Mail Phone Order
Last updated
Was this helpful?
Last updated
Was this helpful?
PCIMail Phone Order (MPO) describes a flow, where the cardholder either calls the merchant, or provides his card details via classical mail. A merchant employee then takes the data and enters it into an application, that then authorizes the card data via a special Mail Phone Order terminal and contract.
Saferpay offers 3 basic ways of covering this need, which will be explained in the following chapter.
The following things are required, if you want to accept MPO Transactions in general:
A valid Saferpay Account and Login
At least one attached to that account, with corresponding acceptance-contracts for the desired payment methods.
Since MPO is a concept only known with credit and new debit cards, it is limited to these payment methods.
Access to the Saferpay Payment API (Options #1, if API is used, and #3)
First and foremost, you should consider the other options you have. Mail Phone Order transactions are generally more expensive and offer a higher risk in terms of fraud, which is why we generally recommend considering all your other options instead.
Most noticeably, the . In short, the SPG offers a way to present the cardholder with a secure way of executing e-commerce payments via payment-link, either sent through an e-mail, or other means.
This way, you and your customer would benefit from more security, offered by such features like 3D Secure, but also the availability of all the other payment methods, that do not know MPO as a concept.
You would simply capture the customer's e-mail via phone and send them a mail, that contains the payment link. The payment is then carried out on the customers' device.
While it is classically being used via the Saferpay Backoffice, the , that allows the integration into any system you like -as long as it allows for such a thing-, for more flexibility.
Are options 1+2 not suited for your needs, then you can always opt for using the Saferpay Payment API in order to execute MPO transactions.
Naturally, no Liabilityshift through 3D Secure is given for MPO transactions!
The Saferpay Backoffice itself out of the box. Simply select your MPO-terminal and enter your customer's card details, there is no integration needed on your end.
This type of integration requires your system to have at least an . Still: At no point should the card details come in contact with your systems, not even in RAM! Always post the details directly to Saferpay, either through the Hosted Card Entry forms, the Saferpay Fields, or by diectly posting the details from your form, to Saferpay (more below).
The , with the following additional/important information:
As 3D Secure and DCC are unknown to MPO transactions, no redirect is required. , simply to pass/capture the card-data and then .
Do not forget to use your , so transactions are processed as MPO.
Since an SAQ-A EP certification is needed, , though .