LogoLogo
BlogLogin
English
English
  • An Introduction to Saferpay
    • Licensing
      • Legacy licensing
    • Reconciliation
    • Acquirers & Payment Methods
    • Web Shop Plugins and certified partners
      • ePages Beyond
      • ePages NOW
      • Magento 2
      • Odoo
      • PrestaShop
        • PrestaShop User Guide
      • Salesforce Commerce Cloud
      • SAP Commerce Cloud
      • Shopware 6
        • Shopware 6 User Guide - German
        • Shopware 6 User Guide - English
      • WordPress WooCommerce
      • Shopify
    • Supported Languages
    • Common Saferpay terms - Glossary
  • News
    • Changes for transactions without customer presence
    • Changes for the Saferpay Hosted Forms, Fields and Payment Page
  • Quick Links
    • Web Shop Plugins and certified partners
    • Secure PayGate
    • User Administration
    • Payment Page Configuration
    • Risk Management
    • API Authentication
  • Interfaces
    • Payment API (aka JSON API)
    • Management API
    • Backoffice
      • The Home screen
      • Batch Processing
      • Transactions
        • Transaction Details
        • Batch Close
        • Declined transactions
        • Pending authorizations
        • Analytics
        • SEPA Refunds Export
        • Authorization & Payment
        • Credit
      • Risk Management
      • Secure PayGate / Payment Links
      • Secure Card Data
        • Secure Card Data Details
      • Settings
        • JSON API basic/Client Certificate authentication
        • User Administration
        • Payment Page Configuration
      • Online Support
      • User Profile
    • Saferpay OnSite
    • Feedback
  • Integration Guide
    • Integrating Saferpay
    • General Information
      • Data Security and PCI DSS
      • Versioning
      • 3-D Secure
      • Payment Service Directive 2 - PSD2
      • Dynamic Currency Conversion
      • Iframe Integration and CSS
    • Ways of integration
      • Payment Page
        • Payment Page checklist
      • Transaction Interface
        • Recurring Payments
        • Refunds
          • SEPA Refunds
      • Capture and Daily Closing
        • Partial Captures
          • Marketplace
      • Secure Card Data - Tokenization
      • Saferpay Fields
      • Inquire Interfaces
      • Mobile Integration
      • Omni-Channel
      • Fraud Intelligence
        • Silver
        • Fraud Intelligence Integration
      • Mail Phone Order
      • Error Handling
      • API Health Check
      • Saferpay API Specification
    • Payment Methods & Wallets
      • General and special cases
      • Account-to-Account Payments
      • Alipay+
      • Apple Pay
      • American Express
      • Bancontact
      • Billie
      • blik
      • Click to Pay
      • Diners Club International & Discover Card
      • eps
      • giropay
      • Google Pay
      • iDEAL 2.0
      • JCB
      • Klarna Payments
      • Maestro International
      • Mastercard
      • paydirekt
      • PayPal
      • PostFinance Pay
      • Przelewy24
      • Reka
      • SEPA Direct Debit
      • Sofort by Klarna
      • TWINT
      • UnionPay
      • Visa & V PAY
      • WeChat Pay
      • WL Crypto Payments
    • Testing
    • Go-Live
    • Frequently Asked Questions
    • Saferpay Demo
      • Saferpay Demo Environment
      • Saferpay Demo Shop
    • Support
    • Changelog
Powered by GitBook
On this page
  • Requirements
  • Option #1: Don't do MPO transactions
  • Option #2: The Saferpay Backoffice
  • Option #3: The Saferpay API

Was this helpful?

  1. Integration Guide
  2. Ways of integration

Mail Phone Order

PreviousFraud Intelligence IntegrationNextError Handling

Last updated 1 year ago

Was this helpful?

PCIMail Phone Order (MPO) describes a flow, where the cardholder either calls the merchant, or provides his card details via classical mail. A merchant employee then takes the data and enters it into an application, that then authorizes the card data via a special Mail Phone Order terminal and contract.

Saferpay offers 3 basic ways of covering this need, which will be explained in the following chapter.

Requirements

The following things are required, if you want to accept MPO Transactions in general:

  • A valid Saferpay Account and Login

    • At least one attached to that account, with corresponding acceptance-contracts for the desired payment methods.

  • Since MPO is a concept only known with credit and new debit cards, it is limited to these payment methods.

  • Access to the Saferpay Payment API (Options #1, if API is used, and #3)

Option #1: Don't do MPO transactions

First and foremost, you should consider the other options you have. Mail Phone Order transactions are generally more expensive and offer a higher risk in terms of fraud, which is why we generally recommend considering all your other options instead.

Most noticeably, the . In short, the SPG offers a way to present the cardholder with a secure way of executing e-commerce payments via payment-link, either sent through an e-mail, or other means.

This way, you and your customer would benefit from more security, offered by such features like 3D Secure, but also the availability of all the other payment methods, that do not know MPO as a concept.

You would simply capture the customer's e-mail via phone and send them a mail, that contains the payment link. The payment is then carried out on the customers' device.

While it is classically being used via the Saferpay Backoffice, the , that allows the integration into any system you like -as long as it allows for such a thing-, for more flexibility.

Option #2: The Saferpay Backoffice

Option #3: The Saferpay API

Are options 1+2 not suited for your needs, then you can always opt for using the Saferpay Payment API in order to execute MPO transactions.

Naturally, no Liabilityshift through 3D Secure is given for MPO transactions!

The Saferpay Backoffice itself out of the box. Simply select your MPO-terminal and enter your customer's card details, there is no integration needed on your end.

This type of integration requires your system to have at least an . Still: At no point should the card details come in contact with your systems, not even in RAM! Always post the details directly to Saferpay, either through the Hosted Card Entry forms, the Saferpay Fields, or by diectly posting the details from your form, to Saferpay (more below).

The , with the following additional/important information:

As 3D Secure and DCC are unknown to MPO transactions, no redirect is required. , simply to pass/capture the card-data and then .

Do not forget to use your , so transactions are processed as MPO.

Since an SAQ-A EP certification is needed, , though .

offers the possibility of executing Mail Phone Order transactions
integration simply follows our normal transaction-interface integration rules
Secure PayGate (SPG)
we recommend using the Saferpay Fields
Mail Phone Order terminal ID
Mail Phone Order terminal
SPG also offers an API
SAQ-A EP level PCI certification
As stated in the guide
execute the Initialize
continue with the Authorize
you are allowed to use your own card form