PaymentSITE

During checkout, the website server should not have access to sensitive credit card data. Do not place credit card fields on the final checkout page. Instead, use one of the implementation methods below to redirect the user to a hosted payment page. (See “Implementation Methods” below.)

The hosted payment page accepts the sensitive credit card data and redirects the user back to the checkout page. The redirect returns the transaction response data as a URL parameter. (See “Transaction Response Data” below.)

Transaction Flow Options

Sale Transaction

  • The hosted payment page executes a cc:sale transaction and returns the approval (plus a token) to the website.
  • Before submitting the transaction information, the website should verify that it has not been modified.

AuthOnly Transaction

  • The hosted payment page executes a cc:authonly transaction and returns the approval (plus a token) to the website.
  • After executing the transaction, the website captures the transaction via the API.
  • Before submitting the transaction information, the website should verify that it has not been modified.

Token Transaction

  • The hosted payment page executes a cc:save transaction and returns a token to the website.
  • The website uses the returned token to execute the final transaction via the API.

Post Transaction Redirect URL

  • Preconfigure the redirect URL or send it as a URL parameter to the hosted payment page.
  • Use separate redirects for transaction approvals and declines with the xRedirectURL and/or xRedirectURL_NotApproved variables.
  • xRedirectURL: Set this on the backend or in the request (or both to override it).
  • xRedirectURL_NotApproved: This can be set on the backend or in the request (or both to override it). If this is left blank, it uses xRedirectURL.
  • xPostUrl: Used to get a postback/IPN. This can be set on the backend or in the request (or both to override it, if allowed in settings).
    Redirect sends the returned parameters in the query string.

Example:
https://www.cardknox.com/?xCurrency=USD&xDate=6%2F29%2F2020%204%3A26%3A47%20PM&xResult=A&xStatus=Approved&xErrorCode=00000&xAuthCode=09379A&xAuthAmount=1.03&xRefNum=341260411&xToken=0p3q5479g1g3h2p34g5763008044gg0p&xBatch=5128197&xMID=xxxxxxxxxx9999&xTID=xxxxx6789&xAvsResult=Address%3A%20No%20Match%20&5_Digit_Zip%3A_No_Match&xAvsResultCode=NNN&xCvvResult=No%20CVV%20data%20available&xMaskedCardNumber=4xxxxxxxxxxx1111&xName=t%20test&xExp=0620&xCardType=Visa&xEntryMethod=Keyed&xCustom10=Payment%20Site

Implementation Methods

Redirect

  • The user is redirected to the hosted payment page.
  • Customize the hosted payment page with your logo.

iFrame

  • The hosted payment page is embedded in your own checkout page.
  • The user never leaves your website.
  • See a demo of this implementation at secure.cardknox.com/iframedemo.

Transaction Response Data

This table lists the fields returned in a redirect URL.

Variable Name Description
xAuthAmount Amount authorized on card
xAuthCode Authorization code
xAvsResult AVS result message
xAvsResultCode AVS result code
xBatch Batch number
xCardType Card type (Visa, Mastercard, etc.)
xCvvResult CVV result
xCvvResultCode CVV result code
xErrorCode Error code
xMaskedCardNumber Masked card number
xName Name on card
xRefNum Transaction reference number
xResult Result (Status Code) (A, D, E)
xStatus Result status message (Approved, Declined, Error)
xToken Token for use with subsequent transactions
xError Error message (if any)