Direct Payment Protocol Specification

October 2005 Version 1.1 This manual and accompanying electronic media are proprietary products of Optimal Payments Inc. They are to be used only by licensed users of the product. © 1999–2006 Optimal Payments Inc. All rights reserved. The information within this document is subject to change without notice. The software described in this document is provided under a license agreement, and may be used or copied only in accor- dance with this agreement. No part of this manual may be reproduced or transferred in any form or by any means without the express written consent of Optimal Payments Inc. FirePay and FireCash are registered trademarks of Optimal Payments Inc. All other names, trademarks, and registered trademarks are the property of their respective owners. Optimal Payments Inc. makes no warranty, either express or implied, with respect to this product, its merchantability or fitness for a particular purpose, other than as expressly provided in the license agreement of this product. For further information, please contact Optimal Payments Inc. International Head Office Optimal Payments Inc. 2 Place Alexis Nihon, Suite 700 Westmount, Quebec H3Z 3C1 Canada Tel.: (514) 380-2700 Fax: (514) 380-2760 Email: [email protected] Technical support: [email protected] Web: www.optimalpayments.com U.K. Office Optimal Payments Ltd. Quern House, Mill Court Hinton Way, Great Shelford Cambridge CB2 5LD United Kingdom Email: [email protected] Technical Support: [email protected] Web: www.optimalpayments.co.uk U.S. Office Optimal Payments Corp. 1800 West Loop South, #770 Houston, TX 77027 Hull Office Optimal Payments Inc. 75 Promenade du Portage Gatineau, Quebec J8X 2J9 Canada Contents

1Transaction Requests

The Optimal Payments account model ...... 1-1 Building transaction requests ...... 1-2 Decoding responses ...... 1-3 Example scenario ...... 1-4 Definitions and conventions ...... 1-5 Using this guide ...... 1-7 Audience ...... 1-7 Functionality ...... 1-7 Symbols ...... 1-8 Merchant transactions...... 1-8 Security features ...... 1-9 AVS ...... 1-9 CVD ...... 1-11 Negative database ...... 1-11 Purchase ...... 1-12 Purchase message format ...... 1-12 Purchase successful response ...... 1-20 Purchase error response ...... 1-22 AVS Check ...... 1-24 AVS Check message format ...... 1-24 AVS Check successful response ...... 1-26 AVS Check error response ...... 1-27 Risk Only ...... 1-29 Risk Only message format ...... 1-29 Risk Only successful response...... 1-32 Risk Only error response ...... 1-33 Authorization ...... 1-33 Authorization message format ...... 1-34 Authorization successful response...... 1-41 Authorization error response ...... 1-43 Settlement ...... 1-45 Settlement message format...... 1-46 Settlement successful response...... 1-48 Settlement error response ...... 1-49

Direct Payment Protocol Specification 1.1 III October 2005

Cancel Settlement ...... 1-50 Cancel Settlement message format ...... 1-50 Cancel Settlement successful response ...... 1-52 Cancel Settlement error response...... 1-52 Credit ...... 1-53 Credit message format ...... 1-54 Credit successful response ...... 1-56 Credit error response ...... 1-57 Cancel Credit ...... 1-58 Cancel Credit message format ...... 1-58 Cancel Credit successful response ...... 1-60 Cancel Credit error response ...... 1-60 Transaction recovery ...... 1-61 Transaction Lookup ...... 1-62 Transaction Lookup message format...... 1-62 Transaction Lookup successful response ...... 1-65 Transaction Lookup error response...... 1-65 Query ...... 1-66 Query message format ...... 1-67 Query successful response ...... 1-68 Query error response ...... 1-71

A Error Return Codes

Error message types ...... A-1 Payment service error messages ...... A-1 Action codes ...... A-2 Error codes and strings ...... A-2 Suberror codes and strings ...... A-12 Unmapped suberror codes and strings ...... A-15

B Geographical Codes

Province codes ...... B-1 State codes...... B-2 Country codes ...... B-3

IV October 2005

C Merchant SIC Codes

D Product Codes

Index

Direct Payment Protocol Specification 1.1 V October 2005

VI CHAPTER 1

Transaction Requests

The Optimal Payments account model Optimal Payments merchants are assigned one or more accounts upon registration. Each account may process transactions for one currency only. These accounts have an account number of up to eight digits, an account transaction processing ID, and a password, provided upon registration, which must be included in all transaction processing requests. These three identifiers link each transaction to the account.

Direct Payment Protocol Specification 1.1 1-1 Transaction Requests October 2005

Building transaction requests All transaction requests are submitted to the Optimal Payments transaction-processing engine as URL-encoded data. The request message is built as follows: 1. Each field is created as a name=value pair. For example: “account=400021”. 2. All non-alphanumeric characters in the name and value components are replaced by “%” followed by the hex value associated with the character. For example, all spaces are replaced with “%20”. Thus “Thanks for the help!” would be modified to “Thanks%20for%20the%20help%21”. 3. The fields are concatenated together into a single string, with each field separated by the “&” character. For example: account=40021&amount=1000&operation=A&cardNumber=405025900504 0&cardExp=12%2f99&cardType=VI 4. Determine the length of the string. Build the message as the following header concatenated with a blank line and the string containing the fields. The value URL_FOR_Direct_Payment should be replaced by the URL provided to you when you registered with the service, and length should be replaced by the length you calculated in step 4 above. POST URL_FOR_Direct_Payment Content-type: application/x-www-form-urlencoded Content-length: length Upon testing, if the URL provided to you during registration were https://realtime.test.firepay.com an example of the complete message would be: POST /realtime.test.firepay.com HTTP/1.0 Content-type: application/x-www-form-urlencoded Content-length: 91 account=40021&amount=1000&operation=A&cardNumber=405025900504 0&cardExp=12%2f99&cardType=VI To submit this request, the merchant application then opens an SSL protected socket connection to Optimal Payments’ transaction-processing engine and sends the request data.

1-2 October 2005 Decoding responses

Any tool that creates and submits a standard HTTP Post using SSL could be employed. One example is the Microsoft URL Control, which allows you to set the data to be posted and then to do a secure POST of that data.

Decoding responses The response to a request is returned as an HTTP header, a blank line and then a string containing a number of name=value pairs. The string is URL encoded so that all non-alphanumeric characters in the name or value components are replaced by “%” followed by the ASCII code in hex for that character. For example, “!” is replaced with “%21”. Spaces may also be replaced by the “+” character. In order to extract the fields from the response, the following steps should be followed: 1. Split the string after the blank line into name=value pairs at each “&” separator. 2. Split the name=value pairs into their name and value components based on the “=” separator. 3. Replace all “+” characters in the name and value components with a space character. 4. Replace all %XX occurrences in the name and value components with the ASCII character represented by the hex value XX. An example of a response message would be: HTTP/1.1 200 OK Server: Netscape-Enterprise/3.5.1 Date: Mon, 27 Nov 2000 15:58:03 GMT Content-type: text/plain Status=E&errCode=131&errString=Operation+not+supported+%28131 %29+-Please+check+request+parameters&subError=0 This response message would decode into the following values:

Response Parameter Value

status E

errCode 131

Table 1-1: Response Parameters

Direct Payment Protocol Specification 1.1 1-3 Transaction Requests October 2005

Response Parameter Value

errString Operation not supported (131) - Please check request parameters.

subError 0

Table 1-1: Response Parameters (Continued)

Example scenario The following presents a series of real-world scenarios that demonstrate the Optimal Payments account model. The following participants inter- act in the scenarios: • Store – an online bookstore • Smith – a consumer • Optimal Payments – the Optimal Payments transaction processor A) Smith buys 3 books 1. Smith purchases the following books at Store • Book a: $10 • Book b: $25 • Book c: $25 2. Store sends an Authorization request to Optimal Payments for the total amount ($60) 3. An Authorization transaction is created for $60 (Authorization TRID = 0020) B) Store ships the first two books 1. A Settlement is made: $35 ($10 + $25) against Authorization 0020 (Settlement TRID = 0123) 2. Remaining on Authorization 0020 = $25 3. Status of Authorization 0020 = partially settled C) Settlement batch run 1. State of Settlement 0123 = complete 2. State of Authorization 0020 = partially settled

1-4 October 2005 Definitions and conventions

D) Store ships the third book 1. A Settlement is made: $25 against Authorization 0020 (Settlement TRID = 0232) 2. Remaining on Authorization 0020 = $0 3. State of Settlement 0232 = pending 4. Status of Authorization 0020 = settled E) Settlement batch run 1. State of Settlement 0232 = complete 2. State of Authorization 0020 = settled F) Smith returns third book 1. A Credit is made: $25 against Settlement TRID= 0123 (Credit TRID = 0256) 2. Remaining on Settlement 0123 = $10 3. Remaining on Authorization 0020 = $0 4. State of Settlement 0232 = complete 5. State of Authorization 0020 = settled 6. State of Credit 0256 = pending G) Credit batch run 1. State of Settlement 0232 = complete 2. State of Authorization 0020 = settled

Definitions and conventions This section defines the message formats for merchant–transaction processor interactions. Messages are defined in terms of a set of fields. Each field has the following: •A name • A requirement setting, which may be: • (mandatory) – the transaction cannot be processed without this parameter.

Direct Payment Protocol Specification 1.1 1-5 Transaction Requests October 2005

• (optional) – the transaction can always be processed without this parameter. • (conditionally optional) – the transaction requires this parameter in some instances, e.g., for a Purchase request, you must supply the cvdValue parameter only if you assign a value of 1 for the cvdIndicator parameter. When the field is conditionally optional, those conditions are defined in the field description. •A format •A textual description The details of how the message is constructed depends on the transport being used. For example, HTTP transport is text based and may either be name-value pair encoded or encoded by field position and length. Transport via some other technology (e.g., CORBA) levies different implementation requirements. The following conventions are used in the specification of the format of message fields:

Abbreviation Description

aAlphabetic A-Z, a-z

n Numeric digits, 0–9

p Pad character, space

s Special characters

an Alphabetic and numeric characters

as Alphabetic and special characters

ns Numeric and special characters

anp Alphabetic, numeric, and space (pad) characters

ans Alphabetic, numeric, and special characters

MM Month, 01 through 12

YY Year, 00–99 where 00=2000, 01=2001, etc.

Table 1-2: Message Field Conventions

1-6 October 2005 Using this guide

hh Hour, 00 through 23

mm Minute, 00 through 59

ss Second, 00 through 59

3 Fixed length of 3 characters

..17 Variable length up to a maximum of 17 characters. All variable length fields in addition contain two or three positions at the beginning of the data element to identify the number of positions following to the end of that data element

Table 1-2: Message Field Conventions (Continued)

The parameter names are case sensitive. If you use your own ASP script or application (e.g., VB/VC++), ensure that the names and spellings of your parameters are identi- cal to those given in the following transaction descriptions.

Using this guide This user guide details major system functions. Each section provides an overview of functions, which are then broken down into procedures with steps to be followed.

Audience This user’s guide is intended for Optimal Payments merchants using our protocol to process transaction requests with Optimal Payments.

Functionality This guide may document some features to which you do not have access. Access to such functionality is allotted on a merchant-by-merchant basis. If you have any questions, contact your account manager.

Direct Payment Protocol Specification 1.1 1-7 Transaction Requests October 2005

Symbols This user guide uses the following symbols to bring important items to your attention:

Symbol Description

This note icon denotes a hint or tip to help you use the transaction processing application more efficiently.

This warning icon alerts you about actions you might take that could have important consequences.

Table 1-3: Symbols

Merchant transactions The Optimal Payments transaction processor supports the following transactions:

Transaction Name Transaction Parameter

Purchase P

AVS Check V

Authorization A

Settlement S

Cancel Settlement X

Credit CR

Cancel Credit Z

Transaction Lookup FT

Query Q

Table 1-4: Supported Transactions

1-8 October 2005 Security features

Security features For some transaction processes (e.g., Purchase) the Optimal Payments transaction processor provides additional features to protect the merchant from fraudulent card usage: • Address verification system (AVS) • Card validation data (CVD) • Negative database

AVS The Optimal Payments transaction processor supports address verification checks (AVS) wherever the issuing bank supports this feature. AVS goes beyond simply verifying the availability of funds and card status. AVS verifies whether the address supplied by the customer using a card matches the billing address associated with that card at the issuing bank. This makes it more difficult to use the card fraudulently, since in order to use a stolen card someone must also know the billing address associated with it. In addition, if goods are to be shipped, the merchant can require that they be shipped to the billing address associated with the card. Within Optimal Payments, each payment method is configured with the acceptable set of AVS return codes. If the bank returns a code that is not acceptable for the payment method, then the request is rejected with an Authorization Failed error. If you get an Authorization Failed error in response to a transaction request, and an Authorization number is returned in the response, then the failure was caused by the AVS check. You can look at the AVS code returned to determine exactly why the AVS check failed. The Optimal Payments transaction processor returns the following codes, in the avsInfo field, to the merchant application in response to a transaction request, with A, N, and E indicating AVS failure:

Code letter Explanation

A Address matches, but zip code does not.

Table 1-5: AVS Codes

Direct Payment Protocol Specification 1.1 1-9 Transaction Requests October 2005

Code letter Explanation

B AVS not performed for international transaction. Either the postal code has invalid format or address information not provided.

C For international transaction, either the address or the postal code not verified due to invalid format.

D For international transaction, address and postal code match.

E AVS not supported for this industry.

G For international credit card, address information not available.

I For international transaction, address information not verified.

M For international transaction, address and postal code match.

N No part of the address matches.

P AVS not applicable for international transaction. Postal code matches but address not verified due to incom- patible format.

Q Unknown response from issuer/banknet switch.

R Retry. System unable to process.

S AVS not supported.

U Address information is unavailable.

W Nine-digit zip code matches, but address does not.

X Exact. Nine-digit zip code and address match.

Y Yes. Five-digit zip code and address match.

Z Five-digit zip code matches, but address does not.

Table 1-5: AVS Codes (Continued)

1-10 October 2005 Security features

When you registered with Optimal Payments, your account was set up to automatically apply AVS checks. The Optimal Payments transaction processor accepts only transactions for which the allowable AVS return codes are returned. AVS has three limitations, which may affect the decisions you make with regard to failed AVS checks: • AVS is not always reliable. Bad results can be returned if someone has moved, for instance, or because some people report five-digit zip codes and some report nine-digit zip codes. • AVS does not function for addresses outside the U.S. If you decide, therefore, to ship only to addresses that return good AVS results, you exclude all non-U.S. transactions. • AVS is supported by many U.S. issuing banks, but not all. So even if you only serve U.S. customers, you may not always be able to depend on AVS being available.

CVD The CVD value is a 3- or 4-digit number printed on the back of a card, but it is not present on the magnetic strip. Therefore, the value is not printed on receipts or statements, reducing the probability of fraud from imprint information. The CVD feature, intended specifically for transactions where a card is not present, is a requirement of the Optimal Pay- ments transaction processor. We support the CVD feature wherever the issuing banks do. When customers enter their card and cardholder information, the CVD value is requested at the same time. One of four indicators flag the status of a CVD request: • Not provided – The customer did not provide the CVD value. • Provided – The customer provided the CVD value. When this indicator is selected, the CVD value is entered in a field. • Illegible – The customer claims the CVD value is illegible. • Not present – The customer claims the CVD value is not on the card.

Negative database Optimal Payments administers a negative database that provides additional protection against misuse of cards and inappropriate transaction

Direct Payment Protocol Specification 1.1 1-11 Transaction Requests October 2005

requests. Card numbers and email addresses are entered into the negative database for the following reasons: • A chargeback associated with the card number or email address has occurred. • The card number or email address was involved in, or suspected to have been involved in, fraudulent activity. Your account is configured to automatically implement this security feature, and any transaction request that attempts to use either a card number or email address that is in the negative database will not be processed.

Purchase A Purchase request both authorizes and settles (see Authorization on page 1-33 and Settlement on page 1-45) the requested amount against the card indicated. Through authorizing, the Purchase request confirms that the card exists and that funds are available at the time of Authorization to cover the purchase amount. The funds are not credited at this time but the Authorization reduces the available credit limit for that card, so in a sense the funds are “reserved” for the Purchase. Through Settle- ment, the Purchase request completes the transaction – the issuing financial institution credits the merchant’s bank account with the funds for the transaction and updates the cardholder’s statement.

Purchase message format The Purchase request may contain the following request parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

1-12 October 2005 Purchase

Purchase Mandatory/ Data Type Description Parameter Optional

account n ..10 The merchant account against which the request is made. NOTE: The currency of the transaction is inferred from the account specified. The currency of each account is assigned when it is created.

amount n ..10 The integer amount, without deci- mals, for which a Purchase is requested. (e.g., $10.00 would be “1000”)

cardNumber n ..19 The card number against which the Purchase is made.

cardExp MM/YY The expiry date for the card against which the Purchase will be made. Format must be “MM/YY” e.g., September 2005 = 09/05

cvdIndicator n 1 The status of CVD value information. Possible values are: • 0 – The customer did not provide a value. • 1 – The customer provided a value. • 2 – The value is illegible. • 3 – The value is not on the card.

Table 1-6: Purchase Request Parameters

Direct Payment Protocol Specification 1.1 1-13 Transaction Requests October 2005

Purchase Mandatory/ Data Type Description Parameter Optional

cvdValue n ..4 The 3- or 4-digit security code that appears on the back of a card following the card number. This code does not appear on imprints. NOTE: The cvdValue parameter is mandatory when the cvdIndicator parameter value = 1.

issueNumber n ..2 The 1- or 2-digit number located on the front of the card, following the card number. NOTE: The issueNumber parameter can be used only when the cardType is SO (Solo) or SW (Switch).

Table 1-6: Purchase Request Parameters (Continued)

1-14 October 2005 Purchase

Purchase Mandatory/ Data Type Description Parameter Optional

cardType a ..6 The type of card against which the Purchase is made. Possible values are: • AM = American Express • DC = Diners Club •DI = Discover •FP = FirePay •JC = JCB •LA = Laser • MC = MasterCard •MD = Maestro •SO = Solo •SW = Switch •VD = Visa Delta • VE = Visa Electron •VI = Visa NOTE: If you need to use other card types, please contact technical support.

operation a 1 Signifies the transaction requested. Must be set to P for Purchase.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

custName1 an ..255 The customer’s first name.

custName2 an ..255 The customer’s second name.

streetAddr an ..255 The first line of the customer’s street address.

streetAddr2 an ..255 The second line of the customer’s street address.

Table 1-6: Purchase Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-15 Transaction Requests October 2005

Purchase Mandatory/ Data Type Description Parameter Optional

phone an ..255 The customer’s phone number.

email an ..255 The customer’s email address.

city an ..255 The city associated with the customer’s card.

province a 2 The province or state associated with the customer’s card. See Appendix B: Geographical Codes for a list of province and state codes.

zip an ..10 The postal code associated with the customer’s card.

country a 2 The country associated with the customer’s card. See Country codes on page B-3 for a list of country codes.

merchantTxn an ..255 A unique ID number associated with each request. The value is created by the merchant and submitted as part of the request.

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-6: Purchase Request Parameters (Continued)

1-16 October 2005 Purchase

Purchase Mandatory/ Data Type Description Parameter Optional

Do not use parameters below unless instructed by Optimal Payments personnel.

merchantSIC n 4 The ISO Standard Industry Code (SIC) for the merchant. See Appendix C: Merchant SIC Codes for a complete list of SIC codes.

payMethod a 1 The method used to make the payment. Possible values are: • O = Card Number Provided Online • P = Card present • V = Card Number Provided by Phone

productType a 1 The type of product ordered. Possi- ble values are: • P = Physical Goods • D = Digital Goods (e.g., software) • C = Digital Content (e.g., images and/or text) • G = Gift Certificate/Digital Cash • S = Shareware • M = Both Digital and Physical (e.g., software downloaded followed by media shipment) • R = Account Replenish (subscription renewal)

Table 1-6: Purchase Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-17 Transaction Requests October 2005

Purchase Mandatory/ Data Type Description Parameter Optional

carrier a 1 The shipment carrier. Possible values are: •F = Fedex •P = USPS •U = UPS • L = Purolator • G = Greyhound •D = DHL •O = Other

customerId an 64 The customer’s ID at the merchant’s site.

customerIP an 255 The customer’s IP address.

custWorkPhone an 255 The customer’s daytime or work phone number.

merchantCountry a 2 The merchant’s country. See Country codes on page B-3 for a list of country codes.

merchantZip an ..10 The merchant’s postal/zip code.

custAcctOpenDate YYYYMMDD Date the customer account was opened with the merchant.

previousCustomer a 1 Indicates whether the customer has previously shopped online with this merchant. Possible values are: •Y = Yes •N = No

productCode an ..18 The product code of the ordered item. See Appendix D: Product Codes for a complete list of product codes.

Table 1-6: Purchase Request Parameters (Continued)

1-18 October 2005 Purchase

Purchase Mandatory/ Data Type Description Parameter Optional

shipCity an ..255 The city to which an item is to be shipped.

shipCountry a 2 The country to which an item is to be shipped. See Country codes on page B-3 for a list of country codes.

shipEmail an ..255 The recipient’s email address.

shipCustName1 an ..255 The recipient’s first name.

shipCustName2 an ..255 The recipient’s last name.

shipMethod a 1 The method of shipment. Possible values are: •N = Next Day/Overnight •T = Two-Day Service •C = Lowest Cost •O = Other

shipProvince a 2 The province or state to which an item is to be shipped. See Appendix B: Geographical Codes for a list of province and state codes.

shipStreetAddr an ..255 The street address to which an item is to be shipped.

shipZip an ..10 The postal/zip code to which an item is to be shipped.

txnCategory a 1 The method used to place the order. Possible values are: •I = Internet • P = Card Present •T = MOTO

Table 1-6: Purchase Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-19 Transaction Requests October 2005

Purchase Mandatory/ Data Type Description Parameter Optional

userData04 an ..255 User-defined order field.

userData05 an ..255 User-defined order field.

userData06 an ..255 User-defined order field.

Table 1-6: Purchase Request Parameters (Continued)

Purchase successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 SP indicates a successful Purchase.

authCode an 20 The Authorization code assigned by the issuing bank and returned by the transaction processor.

authTime n ..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970).

avsInfo a 6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. NOTE: The request will only be successful if the AVS code was one of the values acceptable for the brand used. Therefore, the AVS information returned simply indicates how the request matched the set that was acceptable.

Table 1-7: Purchase Successful Response Parameters

1-20 October 2005 Purchase

Parameter Data Type Description

cvdInfo a 1 The response to the cvdValue submitted with the Purchase request. Possible values are: • M (Match) – The CVD value provided matches the CVD value associated with the card. • N (No Match) – The CVD value provided does not match the CVD value associated with the card. • P (Not Processed) – The CVD value was not processed. • Q (Unknown Response) – No results were received concerning the CVD value. • S (Not Present) – CVD should be on the card. However, the cardholder indicated it was not present. • U – Issuer is not certified and/or has not provided Visa encryption keys.

curAmount n ..10 Indicates the amount, in cents, available for Settlement. It will always be equal to the amount of the Authorization requested.

amount n ..10 The original amount that was requested.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-7: Purchase Successful Response Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-21 Transaction Requests October 2005

Purchase error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n 6 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode a ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

authCode an ..20 The Authorization code assigned by the issuing bank and returned by the transaction processor. This parameter is usually only returned if the Authorization failed due to AVS.

Table 1-8: Purchase Error Response Parameters

1-22 October 2005 Purchase

Parameter Data Type Description

authTime n ..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970). This parameter is usually only returned if the Authorization failed due to AVS.

avsInfo an 6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. This parameter is usually only returned if the Authorization failed due to AVS. It may indi- cate why the transaction could not be processed. If this value is returned and the code is not one of the values acceptable for the brand used, the transaction was refused due to the AVS check.

cvdInfo a 1 The response to the cvdValue submitted with the Purchase request. Possible values are: • M (Match) – The CVD value provided matches the CVD value associated with the card. • N (No Match) – The CVD value provided does not match the CVD value associated with the card. • P (Not Processed) – The CVD value was not processed. Q (Unknown response) – Received no results concerning the CVD value. • S (Not Present) – CVD should be on the card. However, the cardholder indicated it was not present. • U – Issuer is not certified and/or has not provided Visa encryption keys.

Table 1-8: Purchase Error Response Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-23 Transaction Requests October 2005

Parameter Data Type Description

pmtError a 1 Returned only if the request can be retried. It can be one of the following: • I - kPmtErrorUserRetry A minor error occurred (e.g., the user mistyped a card number). The user should re-enter their Authorization credentials. • M - kPmtErrorOperatorRetry User intervention is required to resolve the error. Please contact technical support. • S - kPmtErrorSystemRetry The system may be able to retry the request. If multiple failures occur, please contact technical support.

Table 1-8: Purchase Error Response Parameters (Continued)

AVS Check The AVS Check transaction allows merchants to run an AVS check on a cardholder’s transaction information, but without attempting to authorize and settle an amount on the card number provided. When an AVS Check request is submitted, the transaction processor returns an AVS response code from the clearing network to the merchant in real time. Again, AVS Check transactions are not settled (i.e., no money is transferred from the cardholder’s account to the merchant’s account) – they serve only to inform the merchant about the AVS legitimacy of the cardholder. This transaction is separate from the AVS checks that can be done automatically, for example, when a Purchase transaction is sent (see AVS on page 1-9 for more information).

AVS Check message format The AVS Check request may contain the following parameters (see Defi- nitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

1-24 October 2005 AVS Check

AVS Check Mandatory/ Data Type Description Parameter Optional

account n ..10 The merchant account against which the request is made.

cardNumber n ..19 The card number against which the AVS Check is made.

cardExp MM/YY The expiry date for the card against which the AVS Check is made. Format must be “MM/YY” e.g., September 2005 = 09/05

cardType a ..6 The type of card against which the AVS Check is made. Possible values are: • MC = MasterCard •VI = Visa

operation a 1 Signifies the transaction requested. Must be set to V for AVS Check.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

custName1 an ..255 The customer’s first name.

custName2 an ..255 The customer’s second name.

streetAddr an ..255 The first line of the customer’s street address.

streetAddr2 an ..255 The second line of the customer’s street address.

phone an ..255 The customer’s phone number.

email an ..255 The customer’s email address.

city an ..255 The city associated with the customer’s card.

Table 1-9: AVS Check Request Parameters

Direct Payment Protocol Specification 1.1 1-25 Transaction Requests October 2005

AVS Check Mandatory/ Data Type Description Parameter Optional

province a 2 The province or state associated with the customer’s card. See Appendix B: Geographical Codes for a list of province and state codes.

zip an ..10 The postal code associated with the customer’s card.

country a 2 The country associated with the customer’s card. See Country codes on page B-3 for a list of country codes.

merchantTxn a ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-9: AVS Check Request Parameters (Continued)

AVS Check successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 AV indicates successful AVS Check.

Table 1-10: AVS Check Successful Response Parameters

1-26 October 2005 AVS Check

Parameter Data Type Description

authTime n ..10 The time at which the AVS Check was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970).

avsInfo a ..6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. NOTE: The request will only be successful if the AVS code returned was one of the values acceptable for the card brand used. Therefore, the AVS information returned simply indicates how the request matched the set that was acceptable.

txnNumber n ..10 The transaction number the transaction processor assigns to this request. The txnNumber identifies this transaction throughout its lifecycle, and it must be specified for any subsequent Settlement, Credit, and Query requests related to this request. These numbers are sequential for each merchant account – if the first AVS Check transaction processed is 100, the next will be 101, then 102, etc.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-10: AVS Check Successful Response Parameters (Continued)

AVS Check error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Direct Payment Protocol Specification 1.1 1-27 Transaction Requests October 2005

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n ..3 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode an ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

authTime n..10 The time at which the AVS Check was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970).

Table 1-11: AVS Check Error Response Parameters

1-28 October 2005 Risk Only

Parameter Data Type Description

pmtError a 1 Returned only if the request can be retried. It can be one of the following: • I - kPmtErrorUserRetry A minor error occurred (e.g., the user mistyped a card number). The user should re-enter their AVS Check credentials. • M - kPmtErrorOperatorRetry User intervention is required to resolve the error. Please contact technical support. • S - kPmtErrorSystemRetry The system may be able to retry the request. If multiple failures occur, please contact technical support.

Table 1-11: AVS Check Error Response Parameters (Continued)

Risk Only The Risk Only transaction allows merchants to run a risk check on a cardholder’s transaction information, but without attempting to authorize and settle an amount on the card number provided. When a Risk Only request is submitted, the transaction processor returns a risk response to the merchant in real time, notifying the merchant that the transaction has either passed or failed Optimal Payments’ risk criteria. Again, Risk Only transactions are not settled (i.e., no money is transferred from the cardholder’s account to the merchant’s account) – they serve only to inform the merchant about the fraud probability of the cardholder.

Risk Only message format The Risk Only request may contain the following parameters (see Defi- nitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

Direct Payment Protocol Specification 1.1 1-29 Transaction Requests October 2005

Risk Only Mandatory/ Data Type Description Parameter Optional

account n ..10 The merchant account against which the request is made.

amount n ..10 The integer amount, without deci- mals, for which the transaction is requested. (e.g., $10.00 would be “1000”)

cardNumber n ..19 The card number against which the transaction is made.

cardExp MM/YY The expiry date for the card against which the transaction is made. Format must be “MM/YY” e.g., September 2005 = 09/05

cardType a ..6 The type of card against which the transaction is made. Possible values are: • AM = American Express • DC = Diners Club •DI = Discover •FP = FirePay •JC = JCB •LA = Laser • MC = MasterCard •MD = Maestro •SO = Solo •SW = Switch • VD = Visa Delta • VE = Visa Electron •VI = Visa

operation a 1 Signifies the transaction requested. Must be set to R for Risk Only.

Table 1-12: Risk Only Request Parameters

1-30 October 2005 Risk Only

Risk Only Mandatory/ Data Type Description Parameter Optional

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

custName1 an ..255 The customer’s first name.

custName2 an ..255 The customer’s second name.

streetAddr an ..255 The first line of the customer’s street address.

streetAddr2 an ..255 The second line of the customer’s street address.

phone an ..255 The customer’s phone number.

email an ..255 The customer’s email address.

city an ..255 The city associated with the customer’s card.

province a 2 The province or state associated with the customer’s card. See Appendix B: Geographical Codes for a list of province and state codes.

zip an ..10 The postal code associated with the customer’s card.

country a 2 The country associated with the customer’s card. See Country codes on page B-3 for a list of country codes.

merchantTxn a ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

Table 1-12: Risk Only Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-31 Transaction Requests October 2005

Risk Only Mandatory/ Data Type Description Parameter Optional

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-12: Risk Only Request Parameters (Continued)

Risk Only successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 This indicates the risk status of the transaction. • RP = transaction Passed the risk check • RF = transaction Failed the risk check

authTime n ..10 The time at which the Risk Only transaction was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 Jan- uary 1970).

guid an 32 This is an internal unique identifier.

txnNumber n ..10 The transaction number the transaction processor assigns to this request. These numbers are sequential for each merchant account – if the first Risk Only transaction processed is 100, the next will be 101, then 102, etc.

Table 1-13: Risk Only Successful Response Parameters

1-32 October 2005 Authorization

Parameter Data Type Description

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-13: Risk Only Successful Response Parameters (Continued)

Risk Only error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

authTime n ..10 The time at which the Risk Only transaction was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 Jan- uary 1970).

guid an 32 This is an internal unique identifier.

Table 1-14: Risk Only Error Response Parameters

Authorization There is a certain risk inherent in accepting card payments when the card is not present. In a card Authorization, the transaction information is sent to the card processor, which in turn sends the information to the cardholder’s issuing financial institution. An Authorization is not a guarantee of payment. It only confirms that the card exists and that funds are available at the time of Authorization to cover the Purchase amount. The funds are not credited at this time but the Authorization reduces the available credit limit for that card, so in a sense the funds are “reserved” for the Purchase. Every card Authorization request has a time limit set by the card provider. Typically, the limit is between three to twenty-one days, but you should check with the card provider for their policy. If a card Authorization expires before the Settlement request is sent, you could be denied the Settlement if the cardholder’s credit limit is reached, or you might be charged a higher rate for the transaction, as

Direct Payment Protocol Specification 1.1 1-33 Transaction Requests October 2005

determined by the regulations of the card company. Visa may also charge you a higher rate if a Settlement request is received more than seven days after an Authorization request. In most cases, it is safe to assume that an Authorization will remain valid for a period of seven days. Many merchants try to limit the time between Authorization and Settlement to seven days, in order to minimize Settle- ment problems. While this is a good policy, it is not a definitive rule. Pol- icies and rates vary between cards and financial institutions, and this information is not included in the Authorization response. It is up to you to be aware of the possible consequences and decide how to handle them.

Authorization message format The Authorization request may contain the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

Authorization Mandatory/ Data Type Description Parameter Optional

amount n ..10 The integer amount, without deci- mals, for which an Authorization is requested. (e.g., $10.00 would be “1000”)

cardNumber n ..19 The card number against which the Authorization is made.

Table 1-15: Authorization Request Parameters

1-34 October 2005 Authorization

Authorization Mandatory/ Data Type Description Parameter Optional

cardExp MM/YY The expiry date for the card against which the Authorization is made. Format must be “MM/YY” e.g., September 2005 = 09/05

issueNumber n ..2 The 1- or 2-digit number located on the front of the card, following the card number. NOTE: The issueNumber parameter can be used only when the cardType is SO (Solo) or SW (Switch).

Table 1-15: Authorization Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-35 Transaction Requests October 2005

Authorization Mandatory/ Data Type Description Parameter Optional

cardType a ..6 The type of card against which the Authorization is made. Possible values are: • AM = American Express • DC = Diners Club •DI = Discover •FP = FirePay •JC = JCB •LA = Laser • MC = MasterCard •MD = Maestro •SO = Solo •SW = Switch •VD = Visa Delta • VE = Visa Electron •VI = Visa NOTE: If you need to use other card types, please contact technical support.

operation a 1 Signifies the transaction requested. Must be set to A for Authorization.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

custName1 an ..255 The customer’s first name.

custName2 an ..255 The customer’s second name.

streetAddr an ..255 The first line of the customer’s street address.

streetAddr2 an ..255 The second line of the customer’s street address.

Table 1-15: Authorization Request Parameters (Continued)

1-36 October 2005 Authorization

Authorization Mandatory/ Data Type Description Parameter Optional

phone an ..255 The customer’s phone number.

email an ..255 The customer’s email address.

city an ..255 The city associated with the customer’s card.

province a 2 The province or state associated with the customer’s card. See Appendix B: Geographical Codes for a list of province and state codes.

zip an ..10 The postal code associated with the customer’s card.

country a 2 The country associated with the customer’s card. See Country codes on page B-3 for a list of country codes.

merchantTxn a ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-15: Authorization Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-37 Transaction Requests October 2005

Authorization Mandatory/ Data Type Description Parameter Optional

Do not use parameters below unless instructed by Optimal Payments personnel.

merchantSIC n 4 The ISO Standard Industry Code (SIC) for the merchant. See Appendix C: Merchant SIC Codes for a complete list of SIC codes.

payMethod a 1 The method used to make the payment. Possible values are: • O = Card Number Provided Online • P = Card present • V = Card Number Provided by Phone

Table 1-15: Authorization Request Parameters (Continued)

1-38 October 2005 Authorization

Authorization Mandatory/ Data Type Description Parameter Optional

carrier a 1 The shipment carrier. Possible values are: • F = Fedex •P = USPS •U = UPS • L = Purolator • G = Greyhound •D = DHL •O = Other

customerId an 64 The customer’s ID at the merchant’s site.

customerIP an 255 The customer’s IP address.

custWorkPhone an 255 The customer’s daytime or work phone number.

merchantCountry a 2 The merchant’s country. See Country codes on page B-3 for a list of country codes.

merchantZip an ..10 The merchant’s postal/zip code.

custAcctOpenDate YYYYMMDD Date the customer account was opened with the merchant.

previousCustomer a 1 Indicates whether the customer has previously shopped online with this merchant. Possible values are: •Y = Yes •N = No

productCode an ..18 The product code of the ordered item. See Appendix D: Product Codes for a complete list of product codes.

Table 1-15: Authorization Request Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-39 Transaction Requests October 2005

Authorization Mandatory/ Data Type Description Parameter Optional

shipCity an ..255 The city to which an item is to be shipped.

shipCountry a 2 The country to which an item is to be shipped. See Country codes on page B-3 for a list of country codes.

shipEmail an ..255 The recipient’s email address.

shipCustName1 an ..255 The recipient’s first name.

shipCustName2 an ..255 The recipient’s last name.

shipMethod a 1 The method of shipment. Possible values are: •N = Next Day/Overnight •T = Two-Day Service •C = Lowest Cost •O = Other

shipProvince a 2 The province or state to which an item is to be shipped. See Appendix B: Geographical Codes for a list of province and state codes.

shipStreetAddr an ..255 The street address to which an item is to be shipped.

shipZip an ..10 The postal/zip code to which an item is to be shipped.

txnCategory a 1 The method used to place the order. Possible values are: •I = Internet • P = Card Present •T = MOTO

Table 1-15: Authorization Request Parameters (Continued)

1-40 October 2005 Authorization

Authorization Mandatory/ Data Type Description Parameter Optional

userData04 an ..255 User-defined order field.

userData05 an ..255 User-defined order field.

userData06 an ..255 User-defined order field.

Table 1-15: Authorization Request Parameters (Continued)

Authorization successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 1 A indicates successful Authorization.

authCode an ..20 The Authorization code assigned by the issuing bank and returned by the transaction processor.

authTime n ..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970).

Table 1-16: Authorization Successful Response Parameters

Direct Payment Protocol Specification 1.1 1-41 Transaction Requests October 2005

Parameter Data Type Description

cvdInfo a 1 The response to the cvdValue submitted with the Authorization request. Possible values are: • M (Match) – The CVD value provided matches the CVD value associated with the card. • N (No Match) – The CVD value provided does not match the CVD value associated with the card. • P (Not Processed) – The CVD value was not processed. • S – Merchant indicated that CVV2 was not present on card. • U – Issuer is not certified and/or has not provided Visa encryption keys.

curAmount n ..10 Indicates the amount, in cents, available for Settlement. It will always be equal to the amount of the Authorization requested.

amount n ..10 The original amount that was requested.

txnNumber n ..10 The transaction number the transaction processor assigns to this request. The txnNumber identifies this transaction throughout its lifecycle, and it must be specified for any subsequent Settlement, Credit, and Query requests related to this request. These numbers are sequential for each merchant account – if the first Authorization transaction processed is 100, the next will be 101, then 102, etc.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-16: Authorization Successful Response Parameters (Continued)

1-42 October 2005 Authorization

Authorization error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n ..3 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode an ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

authCode an ..20 The Authorization code assigned by the issuing bank and returned by the transaction processor. This parameter is usually only returned if the Authorization failed due to AVS.

Table 1-17: Authorization Error Response Parameters

Direct Payment Protocol Specification 1.1 1-43 Transaction Requests October 2005

Parameter Data Type Description

authTime n..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970). This parameter is usually only returned if the Authorization failed due to AVS.

avsInfo an ..6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. This parameter is usually only returned if the Authorization failed due to AVS. It may indi- cate why the transaction could not be processed. If this value is returned and the code is not one of the values acceptable for the brand used, the transaction was refused due to the AVS check.

Table 1-17: Authorization Error Response Parameters (Continued)

1-44 October 2005 Settlement

Parameter Data Type Description

Table 1-17: Authorization Error Response Parameters (Continued)

Settlement After an order is shipped, the transaction can be settled, a procedure that is also handled by the card processor. The Settlement process completes the transaction: the issuing financial institution credits the merchant’s bank account with the funds for the transaction and updates the cardholder’s statement. Card regulations require a merchant to ship goods before settling the funds for an order. Because of this requirement, online card transactions are done in two parts: Authorization and Settlement. These are separate because it takes time to prepare goods for shipment. In contrast, a brick and mortar store gets the Authorization at the time of Purchase, the customer receives the goods, and the merchant can submit the sale for Set- tlement immediately. Settlement transactions are applied to the original Authorization (and so require the txnNumber of that original Authorization). A Settlement must be less than or equal to the original authorized amount. Multiple Settlements may be applied to an Authorization, representing portions of the original order being filled. Unlike Authorization transactions, Settlements do not take place immediately. Rather, they are gathered (“batched”) at a certain time during the day and sent to the clearing network for processing. Until the batch

Direct Payment Protocol Specification 1.1 1-45 Transaction Requests October 2005

has been processed, no money has changed hands. To reconcile bank statements with processed transactions, one should look at Settlement transactions that have a status of “complete” when running reports.

Settlement message format The Settlement request may contain the following parameters (see Defi- nitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

Settlement Mandatory/ Data Type Description Parameter Optional

txnNumber n ..10 The transaction number that the transaction processor returned in response to the original Authoriza- tion request that is now being settled – this is the txnNumber found in the Authorization successful response on page 1-41.

Table 1-18: Settlement Request Transaction Parameters

1-46 October 2005 Settlement

Settlement Mandatory/ Data Type Description Parameter Optional

amount n ..10 The integer amount, without deci- mals, for which the Settlement is requested. (e.g., $10.00 would be “1000”) Multiple Settlements can be requested against the same Autho- rization, provided the total requested does not exceed the original Authorization. If this value is not specified, the full amount authorized will be settled.

operation a 1 Signifies the transaction requested. Must be set to S for Settle.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

merchantTxn an ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd an ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-18: Settlement Request Transaction Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-47 Transaction Requests October 2005

Settlement successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 SP indicates successful Settlement. The requested amount has been marked for Settle- ment the next time the batch Settlement job runs.

authCode an ..20 The Authorization code assigned by the issuing bank and returned by the transaction processor.

authTime n ..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970).

avsInfo a ..6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. NOTE: The request will only be successful if the AVS code was one of the values acceptable for the brand used. Therefore, the AVS information returned simply indicates how the request matched the set that was acceptable.

curAmount n ..10 This indicates the amount, in cents, that remains available for Settlement. For example, if an Authorization was made for 1000 and the first Settlement request was for 400, then the curAmount returned in response to that Settle- ment is 600.

Table 1-19: Settlement Successful Response Parameters

1-48 October 2005 Settlement

Parameter Data Type Description

amount n ..10 The original amount that was requested. This is only returned if the amount parameter was specified in the initial Settlement request.

txnNumber n ..10 The transaction number the transaction processor assigned to the original Authorization being settled, and which was specified in the Settlement request.

settleNumber n ..10 The transaction number the transaction processor assigns to this Settlement. NOTE: Since you can have multiple Settle- ments against a single Authorization, the settle- Number for the first Settlement is zero (0), and subsequent Settlements against the same Authorization are incremented by one each time. See Settlement on page 1-45 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-19: Settlement Successful Response Parameters (Continued)

Settlement error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

Table 1-20: Settlement Error Response Parameters

Direct Payment Protocol Specification 1.1 1-49 Transaction Requests October 2005

Parameter Data Type Description

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n 6 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode an ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-20: Settlement Error Response Parameters (Continued)

Cancel Settlement During a Settlement, the issuing financial institution credits the merchant’s bank account with the funds for the transaction and updates the cardholder’s statement. This can only be done once the merchandise has been shipped or the service has been provided to the customer. When a Settlement transaction is processed, it is temporarily queued in a batch, which is sent once daily to the clearing networks. It is possible, while a Settlement is queued in the batch, to cancel that transaction. This might become necessary, for example, if a merchant discovers that an item thought to have been shipped has not in fact been sent to the customer, and a Settlement for that transaction is therefore not permissible.

Cancel Settlement message format The Cancel Settlement request may contain the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

1-50 October 2005 Cancel Settlement

Cancel Mandatory/ Data Type Description Settlement Optional Parameter

txnNumber n ..10 The transaction number that the transaction processor returned in response to the original Purchase or Authorization request that is now being settled – this is the txnNum- ber found in Purchase successful response on page 1-20 or in Authorization successful response on page 1-41.

operation a 1 Signifies the transaction requested. Must be set to X for Cancel Settle- ment.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

settleNumber n ..10 The transaction number the transaction processor assigned to the Settlement of the original transaction. This is the settleNumber found in Settlement successful response on page 1-48.

merchantId an ..80 The account transaction processing ID associated with the merchant.

Table 1-21: Cancel Settlement Request Transaction Parameters

Direct Payment Protocol Specification 1.1 1-51 Transaction Requests October 2005

Cancel Mandatory/ Data Type Description Settlement Optional Parameter

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

Table 1-21: Cancel Settlement Request Transaction Parameters (Continued)

Cancel Settlement successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 C indicates a successful Cancel Settlement.

txnNumber n ..10 The transaction number the transaction processor assigned to the initial Purchase or Authorization request. This is the txnNumber found in Purchase successful response on page 1-20 or in Settlement successful response on page 1-48.

settleNumber n ..10 The transaction number the transaction processor assigned to the Settlement of the original transaction. This is the settleNumber supplied in Cancel Settlement message format on page 1-50.

Table 1-22: Cancel Settlement Successful Response Parameters

Cancel Settlement error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

1-52 October 2005 Credit

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode an ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-23: Cancel Settlement Error Response Parameters

Credit In the event that you must refund a customer’s money, use the Credit request to credit back to a customer ’s card an amount previously settled against that card.

A Credit request can only be completed once settlement of the Purchase request is complete. This occurs the next time the batch job runs after the Purchase request is completed.

Credits do not take place immediately. Rather, they are gathered (“batched”) at a certain time during the day and sent to the clearing network for processing. Until the batch has been processed, no money has changed hands. To reconcile bank statements with processed transac-

Direct Payment Protocol Specification 1.1 1-53 Transaction Requests October 2005

tions, one should look at Credit transactions that have a status of “complete” when running reports. In special cases, a Credit may have already been applied by the card company due to a chargeback request from the cardholder. A chargeback is a refusal of the cardholder’s bank to accept a transaction pre- sented by the merchant’s processor. This occurs when a customer disputes a card purchase. The merchant may be asked for proof of Authorization. The end result may be that the merchant’s account is debited for the transaction. To reconcile this scenario, a Credit transaction is created using the backoffice transaction management user inter- face and flagged as a chargeback. This reflects the fact that the Credit occurred, but prevents that Credit from being processed in a batch.

Credit message format The Credit request may contain the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Manda- tory/Optional column):

Credit Parameter Mandatory/ Data Type Description Optional

account n ..10 The merchant account against which the request is made. NOTE: The currency of the transaction is inferred from the account specified. The currency of each account is assigned when it is created.

txnNumber n ..10 The transaction number the transaction processor returned in response to the original Purchase request. This is the txnNumber found in the Purchase successful response on page 1-20.

Table 1-24: Credit Request Transaction Parameters

1-54 October 2005 Credit

Credit Parameter Mandatory/ Data Type Description Optional

settleNumber n ..10 The transaction number the transaction processor assigned to the settlement of the transaction against which the Credit request is being made.

origMerchantTxn a ..255 The merchant transaction number associated with the Purchase against which the Credit request is made.

amount n ..10 The integer amount, without dec- imals, for which the Credit is requested. (e.g., $10.00 would be “1000”) This can be at most the amount of the Purchase. If the amount is not specified, then the full amount settled is credited.

operation a 2 Signifies the transaction requested. Must be set to CR for Credit.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

merchantTxn an ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

merchantId an ..80 The account transaction processing ID associated with the merchant.

Table 1-24: Credit Request Transaction Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-55 Transaction Requests October 2005

Credit Parameter Mandatory/ Data Type Description Optional

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

merchantData an ..255 Data that the merchant wants to associate with the request (e.g., notes).

Table 1-24: Credit Request Transaction Parameters (Continued)

Credit successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 SP indicates successful Credit. The requested amount has been marked for settlement the next time the batch settlement job runs.

curAmount n ..10 This indicates the amount, in cents, that remains available to be credited against the Settlement indicated by the transaction number and the merchant transaction number. For example, if a Purchase was made for 1000 and the first Credit request was for 400, then the curAmount returned in response to that Settle- ment is 600.

amount n ..10 The amount for which the Credit was requested. This is only returned if an amount was specified in the Credit request.

txnNumber n ..10 The transaction number specified in the request.

Table 1-25: Credit Successful Response Parameters

1-56 October 2005 Credit

Parameter Data Type Description

creditNumber n ..10 The transaction number the transaction processor assigns this Credit request. Possible values are 0 .. n, where 0 is the first Credit applied to the original transaction, 1 is the second Credit applied to that transaction, etcetera.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-25: Credit Successful Response Parameters (Continued)

Credit error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n 6 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

Table 1-26: Credit Error Response Parameters

Direct Payment Protocol Specification 1.1 1-57 Transaction Requests October 2005

Parameter Data Type Description

actionCode a ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-26: Credit Error Response Parameters (Continued)

Cancel Credit The Credit request allows the merchant’s application to credit an amount as great as the sum of the Settlements that have been made against an Authorization. When a Credit transaction is processed, it is temporarily queued in a batch, which is sent once daily to the clearing networks. If necessary it is possible, while a Credit is queued in the batch, to cancel that transaction before it is processed.

Cancel Credit message format The Cancel Credit request may contain the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

Cancel Credit Mandatory/ Data Type Description Parameter Optional

Table 1-27: Cancel Credit Request Transaction Parameters

1-58 October 2005 Cancel Credit

Cancel Credit Mandatory/ Data Type Description Parameter Optional

operation a 1 Signifies the transaction requested. Must be set to Z for Cancel Credit.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

creditNumber n ..10 The transaction number assigned to the original Credit request. This is the value for creditNumber on page 1-57.

merchantId an ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

Table 1-27: Cancel Credit Request Transaction Parameters (Continued)

Direct Payment Protocol Specification 1.1 1-59 Transaction Requests October 2005

Cancel Credit successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a 2 C indicates a successful Cancel Credit.

settleNumber n ..10 The transaction number the transaction processor assigned to the original Settlement that was being credited. This is the settleNumber supplied in Cancel Credit message format on page 1-58.

creditNumber n ..10 The transaction number the transaction processor assigned to the original Credit request. This is the creditNumber supplied in Cancel Credit message format on page 1-58.

Table 1-28: Cancel Credit Successful Response Parameters

Cancel Credit error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

Table 1-29: Cancel Credit Error Response Parameters

1-60 October 2005 Transaction recovery

Parameter Data Type Description

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode a ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-29: Cancel Credit Error Response Parameters (Continued)

Transaction recovery The type of transaction request to post for transaction recovery differs, depending on the type of transaction request that you want to recover.

Transaction Transaction Request to Execute

Authorization Transaction Lookup

Credit Query

Purchase Transaction Lookup

Settlement Query

Table 1-30: Transaction Recovery Types

Direct Payment Protocol Specification 1.1 1-61 Transaction Requests October 2005

Transaction Lookup If the merchant application makes an Authorization or Purchase request and does not receive a response, implement the following recovery process: 1. Execute a Transaction Lookup transaction, specifying the merchant transaction number you provided in the original request. 2. If the Transaction Lookup returns the transaction number, execute a Query request (see Query on page 1-66), specifying this transaction number as well as the merchant transaction number provided in the original Authorization or Purchase request. The response to this query will contain the Authorization code, the Authorization date, and AVS information that would have been returned in the response to the original request. At this point, the transaction has been corrected. 3. If the Transaction Lookup does not return a transaction number, then the transaction may have failed with a specific error code. Use the Activity Report tool to search for the transaction, using search criteria such as the amount, merchant transaction ID, and date. 4. If neither the Transaction Lookup nor the Activity Report locates your transaction, then retry the original request.

The Transaction Lookup transaction draws heavily on computing resources, because a number of transactions must be searched for the matching merchant transaction number. The request does allow, however, the merchant to specify the searchStart and searchWindow parameters, which reduces the number of transactions to search, thus accelerating the recovery of the information desired. Merchants should provide this information whenever possible.

Transaction Lookup message format The Transaction Lookup request may contain the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Mandatory/Optional column):

1-62 October 2005 Transaction Lookup

Transaction Mandatory/ Data Type Description Lookup Parameter Optional

account n ..10 The merchant account against which the request is made.

merchantTxn a ..255 A unique ID number associated with each request. This value is created by the merchant and submitted as part of the request.

operation a 2 Signifies the transaction requested. Must be set to FT for Transaction Lookup.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

searchStart n ..10 The time from which transactions will be included in the search. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970). If this value is not specified, then it is set to the current time minus the number of seconds specified by the search window.

NOTE: The time that the Transaction Lookup begins equals the startSearch value minus the searchWindow value. Therefore, the Transaction Lookup in fact ends at the time you specify in the searchStart parameter. For this reason, if you do not want to use the default values, set the searchStart value to a time later than the time you attempted the transaction you are searching for, and set the searchWindow value to extend to before the time you attempted the transaction you are searching for. E.g., if you attempted a transaction at 9:05, set the searchStart parameter to 9:07 and the searchWindow parameter to 600. The Transaction Lookup will then search from 8:57 to 9:07, therefore finding the transaction you attempted at 9:05.

Table 1-31: Transaction Lookup Request Transaction Parameters

Direct Payment Protocol Specification 1.1 1-63 Transaction Requests October 2005

Transaction Mandatory/ Data Type Description Lookup Parameter Optional

searchWindow n ..4 The length, in seconds, of the period of transaction history in which transactions are searched for. If not specified, it defaults to 300 seconds (5 minutes). If, in addition, the searchStart value is not supplied, it defaults to the current time. Thus if neither the searchStart nor the search- Window values are specified, the search includes all transactions that occurred during the period beginning five minutes prior to the current time up to the current time. In most cases this search should find the failed transaction.

custName1 an ..255 The customer’s name, or some identifier assigned to the customer. This value must be all the characters specified in the custName1 field in the original Authorization or Purchase request, up to but not including the first space character. NOTE: Specifying this value accelerates the search.

email a ..255 The customer’s email address. This value must be the same as that specified in the original Authorization or Purchase request. NOTE: Specifying this value accelerates the search.

Table 1-31: Transaction Lookup Request Transaction Parameters (Continued)

1-64 October 2005 Transaction Lookup

Transaction Mandatory/ Data Type Description Lookup Parameter Optional

merchantId a ..80 The merchant ID associated with the merchant.

merchantPwd ans ..20 The password associated with the merchant ID specified.

Table 1-31: Transaction Lookup Request Transaction Parameters (Continued)

Transaction Lookup successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

Parameter Data Type Description

status a ..2 C indicates that the search has been completed and the requested transaction found. NF indicates that no matching transaction was found within the specified search window.

txnNumber n ..10 The transaction number associated with the merchant transaction number that was specified in the request. This value is only returned if the status is C.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-32: Transaction Lookup Successful Response Parameters

Transaction Lookup error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred.

Table 1-33: Transaction Lookup Error Response Parameters

Direct Payment Protocol Specification 1.1 1-65 Transaction Requests October 2005

Parameter Data Type Description

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n 3 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

actionCode a ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-33: Transaction Lookup Error Response Parameters (Continued)

Query If the merchant application has made a Transaction Lookup request and has to follow it up with a Query, or makes a Settlement or Credit request and does not receive a response, execute the following recovery process. 1. Execute a Query request specifying the same payment server transaction number and merchant transaction number that were specified in the response to the Transaction Lookup, Settlement, or Credit request. 2. If the response to the Query request indicates that the transaction was found, then the merchant application knows the request was processed and can continue normal processing. 3. If the response to the Query request indicates that the transaction could not be found, then retry the original request. At this point, the transaction has been corrected.

1-66 October 2005 Query

Query message format The Query request contains the following parameters (see Definitions and conventions on page 1-5 for explanation of symbols in the Manda- tory/Optional column):

Query Mandatory/ Data Type Description Parameter Optional

account n ..10 The merchant account against which the request is made.

txnNumber n ..10 The transaction number the transaction processor returned in response to the original Authoriza- tion or Purchase request.

operation a 1 Signifies the transaction requested. Must be set to Q for Query.

clientVersion an ..4 The protocol version. This must be set to 1.1 in order to use the current functionality.

merchantTxn a ..255 A unique ID number associated with each request. This value was created by the merchant and submitted as part of the original Authorization or Purchase request.

merchantId a ..80 The account transaction processing ID associated with the merchant.

merchantPwd ans ..20 The account transaction processing password associated with the merchant ID specified.

Table 1-34: Query Transaction Request Parameters

Direct Payment Protocol Specification 1.1 1-67 Transaction Requests October 2005

Query successful response If the transaction request is successful, the transaction processor returns a response message with the following parameters:

1-68 October 2005 Query

Parameter Data Type Description

status a ..2 Authorization • A = Authorized •F = Failed • S = Fully settled • PS = Partially settled • M = Manual intervention required Settlement • P = Pending. The request is processed the next time the batch Settlement job runs. • C = Complete. The request is completed. • E = Error • AB = The request was aborted. Credit • PA = Pending approval • P = Pending. The request will be processed the next time the batch settlement job runs. • C = Complete. The request is completed. • E = Error • R = Rejected Purchase • P = Pending. The request is processed the next time the batch Settlement job runs. • C = Complete. The request is completed. Errors • F = Failed. The request failed. You may want to query the sub-request you are querying in order to get more information. • NF = The request was not found. No request was made that specified the transaction number and the merchant transaction number requested. • U = The request was of an unknown type.

Table 1-35: Query Successful Response Parameters

Direct Payment Protocol Specification 1.1 1-69 Transaction Requests October 2005

Parameter Data Type Description

txnType a ..2 The type of the request associated with the specified transaction number and merchant transaction number. It will be one of the following: • A = Authorization • P = Purchase • S = Settlement • C = Credit • U = Unknown

pmtError a 1 Returned only if the request can be retried. It can be one of the following: • I - kPmtErrorUserRetry An error occurred. Please contact technical support. • M - kPmtErrorOperatorRetry A payment agent action has failed, requiring user intervention. Please contact technical support. • S - kPmtErrorSystemRetry A payment agent action has failed. Retry the request. If multiple failures occur, please contact technical support.

authCode a ..20 The Authorization code assigned by the issuing bank and returned by the transaction processor. Returned only if the request queried is Purchase, Authorization, or Settlement.

authTime n ..10 The time at which the Authorization was completed. This time is represented as the number of seconds since 00:00:00 UTC (1 January 1970). Returned only if the request queried is Purchase, Authorization, or Settlement.

Table 1-35: Query Successful Response Parameters (Continued)

1-70 October 2005 Query

Parameter Data Type Description

avsInfo a ..6 The AVS code associated with the request. Format is X + information, where X is an AVS code (see the appropriate SDK) and information is any additional information provided by Direct Payment. NOTE: The request will only be successful if the AVS code was one of the values acceptable for the brand used. Therefore, the AVS information returned simply indicates how the request matched the set that was acceptable. Returned only if the request queried is Purchase, Authorization, or Settlement.

txnNumber n ..10 The transaction number assigned to this Query request. NOTE: This transaction number is assigned to this Query request, and is different from the transaction number assigned to the original Authorization or Purchase request being queried.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-35: Query Successful Response Parameters (Continued)

Query error response If the transaction cannot be processed as requested, an error response is returned. This response contains some of the following parameters:

Parameter Data Type Description

status a 1 E indicates that an error occurred

Table 1-36: Query Error Response Parameters

Direct Payment Protocol Specification 1.1 1-71 Transaction Requests October 2005

Parameter Data Type Description

errCode n ..4 An integer value associated with the error that occurred. See Appendix A: Error Return Codes for an explanation of the error code.

errString a ..255 String that describes the error that occurred. See Appendix A: Error Return Codes for an explanation of the error string.

subError n 3 Lower level error that occurred. This value is only used when trying to resolve issues in co- operation with technical support.

subErrorString a ..255 String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

actionCode a ..10 The action code as defined in the list of errors (AR, CP, IE, MP, SR). See Action codes on page A-2 for more information.

clientVersion an ..4 The protocol version included with the original transaction.

Table 1-36: Query Error Response Parameters (Continued)

1-72 APPENDIX A

Error Return Codes

Error message types There are two classes of error messages associated with the use of the Direct Payment protocol for the Optimal Payments transaction processing server: • Payment service errors, related to processing the request • Errors generated by your own application that is configured to implement the payment service The errors that could occur on the payment service side are listed below. The status, error code, and error string for any such error are returned to the merchant application.

Payment service error messages If, after sending a transaction request, you receive an error message from the payment service, some or all of the following parameters are returned (in addition to some request-specific parameters):

Parameter Description

status E indicates that an error occurred.

errCode An integer value associated with the error that occurred.

errString String that describes the error that occurred.

subError Lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

subErrorString String that describes the lower level error that occurred. This value is only used when trying to resolve issues in co-operation with technical support.

Table A-1: Error Message Parameters

Direct Payment Protocol Specification 1.1 A-1 Error Return Codes October 2005

Parameter Description

clientVersion The version of the protocol that the payment service is running.

Table A-1: Error Message Parameters

Action codes The payment service returns an error code and an error string for any error encountered. There is also an action code associated with each error (not returned by the payment service). In the table in Error codes and strings below, find the error code returned to you in order to find the action code associated with it. The meanings for the action code abbreviations are as follows: • AR = Authorization Refused. The card cannot be authorized. Ask the user to verify credit card information or to use a different credit card. • CP = Customer Parameter. The customer has provided incorrect information. Ask the customer to correct the information. • IE = Internal Error. There is a problem on the system that you should report to technical support. You should also determine the status of the transaction using a Transaction Lookup request. • MP = Merchant Parameter. Your application has provided incorrect information. Verify your information. • SR = Service is Restarting. Please retry later.

Error codes and strings The table immediately below contains all the error codes and error strings that might be returned while sending transaction requests, in addition to action codes (which are not returned by the payment service). The right-most column lists the action codes associated with each error.

A-2 October 2005 Error codes and strings

Error Error String Description Action Code Code

1 Error in HTTP environment. HTTP level used not supported by IE server side. Should not occur.

2 No response from process within After the transaction was sent, no IE timeout settings. Please do a response was received, because the Transaction Lookup to deter- transaction was never processed. mine the transaction status. The clearing network could be down.

3 Payment service is currently Our gateway process connecting to SR restarting. Retry later. If the prob- a clearing house is temporarily lem persists, please contact tech- down – most likely due to a restart nical support. because of connectivity problems with the clearing house.

4 Could not read configuration Server side error. Should not occur. IE file. Please contact technical support.

5 Request method Get not Only POST method is supported. MP allowed.

20 Remote validation error. Please One of the required parameters is MP verify request parameters. not valid.

21 Request validation failed. Please One of the required parameters is MP verify request parameters. not valid.

30 Request processing failure. Server side error. Unlikely to occur, IE Please contact technical support. but could happen as a result of a configuration error.

31 Request processing failure. Server side error. Should not occur. IE Please contact technical support.

32 Request not accepted. Please This error occurs if the request MP verify request parameters. comes from an IP not configured for the merchant.

Table A-2: Error Codes and Strings

Direct Payment Protocol Specification 1.1 A-3 Error Return Codes October 2005

Error Error String Description Action Code Code

33 Failed to process request. Please The transaction processing server SR retry the transaction. was temporarily too busy. Retry the transaction.

34 Authorization refused. This error usually results from a AR hard decline from the clearing house, or from declines due to fraud prevention measures. A suberror code occurs in the latter case.

56 Invalid amount. Please verify An amount greater than the range IE (MP) request parameters. supported was entered.

57 Invalid CVD indicator. Please An incorrect value was used for the IE (MP) verify request parameters. cvdIndicator parameter.

58 Invalid CVD value. Please verify An incorrect value was used for the IE (MP) request parameters. cvdValue parameter.

63 Invalid account ID. Please verify Some account ID values sent with MP request parameters. the transaction do not correspond with the values stored in the our database (e.g., incorrect merchantPwd entered).

91 Invalid payment information. The card number, the brand, expiry CP Please verify request parameters date, or a combination thereof is incorrect. The suberror text describes the problem in more detail.

92 Invalid payment method. Please A transaction was attempted with MP verify request parameters. an incorrect value entered for the payment method (payMethod) parameter.

Table A-2: Error Codes and Strings

A-4 October 2005 Error codes and strings

Error Error String Description Action Code Code

93 Invalid card type. Please verify This error results when a transaction CP request parameters. is attempted with a card type that is not supported.

101 Internal error. Please contact Server side error. Should not occur. IE technical support.

111 Could not assign name. Please A transaction was attempted with CP verify request parameters. the wrong data type entered for the name parameter.

113 Could not assign address. Please A transaction was attempted with CP verify request parameters. the wrong data type entered for the address parameter.

116 Could not assign province. A transaction was attempted with CP Please verify request parameters. the wrong data type entered for the province parameter.

117 Could not assign zip. Please ver- A transaction was attempted with CP ify request parameters. the wrong data type entered for the zip parameter.

118 Could not assign country. Please A transaction was attempted with CP verify request parameters. the wrong data type entered for the country parameter.

119 Could not assign email. Please A transaction was attempted with CP verify request parameters. the wrong data type entered for the email parameter.

120 Could not assign phone number. A transaction was attempted with CP Please verify request parameters. the wrong data type entered for the phone number parameter.

121 Could not assign merchantTxn. A transaction was attempted with MP Please verify request parameters. the wrong data type entered for the merchantTxn parameter.

Table A-2: Error Codes and Strings

Direct Payment Protocol Specification 1.1 A-5 Error Return Codes October 2005

Error Error String Description Action Code Code

130 Invalid expiry date value. Please The expiry date is incorrect. MP verify request parameters.

131 Operation not supported. Please The transaction attempted is MP verify request parameters. unknown (Purchase or Credit are examples of known transaction types), or the account is not configured for the transaction attempted.

132 Missing mandatory parameters A field that is mandatory for the MP for operation. Please verify transaction (e.g., cardType) was not request parameters. sent with the transaction.

133 Invalid amount format. Should The amount of a transaction must MP be integer. Please verify request be given with no decimal (e.g., parameters. $4.95 = 495).

134 Invalid client version. Please ver- The clientVersion parameter must MP ify request parameters. be set to 1.1 in order to use current functionality.

137 Invalid zip code length. Please The zip parameter must be a maxi- MP verify request parameters. mum of 10 alphanumeric characters.

138 Invalid zip code length. Please The zip parameter must be a maxi- MP verify request parameters. mum of 10 alphanumeric characters.

139 Invalid expiry date format. The format for the cardExp parame- MP Please verify request parameters. ter must be “MM/YY”. E.g., September 2003 = 09/03

161 Not authorized to make request. The user name and/or password MP Please verify request parameters. included with the Settlement transaction request are not correct. These are the merchantId and mer- chantPwd parameters, respectively.

Table A-2: Error Codes and Strings

A-6 October 2005 Error codes and strings

Error Error String Description Action Code Code

163 Invalid txnNumber. Please verify The authorization number included MP request parameters. with the Settlement transaction request is not correct or cannot be found.

174 Request failed. Please contact Server side error. Should not occur. IE technical support.

175 Requested Settlement exceeds A Settlement transaction request MP remaining Authorization. must be equal to or less than the amount remaining to settle on an Authorization.

176 Invalid settlement amount. A Settlement transaction request MP must be equal to or less than the amount remaining to settle on an Authorization.

178 Transaction already fully settled. There is no amount remaining to MP settle on the original Authorization.

209 Payment brand not in store list. The transaction request was sent MP with a credit card type for which the account is not configured.

210 Payment instrument error. Please Server side error. Should not occur. CP verify request parameters.

212 Authorization refused – AVS did This error occurs when AVS fails on AR not match. a transaction that otherwise would have been successful.

213 The Authorization was aborted. Server side error. Should not occur. AR

221 Authorization failed. The transaction was not authorized. AR The suberror text describes the problem in more detail.

222 Currency mismatch with store. Server side error. Should not occur. MP

Table A-2: Error Codes and Strings

Direct Payment Protocol Specification 1.1 A-7 Error Return Codes October 2005

Error Error String Description Action Code Code

234 Settlement refused because A Settlement was attempted on a MP credit card did not pass negative credit card that was entered into database check. the negative database after the authorization that you are trying to settle was approved.

281 Not authorized to make request. The user name and/or password MP Please verify request parameters. included with the Query transaction request are not correct. These are the merchantId and merchant- Pwd parameters, respectively.

284 Invalid transaction number. The transaction number included MP Please verify request parameters. with the Query transaction request cannot be found.

311 Not authorized to make request. The user name and/or password MP Please verify request parameters. included with the Transaction Lookup transaction request are not correct. These are the merchantId and merchantPwd parameters, respectively.

321 Not authorized to make request. • The user name and/or password MP Please verify request parameters. included with the transaction request are not correct. These are the merchantId and merchant- Pwd parameters, respectively; or • The transaction originates from an IP address for which the account is not configured; or • The account has been disabled.

Table A-2: Error Codes and Strings

A-8 October 2005 Error codes and strings

Error Error String Description Action Code Code

331 Not authorized to make request. The user name and/or password MP Please verify request parameters. included with the Credit transaction request are not correct. These are the merchantId and merchant- Pwd parameters, respectively.

333 Invalid txnNumber. Please verify The authorization number included MP request parameters. with the Credit transaction request is not correct or cannot be found.

334 Credit refused because credit A Credit was attempted to a credit MP card did not pass negative data- card that was entered into the neg- base check. ative database after the Settlement that you are trying to credit was completed.

345 Requested Credit exceeds A Credit transaction request must MP remaining funds settled. be equal to or less than the amount of funds available to credit (i.e., the amount settled for that credit card).

346 Invalid credit amount. A Credit transaction request must MP be equal to or less than the amount of funds available to credit (i.e., the amount settled for that credit card).

347 Internal error. Please contact The Credit transaction could not be IE technical support. processed because this card brand has been disabled for this merchant account.

348 No settled funds available for A Credit transaction request can MP credit. only be made on a credit card that has settled amounts remaining on it.

Table A-2: Error Codes and Strings

Direct Payment Protocol Specification 1.1 A-9 Error Return Codes October 2005

Error Error String Description Action Code Code

353 Unknown txnNumber. Please The transaction number included MP verify request parameters. with the Settlement transaction request is incorrect.

356 Unknown merchant transaction, A Credit transaction request was MP already fully credited, or no attempted where there were no amount available for credit. funds remaining to be settled.

600 Invalid shipment method. Please A transaction was attempted with MP verify request parameters. an incorrect value entered for the shipment method (shipMethod) parameter.

601 Invalid carrier. Please verify A transaction was attempted with MP request parameters. an incorrect value entered for the carrier parameter.

651 Invalid previous customer. A transaction was attempted with MP Please verify request parameters. an incorrect value entered for the previousCustomer parameter, which indicates whether the customer has previously shopped online with this merchant.

652 Invalid customer ID. Please ver- A transaction was attempted with MP ify request parameters. an incorrect value entered for the customerId parameter.

653 Invalid customer IP. Please verify A transaction was attempted with MP request parameters. an incorrect value entered for the customer’s IP address (customerIP) parameter.

701 Invalid product type. Please ver- A transaction was attempted with MP ify request parameters. an incorrect value entered for the product type (productType) parameter.

Table A-2: Error Codes and Strings

A-10 October 2005 Error codes and strings

Error Error String Description Action Code Code

702 Invalid product code. Please ver- A transaction was attempted with MP ify request parameters. an incorrect value entered for the product code (productCode) parameter.

731 Invalid transaction category. A transaction was attempted with MP Please verify request parameters. an incorrect value entered for the transaction category (txnCategory) parameter.

751 Invalid merchant SIC code. A transaction was attempted with MP Please verify request parameters. an incorrect value entered for the ISO Standard Industry Code (merchantSIC) parameter.

752 Invalid customer account open A transaction was attempted with MP date. Please verify request an incorrect value entered for the parameters. parameter indicating the date the customer account was opened (custAcctOpenDate).

771 Invalid user data. Please verify A transaction was attempted with MP request parameters. an incorrect value entered for a user data (e.g., userData04) parameter.

Table A-2: Error Codes and Strings

The merchant application should not encounter internal errors during normal operation of the payment service. If they are encountered, contact technical support.

Direct Payment Protocol Specification 1.1 A-11 Error Return Codes October 2005

Suberror codes and strings

Suberror Suberror String Action Code Code

1000 Approval AR

1001 Unknown response from clearing network AR

1002 Clearing network response is Reenter AR

1003 Clearing network response is Referral AR

1004 Clearing network response is Pickup AR

1005 Clearing network response is Decline AR

1006 Clearing network response is Timeout AR

1007 Card in negative database AR

1008 Invalid merchant number AR

1010 CVV2 check failed AR

1011 Approved with ID AR

1012 Invalid request AR

1013 Invalid amount AR

1014 Invalid account AR

1015 Retry AR

1016 Invalid expiry date AR

1017 PIN invalid AR

1018 Unauthorized transaction AR

1019 Max PIN retries AR

1020 Duplicate transaction AR

1021 Invalid account match AR

1022 Invalid amount match AR

Table A-3: Suberror Codes and Strings

A-12 October 2005 Suberror codes and strings

Suberror Suberror String Action Code Code

1023 Invalid item number AR

1024 Item voided AR

1025 Must balance now AR

1026 Use duplicate AR

1027 No duplicate found AR

1028 Invalid data AR

1029 No transaction found AR

1030 Approved but not captured AR

1031 Approved auth only AR

1032 Invalid bank ID AR

1034 Transaction type invalid AR

1035 Approved debit AR

1036 DB unavailable2 AR

1037 DB unavailable3 AR

1038 DB unavailable4 AR

1039 Unauthorized user AR

1040 Invalid card AR

1041 DB issuer unavailable AR

1042 Invalid pos card AR

1043 Account type invalid AR

1044 Invalid prefix AR

1045 Invalid FIID AR

1046 Verify AR

Table A-3: Suberror Codes and Strings

Direct Payment Protocol Specification 1.1 A-13 Error Return Codes October 2005

Suberror Suberror String Action Code Code

1047 Invalid LIC AR

1048 Invalid state AR

1049 EDC unavailable AR

1050 DB unavailable1 AR

1051 Scan unavailable AR

1052 Exceeds max amount AR

1053 Exceeds max uses AR

1054 Unable to process AR

1055 Invalid request for terminal AR

1056 Invalid date AR

1057 Invalid format AR

1058 No pickup AR

1059 No funds available AR

1060 Exceed limit AR

1061 Restricted card AR

1062 Mac key incorrect AR

1063 Exceed frequency limit AR

1064 Retain card AR

1065 Late response AR

1067 No share arrangement AR

1068 Function unavailable AR

1069 Invalid key AR

1070 Invalid lifecycle trans AR

Table A-3: Suberror Codes and Strings

A-14 October 2005 Unmapped suberror codes and strings

Suberror Suberror String Action Code Code

1071 Pin key error AR

1072 Mac sync error AR

1073 Security violation AR

1074 IST unavailable AR

1075 Invalid issuer AR

1076 Invalid acquirer AR

1077 Invalid originator AR

1078 System error AR

1079 Duplicate reversal AR

1081 Credit card is blocked AR

1082 Credit card is stolen AR

1083 Credit card is forged AR

1085 Credit card is expired AR

4000 Declined by Risk Management AR

Table A-3: Suberror Codes and Strings

Unmapped suberror codes and strings An unmapped suberror code and suberror string are returned in the event that a suberror response is not mapped to a standard 4-digit suberror code and string. All unmapped suberror codes are between 0 and 999, making them easy to differentiate from our suberror codes, which are all greater than 1000.

Direct Payment Protocol Specification 1.1 A-15 Error Return Codes October 2005

A-16 APPENDIX B

Geographical Codes

Province codes

Province Code Alberta AB British Columbia BC Manitoba MB New Brunswick NB Newfoundland NL Nova Scotia NS Northwest Territories NT Nunavut NU Ontario ON Prince Edward Island PE Quebec QC Saskatchewan SK Yukon YT

Table B-1: Province Codes

Direct Payment Protocol Specification 1.1 B-1 Geographical Codes October 2005

State codes

State Code State Code Alabama AL Alaska AK Arizona AZ Arkansas AR California CA Colorado CO Connecticut CT Delaware DE District of Columbia DC Florida FL Georgia GA Hawaii HI Idaho ID Illinois IL Indiana IN Iowa IA Kansas KS Kentucky KY Louisiana LA Maine ME Maryland MD Massachusetts MA Michigan MI Minnesota MN Mississippi MS Missouri MO Montana MT Nebraska NE Nevada NV New Hampshire NH New Jersey NJ New Mexico NM New York NY North Carolina NC North Dakota ND Ohio OH Oklahoma OK Oregon OR Pennsylvania PA Rhode Island RI South Carolina SC South Dakota SD Tennessee TN Texas TX Utah UT Vermont VT Virginia VA Washington WA West Virginia WV Wisconsin WI

Table B-2: State Codes

B-2 October 2005 Country codes

State Code State Code Wyoming WY Canada CN International IT Puerto Rico PR U.S. Virgin Islands VI Northern Mariana Is. MP Guam GU American Samoa AS Palau PW Armed Forces Americas AA Armed Forces Europe AE Armed Forces Pacific AP United States Federal US

Table B-2: State Codes

Country codes

Country Code Country Code Afghanistan AF Albania AL Algeria DZ American Samoa AS Andorra AD Angola AO Anguilla AI Antarctica AQ Antigua and Barbuda AG Argentina AR Armenia AM Aruba AW Australia AU Austria AT Azerbaijan AZ Bahamas BS Bahrain BH Bangladesh BD Barbados BB Belarus BY Belgium BE Belize BZ Benin BJ Bermuda BM Bhutan BT Bolivia BO Bosnia and Herzegovina BA Botswana BW

Table B-3: Country Codes

Direct Payment Protocol Specification 1.1 B-3 Geographical Codes October 2005

Country Code Country Code Bouvet Island BV Brazil BR British Indian Ocean Territory IO Brunei Darussalam BN Bulgaria BG Burkina Faso BF Burundi BI Cambodia KH Cameroon CM Canada CA Cape Verde CV Cayman Islands KY Central African Republic CF Chad TD Chile CL China CN Christmas Island CX Cocos (Keeling) Islands CC Colombia CO Comoros KM Congo CG Cook Islands CK Costa Rica CR Côte D’Ivoire CI Croatia HR Cuba CU Cyprus CY Czech Republic CZ Denmark DK Djibouti DJ Dominica DM Dominican Republic DO East Timor TP Ecuador EC Egypt EG El Salvador SV Equatorial Guinea GQ Eritrea ER Estonia EE Ethiopia ET Falkland Islands FK Faroe Islands FO Fiji FJ Finland FI France FR Metropolitan France FX French Guiana GF French Polynesia PF French Southern Territories TF Gabon GA Gambia GM Georgia GE

Table B-3: Country Codes

B-4 October 2005 Country codes

Country Code Country Code Germany DE Ghana GH Gibraltar GI Greece GR Greenland GL Grenada GD Guadeloupe GP Guam GU Guatemala GT Guernsey GG Guinea GN Guinea-Bissau GW Guyana GY Haiti HT Heard and McDonald Islands HM Honduras HN Hong Kong HK Hungary HU Iceland IS India IN Indonesia ID Iran (Islamic Republic of) IR Iraq IQ Ireland IE Isle of Man IM Israel IL Italy IT Jamaica JM Japan JP Jersey JE Jordan JO Kazakhstan KZ Kenya KE Kiribati KI Korea, Democratic People’s KP Korea, Republic of KR Republic Kuwait KW Kyrgyzstan KG Lao People’s Democratic LA Latvia LV Republic Lebanon LB Lesotho LS Liberia LR Libyan Arab Jamahiriya LY Liechtenstein LI Lithuania LT Luxembourg LU Macau MO Macedonia MK Madagascar MG

Table B-3: Country Codes

Direct Payment Protocol Specification 1.1 B-5 Geographical Codes October 2005

Country Code Country Code Malawi MW Malaysia MY Maldives MV Mali ML Malta MT Marshall Islands MH Martinique MQ Mauritania MR Mauritius MU Mayotte YT Mexico MX Micronesia, Federated States of FM Moldova, Republic of MD Monaco MC Mongolia MN Montserrat MS Morocco MA Mozambique MZ Myanmar MM Namibia NA Nauru NR Nepal NP The Netherlands NL New Caledonia NC New Zealand NZ Nicaragua NI Niger NE Nigeria NG Niue NU Norfolk Island NF Northern Mariana Islands MP Norway NO Oman OM Pakistan PK Palau PW Panama PA Papua New Guinea PG Paraguay PY Peru PE Philippines PH Pitcairn PN Poland PL Portugal PT Puerto Rico PR Qatar QA Reunion RE Romania RO Russian Federation RU Rwanda RW Saint Kitts and Nevis KN

Table B-3: Country Codes

B-6 October 2005 Country codes

Country Code Country Code Saint Lucia LC Saint Vincent and the Grena- VC dines Samoa WS San Marino SM Sao Tome and Principe ST Saudi Arabia SA Senegal SN Seychelles SC Sierra Leone SL Singapore SG Slovakia (Slovak Republic) SK Slovenia SI Solomon Islands SB Somalia SO South Africa ZA Spain ES Sri Lanka LK St. Helena SH St. Pierre and Miquelon PM Sudan SD Suriname SR Svalbard and Jan Mayen Islands SJ Swaziland SZ Sweden SE Switzerland CH Syrian Arab Republic SY Taiwan TW Tajikistan TJ Tanzania, United Republic of TZ Thailand TH Togo TG Tokelau TK Tonga TO Trinidad and Tobago TT Tunisia TN Turkey TR Turkmenistan TM Turks and Caicos Islands TC Tuvalu TV Uganda UG Ukraine UA United Arab Emirates AE United Kingdom GB United States US United States Minor Outlying UM Uruguay UY Islands Uzbekistan UZ Vanuatu VU Vatican City State (Holy See) VA Venezuela VE

Table B-3: Country Codes

Direct Payment Protocol Specification 1.1 B-7 Geographical Codes October 2005

Country Code Country Code Vietnam VN Virgin Islands (British) VG Virgin Islands (U.S.) VI Wallis and Futuna Islands WF Western Sahara EH Yemen YE Yugoslavia YU Zaire ZR Zambia ZM Zimbabwe ZW

Table B-3: Country Codes

B-8 APPENDIX C

Merchant SIC Codes

Code Description

0069 Adult

0742 Veterinary Services

0763 Agricultural Cooperatives

0780 Horticultural and Landscaping Services

1520 General Contractors – Residential and Commercial

1711 Air Conditioning, Heating, and Plumbing Contractors

1731 Electrical Contractors

1740 Insulation, Masonry, Plastering, Stonework, and Tile Setting Contractors

1750 Carpentry Contractors

1761 Roofing and Siding, Sheet Metal Work Contractors

1771 Concrete Work Contractors

1799 Contractors, Special Trade – Not Elsewhere Classified

2741 Miscellaneous Publishing & Printing

2791 Typesetting, Plate Making, & Related Services

2842 Specialty Cleaning, Polishing, & Sanitation Preparation

3000 United Airlines

3001 American Airlines

3002 Pan American

3003 Eastern Airlines

Table C-1: Merchant SIC Codes

Direct Payment Protocol Specification 1.1 C-1 Merchant SIC Codes October 2005

Code Description

3004 Trans World Airlines

3005 British Airways

3006 Japan Air Lines

3007 Air France

3008 Lufthansa Airlines

3009 Air Canada

3010 Royal Dutch Airlines (KLM)

3011 Aeroflot

3012 Qantas Airlines

3013 Alitalia Airlines

3014 Saudi Arabian Airlines

3015 Swissair

3016 Scandinavian Airline Systems (SAS)

3017 South African Airways

3018 Varig Airlines (Brazil)

3019 CP Air (Canada)

3020 Air India

3021 Air Algerie

3022 Philippine Airlines

3023 Mexicana Airlines

3024 Pakistan International Airlines

3025 Air New Zealand Limited International

3026 BCAL (British Caledonian Airlines)

Table C-1: Merchant SIC Codes (Continued)

C-2 October 2005

Code Description

3027 Union de Transports Aeriens

3028 Air Malta

3029 Sabena Airlines

3030 Aerolineas Argentinas

3031 Olympic Airways

3032 El Al Airlines

3033 Ansett Airlines

3034 Australian Airways (TAA)

3035 TAP Airlines (Portugal)

3036 VASP Airlines (Brazil)

3037 EgyptAir

3038 Kuwait Airways

3039 Avianca Airlines

3040 Gulf Air (Bahrain)

3041 Balkan-Bulgarian Airlines

3042 Finnair

3043 Aer Lingus Airlines

3044 Transbras Airlines

3045 Nigeria Airways

3046 Cruzeiro Do Sul Airlines (Brazil)

3047 THY Airlines (Turkey)

3048 Royal Air Maroc

3049 Tunis Air

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-3 Merchant SIC Codes October 2005

Code Description

3050 Icelandair

3051 Austrian Airlines

3052 Lan-Chile Airlines

3053 Aviaco Airlines (Spain)

3054 Ladeco Airlines (Chile)

3055 LAB Airlines (Bolivia)

3056 Quebecaire

3057 East-West Airlines (Australia)

3058 Delta Airlines

3059 Republic Airways

3060 Northwest Airlines

3061 Continental Airlines

3062 Western Airways

3063 U.S. Air

3064 Braniff Airlines

3065 Air Inter

3066 Southwest Airlines

3067 Ozark Air

3068 Texas International Airlines

3070 PSA (Airline)

3071 Air British Columbia

3072 Frontier Airlines

3073 A... (Unknown Airline)

Table C-1: Merchant SIC Codes (Continued)

C-4 October 2005

Code Description

3074 Wien Alaska Airlines

3075 Singapore Airlines

3076 Aeromexico Airlines

3077 Thai Airways

3078 China Airlines

3079 Amtrak (Visa Only)

3080 Pacific Western Airlines

3081 Nordair Airlines

3082 Korean Airlines

3083 Air Afrique

3084 Eva Airways

3085 Midwest Express Airlines

3086 Carnival Airlines

3087 Metro Airways

3088 Croatia Airlines

3089 Ransome Airlines

3090 Rio Sul

3091 Pennsylvania Airlines

3092 Midway Airlines

3093 Air Ontario

3094 Zambia Airways

3095 Wardair (Canada)

3096 Air Zimbabwe

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-5 Merchant SIC Codes October 2005

Code Description

3097 Air New South Wales

3098 Air Niugini

3099 Cathay Pacific Airlines

3100 Malayslan Airline System

3101 UTA French Airlines

3102 Iberia Airlines

3103 Garuda Airlines (Indonesia)

3104 Alla (Jordan)

3105 Piedmont Airlines

3106 Braathens S.A.F.E. Airlines (Norway)

3107 Wright Airlines

3108 World Airways

3109 Wings West Airlines

3110 Wings Airlines

3111 British Midland

3112 Windward Island Airlines

3113 Will’s Air

3114 Wheeler Airlines

3115 Westair Commuter

3116 Voyageur Airways

3117 Venezolana International de Aviacion

3118 Valley Airlines

3119 Trans Colorado Airlines

Table C-1: Merchant SIC Codes (Continued)

C-6 October 2005

Code Description

3120 Trans Central Airlines

3121 Transamerica Airlines

3122 Torontair

3123 Time Air

3124 Tennessee Airways

3125 Tan Airlines

3126 Talair

3127 Taca International Airlines

3128 Talair

3129 Surinam Airways

3130 Sunworld International Airlines

3131 Sun West Airlines

3132 Sunbird Airlines

3133 Sunbelt Airlines

3134 Sun Air

3135 Sudan Airways

3136 Sky West Airlines

3137 Singleton Airlines

3138 Simmons Airlines

3139 SFO Helicopter Air

3140 Semo Aviation

3141 SEAir Alaska

3142 Scheduled Skyways

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-7 Merchant SIC Codes October 2005

Code Description

3143 Scenic Airlines

3144 Virgin Atlantic

3145 San Juan Airlines

3146 Luxair

3147 Royal Hawaiian Air

3148 Royal Airlines

3150 Rocky Mountain Airways

3151 Air Zaire

3152 Rio Airways

3153 Pro Air Service

3154 Princeville Airlines

3155 Prinair

3156 Precision Airlines

3157 Pioneer Airlines

3158 Pilgrim Airlines

3159 Provincetown-Boston Airways

3160 Pacific Southwest Airlines

3161 All Nippon Airways

3162 Pacific Coast Airlines

3163 Northeastern International

3164 Norontair

3165 New York Helicopter

3166 New York Air

Table C-1: Merchant SIC Codes (Continued)

C-8 October 2005

Code Description

3167 New England Airlines

3168 Newair

3169 Muse Air Corporation

3170 Mount Cook Airlines

3171 Canadian Airlines International

3172 Nation Air

3173 Mississippi Valley Air

3174 Midstate Airlines

3175 Middle East Air

3176 Metroflight Airlines

3177 Mesaba Aviation

3178 Mesa Air

3179 Marco Island Airways

3180 Mall Airways

3181 Malev Hungarian Airlines

3182 LOT-Polish Airlines

3183 Long Island Airlines

3184 LIAT Airlines

3185 LAV Linea Aeropostal Venezolana

3186 LAP Lineas Aereas Paraguayas

3187 LACSA Airlines (Costa Rica)

3188 Jetstream International Airlines

3189 Jet American Airlines

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-9 Merchant SIC Codes October 2005

Code Description

3190 Jugoslav Air

3191 Island Airlines

3192 Iran Airlines

3193 Indian Airlines

3194 Imperial Airlines

3195 Holiday Airlines

3196 Hawaiian Air

3197 Havasu Airlines

3198 Harbor Airlines

3200 Guyana Airways

3201 Gull Air

3202 Green Hills Aviation

3203 Golden Pacific Air

3204 Freedom Airlines

3205 Florida Express Airlines

3206 First Air

3207 Empresa Ecuatoriana Airlines

3208 East Hampton Aire

3209 Eastern Prov. Airways

3210 Eagle Commuter Airlines

3212 Dominicana de Aviacion

3213 Direct Air

3214 Desert Sun Airways

Table C-1: Merchant SIC Codes (Continued)

C-10 October 2005

Code Description

3215 Dan Air Services

3216 Cumberland Airlines

3217 CSA Ceskoslovenske Aerolinie

3218 Crown Air

3219 Compania Panamena de Aviacion (Copa)

3220 Compania Faucett Airlines

3221 Transportes Aeros Militares Ecuatorianos

3222 Comand Airways

3223 Comair

3224 Colgan Airways

3225 Centennial Air

3226 Christmans Air System

3227 Chaparral Airlines

3228 Cayman Airways

3229 SAETA (Sociedad Ecuatorianas De Transportes Aero)

3230 Cascade Airways

3231 SAHSA (Servicio Aero de Honduras)

3232 Capitol Helicopters

3233 Capitol Air

3234 BWIA International (British West Indies Airlines)

3235 Brockway Air

3236 Big Sky Airlines

3237 Best Airlines

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-11 Merchant SIC Codes October 2005

Code Description

3238 Bemidji Aviation

3239 Bar Harbor Airlines

3240 Bahamasair

3241 Aviateca Airlines (Guatemala)

3242 Avensa Airlines

3243 Austrian Air Service

3244 Austin Airways

3245 Atlantis Airlines

3246 Atlantic Southeast Airlines

3247 Atlantic Air

3248 Aspen Airways

3249 American International Airlines

3250 American Centural Air

3251 Aloha Airlines

3252 ALM Antilean Airlines

3253 America West Airlines

3254 Trump Airline (MC only)

3256 Alaska Airlines

3257 Airways of New Mexico

3258 Air Virginia

3259 American Trans Air

3260 Air Sunshine

3261 Air China

Table C-1: Merchant SIC Codes (Continued)

C-12 October 2005

Code Description

3262 Reno Air, Inc.

3263 Aero Servicio Carabobo

3265 Aispur Helicopters

3266 Air Seychelles

3267 Air Panama International

3268 Air Pacific

3270 Air One

3274 Air New Orleans

3275 Air Nevandi

3276 Air Midwest

3277 Air Madagascar

3278 Air Link

3279 Air LA

3280 Air Jamaica

3282 Air Djibouti

3283 Air Corta

3284 Aero Virgin Islands

3285 Aero Peru

3286 Aerolineas Nicaraguenses

3287 Aero Coach Aviation

3288 AFS Airline

3289 AAA Airline

3290 Air Naun

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-13 Merchant SIC Codes October 2005

Code Description

3291 Ariana Afghan Airlines

3292 Cyprus Airways

3293 Equatorian Airlines

3294 Ethiopian Airline

3295 Kenya Airways

3297 Tarom Airlines

3298 Air Mauritius

3351 Affiliated Auto Rental

3352 American International

3353 Brooks Rent-A-Car

3354 Action Auto Rental

3356 Fairway Rent-A-Car

3357 Hertz Corporation

3358 Olins Car Rental

3359 Payless Car Rental

3360 Snappy Car Rental

3361 Airways Auto Rental

3362 Altra Auto Rental

3363 Unicar

3364 Agency Rent-A-Car

3365 American Rental System

3366 Budget Rent-A-Car

3367 Fliteways Rent-A-Car

Table C-1: Merchant SIC Codes (Continued)

C-14 October 2005

Code Description

3368 Holiday Rent-A-Car

3369 Olympic Transport

3370 Rent-A-Wreck

3371 Steinke Autos Europe (Car Rental)

3372 Winston Car Rental

3373 Sun Auto Rentals

3374 Sears Rent-A-Car

3375 Compact Rent-A-Car

3376 Ajax Rent-A-Car

3377 Florida Auto Rental

3378 Golden West Rent-A-Car

3379 Host Rent-A-Car

3380 Inter American Car

3381 Europ Car

3382 Compacts Only

3383 ATESA

3384 Transmonde Location

3385 Tropical Rent-A-Car

3386 Showcase Rental Cars

3387 Alamo Rent-A-Car

3388 Auto Europ

3389 Avis Rent-A-Car

3390 Dollar Rent-A-Car

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-15 Merchant SIC Codes October 2005

Code Description

3391 Europe By Car

3392 Genway Car Rental

3393 National Car Rental

3394 Kemwel Group Car Rental

3395 Thrifty Rent-A-Car

3396 Tilden Rent-A-Car

3397 Foremost Euro-Car

3398 Econo Car Rent-A-Car

3400 Auto Host Car Rentals

3401 All Island Rent-A-Car

3402 Marsans International Travel

3403 Travi-Car Car Rental

3404 Maui Car Rental

3405 Enterprise Rent-A-Car

3406 Greyhound Rent-A-Car

3407 Aztec Rent-A-Car

3408 Aloha Rent-A-Car

3409 General Rent-A-Car

3410 Grey Line Rent-A-Car

3412 A1 Rent-A-Car

3413 Half Price Rent-A-Car

3414 Godfrey National Rent-A-Car

3415 Swan National (Car Rental)

Table C-1: Merchant SIC Codes (Continued)

C-16 October 2005

Code Description

3416 Guy Salmon (Car Rental)

3417 Central (Car Rental)

3418 Mattei (Car Rental)

3419 Alpha Rent-A-Car

3420 ANSA International (Car Rental)

3421 Allstate Rent-A-Car

3422 Paige Rent-A-Car

3423 Avcar Rent-A-Car

3424 LMS Rentals of Canada

3425 Automate Rent-A-Car

3426 Mitchall Self-Drive (Car Rental)

3427 Avon Rent-A-Car

3428 Carey Rent-A-Car

3429 Insurance Rent-A-Car

3430 Major Rent A Car

3431 Replacement Rent-A-Car

3432 Reserve Rent-A-Car

3433 Ugly Duckling Rent-A-Car

3434 USA Rent-A-Car

3435 Value Rent-A-Car

3436 Autohansa Rent-A-Car

3437 Cite Rent-A-Car

3438 Interent Rent-A-Car

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-17 Merchant SIC Codes October 2005

Code Description

3439 Milleville Rent-A-Car

3458 Hotels Melia

3501 Holiday Inns

3502 Best Western Hotels

3503 Sheraton Hotels

3504 Hilton Hotels

3505 Forte Hotels

3506 Golden Tulip Hotels

3507 Friendship Inns

3508 Quality Inns

3509 Marriott Hotels

3510 Days Inns

3511 Arabella Hotels

3512 Intercontinental Hotels

3513 Westin Hotels

3514 Hotels Agrupados

3515 Rodeway Inns

3516 La Quinta Motor Inns

3517 Americana Hotels

3518 Sol Hotels

3519 Pullman International Hotels

3520 Meridien Hotels

3521 Crest Hotels

Table C-1: Merchant SIC Codes (Continued)

C-18 October 2005

Code Description

3522 Tokyo Hotel

3523 Peninsula Hotels

3524 WelcomGroup Hotels

3525 Dunfey Hotels

3526 Prince Hotels

3527 Downtowner Passport

3528 Red Lion

3529 CP (Canadian Pacific) Hotels

3530 Stouffer Hotels

3533 Hotel Ibis

3534 Southern Pacific Hotels

3535 Hilton International

3536 AMFAC Hotels

3537 ANA Hotels

3538 Concorde Hotels

3539 Fujita Tourist Enterprises

3540 Iberotel Hotels

3541 Hotel Okura

3542 Royal Hotels

3543 Four Seasons Hotels

3544 Ciga Hotels

3545 Shangri-La International

3547 Kokusai Kogyo Company

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-19 Merchant SIC Codes October 2005

Code Description

3548 Hotels Melia

3549 Auberge des Governeurs

3550 Regal 8 Inns

3552 Coast Hotels

3554 CHM Hotels

3556 Southern Sun Hotels

3557 JAL Development Company

3558 Jolly Hotels

3559 Thistle Hotels

3560 Dia-Ichi Hotels International

3562 Comfort Inns

3563 Journey’s End Motels

3565 Relax Inns

3567 National Hotels

3568 Ladbroke Hotels

3570 Forum Hotels

3571 Sami Spa

3572 Miyako Hotel

3574 Venture Inn

3575 Vagabond Hotels

3576 Canadian National

3577 Mandarin International

3578 India Tourism Development Co.

Table C-1: Merchant SIC Codes (Continued)

C-20 October 2005

Code Description

3579 Hotel Mercure

3580 Granada Royal Hometels

3581 Delta Hotels

3583 SAS Hotels

3584 Princess Hotels International

3585 Hungar Hotels

3586 Sokos Hotels

3587 Doral Hotels

3588 Helmsley Hotels

3590 Fairmont Hotels Corporation

3591 Sonesta International Hotels

3592 Omni Hotels

3593 Cunard Hotels

3594 Ambassador Inns

3595 Hospitality Inns

3596 Sunset Motels

3597 Innkeepers

3598 Regent International Hotel

3599 Pannonia Hotels

3600 Boulevard Hotel (Sydney)

3601 Sebel Town House Hotel

3602 Regency Hotel (Melbourne)

3603 Noah’s Hotel (Melbourne)

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-21 Merchant SIC Codes October 2005

Code Description

3604 Crest International (Brisbane)

3605 Park Royal (Brisbane)

3606 Mindil Beach Hotel

3607 Chateau (Perth)

3608 Don Hotel (Darwin)

3609 New Esplanade Hotel

3610 Wrest Point Hotel

3611 Launceston Fed. Club

3612 Movenpick Hotels

3613 Homestead Motor Inns

3614 Gazebo Hotels

3615 Travelodge Motels

3616 Gateway Chain

3617 Menzias Hotel (Sydney)

3618 Mandy Pacific International

3619 Windsor Hotel (Melbourne)

3620 Telford International

3622 Merlin Hotel Group (Perth)

3623 Dorint Hotels

3624 Lenna Hotel (Hobart)

3625 Hotel Universale

3626 King Edward Hotel

3627 Valhalla Inns

Table C-1: Merchant SIC Codes (Continued)

C-22 October 2005

Code Description

3628 York-Hannover Hotels

3629 Dan Hotels

3630 Sun International

3633 Rank Hotels

3634 Swissotel

3635 Reso Hotels

3636 Sarova Hotels

3637 Ramada Inns

3638 Howard Johnson

3639 Mount Charlotte Thistle

3640 Hyatt Hotels

3641 Sofitel Hotels

3642 Novotel Hotels

3643 Steigenberger Hotels

3644 Econolodges

3645 Queens Moat Houses

3646 Swallow Hotels

3647 Husa Hotels

3648 De Vera Hotels

3649 Radisson Hotels

3650 Red Roof Inns

3651 Imperial London Hotels

3652 Embassy Hotels

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-23 Merchant SIC Codes October 2005

Code Description

3653 Penta Hotels

3654 Loews Hotels

3655 Scandic Hotels

3656 Sara Hotels

3657 Oberoi Hotels

3658 Otani Hotels

3659 Taj Hotels International

3660 Knights Inn

3661 Metropole Hotels

3663 Hoteles El Presidente

3664 Flag Inns

3665 Hampton Inn Hotels

3666 Stakis Hotels

3668 Maritime Hotels

3670 Arcade Hotels

3671 Arctia Hotels

3672 Campanile Hotels

3673 IBUSZ Hotels

3674 Rantasipi Hotels

3675 Interhotel CEDOK

3677 Climat de France Hotels

3678 Cumulus Hotels

3680 Hoteis Othan

Table C-1: Merchant SIC Codes (Continued)

C-24 October 2005

Code Description

3681 Adams Mark Hotels

3683 Bradbury Suites

3684 Budget Hosts Inns

3685 Budgetel

3686 Suisse Chalet

3687 Clarion Hotels

3688 Compri Hotels

3689 Consort Hotels

3690 Courtyard Inns

3691 Dillon Inn

3692 Doubletree Hotels

3693 Drury Inn

3694 Economy Inns of America

3695 Embassy Suites

3696 Excel Inn

3697 Fairfield Hotels

3698 Harley Hotels

3699 Midway Motor Lodge

3700 Motel 6

3701 Pickett Suite Hotels

3702 The Registry Hotels

3703 Residence Inn

3704 Royce Hotels

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-25 Merchant SIC Codes October 2005

Code Description

3705 Sandman Inn

3706 Shilo Inn

3707 Shoney’s Inn

3709 Super 8 Motels

3710 The Ritz Carlton Hotels

3711 Flag Inns (Australia)

3713 Quality Pacific Hotel

3714 Four Seasons (Australia) Hotels

3715 Fairfield Inn

3716 Carlton Hotels

3717 City Lodge Hotels

3718 Karo Hotels

3719 Protea Hotels

3720 Southern Sun Hotels

3721 Conrad Hotels

3722 Wyndham Hotel & Resorts

4011 Railroads

4111 Local/Suburban Commuter Passenger Transportation, Including Ferries

4119 Ambulance Services

4121 Taxicabs/Limousines

4131 Bus Lines, Including Charters, Tour Buses

4214 Motor Freight Carriers, Trucking (Local/Long Distance), Moving/Storage, Local Delivery

4215 Courier Services – Air or Ground, Freight Forwarders

Table C-1: Merchant SIC Codes (Continued)

C-26 October 2005

Code Description

4225 Public Warehousing – Farm Products, Refrigerated, Household Goods, Storage

4411 Cruise Lines

4457 Boat Rentals & Leases

4468 Marinas, Marine Service/Supply

*4511 Airlines, Air Carriers & Travel Agency Transactions With Air Passage

4582 Airports, Flying Fields, Airport Terminals

4722 Travel Agencies an Tour Operators

4723 Tui Travel (Visa only)

4761 Transportation/Travel-Related Arrangements Services – Mail or Telephone Order (Excluding Travel Agencies)

4784 Tolls, Road and Bridge Fees

4789 Transportation Services Not Elsewhere Classified

4812 Telecommunication Equipment Including Telephone Sales

4814 Telecommunication Service Including Local/Long Distance Calls, Credit Card Calls, Facsimile Services

4815 MasterPhone (TM) Telephone Service – Monthly Summary Telephone Charges

4816 Computer Network/Information Services

4821 Telegraph Services

4829 Wire Transfer Money Orders (WTMOs)

4899 Cable and Other Pay Television Services

4900 Utilities – Electric, Gas, Sanitary, Water

5013 Motor Vehicle Supplies & New Parts

5021 Office & Commercial Furniture

5039 Construction Materials – Not Elsewhere Classified

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-27 Merchant SIC Codes October 2005

Code Description

5044 Office, Photographic, Photocopy, & Microfilm Equipment

5045 Computers, Computer Peripheral Equipment, Software

5046 Commercial Equipment – Not Elsewhere Classified

5047 Dental/Laboratory/Medical/Ophthalmic Hospital Equipment & Supplies

5051 Metal Service Centers & Offices

5065 Electrical Parts & Equipment

5072 Hardware Equipment & Supplies

5074 Plumbing & Heating Equipment

5085 Industrial Supplies – Not Elsewhere Classified

5094 Precious Stones & Metals, Watches, & Jewelry

5099 Durable Goods – Not Elsewhere Classified

5111 Stationery, Office Supplies, Printing, & Writing Paper

5122 Drugs, Drug Proprietaries, & Druggists Sundries

5131 Piece Goods, Notions, & Other Dry Goods

5137 Men’s, Women’s, & Children’s Uniforms & Commercial Clothing

5139 Commercial Footwear

5169 Chemicals & Allied Products – Not Elsewhere Classified

5172 Petroleum & Petroleum Products

5192 Books, Periodicals, & Newspapers

5193 Florists Supplies, Nursery Stock, & Flowers

5198 Paints, Varnishes, & Supplies

5199 Nondurable Goods – Not Elsewhere Classified

5200 Home Supply Warehouse

Table C-1: Merchant SIC Codes (Continued)

C-28 October 2005

Code Description

5211 Lumber & Building Materials Stores

5231 Glass, Paint & Wallpaper Stores

5251 Hardware Stores

5261 Lawn & Garden Supply Stores

5271 Mobile Home Dealers

5300 Wholesale Clubs

5309 Duty Free Stores

5310 Discount Stores

5311 Department Stores

5331 Variety Stores

5399 Miscellaneous General Merchandise

5411 Grocery Stores, Supermarkets

5422 Freezer & Locker Meat Provisioners

5441 Candy, Nut & Confectionery Stores

5451 Dairy Products Stores

5462 Bakeries

5499 Miscellaneous Food Stores – Convenience Stores, Markets, Specialty Stores, & Vending Machines

5511 Automobile & Truck Dealers – New and Used (Sales, Service, Repairs, Parts, & Leasing)

5521 Automobile & Truck Dealers – Used Only (Sales)

5531 Auto & Home Supply Stores

5532 Automotive Tire Stores

5533 Automotive Parts, Accessories Stores

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-29 Merchant SIC Codes October 2005

Code Description

5541 Service Stations (With or Without Ancillary Services)

5542 Automated Fuel Dispenser

5551 Boat Dealers

5561 Camper Dealers, Recreational & Utility Trailers

5571 Motorcycle Shops & Dealers

5592 Motor Homes Dealers

5598 Snowmobile Dealers

5599 Miscellaneous Automotive, Aircraft, & Farm Equipment Dealers, Not Elsewhere Classified

5611 Men’s & Boy’s Clothing and Furnishings Store

5621 Women’s Ready-to-Wear Stores

5631 Women’s Accessory & Specialty Stores

5641 Children’s and Infant’s Wear Stores

5651 Family Clothing Stores

5655 Sports Apparel, Riding Apparel Stores

5661 Shoe Stores

5681 Furriers and Fur Shops

5691 Men’s and Women’s Clothing Stores

5697 Alterations, Mending, Seamstresses, & Tailors

5698 Wig and Toupee Shops

5699 Miscellaneous Apparel and Accessory Stores

5712 Furniture, Home Furnishing & Equipment Stores, Except Appliances

5713 Floor Covering Stores

5714 Drapery, Upholstery, & Window Covering Stores

Table C-1: Merchant SIC Codes (Continued)

C-30 October 2005

Code Description

5718 Fireplace, Fireplace Screens & Accessories Stores

5719 Miscellaneous House Furnishing Specialty Shops

5722 Household Appliance Stores

5732 Electronic Sales

5733 Music Stores, Musical Instruments, Pianos, Sheet Music

5734 Computer Software Stores

5735 Record Shops

5811 Caterers

5812 Eating Places, Restaurants

5813 Drinking Places (Alcoholic Beverages), Bars, Cocktail Lounges, Discotheques, Nightclubs & Taverns

5814 Fast Food Restaurants – Quick Payment Service

5912 Drug Stores & Pharmacies

5921 Package Stores – Beer, Wine, & Liquor

5931 Used Merchandise Stores, Secondhand Stores

5932 Antique Shops – Sales, Repairs, & Restoration Services

5933 Pawn Shops

5935 Wrecking and Salvage Yards

5937 Antique Reproduction Stores

5940 Bicycle Shops – Sales & Service

5941 Sporting Goods Stores

5942 Book Stores

5943 Stationary Stores, Office and School Supply Stores

5944 Clock, Jewelry, Watch, & Silverware Store

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-31 Merchant SIC Codes October 2005

Code Description

5945 Game, Toy, & Hobby Shops

5946 Camera & Photographic Supply Stores

5947 Card, Gift, Novelty, & Souvenir Shops

5948 Leather Goods & Luggage Stores

5949 Fabric, Needlework, Piece Goods, & Sewing Stores

5950 Crystal & Glassware Stores

5960 Direct Marketing – Insurance Services

5961 Mail Order Houses Including Catalog Order Stores, Book/Record Clubs

5962 Direct Marketing – Travel-Related Arrangement Services

5963 Door-to-Door Sales

5964 Direct Marketing – Catalog Merchants

5965 Direct Marketing – Combination Catalog & Retail Merchants

5966 Direct Marketing – Outbound Telemarketing Merchants

5967 Direct Marketing – Inbound Telemarketing Merchants

5968 Direct Marketing – Continuity/Subscription Merchants

5969 Direct Marketing – Other Direct Marketers – Not Elsewhere Classified

5970 Artist Supply Stores, Craft Shops

5971 Art Dealers & Galleries

5972 Stamp & Coin Stores – Philatelic & Numismatic Supplies

5973 Religious Goods Stores

5974 Rubber Stamp Stores

5975 Hearing Aids – Sales, Service & Supply Stores

5976 Orthopedic Goods – Artificial Limb Stores

Table C-1: Merchant SIC Codes (Continued)

C-32 October 2005

Code Description

5977 Cosmetic Stores

5978 Typewriter Stores – Rentals, Sales, Service

5983 Fuel Dealers – Coal, Fuel Oil, Liquefied Petroleum, Wood

5992 Florists

5993 Cigar Stores & Stands

5994 News Dealers & Newsstands

5995 Pet Shops – Pet Food & Supplies

5996 Swimming Pools – Sales & Supplies

5997 Electric Razor Stores – Sales & Service

5998 Tent & Awning Shops

5999 Miscellaneous & Specialty Retail Stores

6010 Financial Institutions – Manual Cash Disbursements (Deposit Account, Travelers Cheques, Foreign Currency, Money Orders, Precious Metals, Savings Bonds)

6011 Financial Institutions – Automated Cash Disbursements

6012 Financial Institutions – Merchandise & Services

6013 Financial Institutions – Unknown type

6051 Non-Financial Institutions – Foreign Currency, Money Orders (Not Wire Trans- fer), Travelers Cheques, & Quasi Cash

6211 Securities – Brokers/Dealers

6300 Insurance Sales, Underwriting, & Premiums

6381 Insurance Premiums

6399 Insurance Carriers Not Elsewhere Classified

7011 Lodging – Hotels, Motels, Resorts – Not Elsewhere Classified

7012 Timeshares

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-33 Merchant SIC Codes October 2005

Code Description

7032 Recreational & Sporting Camps

7033 Campgrounds & Trailer Parks

7210 Cleaning, Garment, & Laundry Services

7211 Laundry Services – Family & Commercial

7216 Dry Cleaners

7217 Carpet and Upholstery Cleaning

7221 Photographic Studios

7230 Barber & Beauty Shops

7251 Hat Cleaning Shops, Shoe Repair Shops, Shoe Shine Parlors

7261 Funeral Service and Crematories

7273 Dating and Escort Services

7276 Tax Preparation Services

7277 Debt, Marriage, Personal – Counseling Service

7278 Buying/Shopping Clubs, Services

7295 Babysitting Services

7296 Clothing Rental – Costumes, Uniforms, & Formal Wear

7297 Massage Parlors

7298 Health & Beauty Spas

7299 Other Services – Not Elsewhere Classified

7311 Advertising Services

7321 Consumer Credit Reporting Agencies

7329 Computer Maintenance, Repair, & Services – Not Elsewhere Classified

7332 Blueprinting and Photocopying Services

Table C-1: Merchant SIC Codes (Continued)

C-34 October 2005

Code Description

7333 Commercial Art, Graphics, & Photography

7338 Quick Copy, Reproduction, & Blueprinting Services

7339 Stenographic & Secretarial Support Services

7341 Window Cleaning Services

7342 Exterminating & Disinfecting Services

7349 Cleaning & Maintenance, Janitorial Services

7361 Employment Agencies, Temporary Help Services

7372 Computer Programming, Data Processing, & Integrated Systems Design Services

7375 Information Retrieval Services

7392 Consulting, Management, & Public Relations Services

7393 Detective Agencies, Protective Agencies, Security Services Including Armored Cars, Guard Dogs

7394 Equipment Rental & Leasing Services, Furniture Rental, Tool Rental

7395 Photo Developing, Photo Finishing Laboratories

7399 Business Services – Not Elsewhere Classified

7511 Truck Stop Transactions

7512 Automobile Rental Agency – Not Elsewhere Classified

7513 Truck and Utility Trailer Rental

7519 Motor Home and Recreational Vehicle Rental

7523 Automobile Parking Lots and Garages

7531 Automotive Body Repair Shops

7534 Tire Retreading & Repair Shops

7535 Automotive Paint Shops

7538 Automotive Service Shops

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-35 Merchant SIC Codes October 2005

Code Description

7542 Car Washes

7549 Towing Services

7622 Electronic Repair Shops

7623 Air Conditioning & Refrigeration Repair Shops

7629 Appliance Repair Shops, Electrical & Small

7631 Clock, Jewelry, & Watch Repair Shops

7641 Furniture – Reupholstery & Repair, Refinishing

7692 Welding Repair

7699 Miscellaneous Repair Shops and Related Services

7829 Motion Picture & Video Tape Production & Distribution

7832 Motion Picture Theaters

7841 Video Tape Rental Stores

7911 Dance Halls, Schools, & Studios

7922 Theatrical Producers (Except Motion Pictures), Ticket Agencies

7929 Bands, Orchestras, and Miscellaneous Entertainers – Not Elsewhere Classified

7932 Billiard and Pool Establishments

7933 Bowling Alleys

7941 Athletic Fields, Commercial Sports, Professional Sports Clubs, Sports Promoters

7991 Tourist Attractions & Exhibits

7992 Golf Courses – Public

7993 Video Amusement Game Supplies

7994 Video Game Arcades/Establishments

7995 Betting (Including Lottery Tickets, Chips at Gaming Casinos, Off-Track Betting, & Wagers at Race Tracks)

Table C-1: Merchant SIC Codes (Continued)

C-36 October 2005

Code Description

7996 Amusement Parks, Carnivals, Circuses, Fortune Tellers

7997 Clubs – Country Clubs, Membership (Athletic, Recreation, Sports), Private Golf Courses

7998 Aquariums, Dolphinariums, & Seaquariums

7999 Recreation Services – Not Elsewhere Classified

8011 Doctors – Not Elsewhere Classified

8021 Dentists, Orthodontists

8031 Osteopathic Physicians

8041 Chiropractors

8042 Optometrists, Ophthalmologists

8043 Opticians, Optical Goods, & Eyeglasses

8044 Optical Goods and Eyeglasses

8049 Chiropodists, Podiatrists

8050 Nursing & Personal Care Facilities

8062 Hospitals

8071 Dental & Medical Laboratories

8099 Health Practitioners, Medical Services – Not Elsewhere Classified

8111 Attorneys, Legal Services

8211 Schools, Elementary and Secondary

8220 Colleges, Universities, Professional Schools, & Junior Colleges

8241 Schools, Correspondence

8244 Schools, Business & Secretarial

8249 Schools, Vocational & Trade

8299 Schools & Educational Services – Not Elsewhere Classified

Table C-1: Merchant SIC Codes (Continued)

Direct Payment Protocol Specification 1.1 C-37 Merchant SIC Codes October 2005

Code Description

8351 Child Care Services

8398 Organizations, Charitable & Social Service

8641 Associations – Civil, Social, & Fraternal

8651 Organizations, Political

8661 Organizations, Religious

8675 Associations, Automobile

8699 Organizations, Membership – Not Elsewhere Classified

8734 Testing Laboratories (Non-Medical)

8911 Architectural, Engineering, & Surveying Services

8931 Accounting, Auditing, & Bookkeeping Services

8999 Professional Services – Not Elsewhere Classified

9211 Court Costs Including Alimony and Child Support

9222 Fines

9223 Bail and Bond Payments

9311 Tax Payments

9399 Government Services – Not Elsewhere Classified

9401 Food Stamps (MC only)

9402 Postal Services – Government Only

9411 Government Loan Payments

9751 UK Supermarkets, Electronic Hot File

9752 UK Petrol Stations, Electronic Hot File

Table C-1: Merchant SIC Codes (Continued)

C-38 APPENDIX D

Product Codes

Product Code Product Group Example

1000 House

1010 Windows and accessories

1020 Paint and wallpaper

1030 Floor coverings Wood, tile, carpet, rugs

1040 Heating, Cooling, Water treat- ment, Bath

1100 Appliances

1110 Major appliances Ranges, Ovens, Dishwashers, Refrigerators, Freezers, Laundry

1120 Small appliances Vacuums, Sewing machines, microwaves

1130 Kitchen appliances Toasters, Mixers, Coffee makers

1200 Furniture

1210 Beds, mattresses

1220 Office furniture

1230 Living/Dining room

1300 Housewares

1310 Dinnerware Glass, silverware

1320 Cookware, bakeware

1330 Lamps, Clocks, Decorations

Table D-1: Product Codes

Direct Payment Protocol Specification 1.1 D-1 Product Codes October 2005

Product Code Product Group Example

1340 Bed and Bath linens

1350 Flowers

1360 Seasonal Christmas, Halloween

1370 Luggage

1380 Art and posters

1390 Fabric, curtains

1400 Lawn & Garden

1410 Garden tools, lawn movers

1420 Garden, Patio Furniture

1430 Yard care, sprinklers

1440 Grills

1450 Plants

1500 Computers & office

1510 Computers

1520 Software

1530 Telephones

1540 Copiers, Fax, Printers

1550 Office supplies, toner

1600 Tools & Hardware

1610 Power tools

1620 Plumbing

1700 Electronics

1710 Cameras and camcorders

Table D-1: Product Codes (Continued)

D-2 October 2005

Product Code Product Group Example

1720 TV, DVD, and video

1730 Home Audio

1740 Portable Audio CD, mp3, minidisc

1750 Personal electronics PDAs

1760 Video games

1770 Components, cables, connectors, batteries

1800 Automotive

1810 Accessories

1820 Batteries

1830 Spare parts

1840 Glass

1850 Tires and wheels

1860 Gasoline

1870 Service and Repair

1880 Audio and alarms

2000 Health

2010 Hearing Aids

2020 Cosmetics and fragrances, beauty products

2030 Personal care

2040 Pharmacy

2050 Optical

2060 Vitamins and supplements

Table D-1: Product Codes (Continued)

Direct Payment Protocol Specification 1.1 D-3 Product Codes October 2005

Product Code Product Group Example

2070 Dental

2080 Weight management products

2100 Clothes

2110 Men

2120 Women

2130 Junior

2140 Infant

2150 Shoes

2160 Workwear and uniforms

2170 Formal wear rental and sale

2200 Sport, Fitness & Recreation

2210 Sporting Goods Bikes, golf equip., baseball

2220 Camping, fishing

2230 Sportswear

2240 Athletic shoes

2250 Home gym equipment

2260 Boats, jet-ski, ATV

2270 Guns, hunting, paintball

2300 Jewelry & Watches

2310 Fashion Jewelry

2320 Fine jewelry

2330 Watches

2340 Rings

Table D-1: Product Codes (Continued)

D-4 October 2005

Product Code Product Group Example

2350 Handbags

2400 Baby

2410 Strollers, chairs, beds

2420 Maternity

3000 Toys

3010 RC models, model trains

3020 Dolls, stuffed toys

3030 Learning toys, games, puzzles

3100 Music & Movies

3110 Movies, DVD, and video tapes

3120 Audio CDs and tapes

3130 Musical instruments

3200 Books & Cards

3210 Cards, Stationery

3220 Books

3230 Magazines

3300 Pet Care

4000 Groceries

4010 Candy

4020 Coffee shop

4030 Tobacco

4040 Alcohol, liquor

4050 Gift packages and delicatessen

Table D-1: Product Codes (Continued)

Direct Payment Protocol Specification 1.1 D-5 Product Codes October 2005

Product Code Product Group Example

4060 Frozen foods

5000 Travel

5010 Airline, train tickets

5020 Car rental

5030 Hotels, vacation rental

5040 Resorts, cruises

5100 Insurance

5110 Auto

5120 Home

5130 Extended warranties

6000 Domestic Services

6010 Phone cards, long distance, voice over IP

6020 Internet Service Providers

6030 Laundry, carpet cleaning, house- keeping, gardening

6040 Cable, satellite TV

6050 Subscriptions Magazines, water, pet food, coffee

6060 Information brokerage Search for people

6070 Concert/event tickets

6080 Marketing/Advertising/Design services

6090 Dating/Escort services

6100 Online Services

Table D-1: Product Codes (Continued)

D-6 October 2005

Product Code Product Group Example

6110 Online Magazines (non adult)

6120 Online Gaming

6130 Web-based information services Courses, Maps, Databases, Classi- fieds

6140 Domain name registration

6150 Web design/hosting, e-security consulting

6160 Adult Entertainment

6170 Music/video download

6200 Financial/Legal Service

6210 Bill Payment

6220 Money Transfer/Escrow

6230 Check Cashing

6240 ACH

6250 Legal Services

6260 Mortgage/Loan service

7000 Gift cards

Table D-1: Product Codes (Continued)

Direct Payment Protocol Specification 1.1 D-7 Product Codes October 2005

D-8 Index

A error responses 1-60 request parameters 1-58 account model 1-1 requests 1-58 scenario 1-4 response parameters, error 1-60 accounts response parameters, successful 1-60 identifiers 1-1 successful responses 1-60 numbers 1-1 Cancel Settlement 1-50 passwords 1-1 request parameters 1-51 transaction processing IDs 1-1 requests 1-50 action codes A-2 response parameters, error 1-53 address verification system. See AVS response parameters, successful 1-52 responses, error 1-52 Authorization 1-33 responses, successful 1-52 card types supported 1-25, 1-30, 1-36 request parameters 1-34 card types requests 1-34 Authorization 1-25, 1-30, 1-36 response parameters, error 1-43 Purchase 1-15 response parameters, successful 1-41 card validation data. See CVD responses, error 1-9, 1-43 chargebacks 1-54 responses, successful 1-41 codes time limits 1-33 action A-2 transaction recovery 1-62 AVS 1-9 AVS 1-9 error A-2 codes 1-9 geographical B-1–?? limitations 1-11 conditionally optional AVS Check 1-24 requirement settings 1-6 request parameters 1-25 conventions requests 1-24 field specifications 1-6 response parameters, error 1-28 message formats 1-5 response parameters, successful 1-26 requirement settings 1-5 responses, error 1-27 country codes B-3 responses, successful 1-26 Credit 1-53 chargebacks 1-54 B request parameters 1-54 requests 1-54 building response parameters, error 1-57 transaction requests 1-2 response parameters, successful 1-56 responses, error 1-57 responses, successful 1-56 C transaction recovery 1-66 CVD Cancel Credit 1-58 indicators 1-11

Direct Payment Protocol Specification 1.1 Index-1 Index October 2005

D I decoding identifiers responses 1-3 accounts 1-1 indicators, CVD 1-11 E M error messages action codes A-2 mandatory error codes and strings A-2 requirement settings 1-5 error responses merchant transactions 1-8 Authorization 1-43 message formats AVS Check 1-27 Authorization 1-34 Cancel Credit 1-60 AVS Check 1-24 Cancel Settlement 1-52 Cancel Credit 1-58 Credit 1-57 Cancel Settlement 1-50 Purchase 1-22 complete 1-2 Query 1-71 conventions 1-5 Risk Only 1-33 Credit 1-54 Settlement 1-49 example 1-3 Transaction Lookup 1-65 Purchase 1-12 examples Query 1-67 complete messages 1-2 requirement settings 1-5 response messages 1-3 Risk Only 1-29 scenario 1-4 Settlement 1-46 extracting specifications 1-6 fields 1-3 Transaction Lookup 1-62 transport methods 1-6 F model. See account model fields N conventions 1-6 extracting 1-3 negative database 1-11 requirement settings 1-5 fraud database. See negative database O

G optional requirement settings 1-6 geographical codes B-1–?? country B-3 P province B-1 state B-2 parameters Authorization requests 1-34 Authorization responses, error 1-43

Index-2 October 2005

Authorization responses, successful 1-41 request parameters 1-13 AVS Check requests 1-25 requests 1-12 AVS Check responses, error 1-28 response parameters, error 1-22 AVS Check responses, successful 1-26 response parameters, successful 1-20 Cancel Credit requests 1-58 responses, error 1-22 Cancel Credit responses, error 1-60 responses, successful 1-20 Cancel Credit responses, successful 1-60 transaction recovery 1-62 Cancel Settlement requests 1-51 Cancel Settlement responses, error 1-53 Q Cancel Settlement responses, successful 1-52 Query 1-66 case sensitivity 1-7 request parameters 1-67 Credit requests 1-54 requests 1-67 Credit responses, error 1-57 response parameters, error 1-71 Credit responses, successful 1-56 response parameters, successful 1-69 decoding 1-3 responses, error 1-71 decoding responses 1-3 responses, successful 1-68 error messages, from payment transaction recovery 1-66 services A-1 message formats 1-5 Purchase requests 1-13 R Purchase responses, error 1-22 Purchase responses, successful 1-20 recovery. See transaction recovery Query requests 1-67 requests 1-2 Query responses, error 1-71 Authorization 1-34 Query responses, successful 1-69 AVS Check 1-24 requirement settings, conditionally Cancel Credit 1-58 optional 1-6 Cancel Settlement 1-50 requirement settings, mandatory 1-5 Credit 1-54 requirements settings, optional 1-6 Purchase 1-12 Risk Only requests 1-30 Query 1-67 Risk Only responses, error 1-33 Risk Only 1-29 Risk Only responses, successful 1-32 Settlement 1-46 Settlement requests 1-46 Transaction Lookup 1-62 Settlement responses, error 1-49 requirement settings Settlement responses, successful 1-48 conditionally optional 1-6 Transaction Lookup requests 1-63 fields 1-5 Transaction Lookup responses, mandatory 1-5 error 1-65 optional 1-6 Transaction Lookup responses, responses successful 1-65 Authorization, error 1-43 passwords 1-1 Authorization, successful 1-41 protection. See security features AVS Check, error 1-27 province codes B-1 AVS Check, successful 1-26 Purchase 1-12 Cancel Credit, error 1-60 card types supported 1-15 Cancel Credit, successful 1-60

Direct Payment Protocol Specification 1.1 Index-3 Index October 2005

Cancel Settlement, error 1-52 Cancel Settlement 1-52 Cancel Settlement, successful 1-52 Credit 1-56 Credit, error 1-57 Purchase 1-20 Credit, successful 1-56 Query 1-68 decoding 1-3 Risk Only 1-32 example 1-3 Settlement 1-48 Purchase, error 1-22 Transaction Lookup 1-65 Purchase, successful 1-20 Query, error 1-71 T Query, successful 1-68 Risk Only, error 1-33 time limits, for Authorizations 1-33 Risk Only, successful 1-32 Transaction Lookup 1-62 Settlement, error 1-49 narrowing searches 1-62 Settlement, successful 1-48 recovery 1-62 Transaction Lookup, error 1-65 request parameters 1-63 Transaction Lookup, successful 1-65 requests 1-62 Risk Only 1-29 response parameters, error 1-65 request parameters 1-30 response parameters, successful 1-65 requests 1-29 responses, error 1-65 response parameters, error 1-33 responses, successful 1-65 response parameters, successful 1-32 transaction recovery 1-61 responses, error 1-33 Query requests 1-66 responses, successful 1-32 Transaction Lookup requests 1-62 transaction requests S about 1-1 building 1-2 security features 1-9 transactions 1-8 AVS 1-9 Authorization 1-33 CVD 1-11 AVS Check 1-24 negative database 1-11 Cancel Credit 1-58 settings. See requirement settings Cancel Settlement 1-50 Settlement 1-45 Credit 1-53 Cancel Settlement transactions 1-50 Purchase 1-12 request parameters 1-46 Query 1-66 requests 1-46 recovery 1-61 response parameters, error 1-49 Risk Only 1-29 response parameters, successful 1-48 Settlement 1-45 responses, error 1-49 Transaction Lookup 1-62 responses, successful 1-48 transport types 1-6 transaction recovery 1-66 state codes B-2 U successful responses Authorization 1-41 user IDs 1-1 AVS Check 1-26 Cancel Credit 1-60

Index-4