Virtual - Hosted Payment Pages

This is a popular solution mainly due to the ease of integration into the solution and the high level of Security that it provides to merchants.

Introduction to Virtual

The Virtual Payment Solution makes use of Wirecard's hosted payment page. This is a popular solution mainly due to the ease of integration into the solution and the high level of Security that it provides to merchants.

The Virtual Solution also has the ability to be customized to such an extent that your client would feel as though they are on your website while making payment, ensuring peace-of-mind throughout the entire checkout process.

The Virtual solution offers the ability for a merchant to customise the logo, colours and details displayed on the payment page so that the cardholder does not feel that they are leaving the merchants website. The Virtual Payment Page is operating behind TLS (Transport Layer Security) security protocol and all information that is captured on the payment page is encrypted using 128-bit encryption ensuring that your client's credit card details are kept safe.

Virtual Features

Virtual Payment Process

One of the main benefits of utilising the Virtual Solution is the simplicity in which to integrate it into your online website. It requires less development work than other Wirecard Solutions and security measures are already incorporated by Wirecard.

Virtual allows the merchant to utilize the Wirecard payment webpage. This means that your clients will be directed to Wirecard's Payment Page where they will enter their credit card details in order for the transaction to be completed. The payment information which Wirecard requires is posted to Wirecard via a form POST. This POST can be done in any language that supports this method.

Virtual Payment Process

Illustration: Virtual Payment Process

Step 1 – Cardholder makes purchase from merchant's website.
Step 2 – Merchant creates form post to Virtual payment page.
Step 3 – Wirecard processes the transaction to the merchant Bank.
Step 4 – The merchant bank processes the transaction and returns a successful or declined message.
Step 5 – Wirecard returns this result and/or error code with error description back to the Merchant
Website address specified in the form POST.
Step 6 – If the functionality is set up (from the Wirecard Web Console) Wirecard will notify the card
holder via email of the transaction details and the merchant via email.

General Requirements for Using Virtual

Internet Merchant Account

An Internet Merchant Account is required to accept credit card transactions over the internet. If you have an Internet Merchant Account you need to supply these details to Wirecard before going Live. If you do not have an Internet Merchant Account, Wirecard can assist you with your application to the acquirer (bank).

Note: An Internet Merchant Account is a different type of merchant account than what is used for card present / POS transactions.  You will need to apply for an Internet Merchant Account even if you already accept credit card transactions from your store.

Security – Server Passwords

You need to apply security best business practice to ensure that confidential data and card detail are protected while either being stored in the database or while data is being transmitted. It is suggested that you encrypt key information issued to you by Wirecard such as merchantID, applicationID and transaction index.

Note: To reduce fraud or potential incidents it is recommended to encrypt any passwords that give access to your server.

TLS

TLS (Transport Layer Security) is a security protocol that ensures that data being captured on Wirecard's payment page cannot be read by encrypting the data using two encryption keys. The Virtual solution does not require a merchant to implement TLS protocol as this is handled by Wirecard.

Integration

Form Post URL

The form post URL is the Wirecard URL used to submit the form post to.  Wirecard provides the following URL for both Live and Test. 

Test URL : https://staging-apiv2.wirecard.co.za/product/payment/v1/initialisevirtualCopy URL to clipboard

Production URL : https://apiv2.wirecard.co.za/product/payment/v1/initialisevirtualCopy URL to clipboard

Testing

View all ApplicationUIDs

For testing purposes, we have provided a MerchantUID and ApplicationUID's in multiple currencies.

MerchantID: 9ba5008c-08ee-4286-a349-54af91a621b0

When going live, these will need to be replaced in your code by using the Wirecard issued MerchantID and ApplicationID.

Test Cards

Test Cards are used to perform test authorizations to Wirecard. Test Cards will only work when using the test URL. Test Cards transactions will not go to the acquirer.

Test Card Types

Note: Test Cards will only work when posting to the test URL.

Non 3D Secure Test Cards

Visa Successful    
Card Name   Joe Soap  
Card Number   4111111111111111  
Card Type   Visa  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
       
Visa Declined    
Card Name   Joe Soap  
Card Number   4242424242424242  
Card Type   Visa  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
       
MasterCard Successful    
Card Name   Joe Soap  
Card Number   5100080000000000  
Card Type   MasterCard  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
       
MasterCard Declined    
Card Name   Joe Soap  
Card Number   5404000000000001  
Card Type   MasterCard  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
       
Amex Successful
Card Name Joe Soap
Card Number  370000200000000
Card Type AMEX
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv
Amex Declined
Card Name Joe Soap
Card Number  374200000000004
Card Type AMEX
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv
   
Diners Successful
Card Name Joe Soap
Card Number 
36135005437019
Card Type Diners
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv
   
Diners Declined
Card Name Joe Soap
Card Number 
36135182434011
Card Type Diners
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv
   
Maestro Successful
Card Name Joe Soap
Card Number  5641821111166669
Card Type Maestro
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv
   
Maestro Declined
Card Name Joe Soap
Card Number 
6759411100000008
Card Type Maestro
Expiry Date  Any date in future
CVV Number(last 3 digits on back of card)  any cvv

3D Secure Test Cards

Visa Successful    
Card Name   Joe Soap  
Card Number   4000000000000002  
Card Type   Visa  
Expiry Date   Any date in future 
CVV Number (last 3 digits on back of card)   any cvv  
     
Visa Failed    
Card Name   Joe Soap  
Card Number   4000000000000010  
Card Type   Visa  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
     
MasterCard Successful    
Card Name   Joe Soap  
Card Number   5200000000000007  
Card Type   MasterCard  
Expiry Date   Any date in future  
CVV Number (last 3 digits on back of card)   any cvv  
     
MasterCard Failed    
Card Name   Joe Soap  
Card Number   5200000000000023  
Card Type   MasterCard  
Expiry Date   Any date in future 
CVV Number (last 3 digits on back of card)   any cvv  

Test CCV

As additional account security, every credit card comes with a special three or four digit code generally known as a CVV2 or CVV number. Cardholders will be requested to enter this when processing an online payment. An identity thief who has come across credit card information illegally will not have access to the CVV number if they do not have physical access of the card.

Go Live Checklist

Overview

Use the Go Live Check List to make sure that you have completed all necessary tasks before going live. Please ensure that the following criteria have been met:

Configuration

  1. Virtual Form Post have been embedded onto your website

  2. Merchant Payment Page have been configured in Wirecard Web Console

  3. Referral URL has been added in Wirecard Web Console

  4. Merchant ID and Application ID of the “Merchant” (NOT test Merchant ID and Application ID) is being used in your message type.

Testing

  1. Test a Successful Transaction using our Virtual Test Cards

  2. Test a Decline transaction using our Virtual Test Cards

  3. Test transactions are visible in Wirecard Web Console

Go Live

  1. Merchant received Go Live email from Wirecard. This email will contain the merchants Customer ID and Merchant ID .
    (If not, have merchant contact support.za@wirecard.com)

  2. Ensure that you are using the Live URL.

  3. Ensure that you have added a referral URL.

  4. Perform Live transaction with Live card

Integration Support

Merchants

If you are a merchant that has signed up with Wirecard's Virtual solution, you will have access to Wirecard's Integration Help Desk for telephonic and email support. Telephonic support is available 8am to 5pm GMT +2. Email support is 8am to 5pm GMT + 2 and connects directly to our help desk through our ticketing system.

Developers

If you are a developer that you will have access to Wirecard's Integration Help Desk for email support. Email support is 8am to 5pm GMT + 2 and connects directly to our help desk through our ticketing system.

If you send an email you will immediately be emailed back a reference to track your integration query.

Email: support.za@wirecard.com

JSON Web Token (JWT)

The JSON Web Token (JWT) is not required in the request, however, we do include it in the response which can then be decoded and utilised as needed by the merchant.

Example JWT

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJtdWlkIjoiMzQ4OEJGNzItMDFFNi00REU1LUI2NjAtMUZFQTdGOUE0Q0NBIiwiY3VpZCI6IjM0ODhCRjcyLTAxRTYtNERFNS1CNjYwLTFGRUE3RjlBNENDQSIsImp0aSI6IjUyMjViZmQ1NDExMWFzZGNhM2EiLCJpYXQiOjE1NTI5MTMzOTgsImV4cCI6MTU1Mzk5OTc5OH0.d8uEgDew3SiUxpe-Kyp3NqZJgJo75FlRN5G3AXohk5Y

Decoded Response Example

{
"jti": "[B@51c83aae",
"iat": 1612528158,
"cuid": "BAAB2819-7286-49D3-8AD3-1212B3B40C2A",
"auid": "A50376D2-0CDF-46DF-BDDD-30F0B514D853",
"result": -1,
"transactionIndex": "5bb926df-68ed-4154-bf01-cd1e7f2278a5",
"mref": "DV_LNMnOi8bUn",
"amount": "0.02",
"mode": "1",
"tkn": "",
"puid": "e36bdd6e-c9c1-4aa6-a10d-8f0ce9b6d361",
"exp": 1612528758
}

For further reference please visit https://jwt.io/

HTML Sample

If you have in‐depth HTML knowledge or web development skills you can create more variables. The below examples could be applied if you have a web application or shopping cart. The Below HTML example shows how your form POST could look when extensive information is getting sent to Wirecard:

The below code can be copied into your code for testing purposes. Please note however, that before going live, you will need to change the details in the above example.


Note: The Virtual solution does not support iframes, if you wish to process payments without the user leaving your website please consider the enterprise solution.


Reference

Payment Methods

Overview

Merchants can use Virtual to integrate with any of Wirecard's payment methods.  The payment methods that Wirecard offer can be found at https://wirecard.co.za/payment-solutions/alternative-payments/

Examples of these payment methods are:

  • Credit Card & Debit Card
  • SecureEFT
  • Visa Checkout
  • Mobicred

Payment Options Page

Process Flow Description for Payment Page

  1. The merchant begins the process by posting a ‘Request’ to Virtual.
  2. All the payment methods linked to the application ID used will display in the payment options menu.
  3. Virtual processes the transaction to the relevant financial service provider.
  4. Virtual replies immediately by posting back detailed ‘Response’ data. The detailed response will include the payment method that was used to pay.
  5. In some cases, the payment method chosen will be more suited to an ‘asynchronous’ process. For instance, when the client is given payment instructions by Virtual and these instructions can take some time to complete. If/when Virtual receives a response from the financial service provider, then Virtual will post the ‘Response’ data back to the RedirectSuccessfulURL or RedirectFailedURL provided by the merchant in step 1.
Payment Options Example Page

Example of Payment Options Page

Payment Option Page Customization

The payment options page is customizable (example: merchant logo) to maintain the look and feel of the merchant system as far as possible. This is done from within the Wirecard Web Console. Click here to see how to upload logo.

Virtual 1Click

Introduction to 1Click

1Click payments offers the card holder a simplified checkout experience. The solution caters for customers that repeatedly purchase goods or services from a merchant’s website by simplifying the checkout experience. The solution will tokenize the card holder’s details during the initial transaction. For subsequent transactions, the merchant can be configured to allow the cardholder to enter a CVV or not, to process the payment, making the checkout process more simplified. At any point, the card holder can amend card details, which will update the token with the new card information.

For the Virtual 1Click solution, it is possible to store multiple cards, allowing the user the ability to choose the tokenized card they wish to pay with.

1Click Payment Process

One of the main benefits of utilising the 1Click - Virtual Solution is the simplicity in which to integrate it into your online website. It requires less development work than other Wirecard Solutions and security measures are already incorporated by Wirecard.

Virtual Tokenization Process Flow

1Click Process Flow

1) Submit a form POST to the Virtual payment page and include an additional form field in your request <input type = "hidden" name = "puid" value = "3488BF72-01E6-4DE5-B660-1FEA7F9A4CCA">

2) The payment page reads the puid field and does a lookup to see if the token has been registered before:

3) If card detail is not registered yet (Card holders first time making a payment):

  • The card holder is required to enter full card details and select "Save and Pay Now".
  • Wirecard takes the card details with the token submitted in the form POST and registers the details in the Wirecard's database.
  • The transaction is then processed as normal to the bank.
  • The transaction results are returned in the message response.
  • The PUID is the Profile ID that all tokenized cards are associated with and is returned in the JWT.

4) If card holder is registered (Card holder’s second time making a payment):

  • The payment page will display all previously registered cards for the cardholder, with pre-populated fields containing their card details (retrieved from the Wirecard database).
  • The card holder is asked for their CVV if required by the merchant (last 3 digits on the back of the card).
  • The card holder selects to "Pay Now" at which stage Wirecard processes the transaction and the card holder is debited.
  • The results of the transaction are posted back to the website.

5) If card holder is registered and wants to modify their details:

  • The payment page will display all previously registered cards for the card holder, with pre- populated fields containing their card details (retrieved from the Wirecard database).
  • The card holder chooses a card and selects to "Edit".
  • The card holder is then asked for their updated card details.
  • The card holder selects "Pay Now" where an update is done on their card details. This updates Wirecard's database to the new card details the card holder entered.
  • The transaction is processed to the bank.
  • The results of the transaction are posted back to website.

6) If card holder is registered and the card has expired:

  • The card holder is displayed a message informing them that their card has expired.
  • The card holder is forced to update their card details and are prompted for updated card details.
  • The card holder selects "Pay Now" and the card details are updated.
  • The transaction is processed and the card holder is debited.
  • The results of the transaction are posted back to website.

SecureEFT

SecureEFT is a streamlined version of a traditional EFT. It makes payment of a bank transfer a lot faster and easier by eliminating certain steps such as creating a beneficiary, entering the reference number and amount or provide a proof of payment. SecureEFT only requires a buyer to login to their bank account and authenticate the payment through the banks one time pin or authentication methodology.

SecureEFT Transaction Process

Step 1 - The customer selects the SecureEFT payment option

Step 2 - The customer is prompted to select their bank

Step 3 - The customer would sign into there banking profile using there internet banking details

Step 4 - SecureEFT returns the results of the payment to Wirecard

Step 5 - Wirecard returns these results to the merchant. The merchant can then display the results on the payment confirmation page

SecureEFT Page

Example of SecureEFT Page

Reference

Virtual Reference

Close