Introduction
Bluefin’s self-service payment solutions offer a blend of modern technology, robust security, and flexibility. Our Payments Platform-as-a-Service (PaaS) provides a comprehensive, omnichannel processing system that integrates with various devices, ensuring an efficient payment experience.
Our ecosystem is a secure and reliable platform that supports diverse business needs with multi-routing capabilities and L3 certification. With deployments across numerous retail sites, our solutions ensure all data communications remain secure within the platform. The PCI P2PE certification enhances data protection and reduces PCI compliance scope, safeguarding sensitive customer information.
Our Android and Linux-driven terminals are designed for durability and resilience to protect your investment. The Android platform's app store enables seamless integration with various business applications, ensuring your payment systems remain innovative and efficient. With Bluefin’s solutions, businesses can navigate the complexities of modern payments with confidence.
Benefits:
- Our self-service payment solutions streamline transactions, enhancing customer convenience and operational efficiency.
- Our Payments Platform-as-a-Service (PaaS) offers flexible omnichannel processing with extensive Acquirer connections and various modern devices.
- Android and Linux-driven terminals offer robust solutions to protect your investment and ensure durability.
- Hundreds of self-service device deployments demonstrate our ecosystem's effectiveness in diverse settings.
- Devices within the TECS ecosystem only communicate internally, ensuring data security with PCI P2PE certification, reducing PCI scope.
Features:
- Seamless Payment Flow: The integration process enables smooth redirection from your eCommerce platform to the TECS Web interface, allowing customers to enter payment details securely.
- Robust Security Measures: Each merchant is provided with a unique encryption key for creating secure hash signatures, safeguarding data from unauthorized access.
- Advanced Transaction Tracking: The Management Portal (PAM) and REST API enable effective tracking of transactions, handling unsuccessful requests, and initiating cancellations as needed.
- Flexible Integration Interfaces: Bluefin TECS Payment Solutions offers web service interfaces for checking transaction status and managing transactions, enhancing operational efficiency.
- Support for Multiple SDKs: Our platform supports server-side SDKs for many enterprise language platforms (such as Java), with manual hash calculation available for other programming languages.
- 3D Secure Transactions: The TECS Web interface supports 3D Secure authentication, enhancing transaction security through controlled and repeatable testing with the MPI simulator.
- Zero Amount Transactions: Our system supports zero amount transactions for verifying payment methods and setting up recurring payments, ensuring account validity and authorization.
- Pre-Authorization and Completion: The platform handles pre-authorized transactions awaiting completion, providing a dedicated flow for pending transactions that require finalization.
- Card Reference/Token can be retrieved and used for recurring payments
- Card Holder Identification (CHI): The TECS Web automatically generates and returns a Card Holder Identification for future payments, streamlining the checkout process for returning customers.
Scope of this Documentation
This documentation serves as a detailed technical guide for integrating an eCommerce platform with the Bluefin TECS Payment Solutions. It outlines the procedures, prerequisites, and best practices necessary to facilitate secure and efficient card transactions using the TECS Web interface.
Functional Overview
The integration process encompasses the following key steps:
- The customer completes shopping and proceeds to checkout payment.
- The eCommerce platform redirects the customer flow to the TECS Web interface.
- The customer enters payment (card) details on the TECS Web platform.
- TECS validates the payment data and forwards the transaction to the appropriate acquirer.
- TECS receives approval or rejection from the acquirer.
- The customer flow is redirected back to the eCommerce platform, which displays the transaction response.
- Optionally, the platform can use a notification module to check transaction status and prevent double charges. For more details, we recommend checking out One-way Push Notification Interface.
Technical Overview
- URL Creation: the URL for customer redirection is constructed with mandatory elements, ensuring data integrity using a HMAC hash.
- Return Page: after processing, the flow returns to the eCommerce platform return page with transaction details.
- Security Measures: each merchant receives a unique encryption key for signature hash creation, ensuring data security and preventing unauthorized access.
- Transaction Tracking: the Management Portal (PAM) powered by the REST API tracks initiated transactions, handles unsuccessful requests or missing responses, and initiates cancellation requests when needed.
- Integration Interface: Bluefin TECS Payment Solutions provides web service interfaces for the platform to check pending request status and manage transactions effectively.
- REST API: make direct HTTP requests to check the status of transactions, cancel transactions, perform preauthorization and more. Essentially, this REST API is a way to communicate with the payment portal or gateway.
The QuickStart Guide section gives you a technical overview with easy-to-follow steps and code snippets, which are expanded upon in the References.
We recommend that you embed the TECS Web page within the eCommerce platform interface to enhance security and user interaction during payment processing.
Bluefin TECS Web supports server-side SDKs in PHP
, Java
, and C#
. If Bluefin TECS Web doesn't support an SDK for the programming language you are using, have a quick read of the Getting Started documentation, then proceed to Manual Hash Calculation and 3D Secure Transaction in the Example Use Cases.
Use Cases
For all the use cases in action, please check out Example Use Cases.
3D Secure Transaction
In the TECS Web test environment, 3D secure transactions can be conducted using the MPI simulator. However, prior to testing with the MPI simulator, you need to establish an agreement with Bluefin EU that includes respective timeslots. This step is crucial because the MPI simulator is shared between multiple customers during integration, which ensures organized and efficient testing processes.
Using an MPI simulator like the one provided by Bluefin EU enables controlled and repeatable testing, which is crucial for ensuring the reliability and security of 3D secure transactions in a test environment.
-
Customer completes shopping and selects checkout with the transaction data.
-
The webshop redirects the application flow to TECS Web
-
TECS Web communicates with MPI
-
MPI calls the directory server to verify if the cardholder and the card are registered in the 3DS Protocol. The 3DS page asks the customer to authenticate themselves.
-
The result of 3DS authentication along with transaction details is then sent to TECS Web and, next, Tecs Engine
-
The payment gateway handles the transaction as the main part of the payment processing flow whereas the Merchant Services REST API can be used by the webshop to get the transaction status. Practically, it can also be used as a part of the 3DS (MPI) flow or for recurring payments.
-
TECS receives an approval or rejection from the acquirers and the issuers.
-
The application flow is redirected to the webshop, where the response is displayed to the customer.
3D Secure Transaction with Zero Amount
- This use case follows the same workflow that of 3D Secure Transaction with the REST API removed as there is no need for recurring payments. Here, we demonstrate receiving the response from the zero amount transaction so that the card reference can later be reused - reusing the card reference for recurring payments is explained in the very next use case.
3D Secure Transaction, Storing Payment Card on Client Side, COF/MIT/CIT
- For the first iteration of this process, a zero amount transaction has to be initialized by the customer, which is, then, processed in accordance with the 3D Secure Transaction flow.
- After the zero amount transaction is successfully processed, the web shop or the merchant's server utilizes the REST API provided by TECS Web to initiate recurring payments by reusing the card reference received from the zero amount transaction.
- The REST API communicates with TECS Engine to schedule and process recurring payments based on the payment method set up during the zero amount transaction.
- TECS receives an approval or rejection from the acquirers and the issuers.
- The application flow is redirected to the webshop, where the response is displayed to the customer.
3D Secure Transaction and Recurring Transaction with Card Reference (payment token)
- The workflow of this use case is the same as the previous one except for the fact that, instead of a zero amount transaction, a typical transaction is processed. The card reference is re-used in the same way for recurring payments.
3D Secure Transaction PRE-AUTH with Completion
First, we make and process a PRE-AUTH transaction that follows the work flow depicted in the 3D Secure Transaction diagram.
Then, we can complete the payment via the Merchant Services REST API as shown in the following diagram:
- The completion ( capture ) request can either be sent by the webshop (the customer) or the back office (the merchant) via REST API
- The REST API forwards the payment transaction to the Tecsengine (payment gateway) for processing
- TECS receives an approval or rejection from the acquirers and the issuers.
- The application flow is redirected back to the source (webshop/back office)
3D Secure Transaction and Storing Payment Card Reference in TECS Web
Since this another 3DS Transaction, this work flow is detailed out in 3D Secure Transaction. In brief, this is what this process can be divided into:
- Webshop integration
- The webshop interacts with TECS Web in cases where the customer checks out the payment with
Add card to account
checked for generating a CHI for the first time.
- The webshop interacts with TECS Web in cases where the customer checks out the payment with
- During the transaction flow, TECS Web automatically generates the card holder identification (CHI), which is returned in response to the customer once the application flow is complete.
- TECS receives an approval or rejection from the acquirers and the issuers.
- The application flow is redirected to the webshop, where the response is displayed to the customer.
- Reusing CHI
- The webshop can then store this CHI for future payments, removing the need for TECS Web to generate it repeatedly.
Updated 6 months ago
We recommend checking out the Quickstart Guide in the Getting Started page before moving on to the Example Use Case.