Académique Documents
Professionnel Documents
Culture Documents
INTEGRATION GUIDE
Copyright Information
The information contained herein is the confidential and proprietary property of CRE Secure Payments,
LLC. and may not be used, distributed, modified, disclosed, or reproduced without the express written
permission of CRE Secure Payments, LLC.
TABLE OF CONTENTS
About This Document ......................................................................................................... 1
Purpose of this Document ................................................................................................................ 1
Intended Audiences ......................................................................................................................... 1
Document Conventions .................................................................................................................... 1
Additional Resources .......................................................................................................... 2
Merchant Guides.............................................................................................................................. 2
Developer Support ........................................................................................................................... 2
Introduction ........................................................................................................................ 3
How It Works ...................................................................................................................... 4
Step-by-step of How CRE Secure HPP Works with HTML Clone Technology .................................. 4
Payment Request Form: Posting to the Hosted Payment Page............................................. 5
Merchant Payment Template Page...................................................................................... 8
Transaction Success Response Page ............................................................................... 12
Live Demos of CRE Secure HPP....................................................................................... 13
Sample of the CRE Secure HPP payment form HTML ....................................................... 13
Sample Merchant HTML Code for Payment Request Form ................................................ 16
Sandbox and Testing Environment .................................................................................... 18
Test Credit Card Numbers ................................................................................................ 19
LIST OF FIGURES
Figure 1: Unstyled Payment Form............................................................................................................ 9
Figure 2: Styled Payment Form Example ................................................................................................. 9
Figure 3: Before: Sample merchant payment template page as retrieved by CRE Secure HPP server.... 10
Figure 4: After: Sample CRE Secure HPP incorporating the merchant payment template page presented
to the customer...................................................................................................................................... 11
LIST OF TABLES
Table 1: Style Conventions Used in This Document ................................................................................. 1
Table 2: Transaction Response Data ..................................................................................................... 12
Table 3: Sample payment template pages ............................................................................................. 13
Table 4: Testing Sandbox Credentials ................................................................................................... 18
Table 5: Test Credit Card Numbers........................................................................................................ 19
Intended Audiences
This guide is for developers who want to implement CRE Secure Hosted Payment Page in order to
integrate hosted payment services with their applications.
Document Conventions
This guide uses the style conventions listed below:
CONVENTION DESCRIPTION
Notes and related resources are presented in Arial 9pt type and are
Note:
emphasized with a border above and below.
Cautionary notes are designated with a Caution icon that alerts you to
Important! circumstances in which a given action may have potentially serious
functional implications.
Additional Resources
The following resources provide additional information that can be referenced as supplemental material to
this guide.
Merchant Guides
Along with this custom integration guide, CRE Secure Payments, LLC provides a PCI Compliance
Implementation Guide for merchants. The Implementation Guide is an overview of all the PCI Compliance
paperwork and references needed to satisfy the PCI Compliance burden for a merchant.
Developer Support
Download Center
Access resources to support your integration from the CRE Secure Download Center by visiting
http://www.cresecure.com/pages.php?CDpath=5_8
Support
Email support@cresecure.com
www.cresecure.com
Introduction
The CRE Secure Hosted Payment Page (HPP) protects your customers credit card information and using
Patent Pending HTML Clone™ technology maintains the quality of the customer experience.
http://usa.visa.com/download/merchants/cisp-list-of-pcidss-compliant-service-providers.pdf
This document outlines the requirements necessary to connect your merchant site to our CRE Secure
HPP service.
There are three essential elements to the integration of your merchant site to CRE Secure:
Note: Merchants can get their CRE Secure account as well as assistance obtaining a merchant services
account and a gateway if they do not already have one at www.cresecure.com.
2. The merchant site must use HTML to generate distinct web pages
3. The merchant site must have an SSL certificate installed (private or shared) in order to post to
our service and to have your images and CSS incorporated into our HPP.
How It Works
Step-by-step of How CRE Secure HPP works with HTML Clone technology
A. A customer begins to
create their order on your
site as normal.
E. The card holder data and payment transaction is processed in our highly secure PCI Compliant data
center and connects directly with the payment gateway and banking payment networks.
F. Once the payment transaction is complete the customer is connected directly back to your shopping
cart application to your Transaction Success Response page, where the order status is updated.
https://safe.cresecure.net/securepayments/a1/cc_collection.php
https://safe.sandbox-cresecure.net/securepayments/a1/cc_collection.php
See Development Sandbox Appendix for test credentials and test credit card numbers.
Example HTML code that posts to the HTML CLONE server is provided in the section Sample HTML
Code below.
Important! Your website must be using SSL. Posting to the HTML CLONE from a non SSL URL will
result in an 404 error because we only accept secure connections to our HPP servers.
CRESecureID Required Provided by CRE Unique Account Number for CRE Secure Service
Secure
CRESecureAPIToken Required Provided by CRE API Token as part of the authentication chain
Secure
total_amt Required Numeric, Decimal The amount to authorize or capture in the transaction
2 places
return_url Required https url The url on the merchant site where they can process the
payment success action
content_template_url Required https url The url where the merchant template resides, must be
https accessible
total_weight Optional If no value sent, The total weight of the order - determines if Physical or
default = 0 Digital goods
currency_code Optional Must be valid ISO The 3 letter ISO currency of the transaction
currency code,
default = USD
lang Optional Text values that The language of the text displayed on the payment page
matches known
supported
languages default
= English
customer_address Optional Minimum 1 chars The street number and name of the billing address
(Required for AVS by most gateways)
customer_email Optional Must be valid Customer email for the billing address
email format
customer_phone Optional Numeric minimum Phone number for the billing address
10 chars
customer_postal_code Optional Minimum 5 chars Zip code or Postal Code of the billing address
(Required for AVS by most gateways)
delivery_address Optional Minimum 1 chars The street number and name of the delivery address
delivery_email Optional Must be valid Ship-To email for the delivery address
email format
delivery_phone Optional Numeric minimum Phone number for the delivery address
10 chars
delivery_postal_code Optional Minimum 5 chars Zip code or Postal Code of the delivery address
allowed_types Optional Text separated by The card types to display on the payment form. Example:
PIPE delimiter Visa|MasterCard|American Express
sess_id Optional Minimum 8 char The unique session identifier for the customer user on
the merchant site
sess_name Optional Optional – if no The session name for the customer user on the merchant
value sent, default site.
= osCsid
The url for this page on your merchant site is passed to us in the content_template_url post variable
1. Create a page in your application, either by creating a new physical page or using your
applications built-in page manager.
2. Specify the Page Title and any text you want to appear above and/or below the payment form.
3. Place [[FORM INSERT]] where ever you want the credit card form to appear on the page.
4. The url of the payment template page can be any url in your site.
5. The url for the payment template page must be accessible over HTTPS protocol
6. The url for the payment template page must be directly browseble
7. The payment template page must have the BASE tag with the URL of your HTTPS domain or use
absolute urls for CSS and image SCR values
8. The css and images must be accessible via your HTTPS domain
9. The payment template page must allow for the user session to be set via the URL
10. The payment template page should render using your application template logic and
preferences
11. The HTML Clone will sanitize the HTML output from your payment template page and remove
the following tags:
a. <script> and <iframe>
Make sure your payment template page renders correctly without these tags present.
b. The CRE Secure payment form utilizes the following classes, id’s and tags to style the
payment form located on the Hosted Payment Page.
i. H2 (form title)
ii. table
iii. tr
iv. td.main
v. span.main
vi. input
vii. select
viii. #submit
c. Refer to the next page for an example of the payment form styled using CSS.
Figure 3: Before: Sample merchant payment template page as retrieved by CRE Secure HPP server
Figure 4: After: Sample CRE Secure HPP incorporating the merchant payment template page presented to the
customer
https://mydomain.com/return.aspx?order_id=6&code=000&msg=Success&error=&mPAN=XXXX
XXXXXXXX3801&name=Salvatore%20F%20Iozzia&type=Visa&exp=1012&ApprovalCode=0123
45&TxnGUID=1234567890&ProcTxnID=ABCDEFG&osCsid=ddc2e76644e8dde7308d42606f7f7
e74
Data Returned:
Note: You do not need to worry about failed transactions. The HPP only responds to your merchant system
when a payment is successfully made. In the event of a failed payment the customer is shown the payment
page again with an error message. The customer retries or leaves the page. The customer either cancels
by clicking ‘Cancel’ or by clicking any link in your template HTML.
EXAMPLE URL
Note: You do not need to generate this HTML, CRE Secure will generate this as part of our HPP, it is
provided here as a reference only.
window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=n
o,menubar=no,scrollbars=no,resizable=no,copyhistory=no,width=600,height=233,s
creenX=150,screenY=150,top=150,left=150')
}
//--></script>
<form id="form1" name="form1" method="post"
action="https://yourdomain.cresecure.net/securepayments/a1/cc_collection.php?
sid=XXXXXXXXXXXX&action=process">
<table width="100%" border="0">
<tr>
<td height="50" valign="bottom" colspan="2" class="main">
<h2>Pay With Credit Card</h2>
</td>
</tr>
<tr>
<td class="main" width="148" height="31">
<select name="cresecure_cc_expires_year">
<option value="09">2009</option>
<option value="10">2010</option>
<option value="11">2011</option>
<option value="12">2012</option>
<option value="13">2013</option>
<option value="14">2014</option>
<option value="15">2015</option>
<option value="16">2016</option>
<option value="17">2017</option>
<option value="18">2018</option>
</select>
</span>
</td>
</tr>
<tr>
<td class="main" height="32">
<nobr>
<span class="main">CVC number
<a
href="javascript:CVVPopUpWindow('https://pay.cresecure.net/securepayments/a1/
cvv.php')"><u><i>(What is it?)</i></u></a>
</span>
</nobr>
</td>
<td class="main">
<span class="main">
<input name="cv_data" type="text" id="cv_data" size="5"
autocomplete="off">
</span>
</td>
</tr>
<tr>
<td class="main" height="83">
<span class="main"></span>
</td>
<td class="main">
<div align="center"><span class="main">
<a
href="https://creloaded.cresecure.net/securepayments/a1/cc_collection.php?sid
=0cl90urkgn7ts0j3g26dauf410&action=cancel&order_id=92">Cancel</a>
<input type="submit" name="submit" id="submit" value="Submit">
</span></div>
</td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</label>
</p>
<p>
<label>Order ID:
<input type="text" name="order_id" value="336" />
</label>
</p>
<!-- Currency -->
<input type="hidden" name="currency_code" value="USD" />
<!-- Language -->
<input type="hidden" name="lang" value="english" />
<!-- content template url -->
<input type="hidden" name="content_template_url"
value="https://mydomain.com/content_template.aspx" />
<!-- return url -->
<input type="hidden" name="return_url"
value="https://mydomain.com/return.aspx" />
<p>
<label>
<input type="submit" name="submit" value="Submit" />
</label>
</p>
</form>
Note: We limit transactions to known test card numbers. Any transaction that is using a real card will be
ignored by our system and treated an error at the payment page.
Post the form data to the sandbox server at the following url:
https://sandbox-cresecure.net/securepayments/a1/cc_collection.php
Credentials are provided that are connected to each gateway. Different gateways provide different
response that are passed back to your merchant system. Also different gateways respond differently to
specific conditions such as AVS data and Ip address requirement. So pick the gateway credentials that
match to the gateway you will be using when you go live.
CRESecureID cre78640391SB
CRESecureAPIToken 9671b7e350e1effac5ea9195ad4a528d
SANDBOX C REDENTIALS C HASE ORBITAL TAMPA
CRESecureID cre84453315SB
CRESecureAPIToken d9703b3578b7d1dbab5b0dbe61aac106
SANDBOX C REDENTIALS C HASE ORBITAL SALEM
CRESecureID cre515053984SB
CRESecureAPIToken 2439e7307b40ccc4212ddb3abc3d1a0a
Visa 4111111111111111
MasterCard 5454545454545454
Amex 371449635398456
Discover 6011000995504101
TEST CARD N UMBERS AUTHORIZE. NET
MasterCard 5424000000000015
Amex 370000000000002
Discover 6011000000000012
JCB 3088000000000017
Note: Transactions with amounts that do not end with .00 will be declined on the development HTML
CLONE. This is the expected behavior to allow for negative-path testing.