3.1. /api/v2/account-verification
Introduction
Account Verification is initiated through HTTPS POST request by using URLs and the parameters specified below. Use SHA-1 for authentication. See Statuses.
API URLs
Integration |
Production |
---|---|
https://sandbox.sbctech.ru/paynet/api/v2/account-verification/ENDPOINTID |
https://gate.sbctech.ru/paynet/api/v2/account-verification/ENDPOINTID |
https://sandbox.sbctech.ru/paynet/api/v2/account-verification/group/ENDPOINTGROUPID |
https://gate.sbctech.ru/paynet/api/v2/account-verification/group/ENDPOINTGROUPID |
Request Parameters
Note
Warning
The following characters must be escaped in the parameter values: & + “.
Parameter Name |
Description |
Value |
---|---|---|
client_orderid |
Unique order identifier assigned by Connecting Party. |
Necessity : RequiredType : StringLength : 128 |
order_desc |
Brief order description. |
Necessity : RequiredType : StringLength : 64k |
address1 |
Payer’s address line 1. |
Necessity : RequiredType : StringLength : 50 |
city |
Payer’s city. |
Necessity : RequiredType : StringLength : 50 |
zip_code |
Payer’s ZIP code. |
Necessity : RequiredType : StringLength : 10 |
country |
Payer’s country. Please see Country codes for a list of valid country codes. |
Necessity : RequiredType : StringLength : 2 |
Payer’s e-mail address. |
Necessity : RequiredType : StringLength : 50 |
|
cvv2 |
Payer’s CVV2 code. CVV2 (Card Verification Value) is a three- or four-digit number AFTER the credit card number in the signature area of the card. |
Necessity : RequiredType : NumericLength : 3-4 |
ipaddress |
Payer’s IP address, included for fraud screening purposes. |
Necessity : RequiredType : StringLength : 45 |
control |
Checksum generated by SHA-1. Control string is represented as concatenation of the following parameters:
1. <ENDPOINTID | ENDPOINTGROUPID> (See: Request URL)
2. Request parameter: client_orderid
3. Request parameter: email
4. merchant_control (Control key assigned to Connecting Party account in the SBC gateway system).
|
Necessity : RequiredType : StringLength : 128 |
first_name |
Payer’s first name. |
Necessity : OptionalType : StringLength : 50 |
last_name |
Payer’s last name. |
Necessity : OptionalType : StringLength : 50 |
cardrefid |
Card reference ID obtained at Card Registration Stage. |
Necessity : OptionalType : StringLength : 50 |
ssn |
Last four digits of the Payer’s social security number. |
Necessity : OptionalType : NumericLength : 32 |
birthday |
Payer’s date of birth, in the format YYYYMMDD. |
Necessity : OptionalType : NumericLength : 8 |
state |
Payer’s state. Please see Mandatory State codes for a list of valid state codes. Required for USA, Canada and Australia. |
Necessity : ConditionalType : StringLength : 2-3 |
phone |
Payer’s full international phone number, including country code. |
Necessity : OptionalType : StringLength : 15 |
cell_phone |
Payer’s full international cell phone number, including country code. |
Necessity : OptionalType : StringLength : 15 |
credit_card_number |
Payer’s credit card number. Send either combination of credit_card_number, card_printed_name, expire_month and expire_year or cardrefid, not all. |
Necessity : ConditionalType : NumericLength : 20 |
card_printed_name |
Cardholder name, printed on the bank card. |
Necessity : ConditionalType : StringLength : 128 |
expire_month |
Bank card expiration month. |
Necessity : ConditionalType : NumericLength : 2 |
expire_year |
Bank card expiration year. |
Necessity : ConditionalType : NumericLength : 4 |
site_url |
The URL of the E-commerce entity, where the payment is originated from. |
Necessity : OptionalType : StringLength : 128 |
purpose |
Destination to where the payment goes. It is useful for the Connecting Partys who let their Payers to top up their accounts with bank card (Mobile phone accounts, game accounts etc.). Sample values are: +7123456789; gamer0001@ereality.com etc. This value can be used by the fraud monitoring system. |
Necessity : OptionalType : StringLength : 128 |
server_callback_url |
URL, where the transaction status is sent to. Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url refer to Connecting Party callback parameters. |
Necessity : OptionalType : StringLength : 128 |
SBP Sale Request Parameters
Parameter Name |
Description |
Value |
---|---|---|
client_orderid |
Unique order identifier assigned by Connecting Party. |
Necessity : RequiredType : StringLength : 128 |
order_desc |
Brief order description. |
Necessity : RequiredType : StringLength : 64k |
amount |
Amount to be charged. The amount has to be specified in the highest units with . delimiter. For instance, 10.5 for USD means 10 US Dollars and 50 Cents. |
Necessity : RequiredType : NumericLength : 10 |
currency |
Currency the transaction is charged in (See: Currency codes). Sample values are: USD for US Dollar EUR for European Euro. |
Necessity : RequiredType : StringLength : 3 |
address1 |
Payer’s address line 1. |
Necessity : RequiredType : StringLength : 50 |
city |
Payer’s city. |
Necessity : RequiredType : StringLength : 50 |
zip_code |
Payer’s ZIP code. |
Necessity : RequiredType : StringLength : 10 |
country |
Payer’s country. Please see Country codes for a list of valid country codes. |
Necessity : RequiredType : StringLength : 2 |
phone |
Payer’s full international phone number, including country code. |
Necessity : RequiredType : StringLength : 15 |
Payer’s e-mail address. |
Necessity : RequiredType : StringLength : 50 |
|
ipaddress |
Payer’s IP address, included for fraud screening purposes. |
Necessity : RequiredType : StringLength : 45 |
control |
Checksum generated by SHA-1. Control string is represented as concatenation of the following parameters:
1. <ENDPOINTID | ENDPOINTGROUPID> (See: Request URL)
2. Request parameter: client_orderid
3. Request parameter: amount (in minor units)
4. Request parameter: email
5. merchant_control (Control key assigned to Connecting Party account in the SBC gateway system).
|
Necessity : RequiredType : StringLength : 40 |
redirect_url |
URL, where the Payer is redirected to upon completion of the transaction. Please note that redirection is performed in any case, no matter whether transaction is approved, declined in any other final status.
Connecting Party must not use the parameters come along with the redirect HTTP Request to treat the status of the transaction. Instead Connecting Party can utilize server_callback_url or status API command. Pass http://https://doc.sbctech.ru/ if you have no need to return payer anywhere. Use either redirect_url or combination of redirect_success_url and redirect_fail_url, not both.
|
Necessity : OptionalType : StringLength : 1024 |
cell_phone |
Payer’s full international cell phone number, including country code. |
Necessity : OptionalType : StringLength : 15 |
site_url |
The URL of the E-commerce entity, where the payment is originated from. |
Necessity : OptionalType : StringLength : 128 |
purpose |
Destination to where the payment goes. It is useful for the Connecting Party’s who let their payers to top up their accounts with bank card (Mobile phone accounts, game accounts etc.). Sample values are: +7123456789; gamer0001@ereality.com etc. This value can be used by the fraud monitoring system. |
Necessity : OptionalType : StringLength : 128 |
server_callback_url |
URL, where the transaction status is sent to.
Connecting Party may use server callback URL for custom processing of the transaction completion, e.g. to collect payment data in the Connecting Party’s information system. For the list of parameters which come along with server callback to server_callback_url refer to Connecting Party callback parameters.
|
Necessity : OptionalType : StringLength : 1024 |
merchant_data |
Custom Connecting Party details, which can be attached to the transaction and passed back in the status response, Connecting Party callback parameters or server_callback_url. Additional information of transaction which may be useful in Connecting Party’s external system, e.g. VIP customer, TV promo campaign lead.
Information returns in Status response and Connecting Party Callback.
|
Necessity : OptionalType : StringLength : 64k |
dapi_imei |
Unique device identifier. |
Necessity : OptionalType : StringLength : 32 |
Response Parameters
Note
Response Parameters |
Description |
---|---|
type |
The type of response. May be async-response, validation-error, error etc.
If type equals validation-error or error, error-message and error-code parameters contain error details.
|
paynet-order-id |
Order id assigned to the order by SBC. |
merchant-order-id |
Connecting Party order id. |
serial-number |
Unique number assigned by SBC server to particular request from the Connecting Party. |
error-message |
If status is error this parameter contains the reason for decline or error details. |
error-code |
The error code is case of error status. |
Request Example
POST /paynet/api/v2/account-verification/39915 HTTP/1.1
User-Agent: curl/7.83.0
Accept: */*
Content-Length: 527
Content-Type: application/x-www-form-urlencoded
Connection: close
client_orderid=34T43R77N
&order_desc=Test Order Description
&first_name=John
&last_name=Smith
&birthday=19820115
&address1=100 Main st
&city=Seattle
&state=WA
&zip_code=98102
&country=US
&phone=+12063582043
&cell_phone=+19023384543
&email=john.smith@gmail.com
&ipaddress=65.153.12.232
&site_url=www.google.com
&credit_card_number=4666034752545240
&card_printed_name=CARD HOLDER
&expire_month=12
&expire_year=2099
&cvv2=123
&purpose=user_account1
&server_callback_url=https://httpstat.us/200
&merchant_data=VIP customer
&control=5112b51084be33fa331d995d17b9d82af3bfbbc9
Success Response Example
HTTP/1.1 200
Server: server
Date: Thu, 27 Apr 2023 14:03:58 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 145
type=async-response
&serial-number=00000000-0000-0000-0000-000002e34518
&merchant-order-id=34T43R77N
&paynet-order-id=6994016
&end-point-id=39915
Fail Response Example
HTTP/1.1 200
Server: server
Date: Mon, 22 May 2023 11:14:25 GMT
Content-Type: text/html;charset=utf-8
Connection: close
Vary: Accept-Encoding
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Strict-Transport-Security: max-age=31536000
Content-Length: 152
type=validation-error
&serial-number=00000000-0000-0000-0000-000002e5c583
&merchant-order-id=34T43R77N
&error-message=INVALID_CONTROL_CODE
&error-code=2
Postman Collection
Request Builder
String to sign |
---|
Signature |
---|
|