Skip to main content

Overview

This document provides high level description of functionalities offered by Merchant Paytool. Merchant Paytool supports e-commerce transactions, thus releasing Merchant from the need to handle the transaction process on Merchant side – the entire transaction process will be handled by Verestro. The tool is very easy to integrate because it requires plugging one library (Web SDK integration) or integrating  two API methods (REST API integration). The solution can be supported by various Acquirers. Note that if the Customer requires the settlement of the transaction by a new Acquirer – to which Verestro is not integrated – there will be required new integration between Verestro and the new Acquirer. The specification of the new Acquirer should be provided by the Customer.

Abbreviations

This section shortly describes abbreviations and acronyms used in the document.

Abbreviation

Description

ACQ

Acquiring Institution / Acquirer

ACS

Access Control Server

SDK

Software Development Kit

OS

Operative System

Mid

Merchant Identifier

PCI DSS

Payment Card Industry Data Security Standard

PAN

Permanent Account Number

CVC

Card Verification Code

3DS

3-D Secure

Terminology

This section explains a meaning of key terms and concepts used in this document.

Name

Description

Customer/Merchant

Institution which uses Verestro products. This institution decides which solution should be used depending on the business requirements and how transaction should be processed.

User

End-User which uses Merchant Paytool solution. It is root of entity tree. User is an owner of the card and is an entity that decides to pay for the purchase with the Merchant Paytool solution, selecting it from the list of payment methods available on the Merchant (Customer) website.

Card

Card belongs to the user. If user intends to pay with the Merchant Paytool solution, then has to insert required card's data to the appropriate fields shared by the Merchant Paytool solution. Card data will not be stored in the Verestro system. They will be provided to Acquirer.

Acquirer

External Institution resposible for processing transaction and 3ds requests ordered by the Merchant Paytool solution. Acquirer connects with banks / card issuers and returns an information whether the ordered action on a given card is possible.

MID

Merchant identifier. This entity is represending Merchant in Acquirer's system. Customerhas to provide the mid information to enable mid configuration in the Verestro system. Required to process transactions and 3DS via Verestro system.

API Key

Unique UUID value assigned to the Customer account in Merchant Paytool Backend. Using this value, the Merchant Paytool SDK is able to get all configuration data required to perform transaction process via Merchant Paytool Solution.

PAN

It is 7-16 digits of the credit/debit card number. These digits contain the Permanent Account Number assigned by the bank to uniquely identify the account holder. It is necessary to provide it when User wants to pay with a card for purchases on the internet.

CVC

It is a type of security code protecting against fraud in remote payments. Card Verification Code is necessary to provide it when User wants to pay with a card for purchases on the internet.

Expiration Date

It is a date of the card validity ending and contains two values – month/year. Card will be valid to the last day of the month of the year showed on it. It is necessary to provide it when User wants to pay with a card for purchases on the internet.

3DS

3-D Secure is a method of authorization of transaction made without the physical use of a card, used by payment organization. The 3DS process in the Merchant Paytool solution is performed internally in the Verestro system.

PCI DSS

It is a security standard used in environments where the data of payment cardholders is processed. The standard covers meticulous data processing control and protection of users against violations.

Merchant Paytool key components

Merchant Paytool is a solution that has been created to provide customers with functionality that allows them to make payments for their products and at the same time the easiest to integrate. An additional assumption was that the entire payment process should be performed outside the customer's system, which frees them from the need to handle such processes as 3D Secure or the transaction itself. The client only receives information that the transaction was successful or not. Customer can also decide where the user should be redirected depending on the transaction status. This section provides introduction to technologies which are supported by Merchant Paytool Solution. High level architectures are presented to show the place and usage of the each Verestro component.

Component

Description

Merchant Paytool Frontend

Component containing the part of the solution which is displayed to the User. Basic information about the transaction shown such as the name of the Merchant (Customer), amount and currency, as well as inputs for card data.

Merchant Paytool SDK

Component containing all necessary scripts whether to perform communication between Merchant Paytool Frontend and Backend and the data exchanging between these two components. Merchant Paytool SDK should be included on the Customer website.

Merchant Paytool Backend

Component stores the configuration data of a given Customer such Merchant Name or Merchant Id and it is responsible for providing all necessary configurations to the Frontend. It also communicating with various Acquirers and triggers notifications to the Customer and the User (depending on the Customer requirements) about successful or unsuccessful transaction.

Notification Service

Component responsible for sending information to the Customer about the status of the transaction status. It is also responsible for sending email to the User about the transaction. Notification Service is triggered by Merchant Paytool Backend.

Implementation models

Verestro provides two implementation models for the Merchant Paytool Solution - integrated and REST API.

Integrated

In this model Customer is owner of the Merchant Paytool Solution. Verestro provides SDK and backend interface. Customer is responsible for integrate provided SDK with his own website or application. Technical information about the integration can be found here.

Below diagram shows high level architecture used in the solution in the Integrated implementation model:

image-1652356676241.png

REST API

In this model Customer has his own SDK or application which should be integrated with Merchant Paytool backend. Verestro provides all necessary backend methods. Customer is responsible for integrate provided methods with his own application. Customer is also responsible for redirecting the user to the Paytool payment form. Technical information about the integration can be found here.

Below diagram shows high level architecture used in the solution in the Integrated implementation model:

image-1652356723837.png

Server Components

Server components are backend services which are designed to process requests from the frontend part, provide and exchange necessary data such as user data between each other and communicate with Acquirers.

Merchant Paytool Server

Merchant Paytool Server is the backend component which consists of few internal services which are responsible for managing card and user data, processing transactions and 3D Secure and storing transaction history. This component is also responsible for connection with Acquirers. Services included in the Merchant Paytool Backend can be divided into two groups:

  • Services that are part of the Merchant Paytool Solution.

  • Services supporting the functionalities offered by Merchant Paytool Solution.

List of services which are the part of the Merchant Paytool Solution:

  • Paytool API - a service with the methods needed to complete the entire transaction process. The methods are called by Merchant Paytool SDK in the right order to make the entire payment and 3D Secure process. This service also communicates with the Verestro Acquirer Connector, which orders the execution of the transaction.

  • Merchant Paytool SDK - it is a library that is responsible for data transfer between Merchant Paytool Frontend and Backend. It is also a part of the solution that the customer has to include to his website.

List of services which are supporting the functionalities offered by Merchant Paytool Solution:

  • Midas API - it is a connector between the Verestro system and the Acquirer. It transfers requests for transactions to Acquirers and also informs about the need to perform 3D Secure.

  • Notification Service - service responsible for sending notifications to users and customers. Notifications can be sent via multiple paths depending on customer requirements. For example, they can be e-mail, SMS or sent to a specific URL provided by the customer.

Merchant Paytool Frontend Application

It is an application hosted on the Verestro side, which is responsible for accepting card details from the user and starting the transaction process. If the user selects the Merchant Paytool payment option on the merchant's website, he will be redirected to this component and the form will be displayed. More informations can be found in "User flow" chapter.