I am looking to develop a centralized payment system to handle the payments from all my sites. the system needs to be integrated into the Barclays MPI system.
Design Brief (Payment System)
Purpose of the system
The purpose of this system is to have a centralized location to collect payments from my group of websites.
How the system should work (To add a site)
1. The administrator logs on to the secure payment administration panel.
2. The admin then adds a site he does this by entering the following variables Site Name, Currency, http Refer, Response URL.
3. Once the above details have been submitted, the admin is given a SITE ID and a payment link.
How the system should work (integration)
1. The admin wants to collect payments from site A so he integrates the link given in step 3 (To add a site) to his website, when the customer is forwarded to the link the following variables are sent via POST to the script, SITE ID, AMOUNT, REF,
2. The customer enters there details on the payment page, the details are then encrypted and sent to the Bank, if the Bank responds with “Approved” the script needs to send a response to the RESPONSE URL given in Step 2 (To add a site).
3. If the payment is DECLINED the page needs to show declined and ask for another form of payment.
What it needs to do
1. The site needs to record each individual transaction, and allow the admin to view it.
2. The site needs to display total amount of money taken today and total amount per site
3. The site needs to allow the admin to add notes onto individual tranasactions.
I have updated the demo at [url removed, login to view] and this should give you an idea of how i want it.
I have also attached the integration guide which was sent by the bank. Also the integration tech can be found on this site: [url removed, login to view]
Username = nextstep
Password = welcome
The ePDQ MPI ( Merchant Payment Interface ) is a solution for processing internet payments through a server external to the secure Barclaycard ePDQ environment.
Typically this solution will be integrated on a secure server supplied by the merchant in an environment which adheres to Visa and MasterCard’s Payment Security standards, and also operates in line with any other acts or standards covering the acceptance of credit card and customer information across the internet. Defining and supplying this security would be the responsibility of the merchant.
The MPI is generally used in situations where the look or functionality of the CPI is unsuitable, or when the merchant requires a solution to be integrated into an offline database – for example, airline ticket allocation software – to generate automated transactions. The MPI is also used in situations where the merchant needs to store the customer’s credit card number.
A standard integration would involve the following steps:
1. Once the customer has decided to buy, your website/shopping cart will redirect them to your final ‘Checkout’ page.
2. This page collects all customer and credit card data and sends it to a server side script/application developed by the merchant.
3. This server side script/application will either make calls to the supplied C++ library / Java Class files and use the Clear Commerce supplied API to generate the transaction request ‘packets’, or will generate XML transaction ‘packets’ using standard web scripting processes.
4. The card and customer data is sent via SSL directly into the ePDQ engine for the specified transaction type to be performed
5. The transaction is processed by the ePDQ server. The transaction status result ( Success, Declined, etc. ) is sent back to the merchant’s application within the same Post request – either as XML or in a format recognised by the Clear Commerce API.
The integration of the MPI solution requires extensive web programming and web security knowledge to implement successfully. Responsibility for the security of all data will rest with the merchant.
Included with the MPI are the necessary C++ libraries/Java classes, full integration documentation covering all available functions on the ePDQ system, and an overview of the XML version. The web pages collecting the card data, and the application for creating the transaction requests must be provided by the merchant or their developer.
All updates to the MPI integration will need to be performed by the merchant, including the addition of Internet Authentication, and any alterations driven by modifications to the ePDQ product itself. A Software Developers Kit ( SDK ) exists for the purpose of adding the Verified by Visa and MasterCard SecureCode authentication systems.
Please note, the MPI is not our preferred solution for integration. In order to utilise the MPI solution the merchant will need to complete an Internet Security Proforma to disclaim responsibility for the security of the card data away from Barclaycard Business