We want to make payments easy for developers. Let us do the heavy lifting with these developer tools so you can simply and easily deploy payment and donation solutions.
DIRECT POST METHOD
Direct Post Method (DPM) is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website.
Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.
DPM KEY OPERATIONS
DIRECT POST OPTIONS
This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes). All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.
Option 1 - JavaScript Relay Guide below:
Document |
Change |
Date of Change: |
DPM Guide |
|
Sep 22, 2017 |
North America: www.iatspayments.com
UK/International: www.uk.iatspayments.com
Customer Care:
Email: iatscs@iatspayments.com
Phone: North America: 1-888-955-5455 | UK/Europe: 0808-234-0466
Hours: 7:30am – 5:00pm Pacific Standard Time, Monday to Friday
Sales and Marketing:
Email: iats@iatspayments.com
Phone: North America: 1-866-300-4287 | UK/Europe: 0808-234-0466
Hours: 7:00am – 4:30pm Pacific Standard Time, Monday to Friday
Partner Support:
Email: PartnerSupport@iatspayments.com
Hours: 7:00am – 4:30pm Pacific Standard Time, Monday to Friday
iATS offers two options for the Direct Post Method:
Option 1
This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes). All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.
Option 2
This does not utilize JavaScript but a Direct Redirect. This option only allows the programmer to redirect to two static pages – a successful transaction page or a failed transaction page. As no relay page is utilized, the details of the transaction will be sent to a postback URL. Please refer to separate document for this option.
DPM Relay URL |
DPM Direct Redirect |
|
Dynamic response page |
Yes, through JavaScript relay page. Relay URL sent in DPM transaction request. |
No, only static pages for success/fail. Both URL sent in DPM transaction request. |
Transaction results |
Posted back to relay URL |
Posted back to Postback URL |
This user guide describes the web development required to process transactions via iATS Payments using the Direct Post Method.
Direct Post is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website. Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.
The Direct Post Method can be combined with other iATS Web Services such as CustomerLink (to manage recurring schedules), ProcessLink (to process transactions with a Token or do refunds using a Transaction ID), and ReportLink (pulling transaction reports from iATS’ servers). These are explained further in our Web Service Guides and are available upon request.
For managing recurring transactions, you have the option of managing them or having iATS manage them for you:
Please note that iATS operates two server systems, one based in North America (NA) and one in the United Kingdom (UK). Clients in the United States and Canada will use the NA servers, while all other clients use our UK servers. The explanation of the specific services that follows will provide the links to each server address as available.
Notes on International processing
1. | The same interface can be used for International processing on our UK servers however it should be noted that single ACH/EFT (Direct Debit) transactions are not allowed in the UK. Only recurring Direct Debit transactions can be initiated. |
2. | The recurring date format is different for UK. Please use the format DD/MM/YYYY where applicable. |
With Direct Post, the transaction data is submitted directly to iATS payment gateway by means of HTML form POST, bypassing the host’s server. Upon authorization, iATS posts the transaction result or the token information to the host’s relay URL. Direct Post then redirects the end user’s browser to the host’s server using a client-side JavaScript. iATS will be invisible with the host having full control during the process.
The Direct Post method will provide the following options:
1. | The website Host (merchant) creates an HTML payment form following the iATS specifications described within this guide. The form must contain all required fields to complete the credit card or ACH transaction process successfully. See the ‘Submitting Transaction’ section for more details. The HTML form should use the following syntax: North America
UK/International
iATS provides a process URL where the transaction collected on the merchant’s website should be submitted by means of HTML form POST. The host’s payment form created in step 1 above will be posted to iATS. Within the post data you will need to include the relay URL which is the page hosted on the merchants website to handle the response of the transaction result. |
||
2. | After receiving the transaction data or new token request, the iATS payment gateway will process the transaction and return the transaction result back to the merchant’s relay URL by means of HTTPS POST. | ||
3. | Based on the Transaction results (approval, decline or new token), the merchant provides iATS with a return page with the required redirect JavaScript to send the donor to. The host will need to have different transaction response pages for approval, declined and new token transactions. See the ‘Submitting Transaction’ section for more details. | ||
4. | iATS will then redirect the end user’s browser to the JavaScript returned to iATS from the merchant to show the customized response page. In this process the end user will stay on merchant’s website, however they will see the browser refresh when they are redirected to the response page. |
Requirements
1. | Merchant must have received the client’s valid iATS Process Key associated with their Client Code which is has been enabled to process credit card and/or ACH transactions. Instructions on how the client creates the Process Key are included below. |
2. | Merchant needs to create the HTML payment form on their own web server. The form must have the required payment fields following the iATS specifications in this document. The standard API consists of required and optional fields that can be submitted to iATS for real time credit card transaction processing. See the ‘Submitting Transaction’ section for more details. |
3. | Merchant needs to build relay pages to be able to handle the https post transaction result from the iATS payment gateway. The relay page will return a client side JavaScript to iATS with redirect response page URL. |
4. | Merchant needs to build a transaction response page to be displayed to the end user for the various responses: Success, Failed, Token and Token with success or failed transaction. |
SUBMITTING A TRANSACTION
Transaction Post URL
The Direct Post transaction should POST to the following URLs:
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form"> <input type="submit" value="Submit Transaction"/> |
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" <input type="submit" value="Submit Transaction"/>
|
<input type="hidden" name="IATS_DPM_ProcessID" value=" Put process key here"/> |
Field name |
Value |
Note |
IATS_DPM_ProcessID |
Process Key |
Merchant- and transaction-specific encrypted key for authentication. |
The following table represents the HTML form donor information fields that can be submitted to iATS using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_Title |
Title for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_FirstName |
First name for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_LastName |
Last name for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_Address |
Address for the end user. |
Up to 99 characters |
Optional |
IATS_DPM_City |
City of the address. |
Up to 39 characters |
Optional |
IATS_DPM_Province |
Province of the address. |
Up to 39 characters |
Optional |
IATS_DPM_Country |
Country of the address. |
Up to 39 characters |
Optional |
IATS_DPM_ZipCode |
Zip code of the address. |
Up to 10 characters. . |
Optional but recommended |
IATS_DPM_Phone |
Phone number for the end users. |
Up to 39 characters. |
Optional |
IATS_DPM_Phone2 |
Phone number for the end users. |
Up to 39 characters |
Optional |
IATS_DPM_Fax |
Fax number for the end user. |
Up to 39 characters |
Optional |
IATS_DPM_Email |
Email for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_Comment |
Comment associated with the transaction. |
Up to 110 characters |
Optional |
Custom Information Fields
The following table represents the HTML form fields of custom information can be submitted to IATS using Direct Post. All fields in this section are optional and will be stored in the iATS system and available via ReportLink web service.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
IATS_DPM_Invoice |
Invoice # for the end user |
Up to 39 characters |
IATS_DPM_Item1 |
Item1 for custom question |
Up to 39 characters |
IATS_DPM_Item2 |
Item2 for custom question |
Up to 39 characters |
IATS_DPM_Item3 |
Item3 for custom question |
Up to 39 characters |
IATS_DPM_Item4 |
Item4 for custom question |
Up to 39 characters |
IATS_DPM_Item5 |
Item5 for custom question |
Up to 39 characters |
IATS_DPM_Item6 |
Item6 for custom question |
Up to 39 characters |
The following table represents the HTML form fields of client defined can be submitted to iATS using Direct Post.
iATS neither stores nor processes this field’s value, only acting as a pass-through to the postback URL. iATS will accept up to 3 client-defined fields with the prefix “IATS_DPM_ClientDefined_”.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 1 |
Up to 150 characters |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 2 |
Up to 150 characters |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 3 |
Up to 150 characters |
The following table represents the fields required for submitting a single credit card transaction using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_AccountNumber |
Credit card number |
Up to 600 characters. |
Required |
IATS_DPM_ExpiryDate |
Expiry Date |
Up to 5 characters |
Required |
IATS_DPM_CVV2 |
CVV2. |
Up to 4 characters. Must be digits only. |
Required |
IATS_DPM_MOP |
Credit card type. ‘VISA’ or ‘DSC’ |
We accept the following card types: VISA, MC, AMX, DSC |
Optional |
IATS_DPM_Amount |
Total processed amount |
Numbers and decimal. |
Required |
Single ACH Transaction Fields
The following table represents the fields required for submitting a single ACH transaction using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_AccountNumber |
ACH Account number. USD: Routing no. (9 digits) + account no. (# of digits varies) CAD: Bank no. (3 digits) + transit no. (5 digits) + account no. (# of digits varies) *Order must be followed with NO spaces – example 12312345123456789 for CDN * |
Up to 40 characters. Must be digits only |
Required |
IATS_DPM_MOP |
‘ACHEFT’ |
Up to 10 characters. |
Required |
IATS_DPM_AccountType |
Debit card account type. ‘CHECKING’ or ‘SAVING’ |
Will not accept values other than ‘CHECKING’ or ‘SAVING’. |
Required |
IATS_DPM_Amount |
Total processed amount. |
Numbers and decimal. |
Required |
Creating Secure Tokens
Instead of processing a real-time transaction, the merchant can use the Direct Post to create a token which can be used for transactions at a later stage with the iATS web services or to set up recurring transactions to be auto processed by iATS.
The iATS payment gateway will return a token ID to the Host which can be used to:
Please refer to the iATS Web Service Guides for more details on the services offered.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
The following table represents the fields required for creating a secure token using Direct Post. The Host will need to have the credit card or bank account fields in the form. This payment information is what will be stored in the iATS system which is associated with the token.
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_ProcessOption |
Request type of process |
This field instructs iATS to create only transact, only create a token or create and tokenize at the same time |
Required |
IATS_DPM_RecurringOn |
The request to turn on recurring transactions. |
If the value is TRUE, iATS will set up and process the recurring transaction based on recurring settings below. |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_BeginDate |
Recurring transaction begin date. |
Must be in date format: MM/DD/YYYY For the UK: DD/MM/YYYY |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_EndDate |
Recurring transaction end date. |
Must be in date format: MM/DD/YYYY For the UK: DD/MM/YYYY |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleType |
Recurring transaction schedule type. ‘QUARTERLY’ or ‘ANNUALLY’ |
Set up schedule type |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleMonth |
Month for annual recurring transaction. |
Number from 1 to 12 |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleDate |
Date for monthly recurring transaction. |
Number from 1 to 31 |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
Relay URL
The following table describes form fields that can be submitted to configure the relay response. The relay URL should be embedded in the payment form but not visible to the end user.
The relay URL fields are submitted using the syntax below.
<input name="IATS_DPM_RelayURL" value="url"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_RelayURL |
The URL on the merchant’s website to which iATS posts transaction results to for a relay response. |
iATS will post transaction result to this URL. The value must contain a valid URL including prefix: ‘https://’ or ‘https://’. |
Required |
Our encrypted magnetic stripe readers (MSRs) are fully PCI compliant as the sensitive credit card data is encrypted immediately within the device before the data flows through to the computer or device. This means your servers do not have to handle any clear text credit card data. The encrypted MSRs are designed to work with the Direct Post Method.
When a credit card is swiped through the MSR, it will read and encrypt the track data on the magnetic stripes and pass the encrypted data to the Account Number field in DPM to the relevant web service to either a) process the transaction directly or b) tokenize the details for future transactions, or c) process the transaction directly and tokenize the details for future transactions
The following supported magnetic stripe readers should be ordered directly from iATS Payments as they contain encryption keys only accessible by iATS:
USB (PC and Mac)
As there are a number of variations of the swiper, iATS needs to know which swiper is being used so that iATS
can supply the correct encryption key to the transaction. Once the user has swiped the card in the Credit Card
field, the swiper type needs to be appended to the front of the transaction string before being sent to iATS.
The Magtek Dynamag is a USB encrypted swiper for use on PC’s.
When you swipe the USB device a complete string of masked as well as encrypted data. You can use the masked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers, the entire string (masked and encrypted) as well as the identification of the swiper type needs to be passed through to iATS.
Magtek USB encrypted swipe example:
%B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|2F2E4 4C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC427958C E07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7B489E AE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0BC0FA 1B3067C034A946E9F80F3D7B |
For the Magtek Dynamag, please append the data in the following order and delimitation:
SwiperType|@|Entire USB output
Where:
- SwiperType : 02 for Magtek Dynamag
- Entire USB output string (no parsing)
- |@| : Delimiter
MagTek USB swipe to be entered into IATS_DPM_AccountNumber field
02|@| %B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600| 2F2E44C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC42 7958CE07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7 B489EAE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0 BC0FA1B3067C034A946E9F80F3D7B |
The IDTech Secure Mag is a USB encrypted swipe for PC’s and Laptops.
When you swipe the USB device, it will collect a complete string of masked as well as encrypted data. You can use the unmasked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers the entire string (masked and encrypted) needs to be passed through to iATS.
IDTECH USB encrypted swipe example:
02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=****** *********?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F010B9E9 DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B46EDA8 E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA8FFFF 738139000400000D68AA03 |
For the IDTech Secure Mag, please collate the data in the following order and delimitation:
SwiperType|@|Entire USB output
Where:
- SwiperType : 00 for IDTech Secure Mag
- Entire USB output string (no parsing)
- |@| : Delimiter
IDTech USB swipe to be entered into IATS_DPM_AccountNumber field
00|@| 02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=* **************?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F01 0B9E9DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B4 6EDA8E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA 8FFFF738139000400000D68AA03 |
JavaScript to choose card reader type
If you want to use the card readers as per above, then you can use the following piece of JavaScript to choose the reader type and append the correct number to the string when the form is submitted. This allows the user to use the card reader directly without needing to add the reader type each time.
Add the following script to the header:
<head>
/**
|
|
} } </script>
} } </script>
|
Add the following to your body:
<div class="">
<option value="">None</option>
</select>
<br /><br /> |
Also, make sure to add the OnSubmit function to the form action:
North America
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()"> |
UK/International
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()"> |
The above code combined will give you ability to choose the swiper being used. You could of course pre-fill the card reader type and hide the field so its completely anonymous to the users.
When a Relay Response is configured, the transaction response that is returned to the merchant from the iATS payment gateway is a set of fields that provides information about the status of the transaction.
If the request is to create a token, the response is the detail of the token information created by iATS system.
The merchant server can parse the data in the returned response and customize the message to display to the end user.
Below is the table for all the standard fields iATS will return to the merchant’s relay URL. iATS will return all donors information collected on the merchant’s HTML payment form.
Field name |
Value |
Note |
IATS_Title |
Title for the end user |
Up to 39 characters |
IATS_FirstName |
First name for the end user |
Up to 39 characters |
IATS_LastName |
Last name for the end user |
Up to 39 characters |
IATS_Address |
Address for the end user |
Up to 99 characters |
IATS_City |
City of the address |
Up to 39 characters |
IATS_State |
State/Province of the address |
Up to 39 characters |
IATS_Country |
Country of the address |
Up to 39 characters |
IATS_ZipCode |
Zip code of the address |
Up to 10 characters |
IATS_Phone |
Phone number for the end user |
Up to 39 characters |
IATS_Phone2 |
Phone number 2 for the end user |
Up to 39 characters |
IATS_Fax |
Fax number for the end user |
Up to 39 characters |
IATS_Email |
Email for the end user |
Up to 39 characters |
IATS_Comment |
Comment for the end user |
Up to 39 characters |
IATS_Invoice |
Invoice # for the end user |
Up to 39 characters For credit card/ACHEFT singe transaction only |
IATS_Item1 |
Item1 for custom question |
Up to 39 characters |
IATS_Item2 |
Item2 for custom question |
Up to 39 characters |
IATS_Item3 |
Item3 for custom question |
Up to 39 characters |
IATS_Item4 |
Item4 for custom question |
Up to 39 characters |
IATS_Item5 |
Item5 for custom question |
Up to 39 characters |
IATS_Item6 |
Item6 for custom question |
Up to 39 characters |
IATS_Item7 |
Not available for Direct Post Method yet |
|
IATS_Item8 |
Not available for Direct Post Method yet |
|
IATS_Item9 |
Not available for Direct Post Method yet |
|
IATS_Item10 |
Not available for Direct Post Method yet |
|
IATS_Item11 |
Not available for Direct Post Method yet |
|
IATS_Item12 |
Not available for Direct Post Method yet |
|
IATS_Item13 |
Not available for Direct Post Method yet |
|
IATS_Item14 |
Not available for Direct Post Method yet |
|
IATS_Item15 |
Not available for Direct Post Method yet |
|
IATS_ClientDefined_(insert name) |
Value of client defined field 1 |
Up to 150 characters |
IATS_ClientDefined_(insert name) |
Value of client defined field 2 |
Up to 150 characters |
IATS_ClientDefined_(insert name) |
Value of client defined field 3 |
Up to 150 characters |
IATS_Payment_AgencyCodeHash |
Client code hash |
SHA 1 of 4 character client code in uppercase |
IATS_Payment_SubCode |
Last two digits of user name |
Example: TEST88 sub-code is ‘88’ |
IATS_Amount |
Transaction amount |
Below is the table of results for a transaction that iATS will return to merchant’s relay URL for a single credit card transaction.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of processed credit card number |
Up to 4 characters |
IATS_MOP |
Method of Payment |
Up to 10 characters. |
IATS_PaymentType |
Payment Type: credit card or ACH |
Value of ‘CreditCard’ |
IATS_Result |
Transaction result |
‘OK: approval code’ ‘Reject: rejection code’ ‘Reject: TIMEOUT’ |
IATS_TransID |
Transaction ID |
This value is the transaction ID the merchant can use to search the transaction in iATS customer portal |
IATS_ExpiryMonth |
Credit card expiry month |
Two digit number, from 1-12 |
IATS_ExpiryYear |
Credit card expiry year |
Four digit number, example 2017 |
Rejection codes for Credit Card Responses
Below is the list of transaction rejection codes. For a more detailed list, please refer to
Below is the table of transaction result fields that iATS will return to merchant’s relay URL for a single ACH transaction.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of account number |
|
IATS_MOP |
Method of Payment |
Value of ‘ACHEFT’ |
IATS_PaymentType |
Payment Type, credit card or ACH |
Value of ‘ACH’ |
IATS_Result |
Transaction result |
Value of ‘OK: 555555’. |
IATS_TransID |
Transaction ID |
This value is the transaction ID the merchant can use to search the transaction in iATS customer portal |
IATS_DebitAccountType |
Account type |
Value of ‘CHECKING’ or ‘SAVING’ |
Token Transactions Response
Below is the table of the response fields iATS will return to merchant’s relay URL for a request to create a token.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of processed account number |
Up to 4 characters |
IATS_PaymentType |
Method of Payment |
Value of ‘CreditCard’ or ‘ACH’ |
IATS_Result |
‘TokenCreated’ or ‘TokenFailed’ |
|
IATS_ResultDetail |
Token ID or Error message |
If the Token is created successfully, it will start with a letter followed by number, for example ‘A1234567’. |
The following fields are for when a recurring setting was set up for the token. If the host posts recurring settings in the original request, iATS will post the same settings back. Otherwise iATS will return default settings.
Field name |
Value |
Note |
IATS_BeginDate |
Recurring transaction begin date |
Default value is today’s date |
IATS_EndDate |
Recurring transaction end date |
Default value is today’s date |
IATS_ScheduleType |
Recurring transaction schedule type. ‘QUARTERLY’ or ‘ANNUALLY’ |
Value of ‘MONTHLY’ or ‘WEEKLY’ or ‘QUARTERLY’ or ‘ANNUALLY’ Default value is MONTHLY. |
IATS_RecurringOn |
Recurring turned on. ‘ON’ or |
Value of ‘ON’ or ‘OFF’. Default value is ‘OFF’. |
RELAY PAGE
Direct Post provides a relay response feature to communicate the transaction results to the merchant. The merchant can use the relay response feature to create a custom response page using transaction results returned by iATS. The response page is then relayed to the customer’s web browser.
Relay.aspx
<%@ Page Language="C#" CodeBehind="relayPage.aspx.cs" Inherits="IATSDirectPostTest.relayPage" %> <html> window.location = '<%=redirectUri %>'; </head> |
Relaypage.aspx.cs
Namespace IATSDirectPostTest public partial class relayPage : System.Web.UI.Page public string redirectUri = ""; if(Request.Form["IATS_Result"]!=null && page. } } //If the transaction is approval, redirect to approval response
redirectUri = "https://approval.merchant.com"; } //If the transaction is rejected, redirect to rejected response page.
else redirectUri = "https://reject.merchant.com"; |
CODE SAMPLES
Below is an example of the Direct Post HTML form and relay page. This includes all the fields so remove those that are not necessary. Make sure you include your Relay URL at the end of the form.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <title>DPM Test Merchant</title> label { float: left; } </style> <body> <form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form"> <div class=""> value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div> <div><strong>Donors information</strong></div> <div class=""> </div> <label class="" for="IATS_DPM_FirstName">First Name</label> <input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Address">Address</label> <input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" /> <div class=""> </div>
<label class="" for="IATS_DPM_Province">State/Province</label> <input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ZipCode">Zip Code</label> <input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Phone">Phone2</label> <input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_Email">Email</label> <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item1">Item1</label> <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item3">Item3</label> <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item5">Item5</label> <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label> <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1"
</div> <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label> <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2" <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label> <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3" <div><strong>Amount</strong></div> <label class="" for="IATS_DPM_Amount">Amount</label> <input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div> <br /><br /> <label class="" for="IATS_DPM_MOP">Method of Payment</label> <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label> <input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label> <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" /> <br /><br /> <div><strong>Process Option</strong></div> <label class="" for="IATS_DPM_ProcessOption">Process Option</label> <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <br <label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label> />
</div> <div><strong>Relay Response</strong></div> <div class=""> <label class="" for="IATS_DPM_RelayURL">Relay URL</label> <input type="input" name="IATS_DPM_RelayURL" class="" id="IATS_DPM_RelayURL" value="ENTER RELAY URL HERE" /> </div> <input type="submit" value="Process"/> </body> |
SAMPLE HTML Payment Form – With Card Reader
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <title>DPM Test Merchant</title> label { } float: left; </style> /** */ function usbReaderPreprocess() { if (usbDeviceType != '') { } } </script> <body> // Prepend USB card reader type to the reader input. var processedReaderInput = usbDeviceType + '|@|' + readerInput; document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput; var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi); if (nameMatch != null) { // Update the form with the payer's first and last names. document.getElementById('IATS_DPM_FirstName').value = nameParts[1]; document.getElementById('IATS_DPM_LastName').value = nameParts[0]; <form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()">
<div class=""> value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div> <div class=""> <option value="">None</option> </select> <br /><br /> <div><strong>Donors information</strong></div> <label class="" for="IATS_DPM_Title">Title</label> <input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_LastName">Last Name</label> <input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_City">City</label> <input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Country">Country</label> <input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Phone">Phone</label> <input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" /> <div class=""> </div>
<div class=""> </div> <label class="" for="IATS_DPM_Email">Email</label> <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item1">Item1</label> <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item3">Item3</label> <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item5">Item5</label> <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label> <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1" <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label> <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2" <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label> <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3" <br /><br /> <div><strong>Amount</strong></div> <label class="" for="IATS_DPM_Amount">Amount</label> <input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>
<br /><br /> <div><strong>Payment</strong></div> <label class="" for="IATS_DPM_MOP">Method of Payment</label> <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label> <input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label> <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" /> <br /><br /> <div><strong>Process Option</strong></div> <label class="" for="IATS_DPM_ProcessOption">Process Option</label> <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <br <label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label> /> </div> <br /><br /> <label class="" for="IATS_DPM_RelayURL">Relay URL</label> <input type="input" name="IATS_DPM_RelayURL" class="" id="IATS_DPM_RelayURL" value="ENTER RELAY URL HERE" /> </div> <input type="submit" value="Process"/> |
EXAMPLE RESPONSES
IATS_AccountNumber=2220 |
IATS_MOP=VISA |
IATS_PaymentType=CreditCard |
IATS_ExpiryMonth=12 |
IATS_ExpiryYear=2014 |
IATS_Result=OK: 678594: |
IATS_TransID=A1A1C5D8 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_Country=CANADA |
IATS_State=AB |
IATS_ZipCode=T5J1X3 |
IATS_EMail=TEST@TEST.COM |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_Fax= |
IATS_Comment=donation |
IATS_AccountNumber=2220 |
IATS_MOP=ACHEFT |
IATS_DebitAccountType=CHECKING |
IATS_PaymentType=ACH |
IATS_Result=OK: 555555 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=JACK |
IATS_LastName=GREEN |
IATS_Address=JASPER AVE |
IATS_City=EDMONTON |
IATS_Country=CANADA |
IATS_State=AB |
IATS_ZipCode=T5J1X3 |
IATS_EMail=TEST@TEST.COM |
IATS_Phone=123456789 |
IATS_Fax= |
IATS_Phone2= |
IATS_Comment=donation |
Creating a Token for Credit Card Transaction Response
IATS_AccountNumber=2220 |
IATS_PaymentMethod=VISA |
IATS_PaymentType= CreditCard |
IATS_Result=TokenCreated |
IATS_ResultDetail= A1047942 |
IATS_RecurringOn=off |
IATS_ScheduleType=MONTHLY |
IATS_BeginDate=04/14/2014 |
IATS_EndDate=04/14/2014 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_State=ab |
IATS_ZipCode=T5J1X3 |
IATS_Country=Canada |
IATS_Email=test@test.com |
IATS_Fax= |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_comment=donation |
Creating a Token for ACH Transaction Response
IATS_AccountNumber=2220 |
IATS_PaymentMethod=ACHEFT |
IATS_PaymentType=DebitCard |
IATS_DebitAccountType=CHECKING |
IATS_Result=TokenCreated |
IATS_ResultDetail=A1047941 |
IATS_RecurringOn=off |
IATS_ScheduleType=MONTHLY |
IATS_BeginDate=04/14/2014 |
IATS_EndDate=04/14/2014 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_State=ab |
IATS_ZipCode=T5J1X3 |
IATS_Country=Canada |
IATS_Email=test@test.com |
IATS_Fax= |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_comment=donation |
The following information will allow you to test iATS Payments systems to ensure that you can use our services. Please note that this “TEST88” account is not a live merchant account and that authorization and rejection results are for display purposes only.
Please note that this test information is provided to many clients. Please do not modify or delete any pre-existing Aura Event’s or change the password of this code.
User ID = TEST88
Password = TEST88
URL: NA = www.iatspayments.com
To test the Authorization and Rejection responses related to a Charge, credit card number 4111111111111111 can be used.
To test the Authorization responses related to both Charges and Refunds, credit card number 4222222222222220 can be used.
The amounts and corresponding responses detailed below have been created for to test multiple situations:
Amount |
Result when using 4111111111111111 |
1.00 |
OK: 678594 |
2.00 |
REJ: 15 |
3.00 |
OK: 678594 |
4.00 |
REJ: 15 |
5.00 |
REJ: 15 |
6.00 |
OK: 678594:X |
7.00 |
OK: 678594:y |
8.00 |
OK: 678594:A |
9.00 |
OK: 678594:Z |
10.00 |
OK: 678594:N |
15.00 |
If CVV2 = 1234, the response is OK: 678594:Y. If no CVV2 is entered, the response is REJ: 19 |
16.00 |
REJ: 2 |
17.00 |
REJ: 22 |
192.00 (NA Only) |
If sent via API (iATSLink or Web Service) a) IP address is invalid format: Rej: 5. |
All Other Amounts |
REJ: 15 |
All Refund Amounts |
REJ: 15 |
Amount |
Result when using 4222222222222220 |
Any Sale Amount |
OK: 678594 |
Any Refund Amount |
OK: 678594 |
Please note there is a transaction limit of $2000.00 (£2000.00) per charge. Amounts above will be rejected.
If using our Direct Post Method, the TEST88 Process Key credentials are:
PAAB24B9961FAC07FAA561180F6CB69A7B (North America) PA0940D765F2BD67BD97B82EFAA4D72BE9 (UK/International)
This option only allows the programmer to redirect to two static pages – a successful transaction page or a failed transaction page. As no relay page is utilized, the details of the transaction will be sent to a postback URL.
Option 2 - Direct Redirect Guide below:
Document |
Change |
Date of Change: |
DPM Guide |
|
Sep 28, 2017 |
North America: www.iatspayments.com
UK/International: www.uk.iatspayments.com
Customer Care:
Email: iatscs@iatspayments.com
Phone: North America: 1-888-955-5455 | UK/Europe: 0808-234-0466
Hours: 7:30am – 5:00pm Pacific Standard Time, Monday to Friday
Sales and Marketing:
Email: iats@iatspayments.com
Phone: North America: 1-866-300-4287 | UK/Europe: 0808-234-0466
Hours: 7:00am – 4:30pm Pacific Standard Time, Monday to Friday
Partner Support:
Email: PartnerSupport@iatspayments.com
Hours: 7:00am – 4:30pm Pacific Standard Time, Monday to Friday
iATS offers two options for the Direct Post Method:
Option 1
This uses a JavaScript Relay URL redirect that allows the developer more control over the redirect page as well as the message that displays to the donor as a result of the transaction response (example rejection codes). All transaction detail is posted back to the relay page which can be used to capture into the developers’ database.
Option 2
This does not utilize JavaScript but a Direct Redirect. This option only allows the programmer to redirect to two static pages – a successful transaction page or a failed transaction page. As no relay page is utilized, the details of the transaction will be sent to a postback URL. Please refer to separate document for this option.
DPM Relay URL |
DPM Direct Redirect |
|
Dynamic response page |
Yes, through JavaScript relay page. Relay URL sent in DPM transaction request. |
No, only static pages for success/fail. Both URL sent in DPM transaction request. |
Transaction results |
Posted back to relay URL |
Posted back to Postback URL |
This user guide describes the web development required to process transactions via iATS Payments using the Direct Post Method.
Direct Post is a fully PCI compliant service as the sensitive credit card data never flows through your servers or website. Your website does not have to handle any credit card data, and all transaction information is submitted directly to iATS via Secure Sockets Layer (SSL) while keeping iATS invisible to the donor. Your site can still collect all pertinent donor data and has been built to allow you to utilize your own unique website look and feel as well as response pages.
The Direct Post Method can be combined with other iATS Web Services such as CustomerLink (to manage recurring schedules), ProcessLink (to process transactions with a Token or do refunds using a Transaction ID), and ReportLink (pulling transaction reports from iATS’ servers). These are explained further in our Web Service Guides and are available upon request.
For managing recurring transactions, you have the option of managing them or having iATS manage them for you:
Please note that iATS operates two server systems, one based in North America (NA) and one in the United Kingdom (UK). Clients in the United States and Canada will use the NA servers, while all other clients use our UK servers. The explanation of the specific services that follows will provide the links to each server address as available.
Notes on International processing:
With Direct Post, the transaction data is submitted directly to iATS payment gateway by means of HTML form POST, bypassing the host’s server. Upon authorization, iATS posts the transaction result or the token information to the host’s relay URL. Direct Post then redirects the end user’s browser to the host’s server using Success_Redirect_URL or Failed_Redirect_URL dependng on process result. iATS will be invisible with the host having full control during the process.
The Direct Post method will provide the following options:
North America
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form"> <input type="submit" value="Submit Transaction"/> </form> |
UK/International
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form"> <input type="submit" value="Submit Transaction"/> </form> |
iATS provides a process URL where the transaction collected on the merchant’s website should be submitted by means of HTML form POST. The host’s payment form created in step 1 above will be posted to iATS. Within the post data you will need to include the postback URL, Success_Redirect_URL_Redirect_URL which are the web pages hosted on the merchants website to handle the response of the transaction result.
Requirements
Merchant needs to create the HTML payment form on their own web server. The form must have the required payment fields following the iATS specifications in this document. The standard API consists of required and optional fields that can be submitted to iATS for real time credit card transaction processing. See the ‘Submitting Transaction’ section for more details
North America
https://www.iatspayments.com/netgate/IATSDPMProcess.aspx
UK/International
https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx
North America
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form"> <input type="submit" value="Submit Transaction"/> |
UK/International
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" <input type="submit" value="Submit Transaction"/>
|
To create a Process Key:
(1) Log on to the iATS portal
Notes on Process Key:
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" <input type="submit" value="Submit Transaction"/>
|
Field name |
Value |
Note |
IATS_DPM_ProcessID |
Process Key |
Merchant- and transaction-specific encrypted key for authentication. |
The following table represents the HTML form donor information fields that can be submitted to iATS using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_Title |
Title for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_FirstName |
First name for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_LastName |
Last name for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_Address |
Address for the end user. |
Up to 99 characters |
Optional |
IATS_DPM_City |
City of the address. |
Up to 39 characters |
Optional |
IATS_DPM_Province |
Province of the address. |
Up to 39 characters |
Optional |
IATS_DPM_Country |
Country of the address. |
Up to 39 characters |
Optional |
IATS_DPM_ZipCode |
Zip code of the address. |
Up to 10 characters. . |
Optional but recommended |
IATS_DPM_Phone |
Phone number for the end users. |
Up to 39 characters. |
Optional |
IATS_DPM_Phone2 |
Phone number for the end users. |
Up to 39 characters |
Optional |
IATS_DPM_Fax |
Fax number for the end user. |
Up to 39 characters |
Optional |
IATS_DPM_Email |
Email for the end user. |
Up to 39 characters. |
Optional but recommended |
IATS_DPM_Comment |
Comment associated with the transaction. |
Up to 110 characters |
Optional |
The following table represents the HTML form fields of custom information can be submitted to IATS using Direct Post. All fields in this section are optional and will be stored in the iATS system and available via ReportLink web service.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
IATS_DPM_Invoice |
Invoice # for the end user |
Up to 39 characters |
IATS_DPM_Item1 |
Item1 for custom question |
Up to 39 characters |
IATS_DPM_Item2 |
Item2 for custom question |
Up to 39 characters |
IATS_DPM_Item3 |
Item3 for custom question |
Up to 39 characters |
IATS_DPM_Item4 |
Item4 for custom question |
Up to 39 characters |
IATS_DPM_Item5 |
Item5 for custom question |
Up to 39 characters |
IATS_DPM_Item6 |
Item6 for custom question |
Up to 39 characters |
The following table represents the HTML form fields of client defined can be submitted to iATS using Direct Post.
iATS neither stores nor processes this field’s value, only acting as a pass-through to the postback URL. iATS will accept up to 3 client-defined fields with the prefix “IATS_DPM_ClientDefined_”.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 1 |
Up to 150 characters |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 2 |
Up to 150 characters |
IATS_DPM_ClientDefined_(insert name) |
Value of client defined field 3 |
Up to 150 characters |
The following table represents the fields required for submitting a single credit card transaction using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_AccountNumber |
Credit card number |
Up to 600 characters. |
Required |
IATS_DPM_ExpiryDate |
Expiry Date |
Up to 5 characters |
Required |
IATS_DPM_CVV2 |
CVV2. |
Up to 4 characters. Must be digits only. |
Required |
IATS_DPM_MOP |
Credit card type. ‘VISA’ or ‘DSC’ |
We accept the following card types: VISA, MC, AMX, DSC |
Optional |
IATS_DPM_Amount |
Total processed amount |
Numbers and decimal. |
Required |
The following table represents the fields required for submitting a single ACH transaction using Direct Post.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_AccountNumber |
ACH Account number. USD: Routing no. (9 digits) + account no. (# of digits varies) CAD: Bank no. (3 digits) + transit no. (5 digits) + account no. (# of digits varies) *Order must be followed with NO spaces – example 12312345123456789 for CDN * |
Up to 40 characters. Must be digits only |
Required |
IATS_DPM_MOP |
‘ACHEFT’ |
Up to 10 characters. |
Required |
IATS_DPM_AccountType |
Debit card account type. ‘CHECKING’ or ‘SAVING’ |
Will not accept values other than ‘CHECKING’ or ‘SAVING’. |
Required |
IATS_DPM_Amount |
Total processed amount. |
Numbers and decimal. |
Required |
Instead of processing a real-time transaction, the merchant can use the Direct Post to create a token which can be used for transactions at a later stage with the iATS web services or to set up recurring transactions to be auto processed by iATS.
The iATS payment gateway will return a token ID to the Host which can be used to:
Please refer to the iATS Web Service Guides for more details on the services offered.
The data fields are name and value pairs, using the following HTML syntax:
<input name="Field Name" value="value"/> |
The following table represents the fields required for creating a secure token using Direct Post. The Host will need to have the credit card or bank account fields in the form. This payment information is what will be stored in the iATS system which is associated with the token.
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_ProcessOption |
Request type of process |
This field instructs iATS to create only transact, only create a token or create and tokenize at the same time |
Required |
IATS_DPM_RecurringOn |
The request to turn on recurring transactions. |
If the value is TRUE, iATS will set up and process the recurring transaction based on recurring settings below. |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_BeginDate |
Recurring transaction begin date. |
Must be in date format: MM/DD/YYYY For the UK: DD/MM/YYYY |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_EndDate |
Recurring transaction end date. |
Must be in date format: MM/DD/YYYY For the UK: DD/MM/YYYY |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleType |
Recurring transaction schedule type. ‘QUARTERLY’ or ‘ANNUALLY’ |
Set up schedule type |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleMonth |
Month for annual recurring transaction. |
Number from 1 to 12 |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
IATS_DPM_ScheduleDate |
Date for monthly recurring transaction. |
Number from 1 to 31 |
Required if ProcessOption is TOKEN or TOKENANDTRANSACTION |
Relay URLs
The following table describes form fields that can be submitted to configure the relay response. The URLs should be embedded in the payment form but not visible to the end user. All fields are required.
The response URL fields for successful, failed and postback are submitted using the syntax below:
<input name="IATS_DPM_RelayURL" value="url"/> |
Field name |
Value |
Note |
Required or Optional |
IATS_DPM_PostBackURL |
The URL on the merchant’s website to which iATS posts transaction results |
iATS will post transaction result to this URL. The value must be valid URL starting with ‘http://’ or ‘https://’. |
Required |
IATS_DPM_SuccessRedirectURL |
The URL on the merchant’s website to which iATS redirects the donor for a successful transaction |
Redirect the end user’s browser to this URL if and only if the transaction was successful. The value must be a valid absolute URL starting with ‘http://’ or ‘https://’. |
Required |
IATS_DPM_FailedRedirectURL |
The URL on the merchant’s website to which iATS redirects the donor for a failed transaction |
Redirect the end user’s browser to this URL if and only if the transaction was not successful. The value must be a valid absolute URL starting with ‘http://’ or ‘https://’. |
Our encrypted magnetic stripe readers (MSRs) are fully PCI compliant as the sensitive credit card data is encrypted immediately within the device before the data flows through to the computer or device. This means your servers do not have to handle any clear text credit card data. The encrypted MSRs are designed to work with the Direct Post Method.
When a credit card is swiped through the MSR, it will read and encrypt the track data on the magnetic stripes and pass the encrypted data to the Account Number field in DPM to the relevant web service to either a) process the transaction directly or b) tokenize the details for future transactions, or c) process the transaction directly and tokenize the details for future transactions
The following supported magnetic stripe readers should be ordered directly from iATS Payments as they contain encryption keys only accessible by iATS:
USB (PC and Mac)
As there are a number of variations of the swiper, iATS needs to know which swiper is being used so that iATS
can supply the correct encryption key to the transaction. Once the user has swiped the card in the Credit Card
field, the swiper type needs to be appended to the front of the transaction string before being sent to iATS.
For example: IATS_DPM_AccountNumber = 00|@|[Encryption string]
The Magtek Dynamag is a USB encrypted swiper for use on PC’s.
When you swipe the USB device a complete string of masked as well as encrypted data. You can use the masked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers, the entire string (masked and encrypted) as well as the identification of the swiper type needs to be passed through to iATS.
Magtek USB encrypted swipe example:
%B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600|2F2E4 4C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC427958C E07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7B489E AE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0BC0FA 1B3067C034A946E9F80F3D7B |
For the Magtek Dynamag, please append the data in the following order and delimitation:
SwiperType|@|Entire USB output
Where:
- SwiperType : 02 for Magtek Dynamag
- Entire USB output string (no parsing)
- |@| : Delimiter
MagTek USB swipe to be entered into IATS_DPM_AccountNumber field
02|@| %B4847350003009386^YOU/AGIFTFOR^21080000000000000000000?;4847350003009386=210800000000000?|0600| 2F2E44C1E47851145BC08BB06CE1A9CD897EC00E2BB035C6D9FDF625F7AF63034BDBEC092D8C035B05301A89C056854B6EC42 7958CE07AD5E585E4E37E2867B3|2CAF4061ACD747C310DA546974D045C8C446C7C6B8577B002511915D3C33B0CEBAC0147D7 B489EAE||61403000|6E005095F7A5E2F9B3076FBA250877E9105BEE932ABF6A0F02B7D16959F6935417CA573B81CE4ED3CF0 BC0FA1B3067C034A946E9F80F3D7B |
The IDTech Secure Mag is a USB encrypted swipe for PC’s and Laptops.
When you swipe the USB device, it will collect a complete string of masked as well as encrypted data. You can use the unmasked data for the name of the client, the expiry date and last 4 digits of the credit card. For the USB swipers the entire string (masked and encrypted) needs to be passed through to iATS.
IDTECH USB encrypted swipe example:
02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=****** *********?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F010B9E9 DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B46EDA8 E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA8FFFF 738139000400000D68AA03 |
For the IDTech Secure Mag, please collate the data in the following order and delimitation:
SwiperType|@|Entire USB output
Where:
- SwiperType : 00 for IDTech Secure Mag
- Entire USB output string (no parsing)
- |@| : Delimiter
IDTech USB swipe to be entered into IATS_DPM_AccountNumber field
00|@| 02A001801F3B2300039B%*4941********5889^YOU/AGIFTFOR^***********************?*;4941********5889=* **************?*ACC8778A7A496718C9EF3F042025E239FDC93C1C616153EE8057CC23D3D28B68948BD00FCCF9E30D44F01 0B9E9DB243DBD3EB56825B6F0D64D6CDD0B12AF6F7C068C7A7CB17B45B9D5D9DF7F9CD340987AFF4C5F33AA04879920D640B4 6EDA8E6C526BB5DE9E0C7C71AE6510C73F3A5ECFAADDCD3F62CBD1DBEE00990C21E9DA6A0170A3C363B1B89688021519A39DA 8FFFF738139000400000D68AA03 |
JavaScript to choose card reader type
If you want to use the card readers as per above, then you can use the following piece of JavaScript to choose the reader type and append the correct number to the string when the form is submitted. This allows the user to use the card reader directly without needing to add the reader type each time.
Add the following script to the header:
<head>
/**
|
*/
// Get the USB card reader type.
var usbDeviceType = document.getElementById('USB_Device_Type').value;
if (usbDeviceType != '') {
// Get the unprocessed USB card reader input. var readerInput = document.getElementById('IATS_DPM_AccountNumber').value;
// Prepend USB card reader type to the reader input. var processedReaderInput = usbDeviceType + '|@|' + readerInput;
// Update the form with the processed reader input.
document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput;
// Parse the payer's name from the reader input.
var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi);
if (nameMatch != null) {
// Update the form with the payer's first and last names. document.getElementById('IATS_DPM_FirstName').value = nameParts[1];
document.getElementById('IATS_DPM_LastName').value = nameParts[0];
} } </script>
|
<div class="">
<option value="">None</option>
</select>
<br /><br /> |
<form action="https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()"> |
UK/International
<form action="https://www.uk.iatspayments.com/netgate/IATSDPMProcess.aspx" method="POST" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()"> |
The above code combined will give you ability to choose the swiper being used. You could of course pre-fill the card reader type and hide the field so its completely anonymous to the users.
When a Postback Response is configured, the transaction response that is returned to the merchant from the iATS payment gateway is a set of fields that provides information about the status of the transaction.
If the request is to create a token, the response is the detail of the token information created by iATS system.
The merchant server can parse the data in the returned response and customize the message to display to the end user.
Below is the table for all the standard fields iATS will return to the merchant’s postback URL. iATS will return all donors information collected on the merchant’s HTML payment form.
Field name |
Value |
Note |
IATS_Title |
Title for the end user |
Up to 39 characters |
IATS_FirstName |
First name for the end user |
Up to 39 characters |
IATS_LastName |
Last name for the end user |
Up to 39 characters |
IATS_Address |
Address for the end user |
Up to 99 characters |
IATS_City |
City of the address |
Up to 39 characters |
IATS_State |
State/Province of the address |
Up to 39 characters |
IATS_Country |
Country of the address |
Up to 39 characters |
IATS_ZipCode |
Zip code of the address |
Up to 10 characters |
IATS_Phone |
Phone number for the end user |
Up to 39 characters |
IATS_Phone2 |
Phone number 2 for the end user |
Up to 39 characters |
IATS_Fax |
Fax number for the end user |
Up to 39 characters |
IATS_Email |
Email for the end user |
Up to 39 characters |
IATS_Comment |
Comment for the end user |
Up to 39 characters |
IATS_Invoice |
Invoice # for the end user |
Up to 39 characters For credit card/ACHEFT singe transaction only |
IATS_Item1 |
Item1 for custom question |
Up to 39 characters |
IATS_Item2 |
Item2 for custom question |
Up to 39 characters |
IATS_Item3 |
Item3 for custom question |
Up to 39 characters |
IATS_Item4 |
Item4 for custom question |
Up to 39 characters |
IATS_Item5 |
Item5 for custom question |
Up to 39 characters |
IATS_Item6 |
Item6 for custom question |
Up to 39 characters |
IATS_Item7 |
Not available for Direct Post Method yet |
|
IATS_Item8 |
Not available for Direct Post Method yet |
|
IATS_Item9 |
Not available for Direct Post Method yet |
|
IATS_Item10 |
Not available for Direct Post Method yet |
|
IATS_Item11 |
Not available for Direct Post Method yet |
|
IATS_Item12 |
Not available for Direct Post Method yet |
|
IATS_Item13 |
Not available for Direct Post Method yet |
|
IATS_Item14 |
Not available for Direct Post Method yet |
|
IATS_Item15 |
Not available for Direct Post Method yet |
|
IATS_ClientDefined_(insert name) |
Value of client defined field 1 |
Up to 150 characters |
IATS_ClientDefined_(insert name) |
Value of client defined field 2 |
Up to 150 characters |
IATS_ClientDefined_(insert name) |
Value of client defined field 3 |
Up to 150 characters |
IATS_Payment_AgencyCodeHash |
Client code hash |
SHA 1 of 4 character client code in uppercase |
IATS_Payment_SubCode |
Last two digits of user name |
Example: TEST88 sub-code is ‘88’ |
IATS_Amount |
Transaction amount |
Below is the table of results for a transaction that iATS will return to merchant’s relay URL for a single credit card transaction.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of processed credit card number |
Up to 4 characters |
IATS_MOP |
Method of Payment |
Up to 10 characters. |
IATS_PaymentType |
Payment Type: credit card or ACH |
Value of ‘CreditCard’ |
IATS_Result |
Transaction result |
‘OK: approval code’ ‘Reject: rejection code’ ‘Reject: TIMEOUT’ |
IATS_TransID |
Transaction ID |
This value is the transaction ID the merchant can use to search the transaction in iATS customer portal |
IATS_ExpiryMonth |
Credit card expiry month |
Two digit number, from 1-12 |
IATS_ExpiryYear |
Credit card expiry year |
Four digit number, example 2017 |
Below is the list of transaction rejection codes. For a more detailed list, please refer to
https://www.iatspayments.com/Portal/StaticPages/RejectCodes
Single ACH Transaction Response
Below is the table of transaction result fields that iATS will return to merchant’s relay URL for a single ACH transaction.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of account number |
|
IATS_MOP |
Method of Payment |
Value of ‘ACHEFT’ |
IATS_PaymentType |
Payment Type, credit card or ACH |
Value of ‘ACH’ |
IATS_Result |
Transaction result |
Value of ‘OK: 555555’. |
IATS_TransID |
Transaction ID |
This value is the transaction ID the merchant can use to search the transaction in iATS customer portal |
IATS_DebitAccountType |
Account type |
Value of ‘CHECKING’ or ‘SAVING’ |
Below is the table of the response fields iATS will return to merchant’s relay URL for a request to create a token.
Field name |
Value |
Note |
IATS_AccountNumber |
Last four digits of processed account number |
Up to 4 characters |
IATS_PaymentType |
Method of Payment |
Value of ‘CreditCard’ or ‘ACH’ |
IATS_Result |
‘TokenCreated’ or ‘TokenFailed’ |
|
IATS_ResultDetail |
Token ID or Error message |
If the Token is created successfully, it will start with a letter followed by number, for example ‘A1234567’. |
The following fields are for when a recurring setting was set up for the token. If the host posts recurring settings in the original request, iATS will post the same settings back. Otherwise iATS will return default settings.
Field name |
Value |
Note |
IATS_BeginDate |
Recurring transaction begin date |
Default value is today’s date |
IATS_EndDate |
Recurring transaction end date |
Default value is today’s date |
IATS_ScheduleType |
Recurring transaction schedule type. ‘QUARTERLY’ or ‘ANNUALLY’ |
Value of ‘MONTHLY’ or ‘WEEKLY’ or ‘QUARTERLY’ or ‘ANNUALLY’ Default value is MONTHLY. |
IATS_RecurringOn |
Recurring turned on. ‘ON’ or |
Value of ‘ON’ or ‘OFF’. Default value is ‘OFF’. |
Below is an example of the Direct Post HTML form with Postback URL and success/fail pages.
!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <title>DPM Test Merchant</title> label { float: left; } </style> <body> <form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form"> <div class=""> value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div> <div><strong>Donors information</strong></div> <div class="">
<label class="" for="IATS_DPM_Title">Title</label> </div> <label class="" for="IATS_DPM_FirstName">First Name</label> <input name="IATS_DPM_FirstName" class="" id="IATS_DPM_FirstName" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Address">Address</label> <input name="IATS_DPM_Address" class="" id="IATS_DPM_Address" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Province">State/Province</label> <input name="IATS_DPM_Province" class="" id="IATS_DPM_Province" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ZipCode">Zip Code</label> <input name="IATS_DPM_ZipCode" class="" id="IATS_DPM_ZipCode" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Phone">Phone2</label> <input name="IATS_DPM_Phone2" class="" id="IATS_DPM_Phone2" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_Email">Email</label> <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item1">Item1</label> <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" /> <div class="">
<input name="IATS_DPM_Item2" class="" id="IATS_DPM_Item2" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item4">Item4</label> <input name="IATS_DPM_Item4" class="" id="IATS_DPM_Item4" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item6">Item6</label> <input name="IATS_DPM_Item6" class="" id="IATS_DPM_Item6" maxlength="39" /> <div class=""> maxlength="150" /> <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label> <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2" <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label> <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3" <div><strong>Amount</strong></div> <label class="" for="IATS_DPM_Amount">Amount</label> <input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div> <br /><br /> <label class="" for="IATS_DPM_MOP">Method of Payment</label> <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label> <input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label> <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" />
</div> <div><strong>Process Option</strong></div> <label class="" for="IATS_DPM_ProcessOption">Process Option</label> <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label> /> /> /> </div> <br /><br /> <div><strong>Post Back Response</strong></div> <label class="" for="IATS_DPM_PostBackURL">Post Back URL</label> <input type="input" name="IATS_DPM_PostBackURL" class="" id="IATS_DPM_PostBackURL" value="ENTER </div> <label class="" for="IATS_DPM_SuccessRedirectURL">Success Redirect URL</label> <input type="input" name="IATS_DPM_SuccessRedirectURL" class="" id="IATS_DPM_SuccessRedirectURL" value="ENTER SUCCESS REDIRECT URL HERE" /> </div> <label class="" for="IATS_DPM_FailedRedirectURL">Failed Redirect URL</label> <input type="input" name="IATS_DPM_FailedRedirectURL" class="" id="IATS_DPM_FailedRedirectURL" value="ENTER FAILED REDIRECT URL HERE" /> <input type="submit" value="Process"/> |
SAMPLE HTML Payment Form – With Card Reader
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <title>DPM Test Merchant</title> label { } float: left; </style> /** */ function usbReaderPreprocess() { if (usbDeviceType != '') { } } </script> <body> // Prepend USB card reader type to the reader input. var processedReaderInput = usbDeviceType + '|@|' + readerInput; document.getElementById('IATS_DPM_AccountNumber').value = processedReaderInput; var nameMatch = readerInput.match(/\^([a-z]+)\/([a-z]+)\^/gi); if (nameMatch != null) { // Update the form with the payer's first and last names. document.getElementById('IATS_DPM_FirstName').value = nameParts[1]; document.getElementById('IATS_DPM_LastName').value = nameParts[0]; <form action=" https://www.iatspayments.com/netgate/IATSDPMProcess.aspx" method="post" name="IATS_DPM_Form" onsubmit="usbReaderPreprocess()"> <div class=""> value="PA0940D765F2BD67BD97B82EFAA4D72BE9" /> </div> <div class=""> <option value="">None</option> </select> <br /><br /> <div><strong>Donors information</strong></div> <label class="" for="IATS_DPM_Title">Title</label> <input name="IATS_DPM_Title" class="" id="IATS_DPM_Title" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_LastName">Last Name</label> <input name="IATS_DPM_LastName" class="" id="IATS_DPM_LastName" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_City">City</label> <input name="IATS_DPM_City" class="" id="IATS_DPM_City" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Country">Country</label> <input name="IATS_DPM_Country" class="" id="IATS_DPM_Country" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Phone">Phone</label> <input name="IATS_DPM_Phone" class="" id="IATS_DPM_Phone" maxlength="39" /> <div class=""> </div>
<div class=""> </div> <label class="" for="IATS_DPM_Email">Email</label> <input name="IATS_DPM_Email" class="" id="IATS_DPM_Email" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item1">Item1</label> <input name="IATS_DPM_Item1" class="" id="IATS_DPM_Item1" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item3">Item3</label> <input name="IATS_DPM_Item3" class="" id="IATS_DPM_Item3" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_Item5">Item5</label> <input name="IATS_DPM_Item5" class="" id="IATS_DPM_Item5" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ClientDefined_Name1">Client Defined Field 1</label> <input name="IATS_DPM_ClientDefined_Name1" class="" id="IATS_DPM_ClientDefined_Name1" <label class="" for="IATS_DPM_ClientDefined_Name2">Client Defined Field 2</label> <input name="IATS_DPM_ClientDefined_Name2" class="" id="IATS_DPM_ClientDefined_Name2" <label class="" for="IATS_DPM_ClientDefined_Name3">Client Defined Field 3</label> <input name="IATS_DPM_ClientDefined_Name3" class="" id="IATS_DPM_ClientDefined_Name3" <br /><br /> <div><strong>Amount</strong></div> <label class="" for="IATS_DPM_Amount">Amount</label> <input name="IATS_DPM_Amount" class="" id="IATS_DPM_Amount" maxlength="39" /> </div>
<br /><br /> <div><strong>Payment</strong></div> <label class="" for="IATS_DPM_MOP">Method of Payment</label> <input name="IATS_DPM_MOP" class="" id="IATS_DPM_MOP" maxlength="39" /> <div class=""> </div> <label class="" for="IATS_DPM_ExpiryDate">Expiry (for credit card)</label> <input name="IATS_DPM_ExpiryDate" class="" id="IATS_DPM_ExpiryDate" maxlength="39" /> </div> <div class=""> </div> <label class="" for="IATS_DPM_DebitAccountType">Debit Account Type (for ACH)</label> <input name="IATS_DPM_DebitAccountType" class="" id="IATS_DPM_DebitAccountType" maxlength="39" </div> <div><strong>Process Option</strong></div> <label class="" for="IATS_DPM_ProcessOption">Process Option</label> <input name="IATS_DPM_ProcessOption" class="" id="IATS_DPM_ ProcessOption" maxlength="39" /> <label class="" for="IATS_DPM_RecurringOn">Enter True for Recurring</label> /> /> /> </div> <div><strong>Post Back Response</strong></div> <label class="" for="IATS_DPM_PostBackURL">Post Back URL</label> <input type="input" name="IATS_DPM_PostBackURL" class="" id="IATS_DPM_PostBackURL" value="ENTER </div> <label class="" for="IATS_DPM_SuccessRedirectURL">Success Redirect URL</label> <input type="input" name="IATS_DPM_SuccessRedirectURL" class="" id="IATS_DPM_SuccessRedirectURL" value="ENTER SUCCESS REDIRECT URL HERE" /> </div>
<div class=""> value="ENTER FAILED REDIRECT URL HERE" /> <input type="submit" value="Process"/> |
Example Responses
IATS_AccountNumber=2220 |
IATS_MOP=VISA |
IATS_PaymentType=CreditCard |
IATS_ExpiryMonth=12 |
IATS_ExpiryYear=2014 |
IATS_Result=OK: 678594: |
IATS_TransID=A1A1C5D8 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_Country=CANADA |
IATS_State=AB |
IATS_ZipCode=T5J1X3 |
IATS_EMail=TEST@TEST.COM |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_Fax= |
IATS_Comment=donation |
IATS_AccountNumber=2220 |
IATS_MOP=ACHEFT |
IATS_DebitAccountType=CHECKING |
IATS_PaymentType=ACH |
IATS_Result=OK: 555555 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=JACK |
IATS_LastName=GREEN |
IATS_Address=JASPER AVE |
IATS_City=EDMONTON |
IATS_Country=CANADA |
IATS_State=AB |
IATS_ZipCode=T5J1X3 |
IATS_EMail=TEST@TEST.COM |
IATS_Phone=123456789 |
IATS_Fax= |
IATS_Phone2= |
IATS_Comment=donation |
IATS_AccountNumber=2220 |
IATS_PaymentMethod=VISA |
IATS_PaymentType= CreditCard |
IATS_Result=TokenCreated |
IATS_ResultDetail= A1047942 |
IATS_RecurringOn=off |
IATS_ScheduleType=MONTHLY |
IATS_BeginDate=04/14/2014 |
IATS_EndDate=04/14/2014 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_State=ab |
IATS_ZipCode=T5J1X3 |
IATS_Country=Canada |
IATS_Email=test@test.com |
IATS_Fax= |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_comment=donation |
IATS_AccountNumber=2220 |
IATS_PaymentMethod=ACHEFT |
IATS_PaymentType=DebitCard |
IATS_DebitAccountType=CHECKING |
IATS_Result=TokenCreated |
IATS_ResultDetail=A1047941 |
IATS_RecurringOn=off |
IATS_ScheduleType=MONTHLY |
IATS_BeginDate=04/14/2014 |
IATS_EndDate=04/14/2014 |
IATS_Amount=20.00 |
IATS_Title=Mr |
IATS_FirstName=Jack |
IATS_LastName=Green |
IATS_Address=Jasper AVE |
IATS_City=Edmonton |
IATS_State=ab |
IATS_ZipCode=T5J1X3 |
IATS_Country=Canada |
IATS_Email=test@test.com |
IATS_Fax= |
IATS_Phone=123456789 |
IATS_Phone2= |
IATS_comment=donation |
The following information will allow you to test iATS Payments systems to ensure that you can use our services. Please note that this “TEST88” account is not a live merchant account and that authorization and rejection results are for display purposes only.
Please note that this test information is provided to many clients. Please do not modify or delete any pre-existing Aura Event’s or change the password of this code.
User ID = TEST88
Password = TEST88
URL: NA = www.iatspayments.com
To test the Authorization and Rejection responses related to a Charge, credit card number 4111111111111111 can be used.
To test the Authorization responses related to both Charges and Refunds, credit card number 4222222222222220 can be used.
The amounts and corresponding responses detailed below have been created for to test multiple situations:
Amount |
Result when using 4111111111111111 |
1.00 |
OK: 678594 |
2.00 |
REJ: 15 |
3.00 |
OK: 678594 |
4.00 |
REJ: 15 |
5.00 |
REJ: 15 |
6.00 |
OK: 678594:X |
7.00 |
OK: 678594:y |
8.00 |
OK: 678594:A |
9.00 |
OK: 678594:Z |
10.00 |
OK: 678594:N |
15.00 |
If CVV2 = 1234, the response is OK: 678594:Y. If no CVV2 is entered, the response is REJ: 19 |
16.00 |
REJ: 2 |
17.00 |
REJ: 22 |
192.00 (NA Only) |
If sent via API (iATSLink or Web Service) a) IP address is invalid format: Rej: 5. |
All Other Amounts |
REJ: 15 |
All Refund Amounts |
REJ: 15 |
Amount |
Result when using 4222222222222220 |
Any Sale Amount |
OK: 678594 |
Any Refund Amount |
OK: 678594 |
Please note there is a transaction limit of $2000.00 (£2000.00) per charge. Amounts above will be rejected.
If using our Direct Post Method, the TEST88 Process Key credentials are:
PAAB24B9961FAC07FAA561180F6CB69A7B (North America) PA0940D765F2BD67BD97B82EFAA4D72BE9 (UK/International)
|
Option 1: |
Option 2: |
Dynamic Response Page |
Yes, through Javascript relay page. Relay URL sent in DPM transaction request. |
No, only static pages for success/fail. Both URL sent in DPM transaction request. |
Transaction Results |
Posted back to relay URL |
Posted back to Postback URL |