×
Menu
Search
 
   
   
   
 
  (c) PCI Pal 2020. The content on this page is subject to the Disclaimer Section (found on the Introduction page)

Cybersource Payment Gateway

 
This page details the inputs, secure inputs and outputs available for the Cybersource Payment Logic Item, how to complete each field, and an external link to the Cybersource integration documentation.
 
PCI Pal must check any payment gateway integrations prior to going live.  The documentation disclaimer (which applies throughout this guide) should be read before commencing any configuration of payment gateways.
 
Input Fields
Required
Character Limits/
Required Input
Description
merchantId
Yes
Unique to the client
Client specific CyberSource merchant ID
merchantReferenceCode
Yes
Unique to the transaction
Unique transaction reference code generated on the flow
clientApplicationUser
Yes
$System.UserName$
Gets the current user of the application.
transactionType
Yes
0 - 6
The type of transaction which is being put through.  The following values are available to be used:
0 - Auth
1 - Capture
2 - Refund
3 - Tokenise Only
4 - Test
5 - Unknown
6 - Bespoke Integration
customerId
Yes
100 chars
Your identifier for the customer
billToCompany
No
60 chars
Name of the customer’s company
billToFirstName
Yes
60 chars
Customer first name
billToLastName
Yes
60 chars
Customer last name
billToStreet1
Yes (C)
50 chars
First line of the billing address
billToStreet2
No (C)
50 chars
Second line of the billing address
billToCity
Yes (C)
50 chars
City of the billing address
billToState
No (C)
2 digit US State code
State or province in the billing address. Use the two-character ISO state and province code. Only required if billToContry is US
billToPostalCode
Yes (C)
10 chars
Postal code for the billing address. The postal code must consist of 5 to 9 digits
billToCountry
Yes (C)
2 chars
Country code for the billing address. Use the two-character ISO country codes.
billToEmail
Yes (C)
255 chars
Customer email address
billToPhoneNumber
No (C)
10 numbers
Customer phone number. When creating a customer profile, the requirements depend on the payment method:
Credit cards—optional
Electronic checks—contact your payment processor representative to find out if this field is required or optional
shipToFirstName
No
60 char
Shipping first name
shipToLastName
No
60 char
Shipping last name
shipToStreet1
No
50 chars
First line of the shipping address
shipToStreet2
No
50 chars
Second line of the shipping address
shipToCity
No
50 chars
City of the shipping address
shipToState
No
2 digit US State Code
State or province in the shipping address. Use the two-character ISO state and province code. Only required if shipToContry is US
shipToPostalCode
No
9 char
Postal code for the shipping address. The postal code must consist of 5 to 9 digits
shipToCountry
No
2 chars
Country code for the shipping address. Use the two-character ISO country codes.
shipToCompany
No
50 chars
The company name for the shipping address (if applicable)
shipToPhoneNumber
No
10 num
Phone number for the shipping address
shipToEmail
No
255 chars
Email address associated wih the shipping information
cardType
Yes
3 numbers
    
Type of card to authorize. The list of these are below:
001: Visa
002: MasterCard, Eurocard—European regional brand of MasterCard
003: American Express
004: Discover
005: Diners Club
006: Carte Blanche
007: JCB
014: EnRoute
021: JAL
024: Maestro (UK Domestic)
031: Delta—use this value only for Global Collect. For other processors, use 001 for all Visa card types
033: Visa Electron
034: Dankort
036: Carte Bleu
037: Carta Si
042: Maestro (International)
043: GE Money UK card—before setting up your system to work with GE Money UK cards, contact the CyberSource UK Support Group
050: Hipercard—supported only by the Comercio Latino processor
051: Aura—supported only by the Comercio Latino processor
054: Elo—supported only by the Comercio Latino processor
currency
Yes
5 chars
Currency used by the customer
grandTotalAmount
Yes
15 chars
The total amount for the transaction request
ignoreAvsResult
No
True or false
Indicates whether CyberSource should ignore the results of the AVS check and create the customer profile even if the credit card does not pass the AVS check. Use this field only if you are using automatic preauthorization
transactionKey
Yes
Unique to client
Unique transaction key which is provided to the client as a means of authentication
createSubscription
Yes
True or false
Boolean value which dictates whether or not the client wishes to have tokenisation on the transaction
extraDataField1
No
N/A
Additional Data Field
extraDataField2
No
N/A
Additional Data Field
extraDataField3
No
N/A
Additional Data Field
extraDataField4
No
N/A
Additional Data Field
extraDataField5
No
N/A
Additional Data Field
extraDataField6
No
N/A
Additional Data Field
extraDataField7
No
N/A
Additional Data Field
extraDataField8
No
N/A
Additional Data Field
extraDataField9
No
N/A
Additional Data Field
extraDataField10
No
N/A
Additional Data Field
extraDataField11
No
N/A
Additional Data Field
extraDataField12
No
N/A
Additional Data Field
extraDataField13
No
N/A
Additional Data Field
extraDataField14
No
N/A
Additional Data Field
extraDataField15
No
N/A
Additional Data Field
extraDataField16
No
N/A
Additional Data Field
extraDataField17
No
N/A
Additional Data Field
extraDataField18
No
N/A
Additional Data Field
extraDataField19
No
N/A
Additional Data Field
extraDataField20
No
N/A
Additional Data Field
 
Secure Inputs
Input Fields
Required
Character Limits/
Required Input
Description
accountNumber
Yes
19 chars
Secure input of the card number
expiry
Yes
4 chars
Secure input of the card expiry - in the format MMYY
cvNumber
Yes
3 or 4 chars
Secure input of the card CVV, either three or four digits long depending on the card
 
Outputs
Output Fields
Description
requestID
Identifier for the request from CyberSource
decision
Summarizes the overall results for the request. Possible values:
ACCEPT
ERROR
REJECT
reasonCode
Numeric value corresponding to the result of the entire request
missingField
Required fields that were missing from the request. These reply fields are included as an aid to software developers only. Do not use these fields to communicate with customers
invalidField
Fields in the request that contained invalid values. These reply fields are included as an aid to software developers only. Do not use these fields to communicate with customers
requestToken
Request token data created by CyberSource for each reply. The field is an encoded string that contains no confidential information, such as an account or card verification number
ccAuthReply.reasonCode
Numeric value corresponding to the result of the authorization request
ccAuthReply.amount
Amount that was captured
ccAuthReply.authorizationCode
Authorization code. Returned only when the processor returns this value
ccAuthReply.avsCode
AVS results, the following are expected to be returned:
B - Partial match. Street address matches, but postal code is not verified
C - No match. Street address and postal code do not match
D & M - Match. Street address and postal code match
I - No match. Address is not verified
P - Partial match. Postal code matches, but street address is not verified
ccAuthReply.AvsCodeRaw
AVS result code sent directly from the processor
ccAuthReply.authorizedDateTime
Time of authorization
ccAuthReply.processorResponse
For most processors, this is the error message sent directly from the bank. Returned only when the processor returns this value
ccCaptureReply.reasonCode
Numeric value corresponding to the result of the capture request
ccCaptureReply.requestDateTime
Time of capture
ccCaptureReply.amount
Amount that was captured
ccCaptureReply.reconciliationID
Reference number for the transaction. This value is not returned for all processors
ccCreditReply.reasonCode
Numeric value corresponding to the result of the credit request
ccCreditReply.requestDateTime
Time of credit
ccCreditReply.amount
Amount that was credited
ccCreditReply.reconciliationID
Reference number for the transaction. This value is not returned for all processors
paySubscriptionCreateReply.reasonCode
Numeric value corresponding to the result of the service request
paySubscriptionCreateReply.subscriptionID
Identifier for the customer profile
pcipal.errorMessage
PCI Pal Specific Error Message.  If anything goes wrong in the sending of a request, our internal error handling will respond with a message on the output of the flow
 
CyberSource Logic Item
The CyberSource Logic Item contains the following properties:
Cybersource Payment Gateway
1

Transaction Key

Unique transaction key which is provided to the client as a means of authentication
2

Merchant ID

Client specific Merchant ID provided by CyberSource
3

Success Code

Each gateway has its own unique selection of status codes on a request back from the gateway - for CyberSource, these are:
- 100
 
For a list of all codes, please visit the following site: Reason Codes
This must be set in order for our internal logging processes to notice that the payment has come back with the expected response
4

Select Endpoint

  For added security the CyberSource endpoints have been hardcoded into the integration.  Test or Live needs to be selected from the Select Endpoint drop down list, depending on the transaction being conducted
 
Further information can be found by viewing the integration documentation:
CyberSource API Documentation
 
The help manual was created with Dr.Explain