Tech Soup

PHP API SETUP

LinkPoint API Adobe Acrobat PDF manual

Before you begin using LinkPoint API you will also need to download the PEM file.
NOTE: The LinkPoint PEM can not be installed on the web server as a SSL certificate.

1. Log into LinkPoint Central
2. Click on Support on the top menu.
3. On the left menu click on Download Center
4. Click on Download PEM
5. Save the file to your desktop
6. Upload the PEM file to the root of your web site or any other folder.
   If your web site is on a UNIX server you need to make sure you upload the file in ASCII (text) format.

We offer compatible shared,dedicated, and VPS server from Web Coder’s we also offer integration services. Just give us a call 1-866-892-6822 or visit www.webcoders.biz

GODADDY

If your web site is hosted on Godaddy you will NOT be able to use LinkPoint API because they block port 1129. You will need to use LinkPoint Connect or if you can justify the expense then you can upgrade to their dedicated server.

For Godaddy dedicated servers you will also need to make a change to the lphp.php file.
Do a search for “setopt”
Add the following lines of code:

CODE

curl_setopt ($ch, CURLOPT_HTTPPROXYTUNNEL, true);
curl_setopt ($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt ($ch, CURLOPT_PROXY, ‘64.202.165.130:3128′);

This information was derived from Godaddy’s help center.

PHP

REQUIREMENTS:
Make sure the version of PHP is greater than 4.0.2
PHP compiled with both cURL and OpenSSL
SSL certificate for the web site
Port 1129 needs to be open on the web server. Contact your web host to verify.
If you are not sure what version of PHP you have, create a file named phpinfo.php with the following code:

CODE

<?php
phpinfo();
?>

If you are using a Windows server make sure uncomment the cURL extension in the php.ini file which is located in the following directory:
C:\windows\php.ini

On a UNIX server it would be located in the following directory:
/usr/local/php5/lib/php.ini

Edit php.ini, look for the following code, and remove the semicolon at the beginning:

CODE

;extension=php_curl.dll

1. Download the PHP wrapper.
2. Upload one of the example files such as SALE_MININFO.php
   (Do not place any of the PHP files in the cgi-bin folder.)
3. Upload the file named lphp.php into the same direcotory
4. Upload the PEM file to the same directory as the PHP files you uploaded earlier.
5. Edit the example file and change the following 2 lines of code (replace 123456 with your LinkPoint store number):

CODE

$myorder["keyfile"] = realpath(“123456.pem”);
$myorder["configfile"] = “123456″;

If you want to place the PEM file in a different directory then you will need to change the line of code for “keyfile”

CODE for UNIX server

$myorder["keyfile"] = “/home/htdocs/www/linkpoint/123456.pem”;

CODE for WINDOWS server

$myorder["keyfile"] = “c:\\inetpub\\wwwroot\\linkpoint\\123456.pem”;

If you want to run test transactions, look for the following line of code:

CODE

$myorder["result"] = “LIVE”;

Make the following change:

CODE

$myorder["result"] = “GOOD”;

If you are using the staging server you will also need to modify the lphp.php file and uncomment 2 lines of code.
Search for “setopt” and remove the pound symbol in front of the 2 lines.

CODE

# curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
# curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);

SGS-020003: Invalid XML

If you receive the “Invalid XML” error you will need to add the following line of code for troubleshooting:

CODE

$myorder["debugging"] = “true”;

You may need to uncomment the line by removing the 2 forward slashes at the beginning.
Place another order and you will see some code displayed like the following example:

CODE

sending xml string:
<order><orderoptions><ordertype>SALE</ordertype><result>LIVE</result></orderoptions>
<creditcard><cardnumber>4111-1111-1111-1111</cardnumber><cardexpmonth>01</cardexpmonth>
<cardexpyear>05</cardexpyear></creditcard>
<billing><zip>12345</zip><addrnum>&123</addrnum></billing><shipping></shipping>
<transactiondetails></transactiondetails> <merchantinfo><configfile>679880</configfile><keyfile>679880.pem</keyfile>
<host>secure.linkpt.net</host><port>1129</port></merchantinfo> <payment><chargetotal>9.99</chargetotal></payment></order>

server responds:
<r_csp></r_csp><r_time></r_time><r_ref></r_ref><r_error>SGS-020003: Invalid XML</r_error>
<r_ordernum></r_ordernum><r_message></r_message><r_code></r_code><r_tdate></r_tdate><r_score>
</r_score><r_authresponse></r_authresponse><r_approved></r_approved><r_avs></r_avs>

Status: Error: SGS-020003: Invalid XML ±

You may need to copy the “sending XML” and “server responds” portion and email it to LinkPoint support.

SHOPPING CART LIST

Below is a list of shopping carts compatible with the LinkPoint gateway.



ORDER CONFIRMATION EMAILS

Here are example order confirmation emails sent by the gateway.

MERCHANT’S COPY

From: “Gateway” <gateway@linkpt.net>
To: “Merchant” <merchant@yourwebsite.com>
Subject: Your Business Name – CDA78C0B-449045FD-330-DEED6
Date: 14 Jun 2006 16:05:18

Order Number: CDA78C0B-449045FD-330-DEED6
PONumber:
Time: Wed Jun 14 11:16:47 2006

cc: visa
shipped: Y
ship type:

user id:
name: John Doe
addr1: 1002 Parker St.
addr2:
city: Los Angeles
state: CA
country: US
shipname:
shipaddr1:
shipaddr2:
shipcity:
shipzip:
shipstate:
shipcountry:
email: customer@somewhere.com
phone: 213-222-1234
fax:
Reference:
Comments:

Subtotal: $12.00
Tax: $0.00
Shipping: $0.00
Total: $12.00

CUSTOMER’S COPY

From: “Your Business Name” <gateway@linkpt.net>
To: “John Doe” <customer@somewhere.com>
Subject: Receipt from Business Name
Date: 14 Jun 2006 16:05:18

Company: Your Business Name
Reference Number: CDA78C0B-449045FD-330-DEED6

Subtotal: $12.00
Tax: $0.00
Shipping: $0.00
Total: $12.00

Business Name

Thank you for shopping with us.

CUSTOMER’S COPY VOIDED ORDER

From: “Your Business Name” <gateway@linkpt.net>
To: “John Doe” <customer@somewhere.com>
Subject: Business Name order CDA78C0B-449045FD-330-DEED6 has been canceled
Date: 14 Jun 2006 16:05:18

Order CDA78C0B-449045FD-330-DEED6 has been canceled.
The credit card transaction involved with this order has been canceled.

MERCHANT’S COPY PERIODIC BILL

From: “Gateway” <gateway@linkpt.net>
To: “Merchant” <merchant@yourwebsite.com>
Subject: Periodic Billing Order – 192.168.0.1-10BED1C09C7-1DEA382-DC54D6 Submitted
Date: 14 Jun 2006 16:05:18

Periodic Billing Order 192.168.0.1-10BED1C09C7-1DEA382-DC54D6 Submitted

Amount: $4.00
Tax: $2.00
Shipping: $0.00
VATTAX: $0.00
Customer: John Doe
Company:
Address: 1002 Yellowstone

City: Los Angeles
State: CA
Country: US
Zip: 90001
———————————
Periodic Billing Information

Startdate 20060619
Periodicity: 1month
Installments: -1
Threshold: 2
Comments:

MERCHANT’S COPY FAILED PERIODIC BILL

From: “Gateway” <gateway@linkpt.net>
To: “Merchant” <merchant@yourwebsite.com>
Subject: Periodic Billing Failure Threshold Reached
Date: 14 Nov 2005 16:05:18

ATTENTION – Immediate action required

The Periodic Order CDA78C0B-43648161-900-199602 has failed 12 times.
This transaction will continue to fire daily until successful or
cancelled. Please refer to your Online Reports to determine the cause of the
failure and to determine proper corrective action.

N:D:Declined
This is a normal credit card decline and can be returned for a number
of reasons. Contact the customer to determine if there is a problem with the card.
You may need to change the credit card data.
N:R:Referral Call Center
This is returned by the bank for various reasons. The customer should
contact their card issuing bank to determine the cause. You may need
to change the credit card information.
N:X:Expired card
Even if the expiration date is in the future, the bank has determined that this card
is no longer valid. Contact the customer, you will need to update the credit card information.
NFRAUD – The card appears to be expired
Check the expiration date on the card. Call the customer to get new information.

You may opt at any time to cancel the periodic bill by going to Reports ! Active Periodic Bills.
Select the appropriate order and then “Cancel Selected Order”

ThinkGeek :: The Geeks’ Guide to World Domination

Posted using ShareThis

FRAUD PREVENTION

The LinkPoint gateway does not approve or decline any transactions. All the transactions are approved by the issuing credit card bank. Some credit card banks will approve a transaction even if the address information does not match. With this in mind there are some additional steps you need to take in order to protect yourself from fraudulent orders.

The address verification system is currently not available for international credit cards. This means there is more risk of fraud for international orders. Orders from certain coutries such as Nigeria are almost always fraudulent.

ADDRESS VERIFICATION / CVV2

In the middle of each approval code there will be a 4 letter combination.
Y:1234567891234567:NNNP:123456789123

1. The first letter is for the street number.
2. The second letter is for the zip code.
3. The third letter is for both the address and zip code combined.
4. The fourth letter is for the CVV2 (security code) which is the last 3-4 digits on the back of the credit card.

AVS RESPONSES
YYY	Both address and zip code matched
NNN	Both address and zip code did not match
NYZ	Only zip code matched
YNA	Only address matched
XXG	No system available to verify address, possibly an international credit card

CVV2 RESPONSES
M	Code matched
N	Code did not match
P	Code was not entered

CONNECT

The following steps will help you prevent fraud using Connect. This change will require that you verify each order individually. First you will need to make sure orders from your web site are submitted as preauth. Look for the following code first:
<input type=”hidden” name=”txntype” value=”sale”>

You will need to either add the following code or make the following change on your web site:
<input type=”hidden” name=”txntype” value=”preauth”>

Once you have made the change you will need to log into the global gateway and verify each order.
You will need to verify orders on a regular basis.
Click on Reports on the top menu and then click on Orders
Scroll to the bottom and click on “Submit Query.”
Under the shipped column, the orders will be marked as N.
Click on the order number to view the details of the order
Scroll down and look for the approval code, it is a long string of numbers and letters.
Y:1234567891234567:NNNP:123456789123

You want to verify that the billing address and zip code match.
You may also want to verify that the order is not being shipped to a different address.
After verifying the response for the address verification you will need to decide whether to process the order.
If you declide to process the order you will need to mark the order shipped.

API

There are two methods for incorporating the address verification system (AVS) to prevent fraud using API. These methods are not built into the gateway or the API so you will need to develop them using a web programming language such as PHP, ASP, Perl, ColdFusion, etc. Address verification can not be done without doing an authorization on the credit card.
NOTE: Make sure you are also passing the address a second time using the <addrnum> field.

EXAMPLE APPROVED RESPONSE
r_ref	0003480327
r_message	APPROVED
r_code	1234560003480327:NNNM:100010342106:
r_approved	APPROVED
r_avs	NNNM

METHOD 1
Submit an authorization (PREAUTH) for the full amount.
Verify the AVS response from the gateway.
If the information is correct then submit a post authorization (POSTAUTH) to collect the funds.
NOTE: This option is feasable if you only allow the order to be submitted once or twice.
Each time the credit card is authorized it will place a hold for the amount.
This hold will be automatically released by the credit card issuing bank within a couple days.

METHOD 2
Submit an authorization (PREAUTH) for $1.
Verify the AVS response from the gateway.
If the information is correct then submit the transaction as a SALE for the full amount.

MAXMIND
You can also add a layer of security by using the minFraud service provided byMaxMind.
Here are some of the features provided:

• Checks whether country of IP address matches billing address country
• Checks whether IP address or billing address country is a high risk of fraud.
• Checks whether the customer phone number is in the billing zip code.
• Checks whether the billing city and state match the zipcode. (US addresses only)
• Checks whether the country of the issuing bank matches the billing address based on the first 6 digits of the credit card.
• Checks whether the customer service phone number(located on back of credit card) matches the phone number entered by the customer.
• Overall risk score based on results

You can use the credit cards listed below for testing. These credit cards will receive an approved response on production. Please be aware there is a transaction fee for each transaction submitted on production.

You can use the credit cards listed below for testing. These credit cards will receive a declined response. Please be aware there are transaction fees for each declined transaction.

For the expiration date select any month and year in the future.
Any name and addres

After you add the code to the website you will need to make a few changed in the connect settings. Follow the steps below to modify your connect settings.

You need to log into LinkPoint Central to access the LinkPoint Connect settings. After you login, click on Customization at the top. Then click on “Configure your LinkPoint Connect.” Enter the URL address for the order page on your web site or the very last page during checkout for your shopping cart. You can enter multiple address but they need to be separated by a space. The Order Submission Form field has a limit of 250 characters.

By default LinkPoint Connect will display the customer a confirmation page that they can print out for their records. If you do not create your own thank you and sorry pages then you can enter the address for your web site. For example: http://www.yourdomain.com You only need to enable “URL is a CGI script” if you want LinkPoint to post the data back to your website so you can collect the information using a scripting language like PHP or ASP. If you do not want customers to see the LinkPoint confirmaiton page then you need to enable the auto forwarding option.

CONNECT PAYMENT FORM

You should have a secure server if you plan add your logo or a background image to the LinkPoint Connect secure payment form. If you do not have a secure server then your customers will receive a message stating the page contains both secure and nonsecure items. This will discourage customers form entering their credit card information.

The payment header and footer are only displayed on the LinkPoint Connect confirmation page. The customers will not see this information when they enter their credit card information.

You only need to fill out the custom fields if you are passing fields other than those listed in the Connect manual and want them to be displayed on the confirmation emails. Please be aware that due to technical dificulties you may not always receive the confirmation emails. We suggest using the “comments” and “userid” fields to pass any order information so that it gets recorded in the LinkPoint Central reports. If you decide to use the custom fields you also need to make sure you enable the option to receive a copy of the customer’s receipt.

This post  just provides a general start of how to set up connect onto your website. I will be providing more detailed instructions in future posts.

CONNECT SETUP
There are two steps in order to setup your web site with LinkPoint Connect.

STEP 1
First you will need to copy and paste HTML code to one of your pages on your web site. The HTML code will create a button that your customer will click on and redirect them to a secure page on LinkPoint where they will enter their credit card information. This does require you be familiar with HTML code or creating web pages. Further below is example HTML code for LinkPoint Connect.
Make sure you replace the value for storename, “123456″, with your own store number.
You will also need to replace the value for chargetotal, “2.00″, with the price for your product or service.

<form action=”https://www.linkpointcentral.com/lpc/servlet/lppay” method=”post”>
<input type=”hidden” name=”mode” value=”fullpay”>
<input type=”hidden” name=”chargetotal” value=”2.00″>
<input type=”hidden” name=”storename” value=”123456″>
<input type=”hidden” name=”txntype” value=”sale”>
<input type=”hidden” name=”comments” value=”product info”>
<input type=”submit” value=”Continue to Secure Payment Form”>
</form>

You can also see more examples starting on page 138 of the LinkPoint Connect Manual.
For more information you can view the Adobe Acrobat PDF manual on the following site:
http://www.firstdata.com/downloads/marketing-merchant/fd_globalgatewayconnect_usermanualnorthamerica.pdf

STEP 2
The next step is to enter the address of your order page in LinkPoint Central.
https://www.firstdata.com/ecommerce

Once you log into LinkPoint Central, click on Customization at the top.
Then click on the option, “Configure your LinkPoint Connect.”
In the field, “Order submission form URL,” you will need to enter the address of the page where you added the HTML code.
You can enter more than one address by separating them with a space.
For example:

http://www.yourwebsite.com/order.html

You can use the following credit card for testing. The test credit card will produce a decline response. Please be aware there are transaction fees for each declined transaction.
Visa: 4111111111111111
Expiration: 01/07
Any name and address