e-commerce

Worldline checkout is the most integrated online payments platform in Greece. It allows you to connect your e-Commerce store with the bank of your choice and receive online payments. Choose between a variety of possibilities we offer you to serve your clients in the best possible way.

VPOS (virtual POS) is a management tool and a channel for displaying and managing transactions of the Worldline e-commerce service. Through the app, you can monitor and manage the transactions of your company and produce reports by using a great variety of search criteria.

Once informed by the bank regarding your partnership with it, you will receive an email with instructions on how to develop the necessary code to connect your website with the payments page of the bank. You will also receive code samples in php, jsp, asp. The code should be developed by your side.

Worldline provides the ability to configure the payment page in your business environment, using i-Frame, so your customer feels that they do not leave your website. That way, your company avoids any contact with card data while providing an excellent experience to the payer.

One Click payment is a payment solution that enables your customers to make online purchases with just a click, while the necessary payment information for completing the purchase has already been entered by the user. Instead of entering the payment and delivery information manually, with One Click payment the customer can use a default address and card number for a purchase.

No action is required for the Worldline checkout since the platform does not perform any control on the domain level. Payments can continue to be carried out.
confirmUrl and CancelUrl should be defined by your side via the request you send to the Bank’s payment page.
You should, however, inform the responsible section οf the partnered Bank for the SSL installation.

• If your interface uses the Redirection method, you can find useful instructions for calculating the digest at the following link.
• For direct interface and more specifically for the XML VPOS request, you can find relevant instructions for calculating the digest at the following link.

In order to test the environment and complete the technical interconnection of the e-shop or app with Worldline e-Commerce, you can visit our Sandbox here and follow the steps below:

1. Register.
2. Choose the API you want and perform the necessary tests.
3. With a simple click you inform us that you have completed the trial and you are ready for the productive payment environment.

The Paying Services Directive 2 (PSD2) is a fundamental legislation regarding payments in Europe that went into effect in January 2016. PSD2 is an important evolution in the current regulation for the payment sector. PSD2 aims to increase competition in the already competitive payment industry, implement new types of payment services, reinforce costumer protection and security and expand the directive’s scope.

Strong Customer Authentication (SCA) is part of a European initiative to reduce fraud in online transactions. The implementation of SCA ensures a secure second step authentication done by the payers when the payment is being actualized.

To learn what type of interface you have, please contact your technical support team or send us an e-mail at ecommerce_support@cardlink.gr

In the framework of 3D Secure 2, merchants are strongly advised to collect and share transaction information with issuing Banks, in order to increase the chance of “frictionless flow” and to reduce the percentage of cart abandonment. If you connect using the Redirect method, there are additional parameters that you need to send so that consumers can enjoy the optimal user experience. Learn more about the additional information in the below question.

If you connect using the Redirection method, it is advised to collect and send information about your customers’ billing addresses (that is, send values for the variables billCountry, billZip, billCity and billAddress) along with the transaction request to the platform.

From the administrative Back Office Tool, select “View and Manage VPOS Transactions” and then select the criteria to see your latest transactions. Next, select a transaction and click the corresponding link to open the VPOS Transaction details window where you can view detailed info about the transaction. Check if there are any values in the following fields:

If these fields already contain values, no further action is required from you since Cardlink will take any necessary actions to ensure that you adopt the new protocol.

If these fields do not contain any values, please ask your technical support team to make the necessary changes to your system, so it can receive this information during check-out and send it to Worldline e-Commerce. We recommend testing some transactions in the administrative testing environment.

In the initial technical specifications you received while connecting to the platform, the above variables are mentioned as optional. You must verify that you are sending them successfully by trying at least one complete transaction (Capture) with a test card. Please see the next 2 questions below.

In this case, you must confirm with the plugin provider that the plugin is compatible with the 3D Secure 2 specifications.

If you don’t make any changes to your system, you risk having declined transactions.

In the application request that you send to the Merchant Plugin (MPI) for 3DS Authentication, you must also send the additional variables which are mentioned in the MPI technical manual as mandatory. Furthermore, in order to support 3D Secure 2, you must upgrade the MPI version that you use to version 4 (if this hasn’t already been done).

One of the main changes in MPI v4 is the use of a “signature” instead of the Digest that was used until now.

The signature is an additional tool for safeguarding transactions. It is calculated as follows:

Signature = base64(RSA with SHA2-256 (utf8bytes(value1;value2;…;value n;) ) ).

You need to issue a self-signed certificate (RSA Keypair SHA2-256) that will include private and public certificates. You can create a self-signed certificate using a Java key tool or open ssl.

You must then share via email the public certificate to Cardlink (ecommerce_support@cardlink.gr) in order to validate the messages.

To learn more, please refer to the technical manual.

The necessary additions to the XML API channel are in the Program Protocol and Directory Server Transaction ID fields. To learn more, please refer to the technical manual for Authorization or contact us at ecommerce_support@cardlink.gr .

During the authentication process and as long as challenge flow is followed, the business must display the relevant certification page (3D page) to the customer. It is advised to display the page in an i-Frame to provide an optimal user experience to the consumer.

Merchants are required to support both EMV 3DS (3D Secure 2) and 3DS v1, in order to avoid declined transactions in case a card issuer does not support EMV 3DS.