You will need
Customer ID, Terminal ID, Fields Access Token,
Fields registered URL, Saferpay
Fields javascript library URL
, (and in case of Payment Page: JSON API
username, JSON API password)
. You can find and register
these from Saferpay
Back Office
Your base URL is either https://www.saferpay.com/api OR
https://test.saferpay.com/api depending
on which environment you are at.
You should store response data in your backend's database while
implementing different steps of payment, you
would likely need a value from a previous call, e.g. Token
from Initialize
It is recommended to build your RedirectNotifyUrls with a unique id
of the
transaction like this:
https://yourshop/notify?id=12345. This way, when this URL is
called, you can identify the transaction and find it in your
database
Do not mix RedirectUrl, ReturnUrl,
RedirectNotifyUrls, and NotifyUrl they are not the
same, and serves different purpose. Your IPN is the URL where you
get NOTIFIED by your URL being called (via asynchronous
_GET). DO
NOT IMPLEMENT TRANSACTION STEPS (e.g.
CAPTURE) BY RETURN URL, AS YOUR PROCESS CAN BREAK
IF CUSTOMER CLOSING BROWSER, LOOSING CONNECTION, ETC.
Always check LiabilityShift results. It is your choice to
stand financial responsibility in a possible
chargeback of a transaction. We recommend to implement a transaction
amount based evaluation e.g. above 10 EUR
you drop if LiabilityShift = NO.
Please note in Transaction AuthorizeDirect there is no 3DS
on transactions, hence
Liability is always on Merchants. This is not a Saferpay thing, this
is
the Rules and Regulations of the card schemes.
The Transaction is only completed when it's a green dot icon
(not circle) in Saferpay
Backoffice Interface .
Transactions that are not completed (e.g. Authorized state with
green circle icon) will release amount automatically back to
cardholder's account by time and later charge of the amount might
not be possible.