Implementing DataCash 3DSecure in C#

萝らか妹 提交于 2019-12-03 04:03:49

I'd tried to get one of the guys I work with to post something here, as he's acutally written this for one of our clients, but I'll take you through what I understand the process to be.

Basically once you have performed whatever pre-validation requests you perform (with the DataCash binary files for example), you then submit the payment request to DataCash using the DataCash agent to send the payment request.

If you've got 3D Secure set up on your DataCash account, and you've sent through the fields to say this transaction can happen with 3DS you'll probably get a status code returned of 150:

<?xml version="1.0" encoding="UTF-8"?>
<Response>
  <CardTxn>
    <card_scheme>...</card_scheme>
    <country>...</country>
    <issuer>...</issuer>
    <ThreeDSecure>
      <acs_url>...</acs_url>
      <pareq_message>...</pareq_message>
    </ThreeDSecure>
  </CardTxn>
  <datacash_reference>...</datacash_reference>
  <merchantreference>...</merchantreference>
  <mode>TEST</mode>
  <reason>3DS Payer Verification Required</reason>
  <status>150</status>
  <time>...</time>
</Response>

Along with the ThreeDSecure block in the CardTxn element.

You then need to take the acs_url and pareq_message, and use these to submit a request to the cards issueing bank for authorisation.

This usually takes the form of a self-submitting JavaScript form, that could post into an IFrame:

<!-- Action comes from acs_url returned by DataCash -->
<form method="post" 
      target="3dAuthFrame"
      action="https://testserver.datacash.com/acs">
  <!-- Value comes from pareq_message returned by DataCash -->
  <input value="[...]"
         name="PaReq"
         type="hidden" />
  <!-- Value is a merchant specified identifier that is dislayed to the user -->
  <input value="[...]"
         name="MD" 
         type="hidden" />
  <!-- Value is a public URL that the 3D Secure server will post back to -->
  <input type="hidden" 
         name="TermUrl" 
         value="[...]"/>
  <p>
    If you do not see your card issuer's instructions, below, please click 
    <input value="Continue" name="TDAction" type="submit" />
  </p>
  <iframe style="width:100%;height:400px" 
          src="javascript:''"
          name="3dAuthFrame"></iframe>
  <script type="text/javascript">
    document.forms[0].elements.TDAction.click();
    document.forms[0].elements.TDAction.disabled=true;</script>
</form>

The page at TermUrl will then recieve a call from the 3D secure servers, with Form fields "PaRes" and "MD" (i.e. the response from the issueing bank, and the reference you supplied earlier).

You then submit these authorization details back to DataCash as a Historical transaction to complete the payment.

Details around this can be found in section D.4. 3-D Secure, with DataCash MPI in the Developers Guide, and on this page (may require login).

If you require more details, let me know, and I'll try and get some more detail here.

I've written an article on this now... http://www.alexjamesbrown.com/blog/development/implementing-datacash-3d-secure-with-asp-net/

Hope this helps people who stumble on this from Google....

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!