of velocity would be to limit the dollar amount spent per day on a single
credit card. But the CrediGuard package supports a wide variety of
velocity parameters, allowing you to tailor them to match the usage
patterns of your customers and thereby control your risk factor.
CrediGuard can perform four different types of velocity checks:
Velocity Types
+------------------------------------------------------------------+
| Velocity Type | Description |
|---------------+--------------------------------------------------|
| Global | All transactions |
|---------------+--------------------------------------------------|
| Zipcode | Transactions on the same zipcode |
|---------------+--------------------------------------------------|
| IP Address | Transactions sent from the same Internet address |
|---------------+--------------------------------------------------|
| Credit Card | Transactions on the same credit card |
+------------------------------------------------------------------+
Each of the four velocity types offers a count (number of transactions)
and a total (dollar amount sum). For each of those two values, there are
four time periods, ranging from one day to one month. All of these
velocity settings are configured from within the Vault web interface and
apply to all transactions, so there are no velocity input parameters that
you need to pass in with TCLink.
If a transaction is declined on the basis of exceeding one of these
velocity settings, the reason for this decline will be returned via the
following parameters:
Velocity Return Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| | A brief string that contains the precise reason for the |
| | velocity decline. The first part of this string contains a |
| | velocity type, either "global", "zip", "ip", or "cc". The |
| | next part of the string contains a time period, either |
| velocitytype | "1day", "3day", "15day", or "30day". The end of the string |
| | is "count" if the transaction count for the velocity type |
| | and time period was exceeded, or "total" if the dollar |
| | amount sum was exceeded. For example, "zip3daycount" would |
| | be returned if the velocity transaction count was exceeded |
| | for a particular zip code in a three day period. |
|----------------+-------------------------------------------------------------|
| | The input value that triggered the velocity decline. For |
| velocityvalue | instance, if the decline was due to a zip code velocity |
| | setting, the offending zip code would be returned here. |
+------------------------------------------------------------------------------+
Velocity Example
params = {
'custid': 'mycustid',
'password': 'mypasswd',
'action': 'sale',
'amount': '500',
'cc': '4111111111111111',
'exp': '0412',
}
result = tclink.send(params)
if (result['status'] == 'decline'):
if (result['declinetype'] == 'velocity'):
print 'Transaction declined based on ' + result['velocitytype'] + ' velocity controls.'
XVII. Purchase Level II
Purchase Level II is required by some merchant banks to achieve a
qualified discount rate. It is only used for B2B or B2G transactions. If
you are selling products directly to consumers, you do not need to use
PL2. Additionally, PL2 can only be used if the cardholder is using one of
the three types of commercial cards: a corporate card, a business card, or
a purchasing card.
PL2 Input Parameters
PL2 has three new parameters:
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|------------------+-----------------------------------------------------------|
| purchaselevel | Specify as "2". |
|------------------+-----------------------------------------------------------|
| | The purchasing order number from their Visa purchasing |
| purchaseordernum | card. This is either a 16 or a 17 digit number. If they |
| | are not using a Visa purchasing card, do not pass this |
| | field. |
|------------------+-----------------------------------------------------------|
| tax | The amount of tax, in cents, charged for the order. If |
| | the order is tax exempt omit this field or set it to 0. |
+------------------------------------------------------------------------------+
PL2 Output Parameter
A successful PL2 transaction will return one extra response parameter
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|----------------+-------------------------------------------------------------|
| commercialcard | Set to "S" for if it is a purchasing card, "R" if it is |
| | corporate card, and "B" if it is a business card. |
+------------------------------------------------------------------------------+
If you don't care what kind of card they used (which you probably don't),
there is no reason to store or otherwise do anything with the
commercialcard return value. TrustCommerce internally handles all the
details for you. However, if you want this information for some reason,
you can access it from the result parameters.
Purchase Level II Example
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'sale',
'cc': '4111111111111111',
'exp': '0412',
'amount': '1000'
'name': 'Jennifer Smith',
'purchaselevel': '2'
'purchaseordernum': '12345678901234567'
'tax': '83' # $10.00 x 8.25% sales tax = $0.83
}
result = tclink.send(params)
if (result['status'] == 'approved'):
print 'Approved'
XVIII. Automated Fulfillment
TrustCommerce offers the unique feature of automated fulfillment, by which
orders submitted through the TCLink API can contain parameters describing
product information. This information is then passed on to your
fulfillment house, which ships the products automatically. Even if you
aren't using automated fulfillment, you can use the order line item
specification parameters to store information in the TrustCommerce
transaction database about the type of products ordered.
First, you may wish to specify the shipping address for the customer. If
it is the same as the billing address, you need not duplicate it, but
rather just send the shiptosame parameter set to y. The table below lists
the shipping parameters.
Ship To Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|-----------------+------------------------------------------------------------|
| shiptosame | y or n (defaults to n). If "y", then no other shipto_ |
| | parameters should be passed. |
|-----------------+------------------------------------------------------------|
| shipto_name | Name of the product recipient. |
|-----------------+------------------------------------------------------------|
| shipto_address1 | First line of shipping address. |
|-----------------+------------------------------------------------------------|
| shipto_address2 | Second line (if any) of shipping address. |
|-----------------+------------------------------------------------------------|
| shipto_city | City. |
|-----------------+------------------------------------------------------------|
| shipto_state | State. |
|-----------------+------------------------------------------------------------|
| shipto_zip | Zip code, five or nine digits (no spaces or dashes). |
|-----------------+------------------------------------------------------------|
| shipto_country | Country, leave blank for US. |
+------------------------------------------------------------------------------+
Order Header Parameters
Second, some additional data about the order as a whole should be passed
in the form of the following parameters.
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|------------------+-----------------------------------------------------------|
| shippingcode | Three character code indicating shipping method to use. |
|------------------+-----------------------------------------------------------|
| shippinghandling | The total cost of shipping and handling, in cents. |
|------------------+-----------------------------------------------------------|
| numitems | Total number of distinct items (product codes) in the |
| | order. |
+------------------------------------------------------------------------------+
Order Detail Parameters
Finally, a number of parameters which describe the details of each type of
item must be passed. In the table below, the 'X' character in the
parameter name should be replaced with a digit indicating which item it
applies to. For example, if numitems is set to three, then you should pass
three product codes, in the form of productcode1, productcode2, and
productcode3.
+------------------------------------------------------------------------------+
| Parameter Name | Description |
|-------------------+----------------------------------------------------------|
| productcodeX | The alphanumeric product code defined by the fulfillment |
| | house. |
|-------------------+----------------------------------------------------------|
| quantityX | The number of items of this type to be shipped. |
|-------------------+----------------------------------------------------------|
| priceX | The price of all items of this type not including sales |
| | tax or shipping, in cents. |
|-------------------+----------------------------------------------------------|
| taxX | Total tax charged for all items of this product code. |
|-------------------+----------------------------------------------------------|
| shippinghandlingX | Total shipping and handling charged for all items of |
| | this product code. |
+------------------------------------------------------------------------------+
Please note: the shippinghandling field and the shippinghandlingX fields
are mutually exclusive. Use one or the other, but not both. If you're not
sure which to use, please contact your fulfillment house.
Fulfillment Example
params = {
'custid': 'mycustid',
'password': 'mypass',
'action': 'preauth',
'cc': '4111111111111111',
'exp': '0412',
'amount': '1979', # Total of items, tax, and shipping
'name': 'Jennifer Smith',
'address1': '123 Test St.',
'city': 'Somewhere',
'state': 'CA',
'zip': '90001',
'shiptosame': 'y', # Shipping address is same as billing address
'numitems': '2', # Two total product codes will be described
'shippingcode': 'OVRNGT',
'shippinghandling': '695',
'productcode1': 'PCODE1',
'quantity1': '3',
'price1': '600', # Item 1 costs $2.00, and there are 3 of them
'tax1': '144', # Tax of 8%
'productcode2': 'PCODE2',
'quantity2': '1',
'price2': '500', # Item 1 costs $5.00, there's only one
'tax2': '40' # Tax of 8%
}
tclink.send(params)
XIX. Batch Processing
The TrustCommerce Batch Processing service allows programmers to submit an
unlimited number of transactions in a single file for offline processing.
The file can contain a mixture of transaction types (preauths and
postauths, credits, sales, stores and unstores for example) and can use
Citadel Billing IDs, ACH Routing codes or credit card information to
identify the account to be charged. In fact, any field found in Appendix E
- Input Field List of this guide can be included.
Naming Conventions
While there is no required naming convention for the transaction file sent
to TrustCommerce, we recommend the convention shown in the table below.
The results file that we return to you will use your file name with the
prefix "result-".
+------------------------------------------------------------------------------+
| Recommended File Name | Description |
|--------------------------------+---------------------------------------------|
| | This is the input file containing the list |
| | of transactions to be processed. |
| | |
| | This file MUST be in comma separated values |
| | (CSV) format and the first row MUST contain |
| | the field names for all fields that you |
| | choose to include (See Appendix E .) |
| | Individual records are not required to |
| | contain values for each field. |
| batch-[custid]-[mmddyy][x].txt | |
| | [custid] is your numeric TrustCommerce |
| | custid. [mmddyy] is a numeric date. |
| | |
| | [x] is an optional alpha identifier to |
| | distinguish batches if multiple batches are |
| | sent in one day. |
| | |
| | Do not include the "[" or "]"characters in |
| | the file name. |
|--------------------------------+---------------------------------------------|
| | This file contains a response record for |
| result-[your file name].txt | each transaction record sent in the batch |
| | file. |
+------------------------------------------------------------------------------+
+------------------------------------------------------------------------------+
| NOTE: The records in the results file will be sequenced in exactly the same |
| order as the original input file. If you require a more positive identifier |
| for each record (invoice number for example) include the required value in |
| the "ticket" field of your input file. This value will be echoed back to you |
| in the "ticket" field of the results file. See the examples below. |
+------------------------------------------------------------------------------+
Sample Batch Upload File
To invoke the Batch Processing service use your programming language's
HTTPS POST function and point it at
https://batch.trustcommerce.com/submit.php .
A sample batch upload file might look like this:
ticket,action,cc,exp,amount,name,email
01-1224,sale,4111111111111111,0412,999,Test Person,person@example.com
00-1175,preauth,4111111111111111,0412,333,Test Person,person@example.com
Sample Batch Response File
The response file will contain one response record for each uploaded
transaction record.
The results file can then be downloaded interactively from the Vault or by
invoking your language's HTTPS POST function pointed at
https://batch.trustcommerce.com/download.php .
A sample response file might look like this:
ticket,status,transid,billingid,declinetype,errortype,offenders,avs
01-1224,approved,010-0001364786,,,,,N
00-1175,approved,010-0001364785,,,,,N
Status Reporting
Email is the primary means used by the Batch Processing service to provide
status updates. Status updates will be sent to the same email address used
for Daily Reports emails. This email address can be modifed on the
"Settings" page of the Vault's web interface.
After uploading your file, the system will respond immediately with an
"Acknowledged" message and then follow by sending an email with a subject
similar to the following:
Subject: Batch File [your file name] Picked Up
The content of the mail will provide processing statistics including the
number of records found in the file.
When processing is complete, a second e-mail will be sent. The subject
this time will look like:
Subject: Batch File [your file name] Complete
The body of this email will contain relevant information including the
number of approvals, declines, accepts and settlements.
Sample Code
The sample HTML code shown below illustrates the functionality of the
Batch Processing service invocation of the TCLink API. It can be pasted
into a file and loaded on your web browser in order to experiment with
batch processing before you even begin to write your code.
Batch Upload Example
<html>
<head> <title> TrustCommerce Batch Upload Interface </title> </head>
<body>
<h2> TrustCommerce Batch Upload Interface </h2>
<form action=https://batch.trustcommerce.com/submit.php method=post
enctype=multipart/form-data>
<table align=center border=1>
<tr>
<td> custid </td>
<td> <input type=text name=custid> </td>
<td> This is your TrustCommerce custid (required) </td>
</tr>
<tr>
<td> password </td>
<td> <input type=password name=password> </td>
<td> This is your TrustCommerce password (required) </td>
</tr>
<tr>
<td> batch file </td>
<td> <input name=file type=file> </td>
<td> This is the batch file to upload (required) </td>
</tr>
<tr>
<td colspan=3> <input type=submit> </td>
</tr>
</table>
</form>
</body>
</html>
Batch Results Download Example
<html>
<head> <title> TrustCommerce Batch Results Download Interface </title> </head>
<body>
<h2> TrustCommerce Batch Results Download Interface </h2>
<form action=https://batch.trustcommerce.com/download.php method=post>
<table align=center border=1>
<tr>
<td> custid </td>
<td> <input type=text name=custid> </td>
<td> This is your TrustCommerce custid (required) </td>
</tr>
<tr>
<td> password </td>
<td> <input type=password name=password> </td>
<td> This is your TrustCommerce password (required) </td>
</tr>
<tr>
<td> result file name </td>
<td> <input name=file type=text> </td>
<td> This is the result file name to download (required) </td>
</tr>
<tr>
<td colspan=3> <input type=submit> </td>
</tr>
</table>
</form>
</body>
</html>
XX. Vault Query API
The Vault website serves as a web-based interface for merchant
reconciliation. On the back end, it is a complex database that tracks all
transactional data for your TrustCommerce account. The information
contained in the Vault can be accessed at the API level using a standard
CGI query over HTTPS.
The query API returns data in CSV (comma separated value) format, which is
just a flat text file with fields separated by commas, and records
separated by newlines. (You can also request the data returned in an HTML
table, which is useful for debugging.) The first line of the file contains
the name of each field that will be returned in subsequent records.
The parameters that the query interface accepts are described in the table
below.
Required Parameters
+------------------------------------------------------------------------------+
| Parameter Name | Required? | Description |
|----------------+-----------+-------------------------------------------------|
| custid | X | TrustCommerce customer ID number. |
|----------------+-----------+-------------------------------------------------|
| password | X | The password for your custID. |
|----------------+-----------+-------------------------------------------------|
| format | | Set to "html" for human-readable HTML output, |
| | | or "text" (default) for CSV text output. |
|----------------+-----------+-------------------------------------------------|
| | | Possible values are: chain, transaction, |
| | | summary, or billingid, corresponding to the |
| querytype | X | equivalent reports on the Vault website. Read |
| | | the User's Guide for further description of |
| | | each report type. |
|----------------+-----------+-------------------------------------------------|
| media | | Set to "cc" (default) or "ach" for media type. |
|----------------+-----------+-------------------------------------------------|
| begindate | | Begin date for query, format: MM-DD-YYYY |
| | | HH:MM:SS |
|----------------+-----------+-------------------------------------------------|
| enddate | | End date for query, format: MM-DD-YYYY HH:MM:SS |
|----------------+-----------+-------------------------------------------------|
| chain | | Narrow search to a single chain of |
| | | transactions. |
|----------------+-----------+-------------------------------------------------|
| transid | | Narrow search to a single transaction ID. |
|----------------+-----------+-------------------------------------------------|
| billingid | | Narrow search to a single billing ID. |
|----------------+-----------+-------------------------------------------------|
| | | Use 'y' or 'n'. For billing ID search. Show |
| pastdue | | only recurring billing IDs that have been |
| | | unable to capture the requested funds. |
|----------------+-----------+-------------------------------------------------|
| action | | Narrow search by action (preauth, sale, credit, |
| | | etc). |
|----------------+-----------+-------------------------------------------------|
| status | | Narrow search by status (approved, accepted, |
| | | decline, etc). |
|----------------+-----------+-------------------------------------------------|
| name | | Narrow search by cardholder name, partial or |
| | | complete. |
|----------------+-----------+-------------------------------------------------|
| cc | | Narrow search by credit card number. |
|----------------+-----------+-------------------------------------------------|
| ticket | | Narrow search by contents of the ticket field. |
|----------------+-----------+-------------------------------------------------|
| limit | | Do not allow size of result set to exceed this |
| | | number of records. |
|----------------+-----------+-------------------------------------------------|
| | | Report result set starting from this offset. |
| offset | | Use this parameter in conjunction with limit in |
| | | order to page through a large result set. |
|----------------+-----------+-------------------------------------------------|
| showcount | | Show the number of records returned on the last |
| | | line of the result set. |
+------------------------------------------------------------------------------+
The sample HTML code shown below illustrates the functionality of the
query API. It can be pasted into a file and loaded on your web browser in
order to try out some queries before you even begin to write your code.
Query Example HTML
<html>
<head> <title> TrustCommerce Query Interface </title> </head>
<body>
<h2> TrustCommerce Query Interface </h2>
<form action=https://vault.trustcommerce.com/query/>
<table align=center border=1>
<tr>
<td> custid </td>
<td> <input type=text name=custid> </td>
<td> This is your TrustCommerce custid (required) </td>
</tr>
<tr>
<td> password </td>
<td> <input type=password name=password> </td>
<td> This is your TrustCommerce password (required) </td>
</tr>
<tr>
<td> format </td>
<td> <select name=format> <option value=text>text</option>
<option value=html>html</option></select></td>
<td> Human readable (html) or computer readable (text) results</td>
</tr>
<tr>
<td> Query type </td>
<td> <select name=querytype>
<option value=chain>chain</option>
<option value=transaction>transaction</option>
<option value=summary>summary</option>
<option value=billingid>billingid</option>
</select></td>
<td> Type of query </td>
</tr>
<tr>
<td> media </td>
<td> <input type=text name=media value=cc> </td>
<td> For now this must be cc </td>
</tr>
<tr>
<td> begindate MM-DD-YYYY HH:MM:SS </td>
<td> <input type=text name=begindate> </td>
<td> Query begins at this date</td>
</tr>
<tr>
<td> enddate MM-DD-YYYY HH:MM:SS </td>
<td> <input type=text name=enddate> </td>
<td> Query ends at this date</td>
</tr>
<tr>
<td> chain </td>
<td> <input type=text name=chain> </td>
<td> Narrow search to a single chain of transactions </td>
</tr>
<tr>
<td> transid </td>
<td> <input type=text name=transid> </td>
<td> Narrow search to a single transactions </td>
</tr>
<tr>
<td> billingid </td>
<td> <input type=text name=transid> </td>
<td> Narrow search to a single billingid </td>
</tr>
<tr>
<td> pastdue </td>
<td> <select name=pastdue>
<option value=y>y</option>
<option value=n>n</option>
</select></td>
<td> Use 'y' or 'n'. For billing ID search. Show only recurring billing IDs
that have been unable to capture the requested funds. </td>
</tr>
<tr>
<td> action </td>
<td> <input type=text name=action> </td>
<td> Narrow search by action. (example: preauth,postauth) </td>
</tr>
<tr>
<td> status </td>
<td> <input type=text name=status> </td>
<td> Narrow search by status. (example: approved,accepted) </td>
</tr>
<tr>
<td> name </td>
<td> <input type=text name=name> </td>
<td> Narrow search by name. </td>
</tr>
<tr>
<td> cc </td>
<td> <input type=text name=cc> </td>
<td> Narrow search by credit card field. </td>
</tr>
<tr>
<td> limit </td>
<td> <input type=text name=limit value=20> </td>
<td> Limit results to this number of fields (not used for summary)</td>
</tr>
<tr>
<td> offset </td>
<td> <input type=text name=offset value=0> </td>
<td> Report results at this offset (used with limit to page through results)</td>
</tr>
<tr>
<td> showcount </td>
<td> <select name=showcount>
<option value=y>yes</option>
<option value=n>no</option>
</select></td>
<td> Show the number of not-limited rows on the last line of the result</td>
</tr>
<tr>
<td colspan=3> <input type=submit> </td>
</tr>
</table>
</form>
</body>
</html>
Appendix A - Test Data
While testing, you may wish to experiment with the different responses
that the gateway can generate. The following test card numbers will
produce an approval, and have address data as listed, for testing AVS. If
you wish to test CVV, the code listed int he right-hand column is the
correct CVV code, Other valid credit cards will work, but will produce a
'U' AVS code.
Please note: these cards ONLY work on transactions flagged as demo, or
while your account is in "test" mode! For a live transaction, they will
all return a decline with a declinetype of carderror.
Test Cards - Approved
+----------------------------------------------------------------------------------------+
| Card Type | Card Number | Exp | Address | City |State | Zip | CVV |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|Visa |4111111111111111 |04/12 |123 Test St. |Somewhere |CA |90001 |123 |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|MasterCard |5411111111111115 |04/12 |4000 Main St. |Anytown |AZ |85001 |777 |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|American |341111111111111 |04/12 |12 Colorado |Elsewhere |IL |54321 |4000 |
|Express | | |Blvd. | | | | |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|Discover |6011111111111117 |04/12 |6789 Green Ave. |Nowhere |MA |12345 |- |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|Diner's Club|36484444444446 |04/12 |7390 Del Mar |Atown |NY |01101 |- |
| | | |Blvd. | | | | |
|------------+-----------------+------+----------------+------------+------+-------+-----|
|JCB |213122222222221 |04/12 |350 Madison Ave.|Springfield |OH |400000 |- |
+----------------------------------------------------------------------------------------+
The following card numbers will generate a decline, with the declinetype
listed as follows. You may use this to test code which takes different
paths dependent upon the type of decline.
Test Cards - Declined
+----------------------------------------+
| Card Number | Exp | DeclineType |
|------------------+-------+-------------|
| 4012345678909 | 04/12 | decline |
|------------------+-------+-------------|
| 5555444433332226 | 04/12 | call |
|------------------+-------+-------------|
| 4444111144441111 | 04/12 | carderror |
+----------------------------------------+
ACH Test Numbers
+---------------------------------+
| Routing Number | Account Number |
|----------------+----------------|
| 789456124 | 55544433221 |
+---------------------------------+
You should also test your code to make sure it properly handles all
baddata and error cases. Simply pass bad values in order to generate these
situations.
Appendix B - Troubleshooting
Details about installing and troubleshooting TCLink specific to your
development platform can be found in the documentation included with the
TCLink archive.
Once you are able to connect to the TC gateway, you should be able to
diagnose parameter-related issues using the status, declinetype , and
errortype parameters returned by the gateway. There is one response which
indicates a more generic error, and that's an error of cantconnect. First,
check the computer's network connection; can you ping machines on the
Internet, by IP or by name?
The most common network connectivity error is that your target computer
may be behind a firewall. TCLink uses the HTTPS port (443/tcp) for network
communications; you can check whether this port is open from the target
machine by typing "telnet vault.trustcommerce.com 443" at a UNIX command
prompt, or else by loading a web browser on the target machine and
attempting to visit https://vault.trustcommerce.com directly. If you
timeout attempting to make the connection, but your Internet connection is
working otherwise, then you may be firewalled. Speak to your network
administrator about allowing outbound TCP traffic on port 443.
Another common problem is the lack of domain name (DNS) resolution. In
some cases this will result in an errortype dnsfailure. (Not always; the
TCLink software will sometimes fall back to hard coded IP addresses for
established accounts. But this method is insecure and error-prone, and is
used only as a last resort to keep a system with temporary DNS issues up
and running during the outage.) The target machine must be able to resolve
the trustcommerce.com domain; try typing "host trustcommerce.com" from a
UNIX command prompt. If you don't get a response, or get an error, then
the machine cannot resolve DNS information and TCLink will not be able to
connect to the TC gateway. Speak to your sysadmin about making domain name
resolution available to your target host.
Appendix C - Connecting via HTTPS POST
This method should only be used if a TCLink client install is not an
option. It does not have the failover capability (and thus the processing
uptime is not guaranteed to be 100%), or some of the enhanced security
features of TCLink. In addition, transactions may be slightly slower, by
an extra half second or so. It does, however support all other features
available through TCLink, including all parameters and transaction types.
This is the URL:
https://vault.trustcommerce.com/trans/
The transaction should be sent as a standard POST, with CGI parameters,
URL encoded. The parameters are otherwise identical to those used through
TCLink.
Response parameters are returned as name-value pairs separated by
newlines.
Appendix D - Currency Table
Currency Codes
+-----------------------------------------------------------------------+
| Code | Currency Type | Code | Currency Type |
|------+---------------------------+------+-----------------------------|
| usd | US Dollars | jpy | Japan Yen |
|------+---------------------------+------+-----------------------------|
| eur | Euro | jod | Jordan Dinar |
|------+---------------------------+------+-----------------------------|
| cad | Canadian Dollars | krw | Korea (South) Won |
|------+---------------------------+------+-----------------------------|
| gbp | UK Pounds | lbp | Lebanon Pounds |
|------+---------------------------+------+-----------------------------|
| dem | German Deutschemarks | luf | Luxembourg Francs |
|------+---------------------------+------+-----------------------------|
| frf | French Francs | myr | Malaysia Ringgit |
|------+---------------------------+------+-----------------------------|
| jpy | Japanese Yen | mxp | Mexico Pesos |
|------+---------------------------+------+-----------------------------|
| nlg | Dutch Guilders | nlg | Netherlands Guilders |
|------+---------------------------+------+-----------------------------|
| itl | Italian Lira | nzd | New Zealand Dollars |
|------+---------------------------+------+-----------------------------|
| chf | Switzerland Francs | nok | Norway Kroner |
|------+---------------------------+------+-----------------------------|
| dzd | Algeria Dinars | pkr | Pakistan Rupees |
|------+---------------------------+------+-----------------------------|
| arp | Argentina Pesos | xpd | Palladium Ounces |
|------+---------------------------+------+-----------------------------|
| aud | Australia Dollars | php | Philippines Pesos |
|------+---------------------------+------+-----------------------------|
| ats | Austria Schillings | xpt | Platinum Ounces |
|------+---------------------------+------+-----------------------------|
| bsd | Bahamas Dollars | plz | Poland Zloty |
|------+---------------------------+------+-----------------------------|
| bbd | Barbados Dollars | pte | Portugal Escudo |
|------+---------------------------+------+-----------------------------|
| bef | Belgium Francs | rol | Romania Leu |
|------+---------------------------+------+-----------------------------|
| bmd | Bermuda Dollars | rur | Russia Rubles |
|------+---------------------------+------+-----------------------------|
| brr | Brazil Real | sar | Saudi Arabia Riyal |
|------+---------------------------+------+-----------------------------|
| bgl | Bulgaria Lev | xag | Silver Ounces |
|------+---------------------------+------+-----------------------------|
| cad | Canada Dollars | sgd | Singapore Dollars |
|------+---------------------------+------+-----------------------------|
| clp | Chile Pesos | skk | Slovakia Koruna |
|------+---------------------------+------+-----------------------------|
| cny | China Yuan Renmimbi | zar | South Africa Rand |
|------+---------------------------+------+-----------------------------|
| cyp | Cyprus Pounds | krw | South Korea Won |
|------+---------------------------+------+-----------------------------|
| csk | Czech Republic Koruna | esp | Spain Pesetas |
|------+---------------------------+------+-----------------------------|
| dkk | Denmark Kroner | xdr | Special Drawing Right (IMF) |
|------+---------------------------+------+-----------------------------|
| nlg | Dutch Guilders | sdd | Sudan Dinar |
|------+---------------------------+------+-----------------------------|
| xcd | Eastern Caribbean Dollars | sek | Sweden Krona |
|------+---------------------------+------+-----------------------------|
| egp | Egypt Pounds | chf | Switzerland Francs |
|------+---------------------------+------+-----------------------------|
| eur | Euro | twd | Taiwan Dollars |
|------+---------------------------+------+-----------------------------|
| fjd | Fiji Dollars | thb | Thailand Baht |
|------+---------------------------+------+-----------------------------|
| fim | Finland Markka | ttd | Trinidad and Tobago Dollars |
|------+---------------------------+------+-----------------------------|
| frf | France Francs | trl | Turkey Lira |
|------+---------------------------+------+-----------------------------|
| dem | Germany Deutsche Marks | gbp | United Kingdom Pounds |
|------+---------------------------+------+-----------------------------|
| xau | Gold Ounces | usd | United States Dollars |
|------+---------------------------+------+-----------------------------|
| grd | Greece Drachmas | veb | Venezuela Bolivar |
|------+---------------------------+------+-----------------------------|
| hkd | Hong Kong Dollars | zmk | Zambia Kwacha |
|------+---------------------------+------+-----------------------------|
| huf | Hungary Forint | eur | Euro |
|------+---------------------------+------+-----------------------------|
| isk | Iceland Krona | xcd | Eastern Caribbean Dollars |
|------+---------------------------+------+-----------------------------|
| inr | India Rupees | xdr | Special Drawing Right (IMF) |
|------+---------------------------+------+-----------------------------|
| idr | Indonesia Rupiah | xag | Silver Ounces |
|------+---------------------------+------+-----------------------------|
| iep | Ireland Punt | xau | Gold Ounces |
|------+---------------------------+------+-----------------------------|
| ils | Israel New Shekels | xpd | Palladium Ounces |
|------+---------------------------+------+-----------------------------|
| itl | Italy Lira | xpt | Platinum Ounces |
|------+---------------------------+------+-----------------------------|
| jmd | Jamaica Dollars | | |
+-----------------------------------------------------------------------+
Appendix E - Input Field List
Input Fields
+------------------------------------------------------------------------+
| Name | Type | Minimum | Maximum | Service |
| | | Length | Length | |
|--------------------+--------+---------+---------+----------------------|
| custid | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| password | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| action | string | 1 | 10 | |
|--------------------+--------+---------+---------+----------------------|
| media | string | 1 | 10 | |
|--------------------+--------+---------+---------+----------------------|
| currency | string | 3 | 3 | |
|--------------------+--------+---------+---------+----------------------|
| amount | number | 3 | 8 | |
|--------------------+--------+---------+---------+----------------------|
| cc | number | 13 | 16 | |
|--------------------+--------+---------+---------+----------------------|
| exp | number | 4 | 4 | |
|--------------------+--------+---------+---------+----------------------|
| cvv | number | 3 | 4 | |
|--------------------+--------+---------+---------+----------------------|
| routing | number | 9 | 9 | ACH |
|--------------------+--------+---------+---------+----------------------|
| account | number | 3 | 17 | ACH |
|--------------------+--------+---------+---------+----------------------|
| billingid | string | 6 | 6 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| verify | y/n | 1 | 1 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| transid | string | 14 | 14 | |
|--------------------+--------+---------+---------+----------------------|
| avs | y/n | 1 | 10 | |
|--------------------+--------+---------+---------+----------------------|
| name | string | 1 | 60 | |
|--------------------+--------+---------+---------+----------------------|
| address1 | string | 1 | 80 | |
|--------------------+--------+---------+---------+----------------------|
| address2 | string | 1 | 80 | |
|--------------------+--------+---------+---------+----------------------|
| zip | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| city | string | 1 | 40 | |
|--------------------+--------+---------+---------+----------------------|
| state | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| country | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| phone | string | 1 | 30 | |
|--------------------+--------+---------+---------+----------------------|
| email | string | 1 | 50 | |
|--------------------+--------+---------+---------+----------------------|
| ip | string | 7 | 15 | |
|--------------------+--------+---------+---------+----------------------|
| track1 | string | 1 | 79 | Card Swipe |
|--------------------+--------+---------+---------+----------------------|
| track2 | string | 1 | 40 | Card Swipe |
|--------------------+--------+---------+---------+----------------------|
| ticket | string | 1 | 30 | |
|--------------------+--------+---------+---------+----------------------|
| operator | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shiptosame | y/n | 1 | 1 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_name | string | 1 | 60 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_address1 | string | 1 | 40 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_address2 | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_city | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_state | string | 2 | 2 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_zip | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shipto_country | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| numitems | number | 1 | 3 | |
|--------------------+--------+---------+---------+----------------------|
| price | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shippingcode | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| shippinghandling | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| productcode# | string | 1 | 20 | |
|--------------------+--------+---------+---------+----------------------|
| quantity# | number | 1 | 3 | |
|--------------------+--------+---------+---------+----------------------|
| price# | number | 1 | 6 | |
|--------------------+--------+---------+---------+----------------------|
| tax# | number | 1 | 6 | |
|--------------------+--------+---------+---------+----------------------|
| shippinghandling# | number | 1 | 6 | |
|--------------------+--------+---------+---------+----------------------|
| wallet | y/n | 1 | 1 | TC Wallet |
|--------------------+--------+---------+---------+----------------------|
| walletsize | string | 3 | 8 | TC Wallet |
|--------------------+--------+---------+---------+----------------------|
| walletexposure | string | 1 | 3 | TC Wallet |
|--------------------+--------+---------+---------+----------------------|
| start | string | 2 | 10 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| cycle | string | 2 | 4 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| payments | number | 1 | 4 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| authnow | y/n | 1 | 1 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| lastpaymentunstore | y/n | 1 | 1 | Citadel |
|--------------------+--------+---------+---------+----------------------|
| fraudthreshold | number | 1 | 2 | CrediGuard (Scoring) |
|--------------------+--------+---------+---------+----------------------|
| ip | number | 7 | 15 | CrediGuard |
| | | | | (Blacklist) |
|--------------------+--------+---------+---------+----------------------|
| demo | y/n | 1 | 1 | |
|--------------------+--------+---------+---------+----------------------|
| offlineauthcode | string | 6 | 6 | |
+------------------------------------------------------------------------+
Copyright (c) 2006 TrustCommerce
