The FDMSDebit component is an advanced tool used to authorize debit cards in a Retail environment, where the customer is purchasing products or services in person. This component makes authorizing debit card transactions with a customer PIN very easy.
This component connects to the First Data Merchant Services (FDMS) processor, by way of the Datawire VXN transaction transport network. Transactions originating with these components go through Datawire, to the FDMS processor where the transaction is authorized. The result is then returned back through Datawire and received by the component. This component can be integrated into web pages or stand-alone Point Of Sale applications. Because all SSL communications are handled inside the component, any application or web page can be deployed without the need for expensive dedicated SSL servers.
The FDMSDebit component makes authorizing debit transactions (where the customer is present and inputs his PIN number) very easy by adding an additional layer of abstraction between the programmer and the protocol. There is no need to deal with raw sockets, TLS/SSL handshakes, or data packet formatting. The steps to setting up the component and sending transactions are outlined below:
First, you must register and activate your account with Datawire. Datawire will provide you with a MerchantNumber and MerchantTerminalNumber, but you'll need to use the FDMSRegister component to activate the merchant and receive a DatawireId. Once you acquire the DatawireId and receive your transaction URLs through Service Discovery, you may begin to authorize transactions.
To authorize a credit card, set the MerchantNumber and MerchantTerminalNumber with the values supplied by FDMS and Datawire, and the DatawireId with the value retrieved by the FDMSRegister component after activating your merchant account. Set the URL property with one of the URLs you retrieved during Service Discovery.
FDMSDebit.MerchantNumber = "000000999990"; //Supplied by FDMS/Datawire FDMSDebit.MerchantTerminalNumber = "555555"; //Supplied by FDMS/Datawire FDMSDebit.DatawireId = "0000B47FFFFFFFFFFFFF"; //Retrieved with the FDMSRegister component. FDMSDebit.URL = "https://staging1.datawire.net/sd/"; //Retrieved with the FDMSRegister component.Next, set properties that contain details about the transaction. The TransactionNumber should be incremented for every transaction you send. The TransactionAmount must be set, and it should contain the amount to be charged, with an implied decimal point (ie: $1.00 is "100"). There is no IndustryType property for the FDMSDebit component. The format of the transmitted data does not change for different industry types. Do note that the FDMSDebit component can only be used in a retail environment, where the card and customer are present. The card must be swiped and track2 data must be sent in MagneticStripe field - debit transactions may NOT be manually-keyed. Debit transactions also require the customer to input his PIN into a certified PIN Pad device, which will return an encrypted PIN and a Key Sequence Number to the merchant. These must be submitted with the transaction in the EncryptedPIN and KSN properties. A unique ReceiptNumber used to identify the transaction on the merchant's system is also required for all transactions. This number must also be printed on the customer's receipt.
Debit sale transactions differ from credit card authorizations in that they are real-time -- Funds are immediately removed from (or added to) the customer's bank account. However, even though debit transactions are real-time, FDMS requires they be settled at the end of the day just like credit card transactions.
The example below shows how to submit a simple debit sale transaction.
FDMSDebit.TransactionNumber = 1; FDMSDebit.TransactionAmount = "2500"; FDMSDebit.Card.MagneticStripe = "4017779999999011=12041200000000001"; FDMSDebit.Card.EntryDataSource = edsTrack2; FDMSDebit.EncryptedPIN = "37B8091E37FA1773"; FDMSDebit.KSN = "8765432109003000018"; FDMSDebit.ReceiptNumber = "123456"; FDMSDebit.Sale();
When the component receives a response, the result of the authorization will be available in several Response properties. The DatawireStatus and DatawireReturnCode indicate whether any errors occurred while passing the transaction through the Datawire VXN system. These two properties alone do not indicate a successful transaction, they only tell whether or not there were any problems transporting the authorization request and response through the Datawire system. If the transaction was successfully authorized by FDMS, then the CaptureFlag will be True, and the ApprovalCode will contain an approval code that beings with "AP". (or "AL" for components that support partially-approved/split-tender transactions).
Once an authorization request is approved, the money in the customer's account is blocked and tagged for the merchant. This transaction must go through the Batch Settlement process in order for the blocked money to be transferred to the merchant account. This is done by passing the XML aggregate returned from the GetDetailAggregate method to the FDMSSettle component. Usually, a Batch Settlement of all authorized transactions is done at the end of each business day.
Important Note: You must ping your list of service provider URLs and update the URL property to the service provider with the shortest response time every 100 transactions, as well as when your application initially starts. This is not a normal ICMP ping - to determine the fastest transaction URL you must use the special Ping method inside the FDMSRegister component. (You may update your list of service provider URLs with the FDMSRegister component's ServiceDiscovery method).
The following is the full list of the properties of the component with short descriptions. Click on the links for further details.
|ApplicationId||Identifies the merchant application to the Datawire System.|
|Card||Contains the customer's credit card information.|
|CashBack||Optional cash back amount to return to the customer.|
|DatawireId||Identifies the merchant to the Datawire System.|
|EncryptedPIN||DUKPT DES encrypted pin block, retrieved from a PIN pad.|
|FDMSPlatform||Specifies the FDMS platform that the transactions will be processed on.|
|KSN||Clear-text Key Sequence Number retrieved from a PIN pad.|
|MerchantNumber||A unique number used to identify the merchant within the FDMS and Datawire systems.|
|MerchantTerminalNumber||Used to identify a unique terminal within a merchant location.|
|Proxy||A set of properties related to proxy access.|
|ReceiptNumber||Merchant generated number used to identify the transaction.|
|Response||Contains the response to a debit transaction.|
|SSLAcceptServerCert||Instructs the component to unconditionally accept the server certificate that matches the supplied certificate.|
|SSLCert||The certificate to be used during SSL negotiation.|
|SSLServerCert||The server certificate for the last established connection.|
|Timeout||A timeout for the component.|
|TransactionAmount||Total amount for the debit transaction.|
|TransactionNumber||Uniquely identifies the transaction.|
|URL||Location of the Datawire server to which transactions are sent.|
The following is the full list of the methods of the component with short descriptions. Click on the links for further details.
|Config||Sets or retrieves a configuration setting.|
|Credit||Submits a credit transaction, returning funds to a debit card.|
|GetDetailAggregate||Returns an aggregate containing details of this transaction, which is then used for settlement.|
|Interrupt||Interrupts the current action.|
|Reset||Clears all properties to their default values.|
|ReverseLastTransaction||Used to reverse/void a previous transaction.|
|Sale||Submits a sale transaction for a debit card.|
|VoidTransaction||Used to void a debit sale or credit transaction.|
The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.
|Connected||Fired immediately after a connection completes (or fails).|
|DataPacketIn||Fired when receiving a data packet from the transaction server.|
|DataPacketOut||Fired when sending a data packet to the transaction server.|
|Disconnected||Fired when a connection is closed.|
|Error||Information about errors during data delivery.|
|SSLServerAuthentication||Fired after the server presents its certificate to the client.|
|SSLStatus||Shows the progress of the secure connection.|
|Status||Shows the progress of the FDMS/Datawire connection.|
The following is a list of configuration settings for the component with short descriptions. Click on the links for further details.
|AllowPartialAuths||Indicates whether partial authorizations are to be supported.|
|ClientTimeout||Indicates timeout client application will wait for response.|
|ParseAggregate||Parses a detail aggregate and populates the component to perform a timeout reversal.|
|RawRequest||Returns the request sent to the server for debugging purposes.|
|RawResponse||Returns the response received from the server for debugging purposes.|
|ResponseAuthorizedAmount||The amount actually charged to the debit card.|
|CloseStreamAfterTransfer||If true, the component will close the upload or download stream after the transfer.|
|ConnectionTimeout||Sets a separate timeout value for establishing a connection.|
|FirewallAutoDetect||Tells the component whether or not to automatically detect and use firewall system settings, if available.|
|FirewallHost||Name or IP address of firewall (optional).|
|FirewallListener||If true, the component binds to a SOCKS firewall as a server (IPPort only).|
|FirewallPassword||Password to be used if authentication is to be used when connecting through the firewall.|
|FirewallPort||The TCP port for the FirewallHost;.|
|FirewallType||Determines the type of firewall to connect through.|
|FirewallUser||A user name if authentication is to be used connecting through a firewall.|
|KeepAliveInterval||The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.|
|KeepAliveTime||The inactivity time in milliseconds before a TCP keep-alive packet is sent.|
|Linger||When set to True, connections are terminated gracefully.|
|LingerTime||Time in seconds to have the connection linger.|
|LocalHost||The name of the local host through which connections are initiated or accepted.|
|LocalPort||The port in the local host where the component binds.|
|MaxLineLength||The maximum amount of data to accumulate when no EOL is found.|
|MaxTransferRate||The transfer rate limit in bytes per second.|
|ProxyExceptionsList||A semicolon separated list of hosts and IPs to bypass when using a proxy.|
|TCPKeepAlive||Determines whether or not the keep alive socket option is enabled.|
|TcpNoDelay||Whether or not to delay when sending packets.|
|UseIPv6||Whether to use IPv6.|
|UseNTLMv2||Whether to use NTLM V2.|
|CACertFilePaths||The paths to CA certificate files when using Mono on Unix/Linux.|
|LogSSLPackets||Controls whether SSL packets are logged when using the internal security API.|
|ReuseSSLSession||Determines if the SSL session is reused.|
|SSLCACerts||A newline separated list of CA certificate to use during SSL client authentication.|
|SSLCheckCRL||Whether to check the Certificate Revocation List for the server certificate.|
|SSLCipherStrength||The minimum cipher strength used for bulk encryption.|
|SSLEnabledCipherSuites||The cipher suite to be used in an SSL negotiation.|
|SSLEnabledProtocols||Used to enable/disable the supported security protocols.|
|SSLEnableRenegotiation||Whether the renegotiation_info SSL extension is supported.|
|SSLIncludeCertChain||Whether the entire certificate chain is included in the SSLServerAuthentication event.|
|SSLNegotiatedCipher||Returns the negotiated ciphersuite.|
|SSLNegotiatedCipherStrength||Returns the negotiated ciphersuite strength.|
|SSLNegotiatedKeyExchange||Returns the negotiated key exchange algorithm.|
|SSLNegotiatedKeyExchangeStrength||Returns the negotiated key exchange algorithm strength.|
|SSLNegotiatedProtocol||Returns the negotiated protocol version.|
|SSLProvider||The name of the security provider to use.|
|SSLSecurityFlags||Flags that control certificate verification.|
|SSLServerCACerts||A newline separated list of CA certificate to use during SSL server certificate validation.|
|TLS12SignatureAlgorithms||Defines the allowed TLS 1.2 signature algorithms when UseInternalSecurityAPI is True.|
|TLS12SupportedGroups||The supported groups for ECC.|
|TLS13KeyShareGroups||The groups for which to pregenerate key shares.|
|TLS13SignatureAlgorithms||The allowed certificate signature algorithms.|
|TLS13SupportedGroups||The supported groups for (EC)DHE key exchange.|
|AbsoluteTimeout||Determines whether timeouts are inactivity timeouts or absolute timeouts.|
|FirewallData||Used to send extra data to the firewall.|
|InBufferSize||The size in bytes of the incoming queue of the socket.|
|OutBufferSize||The size in bytes of the outgoing queue of the socket.|
|BuildInfo||Information about the product's build.|
|GUIAvailable||Tells the component whether or not a message loop is available for processing events.|
|LicenseInfo||Information about the current license.|
|UseInternalSecurityAPI||Tells the component whether or not to use the system security libraries or an internal implementation.|