- 1 Intended Audience
- 2 Introduction
- 3 Appearance
- 4 Configuration
- 4.1 Payment Page: General Settings
- 4.2 Payment Page: Payment Types Settings
- 4.3 Payment Page: Receipt Page Settings
- 4.4 Payment Page: Receipt Emails Settings
- 4.5 Payment Page: Appearance Settings
- 4.6 Payment Page: Security Settings
- 4.6.1 Security Settings: reCAPTCHA
- 4.7 Payment Page: Hash Calculator
- 4.8 Payment Page: Recurring
- 5 Character Encoding
- 6 Payment Form Fields
- 6.1 Essential Fields
- 6.2 Transaction and Display Fields
- 6.3 Order and Customer Detail Fields
- 6.4 Unsupported Fields and Unsupported Authorize.net Functionalities
- 7 Google Analytics
- 8 Relay Response
- 9 Silent Post
- 10 Transaction Result Fields
- 10.1 Standard Authorize.net Fields
- 10.2 Standard Authorize.net Fields (Credit Card Only)
- 10.3 E-xact Additional Fields
- 10.4 E-xact API Response Fields
- 10.5 E-xact API Response Fields (Credit Card Only)
- 10.6 Response Reason Codes and Text
- 10.7 Common Bank Response Codes
- 10.8 Address Verification Result Codes
- 10.9 CVV2 Verification Indicator Codes
- 10.10 CVV2 Result Codes
- 11 Example Payment Forms
- 11.1 Basic Example
- 11.2 Example Including Relay Response
- 11.3 Resulting Payment Form
- 11.4 Example with Order Details
- 12 Implementation and Testing Guide
- 12.1 Generation of the Checkout Form
- 12.1.1 Calculating the x_fp_hash value
- 12.1.2 Testing the x_fp_hash calculation12.1.3 Tying the Payment to a Particular Order
- 12.2 Relay Response Implementation
- 12.2.1 Generated HTML
- 12.2.2 Customer Cookies
- 12.2.3 Relay Response Signature
- 12.2.4 Sample Relay Response POST
- 12.2.5 Relay Response Sample Code
1 Intended Audience
This document is intended for
- Merchants who want to understand the payment processing features of E-xact Transactions' Payment Pages service.
- Web developers who integrate a merchant's website with Payment Pages for payment processing.
This document covers the configuration of the merchant's account at E-xact, the payment request parameters that should be sent by the merchant and how they are processed, and includes request examples.
2 Introduction
A Payment Page is a securely hosted web payment form designed to accept Internet-based E-commerce transactions.
With Payment Pages customers can pay with their credit cards or directly from their bank account through Interac Online. Interac Online enables a customer to pay directly from their bank account and utilizes the customer’s existing online banking interface to authorize the transaction and facilitate payment. The customer’s online experience will include a redirection to their online banking website from Payment Pages. Once authenticated the customer is returned to the Payment Page where the process is completed and a receipt is displayed to them.
With Payment Pages in place a merchant is no longer exposed to the sensitive payment details required to process a payment. Additionally, the merchant has access to an expanding toolkit of payment options and fraud prevention tools without the need for additional development.
Payment Pages redirect the customer to a payment form hosted by E-xact Transactions. To accomplish this the merchant displays a "Checkout" button within an HTML form on their website that will submit a POST request to the following URL:
https://checkout.e-xact.com/payment
If you're using an account on our demo system, you'll want to use this URL instead:
https://rpm.demo.e-xact.com/payment
Within the parameters of this HTML form the merchant specifies the location of the Payment Page along with payment details and authentication information. These are usually implemented as hidden input in the HTML form. Note that there is a 7000 byte limit on the data sent in the POST request.
At the end of the payment process all parameters that define the status of the transaction can be returned to the merchant in real-time.
The appearance and payment options displayed on the payment form are configured through an online management interface available to all E-xact merchants.
3 Appearance
The merchant can customize the appearance of their Payment Page as follows:
- All pages (except for the Interac Online page) can be styled to match the merchant's website design by configuring a colour scheme and specifying the logo to be displayed.
- If further Payment Page customization is required, a link (absolute URLs only) to a CSS file can be entered into the field marked "CSS URL". All Payment Page elements can be customized.
- The merchant’s server can be set to render entirely the last page (customer receipt display) through Relay Response - see Section 8 for more information on this topic.
4 Configuration
The Payment Pages configuration determines how each payment is processed. This configuration covers payment processing presentation and functionality such as Relay Response and email notification.
The redirect to Payment Pages's payment form requires the configuration of at least one Payment Page, each identified by a unique "Payment Page ID". This ID is passed in as the x_login parameter when the merchant redirects to the Payment Page to process a transaction. See Section 6.1, "Essential Fields", for more information.
Payment Pages are administered through the "Payment Pages" tab, accessible only to administrators. An individual Payment Page view presents you with several options to control the payment form:
- General Settings
- Payment Types Settings
- Receipt Page Settings
- Receipt Emails Settings
- Appearance Settings
- Security Settings
- Hash Calculator
Merchants can add as many Payment Pages as required. This allows the support of:
- Multiple shopping carts
- Multiple languages
- Various processing options (i.e. one Payment Page for Interac Online payments, one Payment Page for credit card payments only, etc.)
- A dedicated demo Payment Page
To add a new Payment Page, click the “Create a New Payment Page” link.
To change an existing Payment Page, click on its Payment Page ID.
Additionally, existing Payment Pages can be previewed or deleted on this tab.
4.1 Payment Page: General Settings
The “General” tab of a Payment Page defines the title and location of the Payment Page.
The "Return to Your Site URL" is used for the “Return to WSP Example Shop” link that can be viewed in the image here. It is also used for timeout pages allowing the customer to return to the merchant's website.
You may also set "Maximum Number of Payment Attempts" to prevent customers from submitting payment information more than the designated amount of times.
The notification email setting is used to determine where copies of payment notification emails to customers are sent, and where any Payment Pages error messages are sent.
4.2 Payment Page: Payment Types Settings
The payment processing terminal options can be set in the Payment Types tab.
The "Currency" setting determines what currency will be used for the current Payment Page. If you'd like to offer multiple currencies on your site, you'll want to set up separate Payment Pages for each currency offering.
Processing Mode determines whether this Payment Page is being used in "live" or "test" mode.
To offer Credit Card processing, enable the "Enable Credit Card Payments" checkbox. To offer Interac Online processing, enable the "Enable Interac Payments" checkbox. To offer PayPal processing, enable the "Enable PayPal" checkbox. If you're not offering credit card payments, you may check the "Bypass the first page when customers checkout" option which will skip the page shown in here.
Select the desired merchant/terminal combinations under the Sections "Test Processing" and "Live Processing" for both the Interac and Credit Card payment types.
For PayPal payments, you will need to supply a PayPal certificate or the PayPal API login, password, and signature values. The PayPal experience can be customized by choosing the PayPal layout for mobile devices, regular browsers, or by having PayPal automatically detect between the two.
Payments may be processed in test or live mode. This option may be preconfigured (as shown here) depending on terminal settings. In the sample account shown there are no live processing terminals available, therefore that option is not displayed. Test mode can also be triggered with the redirect parameter x_test_request; see Section 6.2, "Transaction and Display Fields".
Note: When a payment request is made in test mode the “Pay from your Bank Account” button on the Payment Page form will not redirect to the Interac Online site, but to a page hosted by E-xact that simulates an Interac Online payment. For testing PayPal payments, test API credentials obtainable from PayPal should be used.
If you would like to enable 3-D Secure (Verified by Visa/Mastercard SecureCode) for your Payment Page, activate the "Enable 3-D Secure" checkbox. Note that registration is required to take advantage of this feature. If you want to force customers who haven't enrolled in this program to do so before being permitted to complete payment, you'll also want to enable the "Require Enrollment" checkbox.
4.3 Payment Page: Receipt Page Settings
The receipt page settings determine how receipts are displayed to customers, and how transaction data is handled after a transaction has been completed.
On this page, you're presented with several Return Link methods: GET, AUTO-GET, POST, AUTO-POST, LINK, and REDI. The following is a breakdown of the different methods offered and their uses.
User-Initiated Navigation
These methods add a link or button to the standard transaction receipt that is displayed to the customer. Their actions are triggered only if the customer clicks the link or button.
- LINK - The configured Receipt Link is embedded as a simple HTML link. No transaction results are sent when the customer clicks this link.
- GET - The configured Receipt Link is embedded as the submit button of an HTML form (method GET). When the customer clicks this button the transaction results are sent as HTTP GET parameters (URL query string).
- POST - The configured Receipt Link is embedded as the submit button of an HTML form (method POST). When the customer clicks this button the transaction results are sent as HTTP POST parameters.
The transaction results sent is a subset of the fields described in Section 10, "Transaction Result Fields". Specifically, this subset does not include the E-xact API Response Fields listed in Section 10.4 and Section 10.5.
Automatic Navigation
These methods do not display the standard transaction receipt to the customer. Instead, the customer's browser automatically submits an HTTP form to the configured Receipt Link and is up to the merchant server hosting the Receipt Link website to generate and display the transaction receipt to the customer.
- AUTO-GET - Sends the transaction results (same subset as method GET) as HTTP GET parameters (URL query string).
- AUTO-POST - Sends the transaction results (full set described in Section 10, "Transaction Result Fields") as HTTP POST parameters.
- REDI - Submits the HTTP form with method GET, sending the transaction results as HTTP GET parameters (URL query string). This method is obsolete and will be phased out eventually.
The "Reference Number Title" field can be used to display an invoice identifier on the Payment Page. Leave this value empty if you do not want it displayed on the Payment Page. Note that this value can also be set on a case-by-case basis by using the "x_invoice_num" form field.
Likewise, the "Customer Reference Title" field can be used to display a customer identifier. Again, this value can be set by using the form field "x_po_num".
Enable the "Allow Relay Response" setting if you would like to use this method for your receipt handling. More information on this topic can be found in Section 8.
If Relay Response and Receipt Link methods are both enabled, Relay Response will take precedence so the receipt page generated by the merchant server would be displayed. E-xact's standard transaction receipt page with the configured Receipt Link would only be displayed if there is a communication failure with the merchant's server for Relay Response.
Note: The following options listed are not visible in the screenshot above
Check the "Allow HTTP Redirect to Merchant Website" option if you would like to send the customer back to the merchant website using an HTTP redirect while using Relay Response.
The "Validate Relay Response HTML" option will perform a check on the HTML returned from the merchant server to ensure that it has not been tampered with. More information on this feature can be found here.
By filling out the "Silent POST URL" field, transaction results will be sent back to the merchant server via a HTTP POST request to the specified URL, but E-xact's servers will not expect a response. This method can be used alongside the Relay Response and Receipt Link methods, typically as an extra measure of redundancy to ensure that transaction results make it back to the merchant server. More information on this subject can be found in Section 9.
4.4 Payment Page: Receipt Emails Settings
If you would like customers to receive a confirmation email of their transaction, you can enable the "Send a payment confirmation email to customers". The email "From" address can also be specified on this page, so that emails appear to be coming from the merchant site. The notification email header and footer can also be set on this page for additional customization.
4.5 Payment Page: Appearance Settings
The appearance of a Payment Page is configured in the Appearance tab where the language, logo, and background and text colours can be set.
4.6 Payment Page: Security Settings
On this page you'll find information and settings used to validate the security of transactions.
The "Encryption Type" setting determines what encryption method is use to calculate the Transaction Key and Response Key. It is recommended that MD5 encryption is used, though SHA-1 encryption may be used for custom applications.
The "Transaction Key" and "Response Key" values are both found on this page, and can be re-generated if required. Note that if these keys are changed, any Payment Pages that have been set up with the old keys will no longer function until they're updated with the new keys.
4.6.1 Security Settings: reCAPTCHA
The E-xact Gateway now provides reCAPTCHA functionality on all Hosted Checkout Payment Pages. This feature helps to mitigate attacks on merchant payment pages from bots and scripts. As of December 3rd, 2020, reCAPTCHA has been enabled by default on all newly created payment pages.
Fig. 1 - reCAPTCHA: cardholder interaction
reCAPTCHA is optional for Hosted Payment Pages; it can be toggled on or off under the Payment Pages "Security" tab.
Fig. 2 - reCAPTCHA: checkbox enablement under "Security"
4.7 Payment Page: Hash Calculator
The Hash Calculator is a tool that can be used to ensure that the "x_fp_hash" value of a transaction is being generated properly on the merchant side. Transaction values can be entered here so that the actual hash value can be compared with the expected result. This is typically only used in debugging scenarios when the hash value isn't being generated correctly and a way is needed to identify the incorrect transaction variable(s) that are throwing off the hash calculation.
4.8 Payment Page: Recurring
The Recurring section presents settings for configuring Recurring payments with a Payment Page. Recurring functionality for a Payment Page can be enabled or disabled here, and the customer agreement text presented to customers can be set. The agreement text can be formatted using Markdown.
5 Character Encoding
Incoming parameters should be encoded in UTF-8 to ensure correct text display and processing.
6 Payment Form Fields
The merchant interfaces with Payment Pages by displaying an HTML form on a website page that submits a POST request to Payment Pages at https://checkout.e-xact.com/payment. Hidden form fields specify the particulars about the payment. The fields supported by Payment Pages are described in this section.
6.1 Essential Fields
The following parameters are required, and validated with each request. If one is missing or the validation fails the customer will see an error page. The merchant will also receive an email explaining the problem.
| Field | Value | Description |
| x_login | Varies by merchant | Maximum length 20, the Payment Page ID from the Payment Pages interface. Case-sensitive. |
| x_fp_sequence | Chosen by merchant | Can be a random number. Used in x_fp_hash calculation in order to make it unique but not used otherwise. Returned with Relay Response / Silent Post / Receipt Link. |
| x_fp_timestamp | Time in seconds since January 1, 1970. UTC, Coordinated Universal Time | Requests expire after 15 minutes / 900 seconds. |
| x_amount | Positive number | Total dollar amount to be charged inclusive of freight and tax; Maximum Length 15. |
| x_fp_hash | String | HMAC-MD5 hash from the merchant’s transaction key and concatenation of the values for x_login, x_fp_sequence, x_fp_timestamp, x_amount, and (if given) x_currency_code – all separated by the ^ character. Note that even if x_currency_code is not present a ^ character is still added. The transaction key can be found in the "Security" tab when viewing the settings for a specific Payment Page. |
| x_show_form | PAYMENT_FORM | Case-sensitive. |
Notes:
- The x_fp_hash parameter serves solely as verification that the form was generated by the merchant's server, and not by the customer or a third party. Its calculation depends on the merchant’s private Transaction Key. The Transaction Key is discussed in Section 4.6.
- The x_show_form parameter is required in order to stay compatible with the Authorize.net protocol. See this page for more information on Authorize.net SIM compatibility.
6.2 Transaction and Display Fields
These parameters are validated as indicated below. If invalid, one of the following two scenarios will occur:
- The customer's browser will display an error page and the merchant will be notified by email
- A default value will be substituted
The parameters are passed on as received by Payment Pages in:
- Notifications to the merchant about errors
- Relay Response / Silent Post / Receipt Link
| Name/Area | Validation | Explanation |
| Processing Fields | ||
| x_test_request | TRUE / FALSE | Optional: Process payment in test mode. Case-sensitive. |
| x_type | AUTH_CAPTURE / AUTH_ONLY / AUTH_TOKEN / PURCHASE_TOKEN |
The type of the transaction.
|
| Receipt Page Fields | ||
| x_receipt_link_method | LINK / GET / POST / AUTO-GET / AUTO-POST | Specifies the type of link made back to the merchant's website. Case-sensitive. |
| x_receipt_link_text | Any text | Hyperlinked text or submit button value. With GET or POST a form is generated with hidden fields that contain the result of the processed transaction. If empty, default value "Return to Merchant website title" is used. Merchant website title is set in the Payment Pages interface. |
| x_receipt_link_url | Valid URL | Target of hyperlinked text or action for HTML GET/POST. If empty or not a valid URL, the default value from the Payment Pages interface is taken. |
| Fields Common to Payment Collection and Receipt Page | ||
| x_logo_url | Valid URL | Displayed on header of Payment Form and Receipt Page. If empty or not a valid URL, the default value from the Payment Pages interface is taken. |
| x_color_background | HTML colour name or hex code | Background colour of the Payment Form and Receipt Page. If empty or invalid, default value from the Payment Pages interface is used. |
| Email Setting Fields | ||
| x_email_customer | TRUE / FALSE | Should a confirmation email be sent to the customer; default is set in the Payment Pages interface. |
| x_merchant_email | Valid email address | Email address to which the merchant's copy of the customer confirmation email should be sent. If a value is submitted an email will be sent to this address as well as the addresses configured in the "General" section of the Payment Pages interface. No email will be sent to this address if it does not meet standard email format checks. |
| Transaction Data Fields | ||
| x_currency_code | USD / CAD | Currency of the transaction. Case sensitive. (Interac Online supports only CAD) |
| Recurring Billing Fields | ||
| x_recurring_billing | TRUE / FALSE | To enable Recurring functionality through Payment Pages, this must be set to TRUE |
| x_recurring_billing_id | Plan identifier | HCO Plan ID (retrievable by viewing a Recurring plan in the administrative interface) |
| x_recurring_billing_amount | Positive number | The amount that will be billed each time a Recurring payment is run |
| x_recurring_billing_start_date | YYYY-MM-DD | Optional; sets a custom start date for Recurring payments (otherwise it will be inherited from the Plan default) |
| x_recurring_billing_end_date | YYYY-MM-DD | Optional; sets a custom end date for Recurring payments (otherwise it will be inherited from the Plan default) |
The type of the transaction.
AUTH_CAPTURE is Purchase/Sale.
AUTH_ONLY known as Authorization/Pre-authorization. Amount must be greater than $0.00.
AUTH_TOKEN is a Pre-authorization transaction that returns a transaction tag which can be used by the API to perform additional transactions for that cardholder. Amount can be $0.00 or greater.
PURCHASE_TOKEN will capture funds and return a transaction tag which can be used by the API to perform additional transactions for that cardholder.
Note: There is no Interac preauthorization. An Interac payment with x_type of AUTH_ONLY will be processed as AUTH_CAPTURE.
Recurring Billing Fields
6.3 Order and Customer Detail Fields
The parameters below describe details about the order and the customer and all are optional. They are passed as received by Payment Pages via:
- Notification emails to the merchant about errors
- Relay Response / Silent Post / Receipt Link
| Order Information Fields | Explanation |
| x_cust_id | Not validated. Unique identifier for the customer associated with the transaction. Not displayed to the customer |
| x_invoice_num |
Merchant-assigned invoice number. Truncated to the first 20 characters and becomes part of the transaction. It appears in column “Ref Num” under Transaction Search and “TRANS. REF” in the CTR (customer transaction record). NOTE: this field may only contain the following special characters for Interac Online transactions, otherwise an error will be returned and the transasction will not be processed: #$.,-/=?@'. The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes). |
| x_customer_tax_id | Not validated. Tax ID of the customer. Not displayed to the customer. |
| x_line_item |
This parameter may occur several times (with different items). The item details are displayed on the Payment Pages payment form and receipt page for the customer's reference. Fields with this name contain itemized order information delimited by the three characters <|> The format is: Item ID<|>Item Name<|>Item Description<|>Item Quantity<|>Item Price<|>Item Taxable(YES/NO)<|> The size limit for Item ID, Item Name, Item Description, Item Quantity is 255 characters each. Additionally, the product of Item Quantity multiplied by Item Price must be in the range between -1,000,000,000 and 1,000,000,000 |
| x_po_num |
Purchase order number. Truncated to the first 20 characters and becomes part of the transaction. It appears in column “Customer Reference Number” under Transaction Search. It does not appear in the receipt. The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes). |
| x_description | Not validated. Description of the transaction. Not displayed to the customer. |
| x_reference_3 |
Additional reference data. Maximum length 30 and becomes part of the transaction. It appears in column "Reference Number 3" under Transaction Search. It does not appear in the receipt. The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes). |
| Customer Name and Billing Address Fields | |
| x_first_name | For billing address |
| x_last_name | For billing address |
| x_company | For billing address |
| x_address | For billing address |
| x_city | For billing address |
| x_state | For billing address |
| x_zip | For billing address |
| x_country | For billing address |
| x_phone | For billing address |
| x_fax | For billing address |
| Customer Shipping Address Fields | |
| x_ship_to_first_name | For shipping address |
| x_ship_to_last_name | For shipping address |
| x_ship_to_company | For shipping address |
| x_ship_to_address | For shipping address |
| x_ship_to_city | For shipping address |
| x_ship_to_state | For shipping address |
| x_ship_to_zip | For shipping address |
| x_ship_to_country | For shipping address |
| Additional Customer Data Field | |
| x_customer_ip | IP address of the customer. |
| x_email | Email address to which the customer's copy of the confirmation email is sent. No email will be sent if the email address does not meet standard email format checks. |
| Additional Amount Fields | |
| x_tax | Non-negative Number. The tax in dollars. |
| x_tax_exempt | TRUE / FALSE |
| x_freight | Non-negative Number. Freight charge in dollars. |
| x_duty | Non-negative Number. Duty in dollars. |
Merchant-assigned invoice number. Truncated to the first 20 characters and becomes part of the transaction. It appears in column “Ref Num” under Transaction Search and “TRANS. REF” in the CTR (customer transaction record).
NOTE: this field may only contain the following special characters for Interac Online transactions, otherwise an error will be returned and the transasction will not be processed: #$.,-/=?@'.
The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes).
This parameter may occur several times (with different items). The item details are displayed on the Payment Pages payment form and receipt page for the customer's reference.
Fields with this name contain itemized order information delimited by the three characters <|>
The format is:
Item ID<|>Item Name<|>Item Description<|>Item Quantity<|>Item Price<|>Item Taxable(YES/NO)<|>
The size limit for Item ID, Item Name, Item Description, Item Quantity is 255 characters each. Additionally, the product of Item Quantity multiplied by Item Price must be in the range between -1,000,000,000 and 1,000,000,000
Purchase order number. Truncated to the first 20 characters and becomes part of the transaction. It appears in column “Customer Reference Number” under Transaction Search. It does not appear in the receipt.
The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes).
Additional reference data. Maximum length 30 and becomes part of the transaction. It appears in column "Reference Number 3" under Transaction Search. It does not appear in the receipt.
The following characters will be stripped from this field: ; ` " / % as well as -- (2 consecutive dashes).
Notes on Additional Amount Fields: the x_tax, x_freight, x_duty amounts are for display within the order information and order confirmation emails only. Payment Pages perform no calculations with these numbers. They are passed back to the merchant with Relay Response, Silent Post, and Receipt Links.
6.4 Unsupported Fields and Unsupported Authorize.net Functionalities
The following fields and their corresponding Authorize.net functionality are not supported by Payment Pages:
| Field | Comment |
| x_header_html_payment_form | Ignored, not validated |
| x_footer_html_payment_form | Ignored, not validated |
| x_header_html_receipt | Ignored, not validated |
| x_footer_html_receipt | Ignored, not validated |
| x_bank_aba_code | Flagged as an error, if present and not “NO”. |
| x_bank_acct_type | Flagged as an error, if present and not “NO”. |
| x_bank_name | Flagged as an error, if present and not “NO”. |
| x_echeck_type | Flagged as an error, if present and not “NO”. |
| x_card_num | Flagged as an error, if present and not “NO”. |
| x_exp_date | Flagged as an error, if present and not “NO”. |
| x_card_code | Flagged as an error, if present and not “NO”. |
| x_trans_id | Flagged as an error, if present and not “NO”. |
| x_auth_code | Flagged as an error, if present and not “NO”. |
| x_authentication_indicator | Flagged as an error, if present and not “NO”. |
| x_cardholder_authentication_value | Flagged as an error, if present and not “NO”. |
| x_duplicate_window | Flagged as an error, if present and not “NO”. |
7 Google Analytics
Google Analytics is now available to all merchants using Hosted Checkout payment pages (HCO). Google Analytics can be used to generate metrics relating to your customers’ visits to checkout pages. To use Google Analytics merchants will first need to sign up for the service through Google; that can be done here: https://analytics.google.com/analytics/web/provision/
When sending a transaction request to E-xact, merchants can include the following parameters:
| x_ga_tracking_id |
| x_ga_tracking_id_2 |
| x_ga_link_domain |
| x_ga_link_domain_2 |
Simply pass the token(s) that Google provides as part of your standard request:
e.g. x_ga_tracking_id = UA-12345-67
The linker parameter can be sent in the same way:
e.g. x_ga_link_domain = https://example.ca
Note: You can view the Google Analytics script on your Payment Page by right clicking and selecting “View Source”, or “Inspect” (the code will appear at the bottom of the HTML body).
8 Relay Response
This method involves an HTTP request <-> response between E-xact and merchant server, at the end of which E-xact relays the response content to the customer. The steps are:
- E-xact makes an HTTP POST request containing the transaction results to the merchant server (see Section 10, "Transaction Result Fields" for details on the data that would be sent).
- The merchant server responds back with HTML content
- E-xact displays the response content to the customer
Step 1 allows the merchant to receive transaction results in real time, which can then be used to update databases, inventory, empty shopping carts, etc.
Step 2 lets the merchant return a customized receipt via the HTML response they return to E-xact.
The merchant server response should be in HTML format, and is passed on to the customer's browser for final display. If the merchant server response is not received within 25 seconds in Step 2, in Step 3 E-xact displays the standard transaction receipt to the customer. This is fallback behavior so it is important to note that E-xact is expecting a response from the merchant.
Any resources linked to on the target Relay Response page should use absolute URLs, otherwise they will not load.
The merchant is required by Interac to display the values of the two fields to the customer:
- exact_issname (Issuing Bank Name)
- exact_issconf (Issuing Bank Confirmation Number)
See Illustration 8: Customer Receipt for an Interac Online Payment.
No sensitive transaction related data is transmitted to the merchant server.
Usually the Relay Response step is only performed for successful transactions. However, if the customer's payment attempts fail three times a “Transaction Declined” message is posted to the merchant's server for Relay Response.
In order to trigger Relay Response, set the following parameters in the payment request:
| Field | Value | Description/Comment |
| x_relay_response | TRUE | Required for Relay Response. Case sensitive (FALSE is not allowed) |
| x_relay_url | Payment Pages Configuration | Optional. The URL to which the gateway posts the response. Validated with the value configured in the Payment Pages interface. If empty, the URL from the Payment Pages interface is used. |
9 Silent Post
This option is enabled by adding a “Silent Post URL” to the “Receipt Page” tab of the Payment Pages interface.
Silent Post performs the same Step 1 as Relay Response, sending the same transaction result fields. But in Step 2, the HTML content (if any) in the merchant server's response is ignored by E-xact, and the flow of action ends here.
Note: there is no guarantee of sequence - for example if both Silent Post and Relay Response are enabled, the merchant server cannot assume the data will always arrive first from Silent Post or vice versa.
10 Transaction Result Fields
There are four different categories of fields of which the first three are covered in the following tables:
- Standard Authorize.net “x_” parameters.
- E-xact Payment Pages Relay Response fields.
- Most of the response fields returned for the equivalent Transaction Processing API request.
- Most of the POST parameters from the initial request from the merchant's website to the Payment Pages payment form. This includes, x_login, x_amount etc.
10.1 Standard Authorize.net Fields
The fields below apply to both Interac Online payments and credit card payments.
| Field | Description | Explanation |
| x_response_code | Response code |
1 for “Approved” 2 for “Transaction was processed, but was not approved” 3 for “Transaction was not processed due to an error” |
| x_response_subcode | Response Subcode | Internal value. Future use. |
| x_response_reason_code | Response Reason Code | See table under Section 10.6 Response Reason Codes and Text, below. |
| x_response_reason_text | Response Reason Text | See table under Section 10.6 Response Reason Codes and Text, below. |
| x_auth_code | Approval Code | Authorization number of the transaction |
| x_trans_id | Transaction Id | Unique identifier, generated by E-xact Transactions. |
| x_MD5_Hash | MD5 Hash | MD5 hash, in hexadecimal, of the concatenation of these strings:
|
1 for “Approved”
2 for “Transaction was processed, but was not approved”
3 for “Transaction was not processed due to an error”
Typically happens in the case of a Non-Funded Interac Transaction or a cancelled Paypal Transaction
- Payment Page Configuration Relay Response Key
- x_login
- Transaction ID (field x_trans_id)
- Amount, two digits after the period ($100 is used as “100.00”)
10.2 Standard Authorize.net Fields (Credit Card Only)
The fields below do not apply to Interac Online payments and will be empty in this case.
| Field | Description | Explanation |
| x_avs_code | Address Verification Result Code | See table under Section 10.8Address Verification Result Codes |
| x_cvv2_resp_code | CVV2 Response Code | See table under Section 10.9CVV2 Verification Indicator Codes |
| x_cavv_response | CAVV Response Code | Not supported. Field is empty. |
10.3 E-xact Additional Fields
| Field | Description | Explanation |
| exact_wsp_version | WSP Protocol Version | Latest value 1.7 |
| exact_ctr | Receipt | E-xact generated Customer Transaction Record (CTR) |
| exact_issname | Issuer Name | The name of the customer's bank. The merchant is required by Interac to display this field to the customer. |
| exact_issconf | Issuer Confirmation Number | The confirmation number generated by the customer's bank. The merchant is required by Interac to display this field to the customer. |
The merchant is required by Interac to display this field to the customer. The merchant is required by Interac to display this field to the customer.
10.4 E-xact API Response Fields
The fields below apply to both Interac Online payments and credit card payments.
| Field | Description | Explanation/Details |
| Authorization_Num | Authorization number | The authorization number returned by the financial institution. |
| Bank_Message | Describes the Bank_Resp_code | Message provided by the financial institution. |
| Bank_Resp_code | 2 or 3 digit code | See table under Section 10.7, "Common Bank Response Codes". |
| Bank_Resp_code_2 | 2 digit code | A secondary response returned by the financial institution. |
| CardHoldersName | Customer's name | Up to 30 characters. This name will also appear under the Administration Console's "Transaction" tab. For Interac Online payments, this field is only useful if the merchant populates x_first_name and x_last_name in the redirect. |
| Client_Email | Email Address as provided by customer | (Not passed on to the financial institution.) |
| Customer_Ref | Merchant Defined | The value of x_po_num as passed in from the merchant's website |
| DollarAmount | The amount of the transaction | The amount of the transaction in dollars and cents. |
| Exact_Message | Message about the Processing status | Accompanies the Exact_Resp_code field |
| Exact_Resp_code | Processing Status | The processing status of the transaction. Please refer to this page for further information. The Transaction_Errorproperty will be “True” if this property is not “00”. |
| Language | Language of the CTR | 0 for English, 4 for French |
| MerchantAddress | Merchant's Address | This and the following Merchant fields are taken from E-xact's record of the merchant / account information provided during account provisioning. This information is also visible in RPM on the Home page. |
| MerchantCity | Merchant's City | See above |
| MerchantCountry | Merchant's Country | See above |
| MerchantName | Merchant's Account Name | See above |
| MerchantPostal | Merchant's Postal Code | See above |
| MerchantProvince | Merchant's Province | See above |
| MerchantURL | Merchant's URL | See above |
| Reference_No | Merchant Defined | The value of x_invoice_numas passed in from the merchant's website |
| SequenceNo | Sequence Number | Sequentially incremented number generated by E-xact and passed through to the financial institution |
| TransactionCardType | Payment Type |
The type of credit card, possible values are:
The values for Interac Online payments is:
|
| Transaction_Approved | Flag indicating transaction approval | Indicates that the bank approved a transaction and there are no pending errors. |
| Transaction_Error | Error flag | Indicates that there was an error during the processing of the transaction. Values are "true" or "false". |
| Transaction_Tag | Tag of the transaction | Identifier for the tagged transaction. Same values as x_trans_id. |
The type of credit card, possible values are:
- VISA
- MASTERCARD
- AMERICAN EXPRESS
- DINERS CLUB
- DISCOVER
- ENROUTE
- JCB
- HAMILTON FINANCIAL
- SEARS
- MAESTRO
- PAYPAL
- Unknown
The values for Interac Online payments is:
- Interac Online Debit
10.5 E-xact API Response Fields (Credit Card Only)
The fields below do not apply to and will be empty for Interac Online transactions.
| Field | Description | Explanation |
| AVS | Address Verification Result | See table under Section 10.8, "Address Verification Result Codes" |
| CAVV | Cardholder Authentication Verification Value | Value returned by the Access Control Server to indicate that a cardholder has been validated |
| CAVV_Algorithm | Method used to calculate CAVV | Sent in authorization request. |
| CAVV_Response | Validity of the CAVV value provided | Not supported |
| CVD_Presence_Ind | How the CVV2 value is handled | See table under Section 10.9, "CVV2 Verification Indicator Codes" |
| CVV2 | Authentication Code returned by the bank | See table under Section 10.10, "CVV2 Result Codes" |
| CardHoldersName | Customer's Name | Up to 30 characters |
| Card_Number | The credit card number | This value is masked |
| Retrieval_Ref_No | AVS related | The reference number returned with an AVS result |
| Secure_AuthRequired | 3-D Secure Field | Indicates the status of a 3-D Secure transaction. Used for internal audit. |
| Secure_AuthResult | 3-D Secure Field | Indicates the status of a 3-D Secure transaction. Used for internal audit. |
| ZipCode | Customer address field | Used for qualifying transactions. |
10.6 Response Reason Codes and Text
The fields below are the Response Reason Codes supported by Payment Pages.
| Response Reason Code | Response Reason Text |
| 1 | Transaction has been approved |
| 2 | Transaction has been declined |
| 3 | An error occurred while processing the transaction |
10.7 Common Bank Response Codes
The codes below appear in the field Bank_Resp_Code.
| Bank_Response_Code | Message |
| 000 | Approved |
| 200 | Authorization Declined |
| 218 | Request Denied |
| 292 | Banking Network Down Please Retry |
| 294 | Busy Please Retry |
| 297 | Error - Retry |
| 299 | Error - Retry |
10.8 Address Verification Result Codes
The values below occur in the fields AVS and x_avs_response.
| Value | Explanation |
| A | Address matches but ZIP/Postal code does not |
| B | Address not provided |
| E | AVS Error |
| G | Card issuer does not support AVS |
| N | No match on address and ZIP/Postal Code |
| P | AVS does not apply to the transaction |
| R | System unavailable - Retry |
| S | Card issuer does not support AVS |
| U | No address available |
| W | 9 digit ZIP/Postal Code match, address does not |
| X | Address and 9 digit ZIP/Postal Code match |
10.9 CVV2 Verification Indicator Codes
The values below occur in the field CVD_Presence_Ind. Note that if the value is not 0 the cardholder provides it.
| Value | Explanation |
| 0 | Not supported by processing terminal or card type |
| 1 | Value provided by cardholder |
| 2 | Cardholder states that value on card is illegible |
| 9 | Cardholder states that data is not available |
10.10 CVV2 Result Codes
The values below occur in the fields CVV2 and x_cvv2_resp_code.
| Value | Explanation |
| M | Match |
| N | No Match |
| P | Not Processed |
| S | Should have been provided |
| U | Issuer unable to process request |
Example Payment Forms
Below are a few examples of the form placed on the merchant's website that will redirect the customer to the payment form.
11.1 Basic Example
This basic example only specifies the Payment Page record to use, x_login, and the amount to charge, x_amount.
Note:
- Replace the value for x_login with a Payment Page ID of the merchant's account, and x_amount with the dollar amount payable by the customer.
- The method used to generate the sequence number x_fp_sequence is chosen by the merchant.
- x_fp_timestamp is the timestamp created when the form is generated. It is equal to the number of seconds since January 1, 1970 in UTC (Coordinated Universal Time).
- x_fp_hash is calculated as the HMAC-MD5 from the Transaction Key of the Payment Page with a given x_login and the string "x_login^x_fp_sequence^x_fp_timestamp^x_amount^" with the particular values replaced.
- x_show_form is always equal to “PAYMENT_FORM”.
11.2 Example Including Relay Response
This basic example enables relay response:
Only one additional parameter is added, compared to the example in Section 11.1:
Finally, the Payment Page corresponding to the x_login value needs to have the "Allow Relay Response" checkbox enabled and the "Relay Response URL" field completed in the "Receipt Page" section when viewing an individual Payment Page in the Payment Pages interface.
11.3 Resulting Payment Form
For the two examples in Sections 11.1 and 11.2 the payment form presented to the customer will appear as below. Colours and title may be customized. Whether the credit card, Interac, and PayPal forms appear is controlled by the Payment Page configuration.
11.4 Example with Order Details
The merchant has the option of specifying additional details regarding the customer’s order:
- Order Items including quantity and unit price.
- Shipping and handling charges
- Taxes
- Duties
These values are communicated to Payment Pages with the independent parameters x_line_item, x_freight, x_duty, and x_tax. For instance, the example below uses x_line_item, x_freight, and x_tax, but not x_duty:
Note:
- The x_line_item parameter may be repeated. Each occurrence corresponds to an item in the order. See Section 6.3, "Order and Customer Detail Fields" for the format.
- Adding order items is independent of triggering Relay Response.
For this example form, the resulting payment form will be presented as shown below:
12 Implementation and Testing Guide
If a merchant is not using an Authorize.net SIM compatible shopping cart package, some web development will be required. This Section deals with resources provided by E-xact that the merchant's web developer can utilize for implementation and testing.
12.1 Generation of the Checkout Form
The main Payment Pages interface, displayed after a Payment Page is configured, is reached via a checkout form on the merchant's website which posts to the Payment Pages URL at https://checkout.e-xact.com/payment. Section 11 lists some examples for the required HTML code.
12.1.1 Calculating the x_fp_hash value
One of the input fields to be calculated for each checkout form separately is the x_fp_hash value. This is because one of the inputs that this value depends on is a time stamp: a payment request with a time stamp which is 15 minutes or older will be rejected by Payment Pages.
The x_fp_hash calculation is performed using the HMAC-MD5 key (the Transaction Key from the Payment Page configuration) and the HMAC-MD5 message, or payload, as the concatenation of x_login, x_fp_sequence, x_fp_timestamp, x_amount, and (if used) x_currency_code – all separated by the ^ character (see also Section 6.1, "Essential Fields"). The value of the Transaction Key can be found within the “Security” tab of the Payment Page configuration as seen in the image below.
Note that even if the x_currency_code field is left empty, the payload for the hash calculation should end with the ^ character.
Example implementations of this calculation in many programming languages including PHP, Java, Python and Perl are available here.
For example, using the values in the table below:
| Field | Value |
| x_login | WSP-GOODS-70 |
| x_fp_sequence | 123454321 |
| x_fp_timestamp | 1228953556 |
| x_amount | 100.00 |
| Transaction Key | AL81Li7D4laXYDtpfgO_lInQ |
the resulting HMAC-MD5 is calculated with the payload of
WSP-GOODS-70^123454321^1228953556^100.00^
and has this value
2dba76cedb7847547fd964fc903e9f2c
Note that if the x_fp_hash value in the merchant's form is invalid, an error email is sent to the notification email address set in the "General" tab of Payment Page configuration:
This is a notification that a request for payment failed for the online store Merchant's Store Title.
An error page was displayed to the customer.Reply to this message or email support@e-xact.com if you have any questions.
The following error was found:
X fp hash Could not validate the integrity of the payment from the transaction key, x_fp_hash, x_fp_sequence, x_fp_timestamp, x_amount, and (optionally) x_currency_code values of the request.
The customer will see an error page and and be unable to complete the payment.
12.1.2 Testing the x_fp_hash calculation
The Payment Pages interface has a tool to test the merchant's implementation in the "Hash Calculator" Section. It allows merchants to inspect the hash calculated by Payment Pages with known inputs. This value can then be quickly and manually compared with the hash calculated on the merchant's side.
12.1.3 Tying the Payment to a Particular Order
The parameters x_invoice_num (Invoice Number) and x_po_num (Purchase Order Number) are optional fields designed to tie the payment to a particular order or invoice.
If, for example, the merchant offers a shopping cart on their website which the customer fills with items, the developer will find it convenient to derive a unique Invoice Number or Purchase Order Number from the shopping cart identifier in order to track payments for a customer's purchases.
The difference between the two fields is that x_invoice_num appears on the CTR whereas x_po_numdoes not.
Both are returned to the merchant's server with Relay Response and Silent Post.
Also, both fields are truncated to 20 characters. See details in Section 6.3, "Order and Customer Detail Fields".
12.2 Relay Response Implementation
When Relay Response is configured, an HTTP POST request is sent to the configured Relay Response URL. The applicable fields are documented under Section 8, "Relay Response".
12.2.1 Generated HTML
The response generated by the merchant's server to the Relay Response request is passed on to the customer's web browser without any changes. However as the page will still have an https://checkout.e-xact.com URL it is important to make all links to pages or images on the merchant's website absolute.
12.2.2 Customer Cookies
The merchant's website may be tracking the customer with a cookie. This cookie will not be part of the request sent from E-xact's servers to the merchant's server with the Relay Response request. However, the merchant may set a field in the initial request that has the same values as the merchant's cookies.
For example:
Here, two extra parameters, merchant_cookie_1 and merchant_cookie_2, have been added to the comparable Relay Response example from Section 11.2, "Example Including Relay Response". These values will then be sent with the Relay Response request, so that the merchant's server can identify the customer making the payment.
Caution should be used when adding extra parameters as in the above example to avoid existing parameter names. The full list of parameter names in use can be taken from a test request, or looked up in Section 8.
12.2.3 Relay Response Signature
The request generated by E-xact's servers is signed with a cryptographic hash. The name of the hashed field is x_MD5_Hash. It is calculated as the MD5 Hash of the concatenation of the strings:
- Payment Page Configuration Relay Response Key
- Value of x_login
- Transaction ID (value of x_trans_id)
- Amount, exactly two digits after the period ($100 is used as “100.00”)
Note: this calculation is not the same as for the x_fp_hash field.
For example, using the below values:
| Field | Value |
| Relay Response Key | abcdefgh12345 |
| x_login / Payment Page ID | WSP-EXAMPL-01 |
| Transaction ID (field x_trans_id) | 123456789 |
| Amount | 1.00 |
The MD5 calculation is performed for the string:
abcdefgh12345WSP-EXAMPL-011234567891.00
Resulting in:
0ae500c0cb7d78f9c26598d6456180dd
The key is configured under the "Security" tab of the Payment Pages interface.
12.2.4 Sample Relay Response POST
This section shows in detail what is sent to the merchant's server with a relay response HTTP POST request.
Most merchants will use https so that the POST is encrypted (not shown).
The sample POST is based on a credit card payment, sent to the hypothetical relay response URL (see the x_relay_url value):
https://yourwebsite.com/relay_response
POST /relay_response HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Date: Tue, 13 Jan 2009 16:01:41 GMT
Content-Length: 2585
Host: testmerchant.com
SequenceNo=435677&Language=1&Tax2Amount=&x_currency_code=CAD&x_ship_to_city=&x
_method=CC&EXact_Resp_Code=00&CardHoldersName=Susan+Testname&x_email=test
%40yahoo.com&Authorization_Num=ET141870&MerchantCountry=Canada&Reference_3=&x_
description=&x_amount=564.30&exact_ctr=%3D%3D%3D%3D%3D%3D%3D
%3D+TRANSACTION+RECORD+%3D%3D%3D%3D%3D%3D%3D%3D%0A%0AMerchant+Plug-
in+Test+Store%0A44+King+Street+West%0AVancouver%2C+BC+V6B+4X2%0ACanada
%0Awww.smwp.com%0ATYPE%3A+Purchase%0A%0AACCT%3A+Visa++%24564.30+CAD%0A
%0ACARD+HOLDER+%3A+Susan+Testname%0ACARD+NUMBER+%3A+%2A%2A%2A%2A%2A%2A%2A%2A
%2A%2A%2A%2A1111%0AEXPIRY+DATE+%3A+12%2F12%0ATRANS.+REF.+%3A+1234567%0ADATE
%2FTIME+++%3A+13+Jan+09+16%3A01%3A41%0AREFERENCE+%23+%3A+435677+305+M
%0AAUTHOR.%23++++%3A+ET141870%0A%0A++++Approved+-+Thank+You+000%0A%0A%0A%3D%3D
%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D%3D
%3D%3D%3D%3D%3D%3D%3D%3D
%0A&x_card_num=&Ecommerce_Flag=0&x_po_num=&x_city=Vancouver&x_response_reason_
text=Transaction+has+been+approved&MerchantName=Merchant+Plug-
in+Test+Store&Bank_Resp_Code_2=&Tax1Number=&x_ship_to_address=&x_type=AUTH_CAP
TURE&Transaction_Approved=YES&Card_Number=%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A%2A
%2A1111&x_duty=&x_fax=&x_relay_response=TRUE&exact_wsp_version=1.7&Customer_Re
f=&x_invoice_num=1234567&x_relay_url=http%3A%2F%2Ftestmerchant.com
%2Frelay_response&x_cavv_response=&CAVV_Response=0&Secure_AuthResult=0&x_addre
ss=555+A+Street&x_response_reason_code=1&x_show_form=PAYMENT_FORM&x_ship_to_co
untry=&Bank_Message=Approved&Tax1Amount=&x_version=3.1&x_ship_to_company=&Tran
saction_Error=false&exact_issconf=&x_test_request=TRUE&SurchargeAmount=0&x_tax
_exempt=&x_phone=&x_merchant_email=&MerchantProvince=BC&Reference_No=1234567&Z
ipCode=&x_trans_id=2150&x_last_name=Testname&x_cvv2_resp_code=&Retrieval_Ref_N
o=5669951&Secure_AuthRequired=0&x_zip=The+Zip&x_response_subcode=S&x_ship_to_z
ip=&Bank_Resp_Code=000&CVD_Presence_Ind=0&x_ship_to_last_name=&x_exp_date=&Cli
ent_Email=&exact_issname=&x_fp_sequence=123456&Transaction_Type=00&x_tax=127.2
6&x_company=&MerchantCity=Vancouver&CAVV_Algorithm=0&x_country=Canada&x_avs_co
de=&x_first_name=Susan&CVV2=&AVS=&Tax2Number=&x_ship_to_state=&x_response_code
=1&DollarAmount=564.30&TransactionCardType=VISA&EXact_Message=Transaction+Norm
al&Expiry_Date=1212&x_login=WSP-RELAY-
80&x_card_code=&Transaction_Tag=2150&x_ship_to_first_name=&MerchantPostal=V6B+
2K4&Client_IP=&x_freight=15.0&x_cust_id=&commit=Checkout&MerchantAddress=44+Ki
ng+Street+West&XID=&x_MD5_Hash=abfaf1d1df004e3c27d5d2e05929b529&x_state=BC&x_r
eference_3=&x_auth_code=ET141870&x_fp_timestamp=1231877695
The values of the above HTTP POST are listed in the table below:
| Key | Value |
| SequenceNo | 435677 |
| Language | 1 |
| Tax2Amount | |
| x_currency_code | CAD |
| x_ship_to_city | |
| x_method | CC |
| EXact_Resp_Code | 0 |
| CardHoldersName | Susan Testname |
| x_email | test@yahoo.com |
| Authorization_Num | ET141870 |
| MerchantCountry | Canada |
| Reference_3 | |
| x_description | |
| x_amount | 5643 |
| exact_ctr | "======== TRANSACTION RECORD ========\r\n\r\nMerchant Plug-inTest Store\r\n44 King Street West\r\n Vancouver, BC V6B 4X2\r\nCanada\r\nwww.smwp.com\r\nTYPE: Purchase \r\n\r\nACCT: Visa $564.30 CAD\r\n\r \nCARD HOLDER : Susan Testname\r \nCARD NUMBER : ************1111 \r\nEXPIRY DATE : 12/12\r\nTRANS.REF. : 1234567\r\nDATE/TIME : 13Jan 09 16:01:41\r\nREFERENCE # :435677 305 M\r\nAUTHOR.# :ET141870\r\n\r\n Approved -Thank You 000\r\n\r\n\r\n========================= ===========" |
| x_card_num | |
| Ecommerce_Flag | 0 |
| x_po_num | |
| x_city | Vancouver |
| x_response_reason_text | Transaction has been approved |
| MerchantName | Merchant Plug-In Test Store |
| Bank_Resp_Code_2 | |
| Tax1Number | |
| x_ship_to_address | |
| x_type | AUTH_CAPTURE |
| Transaction_Approved | YES |
| Card_Number | ************1111 |
| x_duty | |
| x_fax | |
| x_relay_response | |
| exact_wsp_version | 1.7 |
| Customer_Ref | |
| x_invoice_num | 1234567 |
| x_relay_url | http://testmerchant.com/relay_response |
| x_cavv_response | |
| CAVV_Response | 0 |
| Secure_AuthResult | 0 |
| x_address | 555 A Street |
| x_response_reason_code | 1 |
| x_show_form | PAYMENT_FORM |
| x_ship_to_country | |
| Bank_Message | Approved |
| Tax1Amount | |
| x_version | 3.1 |
| x_ship_to_company | |
| Transaction_Error | FALSE |
| exact_issconf | |
| x_test_request | TRUE |
| SurchargeAmount | 0 |
| x_tax_exempt | |
| x_phone | |
| x_merchant_email | |
| MerchantProvince | BC |
| Reference_No | 1234567 |
| ZipCode | |
| x_trans_id | 2150 |
| x_last_name | Testname |
| x_cvv2_resp_code | |
| Retrieval_Ref_no | 5669951 |
| Secure_AuthRequired | 0 |
| x_zip | The zip code |
| x_response_subcode | S |
| x_ship_to_zip | |
| Bank_Resp_Code | 0 |
| CVD_Presence_Ind | 0 |
| x_ship_to_last_name | |
| x_exp_date | |
| Client_Email | |
| exact_issname | |
| x_fp_sequence | 123456 |
| Transaction_Type | 0 |
| x_tax | 127.26 |
| x_company | |
| MerchantCity | Vancouver |
| CAVV_Algorithm | 0 |
| x_country | Canada |
| x_avs_code | |
| x_first_name | Susan |
| CVV2 | |
| AVS | |
| Tax2Number | |
| x_reference_3 | |
| x_ship_to_state | |
| x_response_code | 1 |
| DollarAmount | 5643 |
| TransactionCardType | VISA |
| EXact_Message | Transaction Normal |
| Expiry_Date | 1212 |
| x_login | WSP-RELAY-80 |
| x_card_code | |
| Transaction_Tag | 2150 |
| x_ship_to_first_name | |
| MerchantPostal | V6B 2K4 |
| Client_IP | |
| x_freight | 15 |
| x_cust_id | |
| commit | Checkout |
| MerchantAddress | 44 King Street West |
| XID | |
| x_MD5_Hash | abfaf1d1df004e3c27d5d2e05929b529 |
| x_state | BC |
| x_auth_code | ET141870 |
| x_fp_timestamp | 1231877695 |
12.2.5 Relay Response Sample Code
To the merchant's server, the Relay Response POST looks just like an ordinary form post, where a user fills out a web form, and the web server processes the posted parameters then responds with HTML. Except with Relay Response, there is no form that was filled out.
There are also two other differences:
- URLs occurring in the HTML that is returned should be absolute, since the page will be shown under a https://checkout.e-xact.com URL and not the merchant's.
- The merchant does not have normal access to the payer's cookies, since the Payment Pages server does not have them either, and cannot send them along as cookies. However, Section 12.2.2, "Customer Cookies", shows how to handle this.
Here is a simple example in JSP that covers the scenario of a successful transaction:
Some more samples can be found in the Code Integration Samples area which demonstrate:
- How the parameters related to the state of the transaction are evaluated:
- x_response_code
- x_response_reason_text
- exact_ctr
- exact_issname (Interac Online payments only)
- exact_issconf (Interac Online payments only)
- How to use parameters sent with the original redirect from the merchant's website to the Payment Pages payment form.