Developers

We want to make payments easy for developers. Let us do the heavy lifting with these developer tools so you can simply and easily deploy payment and donation solutions.

Direct Post Method

DIRECT POST METHOD

Direct Post Method (DPM) is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website.

Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.

 

DPM KEY OPERATIONS

  1. Processing a single credit card transaction (available for both North America and International processing)
  2. Processing a single ACH transaction (available for only North America processing)
  3. Creating a token to store payment details for recurring transactions (available for both North America/International credit card processing, and North America ACH/EFT)
  4. Create a token (without recurring) AND transact at the same time
  5. Create a token (with recurring) AND transact at the same time

 

 DIRECT POST OPTIONS

  1. Option 1 -Javascript Relay URL

This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes).  All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.

Option 1 - JavaScript Relay Guide below:

Document

Change

Date of Change:

DPM Guide 

  • Added process URL for UK/International system
  • Added contact information
  • Added fields in the Transaction response

Sep 22, 2017

 

iATS Payments Contact Information

North America: www.iatspayments.com

UK/International: www.uk.iatspayments.com

Customer Care:

Email: iatscs@iatspayments.com
Phone: North America: 1-888-955-5455 | UK/Europe: 0808-234-0466

Hours: 7:30am 5:00pm Pacific Standard Time, Monday to Friday

Sales and Marketing:

Email: iats@iatspayments.com
Phone: North America: 1-866-300-4287 | UK/Europe: 0808-234-0466

Hours: 7:00am 4:30pm Pacific Standard Time, Monday to Friday

Partner Support:

Email: PartnerSupport@iatspayments.com
Hours: 7:00am
4:30pm Pacific Standard Time, Monday to Friday


Direct Post Options

iATS offers two options for the Direct Post Method:

Option 1
This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes). All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.

Option 2
This does not utilize JavaScript but a Direct Redirect. This option only allows the programmer to redirect to two static pages a successful transaction page or a failed transaction page. As no relay page is utilized, the details of the transaction will be sent to a postback URL. Please refer to separate document for this option.

 

DPM Relay URL

DPM Direct Redirect

Dynamic response page

Yes, through JavaScript relay page. Relay URL sent in DPM transaction request.

No, only static pages for success/fail. Both URL sent in DPM transaction request.

Transaction results

Posted back to relay URL

Posted back to Postback URL

 

 

Introduction

This user guide describes the web development required to process transactions via iATS Payments using the Direct Post Method.

Direct Post is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website. Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.

The Direct Post Method can be combined with other iATS Web Services such as CustomerLink (to manage recurring schedules), ProcessLink (to process transactions with a Token or do refunds using a Transaction ID), and ReportLink (pulling transaction reports from iATS’ servers). These are explained further in our Web Service Guides and are available upon request.

For managing recurring transactions, you have the option of managing them or having iATS manage them for you:

  1. If iATS manages the recurring schedule:
    1. You use DPM to set up the individual Tokens (Customer Codes) and provide all payment and recurring details (amount, start/end date etc.), with the recurring tag set to true.
  2. If you manage the recurring schedule:
      1. You use DPM to set up the individual Tokens (Customer Codes) and only provide the payment details, with the recurring tag set to false;
      2. Then, on the schedule date you send a batch file containing the Tokens (Customer Codes) and amount of charge using our ProcessLink Web Service.
      3. Any future updates (switch it OFF, delete, etc.) to the Tokens can be done via our CustomerLink Web Service.
 

Please note that iATS operates two server systems, one based in North America (NA) and one in the United Kingdom (UK). Clients in the United States and Canada will use the NA servers, while all other clients use our UK servers. The explanation of the specific services that follows will provide the links to each server address as available.

Notes on International processing

1. The same interface can be used for International processing on our UK servers however it should be noted that single ACH/EFT (Direct Debit) transactions are not allowed in the UK. Only recurring Direct Debit transactions can be initiated.
2. The recurring date format is different for UK. Please use the format DD/MM/YYYY where applicable.

 


Concept Overview

With Direct Post, the transaction data is submitted directly to iATS payment gateway by means of HTML form POST, bypassing the host’s server. Upon authorization, iATS posts the transaction result or the token information to the hosts relay URL. Direct Post then redirects the end user’s browser to the hosts server using a client-side JavaScript. iATS will be invisible with the host having full control during the process.

The Direct Post method will provide the following options:

  1. Processing a single credit card transaction (available for both NA and international processing)
  2. Processing a single ACH transaction (available for only NA processing)
  3. Creating a token to store payment details or for recurring transactions (available for both NA and international CC processing, and NA ACH/EFT only)
  4. Create a token (without recurring) AND transact at the same time.
  5. Create a token (with recurring) AND transact at the same time.

Direct Post Method Data Flow
1. The website Host (merchant) creates an HTML payment form following the iATS specifications described within this guide. The form must contain all required fields to complete the credit card or ACH transaction process successfully. See the ‘Submitting Transaction’ section for more details.

The HTML form should use the following syntax:

North America

<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form">

       <input type="submit" value="Submit Transaction"/>

</form>

UK/International

<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST"

name="IATS_DPM_Form">

       <input type="submit" value="Submit Transaction"/>

</form>

iATS provides a process URL where the transaction collected on the merchant’s website should be submitted by means of HTML form POST. The host’s payment form created in step 1 above will be posted to iATS. Within the post data you will need to include the relay URL which is the page hosted on the merchants website to handle the response of the transaction result.

2. After receiving the transaction data or new token request, the iATS payment gateway will process the transaction and return the transaction result back to the merchants relay URL by means of HTTPS POST.
3. Based on the Transaction results (approval, decline or new token), the merchant provides iATS with a return page with the required redirect JavaScript to send the donor to. The host will need to have different transaction response pages for approval, declined and new token transactions. See the ‘Submitting Transaction’ section for more details.
4. iATS will then redirect the end user’s browser to the JavaScript returned to iATS from the merchant to show the customized response page. In this process the end user will stay on merchant’s website, however they will see the browser refresh when they are redirected to the response page.

Requirements

1. Merchant must have received the client’s valid iATS Process Key associated with their Client Code which is has been enabled to process credit card and/or ACH transactions. Instructions on how the client creates the Process Key are included below.
2. Merchant needs to create the HTML payment form on their own web server. The form must have the required payment fields following the iATS specifications in this document. The standard API consists of required and optional fields that can be submitted to iATS for real time credit card transaction processing. See the ‘Submitting Transaction’ section for more details.
3. Merchant needs to build relay pages to be able to handle the https post transaction result from the iATS payment gateway. The relay page will return a client side JavaScript to iATS with redirect response page URL.
4. Merchant needs to build a transaction response page to be displayed to the end user for the various responses: Success, Failed, Token and Token with success or failed transaction.

 

SUBMITTING A TRANSACTION

Transaction Post URL

The Direct Post transaction should POST to the following URLs:

 
HTML Form Post Syntax
Transaction data will be submitted to iATS by means of HTML form POST. The host needs to have the HTML form collect the  transaction data from the end user and the form should be in the following syntax:
 
North America

<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form">

       <input type="submit" value="Submit Transaction"/>
</
form>
 
UK/International
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST"
name="IATS_DPM_Form">

        <input type="submit" value="Submit Transaction"/>
</
form>
 
The following sections describe the required and optional form fields that can be submitted to iATS payment gateway by using Direct Post.
 
Authentication Information (Process Key)
The transaction authentication used by the Direct Post is the Process Key. The Process Key is encrypted and secure. Each merchant can generate a unique process key after receiving a valid iATS Client Code.
 
To create a Process Key:
  • Log on to the iATS portal
  • Go to ‘User Profile’
  • Select ‘Change Password’
  • Under ‘Manage process key’ section, click the “Create New Process Key” button.
 
 
Notes on Process Key:
  • If the Create button is clicked again at some point in the future, a new Process Key will be generated, invalidating the old one. If this occurs, the new Key will need to be added to the code to replace the old one.
  • Changes to the Client Code password at a future time will not affect the existing process key or make it invalid.
The process key should be embedded in the payment form but not visible to the donor. The Process Key field must be submitted using the syntax below.

<input type="hidden" name="IATS_DPM_ProcessID" value=" Put process key here"/>

 

Field name

Value

Note

IATS_DPM_ProcessID

Process Key

Merchant- and transaction-specific encrypted key for authentication.
Required field.

 

 

Donor’s Information Fields


The following table represents the HTML form donor information fields that can be submitted to iATS using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_Title

Title for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_FirstName

First name for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_LastName

Last name for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_Address

Address for the end user.

Up to 99 characters

Optional

IATS_DPM_City

City of the address.

Up to 39 characters

Optional

IATS_DPM_Province

Province of the address.

Up to 39 characters

Optional

IATS_DPM_Country

Country of the address.

Up to 39 characters

Optional

IATS_DPM_ZipCode

Zip code of the address.

Up to 10 characters. .

Optional but recommended

IATS_DPM_Phone

Phone number for the end users.

Up to 39 characters.

Optional

IATS_DPM_Phone2

Phone number for the end users.

Up to 39 characters

Optional

IATS_DPM_Fax

Fax number for the end user.

Up to 39 characters

Optional

IATS_DPM_Email

Email for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_Comment

Comment associated with the transaction.

Up to 110 characters

Optional

 

Custom Information Fields

 

The following table represents the HTML form fields of custom information can be submitted to IATS using Direct Post. All  fields in this section are optional and will be stored in the iATS system and available via ReportLink web service.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

 

Field name

Value

Note

IATS_DPM_Invoice

Invoice # for the end user

Up to 39 characters
For credit card/ACHEFT single transaction only.

IATS_DPM_Item1

Item1 for custom question

Up to 39 characters

IATS_DPM_Item2

Item2 for custom question

Up to 39 characters

IATS_DPM_Item3

Item3 for custom question

Up to 39 characters

IATS_DPM_Item4

Item4 for custom question

Up to 39 characters

IATS_DPM_Item5

Item5 for custom question

Up to 39 characters

IATS_DPM_Item6

Item6 for custom question

Up to 39 characters

 

Client Defined Fields

The following table represents the HTML form fields of client defined can be submitted to iATS using Direct Post.

iATS neither stores nor processes this field’s value, only acting as a pass-through to the postback URL. iATS will accept up to 3 client-defined fields with the prefix “IATS_DPM_ClientDefined_”.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 1

Up to 150 characters

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 2

Up to 150 characters

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 3

Up to 150 characters

 

 

Single Credit Card Transaction Fields


The following table represents the fields required for submitting a single credit card transaction using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_AccountNumber

Credit card number

Up to 600 characters.
Large max value due to ability to capture encrypted swiper details in this field, see section on encrypted card readers below.

Required

IATS_DPM_ExpiryDate

Expiry Date
Must be in the format of MM/YY

Up to 5 characters

Required

IATS_DPM_CVV2

CVV2.

Up to 4 characters. Must be digits only.

Required

IATS_DPM_MOP

Credit card type. ‘VISA’ or
‘MC’ or
‘AMX’ or

‘DSC

We accept the following card types: VISA, MC, AMX, DSC

Optional

IATS_DPM_Amount

Total processed amount

Numbers and decimal.
Do not put currency symbol in this field.
Processed amount must be greater than zero, and cannot exceed limit associated with
merchant’s iATS Client Code.

Required

 

Single ACH Transaction Fields

The following table represents the fields required for submitting a single ACH transaction using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_AccountNumber

ACH Account number.

USD:

Routing no. (9 digits) + account no. (# of digits varies)

CAD:

Bank no. (3 digits) + transit no. (5 digits) + account no. (# of digits varies)

*Order must be followed with NO spaces example 12312345123456789 for CDN *

Up to 40 characters. Must be digits only

Required

IATS_DPM_MOP

‘ACHEFT’

Up to 10 characters.
The value must be
‘ACHEFT’ to process ACH transactions. For other values or this field being blank, the transaction will be processed as a credit card.

Required

IATS_DPM_AccountType

Debit card account type. ‘CHECKING’ or ‘SAVING’

Will not accept values other than ‘CHECKING’ or ‘SAVING’.

Required

IATS_DPM_Amount

Total processed amount.

Numbers and decimal.
Do not put currency sign in this field. Processed Amount must be greater than zero, and cannot exceed limit associated with merc
hant’s iATS Client Code.

Required

 

Creating Secure Tokens

Instead of processing a real-time transaction, the merchant can use the Direct Post to create a token which can be used for transactions at a later stage with the iATS web services or to set up recurring transactions to be auto processed by iATS.

The iATS payment gateway will return a token ID to the Host which can be used to:

  • Access and update payment information associated with the token iATS CustomerLink Web Service
  • Process a single transaction on a recurring schedule using ProcessLink Web Service

Please refer to the iATS Web Service Guides for more details on the services offered.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

The following table represents the fields required for creating a secure token using Direct Post. The Host will need to have the credit card or bank account fields in the form. This payment information is what will be stored in the iATS system which is associated with the token.

 

Field name

Value

Note

Required or Optional

IATS_DPM_ProcessOption

Request type of process
(1) TRANSACTION
(2) TOKEN
(3) TOKENANDTRANSACTION

This field instructs iATS to create only transact, only create a token or create and tokenize at the same time

Required

IATS_DPM_RecurringOn

The request to turn on recurring transactions.
Value of ‘TRUE’ or ‘FALSE’

If the value is TRUE, iATS will set up and process the recurring transaction based on recurring settings below.

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_BeginDate

Recurring transaction begin date.

Must be in date format: MM/DD/YYYY

For the UK: DD/MM/YYYY

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_EndDate

Recurring transaction end date.

Must be in date format: MM/DD/YYYY

For the UK: DD/MM/YYYY

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleType

Recurring transaction schedule type.
‘MONTHLY’ or
‘WEEKLY’ or

‘QUARTERLY’ or ‘ANNUALLY’

Set up schedule type

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleMonth

Month for annual recurring transaction.

Number from 1 to 12

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleDate

Date for monthly recurring transaction.

Number from 1 to 31

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

 

Relay URL

The following table describes form fields that can be submitted to configure the relay response. The relay URL should be embedded in the payment form but not visible to the end user.

The relay URL fields are submitted using the syntax below.

<input name="IATS_DPM_RelayURL" value="url"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_RelayURL

The URL on the merchant’s website to which iATS posts transaction results to for a relay response.

iATS will post transaction result to this URL. The value must contain a valid URL including prefix: https://’ or ‘https://’.

Required

 

ENCRYPTED MAGNETIC STRIPE READERS

Overview

Our encrypted magnetic stripe readers (MSRs) are fully PCI compliant as the sensitive credit card data is encrypted immediately within the device before the data flows through to the computer or device. This means your servers do not have to handle any clear text credit card data. The encrypted MSRs are designed to work with the Direct Post Method.

When a credit card is swiped through the MSR, it will read and encrypt the track data on the magnetic stripes and pass the encrypted data to the Account Number field in DPM to the relevant web service to either a) process the transaction directly or b) tokenize the details for future transactions, or c) process the transaction directly and tokenize the details for future transactions

 

Supported Hardware

The following supported magnetic stripe readers should be ordered directly from iATS Payments as they contain encryption keys only accessible by iATS:
USB (PC and Mac)


Using the MSR’s

As there are a number of variations of the swiper, iATS needs to know which swiper is being used so that iATS

can supply the correct encryption key to the transaction. Once the user has swiped the card in the Credit Card

field, the swiper type needs to be appended to the front of the transaction string before being sent to iATS.

For example: IATS_DPM_AccountNumber = 00|@|[Encryption string]

 

Development requirements - Magtek

Magtek Dynamag USB Encrypted swiper

The Magtek Dynamag is a USB encrypted swiper for use on PC’s.

When you swipe the USB device a complete string of masked as well as encrypted data. You can use the masked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers, the entire string (masked and encrypted) as well as the identification of the swiper type needs to be passed through to iATS.


Magtek USB encrypted swipe example:

%B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|2F2E4
4C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC427958C
E07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7B489E
AE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0BC0FA
1B3067C034A946E9F80F3D7B

 

For the Magtek Dynamag, please append the data in the following order and delimitation:

SwiperType|@|Entire USB output

Where:

- SwiperType : 02 for Magtek Dynamag

- Entire USB output string (no parsing)

- |@| : Delimiter

MagTek USB swipe to be entered into IATS_DPM_AccountNumber field

02|@| %B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|
2F2E44C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC42
7958CE07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7
B489EAE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0
BC0FA1B3067C034A946E9F80F3D7B

 

 
Development requirements – IDTech
 
IDTech SecureMag USB card swipe

The IDTech Secure Mag is a USB encrypted swipe for PC’s and Laptops.

When you swipe the USB device, it will collect a complete string of masked as well as encrypted data. You can use the unmasked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers the entire string (masked and encrypted) needs to be passed through to iATS.


IDTECH USB encrypted swipe example:

02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=******
*********?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F010B9E9
DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B46EDA8
E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA8FFFF
738139000400000D68AA03


For the IDTech Secure Mag, please collate the data in the following order and delimitation:

SwiperType|@|Entire USB output

Where:

- SwiperType : 00 for IDTech Secure Mag

- Entire USB output string (no parsing)

- |@| : Delimiter

IDTech USB swipe to be entered into IATS_DPM_AccountNumber field

00|@| 02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=*
**************?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F01
0B9E9DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B4
6EDA8E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA
8FFFF738139000400000D68AA03

 

 

JavaScript to choose card reader type

If you want to use the card readers as per above, then you can use the following piece of JavaScript to choose the reader type and append the correct number to the string when the form is submitted. This allows the user to use the card reader directly without needing to add the reader type each time.

Add the following script to the header:

<head>
<script type="text/javascript">
        /**
* Preprocess IATS_DPM_AccountNumber field if using a USB card reader.
*/
function usbReaderPreprocess() {
    // Get the USB card reader type.
    var usbDeviceType = document.getElementById('USB_Device_Type').value;
    if (usbDeviceType != '') {

// Get the unprocessed USB card reader input.

var readerInput = document.getElementById('IATS_DPM_AccountNumber').value;

// Prepend USB card reader type to the reader input.

var processedReaderInput = usbDeviceType + '|@|' + readerInput;
// Update the form with the processed reader input.
document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput;
// Parse the payer's name from the reader input.
var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi);
if (nameMatch != null) {
var nameString = nameMatch[0].replace(/\^/g, '');
var nameParts = nameString.split('/');

// Update the form with the payer's first and last names.

    document.getElementById('IATS_DPM_FirstName').value = nameParts[1];
    document.getElementById('IATS_DPM_LastName').value = nameParts[0];
}
 

} }

    </script>
</head>

} }

    </script>
</head>
 
 
 
Add the following to your body:
<div class="">
<label class="" for="USB_Device_Type">USB Device</label>
<select id="USB_Device_Type">
        <option value="">None</option>
<option value="00">IDTech SecureMag USB swiper</option>
<option value="02">MagTek Dynamag USB swiper</option>
    </select>
</div>

<br /><br />

 

Also, make sure to add the OnSubmit function to the form action:

North America

<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">


UK/International

<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">


The above code combined will give you ability to choose the swiper being used. You could of course pre-fill the card reader type and hide the field so its completely anonymous to the users.

 

Transaction Responses

When a Relay Response is configured, the transaction response that is returned to the merchant from the iATS payment gateway is a set of fields that provides information about the status of the transaction.

  • For single credit card transactions iATS will provide real-time transaction approval or rejection results.
  • For ACH transactions, the result is always approved because it takes at least one day to settle the transaction.
  • For the ACH process please refer to the Web Service documentation – ProcessLink.

If the request is to create a token, the response is the detail of the token information created by iATS system.
The merchant server can parse the data in the returned response and customize the message to display to the end user.


Standard Fields in the Transactions Response

Below is the table for all the standard fields iATS will return to the merchant’s relay URL. iATS will return all donors information collected on the merchant’s HTML payment form.

 

Field name

Value

Note

IATS_Title

Title for the end user

Up to 39 characters

IATS_FirstName

First name for the end user

Up to 39 characters

IATS_LastName

Last name for the end user

Up to 39 characters

IATS_Address

Address for the end user

Up to 99 characters

IATS_City

City of the address

Up to 39 characters

IATS_State

State/Province of the address

Up to 39 characters

IATS_Country

Country of the address

Up to 39 characters

IATS_ZipCode

Zip code of the address

Up to 10 characters

IATS_Phone

Phone number for the end user

Up to 39 characters

IATS_Phone2

Phone number 2 for the end user

Up to 39 characters

IATS_Fax

Fax number for the end user

Up to 39 characters

IATS_Email

Email for the end user

Up to 39 characters

IATS_Comment

Comment for the end user

Up to 39 characters

IATS_Invoice

Invoice # for the end user

Up to 39 characters

For credit card/ACHEFT singe transaction only

IATS_Item1

Item1 for custom question

Up to 39 characters

IATS_Item2

Item2 for custom question

Up to 39 characters

IATS_Item3

Item3 for custom question

Up to 39 characters

IATS_Item4

Item4 for custom question

Up to 39 characters

IATS_Item5

Item5 for custom question

Up to 39 characters

IATS_Item6

Item6 for custom question

Up to 39 characters

IATS_Item7

Not available for Direct Post Method yet

 

IATS_Item8

Not available for Direct Post Method yet

 

IATS_Item9

Not available for Direct Post Method yet

 

IATS_Item10

Not available for Direct Post Method yet

 

IATS_Item11

Not available for Direct Post Method yet

 

IATS_Item12

Not available for Direct Post Method yet

 

IATS_Item13

Not available for Direct Post Method yet

 

IATS_Item14

Not available for Direct Post Method yet

 

IATS_Item15

Not available for Direct Post Method yet

 

IATS_ClientDefined_(insert name)

Value of client defined field 1

Up to 150 characters

IATS_ClientDefined_(insert name)

Value of client defined field 2

Up to 150 characters

IATS_ClientDefined_(insert name)

Value of client defined field 3

Up to 150 characters

IATS_Payment_AgencyCodeHash

Client code hash

SHA 1 of 4 character client code in uppercase

IATS_Payment_SubCode

Last two digits of user name

Example: TEST88 sub-code is ‘88’

IATS_Amount

Transaction amount

 

 


Single Credit Card Transaction Response


Below is the table of results for a transaction that i
ATS will return to merchant’s relay URL for a single credit card transaction.

Field name

Value

Note

IATS_AccountNumber

Last four digits of processed credit card number

Up to 4 characters

IATS_MOP

Method of Payment

Up to 10 characters.
We accept the following card types: VISA, MC, AMX, DSC

IATS_PaymentType

Payment Type: credit card or ACH

Value of ‘CreditCard’

IATS_Result

Transaction result

‘OK: approval code’ ‘Reject: rejection code’ ‘Reject: TIMEOUT’

IATS_TransID

Transaction ID

This value is the transaction ID the merchant can use to search the transaction in iATS customer portal

IATS_ExpiryMonth

Credit card expiry month

Two digit number, from 1-12

IATS_ExpiryYear

Credit card expiry year

Four digit number, example 2017

 

Rejection codes for Credit Card Responses

Below is the list of transaction rejection codes. For a more detailed list, please refer to

https://www.iatspayments.com/Portal/StaticPages/RejectCodes

 

Single ACH Transaction Response


Below is the table of transaction result fields that iATS will return to merchants relay URL for a single ACH transaction.

Field name

Value

Note

IATS_AccountNumber

Last four digits of account number

 

IATS_MOP

Method of Payment

Value of ‘ACHEFT’

IATS_PaymentType

Payment Type, credit card or ACH

Value of ‘ACH’

IATS_Result

Transaction result

Value of ‘OK: 555555’.
ACH transactions are not real time and takes at least one day to process. iATS will return temporary approval result. Successful or rejected ACH transactions should be retrieved using the iATS Web Service ReportLink

IATS_TransID

Transaction ID

This value is the transaction ID the merchant can use to search the transaction in iATS customer portal

IATS_DebitAccountType

Account type

Value of ‘CHECKING’ or ‘SAVING’

 

Token Transactions Response

Below is the table of the response fields iATS will return to merchants relay URL for a request to create a token.


Non-recurring Tokens
 

Field name

Value

Note

IATS_AccountNumber

Last four digits of processed account number

Up to 4 characters

IATS_PaymentType

Method of Payment

Value of ‘CreditCard’ or ‘ACH’

IATS_Result

‘TokenCreated’ or ‘TokenFailed’

 

IATS_ResultDetail

Token ID or Error message

If the Token is created successfully, it will start with a letter followed by number, for example ‘A1234567’.
If it fails the detail will be in the message.

 

Tokens with a recurring schedule

The following fields are for when a recurring setting was set up for the token. If the host posts recurring settings in the original request, iATS will post the same settings back. Otherwise iATS will return default settings.

 

 Field name

Value

Note

IATS_BeginDate

Recurring transaction begin date

Default value is today’s date

IATS_EndDate

Recurring transaction end date

Default value is today’s date

IATS_ScheduleType

Recurring transaction schedule type.
‘MONTHLY’ or
‘WEEKLY’ or

‘QUARTERLY’ or ‘ANNUALLY’

Value of ‘MONTHLY’ or ‘WEEKLY’ or ‘QUARTERLY’ or ‘ANNUALLY’

Default value is MONTHLY.

IATS_RecurringOn

Recurring turned on. ‘ON’ or
‘OFF’

Value of ‘ON’ or ‘OFF’. Default value is ‘OFF’.

 

RELAY PAGE

Direct Post provides a relay response feature to communicate the transaction results to the merchant. The merchant can use the relay response feature to create a custom response page using transaction results returned by iATS. The response page is then relayed to the customer’s web browser.


Dynamic Page
To create a dynamic page to redirect the donor to various pages depending on the results of the transaction then the relay  page sent to iATS must contain the following JavaScript to redirect the end user to the correct URL.

 

Front-end JavaScript to be returned to iATS

 

Relay.aspx

<%@ Page Language="C#" CodeBehind="relayPage.aspx.cs" Inherits="IATSDirectPostTest.relayPage" %>
<html>
<
head>
<
script type='text/javascript' charset='utf-8'>
    window.location = '<%=redirectUri %>';
</script>
</head>
<
body></body>
</
html>

 

 

Code Behind to accept the HTTPS Post results from iATS server

Relaypage.aspx.cs

Namespace IATSDirectPostTest
{
       public partial class relayPage : System.Web.UI.Page
{
                      public string redirectUri = "";
protected void Page_Load(object sender, EventArgs e)
{
//Get transaction result from POST data
                       if(Request.Form["IATS_Result"]!=null &&
Request.Form[
"IATS_Result"].Contains("OK")){

page.

} }

   //If the transaction is approval, redirect to approval response
redirectUri = "https://approval.merchant.com";

}

//If the transaction is rejected, redirect to rejected response page.
else redirectUri = "https://reject.merchant.com";
}

 

 

CODE SAMPLES

Below is an example of the Direct Post HTML form and relay page. This includes all the fields so remove those that are not necessary. Make sure you include your Relay URL at the end of the form.

 

SAMPLE HTML Payment Form – Without Card Reader
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
>
<
html xmlns="http://www.w3.org/1999/xhtml">
<
head>
    <title>DPM Test Merchant</title>
<
style type="text/css">

label

{

         float: left;
width: 400px;

}

    </style>
</
head>

<body>

<form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form">
<
div><strong>Direct Post Authentication: TEST88 Processkey: PA0940D765F2BD67BD97B82EFAA4D72BE9</strong></div>

<div class="">
<
label class="" for="IATS_DPM_ProcessID">ProcessKey</label>
<
input name="IATS_DPM_ProcessID" class="" id="IATS_DPM_ProcessID"

value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div>
<
br /><br />

<div><strong>Donors information</strong></div>
<div class="">
<
label class="" for="IATS_DPM_Title">Title</label>
<
input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_FirstName">First Name</label>
    <input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_LastName">Last Name</label>
<
input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Address">Address</label>
    <input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_City">City</label>
<
input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" />
</div>
<
div class="">
 

 

    <label class="" for="IATS_DPM_Province">State/Province</label>
    <input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Country">Country</label>
<
input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ZipCode">Zip Code</label>
    <input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Phone">Phone</label>
<
input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Phone">Phone2</label>

<input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_Phone">Fax</label>
<
input name="IATS_DPM_Fax" class="" id="IATS_DPM_Fax" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Email">Email</label>
    <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Comment">Comment</label>
<
input name="IATS_DPM_Comment" class="" id="IATS_DPM_Comment" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item1">Item1</label>
    <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item2">Item2</label>
<
input name="IATS_DPM_Item2" class="" id="IATS_DPM_Item2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item3">Item3</label>
    <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item4">Item4</label>
<
input name="IATS_DPM_Item4" class="" id="IATS_DPM_Item4" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item5">Item5</label>
    <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item6">Item6</label>
<
input name="IATS_DPM_Item6" class="" id="IATS_DPM_Item6" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label>
    <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1"
maxlength="150" />
 

 

</div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label>
    <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label>
    <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3"
maxlength="150" />
</
div>
<
br /><br />
<div><strong>Amount</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Amount">Amount</label>

<input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>

<br /><br />
<
div><strong>Payment</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_MOP">Method of Payment</label>
    <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_AccountNumber">Account Number</label>
<
input name="IATS_DPM_AccountNumber" class="" id="IATS_DPM_AccountNumber" maxlength="600" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label>

<input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_CVV2">CVV2 (for credit card)</label>
<
input name="IATS_DPM_CVV2" class="" id="IATS_DPM_CVV2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label>
    <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" />
</
div>

<br /><br />

<div><strong>Process Option</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_ProcessOption">Process Option</label>
    <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <br
/>

<label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label>
<
input name="IATS_DPM_RecurringOn" class="" id="IATS_DPM_RecurringOn" maxlength="39" /> <br /> <label class="" for="IATS_DPM_BeginDate">BeginDate</label>
<
input name="IATS_DPM_BeginDate" class="" id="IATS_DPM_BeginDate" maxlength="39" /> <br /> <label class="" for="IATS_DPM_EndDate">EndDate</label>
<
input name="IATS_DPM_EndDate" class="" id="IATS_DPM_EndDate" maxlength="39" /> <br />
<
label class="" for="IATS_DPM_ScheduleType">ScheduleType</label>
<
input name="IATS_DPM_ScheduleType" class="" id="IATS_DPM_ScheduleType" maxlength="39" /> <br /> <label class="" for="IATS_DPM_ScheduleMonth">ScheduleMonth (If Schedule Type is Annual)</label> <input name="IATS_DPM_ScheduleMonth" class="" id="IATS_DPM_ScheduleMonth" maxlength="39" /> <br

/>
<
label class="" for="IATS_DPM_ScheduleDate">ScheduleDate (If Schedule Type is Monthly)</label>
<
input name="IATS_DPM_ScheduleDate" class="" id="IATS_DPM_ScheduleDate" maxlength="39" /> <br />
 

 

</div>
<
br /><br />

<div><strong>Relay Response</strong></div> <div class="">

    <label class="" for="IATS_DPM_RelayURL">Relay URL</label>

<input type="input" name="IATS_DPM_RelayURL" class="" id="IATS_DPM_RelayURL" value="ENTER RELAY URL HERE" />

</div>
<
br /><br />
<input type="submit" value="Process"/>
</
form>

</body>

 

 

SAMPLE HTML Payment Form – With Card Reader

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
>
<
html xmlns="http://www.w3.org/1999/xhtml">
<
head>
    <title>DPM Test Merchant</title>
<
style type="text/css">

label

{ }

float: left;
width: 400px;
</style>
<
script type="text/javascript">

/**
* Preprocess IATS_DPM_AccountNumber field if using a USB card reader.

*/

    function usbReaderPreprocess() {
// Get the USB card reader type.
var usbDeviceType = document.getElementById('USB_Device_Type').value;

if (usbDeviceType != '') {
// Get the unprocessed USB card reader input.
var readerInput = document.getElementById('IATS_DPM_AccountNumber').value;

} }

    </script>
</
head>

<body>

// Prepend USB card reader type to the reader input.

var processedReaderInput = usbDeviceType + '|@|' + readerInput;
// Update the form with the processed reader input.
document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput;
// Parse the payer's name from the reader input.
var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi);
if (nameMatch != null) {
var nameString = nameMatch[0].replace(/\^/g, '');
var nameParts = nameString.split('/');

// Update the form with the payer's first and last names.

    document.getElementById('IATS_DPM_FirstName').value = nameParts[1];
    document.getElementById('IATS_DPM_LastName').value = nameParts[0];
}

<form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">
<
div><strong>Direct Post Authentication: TEST88 Processkey: PA0940D765F2BD67BD97B82EFAA4D72BE9</strong></div>

 

 

<div class="">
<
label class="" for="IATS_DPM_ProcessID">ProcessKey</label>
<
input name="IATS_DPM_ProcessID" class="" id="IATS_DPM_ProcessID"

value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div>
<
br /><br />

<div class="">
<
label class="" for="USB_Device_Type">USB Device</label>
<
select id="USB_Device_Type">
        <option value="">None</option>
<
option value="00">IDTech SecureMag USB swiper</option>
<
option value="02">MagTek Dynamag USB swiper</option>
    </select>
</
div>

<br /><br />

<div><strong>Donors information</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Title">Title</label>
    <input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_FirstName">First Name</label>
<
input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_LastName">Last Name</label>
    <input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Address">Address</label>
<
input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_City">City</label>
    <input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Province">State/Province</label>
<
input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Country">Country</label>
    <input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_ZipCode">Zip Code</label>
<
input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Phone">Phone</label>
    <input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" />
</
div>

<div class="">
<
label class="" for="IATS_DPM_Phone">Phone2</label>
<
input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" />

</div>

 

 

<div class="">
<
label class="" for="IATS_DPM_Phone">Fax</label>
<
input name="IATS_DPM_Fax" class="" id="IATS_DPM_Fax" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Email">Email</label>
    <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Comment">Comment</label>
<
input name="IATS_DPM_Comment" class="" id="IATS_DPM_Comment" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item1">Item1</label>
    <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item2">Item2</label>
<
input name="IATS_DPM_Item2" class="" id="IATS_DPM_Item2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item3">Item3</label>
    <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item4">Item4</label>
<
input name="IATS_DPM_Item4" class="" id="IATS_DPM_Item4" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item5">Item5</label>
    <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item6">Item6</label>
<
input name="IATS_DPM_Item6" class="" id="IATS_DPM_Item6" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label>
    <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label>
    <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label>
    <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3"
maxlength="150" />
</
div>

<br /><br />

<div><strong>Amount</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Amount">Amount</label>

<input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>

 

 

<br /><br />

<div><strong>Payment</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_MOP">Method of Payment</label>
    <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_AccountNumber">Account Number</label>
<
input name="IATS_DPM_AccountNumber" class="" id="IATS_DPM_AccountNumber" maxlength="600" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label>

<input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_CVV2">CVV2 (for credit card)</label>
<
input name="IATS_DPM_CVV2" class="" id="IATS_DPM_CVV2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label>
    <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" />
</
div>

<br /><br />

<div><strong>Process Option</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_ProcessOption">Process Option</label>
    <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <br
/>

<label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label>
<
input name="IATS_DPM_RecurringOn" class="" id="IATS_DPM_RecurringOn" maxlength="39" /> <br /> <label class="" for="IATS_DPM_BeginDate">BeginDate</label>
<
input name="IATS_DPM_BeginDate" class="" id="IATS_DPM_BeginDate" maxlength="39" /> <br /> <label class="" for="IATS_DPM_EndDate">EndDate</label>
<
input name="IATS_DPM_EndDate" class="" id="IATS_DPM_EndDate" maxlength="39" /> <br />
<
label class="" for="IATS_DPM_ScheduleType">ScheduleType</label>
<
input name="IATS_DPM_ScheduleType" class="" id="IATS_DPM_ScheduleType" maxlength="39" /> <br /> <label class="" for="IATS_DPM_ScheduleMonth">ScheduleMonth (If Schedule Type is Annual)</label> <input name="IATS_DPM_ScheduleMonth" class="" id="IATS_DPM_ScheduleMonth" maxlength="39" /> <br

/>
<
label class="" for="IATS_DPM_ScheduleDate">ScheduleDate (If Schedule Type is Monthly)</label>
<
input name="IATS_DPM_ScheduleDate" class="" id="IATS_DPM_ScheduleDate" maxlength="39" /> <br />

</div>

<br /><br />
<
div><strong>Relay Response</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_RelayURL">Relay URL</label>

<input type="input" name="IATS_DPM_RelayURL" class="" id="IATS_DPM_RelayURL" value="ENTER RELAY URL HERE" />

</div>
<
br /><br />
<input type="submit" value="Process"/>
</
form>
</
body>

 

 

EXAMPLE RESPONSES

 

Single Credit Card Transaction Response Example

 

IATS_AccountNumber=2220

IATS_MOP=VISA

IATS_PaymentType=CreditCard

IATS_ExpiryMonth=12

IATS_ExpiryYear=2014

IATS_Result=OK: 678594:

IATS_TransID=A1A1C5D8

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_Country=CANADA

IATS_State=AB

IATS_ZipCode=T5J1X3

IATS_EMail=TEST@TEST.COM

IATS_Phone=123456789

IATS_Phone2=

IATS_Fax=

IATS_Comment=donation

 

 

Single ACH Transaction Response Example

IATS_AccountNumber=2220

IATS_MOP=ACHEFT

IATS_DebitAccountType=CHECKING

IATS_PaymentType=ACH

IATS_Result=OK: 555555

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=JACK

IATS_LastName=GREEN

IATS_Address=JASPER AVE

IATS_City=EDMONTON

IATS_Country=CANADA

IATS_State=AB

IATS_ZipCode=T5J1X3

IATS_EMail=TEST@TEST.COM

IATS_Phone=123456789

IATS_Fax=

IATS_Phone2=

IATS_Comment=donation

 

Creating a Token for Credit Card Transaction Response

IATS_AccountNumber=2220

IATS_PaymentMethod=VISA

IATS_PaymentType= CreditCard

IATS_Result=TokenCreated

IATS_ResultDetail= A1047942

IATS_RecurringOn=off

IATS_ScheduleType=MONTHLY

IATS_BeginDate=04/14/2014

IATS_EndDate=04/14/2014

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_State=ab

IATS_ZipCode=T5J1X3

IATS_Country=Canada

IATS_Email=test@test.com

IATS_Fax=

IATS_Phone=123456789

IATS_Phone2=

IATS_comment=donation

 

Creating a Token for ACH Transaction Response

IATS_AccountNumber=2220

IATS_PaymentMethod=ACHEFT

IATS_PaymentType=DebitCard

IATS_DebitAccountType=CHECKING

IATS_Result=TokenCreated

IATS_ResultDetail=A1047941

IATS_RecurringOn=off

IATS_ScheduleType=MONTHLY

IATS_BeginDate=04/14/2014

IATS_EndDate=04/14/2014

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_State=ab

IATS_ZipCode=T5J1X3

IATS_Country=Canada

IATS_Email=test@test.com

IATS_Fax=

IATS_Phone=123456789

IATS_Phone2=

IATS_comment=donation

 

 

APPENDIX A: TESTING iATS PAYMENTS SYSTEMS

The following information will allow you to test iATS Payments systems to ensure that you can use our services. Please note that this “TEST88” account is not a live merchant account and that authorization and rejection results are for display purposes only.

Please note that this test information is provided to many clients. Please do not modify or delete any pre-existing Aura Event’s or change the password of this code.

User ID = TEST88

Password = TEST88

URL:     NA = www.iatspayments.com

               UK = www.uk.iatspayments.com

To test the Authorization and Rejection responses related to a Charge, credit card number 4111111111111111 can be used.

To test the Authorization responses related to both Charges and Refunds, credit card number 4222222222222220 can be used.

The amounts and corresponding responses detailed below have been created for to test multiple situations:

Amount

Result when using 4111111111111111

1.00

OK: 678594

2.00

REJ: 15

3.00

OK: 678594

4.00

REJ: 15

5.00

REJ: 15

6.00

OK: 678594:X

7.00

OK: 678594:y

8.00

OK: 678594:A

9.00

OK: 678594:Z

10.00

OK: 678594:N

15.00

If CVV2 = 1234, the response is OK: 678594:Y. If no CVV2 is entered, the response is REJ: 19

16.00

REJ: 2

17.00

REJ: 22

192.00 (NA Only)

If sent via API (iATSLink or Web Service) a) IP address is invalid format: Rej: 5.
b)
IP address is valid format: OK: 678594.

All Other Amounts

REJ: 15

All Refund Amounts

REJ: 15

Amount

Result when using 4222222222222220

Any Sale Amount

OK: 678594

Any Refund Amount

OK: 678594

 

Please note there is a transaction limit of $2000.00 (£2000.00) per charge. Amounts above will be rejected.

If using our Direct Post Method, the TEST88 Process Key credentials are:

PAAB24B9961FAC07FAA561180F6CB69A7B (North America) PA0940D765F2BD67BD97B82EFAA4D72BE9 (UK/International)

 

 

  1. Option 2Direct Redirect

This option only allows the programmer to redirect to two static pages – a successful transaction page or a failed transaction page.  As no relay page is utilized, the details of the transaction will be sent to a postback URL.

Option 2 - Direct Redirect Guide below:

 

 

Document

Change

Date of Change:

DPM Guide 

  • Added process URL for UK/International system
  • Added contact information
  • Added fields in the Transaction response

Sep 28, 2017

 

iATS Payments Contact Information

North America: www.iatspayments.com

UK/International: www.uk.iatspayments.com

 

Customer Care:

Email: iatscs@iatspayments.com
Phone: North America: 1-888-955-5455 | UK/Europe: 0808-234-0466

Hours: 7:30am 5:00pm Pacific Standard Time, Monday to Friday

Sales and Marketing:

Email: iats@iatspayments.com
Phone: North America: 1-866-300-4287 | UK/Europe: 0808-234-0466

Hours: 7:00am 4:30pm Pacific Standard Time, Monday to Friday

Partner Support:

Email: PartnerSupport@iatspayments.com
Hours: 7:00am
4:30pm Pacific Standard Time, Monday to Friday

Direct Post Options

iATS offers two options for the Direct Post Method:

Option 1
This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes). All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.

Option 2
This does not utilize JavaScript but a Direct Redirect. This option only allows the programmer to redirect to two static pages a successful transaction page or a failed transaction page. As no relay page is utilized, the details of the transaction will be sent to a postback URL. Please refer to separate document for this option.

 

DPM Relay URL

DPM Direct Redirect

Dynamic response page

Yes, through JavaScript relay page. Relay URL sent in DPM transaction request.

No, only static pages for success/fail. Both URL sent in DPM transaction request.

Transaction results

Posted back to relay URL

Posted back to Postback URL

 

 

Introduction

This user guide describes the web development required to process transactions via iATS Payments using the Direct Post Method.

Direct Post is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website. Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.

The Direct Post Method can be combined with other iATS Web Services such as CustomerLink (to manage recurring schedules), ProcessLink (to process transactions with a Token or do refunds using a Transaction ID), and ReportLink (pulling transaction reports from iATS’ servers). These are explained further in our Web Service Guides and are available upon request.

For managing recurring transactions, you have the option of managing them or having iATS manage them for you:

  1. If iATS manages the recurring schedule:
    1. You use DPM to set up the individual Tokens (Customer Codes) and provide all payment and recurring details (amount, start/end date etc.), with the recurring tag set to true.
  2. If you manage the recurring schedule:
      1. You use DPM to set up the individual Tokens (Customer Codes) and only provide the payment details, with the recurring tag set to false;
      2. Then, on the schedule date you send a batch file containing the Tokens (Customer Codes) and amount of charge using our ProcessLink Web Service.
      3. Any future updates (switch it OFF, delete, etc.) to the Tokens can be done via our CustomerLink Web Service.
 

Please note that iATS operates two server systems, one based in North America (NA) and one in the United Kingdom (UK). Clients in the United States and Canada will use the NA servers, while all other clients use our UK servers. The explanation of the specific services that follows will provide the links to each server address as available.

Notes on International processing:

  1. The same interface can be used for International processing on our UK servers however it should be noted that single ACH/EFT (Direct Debit) transactions are not allowed in the UK. Only recurring Direct Debit transactions can be initiated.
  2. The recurring date format is different for UK. Please use the format DD/MM/YYYY where applicable.
 

 

Concept Overview

With Direct Post, the transaction data is submitted directly to iATS payment gateway by means of HTML form POST, bypassing the host’s server. Upon authorization, iATS posts the transaction result or the token information to the hosts relay URL. Direct Post then redirects the end user’s browser to the hosts server using Success_Redirect_URL or Failed_Redirect_URL dependng on process result. iATS will be invisible with the host having full control during the process.

The Direct Post method will provide the following options:

  1. Processing a single credit card transaction (available for both NA and international processing)
  2. Processing a single ACH transaction (available for only NA processing)
  3. Creating a token to store payment details or for recurring transactions (available for both NA and international CC processing, and NA ACH/EFT only)
  4. Create a token (without recurring) AND transact at the same time.
  5. Create a token (with recurring) AND transact at the same time.

Direct Post Method Data flow
 
  1. The website Host (merchant) creates an HTML payment form following the iATS specifications described within this guide. The form must contain all required fields to complete the credit card or ACH transaction process successfully. See the ‘Submitting Transaction’ section for more details.
    The HTML form should use the following syntax:
     
     

     

    North America

    <form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form">

           <input type="submit" value="Submit Transaction"/>

    </form>

     

    UK/International

    <form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST"

    name="IATS_DPM_Form">

           <input type="submit" value="Submit Transaction"/>

    </form>

     

    iATS provides a process URL where the transaction collected on the merchant’s website should be submitted by means of HTML form POST. The host’s payment form created in step 1 above will be posted to iATS. Within the post data you will need to include the postback URL, Success_Redirect_URL_Redirect_URL which are the web pages hosted on the merchants website to handle the response of the transaction result.

     
  2. After receiving the transaction data or new token request, the iATS payment gateway will process the transaction and return the transaction result back to the merchants relay URL by means of HTTPS POST.
  3. Merchant’s postback URL handles the transaction result. The merchant needs to have different transaction response pages for approval (Success_Redirect_URL) and rejected (Failed_Redirect_URL) transactions individually. These URLs should return the response page where the end user will be redirected. See the ‘Submitting Transaction’ section for detail.
  4. iATS will then redirect the end user’s browser to the response pages (success or failed) sent in the original post. In this process the end user will stay on merchant’s website. However, they will see the browser refresh when they are redirected to the response page.

Requirements

  1. Merchant must have received the client’s valid iATS Process Key associated with their Client Code which is has been enabled to process credit card and/or ACH transactions. Instructions on how the client creates the Process Key are included below.
  2. Merchant needs to create the HTML payment form on their own web server. The form must have the required payment fields following the iATS specifications in this document. The standard API consists of required and optional fields that can be submitted to iATS for real time credit card transaction processing. See the ‘Submitting Transaction’ section for more details

  3. Merchant needs to build relay pages to be able to handle the https post transaction result from the iATS payment gateway. 
  4. Merchant needs to build a transaction response page to be displayed to the end user for the various responses: Success, Failed, Token and Token with success or failed transaction.
 
 
Submitting a Transaction

 

Transaction Post URL

The Direct Post transaction should POST to the following URLs:

North America

https://www.iatspayments.com/netgate/IATSDPMProcess.aspx

UK/International

https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx

 
HTML Form Post Syntax
 
Transaction data will be submitted to iATS by means of HTML form POST. The host needs to have the HTML form collect the  transaction data from the end user and the form should be in the following syntax:

North America

<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form">

       <input type="submit" value="Submit Transaction"/>
</
form>

 

UK/International

<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST"
name="IATS_DPM_Form">

   <input type="submit" value="Submit Transaction"/>
</
form>

 

The following sections describe the required and optional form fields that can be submitted to iATS payment gateway by using Direct Post.
 
Authentication Information (Process Key)
 
The transaction authentication used by the Direct Post is the Process Key. The Process Key is encrypted and secure. Each merchant can generate a unique process key after receiving a valid iATS Client Code.

 

To create a Process Key:

 

(1) Log on to the iATS portal
(2) Go to ‘User Profile’
(3) Select ‘Change Password’
(4) Under ‘Manage process key’ section, click the “Create New Process Key” button.

 
 

 

Notes on Process Key:

 

  • If the Create button is clicked again at some point in the future, a new Process Key will be generated, invalidating the old one. If this occurs, the new Key will need to be added to the code to replace the old one.
  • Changes to the Client Code password at a future time will not affect the existing process key or make it invalid.
image 
 
The process key should be embedded in the payment form but not visible to the donor. The Process Key field must be submitted using the syntax below.

<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST"
name="IATS_DPM_Form">

   <input type="submit" value="Submit Transaction"/>
</
form>

 

Field name

Value

Note

IATS_DPM_ProcessID

Process Key

Merchant- and transaction-specific encrypted key for authentication.
Required field.

 

 

Donor’s Information Fields


The following table represents the HTML form donor information fields that can be submitted to iATS using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

 

Field name

Value

Note

Required or Optional

IATS_DPM_Title

Title for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_FirstName

First name for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_LastName

Last name for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_Address

Address for the end user.

Up to 99 characters

Optional

IATS_DPM_City

City of the address.

Up to 39 characters

Optional

IATS_DPM_Province

Province of the address.

Up to 39 characters

Optional

IATS_DPM_Country

Country of the address.

Up to 39 characters

Optional

IATS_DPM_ZipCode

Zip code of the address.

Up to 10 characters. .

Optional but recommended

IATS_DPM_Phone

Phone number for the end users.

Up to 39 characters.

Optional

IATS_DPM_Phone2

Phone number for the end users.

Up to 39 characters

Optional

IATS_DPM_Fax

Fax number for the end user.

Up to 39 characters

Optional

IATS_DPM_Email

Email for the end user.

Up to 39 characters.

Optional but recommended

IATS_DPM_Comment

Comment associated with the transaction.

Up to 110 characters

Optional

 

 

Custom Information Fields

 

The following table represents the HTML form fields of custom information can be submitted to IATS using Direct Post. All  fields in this section are optional and will be stored in the iATS system and available via ReportLink web service.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

 

Field name

Value

Note

IATS_DPM_Invoice

Invoice # for the end user

Up to 39 characters
For credit card/ACHEFT single transaction only.

IATS_DPM_Item1

Item1 for custom question

Up to 39 characters

IATS_DPM_Item2

Item2 for custom question

Up to 39 characters

IATS_DPM_Item3

Item3 for custom question

Up to 39 characters

IATS_DPM_Item4

Item4 for custom question

Up to 39 characters

IATS_DPM_Item5

Item5 for custom question

Up to 39 characters

IATS_DPM_Item6

Item6 for custom question

Up to 39 characters

 

Client Defined Fields

The following table represents the HTML form fields of client defined can be submitted to iATS using Direct Post.

iATS neither stores nor processes this field’s value, only acting as a pass-through to the postback URL. iATS will accept up to 3 client-defined fields with the prefix “IATS_DPM_ClientDefined_”.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

 

Field name

Value

Note

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 1

Up to 150 characters

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 2

Up to 150 characters

IATS_DPM_ClientDefined_(insert name)

Value of client defined field 3

Up to 150 characters

 

 

Single Credit Card Transaction Fields


The following table represents the fields required for submitting a single credit card transaction using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_AccountNumber

Credit card number

Up to 600 characters.
Large max value due to ability to capture encrypted swiper details in this field, see section on encrypted card readers below.

Required

IATS_DPM_ExpiryDate

Expiry Date
Must be in the format of MM/YY

Up to 5 characters

Required

IATS_DPM_CVV2

CVV2.

Up to 4 characters. Must be digits only.

Required

IATS_DPM_MOP

Credit card type. ‘VISA’ or
‘MC’ or
‘AMX’ or

‘DSC

We accept the following card types: VISA, MC, AMX, DSC

Optional

IATS_DPM_Amount

Total processed amount

Numbers and decimal.
Do not put currency symbol in this field.
Processed amount must be greater than zero, and cannot exceed limit associated with
merchant’s iATS Client Code.

Required

 

 

Single ACH Transaction Fields


The following table represents the fields required for submitting a single ACH transaction using Direct Post.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_AccountNumber

ACH Account number.

USD:

Routing no. (9 digits) + account no. (# of digits varies)

CAD:

Bank no. (3 digits) + transit no. (5 digits) + account no. (# of digits varies)

*Order must be followed with NO spaces example 12312345123456789 for CDN *

Up to 40 characters. Must be digits only

Required

IATS_DPM_MOP

‘ACHEFT’

Up to 10 characters.
The value must be
‘ACHEFT’ to process ACH transactions. For other values or this field being blank, the transaction will be processed as a credit card.

Required

IATS_DPM_AccountType

Debit card account type. ‘CHECKING’ or ‘SAVING’

Will not accept values other than ‘CHECKING’ or ‘SAVING’.

Required

IATS_DPM_Amount

Total processed amount.

Numbers and decimal.
Do not put currency sign in this field. Processed Amount must be greater than zero, and cannot exceed limit associated with merc
hant’s iATS Client Code.

Required

 

 

Creating Secure Tokens


Instead of processing a real-time transaction, the merchant can use the Direct Post to create a token which can be used for  transactions at a later stage with the iATS web services or to set up recurring transactions to be auto processed by iATS.

The iATS payment gateway will return a token ID to the Host which can be used to:

  • Access and update payment information associated with the token iATS CustomerLink Web Service
  • Process a single transaction on a recurring schedule using ProcessLink Web Service

Please refer to the iATS Web Service Guides for more details on the services offered.

The data fields are name and value pairs, using the following HTML syntax:

<input name="Field Name" value="value"/>

 

The following table represents the fields required for creating a secure token using Direct Post. The Host will need to have the credit card or bank account fields in the form. This payment information is what will be stored in the iATS system which is associated with the token.

 

Field name

Value

Note

Required or Optional

IATS_DPM_ProcessOption

Request type of process
(1) TRANSACTION
(2) TOKEN
(3) TOKENANDTRANSACTION

This field instructs iATS to create only transact, only create a token or create and tokenize at the same time

Required

IATS_DPM_RecurringOn

The request to turn on recurring transactions.
Value of ‘TRUE’ or ‘FALSE’

If the value is TRUE, iATS will set up and process the recurring transaction based on recurring settings below.

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_BeginDate

Recurring transaction begin date.

Must be in date format: MM/DD/YYYY

For the UK: DD/MM/YYYY

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_EndDate

Recurring transaction end date.

Must be in date format: MM/DD/YYYY

For the UK: DD/MM/YYYY

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleType

Recurring transaction schedule type.
‘MONTHLY’ or
‘WEEKLY’ or

‘QUARTERLY’ or ‘ANNUALLY’

Set up schedule type

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleMonth

Month for annual recurring transaction.

Number from 1 to 12

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

IATS_DPM_ScheduleDate

Date for monthly recurring transaction.

Number from 1 to 31

Required if ProcessOption is TOKEN or TOKENANDTRANSACTION

 

Relay URLs

 

The following table describes form fields that can be submitted to configure the relay response. The URLs should be embedded in the payment form but not visible to the end user. All fields are required.

The response URL fields for successful, failed and postback are submitted using the syntax below:

<input name="IATS_DPM_RelayURL" value="url"/>

 

Field name

Value

Note

Required or Optional

IATS_DPM_PostBackURL

The URL on the merchant’s website to which iATS posts transaction results

iATS will post transaction result to this URL. The value must be valid URL starting with ‘http://’ or ‘https://’.

Required

IATS_DPM_SuccessRedirectURL

The URL on the merchant’s website to which iATS redirects the donor for a successful transaction

Redirect the end user’s browser to this URL if and only if the transaction was successful.

The value must be a valid absolute URL starting with ‘http://’ or ‘https://’.

Required

IATS_DPM_FailedRedirectURL

The URL on the merchant’s website to which iATS redirects the donor for a failed transaction

Redirect the end user’s browser to this URL if and only if the transaction was not successful.

The value must be a valid absolute URL starting with ‘http://’ or ‘https://’.

 

 

 

Encrypted Magnetic Stripe Readers

 

Overview

 

Our encrypted magnetic stripe readers (MSRs) are fully PCI compliant as the sensitive credit card data is encrypted immediately within the device before the data flows through to the computer or device. This means your servers do not have to handle any clear text credit card data. The encrypted MSRs are designed to work with the Direct Post Method.

When a credit card is swiped through the MSR, it will read and encrypt the track data on the magnetic stripes and pass the encrypted data to the Account Number field in DPM to the relevant web service to either a) process the transaction directly or b) tokenize the details for future transactions, or c) process the transaction directly and tokenize the details for future transactions

 

Supported Hardware

 

The following supported magnetic stripe readers should be ordered directly from iATS Payments as they contain encryption keys only accessible by iATS:
USB (PC and Mac)


Using the MSR’s

 

As there are a number of variations of the swiper, iATS needs to know which swiper is being used so that iATS

can supply the correct encryption key to the transaction. Once the user has swiped the card in the Credit Card

field, the swiper type needs to be appended to the front of the transaction string before being sent to iATS.

For example: IATS_DPM_AccountNumber = 00|@|[Encryption string]

 

Development requirements - Magtek

 

Magtek Dynamag USB Encrypted swiper

 

The Magtek Dynamag is a USB encrypted swiper for use on PC’s.

When you swipe the USB device a complete string of masked as well as encrypted data. You can use the masked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers, the entire string (masked and encrypted) as well as the identification of the swiper type needs to be passed through to iATS.

Magtek USB encrypted swipe example:

%B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|2F2E4
4C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC427958C
E07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7B489E
AE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0BC0FA
1B3067C034A946E9F80F3D7B

For the Magtek Dynamag, please append the data in the following order and delimitation:

SwiperType|@|Entire USB output

Where:

- SwiperType : 02 for Magtek Dynamag

- Entire USB output string (no parsing)

- |@| : Delimiter

MagTek USB swipe to be entered into IATS_DPM_AccountNumber field

02|@| %B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|
2F2E44C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC42
7958CE07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7
B489EAE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0
BC0FA1B3067C034A946E9F80F3D7B

 

 
Development requirements – IDTech
 
IDTech SecureMag USB card swipe

 

The IDTech Secure Mag is a USB encrypted swipe for PC’s and Laptops.

When you swipe the USB device, it will collect a complete string of masked as well as encrypted data. You can use the unmasked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers the entire string (masked and encrypted) needs to be passed through to iATS.

IDTECH USB encrypted swipe example:

02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=******
*********?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F010B9E9
DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B46EDA8
E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA8FFFF
738139000400000D68AA03


For the IDTech Secure Mag, please collate the data in the following order and delimitation:

SwiperType|@|Entire USB output

Where:

- SwiperType : 00 for IDTech Secure Mag

- Entire USB output string (no parsing)

- |@| : Delimiter

IDTech USB swipe to be entered into IATS_DPM_AccountNumber field

00|@| 02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=*
**************?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F01
0B9E9DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B4
6EDA8E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA
8FFFF738139000400000D68AA03

 

 

JavaScript to choose card reader type

If you want to use the card readers as per above, then you can use the following piece of JavaScript to choose the reader type and append the correct number to the string when the form is submitted. This allows the user to use the card reader directly without needing to add the reader type each time.

Add the following script to the header:

<head>
<script type="text/javascript">
        /**
* Preprocess IATS_DPM_AccountNumber field if using a USB card reader.
 
 */
function usbReaderPreprocess() {
    // Get the USB card reader type.
    var usbDeviceType = document.getElementById('USB_Device_Type').value;
    if (usbDeviceType != '') {

// Get the unprocessed USB card reader input.

var readerInput = document.getElementById('IATS_DPM_AccountNumber').value;

// Prepend USB card reader type to the reader input.

var processedReaderInput = usbDeviceType + '|@|' + readerInput;
// Update the form with the processed reader input.
document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput;
// Parse the payer's name from the reader input.
var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi);
if (nameMatch != null) {
var nameString = nameMatch[0].replace(/\^/g, '');
var nameParts = nameString.split('/');

// Update the form with the payer's first and last names.

    document.getElementById('IATS_DPM_FirstName').value = nameParts[1];
    document.getElementById('IATS_DPM_LastName').value = nameParts[0];
}

} }

    </script>
</head>
 
 
Add the following to your body:
<div class="">
<label class="" for="USB_Device_Type">USB Device</label>
<select id="USB_Device_Type">
        <option value="">None</option>
<option value="00">IDTech SecureMag USB swiper</option>
<option value="02">MagTek Dynamag USB swiper</option>
    </select>
</div>

<br /><br />

 

Also, make sure to add the OnSubmit function to the form action:

North America
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">


UK/International

<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">


The above code combined will give you ability to choose the swiper being used. You could of course pre-fill the card reader type and hide the field so its completely anonymous to the users.

 

Transaction Responses

When a Postback Response is configured, the transaction response that is returned to the merchant from the iATS payment gateway is a set of fields that provides information about the status of the transaction.

  • For single credit card transactions iATS will provide real-time transaction approval or rejection results.
  • For ACH transactions, the result is always approved because it takes at least one day to settle the transaction.
  • For the ACH process please refer to the Web Service documentation – ProcessLink.

If the request is to create a token, the response is the detail of the token information created by iATS system.
The merchant server can parse the data in the returned response and customize the message to display to the end user.


Standard Fields in the Transactions Response


Below is the table for all the standard fields iATS will return to the merchant’s postback  URL. iATS will return all donors information collected on the merchant’s HTML payment form.

 

Field name

Value

Note

IATS_Title

Title for the end user

Up to 39 characters

IATS_FirstName

First name for the end user

Up to 39 characters

IATS_LastName

Last name for the end user

Up to 39 characters

IATS_Address

Address for the end user

Up to 99 characters

IATS_City

City of the address

Up to 39 characters

IATS_State

State/Province of the address

Up to 39 characters

IATS_Country

Country of the address

Up to 39 characters

IATS_ZipCode

Zip code of the address

Up to 10 characters

IATS_Phone

Phone number for the end user

Up to 39 characters

IATS_Phone2

Phone number 2 for the end user

Up to 39 characters

IATS_Fax

Fax number for the end user

Up to 39 characters

IATS_Email

Email for the end user

Up to 39 characters

IATS_Comment

Comment for the end user

Up to 39 characters

IATS_Invoice

Invoice # for the end user

Up to 39 characters

For credit card/ACHEFT singe transaction only

IATS_Item1

Item1 for custom question

Up to 39 characters

IATS_Item2

Item2 for custom question

Up to 39 characters

IATS_Item3

Item3 for custom question

Up to 39 characters

IATS_Item4

Item4 for custom question

Up to 39 characters

IATS_Item5

Item5 for custom question

Up to 39 characters

IATS_Item6

Item6 for custom question

Up to 39 characters

IATS_Item7

Not available for Direct Post Method yet

 

IATS_Item8

Not available for Direct Post Method yet

 

IATS_Item9

Not available for Direct Post Method yet

 

IATS_Item10

Not available for Direct Post Method yet

 

IATS_Item11

Not available for Direct Post Method yet

 

IATS_Item12

Not available for Direct Post Method yet

 

IATS_Item13

Not available for Direct Post Method yet

 

IATS_Item14

Not available for Direct Post Method yet

 

IATS_Item15

Not available for Direct Post Method yet

 

IATS_ClientDefined_(insert name)

Value of client defined field 1

Up to 150 characters

IATS_ClientDefined_(insert name)

Value of client defined field 2

Up to 150 characters

IATS_ClientDefined_(insert name)

Value of client defined field 3

Up to 150 characters

IATS_Payment_AgencyCodeHash

Client code hash

SHA 1 of 4 character client code in uppercase

IATS_Payment_SubCode

Last two digits of user name

Example: TEST88 sub-code is ‘88’

IATS_Amount

Transaction amount

 

 

Single Credit Card Transaction Response

 

Below is the table of results for a transaction that iATS will return to merchant’s relay URL for a single credit card transaction.

Field name

Value

Note

IATS_AccountNumber

Last four digits of processed credit card number

Up to 4 characters

IATS_MOP

Method of Payment

Up to 10 characters.
We accept the following card types: VISA, MC, AMX, DSC

IATS_PaymentType

Payment Type: credit card or ACH

Value of ‘CreditCard’

IATS_Result

Transaction result

‘OK: approval code’ ‘Reject: rejection code’ ‘Reject: TIMEOUT’

IATS_TransID

Transaction ID

This value is the transaction ID the merchant can use to search the transaction in iATS customer portal

IATS_ExpiryMonth

Credit card expiry month

Two digit number, from 1-12

IATS_ExpiryYear

Credit card expiry year

Four digit number, example 2017

 

 

Rejection codes for Credit Card Responses

 

Below is the list of transaction rejection codes. For a more detailed list, please refer to

https://www.iatspayments.com/Portal/StaticPages/RejectCodes

 

Single ACH Transaction Response


Below is the table of transaction result fields that iATS will return to merchants relay URL for a single ACH transaction.

Field name

Value

Note

IATS_AccountNumber

Last four digits of account number

 

IATS_MOP

Method of Payment

Value of ‘ACHEFT’

IATS_PaymentType

Payment Type, credit card or ACH

Value of ‘ACH’

IATS_Result

Transaction result

Value of ‘OK: 555555’.
ACH transactions are not real time and takes at least one day to process. iATS will return temporary approval result. Successful or rejected ACH transactions should be retrieved using the iATS Web Service ReportLink

IATS_TransID

Transaction ID

This value is the transaction ID the merchant can use to search the transaction in iATS customer portal

IATS_DebitAccountType

Account type

Value of ‘CHECKING’ or ‘SAVING’

 

 

Token Transactions Response


Below is the table of the response fields iATS will return to merchants relay URL for a request to create a token.


Non-recurring Tokens
 

Field name

Value

Note

IATS_AccountNumber

Last four digits of processed account number

Up to 4 characters

IATS_PaymentType

Method of Payment

Value of ‘CreditCard’ or ‘ACH’

IATS_Result

‘TokenCreated’ or ‘TokenFailed’

 

IATS_ResultDetail

Token ID or Error message

If the Token is created successfully, it will start with a letter followed by number, for example ‘A1234567’.
If it fails the detail will be in the message.

 

Tokens with a recurring schedule


The following fields are for when a recurring setting was set up for the token. If the host posts recurring settings in the original request, iATS will post the same settings back. Otherwise iATS will return default settings.

 

 Field name

Value

Note

IATS_BeginDate

Recurring transaction begin date

Default value is today’s date

IATS_EndDate

Recurring transaction end date

Default value is today’s date

IATS_ScheduleType

Recurring transaction schedule type.
‘MONTHLY’ or
‘WEEKLY’ or

‘QUARTERLY’ or ‘ANNUALLY’

Value of ‘MONTHLY’ or ‘WEEKLY’ or ‘QUARTERLY’ or ‘ANNUALLY’

Default value is MONTHLY.

IATS_RecurringOn

Recurring turned on. ‘ON’ or
‘OFF’

Value of ‘ON’ or ‘OFF’. Default value is ‘OFF’.

 

Code Samples

Below is an example of the Direct Post HTML form with Postback URL and success/fail pages.

SAMPLE HTML Payment Form – Without Card Reader
 
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
>
<
html xmlns="http://www.w3.org/1999/xhtml">
<
head>
    <title>DPM Test Merchant</title>
<
style type="text/css">

label

{

         float: left;
width: 400px;

}

    </style>
</
head>

<body>

<form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form">
<
div><strong>Direct Post Authentication: TEST88 Processkey: PA0940D765F2BD67BD97B82EFAA4D72BE9</strong></div>

<div class="">
<
label class="" for="IATS_DPM_ProcessID">ProcessKey</label>
<
input name="IATS_DPM_ProcessID" class="" id="IATS_DPM_ProcessID"

value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div>
<
br /><br />

<div><strong>Donors information</strong></div>
 <div class="">
    <label class="" for="IATS_DPM_Title">Title</label>
<
input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_FirstName">First Name</label>
    <input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_LastName">Last Name</label>
<
input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Address">Address</label>
    <input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_City">City</label>
<
input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Province">State/Province</label>
    <input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Country">Country</label>
<
input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ZipCode">Zip Code</label>
    <input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Phone">Phone</label>
<
input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Phone">Phone2</label>

<input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_Phone">Fax</label>
<
input name="IATS_DPM_Fax" class="" id="IATS_DPM_Fax" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Email">Email</label>
    <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Comment">Comment</label>
<
input name="IATS_DPM_Comment" class="" id="IATS_DPM_Comment" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item1">Item1</label>
    <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item2">Item2</label>
 

 

    <input name="IATS_DPM_Item2" class="" id="IATS_DPM_Item2" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item3">Item3</label>
<
input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item4">Item4</label>
    <input name="IATS_DPM_Item4" class="" id="IATS_DPM_Item4" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item5">Item5</label>
<
input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item6">Item6</label>
    <input name="IATS_DPM_Item6" class="" id="IATS_DPM_Item6" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label>
<
input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label>
    <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label>
    <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3"
maxlength="150" />
</
div>
<
br /><br />
<div><strong>Amount</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Amount">Amount</label>

<input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>

<br /><br />
<
div><strong>Payment</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_MOP">Method of Payment</label>
    <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_AccountNumber">Account Number</label>
<
input name="IATS_DPM_AccountNumber" class="" id="IATS_DPM_AccountNumber" maxlength="600" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label>

<input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_CVV2">CVV2 (for credit card)</label>
<
input name="IATS_DPM_CVV2" class="" id="IATS_DPM_CVV2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label>
 

<input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39"

/>
</div>
<
br /><br />
<div><strong>Process Option</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_ProcessOption">Process Option</label>
    <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" />
<
br />

<label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label>
<
input name="IATS_DPM_RecurringOn" class="" id="IATS_DPM_RecurringOn" maxlength="39" /> <br /> <label class="" for="IATS_DPM_BeginDate">BeginDate</label>
<
input name="IATS_DPM_BeginDate" class="" id="IATS_DPM_BeginDate" maxlength="39" /> <br /> <label class="" for="IATS_DPM_EndDate">EndDate</label>
<
input name="IATS_DPM_EndDate" class="" id="IATS_DPM_EndDate" maxlength="39" /> <br />
<
label class="" for="IATS_DPM_ScheduleType">ScheduleType</label>
<
input name="IATS_DPM_ScheduleType" class="" id="IATS_DPM_ScheduleType" maxlength="39" /> <br

/>
<
label class="" for="IATS_DPM_ScheduleMonth">ScheduleMonth (If Schedule Type is Annual)</label>
<
input name="IATS_DPM_ScheduleMonth" class="" id="IATS_DPM_ScheduleMonth" maxlength="39" /> <br
/>
<
label class="" for="IATS_DPM_ScheduleDate">ScheduleDate (If Schedule Type is Monthly)</label>
<
input name="IATS_DPM_ScheduleDate" class="" id="IATS_DPM_ScheduleDate" maxlength="39" /> <br

/> </div>

<br /><br />

<div><strong>Post Back Response</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_PostBackURL">Post Back URL</label>
    <input type="input" name="IATS_DPM_PostBackURL" class="" id="IATS_DPM_PostBackURL" value="ENTER
POSTBACK
" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_SuccessRedirectURL">Success Redirect URL</label>

<input type="input" name="IATS_DPM_SuccessRedirectURL" class="" id="IATS_DPM_SuccessRedirectURL" value="ENTER SUCCESS REDIRECT URL HERE" /> </div>
<
div class="">

    <label class="" for="IATS_DPM_FailedRedirectURL">Failed Redirect URL</label>

<input type="input" name="IATS_DPM_FailedRedirectURL" class="" id="IATS_DPM_FailedRedirectURL" value="ENTER FAILED REDIRECT URL HERE" />
</
div>
<
br /><br />

<input type="submit" value="Process"/>
</
form>
</
body>

 

 

SAMPLE HTML Payment Form – With Card Reader

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
>
<
html xmlns="http://www.w3.org/1999/xhtml">
<
head>
    <title>DPM Test Merchant</title>
<
style type="text/css">

label

{ }

float: left;
width: 400px;
</style>
<
script type="text/javascript">

/**
* Preprocess IATS_DPM_AccountNumber field if using a USB card reader.

*/

    function usbReaderPreprocess() {
// Get the USB card reader type.
var usbDeviceType = document.getElementById('USB_Device_Type').value;

if (usbDeviceType != '') {
// Get the unprocessed USB card reader input.
var readerInput = document.getElementById('IATS_DPM_AccountNumber').value;

} }

    </script>
</
head>

<body>

// Prepend USB card reader type to the reader input.

var processedReaderInput = usbDeviceType + '|@|' + readerInput;
// Update the form with the processed reader input.
document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput;
// Parse the payer's name from the reader input.
var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi);
if (nameMatch != null) {
var nameString = nameMatch[0].replace(/\^/g, '');
var nameParts = nameString.split('/');

// Update the form with the payer's first and last names.

    document.getElementById('IATS_DPM_FirstName').value = nameParts[1];
    document.getElementById('IATS_DPM_LastName').value = nameParts[0];
}

<form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">
<
div><strong>Direct Post Authentication: TEST88 Processkey: PA0940D765F2BD67BD97B82EFAA4D72BE9</strong></div>

 
<div class="">
<
label class="" for="IATS_DPM_ProcessID">ProcessKey</label>
<
input name="IATS_DPM_ProcessID" class="" id="IATS_DPM_ProcessID"

value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div>
<
br /><br />

<div class="">
<
label class="" for="USB_Device_Type">USB Device</label>
<
select id="USB_Device_Type">
        <option value="">None</option>
<
option value="00">IDTech SecureMag USB swiper</option>
<
option value="02">MagTek Dynamag USB swiper</option>
    </select>
</
div>

<br /><br />

<div><strong>Donors information</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Title">Title</label>
    <input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_FirstName">First Name</label>
<
input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_LastName">Last Name</label>
    <input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Address">Address</label>
<
input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_City">City</label>
    <input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Province">State/Province</label>
<
input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Country">Country</label>
    <input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_ZipCode">Zip Code</label>
<
input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Phone">Phone</label>
    <input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" />
</
div>

<div class="">
<
label class="" for="IATS_DPM_Phone">Phone2</label>
<
input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" />

</div>

 

 

<div class="">
<
label class="" for="IATS_DPM_Phone">Fax</label>
<
input name="IATS_DPM_Fax" class="" id="IATS_DPM_Fax" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Email">Email</label>
    <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Comment">Comment</label>
<
input name="IATS_DPM_Comment" class="" id="IATS_DPM_Comment" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item1">Item1</label>
    <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item2">Item2</label>
<
input name="IATS_DPM_Item2" class="" id="IATS_DPM_Item2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item3">Item3</label>
    <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item4">Item4</label>
<
input name="IATS_DPM_Item4" class="" id="IATS_DPM_Item4" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_Item5">Item5</label>
    <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_Item6">Item6</label>
<
input name="IATS_DPM_Item6" class="" id="IATS_DPM_Item6" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label>
    <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label>
    <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2"
maxlength="150" />
</
div>
<
div class="">
    <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label>
    <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3"
maxlength="150" />
</
div>

<br /><br />

<div><strong>Amount</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_Amount">Amount</label>

<input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>

 

 

<br /><br />

<div><strong>Payment</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_MOP">Method of Payment</label>
    <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" />
</
div>
<div class="">
<
label class="" for="IATS_DPM_AccountNumber">Account Number</label>
<
input name="IATS_DPM_AccountNumber" class="" id="IATS_DPM_AccountNumber" maxlength="600" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label>

<input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div>

<div class="">
<
label class="" for="IATS_DPM_CVV2">CVV2 (for credit card)</label>
<
input name="IATS_DPM_CVV2" class="" id="IATS_DPM_CVV2" maxlength="39" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label>
    <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39"
/>
</div>
<
br /><br />
<div><strong>Process Option</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_ProcessOption">Process Option</label>
    <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" />
<
br />

<label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label>
<
input name="IATS_DPM_RecurringOn" class="" id="IATS_DPM_RecurringOn" maxlength="39" /> <br /> <label class="" for="IATS_DPM_BeginDate">BeginDate</label>
<
input name="IATS_DPM_BeginDate" class="" id="IATS_DPM_BeginDate" maxlength="39" /> <br /> <label class="" for="IATS_DPM_EndDate">EndDate</label>
<
input name="IATS_DPM_EndDate" class="" id="IATS_DPM_EndDate" maxlength="39" /> <br />
<
label class="" for="IATS_DPM_ScheduleType">ScheduleType</label>
<
input name="IATS_DPM_ScheduleType" class="" id="IATS_DPM_ScheduleType" maxlength="39" /> <br

/>
<
label class="" for="IATS_DPM_ScheduleMonth">ScheduleMonth (If Schedule Type is Annual)</label>
<
input name="IATS_DPM_ScheduleMonth" class="" id="IATS_DPM_ScheduleMonth" maxlength="39" /> <br
/>
<
label class="" for="IATS_DPM_ScheduleDate">ScheduleDate (If Schedule Type is Monthly)</label>
<
input name="IATS_DPM_ScheduleDate" class="" id="IATS_DPM_ScheduleDate" maxlength="39" /> <br

/> </div>

<div><strong>Post Back Response</strong></div>
<
div class="">
    <label class="" for="IATS_DPM_PostBackURL">Post Back URL</label>
    <input type="input" name="IATS_DPM_PostBackURL" class="" id="IATS_DPM_PostBackURL" value="ENTER
POSTBACK
" />
</div>
<
div class="">
    <label class="" for="IATS_DPM_SuccessRedirectURL">Success Redirect URL</label>

<input type="input" name="IATS_DPM_SuccessRedirectURL" class="" id="IATS_DPM_SuccessRedirectURL" value="ENTER SUCCESS REDIRECT URL HERE" /> </div>

 

 

<div class="">
<
label class="" for="IATS_DPM_FailedRedirectURL">Failed Redirect URL</label>
<
input type="input" name="IATS_DPM_FailedRedirectURL" class="" id="IATS_DPM_FailedRedirectURL"

value="ENTER FAILED REDIRECT URL HERE" />
</
div>
<
br /><br />
<input type="submit" value="Process"/>
</
form>
</
body>

 

 

Example Responses

Single Credit Card Transaction Response Example

IATS_AccountNumber=2220

IATS_MOP=VISA

IATS_PaymentType=CreditCard

IATS_ExpiryMonth=12

IATS_ExpiryYear=2014

IATS_Result=OK: 678594:

IATS_TransID=A1A1C5D8

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_Country=CANADA

IATS_State=AB

IATS_ZipCode=T5J1X3

IATS_EMail=TEST@TEST.COM

IATS_Phone=123456789

IATS_Phone2=

IATS_Fax=

IATS_Comment=donation

 

 

Single ACH Transaction Response Example

 

 Single ACH Transaction Response Example

IATS_AccountNumber=2220

IATS_MOP=ACHEFT

IATS_DebitAccountType=CHECKING

IATS_PaymentType=ACH

IATS_Result=OK: 555555

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=JACK

IATS_LastName=GREEN

IATS_Address=JASPER AVE

IATS_City=EDMONTON

IATS_Country=CANADA

IATS_State=AB

IATS_ZipCode=T5J1X3

IATS_EMail=TEST@TEST.COM

IATS_Phone=123456789

IATS_Fax=

IATS_Phone2=

IATS_Comment=donation

 

 

Creating a Token for Credit Card Transaction Response

IATS_AccountNumber=2220

IATS_PaymentMethod=VISA

IATS_PaymentType= CreditCard

IATS_Result=TokenCreated

IATS_ResultDetail= A1047942

IATS_RecurringOn=off

IATS_ScheduleType=MONTHLY

IATS_BeginDate=04/14/2014

IATS_EndDate=04/14/2014

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_State=ab

IATS_ZipCode=T5J1X3

IATS_Country=Canada

IATS_Email=test@test.com

IATS_Fax=

IATS_Phone=123456789

IATS_Phone2=

IATS_comment=donation

 

 

Creating a Token for ACH Transaction Response

IATS_AccountNumber=2220

IATS_PaymentMethod=ACHEFT

IATS_PaymentType=DebitCard

IATS_DebitAccountType=CHECKING

IATS_Result=TokenCreated

IATS_ResultDetail=A1047941

IATS_RecurringOn=off

IATS_ScheduleType=MONTHLY

IATS_BeginDate=04/14/2014

IATS_EndDate=04/14/2014

IATS_Amount=20.00

IATS_Title=Mr

IATS_FirstName=Jack

IATS_LastName=Green

IATS_Address=Jasper AVE

IATS_City=Edmonton

IATS_State=ab

IATS_ZipCode=T5J1X3

IATS_Country=Canada

IATS_Email=test@test.com

IATS_Fax=

IATS_Phone=123456789

IATS_Phone2=

IATS_comment=donation

 

 

Appendix A: Testing iATS Payments Systems

The following information will allow you to test iATS Payments systems to ensure that you can use our services. Please note that this “TEST88” account is not a live merchant account and that authorization and rejection results are for display purposes only.

Please note that this test information is provided to many clients. Please do not modify or delete any pre-existing Aura Event’s or change the password of this code.

User ID = TEST88

Password = TEST88

URL:     NA = www.iatspayments.com

               UK = www.uk.iatspayments.com

To test the Authorization and Rejection responses related to a Charge, credit card number 4111111111111111 can be used.

To test the Authorization responses related to both Charges and Refunds, credit card number 4222222222222220 can be used.

The amounts and corresponding responses detailed below have been created for to test multiple situations:

Amount

Result when using 4111111111111111

1.00

OK: 678594

2.00

REJ: 15

3.00

OK: 678594

4.00

REJ: 15

5.00

REJ: 15

6.00

OK: 678594:X

7.00

OK: 678594:y

8.00

OK: 678594:A

9.00

OK: 678594:Z

10.00

OK: 678594:N

15.00

If CVV2 = 1234, the response is OK: 678594:Y. If no CVV2 is entered, the response is REJ: 19

16.00

REJ: 2

17.00

REJ: 22

192.00 (NA Only)

If sent via API (iATSLink or Web Service) a) IP address is invalid format: Rej: 5.
b)
IP address is valid format: OK: 678594.

All Other Amounts

REJ: 15

All Refund Amounts

REJ: 15

Amount

Result when using 4222222222222220

Any Sale Amount

OK: 678594

Any Refund Amount

OK: 678594

 

Please note there is a transaction limit of $2000.00 (£2000.00) per charge. Amounts above will be rejected.

If using our Direct Post Method, the TEST88 Process Key credentials are:

PAAB24B9961FAC07FAA561180F6CB69A7B (North America) PA0940D765F2BD67BD97B82EFAA4D72BE9 (UK/International)

 

 

 

 

Option 1:
Javascript Relay URL

Option 2:
Direct Redirect

Dynamic Response Page

Yes, through Javascript relay page. Relay URL sent in DPM transaction request.

No, only static pages for success/fail. Both URL sent in DPM transaction request.

Transaction Results

Posted back to relay URL

Posted back to Postback URL

 

 

 

 

Contact Us