Frequently Asked Questions

This Agreement was last modified on 18th february 2016

FAQ Second Version

Invalid Merchant Details

The merchant details entered are not correct. To verify the merchant details
please follow the steps below:

1. Login to the MMS.
2. Click “Account Admin”.
3. Click “Gateway Account Admin”
4. Un-tick the “No external systems will use this account ” option
5. You need to ensure that the correct gateway Merchant ID and
Password is being used eg.Gateway MerchantID: (PAYMEN-1234567),
Password: (Payment123.[numbers and letters only]

Security Warning: Hash Digest Does Not Match

The Hash Digest error means that the information that was received by the
payment gateway, is not the expected information. Please check the below
information have been entered correctly and match the information it the
payment gateway in the first instance. If the below are correctly please check
server / site logs for information on the error and reach out to
online@payzone.co.uk and advise the error you are receiving and any relevant
logs.

• Merchant ID
• Merchant password
• Pre shared key
• Hash method

Hash digest does not match

The information that was received by the payment gateway, is not the
expected information. Please check the below information have been entered
correctly and match the information it the payment gateway in the first
instance. If the below are correctly please check server / site logs for
information on the error and reach out to online@payzone.co.uk and advise
the error you are receiving and any relevant logs.

• Merchant ID
• Merchant password
• Pre shared key
• Hash method

Merchant Doesn’t Exist

The Gateway Merchant ID being used is not correct. Please ensure you are
using the Gateway Merchant ID and not the MerchantID used for logging into
the Merchant Management System.
The Gateway Merchant ID format is PAYMEN-1234567.

What is the payment processor domain?

The payment processor domain for mactech is mactechonlinepayments.com

Where do I find my pre shared key?

Finding the PreSharedKey is simple please follow the steps below:

1. Login to the MMS.
2. Click “Account Admin”.
3. Click “Account Settings”
4. (The PreSharedKey is located at the top of the Page, Directly under
that is the Hash Method).

Where do I find my secret key?

The secret key is only known by your system and is not available in the MMS,
you can create this as any alpha-numeric string.

Where do I find my Merchant ID?

Your Gateway/Merchant ID is your ID to access the MMS and process
payments, this is in the format “first_six_letters_of_the_company_name”
“hyphen” “seven_numerics” eg. TESTPS-1234567.

To locate your merchant ID please follow the below steps:

1. Login to the MMS
2. Click “Account Admin”
3. Click “Gateway Account Admin”
4. In the “Gateway Account:” the Merchant ID is the first part (before
the square brackets section, in the format above

Where do I find my merchant password?

Gateway Password (test accounts this is emailed to you when you confirm
your email address. Live you would have set this using the link from within
the Production account email when you went live).

You can also reset your Merchant Password by following the steps below:

1. Login to the MMS as the “Merchant Super User”
2. Click “Account Admin”
3. Click “Gateway Account Admin”
4. Select the “Gateway Account” you wish to change the password for
5. Enter a new password in the “New Gateway Account Password” field
6. Confirm password in “Confirm New Gateway Account Password”
7. Click “Immediately Expire Old Password”
8. Click “Change Password”

Please note: Each gateway account has a separate password and will need to be reset individually.

How can I change / reset my Gateway / Merchant Password?

You can reset your Merchant Password by following the steps below:

1. Login to the MMS as the “Merchant Super User”
2. Click “Account Admin”
3. Click “Gateway Account Admin”
4. Select the “Gateway Account” you wish to change the password for
5. Enter the new password in the “New Gateway Account Password”
field
6. Confirm the new password in the “Confirm New Gateway Account
Password” field
7. Click “Immediately Expire Old Password”
8. Click “Change Password”

Please note: Each gateway account has a separate password and will need to be reset individually.

Which merchant ID / gateway account should I use?

Please ensure you use the [Test Account] initially in all scenarios, once you
have successfully tested the transactions you can use the [ECOM] account for
your online payments.

Where do I find the hash method?

You can find / change your hash method by:

1. Login to the MMS as the “Merchant Super User”
2. Click “Account Admin”
3. Click “Account Settings”
4. Change the “Hash Method” to your preferred hash method

Please note: you will need to ensure you change the hash method in the plugin options as well to ensure that the hash matches.

Variable Input Error

Please check the below information have been entered correctly and match
the information it the payment gateway in the first instance. If the below are
correctly please check server / site logs for information on the error and reach
out to online@payzone.co.uk and advise the error you are receiving and any
relevant logs.

• Merchant ID
• Merchant password
• Pre shared key
• Hash method

Could Not Communicate With Payment Gateway

If you are using Direct API method then please check the below information is
correct, if you are using Hosted or Transparent please reach out to
online@payzone.co.uk and advise the error you are receiving and any relevant
logs.

• Outbound port 4430 is open for communication
• Merchant ID
• Merchant password
• Pre shared key
• Hash method
• Ensure no special characters are being passed unescaped in the form

Error 500

If you are using Direct API method then please check the below information is
correct, if you are using Hosted or Transparent please reach out to
online@payzone.co.uk and advise the error you are receiving and any relevant
logs.

• Outbound port 4430 is open for communication
• Merchant ID
• Merchant password
• Pre shared key
• Hash method
• Ensure no special characters are being passed unescaped in the form

Page Timing Out

If you are using Direct API method then please check the below information is
correct, if you are using Hosted or Transparent please reach out to
online@payzone.co.uk and advise the error you are receiving and any relevant
logs.

• Outbound port 4430 is open for communication
• Merchant ID
• Merchant password
• Pre shared key
• Hash method
• Ensure no special characters are being passed unescaped in the form

Invalid Card Details

Incorrect card details have been submitted by the customer, please check the
information that is being sent in the payment request or reach out to
online@payzone.co.uk

Why are transactions are failing with no error message?

Please check that the amounts are over the £1.00 minimum, if this does not
resolve the issue online@payzone.co.uk including any relevant server/error
logs.

What are the differences between the result delivery methods?

For the Hosted Payment Form method, Merchant’s systems need to know the
result for each completed transaction. The Server Result Methods determine
how the transaction results are delivered back to the merchants system. They
all have their own reasons to choose/not choose them. This is a decision that
the merchant must make. Below is some information to help decide which
method is most suited. Once decided, there is a section in this document for
each of the methods to explain the implementation and its requirements in
more detail.

POST
Choosing the POST method will deliver the full results via the customer’s
browser as a form post back to the CallbackURL. This is usually the least
difficult method to implement. The downside is, if the CallbackURL does not
begin with HTTPS (notice the significance of the S), then the connection is not
secure. If that is the case, most modern browsers throw a security warning to
the customer explaining that sensitive information is being passed over to an
insecure connection. We do not send sensitive information back, but the
browsers are trying to safeguard the customer. As a result, we show the
customer a dialog informing them of the reason why they are about to see a
security warning and how to handle it. The next two Server Result Methods
exchange the transaction results directing with the merchants system and the
payment page (removing the customer’s browser from the process).

SERVER_PULL
When chosen, the results are PULLED FROM the payment form by the
merchant’s system AFTER the customer has been redirected back to the
website. This has the advantage of getting around the modern security
warning if you’re not using HTTPS (Secure Connection). Its downside, it is not
necessarily the easiest of the methods to implement.

What are the differences between the integration methods?

Hosted Payment Form

We can provide a secure payment form which the customer is redirected to
during the checkout process. They will complete the order on our system and
then be redirected back to the merchant’s system with the results of the
transaction. Our system allows this payment form to be completely re-skinned
so that it closely matches the merchant’s own branding. This method is
generally used by merchants who are using a shopping cart that does not support the Direct/API integration method, merchants who cannot host secure
(HTTPS) pages or merchants who would like to completely outsource the
payment process of their website – usually for PCI compliance reasons. Please
review the Result Delivery Methods section below for information on the
different result delivery methods.

Difficulty: Easy – This integration uses the users browser as a data relay, for the
payment request. There are some additional steps required to securely transmit the
data to/from the payment gateway, as well as handling the response.

Direct/API Integration

Direct/API processing allows merchants to keep their customers on their site
throughout the entire checkout process. This provides a much smoother
checkout experience, and keeps the details of the underlying payment
processor completely hidden from the customers. The API for this method
exposes the full functionality of the payment system. This method requires
the merchant’s system to be able to serve out HTTPS pages, which will require
them to have a valid certificate.

Difficulty: Intermediate – This integration method is the simple to implement, as well
as giving you the most control of the transaction process, however this method
requires that port 4430 be open outbound on your server (hosting providers will be
able to support)

Transparent Redirect

The Transparent Redirect method allows the merchant’s system to appear to
keep the customer on their own system during the checkout process, but the
card details don’t actually touch the merchant’s system – they get posted
directly across to the payment system. This approximates the appearance and
experience of the Direct/API method, but it has the same compliancy
requirements as the Hosted Payment Form method. This method requires the
merchant’s system to be able to serve out HTTPS pages, which will require
them to have a valid certificate.

Difficulty: Hard – This integration uses the users browser as a data relay, there are
some additional steps required to securely transmit the data to/from the payment
gateway, as well as handling the response. These additional steps add complexity to
the integration.

Do I need any ports open to use this payment gateway?

If you are using the Direct API integration method, then port 4430 outbound
will need to be open for communication, for Hosted Form and Transparent
Redirect – there is no requirement for non standard ports to be open.

What is the difference between PREAUTH and SALE transaction types?

PREAUTH

You request an authorisation when a customer makes a purchase. An
authorisation, provided by the customer’s card issuing bank, confirms the
cardholder’s ability to pay, ensuring that the customer’s credit card account is in good standing with sufficient funds to complete the purchase. The funds
will need to be collected/capture as part of a linked transaction to receive the
funds.

SALE

A sale combines the authorisation and capture process in one transaction.
Credit card associations require that you submit a sale transaction request
only when you fulfil an order immediately. For example, when selling an item
over the counter in a retail store. Transactions that include physical shipments
are not fulfilled until shipment, usually sometime after the customer
‘purchases’ the product, and so would not qualify as a sales transaction.

What information do I need to set up my integration?

You need to have a test merchant account set up at https://
mms.payzoneonlinepayments.com/pages/publicpages/registermerchant.aspx ,
you will receive an email with your details on, you can also locate these
details in the MMS.

• Merchant ID – this can be found in the MMS under Account Admin ->
Gateway Account Admin
• Merchant Password – this can be reset in the MMS under Account
Admin -> Gateway Account Admin
• Pre Shared Key – this can be found in the MMS under Account Admin –
> Account Settings
• Hash method – this can be found in the MMS under Account Admin ->
Account Settings

The form was not skinned because the variable MerchantID was not submitted, or invalid

The Merchant ID has not been sent to the payment page, please check the
information that is being sent in the payment request.

Required tag (PaymentMessage.CardDetails.CardNumber) is missing

Card number has not been submitted, please check the information that is
being sent in the payment request.

Required tag (PaymentMessage.CardDetails.ExpiryDate) is missing

Card expiry date has not been submitted, please check the information that is
being sent in the payment request.

Required tag (PaymentMessage.CardDetails.ExpiryDate) is missing

Card expiry date has not been submitted, please check the information that is
being sent in the payment request.

Required tag (PaymentMessage.CardDetails) is missing

No card details have been submitted, please check the information that is
being sent in the payment request.

Required Variable: Amount is missing

The Amount variable was not sent to the payment request. Please check the
form variables being sent to the payment form. This may also be caused by
spelling mistakes.

Required Variable: CallbackURL is missing

The CallbackURL variable was not sent to the payment request. Please check
the form variables being sent to the payment form. This may also be caused
by spelling mistakes.

Required Variable: CardName is missing

The CardName variable was not sent to the payment page. Please check the
form variables being sent to the payment page. This may also be caused by
spelling mistakes.

Required Variable: CardNumber is missing

The CardNumber variable was not sent to the payment page. Please check the
form variables being sent to the payment page. This may also be caused by
spelling mistakes.

Required Variable: ExpiryDateMonth is missing

The ExpiryDateMonth variable was not sent to the payment page. Please
check the form variables being sent to the payment page. This may also be
caused by spelling mistakes.

Required Variable: ExpiryDateYear is missing

The ExpiryDateYear variable was not send to the payment page. Please check
the form variables being send to the payment page. This may also be caused
by spelling mistakes.

Required Variable: HashDigest is missing

The HashDigest variable was not sent to the payment request. Please check
the form variables being sent to the payment page. This may also be caused
by spelling mistakes.

Required Variable: MerchantID is missing

The MerchantID variable was not sent to the payment request. Please check
the form variables being sent to the payment form. This may also be caused
by spelling mistakes.

Required Variable: OrderID is missing

The OrderID variable was not sent to the payment request. Please check the
form variables being send sent the payment form. This may also be caused by
spelling mistakes.

Required Variable: TransactionDateTime is missing

The TransactionDateTime variable was not sent to the payment request.
Please check the form variables being sent to the payment form. This may
also be caused by spelling mistakes.

Required Variable: TransactionType is missing

The TransactionType variable was not sent to the payment request. Please
check the form variables being sent to the payment form. This may also be
caused by spelling mistakes.

Required Variable: CurrencyCode is missing

The CurrencyCode variable was not sent to the payment request. Please check
the form variables being sent to the payment form. This may also be caused
by spelling mistakes.

Passed variable PostCodeMandatory [###] is type invalid

The PostCodeMandatory variable only accepts boolean values as strings (true
or false)

Passed variable EchoThreeDSecureAuthenticationCheckResult [###] is type invalid

The EchoThreeDSecureAuthenticationCheckResult variable only accepts
boolean values as strings (true or false)

Passed variable TransactionType [####] is type invalid

The TransactionType variable only accepts SALE and POST values, please
check and amend.

Passed variable TransactionDateTime [#####] is type invalid

The TransactionDateTime variable requires the date to be in the format
(2017-12-31 23:59:15 +01:00 / date(‘Y-m-d H:i:s P’))

Passed variable StateMandatory [###] is type invalid

The StateMandatory variable only accepts boolean values as strings (true or
false)

Passed variable CV2Mandatory [###] is type invalid

The CV2Mandatory variable only accepts boolean values as strings (true or
false)

Passed variable EchoAVSCheckResult [###] is type invalid

The EchoAVSCheckResult variable only accepts boolean values as strings (true
or false)

Passed variable EchoCardType [###] is type invalid

The EchoCardType variable only accepts boolean values as strings (true or
false)

Passed variable EchoCV2CheckResult [###] is type invalid

The EchoCV2CheckResult variable only accepts boolean values as strings (true
or false)

Passed variable City1Mandatory [###] is type invalid

The City1Mandatory variable only accepts boolean values as strings (true or
false)

Passed variable CountryMandatory [###] is type invalid

The CountryMandatory variable only accepts boolean values as strings (true
or false)

Passed variable CurrencyCode [####] is type invalid

The CurrencyCode variable has been sent in an incorrect format, the
CurrencyCode variable expects the 3 digit numeric ISO code. For example,
United Kingdom would be passed to the CurrencyCode variable as 826.

Passed variable Amount [####] is type invalid

The Amount variable has been sent in an incorrect format, the Amount
variable expects minor currency without decimal places. For example £25.63
would be passed as 2563 in the Amount variable.

Passed variable Address1Mandatory [###] is type invalid

The Address1Mandatory variable only accepts boolean values as strings (true
or false)

Please DO NOT use [CHARACTER] character in the form variable: {VARIABLE}

The {VARIABLE} variable does not accept the [CHARACTER] character in the
form input.

What is the MMS?

The MMS is the Merchant Management System and can be accessed at
https://mms.payzoneonlinepayments.com/

How do I enable transaction emails?

Account Admin ->Account Settings, tick the ‘Transaction Email Enabled’ and
select the email audience in the “Transaction Email Recipient” dropdown.

1. Login to the MMS.
2. Click “Account Admin”.
3. Click “Account Settings””.
4. Tick the “Transaction Email Enabled’ tick box
5. Select the email audience in the “Transaction Email Recipient”
dropdown
6. Click “Submit settings”

Please note: These emails will be delivered in addition to any emails generated by your shopping cart / e-commerce site.

How do I process a refund in the MMS?

Process a Refund by following the steps below:

1. Login to the MMS as the Merchant Super User.
2. Click “Transaction Reporting”.
3. Click “Transaction History”.
4. Find and Select the transaction you wish to refund.
5. Click the “RED Arrow Icon” located at the top left of the window
under the PayZone logo.
6. Check the details for the refund and amend where necessary.
7. Click “Submit For Processing”. (If successful a gateway response will
be displayed with “Refund successful”).
8. Click “Return to transaction history” and the refund will be listed.

How do I create a new user in the MMS?

To create a new user:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Enter a “UserName”.
5. Enter the new users “Email Address”.
6. Select the “User Type” (Merchant Super User, Developer, Merchant
Administrator, Basic User, Restricted Basic User or Merchant Viewer)
for the new user.
7. Click “Create User”.

How do I create a test account?

To create a test account visit https://mms.payzoneonlinepayments.com/
pages/publicpages/registermerchant.aspx, you will then have the below
information which is required for all integrations to connect to your test
merchant account.

• Merchant ID
• Merchant password
• Pre shared key
• Hash method

How do I delete a user in the MMS?

To delete a user:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Click the “RED cross” icon for the user you wish to delete.

How do I edit a users account status in the MMS?

To edit a user’s Account Status:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Click the icon on the left of the RED cross.
5. Set the “Status” (Active, Locked or Disabled) for the user.
6. Click the “GREEN Tick” to accept changes.

My MMS account is disabled, how do I enable my account?

There is a problem with your account and your account has been disabled by
Mactech. Please contact online@payzone.co.uk

My MMS account is locked, , how do I unlock my account?

This occurs when you enter your password incorrectly 3 times.
If you are not the “Merchant Super User” please contact the “Merchant Super
User” to have your Password and Security Question reset.
If you are the “Merchant Super User” you will need to contact
online@payzone.co.uk to have your Password and Security Question reset.

How do I edit a users role in the MMS?

To edit a user’s role:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Click the icon on the left of the RED cross.
5. Set the “User Type” (Merchant Super User, Developer, Merchant
Administrator, Basic User, Restricted Basic User or Merchant Viewer)
for the user.
6. Click the “GREEN Tick” to accept changes.

How do I reset a users security question in the MMS?

To reset a users password:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Click the icon ‘Password Reset Icon’ located on the navigation bar
under the word Payments for the user in question.

How do I reset a users password in the MMS?

To reset a users password:

1. Login to the MMS as the Merchant Super User.
2. Click “Account Admin”.
3. Click “User Admin”.
4. Click the icon to the right of the “RED cross” for the user in question.

ERROR 1246 or 1247 or 1248 or 1299

Unable to log you in to the the MMS due to Invalid login details please check
your details and try again. If the error persists please attempt to reset your
password and login with the new details.

ERROR 1249

The IP address of the device you are using is not permitted to access the the
MMS. Please close the browser and try again or try another device. If the
issue persists then please email online@payzone.co.uk

The Serialised Data Is Invalid

Please perform a hard refresh on your browser by holding ctrl and tap F5 then
attempt to login.

What do the response status codes mean?

The Payzone gateway sends a numeric status code back for all transactions,
each number defines a different outcome for the transactions

• 0 – Payment successful
• 3 – 3D secure authentication requested
• 4 – Payment referred
• 5 – Payment rejected
• 20 – Duplicate Transaction identified
• 30 – Unknown error occurred

Card declined: AVS+CV2 policy

The billing address the customer entered does not match the billing address
held by their bank & the CV2 for the card that the customer was using for the
transaction was incorrect. The CV2 is found on the back of the card, and the
AVS Policy looks at the numerical values of Address line 1 and the PostCode.

Card declined: AVS policy

The billing address the customer entered does not match the billing address
held by their bank.
The AVS Policy looks at the numerical values of Address line 1 and the
PostCode.

Card declined

This can be caused by 3 main reasons:

• The customers bank has blocked the card
• The customers bank has declined the transaction
• There are not enough funds available in the account. For both of these
situations the customer should contact their bank

Card declined: CV2 policy

This means that the CV2 for the card that the customer was using for the
transaction was incorrect. The CV2 is found on the back of the card.

3DS invalid

There has been an issue with the 3D Secure set-up on your account. Please
contact online@payzone.co.uk

3D Secure Status: Not Submitted

3D Secure is not active on your account. If you have received an email
regarding 3D Secure setup yet the message is still displayed please check it is
enabled within the Merchant Management System.

3D Secure Status: Not Enrolled

The customers bank have not forced them to enrol their card for 3D Secure.

Error 30 Variable Input Error

Please check the below information have been entered correctly and match
the information it the payment gateway in the first instance. If the below are
correctly please check server / site logs for information on the error and reach
out to online@payzone.co.uk and advise the error you are receiving and any
relevant logs.

• Merchant ID
• Merchant password
• Pre shared key
• Hash method

Invalid Transaction

There was an issue processing the transaction. Please ask the card holder to
contact their card issuer for further information.

Issuer Authentication Expired

These messages appear 2 hours after the transaction was initially carried out.
The reason for these issues are due to customers not completing 3D Secure
when prompted or the PaRES not being returned to the gateway after 3DS
has been completed.

Refund Successful

This means that a refund has been processed successfully.

3D Secure Status: Attempted

This is sent by the customers banks ACS (3DS Verification page) page. It
means that 3D Secure was attempted but could not be completed. This could
be due to a time out on the banks side or an issue with the customers banks
verification system. The ACS sends back the PaRES (Payment Authorisation
Result) with the status set as “A” instead of “Y”

Card Referred

This is rare but means that the customers bank was unable to authorise the
transaction. The customer will need to contact their card issuer and request
that they allow the transaction to go ahead.

FAILED (Card declined: [2:Error] Expected PARes node: got ‘Error’ )

This is displayed when the OrderID or OrderDescription exceeds 125 chars for
3D Secure transactions. This is a limit with the 3D Secure system.

Invalid Client Pass

This is an issue with your gateway account set-up. Please contact
online@payzone.co.uk

3D Secure Status: Failed

This means that the customer failed the 3D Secure check for their card.

3D Secure Status: Passed

This means that the customer successfully completed the 3D Secure check on
their card.

FAILED (No ecomm tids for visa delta (“currency code”))

Your account is not set up to accept this card type and currency. Please
contact online@payzone.co.uk

AuthCode: xxxxxxxx

This represents a successful transaction.

3D Secure Status: Unknown

This normally occurs if the customer does not complete the 3D Secure.

CV2 Mandatory

This message occurs when trying to run a recurring/scheduled CrossReference
Transaction through a standard merchant account. Please ensure these
transactions are run through a recurring merchant account.
If you require a recurring account please contact online@payzone.co.uk

No Free Tids

This means that the gateway was busy at the time of the transaction. Please
wait a few minutes and attempt the transaction again.