1. Disclaimer

Copyright © 2016 Viveum .

All trademarks, service marks and trade names referenced in this material are the property of their respective owners. The information contained herein is provided as a courtesy and is for general informational purposes only. This information is not intended to be a complete description of all applicable rules, policies and procedures. The matters referenced are subject to change from time to time, and individual circumstances may vary.

Viveum shall not be responsible for any inaccurate or incomplete information. The information contained herein includes, among other things, a compilation of information received from third parties, and any such information is and shall remain the property of its respective owner. Nothing contained in this presentation is intended to supplement, amend or modify any applicable contract, rule or regulation.

Viveum has given extensive attention to the content of this information but makes no warranties or representations about the accuracy or completeness of it. Neither Viveum nor any of its affiliates shall be liable for any costs, losses and/or damages arising out of access to or use of any content of this document. Because of the complexity of the process and the right of Banks to alter conditions, this document can only serve as a description and is subject to further modifications.

The Extension referred to in this document was developed as a generic solution. Viveum shall not be responsible for any damages that are caused by the extension. In the event that the Extension is modified by a user in any way Viveum shall not be responsible for any damages that are caused by the modified Extension. The description of the Extension in this document is provided for convenience purposes only, and Viveum makes no warranties or representations about the use or operation of the Extension. Neither Viveum nor any of its affiliates shall be liable for any costs, losses and/or damages arising out of access to or use of the extension.

2. Installing Magento ®


2.1 Requirements

  • PHP 5.4+
  • An active Viveum account
  • The supported Magento ® Community and Enterprise Edition versions can be retrieved from the "Official Viveum Extension" page

2.2 Installing Magento 1.7 and above

  1. Download the tgz file.
  2. Click the "Install" button and copy the installation key.
  3. The installation proceeds and after a while the message "Package ... installed successfully" is displayed in the console window.

3. Configuration

3.1 Viveum back office

Login to your Viveum back office to enter the following settings.

3.1.1 Option activation requirements

Depending on the Viveum subscription you have selected it might be necessary to activate additional mandatory options in your Viveum account.

These options are:

Please check if these options are activated by default. If this is not the case please contact our Sales team for activation.

The Magento ® Viveum extension classic.brandname-offered-by might not work in conjunction with other extensions. To avoid malfunction we recommend to disable any other additional extension in Magento ®.

3.1.2 User management

The shop needs a separate API-User to communicate with Viveum.

Create the API-User:

  1. Go to "Configuration > Users".
  2. Select "New User".
  3. Select a USERID (for example APIUSER).
  4. Fill in the name and an existing email address (the field "External USERID" can be left empty).
  5. Select the profile "Administrator".
  6. Select the Access Type "API only".
  7. Write down the USERID and the password which you have created.

    Note: the USERID and the password may not contain any special characters.

3.1.3 Technical information

Configure the technical information in the Viveum back office:

  1. Go to "Configuration > Technical Information > Global Transactionparameters".
  2. In the "Default operation code" section; select "Sale" or "Authorisation".
  3. In the "Payment retry" section; change the value if you want to.
  4. Click the "Save" button.
  5. Select the "Global security parameters" tab.
  6. In the "Hashing method" section; select "SHA-512" for "Hash algorithm" and "UTF-8" for "Character encoding".
  7. In the "Template" section; select "No" for "Enable JavaScript check on template".
  8. Click the "Save" button.
  9. Select the "Data and origin verification" tab.
  10. In both the "Checks for e-Commerce & Alias Gateway" and "Checks for Viveum DirectLink and Viveum Batch (Automatic)" sections; fill in the "SHA-IN pass phrase". Both keys have to be alphanumeric only and both keys must have the same value.
  11. Select the "Transaction feedback" tab.
  12. In the "e-Commerce" section in the "HTTP redirection in the browser" subsection; select "I would like to receive transaction feedback parameters on the redirection URLs" and deselect "I would like Viveum to display a short text to the customer on the secure payment page if a redirection to my website is detected ...".
  13. In the "e-Commerce" section in the "Direct HTTP server-to-server request" subsection ...
    1. Select "Online but switch to a deferred request when the online requests fail"
    2. Fill in the value "YOUR_SHOP_URL/ops/api/postBack" in both fields for "URL of the merchant's post-payment page".
    3. Select "POST" as "Request method".
  14. In the "e-Commerce" section in the "Dynamic e-Commerce parameters" subsection; select all available parameters except "ECOM_BILLTO" and "ECOM_SHIPTO" since these can easily result in transmission errors.
  15. In the "All transaction submission modes" section; fill in the "SHA-OUT pass phrase". The SHA-OUT pass phrase must be identical to the previously entered
    SHA-IN pass phrase
    .
  16. In the "HTTP request for status changes"; select "For each offline status change (payment, cancellation, etc.)." and fill in the value "YOUR_SHOP_URL/ops/api/directLinkPostBack".
  17. Click the "Save" button.
  18. Select the "Transaction e-mails" tab.
  19. In the "E-mails to the merchant" section; perform the following optional actions ...
    1. Fill in you email address.
    2. Select "Yes, for all transaction submission modes."
    3. Select "Yes, for each offline status change (payment, cancellation, etc.)."
  20. Select the "Test info" tab.
  21. In the "Test info" section; select "I would like to simulate transaction results based on the card number.".

3.2 Magento ®

3.2.1 Payment services

Perform the following steps after the installation of the extension:

  1. Log on to your Magento ® back office.
  2. Go to "System > Configuration > Sales > Payment services". The option “Viveum Account” will be available.
  3. Select the option and fill in the following information:
Setting Description
PSPID Fill in the PSPID of your Viveum account.
SHA-IN Pass phrase Fill in the SHA-IN passphrase that you have setup in your Viveum back office at "Technical information > Data and origin verification".
SHA-OUT Pass phrase Fill in the SHA-OUT passphrase that you have setup in your Viveum back office at "Technical information > Transaction feedback".
Environment Choose the Viveum environment which you want to connect with: Test or Production.
Alternatively, you can select the "Custom" option, which allows you to fill out a URL of your own choice.
API User / API Password Fill in the API details that you have created in your Viveum back office.
Payment template When you select Magento ® - Interal shop template, the payment page will be in the same layout as your shop. When you select one of the Viveum options, all the fields that follow with reference to the Viveum template are then mandatory to fill in.
  • Viveum - Dynamic template: The customer is redirected to the Viveum payment page. The look and feel of that page is defined by a dynamically loaded template file which can be defined with the "Template Identifier/URL" directly below.
  • Viveum - iFrame mode: The customer has to enter the payment details on a page in your shop that hosts the Viveum payment page in an iFrame. You can configure the style parameters directly below.
  • Viveum - Redirect mode: The customer is redirected to Viveum to enter his payment details. You can configure the style parameters directly below.
  • Magento ® - Internal shop template: The customer is redirected to the Viveum payment page with the look and feel of your shop. The URL of the template used is displayed directly below.
Order reference in case of
redirect (or inline) payments
With this option can be specified if the Orders increment ID or the Quote ID should be transferred as a payment reference for the orders to Viveum. The Order ID is the number in format 100000001, which is listed in the backend order grid in column "Order #". In case the "Order ID" is selected this number will be transferred during the payment process to Viveum.

Because of compatibility reasons a hash sign is added before the Order (increment) ID. If "Quote ID" is selected this number will be transferred to Viveum. The Quote ID is also the only mode for all inline payment methods like credit card (if activated), direct debit and Kwixo.
Show Quote ID in the order
grid
If activated the Quote ID will be added as a column in the backend order grid.
Device ID
Enables the tracking of the customer for fraud detection purposes
Submit extra parameters
If activated additional parameters are transmitted to Viveum in order to make use of fraud detection or the Paypal Seller protection.
Resend payment information identity / template You can send an email to your customers if their payment has failed at Viveum (status 0 or 2). The mail contains a link to the Viveum payment page, where the customer has the option to re-enter his payment details in order to recover the order.
  • Resend payment information Identity: Select the contact by whom the email should be sent (linked to "Store Email Addresses")
  • Resend payment information Template: Select the email template of your choice
Debug When this option is selected, all requests and answers from Viveum will be checked. We recommend you to only activate this option when you are in test mode and not in production mode. The debug file is stored on the fileserver in /Var/Logs/ops.log

Note: At "System > Configuration > General > Web > URL options", we advise to disable the option "Add store code to URL's" since this can introduce incorrect behavior of the extension.

3.2.2 Payment methods

Configure your payment methods via System > Configuration > Payment Methods.

Note that you should only activate payment methods that are activated in your Viveum back office via "Configuration > Payment methods > Selected payment methods".

You can configure the applicable countries for each payment types. For example: if the Netherlands is selected as the invoicing country for iDeal, it will not appear under a different invoicing country.

To activate and make further changes please contact our Customer Care department via office@viveum.at.

3.2.3 Open invoice payment method

Enable the following additional settings at "System > Configuration > Customer Configuration > Name and address options":

  • Display Birthday
  • Display VAT number (only applicable for Open Invoice NL)
  • Display Gender

Note: If you use Afterpay as acquirer on our side, it is not possible to perform partial captures with Open Invoice NL).

When you activate Open Invoice AT via Klarna, the following prerequisites should apply:

  1. The “Title” must be set to “Kauf auf Rechnung - zahlen in 14 Tagen”.
  2. The logo must be uploaded and made available on https://developers.klarna.com/en/at+php/kpm/logos.
  3. The data encoding must be set to “other” as the current integration does not support UTF-8 encoding.
  4. The “Invoice terms title” must be set to “Rechnungsbedingungen”.
  5. The “Invoice terms url” must be set to https://cdn.klarna.com/1.0/shared/content/legal/terms/123/de_at/invoice?fee=0#
  6. A partial capture or partial refund via Magento is not possible. These actions can only be executed via the Viveum Back-Office.
  7. Magento should not send invoice on capture/refund to the consumers, Klarna will send the invoice. During the capture/refund, the setting “Email Copy of Invoice” should be unchecked.

3.2.4 Intersolve payment method

You can add several brands, which are related to specific Viveum payment methods.

These brands have to be configured in advance in the Viveum back office before they can be used in your shop. You can assign a customised "Title" to each "Brand" which is shown to the customer at the checkout page.

Intersolve

3.2.5 Credit card with Alias Manager payment method

The Alias Manager refers to the Viveum Alias Manager.

Configuration:

Setting Description
Enabled Alias Manager If enabled your customer has the option to save his credit card payment information and to reuse the saved information for future payments. This information can only be saved for cards that support online payments.
Show Alias Manager information for guests If enabled a hint informs your guest customers about the advantages of saving credit card details, since this is only available to customers who are logged in.

Credit Card with Alias Manager

For a correct usage of this feature, you need to execute periodically the cron.php which is located in the Magento ®'s root directory. On a Unix or Linux based System you have to add one of the following entries to your crontab:
  • */5 * * * * /bin/sh /absolute/path/to/magento/cron.sh
  • 0,5,10,15,20,25,30,35,40,45,50,55 * * * * /bin/sh /absolute/path/to/magento/cron.sh

For further details on the usage, go to Credit card with Alias Manager.

3.2.6 Paypal with seller protection payment method

Configure the following settings:

Setting Description
Configuration > General > State options > State is required for Select the countries for which the state is mandatory according to the requirements of the Paypal's seller protection.
Configuration > Payment Services > Viveum account > Submit extra parameters Set to 'Yes' to transmit the necessary parameters to Viveum.

3.2.7 Device fingerprinting

This feature allows the extension to fingerprint customer devices for Viveum to collect and hash data (such as screen resolution, user agent, etc.) into a key. There are legal caveats in some European countries thus customers should be consented on the collection of these data.
The device fingerprinting can be activated/disable per transaction. This is indicated by a special parameter for e-Commerce transactions. For DirectLink transactions, information will have to be collected by tracking pixels on the site.

Integration via JavaScript Hook

The extension provides a JavaScript function to handle customer's consent in the checkout. Customers can also add the file
(js/netresearch/ops/deviceFingerprinting.js) to other parts of the shop to have access to the
functions described below. This can be done via the following code:
consentHandler.toggleConsent( consent , callback );
Consent: Boolean and the target state of consent that should be saved in the customer session.
Callback: An optional function that should get called with the saved consent after it has
been saved.
The consent handler also has a function of retrieving the current consent status via
consentHandler.getConsent (callback)
As with the other function the callback will be called with the result of the request (the current state of consent).

Integration via custom call to provided Controller

Consent can also be indicated by calling a controller directly on the following url:
http://www.yourshop.tld/ops/device/toggleConsent
The parameter "consent" is expected for the request. It will get casted to boolean and saved to
the customer's session. As response of the current consent state as JSON will be for example:

{"consent":false}

A current state of consent can be viewed here: http://www.yourshop.tld/ops/device/consent
The pre-built JavaScript functions call these urls.

4. Usage

4.1 General

The extension works like most Magento ® extensions. If you have selected to process credit cards, they will be processed via the Magento ® platform. However, when 3D Secure is activated, the cardholders will be redirected to the Viveum payment page.

This is also applicable for any other payment method where the account holder’s details need to be confirmed by the issuer. When the transaction is processed, you can see the transaction in your Magento ® back office via "Sales > Orders".

4.1.1 InterSolve payment method

While configuring in Magento ®, you can define several brands, which can be selected by the customer during the checkout process. The selected brand will be transmitted to Viveum.

If only one brand is defined, the customer can't select a brand but it is directly displayed and it will be immediately transmitted to Viveum.

4.1.2 Credit card with Alias Manager payment method

When using the payment method "credit card" and the activated feature Alias Manager, a logged in customer gets his stored credit card information shown, if he saved it previously.

If the customer is not logged in a hint is displayed that informs the customer about the possibility to store his credit card data for reuse.

If the customer clicks the link in the hint text, he will be directed to the "checkout method" step and the "register" option will be selected.

The selection of the displayed payment information depends on billing address and shipping address in order to prevent abuse.

If your customer wants to save his payment information, he has to select that option in the credit card payment screen.

If saved credit card data is available, the form on the credit card payment screen will be pre-filled and the input fields will be greyed out.

If the customer wants to update his saved credit card data, the customer has to:

  1. Click in one of the greyed out input fields. As a result all input fields will be cleared.
  2. Enter the new credit card data.
  3. Select the "Save payment information" option. If it's not checked the new payment information will be used for the payment but it's not stored and the old payment information is still available for further use.

If you want to view and/or delete the customer his payment information, you have to:

  • In the Viveum back office, go to "payment information" and execute the specific action.
  • In Magento ®:
    1. Go to "customers > manage customers".
    2. Click on the row of the customer.
    3. Select "Payment information".
    4. Execute the specific action.

4.1.3 Direct Debit payment method

You can use the direct debit payment method for Austria, Germany and the Netherlands which allows you customer to use his account data for payments.

Overview of the features:

Origin of the direct debit payment method German Austrian Dutch
Customer has to insert account number (Kontonummer, rekeningnummer)
X X X
Customer has to insert bank code (BLZ)
X X
Customer can insert IBAN
X X
Customer can insert BIC X X

Note: if the customer inserts both IBAN and BIC, and the according account data then both IBAN and BIC is used for processing the payment.

You can also use the direct debit payment method for so called MOTO transactions in Magento ®. This means that you accept and insert manually Mail Order/Telephone Order transactions and the behavior will be the same as described above.

4.2 Shipment receipt

The creation of a shipment receipt is made without a connection to the payment service and therefore behaves like Magento ®-Standard.

4.3 Cancellations

In case the authorisation was successful, you have the "Void" button at your disposal in the Magento ® "order view" (at "Sales > Orders" and click your order). You have to cancel by using this "Void" button instead of the "Cancel" button (because of gateway workflow reasons).

If the cancellation is successfully processed by Viveum, it can be necessary in some Magento ®-versions that you click the "Cancel" button in order to set the correct cancel status in Magento ®.

In case the order has the "Pending Payment" state and the Viveum-state "0" or "empty", you can cancel the order by using the "Cancel" button:

  • No gateway request is sent to Viveum.
  • The stock is increased again.
Check beforehand the payment status in the Viveum back-office otherwise you won't be able anymore to update the status in Magento ®.

4.4 Invoicing

Whether you have chosen "Authorization" as "Payment Action" in the Magento ® configuration, you have always to create an invoice for credit cart payment methods to trigger the capture process by Viveum.

To create an invoice:

  1. Go to the Magento ® "Order view" (at "Sales > Orders" and click order).
  2. Click on the "Invoice" button.
  3. Choose "Capture Online" as amount.
  4. Click the "Submit Invoice" button.

4.5 Refunds / Credit Memo

To create a refund:

  1. Go to Sales > Invoices.
  2. Click the invoice to refund.
  3. Click on the "Credit Memo" button.
  4. Adjust the amount to refund.
  5. If you want, select the option "Close Viveum transaction".
  6. Click the "Refund" button to confirm. Do not click the "Refund Offline" button!
  7. Repeat this procedure until the Viveum transaction is closed. That means either the complete amount is already refunded or you have selected the "Close the Viveum transaction" option. In the last case only offline refunds are available.

Depending of the payment method, the refund will be executed immediately or after a delay by Viveum.

The "Credit Memo" button at "Order view" only creates an internal refund and triggers no refund action by Viveum.

For some payment methods (e.g. iDEAL), you have to enable refunds in your Viveum account.

4.6 Additional information

To get additional payment related information about the order:

  1. Go to "Order view" at "Sales > Orders".
  2. Select "Information".
  3. Check the “Payment Information” section. The information includes:
    • Payment method type (e.g. VISA credit card)
    • Payment ID
    • Recent payment status
    • Currency
  4. Check the "Comments History" section. This section contains the history of the payment status changes. This information can help you to verify that a credit card authorisation has changed due to a payment capture.

4.7 Trigger payments in Magento ®

In the context of Viveum MOTO (Mail Order/Telephone Order) eTerminal transactions, some payment methods are available for order creation in Magento ®.

You can't use redirect payment methods, since they are not allowed. Also 3D secure ("Verified by VISA", "MasterCard Secure Code") you can't use.

To enable credit card and/or direct debit payment methods for MOTO eTerminal transactions, you have to put the "Enable for backend" option on "YES" at "System > Configuration > Payment methods > Select credit card and/or direct debit payment method".

Immediately after you've inserted the order, Magento ® sends already some data to the shop. So you could have the impression that you have to click twice on the "Order submit" button.

You can also email a link of the payment page where the payment can be completed. To support this functionality, you need to activate this option via System -> Configuration -> Payment Methods -> PayPerMail.

4.7.1 Payment using existing Viveum transaction

With this payment method, which is only available in Magento ® and not in your shop, you can enter directly the PAY ID of an existing Viveum transaction.

In that case no request is triggered to Viveum and you will have to execute manually all state changes.

5. Notes

5.1 General

The following statuses can appear in Magento ®:

  • No credits in Viveum back office: This means that you can only send your credit requests via Magento ®.
  • 3D-Secure (MasterCard, SecureCode and Verified by Visa) must be activated: This means that your Viveum account must accept 3D-Secure.

5.2 Multistore

You can use the extension in Magento ® Multistores with:

  • multiple websites
  • multiple stores
  • multiple domains
  • multiple Viveum accounts

In order to use multiple Viveum accounts, you have to follow the steps mentioned in Viveum back office and Magento for each Viveum account and website or store.

Most important is that you setup correctly the response urls in the Viveum back office:

  1. Go to "Configuration > Technical information > Transaction feedback".
  2. Configure the following fields:
    • Direct HTTP server-to-server request
    • HTTP request for status changes.

The correct configuration of these urls is clarified with the following examples.

5.2.1 Example: store code in url using the same Viveum account

The Multistore consists of two stores which are assigned to the same website. The example is also valid in case both stores were assigned to different websites:

  • Store A operates under http://www.my-shop.com/shopa/
  • Store B operates under http://www.my-shop.com/shopb/

The correct configuration in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop.com/shopa/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop.com/shopa/ops/api/directLinkPostBack

The feedback will be processed correctly for store B, also if the response is send only to the url of store A.

5.2.2 Example: different domains and different Viveum accounts

The multistore consists of two stores which are assigned to different websites and uses two different Viveum accounts:

  • Store A operates under http://www.my-shop-a.com/
  • Store B operates under http://www.my-shop-b.com/

The correct configuration for Store A in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop-a.com/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop-a.com/ops/api/directLinkPostBack

The correct configuration for Store B in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop-b.com/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop-b.com/ops/api/directLinkPostBack

5.2.3 Example: different domains using the same Viveum account

The multistore consists of two stores which are assigned to different websites and the same Viveum account:

  • Store A operates under http://www.my-shop-a.com/
  • Store B operates under http://www.my-shop-b.com/

The correct configuration for both stores in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop-a.com/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop-a.com/ops/api/directLinkPostBack

You also have to configure Magento ®'s base url for Store B:

  1. Go to "System > Configuration > General > Web".
  2. Insert "http://www.my-shop-b.com/" in the "Base URL" and "Base Link URL" fields in the "Unsecure" section. Use/keep the default value for the other fields of the "Unsecure" section.
  3. Insert "https://www.my-shop-b.com/" in the "Base URL" and "Base Link URL" fields in the "Secure" section. Use/keep the default value for the other fields of the "Secure" section.

5.2.4 Example: store code in url using different Viveum accounts

The multistore consists of two stores which are assigned to the same website and uses two different Viveum accounts. The example is also valid in case both stores were assigned to different websites:

  • Store A operates under http://www.my-shop-a.com/
  • Store B operates under http://www.my-shop-b.com/

The correct configuration for Store A in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop-a.com/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop-a.com/ops/api/directLinkPostBack

The correct configuration for Store B in the Viveum back office is the following:

  • Direct HTTP server-to-server request: http://www.my-shop-b.com/ops/api/postBack
  • HTTP request for status changes: http://www.my-shop-b.com/ops/api/directLinkPostBack

6. Payment workflow

Payment workflow between the Magento ® Extension and your Payment Service Provider