Detailed Description of Parameters

Request Parameters

Required Parameters

amount

The amount parameter defines the payment amount which is to be done by the consumer of the online shop.

Thousand separators are not permitted.

The maximum number of decimal places depends on the selected currency within the currency parameter:

Currency Decimal places

Euro

Maximum of 2 decimal places (100 Cent = 1 Euro).

US Dollar

Maximum of 2 decimal places (100 Cent = 1 US$).

Yen

No decimal places allowed.

Libyan Dinar

Maximum of 3 decimal places (1000 Dirham = 1 Dinar).

cancelUrl

cancelUrl has to contain the URL of the page where the consumer is forwarded when the payment process is canceled. The consumer should be informed about the cancellation of the payment process and offered possibilities to retry the payment attempt or get in contact with the merchant.

cssUrl

cssUrl contains an URL to a CSS file stored on the server and accessible from the Internet. The CSS file is used to adjust the responsive design of QMORE Checkout Seamless and QPAY Checkout Page.

currency

The currency parameter defines the currency used in the payment.

By default, only EUR is enabled as currency. If additional currencies are required contact our sales team.
Table 1. List of Currencies Based on the ISO 4217
Alphabetic value Numeric value Currency

CHF

756

Swiss Franc

CZK

203

Czech Koruna

EUR

978

Euro

GBP

826

Pound Sterling

HUF

348

Hungarian Forint

PLN

985

Polish Zloty

USD

840

US Dollar
Not all available payment methods support all currencies.

customerId

The customerId parameter represents the unique ID of the merchant using the QENTA Checkout Server.

For demo and test mode use the relevant demo and test data.

For production mode, the customerId, as well as a secret, will be provided by our integration specialists.

failureUrl

The failureUrl parameter defines the URL of the online shop where the consumer is forwarded when the payment process has failed for any reason. On this page, the possibility to retry the payment or get in contact with support team.

language

The language parameter defines the language used for all messages of the QPAY Checkout Page and QMORE Checkout Seamless that are displayed to the consumer of the online shop.

By default, only English and German languages are activated. If the selected language is not supported by the respective financial service provider, the financial service provider decides which language is displayed to the consumer.
Table 2. Currently Available Languages
Value Language

ar

Arabian

bs

Bosnian

bg

Bulgarian

zh

Chinese

hr

Croatian

cs

Czech

da

Danish

nl

Dutch

en

English

et

Estonian

fi

Finnish

fr

French

de

German

el

Greek

he

Hebrew

hi

Hindi

hu

Hungarian

it

Italian

ja

Japanese

ko

Korean

lv

Latvian

lt

Lithuanian

mk

Macedonian

no

Norwegian

pl

Polish

pt

Portuguese

ro

Romanian

ru

Russian

sr

Serbian

sk

Slovakian

sl

Slovenian

es

Spanish

sv

Swedish

tr

Turkish

uk

Ukrainian

merchantTokenizationFlag

The merchantTokenizationFlag parameter can be used to set the recurring flaggings for specific orders. To save the consumer’s card details for later use, the aforementioned parameter must be set to TRUE.

orderDescription

The orderDescription parameter is a description of what the consumer paid for, e.g. a text cross-referencing the order made in the online shop.

This text is not transmitted to any financial service provider and is therefore NEVER displayed on any consumer’s invoice or statement. The text is displayed in the QPC Payment Center.

If the optional request parameter displayText is not used the orderDescription text will also be visible as consumer information in QPAY Checkout Page.

The value of orderDescription must not contain any special characters or line breaks. Including such characters causes the fingerprint computation to fail and the error message "Invalid fingerprint!" is displayed.

paymentType

The paymentType parameter is the name of the payment method the user selected in the online shop.

To use a payment method, it must be purchased by the merchant and enabled by QENTA. If additional payment methods are required, contact our sales team.
Value of paymentType parameter Payment method

SELECT

The consumer may select one of the activated payment methods directly in QPAY Checkout Page.

AFTERPAY

Riverty

CCARD

Credit Card, Maestro SecureCode

CCARD-MOTO

Credit Card-Mail Order and Telephone Order

CIRCLEK

Circle K

CVSPHARMACY

CVS

DOLLARGENERAL

Dollar General

EPS

EPS

GOOGLEPAY

GooglePay

OPENBUCKSCARD

oBucks

IDL

iDeal

INVOICE

Invoice: Payolution

KLARNA

Klarna

PRZELEWY24

Przelewy24

PAYPAL

PayPal

PSC

Paysafecard

PAGOEFECTIVO

PagoEfectivo

SEPA-DD

SEPA

SOFORTUEBERWEISUNG

Sofort

SAFETYPAY

Safetypay

CLICKTOPAY

Visa Click to Pay

periodicType

The periodicType parameter defines the periodic type of initial and recurring payments.

periodicType value Description

ucof

For unscheduled recurring payments with different amounts.

recurring

For recurring payments like subscriptions with the same interval and same amount.

returnUrl

returnUrl is used for browsers that are not capable of fully supporting CORS (Cross Origin Resource Sharing). In that case, the communication between the HTML page and the QENTA Checkout Server will be done within an iframe where the anonymized payment data are returned to JavaScript objects.

requestFingerprint

The requestFingerprint parameter contains the computed fingerprint based on the values of parameters defined in the requestFingerprintOrder parameter. This method is used for security reasons to verify the parameters the online shop sends to the QENTA Checkout Server.

At least one of the parameters used for computing the fingerprint needs to be unique to each order to prevent sending the same hash-value!

To authenticate, all requests to the QENTA Checkout Server need to contain the aforementioned requestFingerprint. To generate the said fingerprint, the HMAC-SHA-512 construction is used by combining the cryptographic hash function SHA-512 with the secret as the cryptographic key to hash the concatenated request parameter values in the order defined in the requestFingerprintOrder.

requestFingerprintOrder

The parameter requestFingerprintOrder needs to contain a comma-separated list of all parameter names, the values of which – and in that exact order — are used to create the fingerprint.

The parameter names in the requestFingerprintOrder parameter may be listed in any order, but this exact ordering must be used for the respective parameter values when calculating the fingerprint accordingly, e.g.

customerId,amount,currency,language,orderDescription,successUrl,requestFingerprintOrder,secret

serviceUrl

The serviceUrl parameter is used to define the URL of a web page in an online shop which informs the consumer about the different possibilities to get in contact with the merchant.

Do not use this URL to link to the shopping basket of the consumer!

If the optional parameter imageUrl is not included, the serviceUrl is not used in the QPAY Checkout Page and the consumer has no possibility to access the service page in the online shop during the payment process.

The serviceURL has to be accessible over the internet via port 80 or port 443 and may not be hosted on a local server that can’t be accessed by the QENTA Checkout Server.

successUrl

The successUrl parameter defines the URL of the online shop where the consumer is forwarded when the payment process has been completed.

Optional Parameters

additionalMerchantData

additionalMerchantData

The additionalMerchantData is a parameter that contains specific data requrired by some acquirer.

allowedCardNetworks

The allowedCardNetworks parameter handles the useable credit card brands for Google Pay. If the parmeter is not set, all active brands on the customerID will be available.

Limit to Amex and Visa only: allowedCardNetworks=AMEX,VISA

autoDeposit

The autoDeposit parameter enables an automatic deposit and day-end closing of payments. After a consumer has completed payment in online shop, the payment is only approved and not yet deposited.

Not deposited (uncaptured) approvals will expire after 7-14 calendar days. The exact deadline depends on the regulations provided by each financial service provider. After exceeding the individual deadline these payments can no longer be submitted or received. Contact our sales team to activate this feature.

backgroundColor

The backgroundColor parameter defines background color for the HTML pages in the custom CSS for QPAY Checkout Page and value is hex-coded RGB e.g. f0f0f0.

Background color for the brand image that contains the credit card logos can be set.

confirmMail

The confirmMail parameter defines one e-mail address of the merchant for receiving payment details regarding the orders of consumers in the online shop. This e-mail may contain information about payment state, order number, payment method, payment amount and payment currency.

QENTA can activate one of the two options:

  • QENTA will send the confirmation to the confirmMail only if the confirmUrl is not available.

  • QENTA will always send the confirmation to the confirmMail in any case.

Contact sales team to activate the feature.
Table 3. Payment States of the Payment Process

SUCCESS

The payment has been successfully finished by the consumer.

CANCEL

The payment process has been canceled by the consumer and has not been successfully finished.

FAILURE

A problem occurred during the payment process and the payment has not been successfully finished.

PENDING

The payment is in progress. The merchant can’t be informed about the success or failure of the payment.

confirmUrl

The confirmUrl defines the URL of online shop that is used by QENTA Checkout Server to send the result of the payment process back.

  • For QPAY Checkout Page confirmUrl is optional because the same parameters and values are posted to successUrl, failureUrl, cancelUrl or pendingUrl.

  • For QMORE Checkout Seamless confirmUrl is required because no return parameters are sent to the successUrl.

Use the confirmUrl to save the result of each payment process in the database for later use. Additionally, if consumer does not receive the page of the successUrl, the confirmUrl informs about the result of the payment process anyway.

The URL has to be accessible over the Internet via port 80 (HTTP) or port 443 (HTTPS) and may not be hosted on a local server that can’t be accessed by the QENTA Checkout Server via the Internet. Also, ensure that firewall configurations allow receiving the confirmation sent via 212.183.46.16/28. For HTTPS communication only TLS can be used, older protocols are not supported.

Confirmation redelivery attempts

QENTA does not verify whether or not the confirmation was successfully received by the web server. Redelivery attempts can be enabled by our integration specialists, they will set the intervals for redelivery attempts according to the requirements. The intervals are set in minutes, the minimum is one minute, or hours, and the maximum is 99 hours. During times of high load on the QENTA Checkout Server, a redelivery attempt may start a bit delayed, however, it will never start before the defined interval. To use this feature, the request parameter confirmUrl has to be sent. Optionally the request parameter confirmMail can be used to send confirmation e-mails individually per transaction.

If the confirmation was successfully received, the response will be OK; otherwise, the response will be NOK and a message which specifies the error. Use one of the following three possibilities to configure the response parameters.

The following content is possible for HTML comments and plain response: <QPAY-CONFIRMATION-RESPONSE result="OK|NOK" message="ans..255"/>

Examples

Embedded as HTML comment
<!--<QPAY-CONFIRMATION-RESPONSE result="OK" /> -→ (1)
<!--<QPAY-CONFIRMATION-RESPONSE result="NOK" message="Fingerprint validation failed."/> -→ (2)
1 for confirming the successful receipt of our confirmation.
2 for confirming the unsuccessful receipt of our confirmation.
Embedded as a plain response
<QPAY-CONFIRMATION-RESPONSE result="OK" /> (1)
<QPAY-CONFIRMATION-RESPONSE result="NOK" message="Session not found." /> (2)
1 for confirming the successful receipt of our confirmation.
2 for confirming the unsuccessful receipt of our confirmation.
As JSON response if the header content type is application/JSON
{"status":"OK","errorCodes":null,"QPAY-CONFIRMATION-RESPONSE":{"result": "OK"}} (1)
{"status":"NOK","errorCodes":12345,"QPAY-CONFIRMATION-RESPONSE":{"result": "NOK","message":"Session not found."}} (2)
1 for confirming the successful receipt of our confirmation.
2 for confirming the unsuccessful receipt of our confirmation.
If web server is down for some reason or can’t be accessed by the QENTA Checkout Server, the confirmation can’t be delivered to the confirmURL, and no responses may be sent. QENTA will continue to resend the confirmation until receiving the %%result="OK"%% or until the last redelivery attempt was made.

In case QENTA has sent a confirmation and no response was received by the time the last redelivery attempt was made, only one final information is sent to the given e-mail address.

If the consumer in online shop has terminated a session unexpectedly e.g. closing the browser window, the first confirmation is sent automatically and not earlier than 30 minutes after the request was sent by QENTA.

customerStatement

The customerStatement parameter defines a text which is displayed on the bank statement issued to a consumer by the financial service provider.

The set of allowed characters and the allowed maximum length depends on the restrictions for payment methods and the corresponding financial service providers.

displayText

The displayText parameter defines a text which is displayed during the payment process on the QPAY Checkout Page. If displayText is not used, the required parameter OrderDescription will be used instead.

This text is not transmitted to any financial service provider and is therefore NEVER displayed on any consumer’s invoice or statement.

duplicateRequestCheck

The duplicateRequestCheck parameter checks if the same order has been unintentionally sent more than once by a consumer. The consumer may unintentionally resend the same order by pressing the reload button of the browser because of problems with the internet connection.

For this check ensure that the required parameter orderDescription or any other customer parameter used in the fingerprint calculation is different for each order to prevent false-positive detection of duplicate requests. Since for each request, a hash of all parameter values is sent, i.e. the fingerprint, QENTA can easily detect any identical request that has been sent in the last 30 minutes.

QENTA can check for duplicate requests, and for that set the value of parameter to “yes”; otherwise, don’t send this parameter.

financialInstitution

financialInstitution can be used in conjunction with the parameter paymentType, when a specific payment method is selected by the consumer in the online shop. One or more financial institutions can be defined as what is wanted to offer to consumers based on the selected payment method. The individual brands may be listed in any order within the parameter:

  • Allow all brands, force 3-D Secure for brands that support 3-D Secure: financialInstitution=amexsafekey,DinersProtectBuy,DiscoverProtectBuy,MCSC,Maestro,VbV

  • Limit to American Express SafeKey, Mastercard, and Visa 3-D Secure: financialInstitution=amexsafekey,MCSC,VbV

Payment method EPS/Giropay only allows one value, while other payment methods like Credit Card allows a comma-separated list of values.

Values of financialInstitution by paymentType

Table 4. paymentType AFTERPAY
Possible value(s) of financialInstitution Description

afterpay-inst

Installment for Riverty

afterpay-inv

Invoice for Riverty
Table 5. paymentType CCARD
Possible value(s) of financialInstitution Description

MCSC

Mastercard ID Check

MC

Mastercard

Maestro

Maestro SecureCode

Visa

Visa

VbV

Visa Secure

Amex

American Express

amexsafekey

American Express SafeKey

Diners

Diners Club

Discover

Discover

DinersProtectBuy

Diners Protect Buy

DiscoverProtectBuy

Discover Protect Buy
Table 6. paymentType EPS
Possible value(s) of financialInstitution Description

EPS-SO

EPS SELECT OPTION
Table 7. paymentType IDL
Possible value(s) of financialInstitution Description

ABANAMROBANK

ABN Amro Bank

ASNBANK

ASN Bank

BUNQ

Bunq Bank

INGBANK

ING

KNAB

Knab

RABOBANK

Rabobank

SNSBANK

SNS Bank

REGIOBANK

RegioBank

TRIDDOSBANK

Triodos Bank

VANLANSCHOT

Van Lanschot Bankiers

REVOLT21

Revolut

BITSNL2A

Yoursafe

NTSBDEB1

N26 (only available over pay.nl)

NNBANL2G

Nationale Nederlanden (only available over pay.nl)
Table 8. paymentType INVOICE
Possible value(s) of financialInstitution Description

payolution

Invoice by payolution
Table 9. paymentType PAYPAL
Possible value(s) of financialInstitution Description

PAYPAL

PayPal
Table 10. paymentType PRZELEWY24
Possible value(s) of financialInstitution Description

Przelewy24

Przelewy24
Table 11. paymentType SEPA-DD
Possible value(s) of financialInstitution Description

SEPA-DD

SEPA Direct Debit
Table 12. paymentType SOFORTUEBERWEISUNG
Possible value(s) of financialInstitution Description

SOFORTUEBERWEISUNG

Sofort.

imageUrl

The imageUrl parameter defines the URL to an image on a web server. The image will be displayed during the payment process on QPAY Checkout Page. Image size should have a width of 200 pixels and a height of 100 pixels and the supported image formats are gif, jpg, and png.

For security reasons we don’t accept .svg images provided by the customer, so use .png instead.

There must be an image available within the given image URL; the loading of QPAY Checkout Page will be delayed until a time-out for the missing image occurs.

If imageUrl is not used then the required parameter serviceUrl will not be used too. Otherwise, the image will be encapsulated by a link to the serviceUrl, so that the consumer can click on the image to view the HTML page available at the serviceUrl.

This URL has to be accessible over the internet https:// and must be accessible by the QENTA Checkout Server.

javascriptScriptVersion

javascriptScriptVersion defines the version of the used JavaScript for managing the JavaScript-based communication between the HTML page and the QENTA Data Storage. If the parameter is set to pci3, QENTA data storage creates an iFrame that can be integrated into the homepage.

If the parameter is not set the javascript fields will be delivered to the to the system.

mandateId

The parameter mandateId defines a two-party mandate between the merchant and the debtor and is required for SEPA Direct Debit payments. The mandate is an agreement giving the merchant permission to debit the consumer’s account for the sum that the two parties agreed upon. Every mandate has an ID provided by the merchant that has to be unique for the creditor.

mandateSignatureDate

The parameter mandateSignatureDate defines the date on which the above-mentioned mandate was signed by the consumer.

maxRetries

The maxRetries parameter defines the maximum number of payment attempts regarding a unique order.

Table 13. Value of maxRetries parameter
Value Behavior

<0

No restriction regarding the number of retries a consumer can do.

=0

No retry is possible for the consumer. If an error occurs the consumer will be redirected to the failureUrl.

>0

Maximum number of retries the consumer can do before redirecting to the failureUrl.
Contact our sales team to activate this feature.

noScriptInfoURL

With the parameter noScriptInfoURL define the URL to an information page of the online shop which is displayed to the consumer if the web browser of the consumer has JavaScript disabled.

This information page within the online shop informs consumers of the requirement to enable JavaScript and a guide on how to do this in the web browser.

orderIdent

The orderIdent parameter defines a unique reference to a specific order of a specific consumer within an online shop. This parameter is used within the QENTA Data Storage together with the customerId, shopId and storageId so that only the merchant is able to access the specific session of the QENTA Data Storage.

The value of the orderIdent has to be unique for each order of the consumer. Use the same value for initializing the QENTA Data Storage and for initiating the payment process.

orderNumber

orderNumber defines a unique ID for the order and when the value of the parameter is set it’s not possible to use that order number for the second time. Even if the consumer could not successfully finalize the payment process, therefore orderNumber can only be used if the parameter maxRetries is set to 0.

The feature has to be activated by our sales team, otherwise QENTA is generating the orderNumber.

orderReference

The orderReference parameter defines a unique transaction ID that will be forwarded to the financial institution.

The set of allowed characters and the allowed maximum length depends on the restrictions for payment methods and the corresponding financial service providers.

paymentToken

paymentToken contains information that is necessary for the front-end initialization of GooglePay Seamless.

paymenttypeSortOrder

paymenttypeSortOrder defines the sort order of all displayed payment methods and their corresponding sub-methods if paymentType is set to SELECT.

Offer a county-specific sort order by the payment methods with this parameter.

The sort order of the payment methods can be set by using a comma-separated list as defined within the parameter paymentType. Also, all available sub-methods can be found within the description of the parameter financialInstitution, and add them to the list.

pendingUrl

The pendingUrl parameter defines the URL of online shop where a consumer is forwarded when the payment process could not determine a result yet.

When using the optional parameter pendingUrl, the use of the parameter confirmUrl is mandatory.

The pendingUrl is an optional request parameter for backward compatibility with existing online shops, but use the parameter for handling asynchronous payment methods or payment methods that may have sometimes a delay in returning a final state of a transaction.

When the QENTA Checkout Server receives a final state from the corresponding financial service provider the information to the confirmUrl will be sent.

Table 14. pendingUrl in Payment Methods
paymentType Required Highly recommended Not needed

AFTERPAY

CCARD

EPS

GIROPAY

INVOICE

PRZELEWY24

PAYPAL

PSC

SEPA-DD

SOFORTUEBERWEISUNG

purchaseInformation

If the consumer has entered or changed his shipping or billing information after initialization, e.g. when using QPBL PayByLink then purchaseInformation is returned in the confirmation request made to confirmUrl. It is a Base64 encoded string that contains consumer, basket and order data as well as any additional parameters sent during initialization in JSON.

Example
purchaseInformation=ewogICAgImFkZGl0aW9uYWxQYXJhbWV0ZXJzIjogewogICAgICAgICJDT05TVU1FUl9NRVJDSEFOVF9DUk1fSUQiOiAiMTIzNDIzNTM0NiIsCiAgICAgICAgInNob3BuYW1lX2N1c3RvbVBhcmFtZXRlcjEiOiAieW91ciBmaXJzdCBjdXN0b20gcGFyYW1ldGVyIiwKICAgICAgICAic2hvcG5hbWVfY3VzdG9tUGFyYW1ldGVyMiI6ICJ5b3VyIHNlY29uZCBjdXN0b20gcGFyYW1ldGVyIgogICAgfSwKICAgICJvcmRlckRlc2NyaXB0aW9uIjogIlRlc3Q6MDAwMCIsCiAgICAiY3VzdG9tZXJTdGF0ZW1lbnQiOiAiWW91ciBTaG9wbmFtZTogT3JkZXI6IDEyM3BhZ2UiLAogICAgIm9yZGVyUmVmZXJlbmNlIjogIjEyM3BhZ2UiLAogICAgImNvbnN1bWVyQmlsbGluZ0ZpcnN0TmFtZSI6ICJBbmRlcmVyQmlsbGluZyIsCiAgICAiY29uc3VtZXJCaWxsaW5nTGFzdE5hbWUiOiAiQmlsaW5nbmFjaG5hbWUiLAogICAgImNvbnN1bWVyQmlsbGluZ0FkZHJlc3MxIjogIkNcL08gS1x1MDBmY25pYmVydCBHcm9cdTAwZGYiLAogICAgImNvbnN1bWVyQmlsbGluZ0FkZHJlc3MyIjogIkJpbGxpbmdzdHJhXHUwMGRmZSAxMCIsCiAgICAiY29uc3VtZXJCaWxsaW5nQ2l0eSI6ICJHcmF6IiwKICAgICJjb25zdW1lckJpbGxpbmdaaXBDb2RlIjogIjgwMjAiLAogICAgImNvbnN1bWVyQmlsbGluZ0NvdW50cnkiOiAiU1IiLAogICAgImNvbnN1bWVyQmlsbGluZ1N0YXRlIjogIndvaXNkYXMiLAogICAgImNvbnN1bWVyU2hpcHBpbmdGaXJzdE5hbWUiOiAiU2hpcFZvcm5hbWVOZXUiLAogICAgImNvbnN1bWVyU2hpcHBpbmdMYXN0TmFtZSI6ICJTaGlwTmFjaG5hbWVOZXUiLAogICAgImNvbnN1bWVyU2hpcHBpbmdBZGRyZXNzMSI6ICJTaGlwcGluZ3N0cmFcdTAwZGZlIDEwYSIsCiAgICAiY29uc3VtZXJTaGlwcGluZ0FkZHJlc3MyIjogIjVcL0EgLSAzMyBTdC4gMTAwMCIsCiAgICAiY29uc3VtZXJTaGlwcGluZ0NpdHkiOiAiR3JheiIsCiAgICAiY29uc3VtZXJTaGlwcGluZ1ppcENvZGUiOiAiODAyMCIsCiAgICAiY29uc3VtZXJTaGlwcGluZ1N0YXRlIjogIkFuZHJlclN0YWF0IiwKICAgICJjb25zdW1lclNoaXBwaW5nQ291bnRyeSI6ICJHVSIsCiAgICAiY29uc3VtZXJTaGlwcGluZ0l0ZW1BdmFpbGFiaWxpdHkiOiAiMDEiLAogICAgImNvbnN1bWVyU2hpcHBpbmdNZXRob2QiOiAiaG9tZV9kZWxpdmVyeSIsCiAgICAiY29uc3VtZXJTaGlwcGluZ0FkZHJlc3NGaXJzdFVzZURhdGUiOiAiMTAuMTIuMjAyMSIsCiAgICAiYmFza2V0SXRlbXMiOiAiMyIsCiAgICAiYmFza2V0SXRlbSI6IHsKICAgICAgICAiMSI6IHsKICAgICAgICAgICAgImFydGljbGVOdW1iZXIiOiAiQTAwMSIsCiAgICAgICAgICAgICJxdWFudGl0eSI6ICIxIiwKICAgICAgICAgICAgIm5hbWUiOiAiUHJvZHVjdCBBMSIsCiAgICAgICAgICAgICJ1bml0R3Jvc3NBbW91bnQiOiAiMTAuODAiLAogICAgICAgICAgICAidW5pdE5ldEFtb3VudCI6ICI5LjAwIiwKICAgICAgICAgICAgInVuaXRUYXhBbW91bnQiOiAiMS44MCIsCiAgICAgICAgICAgICJ1bml0VGF4UmF0ZSI6ICIyMC4wMDAiCiAgICAgICAgfSwKICAgICAgICAiMiI6IHsKICAgICAgICAgICAgImFydGljbGVOdW1iZXIiOiAiQTAwMiIsCiAgICAgICAgICAgICJxdWFudGl0eSI6ICIxIiwKICAgICAgICAgICAgIm5hbWUiOiAiUHJvZHVjdCBBMiIsCiAgICAgICAgICAgICJ1bml0R3Jvc3NBbW91bnQiOiAiMTQuOTQiLAogICAgICAgICAgICAidW5pdE5ldEFtb3VudCI6ICIxMi40NSIsCiAgICAgICAgICAgICJ1bml0VGF4QW1vdW50IjogIjIuNDkiLAogICAgICAgICAgICAidW5pdFRheFJhdGUiOiAiMjAuMDAwIgogICAgICAgIH0sCiAgICAgICAgIjMiOiB7CiAgICAgICAgICAgICJhcnRpY2xlTnVtYmVyIjogIlMwMDEiLAogICAgICAgICAgICAicXVhbnRpdHkiOiAiMSIsCiAgICAgICAgICAgICJuYW1lIjogIlNoaXBwaW5nIiwKICAgICAgICAgICAgInVuaXRHcm9zc0Ftb3VudCI6ICI5NzQuMjUiLAogICAgICAgICAgICAidW5pdE5ldEFtb3VudCI6ICI5NzQuMjUiLAogICAgICAgICAgICAidW5pdFRheEFtb3VudCI6ICIwLjAwIiwKICAgICAgICAgICAgInVuaXRUYXhSYXRlIjogIjAuMDAwIgogICAgICAgIH0KICAgIH0sCiAgICAiY29uc3VtZXJFbWFpbCI6ICJlZGl0aWVydGUuZW1haWwuYWRyZXNzZUB0ZXN0LmNvbSIsCiAgICAiY29uc3VtZXJTaGlwcGluZ1Bob25lIjogIjEyMzQ1Njc4MzQ1NjciLAogICAgImNvbnN1bWVySXBBZGRyZXNzIjogIjE3Mi4yMC4wLjIwMyIsCiAgICAiY29uc3VtZXJCaXJ0aERhdGUiOiAiMjAwMS0wMy0wMSIKfQ==
Decoded
{
    "additionalParameters": {
        "CONSUMER_MERCHANT_CRM_ID": "1234235346",
        "shopname_customParameter1": "first custom parameter",
        "shopname_customParameter2": "second custom parameter"
    },
    "orderDescription": "Test:0000",
    "customerStatement": "Your Shopname: Order: 123page",
    "orderReference": "123page",
    "consumerBillingFirstName": "AndererBilling",
    "consumerBillingLastName": "Bilingnachname",
    "consumerBillingAddress1": "C\/O K\u00fcnibert Gro\u00df",
    "consumerBillingAddress2": "Billingstra\u00dfe 10",
    "consumerBillingCity": "Graz",
    "consumerBillingZipCode": "8020",
    "consumerBillingCountry": "SR",
    "consumerBillingState": "woisdas",
    "consumerShippingFirstName": "ShipVornameNeu",
    "consumerShippingLastName": "ShipNachnameNeu",
    "consumerShippingAddress1": "Shippingstra\u00dfe 10a",
    "consumerShippingAddress2": "5\/A - 33 St. 1000",
    "consumerShippingCity": "Graz",
    "consumerShippingZipCode": "8020",
    "consumerShippingState": "AndrerStaat",
    "consumerShippingCountry": "GU",
    "consumerShippingItemAvailability": "01",
    "consumerShippingMethod": "home_delivery",
    "consumerShippingAddressFirstUseDate": "10.12.2021",
    "basketItems": "3",
    "basketItem": {
        "1": {
            "articleNumber": "A001",
            "quantity": "1",
            "name": "Product A1",
            "unitGrossAmount": "10.80",
            "unitNetAmount": "9.00",
            "unitTaxAmount": "1.80",
            "unitTaxRate": "20.000"
        },
        "2": {
            "articleNumber": "A002",
            "quantity": "1",
            "name": "Product A2",
            "unitGrossAmount": "14.94",
            "unitNetAmount": "12.45",
            "unitTaxAmount": "2.49",
            "unitTaxRate": "20.000"
        },
        "3": {
            "articleNumber": "S001",
            "quantity": "1",
            "name": "Shipping",
            "unitGrossAmount": "974.25",
            "unitNetAmount": "974.25",
            "unitTaxAmount": "0.00",
            "unitTaxRate": "0.000"
        }
    },
    "consumerEmail": "editierte.email.adresse@test.com",
    "consumerShippingPhone": "1234567834567",
    "consumerIpAddress": "172.20.0.203",
    "consumerBirthDate": "2001-03-01"
}

shopId

The shopId defines the unique identifier for the online shop within customerId. This is used if the merchant has multiple online shops or one online shop with multiple configurations within one customerId.

The use of shopId has to clarify with the support, so contact integration specialists.

storageId

The parameter storageId is the unique ID to the QENTA Data Storage of a specific consumer within a specific payment process. The storageId is valid for 30 minutes after the latest use of an initialization, store or read operation on that Data Storage.

storageId gets invalid after a successful initiation of the payment process.

transactionIdentifier

The transactionIdentifier parameter defines whether a transaction is a single transaction or an initial transaction followed by many subsequent ones. Value SINGLE is a standard singular transaction for which authorization is given once by the consumer to collect only one transaction and value INITIAL for the first transaction of a series of recurring payments.

If the parameter transactionIdentifier is used, the configuration setting is overwritten correspondingly, if is not used, the value set in the merchant configuration is used.

Currently, the transactionIdentifier may be used for payment methods PayPal and SEPA Direct Debit and it’s required to distinguish between a single transaction or the first transaction with subsequent transaction based on the first one.

Backend operation recurPayment may only be carried out if the transactionIdentifier value INITIAL is used. For using the value INITIAL for subsequent recurring transactions, additional approval from the financial service provider needs to be obtained e.g. for PayPal. After receiving approval contact our integration specialists to enable the feature.

windowName

The windowName parameter defines the name of the pop-up window of iframe where QPAY Checkout Page or an additional payment window is opened.

windowName is required if the merchant offered payment methods that open an additional pop-up window like eps-Überweisung or PayPal. It ensures a proper return to the checkout process after that payment method-specific pop-up window is closed.

The window name must contain uppercase and lowercase letters and underscores, and must not contain any whitespace characters or foreign characters.

Opening QPAY Checkout Page or QMORE Checkout Seamless within a pop-up window may cause problems to the consumers if they have enabled a pop-up blocker within their browsers or it’s activated by default.

Response Parameters

creditorId

The parameter creditorId identifies a merchant and allows consumers to manage their mandates with merchants more easily.

dueDate

The parameter dueDate defines the day when payment is debited from the consumer’s bank account.

financialInstitution

Values of financialInstitution by paymentType

Table 15. paymentType AFTERPAY
Possible value(s) of financialInstitution Description

afterpay-inst

Installment for Riverty

afterpay-inv

Invoice for Riverty
Table 16. paymentType CCARD
Possible value(s) of financialInstitution Description

MC

Mastercard

Maestro

Maestro SecureCode

Visa

Visa

Amex

American Express

Diners

Diners Club
Table 17. paymentType EPS
Possible value(s) of financialInstitution Description

EPS-SO

EPS SELECT OPTION
Table 18. paymentType INVOICE
Possible value(s) of financialInstitution Description

payolution

Invoice by payolution
Table 19. paymentType PAYPAL
Possible value(s) of financialInstitution Description

PAYPAL

PayPal
Table 20. paymentType PRZELEWY24
Possible value(s) of financialInstitution Description

Przelewy24

Przelewy24
Table 21. paymentType SEPA-DD
Possible value(s) of financialInstitution Description

SEPA-DD

SEPA Direct Debit
Table 22. paymentType SOFORTUEBERWEISUNG
Possible value(s) of financialInstitution Description

SOFORTUEBERWEISUNG

Sofort.
Table 23. paymentType PAYSAFECARD
Possible value(s) of financialInstitution Description

PAYSAFECARD

PAYSAFECARD

instrumentCountry

The information on the consumer’s country can’t be derived from the delivery address, so they will be taken from the data returned to QENTA by the respective financial service provider. E.g. in the case of credit cards, the country of the credit card issuer is returned and used to determine the consumer’s country.

instrumentCountry can be used for payment methods: Credit Card, PayPal, and Sofort.

responseFingerprint

To check the authenticity of the return values sent from the QENTA Checkout Server to the online shop, compare the responseFingerprint with a hash of the return values.

Create a string by concatenating all returned parameters based on the order in the return parameter responseFingerprintOrder. Then hash the string with an HMAC-SHA-512 algorithm using the secret as cryptographic key and compare the result with the value of the return parameter responseFingerprint. If both values are identical, the response is authentic, i.e. the confirmation was indeed sent by QENTA. If these values are not identical, recheck the calculation and consider that someone compromised the return values or has sent a possibly false confirmation for the payment. Therefore, don’t trust these return values and don’t assume that the payment was made even if it appears that way!

To ensure secure communication it’s essential that never disclose or share the secret with persons who are not involved in developing the online shop. Also, never forward the secret via unsecured communication channels e.g. mail, e-mail, fax or instant messaging. When the secret is submitted by fax make sure that the contents of the fax are disclosed only to authorized persons!

If the merchant suspect that the secret has been revealed to unauthorized individuals, contact our integration specialists immediately and request a new secret!

responseFingerprintOrder

An ordered list of parameters is used for calculating the fingerprint of the response.