1Introduction
This manual describes how to install configure and use the payment module for xt:Commerce and PAYONE.
Before you get started, make sure to have all necessary data at hand.
- You received a user name and a password from PAYONE. Log in to the PAYONE Merchant Interface. ( https://pmi.pay1.de/)
- xt:Commerce payment module from sellxed.com/shop
- Login data for your server and shop
2PAYONE Channels
According to the functions of the module which you want to use, you have to request the different channels at PAYONE. With the numbers of channels come various costs on the part of the PAYONE. Here you'll find an overview of the different functions and their corresponding channels.
- Channel Frontend: Payment page
- Channel Client-API: Hidden, Alias Manager, Ajax, Moto
- Server-API: Refund, Capture, Cancel
Note that you must use at least PHP version 5.6 for our plugins. PHP 8 or higher is currently not supported.
2.1Installation Process
This document contains all information necessary to install the module. Make sure to follow the described steps strictly in order to ensure the safe use of the module in compliance with all security regulations.
- Configuration of the PAYONE test administration surface. The test platform can be found under https://pmi.pay1.de/
- Configuration of the main settings
- Configuration of the payment methods
- Conducting a test order by means of the Test Data enclosed at the end of this document
Our payment plugins should have per default the correct settings for most of our customers' preferences. That means once you have entered the required credentials in the plugin configuration to connect your account to your website, the plugin should be fully operational. Should you be willing to receive detailed information on a setting you do not know, you may contact our support team who will be able to assist you further.
Our support team is at your disposal during regular business hours at: http://www.sellxed.com/support. Furthermore, you have the option of ordering our installation service. We will make sure the plugin is installed correctly in your shop: http://www.sellxed.com/shop/de/integration-und-installation.html
In order to test the module, any kind of directory protection or IP blocking on your server must be deactivated. This is crucial as otherwise the payment feedback of PAYONE might not get through to the shop.
2.2System Requirements
In general, the plugin has the same system requirements as xt:Commerce. Below you can find the most important requirements of the plugin:- PHP Version: 5.4.x or higher
- OpenSSL: Current version with support for TLS 1.2 or higher.
- fsockopen: The PHP function fsockopen must be enabled. The plugin must be able to connect to external systems over the Internet.
- PHP Functions: All common PHP functions must be enabled.
3PAYONE - Backend Configuration
First, log on to the PAYONE Merchant Interface (https://pmi.pay1.de/)
3.1Payment Portal Setup
Under Configuration > Payment Portals you can set up the payment portal for your shop. Among other things you define the TransactionStatus URL. This is the URL that the parameters for further processing are sent to after payment has taken place.
3.1.1Shop Portal Administration: Tab General
General settings such as portal name, Shop URL and the sender e-mail can be defined in the tab 'General'. These settings can be defined independently.
Make sure that the Server API, Front-end and Client API are activated in the Channel settings as shown in the screenshot.
3.1.2Shop Portal Administration: Tab Extended
In this tab you define the TransactionStatus URL. The URL you need to enter can be found directly on the general information site of the module in your shop. More information can be found in the section Transaction-Feedback).The remaining fields can be left empty. They will be filled by the module.
3.1.3Shop Portal Administration: API-Parameter
This tab contains all relevant information to enter in the Main Module .
3.2Authorization Methods
Please note that with the changes in PCI new rules apply regarding the applicable self assessment questionnaire. If you host the forms to entering of the credit cards directly in your webshop (Hidden Authorization) or Ajax authroization new rules apply. If you want to continue to work with SAQ-A, you have to use Payment Page or the Widget Authorization.
In the configuration of the payment method you have the possibility to switch between various authorization methods. These regard primarily the depiction of the credit card forms in the shop. You'll find further information about that in chapter authorization methods.
3.3Account Activation
Further information on the payment method configuration and the implementations of the settings can be found here. After the activation and configuration of the payment methods you can conduct a test by means of the Test Data provided in this manual. As soon as the tests As soon as the tests have been successful you can contact PAYONE to demand the activation of your account. You will be able to process payments immediately.
4Module Installation and Update in the xt:Commerce Shop
4.1Installation
At this time you should already be in possession of the module. Should this not be the case, you can download the necessary files in your customer account in the sellxed shop (Menu "My Downloads Downloads"). In order to install the module in your shop, please carry out the following steps:
- Download the plugin. The download can be found in your sellxed.com account under "My Downloads".
- Unzip the archive you have just downloaded.
- In the unzipped folder navigate to the folder "files"
- For some shops there are different versions of the plugin provided. If this is the case open the folder which corresponds to your shop version.
- Using your preferred FTP client upload entire content of this folder into the root directory of your shop. For some shops there is a specific folder containing the plugins. If that is the case upload the plugin into this folder. Make sure that the folders aren't replaced but merely merged.
- If you haven't yet done so, log back into your shop.
4.2Updates and Upgrades
You have direct and unlimited access to updates and upgrades during the duration of your support contract. In order to receive constant information about available updates we ask you to subscribe to our RSS feed that we publish for your module.
More information regarding the subscription of this RSS feed can be found under: http://www.sellxed.com/en/updates_upgrades.
We only recommend an update if something doesn't work in your shop, if you want to use new feature or if there is a necessary security update.
4.2.1Update Checklist
We ask you to strictly comply with the checklist below when doing an update:
- Always do a backup for your database and your files in your shop
- Use always a test system to test the update process.
- Wait until all the files are copied to the shop, clear the cache if there is one in your shop and then visit the configuration page of the main module so that the update process will be initialized.
Please test the update procedure first in your test shop. Our support team is able and willing to help you if you experience problems with the update process. However, if you decide to perform the update directly in your live shop there is the possibility of a downtime of the shop of more than two days depending on the availability of our support if you do not want to book our complementary support.
Depending on the version it could be that the database has to be migrated. We recommend you therefore, to perform the updates in times when the shop is not visited too frequently by your customers.
4.2.2Update Instructions
Please always read the update instruction. Those instructions can be found in the changelog. If there are no special remarks, you can proceed by just overwriting the files in your system.
5Module Configuration in the xt:Commerce Shop
The configuration consists of two steps. The first step is the configuration of the main module with all the basic settings (cf. Configuration of the Main Module). During the second step you can then carry out individual configurations for each payment method . This allows for full flexibility and perfect adaptation to your processes.
Please create a backup of the main directory of your shop. In case of problems you will then always be able to return your shop to its original state.
We furthermore recommend testing the integration on a test system. Complications may arise with third party modules installed by you. In case of questions, our support is gladly at your disposal.
5.1Base Module Configuration
The settings for the Base Module can be found in "Content > Plugin > deinstalled plugins > PAYONE Base Module" . To install the module, click 'install'. A new window should open now. Next, cklick F5 in your browser in order to reload all Java Script data of the modules and then return to the location of the installed plugins.
The settings of the module can be opened by clicking on the pen. Enter the options that you set in the administration surface of PAYONE. If an option is unclear, a click on the question mark will show more information. The central settings will be explained.
5.1.1Sending e-Mails for status updates
Mark every status that you want to trigger an e-Mail to the customer if his order was set to this status.
5.2Defining the URL for the Transaction Feedback
To ensure correct payment processing in your shop, at least one Feedback URL has to be provided in the PAYONE configuration. The URL to be entered can be found in your xt:Commerce Shop under the menu item Settings > PAYONE > Setup .
5.3Payment Method Configuration
After the Basic Module was configured successfully, the payment method settings for your shop can be found under Settings >. Every method is listed seperately. Activate the desired payment methods by selecting them and clicking Activate Selection.
With a click on the pen, a new window for the settings will open. Most settings are self-explanatory. A click on the question mark shows additional information.
5.3.1Choosing the Authorization Method
You can choose between several display options for the authorization of card payments. The option Authorization Method determines, which payment methods you would like to process.
For further information on the differen authorization methods, visit our sellxed Website.
5.3.2Payment Form Position
If you have the corresponding package of PAYONE, the payment information can be entered directly in your shop. The setting Page for Payment Form adjusts the position of the payment form
Please bear in mind that additional options with PAYONE have to be enabled in order to use some of the payment processing methods.
Some authorization methods might not be available for every payment method.
5.3.3Capturing Orders Directly
The option "Capturing" determines wether payments should be captured directly or if they should be authorized before. If you only want to authorize as a first step, ensure that the payments are issued later.
Depending on your Acquiring Contract, a reservation is guaranteed for a limited time only. If you are not capturing within this time, the authorization might not be guaranteed. Further information on the process of capturing is provided below.
The settings in the payment method module might overwrite your settings in the PAYONE backend.
5.3.4Uncertain Status
You can mark orders without a 3D Secure Verification or other security mechanism failures. This allows you to examine the order manually before the shipment.
5.3.5Setting the Order Status
You can determine which status the order should have for every payment method. This refers to the initial order status.
5.4Direct Capturing of Transactions
The option "Capture" allows you to specify if you wish to debit payments directly or if you first wish to authorise them and then debit the payment at a later point.
Depending on your acquiring contract, a reservation is only guaranteed for a specific period of time. Should you fail to debit the payment within that period, the authorisation may therefore no longer be guaranteed. Further information on this process can be found below.
It may be that settings saved in the payment modules overwrite settings saved in PAYONE.
5.5Uncertain Status
You can specifically label orders for which the money is not guaranteed to be received. This allows you to manually control the order before shipment.
5.5.1Setting the order state
For each payment method you may select in which state the order should be set to depending on the booking state. This is the initial state of the order.
5.6Stock Management in xt:Commerce 4 / 5
Since the 19.05.2017 we changed the way we handle the stock implementation in xt:Commerce 4 / 5. Products will now automatically be restocked when the status of the order is changed to failed. The status of the order is automatically changed to failed if the customer does click on the cancel button on the payment page. However if he uses the back button in the browser we can not determine the status of the order. In this case you have to manually cancel the order to restock the items.
Please note the stock will automatically be increased if you switch an order into the failed state.
5.7Optional: Validation
Note: It can be that this option is not visible in your module. In this case just ignore this section.
With the option 'Validation' you can define the moment when the payment method should be made visible to the customer during the checkout process. This setting is relevant for modules where the usage depends on the customer's compliance with specific preconditions. For example, if a solvency check has to be carried out or if the payment method is only available in certain countries. In order for the credit check or address validation to also work with European characters, the charset of the "Blowfish mode" must be set to "UTF-8" for certain PSP settings.
You have the choice between these options:
- Validation before the selection of the payment method: A validation verification is carried out before the customer selects the payment method. If the customer does not fulfill the requirements, the payment method is not displayed
- Validation after selection of the payment method: The verification of the compliance occurs after the selection of the payment method and before the confirmation of the order
- During the authorisation: The validation verification is carried out by PAYONE during the authorisation process. The payment method is displayed in any case
6Settings / Configuration of Payment Methods
6.1General Information About the Payment Methods
The plugin contains the most common payment methods. In case a desired payment method is not included per default, please contact us directly.
In order to be able to use a payment method, it must be activated in your account with PAYONE as well as in your shop. Information about the configuration of the payment methods can be found further above.
Below you can find important information for specific payment methods that deviate from the standard process.
6.2Information on Payment Status
For each payment method you can define an initial payment status (status for authorized payments etc.). You hereby define the payment status for each state depending on the processing type of the order (captured, authorized, etc.). It's the initial status which the order assumes. Depending on the mutation carried out by you, the status can change.
Never set the status to Pending PAYONE or any similar pending status which is implemented by the module.
6.2.1Order status "pending" / imminent payment (or similar)
Orders with the status 'pending PAYONE' are pending orders. Orders are set to that status if a customer is redirected in order to pay but hasn't returned successfully or the feedback hasn't reached your shop yet (Customer closed window on the payment page and didn't complete payment). Depending on the payment method these orders will automatically be transformed into cancelled orders and the inventory will be cleared (so long as the Cronjob is activated). How long this takes depends on the characteristics of the payment method and cannot be configured.
If you have a lot of pending orders it usually means that the notifications from your webserver to PAYONE are being blocked. In this case check the settings of your firewall and ask the Hoster to activate the IPs and User Agents of PAYONE.
6.2.2Order status "cancelled"
Orders with the status "cancelled" have either been set to that status automatically due to a timeout, as described above, or have been cancelled directly by the customer.
7The Module in Action
Below you will find an overview of the most important features in the daily usage of the PAYONE module.
7.1Order Transaction Information
In each order processed by our module, you can view all important information on the transaction. For instance, this feature allows you to match the orders to the transactions visible in the PAYONE backend.
To view this information, open the orders. At the bottom of the order you will find the paragraph PAYONE Transactions. This shows all details on all former actions related to this order. Click on the key in the column "Action" to see the transaction information (c.f. image "Transaction Information").
7.2Transaction Table
In addition to information on the order, the transaction table shows information on the transactions in your shop. Among other things, it allows you to match the PAYONE transaction number to the order in your shop.
7.3Using Invoice Details of a Processor
In the following context you can view or embed the "payment details" of for example an "Open Invoice" transaction:
7.3.1xt:Commerce Order Confirmation (E-Mail)
The "payment information" will be visible in the default "order confirmation e-mail" of xt:Commerce.
7.3.2xt:Commerce Invoice (PDF)
Due to technical limitations, it is currently not possible to display the "payment information" here.
7.3.3xt:Commerce-Backend (Transaction details)
You can view the transaction details in xt:Commerce under Administer Orders > PAYONE Transactions.
7.3.4xt:Commerce Success-Page
7.4Initiating payments in the xt:Commerce backend
The xt:Commerce payment module allows you to initiate a payment directly from the shop, the so called Mail Order / Telephone Order (MOTO). This feature requires an additional module. After installing the plugin, you can set up four orders in the PAYONE administration surface. When opening the order now, you can add a transaction to this order by clicking on Add Moto Transaction on the bottom right. The transaction will be forwarded to PAYONE directly.
7.4.1Refunding Orders
In order to issue a refund, open the transaction information (c.f. above). This shows all information on the transaction. With a click on "Refund", an input mask for credit notes will open. By clicking Refund , the refund request is transmitted to PAYONE.
Executing a refund will not change the status of the order.
7.5Capturing / Cancelling Orders
The transaction management between PAYONE and your shop is not synchronised. When you register payments with PAYONE, the status in the shop is not adjusted and the order cannot be captured in the shop again.
7.5.1Capturing / Cancelling Orders
To capture orders, open the transaction information (c.f. above). This will show you all information on the transaction. With a click on "Capture" (top right), the order is forwarded to PAYONE. You do not have to log in to the PAYONE backend. You can enter the products you would like to capture in the input mask.
By clicking "Cancel" the transaction is cancelled and the reserved amount is cleared on the customer's card immediately.
7.6Using the Alias Manager / Token Solution
The Alias Manager feature allows you to securely save your customers' credit card data at PAYONE for future orders. You can enable this by activating the option "Alias Manager" in the configuration of the Payment Method. Now the customer can choose between already saved credit cards when ordering again, without having to enter all card information.
It is necessary to enable the respective option with PAYONE to use the Alias Manager. To do this, please contact the support team.
7.7Setting up Cron Job
To activate the time-controlled plug-in functions (e.g. Update Service, deleting pendant orders, etc.), follow the PAYONE instructions for the set up of Cron Job.
8Testing
Before switching from test to live mode it is important that you test the module extensively.
Do not forget to switch the operating mode from test to live after having successfully tested the module.
8.1Test Data
In the following section you can find the test data for the various payment methods:Sofort IBAN DE85123456782599100003 BIC TESTTEST Bank account 2599100003 Bank code 12345678 |
Sofort IBAN DE46940594210000012345 BIC TESTDETT421 ID / PIN sepatest1 / 12345 NR / TAN MAS_Test / 123456 |
Hidden Mandate Accept IBAN DE00123456782599100004 BIC TESTTEST | |
Hidden Mandate Denied - Invalid BIC IBAN DE00123456782599100004 BIC TESTTESX |
VISA Verified by Visa Card number 4012 0010 3714 1112 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | Visa 3D |
VISA CH Card number 4111 1111 1111 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa CH |
VISA DE Card number 4111 1310 1011 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa DE |
VISA AT Card number 4111 1210 1111 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa AT |
MasterCard MasterCard SecureCode Card number 5453 0100 0008 0200 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | Mastercard 3D |
Mastercard Card number 5500 0000 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Mastercard |
American Express Card number 340 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 1234 | American Express |
JCB JCB J/Secure Card number 3528 4501 3100 3315 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | JCB 3D |
JCB Card number 3088 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | JCB |
Maestro Card number 5000 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Maestro |
Carte Bleue Card number 4973 0100 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Carte Bleue |
Diners Club Card number 30 0000 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Diners Club |
Discover Card number 6011 1111 1111 1117 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Discover Card |
Mastercard Card number 5500 0000 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Mastercard |
MasterCard MasterCard SecureCode Card number 5453 0100 0008 0200 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | Mastercard 3D |
VISA CH Card number 4111 1111 1111 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa CH |
VISA DE Card number 4111 1310 1011 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa DE |
VISA AT Card number 4111 1210 1111 1111 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Visa AT |
VISA Verified by Visa Card number 4012 0010 3714 1112 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | Visa 3D |
American Express Card number 340 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 1234 | American Express |
Diners Club Card number 30 0000 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Diners Club |
Discover Card number 6011 1111 1111 1117 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Discover Card |
Carte Bleue Card number 4973 0100 0000 0004 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Carte Bleue |
JCB Card number 3088 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | JCB |
JCB JCB J/Secure Card number 3528 4501 3100 3315 Expiry Date: 12/2020 Name Hans Muster CVC: 123 3-D Secure Password 12345 | JCB 3D |
Maestro Card number 5000 0000 0000 0009 Expiry Date: 12/2020 Name Hans Muster CVC: 123 | Maestro |
9Errors and their Solutions
You can find detailed information under http://www.sellxed.com/en/faq. Should you not be able to solve your problem with the provided information, please contact us directly under: http://www.sellxed.com/en/support
9.1The Referrer URL appears in my Analytics Tool
When a customer and the notification are redirected via Header Redirection, the PAYONE Referrer URL might appear in your Analytics Tool thus hiding the original traffic source. However, most Analytic Tools are able to minimize this problem.
In case you are using Google Analytics as reporting tool, this step by step guide may help you to exclude the URLs: under bullet point 4.
10Error Logging
The module will log different unexpected errors or information depending on the configured level. If there is any issue with the module, this log can help identify the cause.
10.1Log Levels
You can configure the log level in the PAYONE settings.
- Error: Logs unexpected errors only. (Default)
- Info: Logs extended information.
- Debug: Logs information helpful for debugging.
10.2Log Location
The log file is stored in the xt:Commerce log directory. Please make sure the path exists and it is writable by the webserver. (Default Path: {shopRootDirectory}/xtLogs/)
11Advanced Information
This section of the manual is for advanced usage of the module. The content is for advanced users with special requirements. Everything in this section is optional and not required for the daily usage of the module.
11.1Transaction Object
This section describes how to extract information from a transaction, if you need it for further processing. E.g. you require more information of the transaction for further processing an order in your ERP system.
The code snippets in this section assume your script resides in the root folder of the shop with the default shop folder structure.
$root_dir = dirname(__FILE__).'/';
define('_VALID_CALL','true');
define('_SRV_WEBROOT',$root_dir);
include _SRV_WEBROOT.'conf/debug.php';
include _SRV_WEBROOT.'conf/config.php';
include _SRV_WEBROOT.'conf/database.php';
include _SRV_WEBROOT.'conf/paths.php';
include _SRV_WEBROOT._SRV_WEB_FRAMEWORK.'function_handler.php';
include _SRV_WEBROOT._SRV_WEB_FRAMEWORK.'database_handler.php';
require_once 'plugins/payonecw/init.php'; require_once 'plugins/payonecw/lib/PayoneCw/Util.php';
$transactionById = PayoneCw_Entity_Util::loadTransaction($transactionId); $transactionObject = $transactionById->getTransactionObject();
