Paybox Integration Manual in English

Version 4.
70 – December 10th, 2010
PAYBOX SERVICES
« Secure Payment for Online and

Distance Sales »
INSTALLATION AND PARAMETERING MANUAL
___________________________________________________________________________________________
PAYBOX SERVICES.
Centre Espace Sud – Route d‟Elne - 66200 LATOUR BAS ELNE Version 4.70 Page 1 / 70
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
SUMMARY
THE “PAYBOX SYSTEM” PRODUCT .................................................................................................................................. 4

I - PRESENTATION : .............................................................................................................................................................. 4
II – AVAILABLE MODULES : .............................................................................................................................................. 6
III - INSTALLATION OF MODULEV2.CGI : ...................................................................................................................... 6
IV - LAUNCHING MODULEV2.CGI : ................................................................................................................................ 8
a – The variables : ................................................................................................................................................................. 8
b – Launching using ‘HTML form’ mode : ........................................................................................................................ 13
c – Launching using ‘local file’ mode : ............................................................................................................................... 14
d – Launching using ‘command line’ mode : ...................................................................................................................... 16
e – Launching using ‘environment variables’ mode : ......................................................................................................... 16
f – Launching using several modes : ................................................................................................................................... 17
V – THE RETURN URLS AND THE „URL HTTP‟ ............................................................................................................ 17
a - The 3 return urls on the trader’s site : ........................................................................................................................... 17
b - The validation of order forms with ‘url http’ : ............................................................................................................... 19
c – The values of the error codes ......................................................................................................................................... 25
d – Notes on the PAYBOX signature ................................................................................................................................. 26
e – Interfacing with the PAYBOX DIRECT Plus process ................................................................................................. 26
VI – THE VARIOUS OPTIONS AND PERSONALIZATIONS ....................................................................................... 27
a – Managing deferred payments : ..................................................................................................................................... 27
b – Managing the intermediary page : ................................................................................................................................ 27
c – Managing the error codes :............................................................................................................................................ 29
d - Personalization of the payment page : ........................................................................................................................... 32
e - Personalization of the payment receipt : ........................................................................................................................ 32
f – Payment server availability test : .................................................................................................................................. 33
VII – THE METHOD OF PAYMENT PRE-SELECTION PAGE ...................................................................................... 34
a – Presetting of type and method of payment : .................................................................................................................. 35
OPTION FOR SUBSCRIPTION MANAGEMENT ........................................................................................................... 37
I - PRESENTATION : ............................................................................................................................................................ 37
II – PARAMETERIZING : .................................................................................................................................................... 37
THE „BATCH PROCESSING BY FILE DEPOSIT‟ PRODUCT. ...................................................................................... 42
I - PRESENTATION : ............................................................................................................................................................ 42
II – THE KINEMATICS OF THE PROCESS : .................................................................................................................... 42
a – Prerequisites :................................................................................................................................................................ 42
b – Deposit by the retailer : ................................................................................................................................................. 42
c – File Management : ........................................................................................................................................................ 43
d – Useful commands :........................................................................................................................................................ 43
e – Scenario : ....................................................................................................................................................................... 44
f – Informations for the cryptography : ............................................................................................................................... 44
III – THE OPERATION RETURN CODES : ....................................................................................................................... 45
THE „PAYBOX DIRECT‟ PRODUCT ................................................................................................................................... 46
I - PRESENTATION : ............................................................................................................................................................ 46
II – EXCHANGE PROTOCOL : ........................................................................................................................................... 46
III - DEFINITION OF THE « QUESTION » FRAME : ...................................................................................................... 47
IV - DEFINITION OF THE « REPONSE » FRAME : ......................................................................................................... 50
V - THE OPERATION RETURN CODES :......................................................................................................................... 51
„PAYBOX DIRECT PLUS‟ ....................................................................................................................................................... 53
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
I - PRESENTATION .............................................................................................................................................................. 53
II – A REMINDER OF THE CONTEXT .............................................................................................................................. 53
III - PAYBOX DIRECT PLUS (SUBSCRIPTION MANAGEMENT OPTION) ............................................................................... 54
a – Possible actions ............................................................................................................................................................. 54
b - New operations linked to subscription ......................................................................................................................... 54
c – Exchange protocol ......................................................................................................................................................... 55
IV – DEFINITION OF THE “QUESTION” FRAME : ..................................................................................................................... 56
V - DEFINITION OF THE “RESPONSE” FRAME : ....................................................................................................................... 59
VI - THE OPERATION RETURN CODES : ....................................................................................................................... 60
REPLY CODES FROM THE AUTHORIZATION CENTRE ............................................................................................ 62
I – THE REPLY CODES FROM THE AUTHORIZATION CENTRE .............................................................................. 62
a – The bank card network, American Express and Diners : .............................................................................................. 62
b – Cetelem/Aurore Network and Rive Gauche ................................................................................................................. 63
c – TERMINEO (prepaid cards) : ...................................................................................................................................... 63
CHARSET PAYBOX ................................................................................................................................................................ 64
I – CHARSET PAYBOX : ...................................................................................................................................................... 64
TEST PARAMETERS .............................................................................................................................................................. 65
I – TEST PARAMETERS AND PROCEDURES : ............................................................................................................... 65
THE RETAILER‟S BACK OFFICE ........................................................................................................................................ 66
I – THE RETAILER‟S BACK OFFICE : ................................................................................................................................ 66
HOW TO SUBSCRIBE TO PAYBOX SERVICES .............................................................................................................. 68
I – HOW TO SUBSCRIBE TO PAYBOX SERVICES : ........................................................................................................ 68
ASSISTANCE ........................................................................................................................................................................... 69
I – ASSISTANCE : ................................................................................................................................................................. 69
GLOSSARY ............................................................................................................................................................................... 70
I – GLOSSARY : ..................................................................................................................................................................... 70
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The “Paybox System” Product
I - PRESENTATION :
The „Paybox System‟ product is a secure system for the management of payment by banker‟s
card and by private cards on Internet retail sites.
The „Paybox System‟ product can be easily integrated into all e-commerce systems. The CGI
module simply needs to be installed and called up from the page of the retailer‟s e-commerce
site which precedes the Paybox System payment page. The paying customer has nothing to
install.
The CGI (Common Gateway Interface) module is an executable program which enables the
retrieval of certain data (such as the retailer‟s identifier, the order reference number, the amount
of the transaction etc. ). The module encrypts this data and redirects the customer to the Paybox
System payment page.
Once the product has been integrated into the e-commerce site, the customers can make
payments in complete safety. When the order has been placed, they will be redirected to the
PAYBOX SERVICES server, which will set up an encrypted connexion with the purchaser (in
SSL 128 bits, so that the input of the banker‟s card number is carried out in complete security)
and displays a payment page.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Paybox System checks the validity of the card by making a request to the retailer‟s banking
authorization centre.
If the payment is accepted, a receipt is posted on to the screen of the purchaser (optional). This
same receipt will be sent to him/her via e-mail as proof of purchase. The purchaser may then
return to the e-commerce site to continue buying.
Paybox System also sends a copy of the receipt to the retailer. Using „url http‟, the retailer may
manage automatically the result of attempted payments.
At the end of the day, Paybox System gathers together all the payments made on the site and
sends the result the retailer‟s remote data collection centre so that the transactions may be
processed.
Once the remote data collection has been carried out, the trader receives a report receipt via e-
mail.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Centre d‟Autorisation : Autorisation Centre
AUTORISATION : AUTHORIZATION
TELECOLLECTE : DATA COLLECTION
Serveur de Télécollecte : Data Collection Server
Ticket Télécollecte E-mail : Data Collection Receipt e-mail
Ticket Paiement E-Mail : Payment Receipt e-mail
CONFIRMATION OU REFUS : CONFIRMATION OR REFUSAL
SERVEUR WEB DU COMMERANT : RETAILER’S WEB SERVER
ENVOI PAGE ET SAISIE N° CARTE : SENDING OF PAGE AND CARD INPUT
REMPLISSAGE DU CADDY : BASKET IS FILLED
SAISIE COORDONNEES CLIENT : INPUT OF CUSTOMER’S DETAILS
BERIFICATION DE LA COMMANDE : ORDER CHECK
REDIRECTION VERS SERVEUR PAYBOX : REDIRECTION TO PAYBOX SERVER
Navigateur Web du Client : CUSTOMER’S WEB BROWSER
Protocoles bancaires CBSA/CBPR sur X25 : Bank protocols CBSA/CBPR, CB2A version 5.1 et
5.2 on X25
II – AVAILABLE MODULES :
The CGI module, provided by PAYBOX SERVICES, is available as a free download on the site
http://www.paybox.com.
The module is available for the following operating systems:
 Windows NT, 9x, 2000, XP

 Unix SCO (Intel)
 Sun Solaris
 Linux (Intel)
 Free BSD
 Mac OS X
 Aix (IBM).
Porting to other operating systems is available on request.
III - INSTALLATION OF MODULEV2.CGI :
Download the module that corresponds to your Web server‟s operating system (the module is
available on our site www.paybox.com, under the heading « téléchargement »).
This module should then be installed on the « cgi-bin » directory of your Web server (this
directory can be renamed).
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The module could be renamed „modulev2.cgi‟. For reasons of compatibility, however, the
module must not be renamed „module.cgi‟.
Set the execute permission, chmod 755.

(user : read + write + execution; group : execution ; others : execution).
Please note:
- check that the FTP transfer has been carried out in binary mode and not in ascii, as the module
is executable. If in doubt, compare the size in octets of your module installed in the cgi-bin
directory with that on the www.paybox.com site (by positioning the mouse on the logo) : the
size should be identical.
- check that the cgi-bin directory is correctly set to the level of your Web server to enable the
execution of executable scripts. For example, if the module is in download mode instead of
executing mode, this means that the cgi-bin directory is not properly set.
- if using the WEB server of Microsoft (IIS), change the program name from „modulev2.cgi‟
to „modulev2.exe‟ during installation.
- The TCP ports to be authorized from your servers to the servers of PAYBOX SERVICES for
your architecture are 80 (http), 443 (HTTPS) et 53 (DNS).
Once installed, the module should be directly executable using the Internet address on your
browser (for example : http://www.maboutique.com/cgi-bin/modulev2.cgi).
When running, you should see a message such as „paybox input error code (-7)‟ or „paybox
input error code (-3)‟ : this means that the module is running correctly (the error only being due
to the absence of variables to be referenced). For errors of the following type:
- internal server error,

- impossible d‟afficher la page (the page cannot be shown)
- erreur 404 : not found,
- bug in dynamic linker,
- le fichier spécifié est introuvable (the file cannot be found)
- CGIWrap Error: Script Execution Failed,
- and others…
check all the aforementioned points.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
IV - LAUNCHING MODULEV2.CGI :
Once the module has been installed, you need to execute it from the page of your site which
precedes the Paybox system payment page. When the module is launched, it should be
accompanied by different variables, as it can be executed in various modes.
There are no restrictions as to the language to be used to call up this module : you may use
HTML, ASP, PHP, and PERL etc.
a – The variables :
In order to be able to make a payment on the PAYBOX server, the „modulev2.cgi‟ needs to
retrieve the information necessary to carry out the payment and to manage the links between
the buyer, the retailer and the „PAYBOX SERVICES‟ site. This data is stored in the following
variables (the names are fixed and in capital letters) :
Version
name of variable description siz e type
module
Mode of retrieval of information : from 1 to 4 numbers of 1 to 4
PBX_MODE mandatory >= 2.00
values of 1,2,3 or 4. numbers.
PBX_SITE Site number (TPE) given by the bank [see page 68]. 7 numbers. mandatory >= 2.00
PBX_RANG Rank number (‟machine‟) given by the bank [see page 68]. 2 numbers. mandatory >= 2.00
Total amount of purchase in centimes without commas or 3 to 10

PBX_TOTAL mandatory >= 2.00
decimal points. numbers.
Transaction currency code following the ISO 4217 norm
(numeric code) :
PBX_DEVISE For example: 3 numbers. mandatory >= 2.00

« 978 » for the euro.
« 840 » for the US dollar.
« 952 » for the CFA franc.
1 to 250
PBX_CMD Your order reference. mandatory >= 2.00
characters.
E-mail address of purchaser (card holder).
6 to 80
PBX_PORTEUR mandatory >= 2.00
characters.
The characters @ and . must be present.
Variables sent by Paybox (amount, order reference,
3 to 150
PBX_RETOUR transaction number, subscription number and mandatory >= 2.00
characters.
authorization number) [see page 19].
PAYBOX identifier, supplied by PAYBOX SERVICES at 1 to 9

PBX_IDENTIFIANT mandatory >= 2.00
the time of registration. numbers.
Return page from Paybox to your site after payment has Up to 150
PBX_EFFECTUE optional >= 2.00
been accepted [see page 17]. characters.
PBX_REFUSE optional >= 2.00
been refused [see page 17]. characters.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
PBX_ANNULE optional >= 2.00
been cancelled [see page 17]. characters.
URL for call server to server after each attempt of jusqu‟à 150
PBX_REPONDRE_A facultatif >= 2.00
payments [see page 19] caractères.
Name of local file when the variable PBX_MODE is Up to 150

PBX_OPT optional >= 2.00
documented with the value « 3 » [see page 14]. characters.
Text able to be displayed on the intermediary page

PBX_TXT unlimited. optional >= 2.00
instead of the default text. [see page 27].
Delay in displaying the intermediary page. The value is in Up to 5

PBX_WAIT optional >= 2.00
milliseconds [see page 27]. numbers.
Name given to the button of the intermediary page Up to 50

PBX_BOUTPI optional >= 2.00
(« nul » for the removal of this button) [see page 27]. characters.
Screen background of the intermediary page (name of Up to 150

PBX_BKGD optional >= 2.00
colour, code of colour, or picture) [see page 27]. characters.
Management mode of the intermediary page. Possible

PBX_OUTPUT 1 character. optional >= 2.00
values are : A, B, C, D and E [see page 27].
Language used by Paybox for displaying the payment
page. The default language is French. Possible values are
3
PBX_LANGUE FRA (French), GBR (English), ESP (Spanish), ITA (Italian), optional >= 2.00
characters.
DEU (German), NLD (Dutch), SWE (Swedish) and PRT
(Portugal).
The URL of your site which enables the display of
Up to 150
PBX_ERREUR descriptions of possible errors which could occur when optional >= 2.00
characters.
displaying the payment page. [see page 29].
The URL of the primary payment server of Paybox if
different from the default :
https://tpeweb.paybox.com/cgi/MYchoix_pagepaiemen
t.cgi
Up to 150
PBX_PAYBOX optional >= 2.00
characters.
For the « iframe » version called « PAYBOX SYSTEM
Light » too, you must indicate the URL :
https://tpeweb.paybox.com/cgi/MYframepagepaiement
_ip.cgi
Type of Internet browser :
 HTML : default value

3 to 5
PBX_SOURCE  WAP : creation of a payment page in WML optional >= 2.00
characters.
format
 IMODE : creation of a payment page in iHTML
format
The URL of the primary backup payment server of
Paybox if different to the default :
https://tpeweb1.paybox.com/cgi/MYchoix_pagepaieme
nt.cgi
Up to 150
PBX_BACKUP1 optional >= 2.00
characters.
https://tpeweb1.paybox.com/cgi/MYframepagepaieme
nt_ip.cgi
The URL of the second backup payment server of Paybox
if different to the default :
Up to 150
PBX_BACKUP2 nt.cgi optional >= 2.00
characters.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
nt_ip.cgi
The URL of the third backup payment server of Paybox if

different to the default :
nt.cgi
Up to 150
PBX_BACKUP3 optional >= 2.00
characters.
nt_ip.cgi
Up to 150
PBX_BACKUP4 The URL of the fourth backup payment server of Paybox. optional >= 2.00
characters.
Request for availability tests of at least one PAYBOX

PBX_PING 1 number. optional >= 2.00
payment server [see page 33]
TCP Port used to check the availability of a payment

server [see page 33]. 1 to 5
PBX_PORT optional >= 2.00
numbers.
Default value 443.
Up to 32
PBX_TYPEPAIEMENT Means of payment to be used [see page 34] optional >= 2.00
characters
Up to 32
PBX_TYPECARTE Type de card to be used [see page 34] optional >= 2.00
characters
The transaction will be only in authorization mode, i.e. it

will not be sent to your bank :
 „O‟: Authorization alone (No remote data

collection of the transaction). To capture the
PBX_AUTOSEULE transaction (to send it to your bank), you must 1 character optional >= 2.10
use processes PAYBOX Batch processing [see
pages 42] or PAYBOX Direct [see pages 46 or
53].
 „N‟ (default): Authorization + debit.

Method used (GET or POST) for the call of «url http » [see
page 19]. Up to 4
PBX_RUF1 optional >=2.00
characters
Default value GET.
Time-out (in secondes) to check the avalaibility of the
primary payment server of Paybox.
1 to 3
PBX_TIMEOUT optional >= 2.11
numbers.
Default value 8.
primary backup payment server of Paybox. 1 to 3
PBX_TIMEOUT1 optional >= 2.11
numbers.
Default value 10.
second backup payment server of Paybox. 1 to 3
numbers.
Default value 20.
third backup payment server of Paybox. 1 to 3
numbers.
Default value 20.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
fourth backup payment server of Paybox. 1 to 3
numbers.
Default value 20.
Numeric reference of a geographic subdivision, 1 to 9

PBX_ENTITE optional >= 2.20
functional, sales, … numbers.
Deferments for each payment.
in order to arrange a deferment of 4 days, you need to

indicate 04.
1 to 2
PBX_DIFF optional >= 2.21
Note that you are able to cancel this delay from the numbers.
trader‟s back office. For example, a transaction carried out
on November 2nd, and deferred until November 4th, can
be released and sent manually on November 3rd.
Total amount of the second term in centimes without

3 to 10
PBX_2MONT1 commas or decimal points. Option for subscription optional >= 2.20
numbers.
management required.
Total amount of the third term in centimes without
3 to 10
numbers.
Total amount of the fourth term in centimes without
3 to 10
numbers.
Date of the second term. Format JJ/MM/AAAA. Option

PBX_DATE1 Date optional >= 2.20
for subscription management required.
Date of the third term. Format JJ/MM/AAAA. Option for

subscription management required.
Date of the fourth term. Format JJ/MM/AAAA. Option

for subscription management required.
PBX_1EURO_CODEEXTERNE Only for the payment « 1Euro.com » : promotional code 3 numbers. optional >= 3.02
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Only for the payment « 1Euro.com » : data about the
customer.
The datas are separated by character # and have to

respect the order :
1. Civility,
2. Last name,
3. First name,
4. Address1,
5. Address2,
6. Address3,
7. ZIP code,
8. City,
9. Country code (FR for France by example), Up to 100
PBX_1EURO_DATA optional >= 3.02
10. Telephone number, characters
11. Telephone mobile,
12. 1 if merchant knows the customer, 0 if merchant
doesn‟t know the customer
13. 1 if merchant has already had chargebacks with
this internaute, 0 if merchant has never had
chargebacks with this internaute,
14. Action code for COFIDIS (value provided by
COFIDIS)
Example :
M#DUPONT#Jean#Rue
Lecourbe#BatimentA##75010#PARIS#FR#0102030405##
0#0#12#
Value provided by the merchant to indicate the option of
PBX_CODEFAMILLE payment with SOFINCO card (or partner of SOFINCO), 3 numbers optional >= 2.00
COFINOGA or CDGP.
Digest provided by PAYBOX at the moment of the first 64

PBX_EMPREINTE optional >=3.03
payment via the variable „H‟ of « PBX_RETOUR ». characters
Expiry date not to be exceeded.
If the date of expiration of the card is lower than the limit

fixed by this variable, the payment will be refused. This is
useful in the case of payments n time and to avoid that a
reconduction fails because of expiry date is < at the last
reconduction..
PBX_DATEVALMAX 4 numbers optional >= 3.05
For example:
Schedule : May 4th 2009, June 8th 2009 and July 30th 2009.
PBX_DATEVALMAX=0907 If the card expires before the
end of July, 2009, the initial payment will be refused with
the code error 00008.
Format YYMM.
PBX_SANSCONNEXION O : No search for the availability of a server 1 caractère optional >= 3.05
Only for the payment « NetReserve » : data about the

customer.
The datas are separated by character # and have to

respect the order : :
1. First name (25 characters), Up to 250
PBX_NETRESERVE_DATA optional >= 3.06
caractères
2. Name (25 characters),
3. Adress1 (25 characters),
4. Adress2 (25 characters),
5. ZIP Code,
6. City (25 characters),
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
7. Country code (FR for France by example),
8. Email (50 characters),
9. Téléphone (25 characters)
Example :
Jean#DUPONT#Rue
Lecourbe##75010#PARIS#FR#jean.dupont@gmail.com#0
102030405#
List of currency to display on the page payments.
7 currencies will be taken in account :
 Euro (EUR),
 Franc Suisse (CHF),
 Dollar US (USD),
 Yen (JPY),
6 x 3
 Yuan (CNY),
characters
 Livre Sterling (GBP),
PBX_CURRENCYDISPLAY separated optional >=3.07
 Dollar Canadien (CAD) by a
 NO_CURR (no currency) comma
The default settings with no parameter will display all the

currencies on the payment page.
Transaction currency code following the ISO 4217 norm

(alphabetic code).
TimeOut of the payment page (in seconds).
3 to 10
PBX_DISPLAY optional >= 3.07
numbers.
The default value is 900 seconds.
Modification of an existing subscriber
Up to 250
PBX_REFABONNE optional >= 3.07
The value present into this variable update the caractères
cardnumber of the subscriber.
Subscription number send with the variable „B‟ of
PBX_RETOUR.
PBX_IDABT 9 numbers optional >= 3.07
The value present into this variable update the
cardnumber of the subscriber.
Filing reference given to your bank. It should be unique 12
PBX_ARCHIVAGE and can allow to your bank to supply you an information characters optional >= 3.07
in case of chargeback. maximum
Disable an authentication 3D-Secure of the cardholder
PBX_3DS „O‟ (default value) : Authentication 3D-Secure of the 1 character optional >= 3.07
cardholder to do
„N‟ : No authentication 3D-Secure of the cardholder.
Error code to return in the pre-production/tests
PBX_ERRORCODETEST environment. Variable ignored in the production 5 numbers optional >=3.14
environment.
IP address et TCP port of a http proxy.
260
PBX_PROXY facultatif >=3.07
characters
Format @IP:TCP Port
b – Launching using „HTML form‟ mode :
This mode consists of creating an HTML form which will call up the module with specified
parameter fields (corresponding to the necessary variables).
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The variable „PBX_MODE‟ should have the value „1‟. Some variables such as „ PBX_TOTAL‟,
„PBX_PORTEUR‟ or „PBX_CMD‟ should be managed dynamically as these values change with
each payment.
Below is an example of a form enabling the display of the payment :
<FORM ACTION = „/cgi-bin/modulev2.cgi‟ METHOD = post>

<INPUT TYPE = hidden NAME = PBX_MODE VALUE = „1‟> 
<INPUT TYPE = hidden NAME = PBX_SITE VALUE = „1999888‟>
<INPUT TYPE = hidden NAME = PBX_RANG VALUE = „99‟>
<INPUT TYPE = hidden NAME = PBX_IDENTIFIANT VALUE = „2‟>
<INPUT TYPE = hidden NAME = PBX_TOTAL VALUE = „1500‟>
<INPUT TYPE = hidden NAME = PBX_DEVISE VALUE = „978‟>
<INPUT TYPE = hidden NAME = PBX_CMD VALUE = „ma_reference_123456‟>
<INPUT TYPE = hidden NAME = PBX_PORTEUR VALUE = „client@test.com‟>
<INPUT TYPE = hidden NAME = PBX_RETOUR VALUE = „montant:M;ref:R;auto:A;trans:T‟>
<INPUT TYPE = hidden NAME = PBX_EFFECTUE VALUE = „http://www.commerce.fr/merci.html‟>
<INPUT TYPE = hidden NAME = PBX_REFUSE VALUE = „http://www.commerce.fr/regret.html‟>
<INPUT TYPE = hidden NAME = PBX_ANNULE VALUE = „http://www.commerce.fr/regret.html‟>
<INPUT TYPE = submit NAME = bouton_paiement VALUE = „paiement‟>
</FORM>
The customer needs to click on the button named „payment‟ to launch the payment page.
The identification of the retailer (site 1999888, rank 99 and username 2) corresponds to the
Paybox test shop.
Le payment will be 1500 euro centimes (i.e. 15 €) and the identification of the payment in
relation to the retailer‟s order will be the reference « ma_reference_123456 ».
Once payment has been made, and if it is accepted, the page
„http://www.commerce.fr/merci.html‟ will be displayed and a payment receipt will be sent to
both the retailer and the customer at „client@test.com‟.
If the payment is refused or cancelled, the page „http://www.commerce.fr/regret.html‟ will be
called up.
Please note :
This mode does not offer optimal security against the manipulations of ill-intentioned users,
who can very well capture your HTML page on their computers, modify some values (such as
the amount or your retailer‟s number), and then re-execute the page with these new values.
In order to avoid this type of attack, it is therefore strongly recommended that you
simultaneously use another mode to protect access to sensitive variables.
c – Launching using „local file‟ mode :
This mode enables the management of the variables via a local „text‟ file. Thus, when the
module is called up, the value for „PBX_MODE‟ needs to be the number „3‟.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Of course, given that the variable „PBX_MODE‟ cannot be put into a read file, the use of a local
file must be combined with another mode, for example HTML form (mode 1) or by command
line (mode 4). Thus, „PBX_MODE‟ will never have the single value of „3‟, but rather „13‟ or „43‟
(NB: the order is important, „31‟ or „34‟ will result in an error).
Then use the variable „PBX_OPT‟ to indicate the access path and the file name.
This path must be specified in syntax acceptable by the server‟s operating system.
For example :
- PBX_OPT=C:\mon_site\paybox\fichier.txt (for Windows).
- PBX_OPT=/usr/mon_site/paybox/fichier.txt (for Unix).
If PBX_OPT does not contain the file access path (absolute or partial), the „modulev2.cgi‟ will
consider that the file is located in the current directory in which it has been called up.
If PBX_OPT does not exist, or is empty, the „modulev2.cgi‟ will look for the file „pbxinfos.txt‟ in
the current directory. This directory could be that in which the file is called up, or that in which
the cgi module is installed (this varies according to the operating system - Path reference)
This file will contain the variables in a specific format : each line must contain one, and only
one, variable followed by the sign „ = „ and by the required value. Each line finishes with a
carriage return (cr/lf or lf). Empty lines, or those beginning with the symbol „#‟ are ignored
(you are therefore able, if you so wish, to add comments).
Below is an example of the use of a local file using an HTML form, thus enabling the display of
the payment page:
<FORM ACTION = „/cgi-bin/modulev2.cgi‟ METHOD = post>

<INPUT TYPE = hidden NAME = PBX_MODE VALUE = „13‟>
<INPUT TYPE = hidden NAME = PBX_OPT VALUE = „C:\mon_site\paybox\fichier.txt‟>
</FORM>
Contents of the local file „fichier.txt‟ :
# identifier of my site
PBX_SITE=1999888
PBX_RANG=99
PBX_IDENTIFIANT=2
PBX_TOTAL=1500
PBX_DEVISE=978
PBX_CMD=ma_reference_123456
PBX_PORTEUR=client@test.com
PBX_RETOUR=montant:M;ref:R;auto:A;trans:T
# return url
PBX_EFFECTUE=http://www.commerce.fr/merci.html
PBX_REFUSE=http://www.commerce.fr/regret.html
PBX_ANNULE=http://www.commerce.fr/regret.html
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
As variables such as „PBX_TOTAL‟, „PBX_CMD‟ or „PBX_PORTEUR‟ have different values for
each payment, if you wish to include them in the local file, you will have to create a file for each
payment attempt.
Please note :
- in PHP, you must use the function “shell_exec()” rather than “exec()” to call up
“modulev2.cgi”.
d – Launching using „command line‟ mode :
This mode enables you to use the „modulev2.cgi‟ as a normal (non CGI) programme, which is
called up by a CGI programme.
The parameters must be specified on the command line, as the arguments of the programme,
and the variable „PBX_MODE‟ must contain the number „4‟.
modulev2.cgi PBX_MODE=4 PBX_SITE=1999888 PBX_RANG=99 PBX_IDENTIFIANT=2 PBX_TOTAL=1500 …
This system requires the use of an intermediary CGI programme developed by the person
responsible for the retailer‟s site. This programme must, on its own, retrieve the information
necessary for the „modulev2.cgi‟, and then prepare the corresponding command line and
execute (call up) the „modulev2.cgi‟.
e – Launching using „environment variables‟ mode :
This mode is a technique closely linked to the server‟s operating system and to the business
software of the site. It uses environment variables and requires a more detailed access to the
retailer‟s server, as well as the development of scripts or specific programmes on the part of the
person responsible for the retailer‟s site.
These variables can be read by any programme using the standard function C „getenv()‟. You
can then consider the preparation of certain parameters necessary to „modulev2.cgi‟, such as
any number of environment variables which will be invisible from the customer‟s browser.
For example, instead of calling up the „modulev2.cgi‟ from an HTML form, you will be able to
call up your CGI programme „commercant.cgi‟ (in Perl, in C or another L4G specific to the
software used), which will know the amount of the purchase.
Your programme will then create the environment variable „PBX_TOTAL‟, and will then call up
the „modulev2.cgi‟ :
<FORM ACTION = „/cgi-bin/commercant.cgi‟ METHOD = post>
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
</FORM>
Your programme „commercant.cgi‟ in turn executes the following commands (example for
Unix) :
# inform « modulev2.cgi » that the parameters are in environment variables.

PBX_MODE=2
# other variables………
PBX_SITE=1999888
PBX_RANG=99
PBX_IDENTIFIANT=2
PBX_TOTAL=1500
………
# exportation of environment variables and call to « modulev2.cgi ».

export PBX_MODE PBX_SITE PBX_RANG PBX_IDENTIFIANT PBX_TOTAL………
modulev2.cgi
f – Launching using several modes :
Several modes can be used to call up the „modulev2.cgi‟. For this reason, the variable
„PBX_MODE‟ can contain up to 4 numbers from „1‟, „2‟, „3‟ and „4‟.
In this case, the „modulev2.cgi‟ will look for the variables according to the specified modes and
in the specified order. This enables, for example, the definition of default values in a file or in
the memory.
If PBX_MODE = 1234,
- then „modulev2.cgi‟ will first look for the variables in the HTML fields,
- it will then look for the missing variables in the local environment,
- it will then look for the missing variables in the file,
- it will then look for the missing variables in the command line.
V – THE RETURN URLS AND THE „URL HTTP‟
Once payment has been made on the Paybox payment page, the customer has the opportunity
to return to the retailer‟s site through 3 urls.
The trader can automatically manage the validation of his order forms by following the result of
the transaction through a 4th url, called „url http‟.
a - The 3 return urls on the trader‟s site :
The reply of Paybox System to the trader‟s site may be made through 3 different addresses
(urls) depending if the payment is accepted, refused or cancelled.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
These 3 urls can be set by default in the Paybox database : if so, this needs to be made clear in
the registration form filled out by the retailer.
There can also be dynamically managed by the trader, using the 3 following variables :
- PBX_EFFECTUE,
- PBX_REFUSE,
- PBX_ANNULE.
These urls are called up the moment the customer clicks on the button „retour boutique‟ („back
to the shop‟) on the page which summarizes the payment (when the payment receipt is
displayed), or on the page indicating that the transaction has not been authorised.
You may also chose the option of having an immediate return : you can make this clear in the
registration form, or by contacting our technical support team. In this case, the summary receipt
is not displayed and the customer is directly redirected to the retailer‟s site.
If these urls are not managed dynamically (via the PBX_ variables), the addresses used will be
those that have been recorded in our database.
Please note :
- You are strongly advised against using the variable „PBX_EFFECTUE‟ to validate your order
forms : this variable is not secured by Paybox and is not guaranteed to be systematically
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
launched. Indeed, some purchasers who have made their payments may well not want to go
back to the site or may switch off.
- If the character „ ; „ is present in the URL to be called, it must be replaced by %3B. For
example, if the URL „PBX_EFFECTUE‟ were :
www.commerce.fr/effectue.jsp;id_session=134ERF47, the variable „PBX_EFFECTUE‟ would
need to be documented like this :
www.commerce.fr/effectue.jsp%3Bid_session=134ERF47
This restriction is due to the management of the tag META HTTP-EQUIV for Internet Explorer.
b - The validation of order forms with „url http‟ :
This url is recorded in our database but it can therefore be dynamically managed like the 3
previous urls with the variable “PBX_REPONDRE_A”
The advantage of this url is that it is called up from server to server as soon as customers
validate their payment (whether the payment is authorised or refused).
This means that the order form can be validated automatically even if the customer switches off
or decides not to return to the shop, as this call does not pass through the browser.
There are no restrictions as to the language of your script, whether it is ASP, PHP or PERL etc.
On the other hand, your cgi script must not re-direct and must generate an empty HTML page.
If an error occurs during the call up of your url, a warning mail will be sent to your via the same
e-mail address through which you receive your payments tickets.
For example if your URL called is :
http://www.commerce.fr/cgi/verif_pmt.asp?ref=abc12&trans=71256&auto=30258&tarif=2000&abonnement=354
341&pays=FRA&erreur=00000
you‟ll receive the error mail following :
Subject : PAYBOX: WARNING!!

Message :
WARNING: Impossible de joindre http://www.commerce.fr pour le paiement
ref=abc12&trans=71256&auto=30258&tarif=2000&abonnement=354341&pays=FRA&erreur=00000
(XXX-YYY)
Le premier nombre de l‟information entre parenthèses correspond au code retour du protocole

HTTP (Voir RFC 2616) : seul les codes retour commençant par un 2 sont considérés comme
valides. Le second nombre entre parenthèses correspond au code retour de la librairie “libcurl”
assurant les échanges avec votre serveur WEB.
The first number of the information in brackets corresponds to the code return of the protocol
HTTP (See RFC on 2616) : only the codes return beginning with one 2 are considered as valid.
The second number in brackets corresponds to the code return of the “libcurl” library allowing
the exchanges with your WEB WEB.
Error codes for protocol HTTP :

The Status-Code element is a 3-digit integer result code of the attempt to understand and
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
satisfy the request. These codes are fully defined in section 10. The Reason-Phrase is intended to
give a short textual description of the Status-Code. The Status-Code is intended for use by
automata and the Reason-Phrase is intended for the human user. The client is not required to
examine or display the Reason-Phrase.
The first digit of the Status-Code defines the class of response. The last two digits do not have
any categorization role. There are 5 values for the first digit :
 1xx: Informational - Request received, continuing process,
 2xx: Success - The action was successfully received, understood, and accepted,
 3xx: Redirection - Further action must be taken in order to complete the request,
 4xx: Client Error - The request contains bad syntax or cannot be fulfilled,
 5xx: Server Error - The server failed to fulfill an apparently valid request,
The individual values of the numeric status codes defined for HTTP/1.1, and an example set of
corresponding Reason-Phrase's, are presented below. The reason phrases listed here are only
recommendations -- they MAY be replaced by local equivalents without affecting the protocol.
Error codes of “libcurl” library :

 1 : Unsupported protocol. This build of curl has no support for this protocol,
 2 : Failed to initialize,
 3 : URL malformat. The syntax was not correct,
 4 : URL user malformatted. The user-part of the URL syntax was not correct,
 5 : Couldn't resolve proxy. The given proxy host could not be resolved,
 6 : Couldn't resolve host. The given remote host was not resolved,
 7 : Failed to connect to host,
 8 : FTP weird server reply. The server sent data curl couldn't parse,
 9 : FTP access denied. The server denied login,
 10 : FTP user/password incorrect. Either one or both were not accepted by the
server,
 11 : FTP weird PASS reply. Curl couldn't parse the reply sent to the PASS request,
 12 : FTP weird USER reply. Curl couldn't parse the reply sent to the USER request,
 13 : FTP weird PASV reply, Curl couldn't parse the reply sent to the PASV request,
 14 : FTP weird 227 format. Curl couldn't parse the 227-line the server sent,
 15 : FTP can't get host. Couldn't resolve the host IP we got in the 227-line,
 16 : FTP can't reconnect. Couldn't connect to the host we got in the 227-line,
 17 : FTP couldn't set binary. Couldn't change transfer method to binary,
 18 : Partial file. Only a part of the file was transferred,
 19 : FTP couldn't download/access the given file, the RETR (or similar) command
failed,
 20 : FTP write error. The transfer was reported bad by the server,
 21 : FTP quote error. A quote command returned error from the server,
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
 22 : HTTP page not retrieved. The requested url was not found or returned
another error with the HTTP error code being 400 or above. This return code only
appears if -f/--fail is sed,
 23 : Write error. Curl couldn't write data to a local filesystem or similar,
 24 : Malformed user. User name badly specified,
 25 : FTP couldn't STOR file. The server denied the STOR operation, used for FTP
uploading,
 26 : Read error. Various reading problems,
 27 : Out of memory. A memory allocation request failed,
 28 : Operation timeout. The specified time-out period was reached according to the
conditions,
 29 : FTP couldn't set ASCII. The server returned an unknown reply,
 30 : FTP PORT failed. The PORT command failed. Not all FTP servers support the
PORT command, try doing a transfer using PASV instead,
 31 : FTP couldn't use REST. The REST command failed. This command is used for
resumed FTP transfers,
 32 : FTP couldn't use SIZE. The SIZE command failed. The command is an extension
to the original FTP spec RFC 959.
 33 : HTTP range error. The range "command" didn't work,
 34 : HTTP post error. Internal post-request generation error,
 35 : SSL connect error. The SSL handshaking failed,
 36 : FTP bad download resume. Couldn't continue an earlier aborted download,
 37 : FILE couldn't read file. Failed to open the file. Permissions?
 38 : LDAP cannot bind. LDAP bind operation failed,
 39 : LDAP search failed,
 40 : Library not found. The LDAP library was not found,
 41 : Function not found. A required LDAP function was not found,
 42 : Aborted by callback. An application told curl to abort the operation,
 43 : Internal error. A function was called with a bad parameter,
 44 : Internal error. A function was called in a bad order,
 45 : Interface error. A specified outgoing interface could not be used,
 46 : Bad password entered. An error was signaled when the password was entered,
 47 : Too many redirects. When following redirects, curl hit the maximum amount,
 48 : Unknown TELNET option specified,
 49 : Malformed telnet option,
 51 : The remote peer's SSL certificate wasn't ok,
 52 : The server didn't reply anything, which here is considered an error,
 53 : SSL crypto engine not found,
 54 : Cannot set SSL crypto engine as default,
 55 : Failed sending network data,
 56 : Failure in receiving network data,
 57 : Share is in use (internal error),
 58 : Problem with the local certificate,
 59 : Couldn't use specified SSL cipher,
 60 : Problem with the CA cert (path? permission?),
 61 : Unrecognized transfer encoding,
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
 62 : Invalid LDAP URL,
 63 : Maximum file size exceeded,
This url has no direct link with the 3 others : it is managed in a totally independent fashion and
on the TCP port 80, 443 (HTTPS), 8080, 8081, 8082, 8083, 8084 or 8085.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
ok + ko
(The customer does not see the ‘url http’ call: it does not go via his/her browser).
Page paiement : Payment Page

Autorisation : Authorisation
Page ticket : Receipt page
Annuler : Cancel
Valider : Validate
Page erreur : Error page
URL HTTP directe + IBS_RETOUR (si auto Ok alors Numéro Autorisation renseigné) : Direct
URL HTTP + IBS_RETURN ( if auto OK then Authorisation Number informed)
3 essais : 3 attempts
Payer : Pay
Retour : Return
In order to identify and to find out the result of the payment when this url makes a call, you
need to use the variable „PBX_RETOUR‟. It describes the 22 datum that Paybox can send
parameterised following your url :
- the aMount of the transaction (contained in PBX_TOTAL),
- your order Reference (contained in PBX_CMD) : space URL encoded,
- a Transaction identifier (PAYBOX SERVICES sequential call number),
- the Authorization number (number given by the authorisation centre) : URL encoded,
- the subscription (aBonnement in french) number (number given by PAYBOX
SERVICES),
- the type of Payment (CARTE, etc.)
- the type de Card (VISA, EUROCARD_MASTERCARD, AMEX, etc.),
- the number of the tranSaction (sole transaction identifier),
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
- the countrY code of the issuer (bank of the cardholder) : ISO 3166 norm (alphabetic
code),
- the Error code of the transaction ([see page 25]),
- the expiry Date of the cardholder (Format AAMM) : available on june 2006,
- subscription management with the PAYBOX DIRECT PlUs process ([see page 26]) : URL
encoded,
- The code country of the address IP of the Internet user : ISO 3166 norm (alphabetic code)
: URL encoded,
- K : Signature on the variables of the URL ([see page 26]) : URL encoded,
- N : The first 6 digits (« bin6 ») of the cardholder : URL encoded,
- H : Digest of the card,
- Guaranteed of the payment. O:Yes, N:No
- State of the enrOlment of the cardholder. Y:Authentification available, N:Cardholder not
participating, U:Unable to authenticate,
- Status oF the authenticate. Y:Authentication successful, A:Attempts processing
performed, U:Authentication could not be performed, N:Authentication failed,
- J : Two last digits of the PAN of cardholder,
- W : Date of processing transaction by platform of PAYBOX (Format DDMMYYYY),
- Z : Index for the process gift card with a complement by CB/Visa/MasterCard/Amex,
- Q : Hour of processing of the transaction (Format 24h / HH:MM:SS)
You thus need to detail the required values in this variable in the following manner :
PBX_RETOUR=
montant:M;maref:R;auto:A;trans:T;abonnement:B ;paiement:P;carte:C;idtrans:S;pays:Y;erreur:E ;validity:D;PPPS:U
;IP:I;BIN6:N;sign:K
You may change the name of the variables (montant, maref, auto, trans, abonnement, paiement,
carte, idtrans, erreur, validity, PPPS and sign) to anything you like. When the return urls
(PBX_EFFECTUE, PBX_REFUSE, PBX_ANNULE and „url http directe‟) are called up, these
variables are concatenated at the end of the urls.
If, for example, your „url http‟ and your variable „ PBX_RETOUR „ are :
http://www.commerce.fr/cgi/verif_pmt.asp
PBX_RETOUR =
montant:M;maref:R;auto:A;trans:T;abonnement:B ;paiement:P;carte:C;idtrans:S;pays :Y;erreur:E ;sign:K
When the return urls (PBX_EFFECTUE, PBX_REFUSE, PBX_ANNULE and „l‟url http directe‟ )
are called up, these variables will be concatenated at the end in the following way:
http://www.commerce.fr/cgi/verif_pmt.asp?ref=abc12&trans=71256&auto=30258&tarif=2000&abonnement=354
341&pays=FRA&erreur=00000
It is then essential that you check your authorization number, your error, the amount and the
electronic signature : if the authorization number exists (in the example above it was 30258), the
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
value of the error code is “00000”, the amount is the same that your amount and the electronic
signature is ok, it means that the payment has been accepted. When a payment has been
refused, the authorization number is inexistent (see example below). You can also use the
variable E.
http://www.commerce.fr/cgi/verif_pmt.asp?ref=abc12&trans=71256&tarif=2000&pays=FRA&erreur=00105
Moreover, an authorization number consisting of “XXXXXX” signifies a test transaction for

which a request for authorization has not been made to the retailer‟s bank.
Please note :
- The „url http‟ is called up whatever the result of the payment (acceptance or refusal), which is
why it is so important to check the existence of the authorization number. This number is given
by the authorization centre of your bank : it is in alphanumeric format and of variable size.
- In order to add an extra level of security, for the direct http calls and the url confirmation
returns to the retailer‟s site, the IP addresses of the Paybox payment servers are : 195.101.99.76
and 194.2.122.158. You can therefore check the origin of the replies given by PAYBOX.
c – The values of the error codes
The reply codes sent by the variable „PBX_RETOUR‟ correspond to the result of the query
processed by PAYBOX SERVICES :
code Definition code Definition

00000 Operation successful. 00011 Amount incorrect.
The connection to the authorization
centre has failed. In this case, you may
00001 make another attempt using the backup
00015 Payment already done.
servers tpeweb1.paybox.com.
Payment refused by the authorization
centre [see page 62].
Subscriber already exists (registration of a new
001xx If the authorization of the transaction 00016 subscriber). Value „U‟ of PBX_RETOUR.
from the centre of authorization of the
bank is ok, the code error "00100" will be
replaced directly by "00000".
00003 Paybox error. 00021 Not authorized bin card.
Not the same card used for the first payment.
Cardholder‟s number or visual
00004 cryptogram invalid. 00029 Error code associated with the variable
“PBX_EMPREINTE”.
Time-out > 15 mn before validation by the buyer
Access refused or site/rank/identifier
00006 incorrect. 00030 when the buyer is on the page of payments of
PAYBOX.
00008 Expiry date incorrect. 00031 Reserved
Error during the creation of the
00009 subscription. 00032 Reserved
Code country of the IP address IP of the browser
00010 Currency unknown 00033
not authorized.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
In the case of a payment refused by the authorization centre (error code at 001xx), the „xx‟
represent the code sent by the centre. This code enables you to know the exact reason for the
rejection of the transaction.
For example, for a transaction refused on the grounds of „insufficient funds‟, the error code sent
would be 00151.
All the codes are given on page 62 of this manual.
d – Notes on the PAYBOX signature
By using PAYBOX signature in the variables to be turned to your URLs, you can make sure that
:
 the returned data aren‟t modified,
 the calls of your URLs are made by PAYBOX.
The signature PAYBOX is generated with the SHA-1 algorithm with a RSA key. Before
checking, the signature must be URL decoded but not the datas.
It is important to note that the data K of variable "PBX_RETOUR" must be always to be located
in last position. For example :
 PBX_RETOUR=montant:M;auto:A;idtrans:S;sign:K is ok
 PBX_RETOUR=montant:M;auto:A;sign:K;idtrans:S is not ok
The public key of PAYBOX is in free downloading from our site “www.paybox.com”. To be in
keeping with safety regulations, PAYBOX may change its pair of public/private key : you will
have to be able to install different keys in your servers.
With the HTTP URL, the electronic signature is only made with regard to the contents of the
variable PBX_RETOUR, while three others URL the signature is calculated on all the variables.
e – Interfacing with the PAYBOX DIRECT Plus process
The value U of the variable “PBX_RETOUR” insures an interfacage with the PAYBOX DIRECT
Plus process ([see page 53]). You have to sign with our sales department a license of use of this
process.
The informations sent from our servers to your servers are :

A_Part_Of_Crypted_Card++Expiry_Date_Format_YYMM++CVV
Three previous informations are separated by the string “++”. The part of crypted card is
“encoded URL” and you must “decoded URL” in order to use with the PAYBOX DIRECT Plus
process.
It‟s the order reference which will be used as a reference subscribed for PAYBOX Direct Plus.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
VI – THE VARIOUS OPTIONS AND PERSONALIZATIONS
a – Managing deferred payments :
Paybox System can manage deferred payments; that is, it can keep the transactions for a certain
number of days before sending them to the remote data collection centre to charge the
purchaser and credit the retailer.
This option can be particularly useful when the retailer wishes to be sure that the goods or the
service have been delivered to the customers before they are charged.
On the Paybox System registration form, you will be asked to specify the default number of
days you wish the payment to be deferred (if any) :
- 1 : the payment will be sent the following day

- 2 : the payment will be sent two days later,
- etc.
b – Managing the intermediary page :
The use of the variables „PBX_TXT‟, „ PBX_WAIT‟, „ PBX_BOUTPI‟ and „ PBX_BKGD‟ allow you
to manage the intermediary „Paybox‟ page which is displayed just prior to the „Paybox‟
payment page.
 „PBX_T
TXT‟ :
This enables text to be displayed on this page. It should be entered in HTML format. You will
then be able to add tags for line feed, to put text in bold or in italics etc.
For example, if PBX_TXT is as follows :
<center><b>You are being sent to a Paybox secure payment page</b><br>Once payment has
been made, you will receive an e-mail containing your purchase receipt.<br><i>Please wait a
few seconds…</i><br></center>
you will obtain :
You are being sent to a Paybox secure payment page

Once payment has been made, you will receive an e-mail containing your purchase receipt.
Please wait a few seconds…
 „PBX_W
WAIT‟ :
This allows you to manage the delay in displaying the intermediary page. The value is in
milliseconds : if you wish to display the page for 10 seconds before going onto the automatic
payment page, you choose PBX_WAIT = 10000.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
 „PBX_B
BOUTPI‟ :
This enables the removal or the modification of the name of the „paybox‟ button. The value of
this variable must therefore be the new name for this button (for example „payment‟). To
remove this button, the value should be „nul‟.
 „PBX_B
BKGD‟ :
This allows you to change the background of the intermediary page, so that it matches, for
example, that used on your site.
You can specify :

- a name of a standard colour (red, black, yellow etc.),
- a hexadecimal colour code (#55DA5 for example),
- a file name (.gif or .jpg).
The variables PBX_WAIT et PBX_TXT are not usable if you use PBX_OUTPUT with a value of
„B‟, „C‟ or „D‟. The same applies to PBX_BOUTPI, except for the „B‟ mode (in which its use is
accepted).
Should you wish this intermediary page to be as discreet as possible (an invisible page), you
therefore need to put :
- PBX_WAIT to « 0 »,
- PBX_TXT without any text, or even any spaces
- PBX_BOUTPI to « nul »,
- PBX_BKGD to a colour which matches either the final page of your site or the Paybox
payment page.
 PBX_O
OUTPUT :
This enables you to manage the final page of the site prior to the system of payment. It is not
obligatory and can have 5 different values („A‟, „B‟, „C‟, „D‟ or „E‟). If this variable is not used or
it has an erroneous value, the „E‟ mode will be chosen by default.
mode „A‟ :
This mode allows you to create the „Paybox‟ intermediary page by default, that is, the text
“connexion en cours sur le serveur de paiement sécurisé…” („connecting to the secure payment
server…‟) and the „Paybox‟ button (on which you need to click to go through to the payment
page).
The call to modulev2.cgi will be made from the final page of your site.
mode „E‟ :
This mode also enables you to display the „Paybox‟ intermediary page by default (as in mode
A). The only difference is that the call to the payment page is made automatically (there is no
need to click on the „Paybox‟ button).
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
mode „B‟ :
This mode allows you to manage your own intermediary page. The module must be called up
on the penultimate page of your site. The module will only generate a part of the „Paybox‟
intermediary page, that is, the form :
<Form name=Paybox Action=‟https://tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi‟ Method=Post>

<INPUT TYPE=hidden NAME=PBX_DATA VALUE=‟v401TE…C9Q9CAN‟>
<INPUT TYPE=hidden NAME=PBX_LANGUE VALUE=‟FRA‟>
<INPUT TYPE=SUBMIT VALUE=‟PAYBOX‟>
</Form>
Thus, when creating the last page of your site, you will have (at source) this form which will
enable the call up of the payment page with the variables (PBX_DATA and the other variables).
You can also choose the screen background, the text, the font etc. for this page.
mode „C‟ :
This mode is similar to the mode „B‟, but it removes the „Paybox‟ button and the tag </Form>.
This enables you to modify the name of the button (to call it „payment‟ instead, for example) or
to remove it etc.
mode „D‟ :
The aim of this mode is to display only the variable PBX_DATA. Thus, on the last page of your
site, you will have to manage the button (if you wish to include it), and call up the payment
page with PBX_DATA (which is given to you), PBX_RETOUR and the other non-compulsory
variables.
Managing this mode entails the development of a script on the part of the retailer, which
enables the retrieval of the variable and the generation of the page.
c – Managing the error codes :
When there is a problem in execution or with inappropriate parameters, the „modulev2.cgi‟

displays an error message such as :
PAYBOX INPUT ERROR (code XX)
XX is a negative value which details the error found.
If you wish to manage the description of these errors (represented by Paybox in numerical
form), you can use the variable „PBX_ERREUR‟.
It will contain your url which will be called up instead of the page displaying the text
„PAYBOX INPUT ERROR (code xx) „.
Paybox will add a variable, named « NUMERR », to follow your url : its value will be the code
„xx‟, to enable your script to identify the type of error and to display the corresponding
message.
You will thus be able to redirect you customer towards a url of your choice, which can explain
in more detail the reason for the error.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
For example, suppose your script reads :
PBX_ERREUR = http://www.commerce.fr/cgi-bin/message_err.cgi
If the customer has made a mistake in typing in his e-mail address sent to Paybox via the
variable „PBX_PORTEUR‟, instead of receiving the following type of message :
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
You can display your own message, for example :
Below is a list of errors and their meanings :
code signification
-1 error in reading the parameters via stdin (POST method) (error in http reception).
-2 Error in memory allocation. Not enough memory available on the trader‟s server.
-3 Error in reading the parameters QUERY_STRING or CONTENT_LENGTH. (http error).
-4 PBX_RETOUR, PBX_ANNULE, PBX_REFUSE or PBX_EFFECTUE are too long (<150 characters).
-5 Error in opening the file (if PBX_MODE contains 3) : local file non-existent, not found or access error.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
-6 Error in file format (if PBX_MODE contains 3) : local file badly formed, empty or lines are badly formatted.
A compulsory variable is missing (PBX_SITE, PBX_RANG, PBX_IDENTIFIANT, PBX_TOTAL, PBX_CMD,
-7 etc.)
One of the numerical variables contains a non-numerical character (site, rank, identifier, amount, currency
-8 etc. )
-9 PBX_SITE contains a site number which does not consist of exactly 7 characters.
-10 PBX_RANG contains a rank number which does not consist of exactly 2 characters.
-11 PBX_TOTAL has more than 10 or fewer than 3 numerical characters.
-12 PBX_LANGUE or PBX_DEVISE contains a code which does not contain exactly 3 characters.
-13 PBX_CMD is empty or contains a reference longer than 250 characters.
-14 Not used
-15 Not used
-16 PBX_PORTEUR does not contain a valid e-mail address.
-17 Error of coherence (multi-baskets) : Reserved Future Usage
-18 XSS detection
-20 Bad number of gift cards (1 to 3). See specific documentation about payments with gift cards.
-21 Value of the variable > length maxi of the variable
d - Personalization of the payment page :
You need to send us your pictures (logos, banks etc.), the background, the font and the buttons
("validate", "cancel" and “back to shopping”) to the address "support@paybox.com".
It is essential that the buttons "validate", "cancel" and “back to shopping” be sent in "gif" format
in all the required languages (French, English, German, Spanish, Italian etc.) They will be
treated by PAYBOX SERVICES.
The other pictures can be in "gif" or "jpeg" format.
e - Personalization of the payment receipt :
You can personalize the payment receipt e-mail sent to the customer. To do this, you just need
to send us an HTML file (by e-mail to support@paybox.com) containing the text and/or a
picture (links towards a site or other pictures are better avoided).
We will need your site number, your rank number and your identifier (PBX_SITE, PBX_RANG
and PBX_IDENTIFIANT). You also need to inform us if you require an insertion at the
beginning or at the end of the mail.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Heading format of the CARTE BANCAIRE
transaction receipt
The detailed contents of a
payment receipt :
Date and local time of the 25/05/2001 à 17:11 Example of a payment ticket :
transaction
PAYBOX Ref commande : bc.01
Name and address of your
66 PERPIGNAN En cas de réclamation,
company (summarized)
veuillez rappeler ces
Site number 1999888 références auprès du site
commerçant.
xxxxxxxxxxxxx (the first 6 numbers and the last
Customer‟s card number number must be deleted) CARTE BANCAIRE
Card expiry date 0310 27/06/2004 à 17:11
Transaction file nº (you don‟t PAYBOX

need this) + n° of the machine 66 PERPIGNAN
82 99 104377 1999888
(rank) + transaction nº (num
trans)
------123456789012-
M = manual input + operation 0310
M DEBIT @
type + @ = authorized
00 99 104377
Authorization number of a AUTO: XXXXXX M DEBIT @
transaction
AUTO: 987654
Amount of the transaction MONTANT = 12.50 EUR
MONTANT = 12.50 EUR
POUR VOTRE INFORMATION
Amount of the transaction in 81.99 FRF POUR INFORMATION
another currency 1 EUR = 6.55957 FRF 81.99 FRF
1 EUR = 6.55957 FRF
Read mode of the holder‟s SAISIE MANUELLE SAISIE MANUELLE
number
TICKET A CONSERVER
Footnote format of the TICKET A CONSERVER Email client :
transaction receipt contact@paybox.com
Please note : Both the customer and the seller receive a receipt (as with a standard payment
terminal) with, at the beginning of the receipt, the first 50 characters of the order reference. At
the foot of the receipt is the customer‟s e-mail address.
f – Payment server availability test :
The documentation of the variable “PBX_PING” only enables you to carry out an availability
test of a PAYBOX SERVICES payment server.
Using this function can be useful to ensure the availability of a payment server for the « Paybox
System » processing, for example before the Internet buyer fills his basket.
To do this, you need to document this variable using the value “1”, and our application
“modulev2.cgi” must be used in command line mode. This will send back 1 if servers are
unavailable and 0 when successful. Moreover, an output is generated to the standard output,
indicating the server that can be used.
The connection attempt to our servers is carried out following the TCP port 443, corresponding
to the default of the variable “PBX_PORT”.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
When using this function, the compulsory variables must also be documented, and the
variables PBX_PAYBOX and PBX_BACKUPx are taken into account in the search for an
available server.
VII – THE METHOD OF PAYMENT PRE-SELECTION PAGE
A pre-selection page concerning the type and the method of payment is displayed before the
payment page only if you are registered with PAYBOX SERVICES for several types of payment
( such as card, PayPal, Cellphone Payment etc.) or for several private cards.
The page looks like this :
Following the choice of the Internet buyer, the payment page will be displayed differently
depending on his selection. For example, he/she will not be required to type in a visual
cryptogram for a Diners Card, but he will be required to do so for an American Express card, or
for a Cellphone Payment, the page will be adapted to enable the input of a telephone number.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
On the other hand, if you have not registered this option with PAYBOX SERVICES, Internet
buyer will never see this page. They will be sent directly to the payment page.
a – Presetting of type and method of payment :
Using the variables „PBX_TYPEPAIEMENT‟ and „ PBX_TYPECARTE‟ you can directly favour
one type of payment or type of card over another.
The following table shows the reaction of the pre-selection page to the information that you
supply to these two variables. For card types „CB‟ (Carte Bleue), „VISA‟,
„EUROCARD_MASTERCARD‟ and „E_CARD‟, the pre-selection page behaves in an identical
fashion.
PBX_TYPEPAIEMENT PBX_TYPECARTE Page de présélection

CARTE Choice of card type.
CB
or
VISA
The pre-selection page isn‟t displayed,
CARTE or
direct redirection to the payment page.
EUROCARD_MASTERCARD
or
E_CARD
CARTE AMEX
CARTE DINERS
CARTE JCB
CARTE COFINOGA
CARTE SOFINCO
CARTE AURORE
CARTE CDGP
CARTE 24H00
CARTE RIVEGAUCHE

PAYPAL PAYPAL

UNEURO UNEURO
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
NETRESERVE NETCDGP
NETRESERVE NETCOF
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Option for Subscription
Management
I - PRESENTATION :
The management of payments by subscription enables the retailer to manage periodic payments
or payments in several installments on behalf of customers. Thus, once the initial payment has
been made, the customer will be charged in a cyclical fashion, according to the frequency
chosen in advance by the retailer.
Subscription management using Paybox System is a basic management programme : it is only

intended for simple subscriptions, based on the monthly renewal of payment of a same amount,
over a period determined in advance by the retailer. These parameters cannot be modified
thereafter.
Despite its simplicity, the system offers flexibility in the settings enabling, particularly in the
case of deferred payments, a considerable range when activating the first renewal of
subscription.
To manage this option, which is only available on the „Paybox System‟ product, you need to
request it from our technical sales service and modify the contents of the variable PBX_CMD
following the instructions below.
II – PARAMETERIZING :
The management of subscriptions is carried out via various „sub-variables‟, which need to be
inserted at the end of your order reference detailed in the variable „PBX_CMD‟.
The size of the variables must be respected and their names are fixed and in capital letters.
name description size

amount of future withdrawals in centimes (0 = amount identical to the initial
IBS_2MONT payment detailed in PBX_TOTAL).
10 figures
IBS_NBPAIE number of withdrawals (0 = unlimited). 2 figures
IBS_FREQ frequency of withdrawals in months. 2 figures
day of the month when the withdrawal will be made (0 = the same day as the
IBS_QUAND initial payment.). 2 figures
IBS_DELAIS Number of days to wait before activating the beginning of the subscription. 3 figures
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The other information for the payment via the „Paybox System‟ product does not change. The
currency is passed by the variable PBX_DEVISE and the amount of the first payment (which
may differ from the subscription withdrawals) is passed in the variable PBX_TOTAL.
examples of subscriptions :
PBX_SITE = 1999888
PBX_RANG = 99
PBX_IDENTIFIANT = 2
PBX_TOTAL = 1500
PBX_DEVISE = 978
………
PBX_CMD = ma_ref123IBS_2MONT0000000500IBS_NBPAIE00IBS_FREQ01IBS_QUAND28IBS_DELAIS005
………
If the initial payment (15 euros, that is 1500 centimes) is made on November 28 for example, the
first withdrawal will take place on December 03 (as the registration of the subscription is made
5 days later via IBS_DELAIS).
All withdrawals are for an amount of 5 euros (that is, 500 centimes) (IBS_2MONT), carried out
on the 28th (IBS_QUAND) of each month (IBS_FREQ) until a request for cancellation
(IBS_NBPAIE) has been received from you or until the authorisation center issues a rejection (if
the bank card has expired).
PBX_SITE = 1999888
PBX_RANG = 99
PBX_IDENTIFIANT = 2
PBX_TOTAL = 2000
PBX_DEVISE = 978
………
PBX_CMD = ma_ref123IBS_2MONT0000000550IBS_NBPAIE10IBS_FREQ03IBS_QUAND31
………
If the initial payment (20 euros) is made on November 28 for example, the first withdrawal will
take place on November 31 (as the registration of the subscription is immediate via IBS_DELAIS
which is non-existent).
10 withdrawals (IBS_NBPAIE) of 5.50 euros (IBS_2MONT) will be made every 3 months
IBS_FREQ) on the last day of the month (IBS_QUAND).
Table showing examples of renewal dates :

Date IBS_QUAND IBS_DELAIS Next date of renewal
27.11.2003 0 0 27.12.2003
27.11.2003 0 2 29.11.2003
27.11.2003 0 7 04.12.2003
27.11.2003 2 0 02.12.2003
27.11.2003 3 2 03.12.2003
27.11.2003 29 2 29.11.2003
27.11.2003 30 2 30.11.2003
27.11.2003 4 8 04.01.2004
27.11.2003 6 8 06.12.2003
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
27.11.2003 3 12 03.01.2004
27.11.2003 31 2 30.11.2003
27.11.2003 3 40 03.02.2004
27.11.2003 6 40 06.01.2004
27.11.2003 10 40 10.01.2004
27.11.2003 0 40 06.01.2004
When a subscription is made, a „payment receipt‟ e-mail is sent to both the retailer and the
customer, detailing the amount and the date of the next withdrawal.
The mail sent to the customer contains the following :

Next withdrawal on xx/xx/xxxx of the amount xx.xx Eur
(in case of query, please contact the retailer).
The mail sent to the retailer contains the following :

Next withdrawal on xx/xx/xxxx of the amount xx.xx Eur
To cancel this subscription, please quote the PAYBOX reference xxxxxxx.
Please note :
- If using „URL http‟, it will be also be called, whether the renewal is successful or not. The
variable ETAT_PBX will be added to the URL with the added information
PBX_RECONDUCTION_ABT. For example :
http://www.commerce.fr/traite.php?ETAT_PBX=PBX_RECONDUCTION_ABT&Mt=1200&Tr
ans=12345678&Ref=MaReference&Autorisation=987654&NumAbonnement=56789"
Cancelling a subscription (version post-November 2004) :
Cancellations can be made via the Back Office (see page 66) or by e-mail to the address
„abonnev2@paybox.com‟ with the subject marked as „PBX_SITE
PBX_RANG PBX_IDENTIFIANT‟ (see page 68) and containing the following :
On the first line :

.
PAYBOX-v2004
On the following lines :

- the subscription reference (detailed in the payment receipt mail or in the back office)
or
- your order reference (detailed in the variable PBX_CMD) preceded by the letter „R‟.
Example (for the test site) :
To:abonnev2@paybox.com
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Subject:1999888 99 2
PAYBOX-v2004
0000000501
0000012003
or
To:abonnev2@paybox.com
Subject:1999888 99 2
PAYBOX-v2004
R123abcd
R456defg
PAYBOX will then reply to the sender with a mail of the following type :
Subject:reponse resiliation
PAYBOX-v2004
Erreur 0000000501
Resilie 000001203
(„Erreur‟ signifies a problem in cancelling a subscription and „Résilié‟ signifies that the
cancellation has been successfully carried out.
Cancelling a subscription :
Cancellations can be made via le Back Office (see page 66) or by calling the URL
« https://tpeweb.paybox.com/cgi-bin/ResAbon.cgi » or « https://tpeweb1.paybox.com/cgi-
bin/ResAbon.cgi » if the first is not available.
The method used is GET or POST, and, the verbs are :
Name Description Length Type
VERSION Protocol version : 001 3 numbers Mandatory
Type of request :
TYPE 3 numbers Mandatory
 001 : Cancellation
SITE Site number given by the bank 7 numbers Mandatory
MACH Rank number givern by the bank 3 numbers Mandatory
PAYBOX identifier, supplied by PAYBOX SERVICES at the time of 1 to 9

IDENTIFIANT Mandatory
registration. numbers
Mandatory if
1 to 9
ABONNEMENT The subscription number to cancel there is not
numbers
order
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
reference.
Mandatory if
1 to 250 there in not
REFERENCE Order reference to cancel
characters subscription
number.
The response returned through three variables :
Name Description Length Type
OK : succesfull 2
ACQ Mandatory
NO : failed characters
Number of error if the cancellation is failed :
 1 : technical incident (Configuration), Mandatory if
 2 : not coherent data , the
ERREUR 1 number
 3 : technical incident (Access to database) cancellation is
 4 : Site unknown, failed
 9 : Cancellation failed.
1 to 9
IDENTIFIANT Value of the question Mandatory
numbers
Mandatory if
1 to 9 there is not
ABONNEMENT Value of the question
numbers order
reference.
Mandatory if
1 to 250 there in not
REFERENCE Value of the question
characters subscription
number.
Examples :
Cancellation by subscription number :

https://tpeweb.paybox.com/cgi/ResAbon.cgi?VERSION=001&TYPE=001&SITE=1999888&M
ACH=099&IDENTIFIANT=2&ABONNEMENT=1
Response if succesfull : ACQ=OK&IDENTIFIANT=2&ABONNEMENT=1

Response (Cancellation failed) : ACQ=NO&ERREUR=9&IDENTIFIANT=2&ABONNEMENT=1
Cancellation by order reference :

https://tpeweb.paybox.com/cgi/ResAbon.cgi?
VERSION=001&TYPE=001&SITE=1999888&MACH=099&IDENTIFIANT=2&REFERENCE=refc
md1
Response if succesfull : ACQ=OK&IDENTIFIANT=2&REFERENCE=refcmd1
Please note that the PAYBOX SYSTEM does not send an e-mail to the cardholder when the
cancellation is made by the retailer except when the cancellation is done by the backoffice
solution.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The „Batch Processing by File Deposit‟ Product.
I - PRESENTATION :
The product „Batch Processing by file deposit‟ enables you to process a group of transactions via
a coded and signed file which is deposit ob the servers of PAYBOX SERVICES. Once the file has
been processed by us, it will be returned to the sender through a second file called file “status”.
The retailer thus prepares the “Question” XML file, which contains the payments to be made,
cancelled or modified : it must only contain transactions from one, single retailer (a single
site/rank).
This file has to respect :

 The XML Schema Definition (xsd) which is in download area since the web site of
PAYBOX SERVICES ( www.paybox.com ). With the infrastructure XML, you can
validate the file and the type of the data,
 The specifications XML of the consortium W3C concerning the encoding
(http://www.w3.org/TR/xmlenc-core) and at the signature
(http://www.w3.org/TR/xmldsig-core/) according to the algorithm AES with keys
RSA.
The use of these standards and requirements, will allow a better continuity of the solution in the
futur, an independence towards platforms and an increase of the security.
II – THE KINEMATICS OF THE PROCESS :
a – Prerequisites :
Requirements for the implementation of this process are described in the document which you
can download since our site :
http://www1.paybox.com/telechargements/tplplus_sftp.pdf
b – Deposit by the retailer :
This procedure requires the retailer to connect to one of our servers in order to deposit his/her
files. The main server is ftp2.paybox.com and the backup server is ftp.paybox.com.
This machines in fact play the role of a batch processing interface, in that they carry out the
preliminary verifications before processing the files : each client deposits his files and each
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
client has his dedicated directory. This means that when the client connects to this machine, he
cannot explore the disk tree structure.
The means of connecting and of depositing files is through sftp (“s” for secure) on the TCP port
5752. Retailer authentication is carried out by a public key which you must give to us. You, in
turn, must keep your private key. It is thus unnecessary to request the input of a password,
enabling the automatic execution of the connection script.
However, the file(s) deposited are still encrypted even though the connection is secured.
Once the file has been processed, it will be made available to you in your dedicated directory
with a particular extension (“.status.xml”) to differentiate it from the original.
c – File Management :
Each program involved in the procedures of deposit and withdrawal must make sure that a file
is not being used by another. To this end, the command “fuser” is able to carry out the test.
The risk of not carrying out this check is that you may not recover the totality of the file.
Exchange of files must be carried out respecting the following extensions :
 The files deposited in your directory “/home/in” must have the extension “.xml”,
 As soon as you file is taken into account by our processing line, it is copied in the
directory “/home/encours”,
 At the end of the processing, the file “Responses” will be in the directory “/home/out”.
Please note that the size of your deposit directory is limited in size and that it is for you to
purge the directory. In addition, all files bearing an extension other than that previously
mentioned will be deleted by our system.
In the directory « /home/out », a file with extension « .err » means that :

 The signature didn‟t check (For example, the public key given by the merchant to
PAYBOX didn‟t link to the private key of the merchant),
 The decoding of the file was failed (For example, the public key of PAYBOX didn‟t use to
code the file),
 The check of the file « Question » was failed (schema didn‟t validate).
d – Useful commands :
Here the syntax of some commands for LINUX in order to manage your directories of deposits
and recovery : "user" corresponds to your name of user supplied by the technical departments
of PAYBOX :
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
 File transfer from your servers to our servers :
sftp - P5752 your_file.xml user@ftp2.paybox.com:/home/in
 Recovery of a file from our servers :

sftp - P5752 user@ftp2.paybox.com:/home/out/your_file_to_get.status.xml
/your_local_directory_name/
 To know the list of the files on PAYBOX servers PAYBOX :

ssh - P5752 user@ftp2.paybox.com "ls - the /home/out/"
 To remove a file on PAYBOX servers :

ssh - P5752 user@ftp2.paybox.com "rm - f /home/out/filename_to_delete"
Simple connection in ssh (ssh - p5752 user@ftp2.paybox.com) is possible but it will be breaked
by our servers at the end of 5 seconds by indicating as reason that this type of connection is
refused.
e – Scenario :
The scenario to process a file :

1. Create a XML file « Question » and validate the file with the XML Schema Definition
« PayboxSignedBatch.xsd »,
2. Sign the file with your private key RSA and digest SHA-1,
3. Encode the file : algorithme AES and the public key RSA of PAYBOX SERVICES. The key
can be downloaded from www.paybox.com,
4. Deposit the file in the directory « /home/in »,
5. PAYBOX SERVICES decode the file with our private key,
6. PAYBOX SERVICES check the signature with your public key RSA,
7. PAYBOX SERVICES check validate the file “Question” and the type of the data,
8. PAYBOX SERVICES process all records of the file. It‟s approximately necessary 1s for the
processing of a transaction.
9. PAYBOX SERVICES create the file « .status.xml » and sign the file,
10. Deposit of the file of the answers in the directory "/home/out",
11. Recovery the file and check validate the file “status” and the type of the data with the file
« PayboxBatch.status.xsd »,
f – Informations for the cryptography :

The use of the signatures allows each of the parts to make sure of the identity of the issuer and
it independently of the used method of transfer.
The signature is made before the encoding of the file in order to strengthen the security and in
application of the principle "Only what is Seen Should be Signed".
In production, any not validated signature has to warn you on the origin of the file and you
have to contact our hot-line.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The coding of the file is made for the creation of the file "Question" but not for the file “status”
because there isn‟t data from the cardholder. Coding is made on all the contents of the element
"Merchant". The file « status » is signed by the applications of PAYBOX Services.
III – THE OPERATION RETURN CODES :
Reply code concerning the status of the transactions processed (see page 60).
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The „PAYBOX Direct‟ Product
I - PRESENTATION :
The product « Paybox Direct PPPS » (Paiement Paybox Par Socket in french) enables you to
send a transaction to PAYBOX SERVICES via a « question » frame, and to obtain in return a
« réponse » (reply) frame, which informs you of the acceptation or refusal of the request.
The principal of PPPS is therefore to:

- Create a « question » frame,
- Call a present URL on the servers of PAYBOX SERVICES,
- Recover the « réponse » frame, returned by PAYBOX SERVICES after processing the
transaction.
II – EXCHANGE PROTOCOL :
Frames are formed by a assembly of couples "verb, value"

(…TYPE=00001&MONTANT=1000&SITE=1999888&…) in the style of a HTML form variables
of which are sended via a method POST. For information, the method GET is not authorized by
our applications.
The frame stion" will be sended to the servers of PAYBOX SERVICES via the call of the URL
“https://ppps.paybox.com/PPPS.php” or “https://ppps1.paybox.com/PPPS.php” if the first
URL isn‟t available.
If the code of the response is "00001“, “00097” or “00098” it is recommended to call the URL of
the backup servers of PAYBOX SERVICES : “https://ppps1.paybox.com/PPPS.php”.
To obtain an answer on behalf of the servers of PAYBOX SERVICES, the verbs "SITE" and
"RANG" must be informed and coherent.
Example of call via a HTML form :
<html>
<body>
<form action="https://ppps.paybox.com/PPPS.php" method="post" name="Tests PPPS en HTTPS">
Date (DDMMYYYY) <input name="DATEQ" value="20032007" size="8" maxlength="8" type="text"><br>

Type of question <input name="TYPE" value="00001" size="5" maxlength="5" type="text"><br>
Number of question <input name="NUMQUESTION" value="0000000001" size="10" maxlength="10"
type="text"><br>
Amount <input name="MONTANT" value="1000" size="10" maxlength="10" type="text"><br>
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Site <input name="SITE" value="1999888" size="7" maxlength="7" type="text"><br>
Rang <input name="RANG" value="99" size="2" maxlength="2" type="text"><br>
Order command <input name="REFERENCE" value="Hello World" size="30" maxlength="30" type="text"><br>
<input name="VERSION" value="00103" type="hidden"><br>

<input name="CLE" value="1999888I" type="hidden"><br>
<input name="IDENTIFIANT" value="" type="hidden"><br>
<input name="DEVISE" value="978" type="hidden"><br>
<input name="PORTEUR" value="4970100000008298" type="hidden"><br>
<input name="DATEVAL" value="1010" type="hidden"><br>
<input name="CVV" value="123" type="hidden"><br>
<input name="ACTIVITE" value="024" type="hidden"><br>
<input name="ARCHIVAGE" value="AXZ130968CT2" type="hidden"><br>
<input name="DIFFERE" value="000" type="hidden"><br>
<input name="NUMAPPEL" value="" type="hidden"><br>
<input name="NUMTRANS" value="" type="hidden"><br>
<input name="AUTORISATION" value="" type="hidden"><br>
<input name="PAYS" value="" type="hidden"><br>
<input type="submit">
</form>
</body>
</html>
III - DEFINITION OF THE « QUESTION » FRAME :
name signification size example

Numerical value of the PPPS version (default value
00103).
VERSION 5 figures 00103
field mandatory
Date and time at which the frame was sent (date of the
day) in the format ddmmyyyyhhmmss. (day month
year hour minute second).
DATEQ 14 figures 13022003103050
field mandatory. Used for the SQL requests for type 11
(format JJMMAAAA)
Type of request concerning the transaction :
1 = authorization, 2 = debit, 3 = authorization + debit, 4
= credit, 5 = cancellation, 11= Checking of the existence
of a transaction, 12 = transaction without request for
TYPE 5 figures 00003
authorization, 13 = Modification of the amount of a
transaction, 14 = Refund, 17 = Consultation
Field mandatory
Single request identifier which prevents confusion over
replies in the case of multiple and simultaneous
questions (it can be reset to zero each day).
NUMQUESTION 10 figures 0000000001
1 <= NUMQUESTION <= 2147483647
Field mandatory
Membership number supplied by the retailer‟s bank.
SITE 7 figures 1999888 (test site)
Field mandatory. Used for the SQL requests for type 2, 5,
11, 13 and 17
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Site rank number supplied by the retailer‟s bank.
RANG 2 figures 99 (test site)
11, 13 and 17
Key activated only with the version 00103 [see below].
CLE 8 characters 1999888I (test site)
Field mandatory for all messages up to version “00103”
IDENTIFIANT Empty field. 10 figures RFU.
Amount of the transaction in centimes (no commas, no

decimal points).
MONTANT 10 figures 0000002530
Field mandatory. Used for the SQL requests for type 2
and 11
Code of the currency used (978 for the euro).
DEVISE 3 figures 978
field mandatory
Retailer‟s reference which enables the clear identification
of the order corresponding to the transaction.
250 characters
REFERENCE TR364875-lot2a
maximum
Field mandatory except for type 13. Used for the SQL
requests for type 11
Cardholder (customer) card number, without spaces, left
justified.
PORTEUR 19 characters 1111222233334444
Field mandatory for type 1, 3, 4 and 12. Not checked for
type 5 and 17
Expiry date of the cardholder‟s card in format MMYY.
DATEVAL 4 figures 1002
Field mandatory for type 1, 3, 4, 5 and 12
Visual cryptogram located on the back on the bank card.
3 or 4
CVV 123
N.B : AMERICAN EXPRESS cards have a 4-number CIN characters
(Card Identification Number) on the reverse side.
Electronic commerce indicator (ECI) enabling the
ACTIVITE provenance of the various electronic money movements 3 figures 024
to be distinguished [see page 47].
Filing reference given to your bank. It should be unique
12 characters
ARCHIVAGE and can allow to your bank to supply you an AXZ130968CT2
maximum
information in case of chargeback.
A number of days before to send the transaction at your 3 figures
DIFFERE 000
bank in order to credit your bank account. maximum
Number entered by Paybox in the « REPONSE » frame :
this field must be filled in on the next „QUESTION‟
frame if it concerns a request for capture or cancellation.
For other types of request (1, 3 or 4), this field remains
NUMAPPEL 10 figures
empty.
Field mandatory for type 2, 5 et 13. Use for the SQL

requests for type 2, 5 et 13
Number entered by Paybox in the « REPONSE » frame
when handling a payment likely to be sent to the bank :
NUMTRANS For other types of request (1, 3 or 4), this field remains 10 figures
empty.
Field mandatory for type 2, 5, 13 and 17. Use for the SQL
requests for type 2, 5 et 13
Number of authorization provided by the merchant 10 characters
AUTORISATION 130968
following a phonic call near its bank. maximum
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Field used for type 1, 3 and 13.
The country code of the issuer (bank of the cardholder)
PAYS
to return in the “response frame”.
PRIV_CODETRAITEMENT payment with SOFINCO card (or partner of SOFINCO) 3 figures
or COFINOGA card.
Date of birth of the cardholder for the payment with
DATENAISS 8 figures 08031964
COFINOGA card.
“PAYPAL” : Value provided by the merchant in order to 16 characters
ACQUEREUR
cancel or capture a payment via PayPal. maximum
The type card used for the payment is returned in the
TYPECARTE
« response frame ».
The SHA-1 digest of the card number is returned in the
SHA-1
PBX_ERRORCODETEST environment. Variable ignored in the production 5 numbers 00005
environment.
Request for simple debit :
For this type of request, the following headings are used in the request by our database :
 SITE
 RANG
 MONTANT
 NUMAPPEL
 NUMTRANS
That is why their presence and their content must not differ from that which is sent back in the
return frame when the request concerns a simple authorisation.
Checking of the existence of a transaction :
 REFERENCE
 MONTANT
 DATEQ
That is why their presence and their content must have the same values that into our database.
Modification of the amount of a transaction :
 SITE
 RANG
 NUMAPPEL
 NUMTRANS
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
return original frame. A new request for authorization will be made near the bank of the
merchant, and the original transaction will be automatically cancelled if the new transaction is
authorized.
Capture of a transaction :
It‟s advised to wait at least 30 seconds between a request of authorization and a capture of this
transaction.
Key management with version 00103 :
The field CLE (key), which enables more precise identification of the sender, represents extra
security PPPS exchanges.
The value of this field corresponds to the back office password which can be requested from the
technical support team and sent by fax only to the retailer.
Once this key has been used for the first time, the preceding versions (00101 and 00102) will be
inaccessible, with the process refusal represented by reply code 00013.
The various values of the ACTIVITE field :
The bank needs to differentiate the provenance of the various electronic money movements in
order to correctly fill in the fields concerning the ECI (Electronic Commerce Indicator).
Below are the possible values for the type of activity :
020 : non specified,

021 : request by telephone,
022 : request by correspondence,
023 : request by minitel,
024 : request by internet,
027 : regular payment.
IV - DEFINITION OF THE « REPONSE » FRAME :
Name signification size example

Number of the transaction created on
NUMTRANS 10 figures 0000563149
Paybox.
Number of the request handled on
NUMAPPEL 10 figures 0000782653
Paybox.
single request identifier which prevents
confusion over the replies in the case of
NUMQUESTION multiple and simultaneous questions. 10 figures 0000000001
1 <= NUMQUESTION <= 2147483647

membership number supplied by the
retailer‟s bank.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
site rank number supplied by the
retailer‟s bank.
membership number supplied by
IDENTIFIANT American Express or Diners Club for the 10 figures
administration of their cards.
authorization number granted by the
10 characters
AUTORISATION authorization centre of the retailer‟s 168753
maximum
bank if the payment is accepted.
reply code concerning the status of the
question treated : operation accepted or
CODEREPONSE 5 figures 00007 (invalid date)
refused [see below the various reply
codes].
COMMENTAIRE Supply messages of information. 100 characters PAYBOX+PPPS
the country code of the issuer (bank of
the cardholder). The value “???” means 3
PAYS an unknown code. alphabeticals FRA
characters
ISO 3166 norm (alphabetic code)
10
TYPECARTE The type card used for the payment. alphabeticals Visa
characters
40
SHA-1 The SHA-1 digest of the card number alphabeticals F8BF2903A1149E682BE599C5C20788788256AA46
characters
Remboursé = refunded,
Annulé = canceled,
Autorisé = Authorized,
Capturé = Ready for sending to the bank,
The state of the transaction. Only for the 16 characters
STATUS Crédit : Credit,
type 17 in the question frame. maximum
Refusé : Refused,
Demande de solde = Balance Inquery (Gift card),
Crédit Annulé = Credit canceled
Rejet support = Reject helpdesk
The ID PAYBOX of the remittance. Only 9 figures
REMISE 509324981
for the type 17 in the question frame. maximum
example of a « réponse » frame :
NUMTRANS=0000436527&NUMAPPEL=0000526489&NUMQUESTION=0000000001&SITE=1999888&RANG=99
&AUTORISATION=462583&CODEREPONSE=00000&COMMENTAIRE=PAYBOX+PPPS&PAYS=FRA
This frame represents the result of a request : the transaction has been accepted by the
authorisation centre.
V - THE OPERATION RETURN CODES :
The field « CODEREPONSE », in the « réponse » frame sends back a code corresponding to the
result of the request handled by PAYBOX SERVICES.
code Signification code signification

00000 Operation successful. 00015 Error in access to previously referenced data.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
When using a version other than 00101, a
reply code of 00001 means that the
connection to the authorization centre
00001 has failed. In this case, you may make 00018 Transaction not found (type of request 11)
another attempt using the backup servers
ppps1.paybox.com and
ppps2.paybox.com.
Payment refused by the authorization
centre [see explanation page 34].
001xx if the authorization of the transaction 00019 Reserved

00002 An error in coherence has occurred. 00020 CVV not present
00003 Paybox error. 00021 Not authorized bin card.
00004 Invalid cardholder number. 00022 Reserved
00005 Invalid question number. 00023 Reserved
00006 Access refused or site/rank incorrect. 00024 Error loading of the key : Reserved Future Usage.
00007 Invalid date. 00025 Missing signature : Reserved Future Usage.
Missing key but the signature is present :
00008 Incorrect expiry date. 00026 Reserved Future Usage.
Error OpenSSL during the checking of the
00009 Invalid type of operation. 00027 signature : Reserved Future Usage.
00010 Currency unknown 00028 Unchecked signature : Reserved Future Usage.
00011 Incorrect amount. 00097 Timeout of connection ended.
00012 Invalid order reference. 00098 Error of internal connection.
Incoherence between the question and the answer.
00013 This version is no longer upheld. 00099 Retry later.
00014 Incoherent frame received.
In the case of a payment being refused by the authorization centre (CODEREPONSE 001xx),
the „ xx „ represent the code sent back by the centre. The code enables you to know the exact
reason for the rejection of the transaction.
For example, for a transaction refused for reasons of „insufficient funds‟, the CODEREPONSE
sent back will be 00151.
All the codes are detailed on page 62 of this manual.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
„PAYBOX Direct Plus‟
I - PRESENTATION
The product “PAYBOX Direct Plus” is an extension of the product “PAYBOX Direct”. It enables
the sending of a transaction to PAYBOX SERVICES via a “question” frame, and to receive in
return a “réponse” frame detailing the acceptation or refusal of the request.
La solution chosen is based on the principle of the sharing of sensitive data between the retailer
and PAYBOX SERVICES, so that the data kept by each of the parties may be unitarily
unexploitable.
This development of the “PAYBOX Direct” product provides the perfect answer to the
problematic "one-click" ordering (development of customer loyalty and/or subscriptions).
For each operation, retailers must supply PAYBOX SERVICES with the part of the data in their
possession. PAYBOX SERVICES will complete it with the part of the data that it possesses in
order to process the operation.
As for the PAYBOX Direct processing, the principle is as follows :
1. To create a « question » frame,
2. Call a present URL on the servers of PAYBOX SERVICES,
3. Recover the « réponse » frame, returned by PAYBOX SERVICES after processing the
transaction.
II – A REMINDER OF THE CONTEXT
1. No storage of sensitive data at the retailer‟s or at PAYBOX SERVICES,
2. The registration, modification, and the removal of a subscriber remain at the initiative of
the retailer,
3. The activating of a payment operation remains at the initiative of the retailer, whether it
be outside or within the context of a subscription,
4. The characteristics of each subscription (amount, frequency of payments, length etc.) are
managed by the retailer.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
III - PAYBOX DIRECT Plus (Subscription management option)
a – Possible actions
The current production version of PPPS allows the following operations :

 Simple authorisation
 Authorisation + debit
 Debit (on a previous authorization)
 Credit
 Cancellation (of a previous operation)
 The extended PPPS product will also allow the following operations :
 Registration of a new subscriber
 Modification of an existing subscriber
 Removal of a subscriber
 Simple authorization of a subscriber
 Authorization + debit of a subscriber
 Debit of a subscriber (on a previous authorization)
 Credit of a subscriber
 Cancellation of an operation of a subscriber
b - New operations linked to subscription
When a new subscriber is registered, the retailer must supply PAYBOX SERVICES with the
same fields as for the current “PAYBOX Direct” request for authorization, accompanied by the
(unique) subscriber reference.
PAYBOX SERVICES will check the unicity of the subscriber reference and will make the various
validity checks, such as expiry date and black list etc. It will then make a request for simple
authorisation (without debit) and, if the reply from the authorization centre is positive, it will
register this new subscriber on the list of subscribers with a part of the holder‟s number. It will
then send back to the retailer the other part of the holder‟s number so that it can be kept with
the subscriber‟s reference, the expiry date and the CVV.
The same operation will be carried out following the request for the modification of a
subscriber.
For operations of debit, credit, cancellation and removal of a subscriber, the retailer must
supply the subscriber reference, the part of the holder‟s number in his possession, the expiry
date and the CVV, together with the other compulsory fields in the “PAYBOX Direct” exchange
protocol.
The “PAYBOX DIRECT” principle is :
1. To create a « question » frame,
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
2. Call a present URL on the servers of PAYBOX SERVICES,
3. Recover the « réponse » frame, returned by PAYBOX SERVICES after processing the
transaction.
c – Exchange protocol
Frames are formed by a assembly of couples "verb, value"

(…TYPE=00001&MONTANT=1000&SITE=1999888&…) in the style of a HTML form variables
of which are sended via a method POST. For information, the method GET is not authorized by
our applications.
The frame “question" will be sended to the servers of PAYBOX SERVICES via the call of the
URL “https://ppps.paybox.com/PPPS.php” or “https://ppps1.paybox.com/PPPS.php” if the
first URL isn‟t available.
If the code of the response is "00001“, “00097” or “00098” it is recommended to call the URL of
the backup servers of PAYBOX SERVICES : “https://ppps1.paybox.com/PPPS.php”.
To obtain an answer on behalf of the servers of PAYBOX SERVICES, the verbs "SITE" and
"RANG" must be informed and coherent.
Example of call via a HTML form :
<html>
<body>
<form action="https://ppps.paybox.com/PPPS.php" method="post" name="Tests PPPS en HTTPS">
Date (DDMMYYYY) <input name="DATEQ" value="20032007" size="8" maxlength="8" type="text"><br>

Type of question <input name="TYPE" value="00001" size="5" maxlength="5" type="text"><br>
Number of question <input name="NUMQUESTION" value="0000000001" size="10" maxlength="10"
type="text"><br>
Amount <input name="MONTANT" value="1000" size="10" maxlength="10" type="text"><br>
Site <input name="SITE" value="1999888" size="7" maxlength="7" type="text"><br>
Rang <input name="RANG" value="44" size="2" maxlength="2" type="text"><br>
Order command <input name="REFERENCE" value="Hello World" size="30" maxlength="30" type="text"><br>
Profil <input name="REFABONNE" value="email@tests.com" size="30" maxlength="30" type="text"><br>
<input name="VERSION" value="00104" type="hidden"><br>

<input name="CLE" value="LMFENRJC" type="hidden"><br>
<input name="IDENTIFIANT" value="" type="hidden"><br>
<input name="DEVISE" value="978" type="hidden"><br>
<input name="PORTEUR" value="4970100000008298" type="hidden"><br>
<input name="DATEVAL" value="1010" type="hidden"><br>
<input name="CVV" value="123" type="hidden"><br>
<input name="ACTIVITE" value="024" type="hidden"><br>
<input name="ARCHIVAGE" value="AXZ130968CT2" type="hidden"><br>
<input name="DIFFERE" value="000" type="hidden"><br>
<input name="NUMAPPEL" value="" type="hidden"><br>
<input name="NUMTRANS" value="" type="hidden"><br>
<input name="AUTORISATION" value="" type="hidden"><br>
<input name="PAYS" value="" type="hidden"><br>
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
<input type="submit">
</form>
</body>
</html>
IV – Definition of the “Question” frame :
name Signification size example

Numerical value of the PAYBOX Direct version (default
value 00104 for the “PAYBOX Direct Plus” version,
VERSION 00103 in the current version). 5 figures 00104
Field mandatory
Date and time of sending the frame (date of the day)
using format jjmmyyyyhhmmss. (day month year hour
minute second).
DATEQ 14 figures 13022003103050
Field mandatory. Used for the SQL requests for type 11
(format JJMMAAAA)
Type of demand concerning the transaction :
1 = Authorization, 2 = Debit, 3 = Authorization + debit,
4 = Credit, 5 = Cancellation, 11 = Checking of the
existence of a transaction, 12 = Transaction without
request for authorization, 13 = Modification of the
amount of a transaction, 14 = Refund, 17 = Consultation.
51 = Simple authorization of a subscriber, 52 = Debit of a

TYPE 5 figures 00003
subscriber, 53 = Authorization + debit of a subscriber, 54
= Credit of a subscriber, 55 = Cancellation of an
operation of a subscriber, 56 = Registration of a new
subscriber, 57 = Modification of an existing subscriber,
58 = Deletion of a subscriber, 61 = Transaction without
request for authorization.
Field mandatory
Single and sequential request identifier which prevents
confusion over the replies in the case of multiple and
simultaneous questions (it can be reset to zero each day).
NUMQUESTION 10 figures 0000000001
1 <= NUMQUESTION <= 2147483647
Field mandatory
Membership number supplied by the retailer‟s bank.
SITE 7 figures 1999888 (site test)
11, 13, 17, 52 and 55
Site rank number supplied by the retailer‟s bank.
RANG 2 figures 99 (site test)
11, 13, 17, 52 and 55
Key activated only with versions after 00103 [see below].
CLE 8 characters 1999888I (site test)
Field mandatory for all messages up to version “00103”
IDENTIFIANT Empty field. 10 figures RFU.
Amount of the transaction in centimes (no commas, no
decimal points).
MONTANT 10 figures 0000002530
Field mandatory except for type 58. Used for the SQL
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
requests for type 2, 11 and 52
Code of the currency used (978 for the euro).
DEVISE 3 figures 978
Field mandatory except for type 58
of the order corresponding to the transaction.
250 characters
REFERENCE TR364875-lot2a
maximum
Field mandatory except for type 13, 56, 57 and 58. Used
for the SQL requests for type 11
of the subscriber corresponding to the transaction.
250 characters
REFABONNE AZERTY1234567
maximum
Field mandatory for type 51, 52, 53, 54, 55, 56, 57, 58 and
61.
Cardholder (customer) card number, without spaces, left
justified. In cases of registration or of modification, the
holder‟s partial number should be left justified.
PORTEUR 19 characters 1111222233334444
Field mandatory for type 1, 3, 4, 12, 51, 53, 54, 56, 57 and
61. Not checked for type 5, 17 and 55
Expiry date of the cardholder‟s card in format MMYY.
DATEVAL 4 figures 1002
Field mandatory for type 1, 3, 4, 12, 51, 53, 54, 56 and 57
Visual cryptogram located on the back on the bank card.
3 or 4
CVV 123
N.B : AMERICAN EXPRESS cards have a 4-number CIN characters
(Card Identification Number) on the reverse side.
Electronic commerce indicator (ECI) enabling the
ACTIVITE provenance of the various electronic money movements 3 figures 024
to be distinguished [see page 55].
Filing reference given to your bank. It should be unique
12 characters
ARCHIVAGE and can allow to your bank to supply you an AXZ130968CT2
maximum
information in case of chargeback.
A number of days before to send the transaction at your 3 figures
DIFFERE 000
bank in order to credit your bank account. maximum
Number entered by Paybox in the « REPONSE » frame :
For other types of request (1, 3 or 4), this field remains
NUMAPPEL 10 figures
empty.
Field mandatory for type 2, 5, 13, 52 and 55. Used for the
SQL requests for type 2, 5, 13, 52 and 55
Number entered by Paybox in the « REPONSE » frame
when handling a payment likely to be sent to the bank :
NUMTRANS For other types of request (1, 3 or 4), this field remains 10 figures
empty.
Field mandatory for type 2, 5, 13, 17, 52 and 55. Used for
the SQL requests for type 2, 5, 13, 17, 52 and 55
Number of authorization provided by the merchant
following a phonic call near its bank. 10 characters
AUTORISATION 130968
maximum
Field used for type 1, 3, 13, 51, 56 and 57.
The country code of the issuer (bank of the cardholder)
PAYS
to return in the “reponse frame”.
PRIV_CODETRAITEMENT payment with SOFINCO card (or partner of SOFINCO) 3 figures
or COFINOGA card.
Date of birth of the cardholder for the payment with
DATENAISS 8 figures 08031964
COFINOGA card.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
“PAYPAL” : Value provided by the merchant in order to 16 characters
ACQUEREUR
cancel or capture a payment via PayPal. maximum
The type card use for the payment is returned in the
TYPECARTE
The SHA-1 digest of the card number is returned in the
SHA-1
PBX_ERRORCODETEST environment. Variable ignored in the production 5 numbers 00005
environment.
For all requests of type 51, 52, 53, 54, 55, 57 and 58, prior registration of the subscriber is
mandatory. To this end, a frame with operation type 56 must be sent to the PAYBOX SERVICES
server.
The creation of a new subscriber generates an authorization request for the exact amount in the
frame to the bank, in order to ascertain the validity of the card. Only if the bank accepts the
request, will the subscriber will be entered into the PAYBOX SERVICES database.
Following the creation of a subscriber, a type 52 (subscriber debit) frame can be sent directly if
the amount detailed in the creation frame matches the amount to be debited. If the amount is
not the same, an authorization + debit (53) needs to be sent, or a simple authorization frame (51)
followed by a debit frame (52).
Checking of the existence of a transaction, :
 REFERENCE
 MONTANT
 DATEQ
That is why their presence and their content must have the same values that into our database.
Modification of the amount of a transaction :
 SITE
 RANG
 NUMAPPEL
 NUMTRANS
return original frame. A new request for authorization will be made near the bank of the
merchant, and the original transaction will be automatically cancelled if the new transaction is
authorized.
Capture of a transaction :
It‟s advised to wait at least 30 seconds between a request of authorization or the registration of a
new subscriber and a capture of this transaction.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The various values of the ACTIVITE field :
The bank needs to differentiate the provenance of the various electronic money movements in
order to correctly fill in the fields concerning the ECI (Electronic Commerce Indicator).
Below are the possible values for the type of activity :
020 : non specified

021 : request by telephone.
022 : request by correspondence.
023 : request by minitel.
024 : request by internet.
027 : regular payment,
The principle of sharing the cardholder‟s number:
The various parties concerned by this operation must not retain sensitive data (the holder‟s
number). The principle used therefore is to spread the information contained in this data
between the various parties. The data retained by each is thus unexploitable. We give each
party one out of every two characters to keep.
The holder‟s number which is returned by our server is already split into two parts and
encrypted. It is this information that you must keep without the characters CR+LF at the end of
the line.
V - Definition of the “Response” frame :
In return PAYBOX SERVICES addresses the following data to the retailer :
name signification size example

Number of the transaction created on
NUMTRANS 10 figures 0000563149
Paybox.
Number of the request handled on
NUMAPPEL 10 figures 0000782653
Paybox.
Single request identifier which prevents
confusion over the replies in the case of
NUMQUESTION multiple and simultaneous questions. 10 figures 0000000001
1 <= NUMQUESTION <= 2147483647

Membership number supplied by the
retailer‟s bank.
Site rank number supplied by the
retailer‟s bank.
IDENTIFIANT Empty field.. 10 figures
Authorization number granted by the

10 characters
AUTORISATION authorization centre of the retailer‟s 168753
maximum
bank if the payment is accepted.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Reply code concerning the state of the
question treated : operation accepted or
CODEREPONSE 5 figures 00007 (invalid date)
refused [see below the various reply
codes].
Subscriber‟s number given in the
250 characters
REFABONNE question frame. Empty (binary zeros) in AZERTY1234567
max.
a non-subscription context.
Cardholder‟s partial number send back
by Paybox at the time of registration or 19 caractères
PORTEUR
of modification. Identical to the frame max.
question in other cases.
COMMENTAIRE Various messages of information. 100 characters PAYBOX+PPPS
The country code of the issuer (bank of
the cardholder). The value “???” means 3
PAYS an unknown code. alphabeticals FRA
characters
ISO 3166 norm (alphabetic code)
10
TYPECARTE The type card used for the payment. alphabeticals Visa
characters
40
SHA-1 The SHA-1 digest of the card number alphabeticals F8BF2903A1149E682BE599C5C20788788256AA46
characters
Remboursé = refunded,
Annulé = canceled,
Autorisé = Authorized,
Capturé = Ready for sending to the bank,
The state of the transaction. Only for the 16 characters
STATUS Crédit : Credit,
type 17 in the question frame. maximum
Refusé : Refused,
Demande de solde = Balance Inquery (Gift card),
Crédit Annulé = Credit canceled
Rejet support = Reject helpdesk
The ID PAYBOX of the remittance. Only 9 figures
REMISE 509324981
for the type 17 in the question frame. maximum
VI - THE OPERATION RETURN CODES :
The field « CODEREPONSE », in the « réponse » frame sends back a code corresponding to the
result of the request handled by PAYBOX SERVICES.
code Signification code signification

Subscriber already exists (registration of a new
00000 Operation successful. 00016 subscriber)
When using a version other than 00101, a
reply code of 00001 means that the
connection to the authorization centre
00001 has failed. In this case, you may make 00017 Subscriber non-existant
another attempt using the backup servers
ppps1.paybox.com and
ppps2.paybox.com.
Payment refused by the authorisation
centre [see explanation page 62].
001xx 00018 Transaction not found (type of request 11).
If the authorization of the transaction
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
00002 An error in coherence has occurred. 00019 Reserved.
00003 Paybox error. 00020 CVV not present.
00004 Invalid cardholder number. 00021 Not authorized bin card.
00005 Invalid question number. 00022 Reserved.
00006 Access refused or site/rank incorrect. 00023 Reserved.
00007 Invalid date. 00024 Error loading of the key : Reserved Future Usage.
00008 Incorrect expiry date. 00025 Missing signature : Reserved Future Usage.
Missing key but the signature is present :
00009 Invalid type of operation. 00026 Reserved Future Usage.
Error OpenSSL during the checking of the
00010 Currency unknown 00027 signature : Reserved Future Usage.
00011 Incorrect amount. 00028 Unchecked signature : Reserved Future Usage.
00012 Invalid order reference. 00097 Timeout of connection ended.
00013 This version is no longer upheld. 00098 Error of internal connection.
Incoherence between the question and the answer.
00014 Incoherent frame received. 00099 Retry later.
Error in access to previously referenced
00015 data.
In the case of a payment being refused by the authorization centre (CODEREPONSE 001xx),
the „ xx „ represent the code sent back by the centre. The code enables you to know the exact
reason for the rejection of the transaction.
For example, for a transaction refused for reasons of „insufficient funds‟, the CODEREPONSE
sent back will be 00151.
All the codes are detailed on page 62 of this manual.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Reply codes from the authorization centre
I – THE REPLY CODES FROM THE AUTHORIZATION CENTRE
Each time a transaction is processed by the authorization centre, the centre sends a reply code of
acceptation or refusal.
a – The bank card network, American Express and Diners :
The various reply codes generated during the processing of a bank card are not always
returned, as some are internal to the authorization centre :
signification of the reply code from the centre of signification of the reply code from the centre of
code code
authorization authorization
00 transaction approved or successfully processed. 38 too many attempts at secret code.
02 contact the card issuer. 41 lost card.
03 invalid retailer. 43 stolen card.
04 keep the card. 51 insufficient funds or over credit limit.
05 do not honour. 54 expiry date of the card passed.
07 keep the card, special conditions. 55 error in secret code.
08 approve after holder identification. 56 card absent from file.
12 invalid transaction. 57 transaction not permitted for this holder.
13 invalid amount. 58 transaction forbidden at this terminal.
14 invalid holder number. 59 suspicion of fraud.
15 card issuer unknown. 60 card accepter must contact purchaser.
17 client cancellation. 61 amount of withdrawal past the limit.
19 repeat the transaction later. 63 security regulations not respected.
20 error in reply (error in the server‟s domain). 68 reply not forthcoming or received too late.
24 file update not withstood. 75 too many attempts at secret code.
25 impossible to situate the record in the file. 76 holder already on stop, former record kept.
26 record duplicated, former record replaced. 90 temporary halt of the system.
27 error in „edit‟ in file up-date field. 91 card issuer not accessible.
28 access to file denied. 94 request duplicated.
29 file up-date impossible. 96 system malfunctioning.
30 error in format. 97 time of global surveillance has expired.
31 identifier of purchasing body unknown. 98 server inaccessible (set by the server).
33 expired card. 99 incident in the initiating domain.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
34 suspicion of fraud.
b – Cetelem/Aurore Network and Rive Gauche
code code
00 Transaction approved or successfully processed. 09 Card/ retailer non-compatible.
01 Retailer‟s number incorrect or unknown. 10 Unknown.
02 Card number incorrect 11 Cancelled.
03 Error in date of birth or secret code. 12 Incorrect currency code.
04 Card non financially viable 13 Transaction reference not recorded.
05 Problem at the CETELEM server centre. 14 Incorrect transaction amount.
06 Card unknown. 15 Terms of payment incorrect.
07 Request for reserve refused. 16 Transaction direction incorrect.
08 Card out of date. 17 Mode of payment incorrect
c – TERMINEO (prepaid cards) :
code code
00 Transaction approved or successfully processed. 50 Web site is unreferenced
20 Client non found 51 Web site is unauthorized
21 Client is unauthorized 52 Web site category is unauthorized
Client is unauthorized to request for this web
22 60 Request is not valid
site
30 SMARTCODE not found 61 Money unreferenced
31 SMARTCODE unauthorized 70 Attempt to fraud
32 The SMARTCODE computing fails 80 Server too busy
33 SMARTCODE locked 90 Authorization server may be down
40 EASYCODES not found 100 Internal error
41 Credit of the EASYCODES is insufficient 127 Unknown
Amount of transaction is too high for this
42
EASYCODES
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Charset PAYBOX
I – CHARSET PAYBOX :
The charset supported by the applications of PAYBOX SERVICES is shown below. All
characters not present in the matrix will deleted or the trame will be rejected : it will depand on
applications :
0 1 2 3 4 5 6 7 8 9 A B C D E F
0 \0 \t \n \r
1
2 ! " # $ % & ( ) * + , - . /
3 0 1 2 3 4 5 6 7 8 9 : ; < = > ?
4 @ A B C D E F G H I J K L M N O
5 P Q R S T U V W X Y Z [ \ ] ^ _
6 ` a b c d e f g h i j k l m n o
7 p q r s t u v w x y z { | } ~
8
9
A ¡ ¦ «
B » ¿
C À Á Â Ã Ä Å Æ Ç È É Ê Ë Ì Í Î Ï
D Ð Ñ Ò Ó Ô Õ Ö × Ø Ù Ú Û Ü Ý Þ ß
E à á â ã ä å æ ç è é ê ë ì í î ï
F ð ñ ò ó ô õ ö ÷ ø ù ú û ü ý þ ÿ
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Test Parameters
I – TEST PARAMETERS AND PROCEDURES :
Whatever the product used (PAYBOX SYSTEM, PAYBOX Direct, Subscription option etc.), it is
possible to carry out tests via a PAYBOX shop especially designed for this purpose.
The identifiers to parameter are the site number and the rank number :
SITE : 1999888
RANK : 99
PAYBOX IDENTIFIER: 2
It is also possible to carry out payment tests with a test bank card number :
Card number : 1111222233334444

Expiry date : 0308 (march 2008) for example.
CVV or visual cryptogram : 123
URL to use in the preproduction/tests environment are :

 PAYBOX SYSTEM :
o PBX_PAYBOX=https://preprod-tpeweb.paybox.com/cgi/MYchoix_pagepaiement.cgi
 PAYBOX Direct : https://preprod-ppps.paybox.com/PPPS.php
 Backoffice commerçant : https://preprod-admin.paybox.com
Please note :
- The PAYBOX SERVICES test shop does not make any request to an authorization centre and
does not send anything to a remote data collection centre. A simple check as to the validity of
the credit card will determine if the payment is accepted or refused.
- The authorization number returned will therefore always be "XXXXXX" if these basic checks
are correct.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
The Retailer‟s Back Office
I – THE RETAILER‟S BACK OFFICE :
All retailers who subscribe to the services of PAYBOX SYSTEM, PAYBOX Direct or Batch
Processing have access to the operating report of their virtual electronic payment terminal.
This operating report, called the „Retailer‟s Back Office‟ consists of a number of protected pages
on the web site of PAYBOX SERVICES. They allow the retailer to carry out, using various tabs,
the following operations described in the document
http://www1.paybox.com/telechargements/GUIDE_UTILISATEUR_BACK_OFFICE_COMM
ERCANT_PAYBOX.pdf
To access the Back Office, you need to connect to the URL https://admin.paybox.com or
https://admin1.paybox.com (backup).
You need to enter the login and the password that you have previously requested from the
technical department of PAYBOX SERVICES. It is advised to call the technical service of
PAYBOX SERVICES to proceed all the quarters to the change of your password of connection.
A password has to mixte of 8 characters, upper and lower letters as well as of special characters
(*! _ - $ etc.). A password does not have to be the same that the last 4 previous passwords.
You can view the Back Office of the PAYBOX SERVICES test using :
Login : 199988899
password : 1999888I (capital i)
URL : https://preprod-admin.paybox.com
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
How to subscribe to PAYBOX Services
I – HOW TO SUBSCRIBE TO PAYBOX SERVICES :
To subscribe to the Paybox service, you need to contact the Sales Department of PAYBOX
SERVICES on (00 33) (0)1.61.37.05.70 or contact us using the form displayed under the heading
„contact at the URL www.paybox.com, or send an e-mail to contact@paybox.com
You will then be sent a contract detailing the commercial aspects (installation and subscription
costs), together with a registration form to enable PAYBOX SERVICES to record the parameters
needed for the Paybox service.
Prior to this, you should contact your habitual bank to request the opening of a mail
order/distance selling contract on your normal bank account. The terms of these contracts vary
according to the bank.
Your bank will then give you a SITE number (7 figures) and a RANK number (2 or 3 figures) :
these numbers will be used for identification at PAYBOX SERVICES.
The information required on the registration form is the following :
- the name and address of the retailer,

- the name and address of the hoster or intermediary (if the business does not manage its server
directly),
- the monetic information (to be completed with the bank),
- the information relevant to the personalization of the retailer‟s site.
If you wish to accept currencies other than the Euro, you need to inform your bank when you
open your mail order /distance selling contract.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Assistance
I – ASSISTANCE :
For all information and for installation assistance, our sales and technical teams are at your
service.
Sales department :
e-mail : contact@paybox.com
telephone : (00 33) (0)1.61.37.05.70.
fax : (00 33) (0)1.61.38.16.56.
Technical department :
e-mail : support@paybox.com
telephone : (00 33) (0)4.68.85.79.90.
fax : (00 33) (0)4.68.85.79.99.
Every time you contact our services, you MUST have ready your Paybox
identifiers, which are your SITE number (7 figures), your RANK number (2
figures), and your PAYBOX identification number (1 to 9 figures).
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99
Glossary
I – GLOSSARY :
CGI :
The CGI (Common Gateway Interface) is a standard which defines the rules that enable a
computer programme to interact with a Web server.
URL :
The URL (Uniform Resource Locators) are resource addresses on the Internet. A resource can be
an http server, a file on your disc, a picture etc.
For example : http://www.maboutique.com/site/bienvenue.html
HTTP :
HTTP (HyperText Transport Protocol) is a protocol used to transfer hypertext or hypermedia
documents between a Web server and a Web customer.
SSL :
The SSL (Secure Sockets Layer) protocol enables the secured transmission of forms within the
Web and can therefore be used for on-line financial transactions which necessitate the use of a
credit card.
FTP :
The FTP (File Transfer Protocol) is a protocol of file transfers which enable the downloading of
data selected by the Internet user from one computer to another, as in the customer – server
model.
HTML :
HTML (Hyper Text Markup Language) is a tag language which enables the creation of
hypertext documents that can be displayed by the Web browser.
IP :
The IP (Internet Protocol) is the unique address of a computer connected to the World Wide
Web.
___________________________________________________________________________________________
PAYBOX SERVICES.
Tél : +33 4.68.85.79.90 - Fax : +33 4.68.85.79.99

Paybox Integration Manual in English

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Paybox Integration Manual in English

Transféré par

Droits d'auteur :

Formats disponibles

Version 4.

70 – December 10th, 2010

« Secure Payment for Online and

INSTALLATION AND PARAMETERING MANUAL

THE “PAYBOX SYSTEM” PRODUCT .................................................................................................................................. 4

The module is available for the following operating systems:

 Windows NT, 9x, 2000, XP

Porting to other operating systems is available on request.

III - INSTALLATION OF MODULEV2.CGI :

Set the execute permission, chmod 755.

- internal server error,

check all the aforementioned points.

Total amount of purchase in centimes without commas or 3 to 10

PBX_DEVISE For example: 3 numbers. mandatory >= 2.00

PAYBOX identifier, supplied by PAYBOX SERVICES at 1 to 9

Name of local file when the variable PBX_MODE is Up to 150

Text able to be displayed on the intermediary page

Delay in displaying the intermediary page. The value is in Up to 5

Name given to the button of the intermediary page Up to 50

Screen background of the intermediary page (name of Up to 150

Management mode of the intermediary page. Possible

 HTML : default value

The URL of the third backup payment server of Paybox if

Request for availability tests of at least one PAYBOX

TCP Port used to check the availability of a payment

The transaction will be only in authorization mode, i.e. it

 „O‟: Authorization alone (No remote data

 „N‟ (default): Authorization + debit.

Numeric reference of a geographic subdivision, 1 to 9

Deferments for each payment.

in order to arrange a deferment of 4 days, you need to

Total amount of the second term in centimes without

Date of the second term. Format JJ/MM/AAAA. Option

Date of the third term. Format JJ/MM/AAAA. Option for

Date of the fourth term. Format JJ/MM/AAAA. Option

The datas are separated by character # and have to

Digest provided by PAYBOX at the moment of the first 64

Expiry date not to be exceeded.

If the date of expiration of the card is lower than the limit

Only for the payment « NetReserve » : data about the

The datas are separated by character # and have to

The default settings with no parameter will display all the

Transaction currency code following the ISO 4217 norm

b – Launching using „HTML form‟ mode :

Below is an example of a form enabling the display of the payment :

<FORM ACTION = „/cgi-bin/modulev2.cgi‟ METHOD = post>

c – Launching using „local file‟ mode :

- PBX_OPT=C:\mon_site\paybox\fichier.txt (for Windows).

- PBX_OPT=/usr/mon_site/paybox/fichier.txt (for Unix).

<FORM ACTION = „/cgi-bin/modulev2.cgi‟ METHOD = post>

Contents of the local file „fichier.txt‟ :

d – Launching using „command line‟ mode :

modulev2.cgi PBX_MODE=4 PBX_SITE=1999888 PBX_RANG=99 PBX_IDENTIFIANT=2 PBX_TOTAL=1500 …

e – Launching using „environment variables‟ mode :

<FORM ACTION = „/cgi-bin/commercant.cgi‟ METHOD = post>

# inform « modulev2.cgi » that the parameters are in environment variables.

# exportation of environment variables and call to « modulev2.cgi ».

f – Launching using several modes :

V – THE RETURN URLS AND THE „URL HTTP‟

a - The 3 return urls on the trader‟s site :

b - The validation of order forms with „url http‟ :

For example if your URL called is :

Subject : PAYBOX: WARNING!!