Overview
This document provides high level description of functionalities offered by Merchant Paytool. Merchant Paytool supports e-commerce transactions, thus releasing Merchant from the need to handle the transaction process on Merchant side – the entire transaction process will be handled by Verestro. The tool is very easy to integrate because it requires plugging one library (Web SDK integration) or integrating two API methods (REST API integration). The solution can be supported by various Acquirers. Note that if the Merchant requires the settlement of the transaction by a new Acquirer – to which Verestro is not integrated – there will be required new integration between Verestro and the new Acquirer. The specification of the new Acquirer should be provided by the Merchant.
Abbreviations
This section shortly describes abbreviations and acronyms used in the document.
|
Abbreviation |
Description |
|
ACQ |
Acquiring Institution / Acquirer |
|
ACS |
Access Control Server |
|
SDK |
Software Development Kit |
|
OS |
Operative System |
|
Mid |
Merchant Identifier |
|
PCI DSS |
Payment Card Industry Data Security Standard |
|
PAN |
Permanent Account Number |
|
CVC |
Card Verification Code |
|
3DS |
3-D Secure |
Terminology
This section explains a meaning of key terms and concepts used in this document.
|
Name |
Description |
|
Customer/Merchant |
Institution which uses Verestro products. This institution decides which solution should be used depending on the business requirements and how transaction should be processed. |
|
User |
End-User which uses Merchant Paytool solution. It is root of entity tree. User is an owner of the card and is an entity that decides to pay for the purchase with the Merchant Paytool solution, selecting it from the list of payment methods available on the Merchant (Customer) website. |
|
Card |
Card belongs to the user. If user intends to pay with the Merchant Paytool solution, then has to insert required card's data to the appropriate fields shared by the Merchant Paytool solution. Card data will not be stored in the Verestro system. They will be provided to Acquirer. |
|
Acquirer |
External Institution resposible for processing transaction and 3ds requests ordered by the Merchant Paytool solution. Acquirer connects with banks / card issuers and returns an information whether the ordered action on a given card is possible. |
|
MID |
Merchant identifier. This entity is represending Merchant in Acquirer's system. Customerhas to provide the mid information to enable mid configuration in the Verestro system. Required to process transactions and 3DS via Verestro system. |
|
API Key |
Unique UUID value assigned to the Customer account in Merchant Paytool Backend. Using this value, the Merchant Paytool SDK is able to get all configuration data required to perform transaction process via Merchant Paytool Solution. |
|
PAN |
It is 7-16 digits of the credit/debit card number. These digits contain the Permanent Account Number assigned by the bank to uniquely identify the account holder. It is necessary to provide it when User wants to pay with a card for purchases on the internet. |
|
CVC |
It is a type of security code protecting against fraud in remote payments. Card Verification Code is necessary to provide it when User wants to pay with a card for purchases on the internet. |
|
Expiration Date |
It is a date of the card validity ending and contains two values – month/year. Card will be valid to the last day of the month of the year showed on it. It is necessary to provide it when User wants to pay with a card for purchases on the internet. |
|
3DS |
3-D Secure is a method of authorization of transaction made without the physical use of a card, used by payment organization. The 3DS process in the Merchant Paytool solution is performed internally in the Verestro system. |
|
PCI DSS |
It is a security standard used in environments where the data of payment cardholders is processed. The standard covers meticulous data processing control and protection of users against violations. |
Merchant Paytool key components
Merchant Paytool is a solution that has been created to provide merchants with functionality that allows them to make payments for their products and at the same time the easiest to integrate. An additional assumption was that the entire payment process should be performed outside the merchant's system, which frees them from the need to handle such processes as 3D Secure or the transaction itself. The client only receives information that the transaction was successful or not. Merchant can also decide where the user should be redirected depending on the transaction status. This section provides introduction to technologies which are supported by Merchant Paytool Solution. High level architectures are presented to show the place and usage of the each Verestro component.
|
Component |
Description |
|
Merchant Paytool Frontend |
Component containing the part of the solution which is displayed to the User. Basic information about the transaction shown such as the name of the Merchant (Customer), amount and currency, as well as inputs for card data. |
|
Merchant Paytool SDK |
Component containing all necessary scripts whether to perform communication between Merchant Paytool Frontend and Backend and the data exchanging between these two components. Merchant Paytool SDK should be included on the Customer website. |
|
Merchant Paytool Backend |
Component stores the configuration data of a given Customer such Merchant Name or Merchant Id and it is responsible for providing all necessary configurations to the Frontend. It also communicating with various Acquirers and triggers notifications to the Customer and the User (depending on the Customer requirements) about successful or unsuccessful transaction. |
|
Notification Service |
Component responsible for sending information to the Customer about the status of the transaction status. It is also responsible for sending email to the User about the transaction. Notification Service is triggered by Merchant Paytool Backend. |
Implementation models
Verestro provides two implementation models for the Merchant Paytool Solution - integrated and REST API.
Integrated
In this model Merchant is owner of the Merchant Paytool Solution. Verestro provides SDK and backend interface. Merchant is responsible for integrate provided SDK with his own website or application. Technical information about the integration can be found here.
Below diagram shows high level architecture used in the solution in the Integrated implementation model:
REST API
In this model Merchant has his own SDK or application which should be integrated with Merchant Paytool backend. Verestro provides all necessary backend methods. Merchant is responsible for integrate provided methods with his own application. Merchant is also responsible for redirecting the user to the Paytool payment form. Technical information about the integration can be found here.
Below diagram shows high level architecture used in the solution in the Integrated implementation model:
Server Components
Server components are backend services which are designed to process requests from the frontend part, provide and exchange necessary data such as user data between each other and communicate with Acquirers.
Merchant Paytool Server
Merchant Paytool Server is the backend component which consists of few internal services which are responsible for managing card and user data, processing transactions and 3D Secure and storing transaction history. This component is also responsible for connection with Acquirers. Services included in the Merchant Paytool Backend can be divided into two groups:
-
Services that are part of the Merchant Paytool Solution.
-
Services supporting the functionalities offered by Merchant Paytool Solution.
List of services which are the part of the Merchant Paytool Solution:
-
Paytool API - a service with the methods needed to complete the entire transaction process. The methods are called by Merchant Paytool SDK in the right order to make the entire payment and 3D Secure process. This service also communicates with the Verestro Acquirer Connector, which orders the execution of the transaction.
-
Merchant Paytool SDK - it is a library that is responsible for data transfer between Merchant Paytool Frontend and Backend. It is also a part of the solution that the merchant has to include to his website.
List of services which are supporting the functionalities offered by Merchant Paytool Solution:
-
Midas API - it is a connector between the Verestro system and the Acquirer. It transfers requests for transactions to Acquirers and also informs about the need to perform 3D Secure.
-
Notification Service - service responsible for sending notifications to users and merchant. Notifications can be sent via multiple paths depending on merchants requirements. For example, they can be e-mail, SMS or sent to a specific URL provided by the merchant.
Merchant Paytool Frontend Application
It is an application hosted on the Verestro side, which is responsible for accepting card details from the user and starting the transaction process. If the user selects the Merchant Paytool payment option on the merchant's website, he will be redirected to this component and the form will be displayed. More informations can be found in "User flow" chapter.