Signio
Interchange's support for the Signio 
(Verisign Payflow "Pro") Payment Services Provider.
Synopsis
or
|
[charge route="signio" param1="value1" param2="value2"]
|
Prerequisites
- Verisign/Signio Payflow Pro, Version 2.10 or higher.
Verisign's interface requires a proprietary binary-only shared library,
so you must download the appropriate package for your platform from Verisign.
On GNU/Linux, the archive you need to download is called
"pfpro_linux.tar.gz".
It includes documentation you should consult.
Verisign software setup
Here's a brief installation guide for someone using Linux with root access:
- Copy the "payflowpro/linux/certs" directory to your website's
home directory, as specified using the Catalog
global configuration directive
This contains a single file with the client SSL certificate required
to authenticate with Verisign's HTTPS server.
- Install "payflowpro/linux/lib/libpfpro.so" somewhere on your
system that's appropriate for shared libraries,
such as /usr/lib or your Interchange installation's lib
directory.
- Build the PFProAPI.pm Perl module:
- Type:
cd payflowpro/linux/perl
- If you installed libpfpro.so somewhere other than in a
standard location for shared libraries on your system,
edit line 6 of Makefile.PL so that
"-L." instead reads "-L/path/to/libpfpro.so" (using the correct path, of course).
- Type:
perl Makefile.PL && make && make test
- As the root user, type:
make install
Using PFProAPI.pm is the best way to interact with Payflow "Pro".
However, if you can't get it to work for whatever reason,
you may also use either of two small wrapper binaries, pfpro
or pfpro-file, designed to be called from the shell.
Interchange must fork and execute the binary,
then retrieve the Verisign response from a temporary file.
This module will automatically fall back to using one of the binary
wrappers if it can't find the PFProAPI.pm Perl module when
Interchange starts.
Description
The Vend::Payment::Signio module implements the
signio() subroutine for use with Interchange.
It is compatible on a call level with the other Interchange payment modules.
In theory (and even usually in practise) you could switch from another payment
module to Signio with a few configuration file changes.
To enable this module, place this directive in your "interchange.cfg" file:
|
Require module Vend::Payment::Signio
|
This must be in interchange.cfg or a file included from it.
Make sure CreditCardAuto is off, which is the default in
the Standard ecommerce demo.
The "mode" can be named anything, but the "gateway" parameter
must be set to "signio".
To make it the default payment gateway for all credit card transactions in a
specific website, you can set the following in catalog.cfg:
|
Variable MV_PAYMENT_MODE signio
|
It uses several of the standard settings from Interchange payment.
Any time we speak of a setting, it is obtained either first from the tag/call
options, then from an Interchange order Route named after
the mode, then finally a default global payment Variable.
For example, the id parameter would be specified by:
|
[charge route=signio id=YourPayFlowProID]
|
or
|
Route signio id YourPayFlowProID
|
or
|
Variable MV_PAYMENT_ID YourPayFlowProID
|
Settings
| Name
|
Description
|
| id
|
Your account ID, supplied by Verisign when you sign up.
The variable is MV_PAYMENT_ID. |
| secret
|
Your account password, selected by you supplied by Verisign when you
sign up.
The variable is MV_PAYMENT_SECRET. |
| partner
|
Your account partner, selected by you or provided by Verisign
when you sign up.
The variable is MV_PAYMENT_PARTNER. |
| vendor
|
Your account vendor, selected by you or provided by Verisign
when you sign up.
The variable is MV_PAYMENT_VENDOR. |
| transaction
|
The type of transaction to be run.
Valid values are:
| Interchange
|
Payflow "Pro"
|
| auth
|
A
|
| sale
|
S
|
| credit
|
C
|
| settle
|
D (from previous "A" transaction)
|
| void
|
V
|
|
| remap
|
This remaps the form variable names to the ones needed by Signio. |
| host
|
The payment gateway host to use.
The defaults are "payflow.verisign.com",
or "test-payflow.verisign.com" when in test mode. |
| check_sub
|
The name of a Sub or GlobalSub
to be called after the result hash has been received from Verisign.
A reference to the modifiable result hash is passed into the subroutine.
It should return true (in the Perl truth sense)
if its checks were successful, or false if not.
This can come in handy since, strangely, Verisign has no option to decline
a charge when AVS or CSC data come back negative.
See Verisign knowledge base articles vs2365, vs7779, vs12717 and vs22810
for more information.
If you want to fail based on a bad AVS check, make sure you're only
doing an "auth" (not a "sale"),
or your customers would get charged on orders that fail the AVS check
and never get logged in your system.
You can register the check_sub callback subroutine like this:
|
Route signio check_sub avs_check
|
This is a matching sample subroutine you could put into
your interchange.cfg file:
GlobalSub <<EOS
sub avs_check {
my $result = shift;
my ($addr, $zip) = @{$result}{qw(AVSADDR AVSZIP)};
return 1 if $addr eq 'Y' or $zip eq 'Y';
return 1 if $addr eq 'X' and $zip eq 'X';
return 1 if $addr !~ /\S/ and $zip !~ /\S/;
$result->{RESULT} = 112;
$result->{RESPMSG} = "The billing address you entered does not match the cardholder's billing address";
return 0;
}
EOS
|
That would work equally well as a Sub in your
catalog.cfg file.
It will succeed if either the address or zip is
"Y", or if both are unknown.
If it fails, then it will set the result code and error message in the
result hash using Verisign's own (otherwise unused) 112 result
code, meaning "Failed AVS check".
You can use this subroutine to do any other post-processing you need.
|
Troubleshooting
Try the instructions above, then enable test mode.
A test order should complete.
Then move to live mode and try a sale with credit card number
"4111 1111 1111 1111" and a valid expiration date.
The sale should be denied, and the reason should appear in
[data session payment_error].
If nothing works:
Make sure you Required the module in
interchange.cfg:
|
Require module Vend::Payment::Signio
|
Make sure that the Verisign libpfpro.so shared library was available
to PFProAPI.xs when you built and installed the PFProAPI.pm
module, and that you haven't moved libpfpro.so since then.
If you're not using the PFProAPI Perl interface,
then make sure that the Verisign pfpro or pfpro-file
executable is available either in your ${PATH},
or in /path/to/interchange/lib.
- Check the local and global error log files.
- Make sure you set your payment parameters properly, including the account "id" and "secret".
Try an order, then put this code in a page:
<pre>
[calcn]
my $string = $Tag->uneval({ ref => $Session->{payment_result} });
$string =~ s/{/{\n/;
$string =~ s/,/,\n/g;
return $string;
[/calcn]
</pre>
|
That should show what happened.
- If all else fails, consultants are available to help with integration for a fee.
Security considerations
Because this library may call an executable,
you should ensure that no untrusted users have write permission on any
of the system directories or Interchange software directories.
Notes
There is actually nothing in Vend::Payment::Signio;
This module changes its package name to Vend::Payment and
places things there.
Authors
