Authorization & Payment
Last updated
Last updated
The backoffice offers three ways to do a transaction and each way has its specific purpose. This chapter will explain how to do a transaction, as the basics stay the same and then cover the differences between these three options and when you might want (or have) to use one, over the other.
When navigating to one of those three tabs, you'll be greeted with an entry form, that accepts different values. At the top, you can switch between credit cards and both, of course, have different inputs.
This way of authorization is only supported by credit cards and SEPA Direct debit. With other payment methods, if they support it, you always have to go through an already existing transaction.
With the introduction of PSD2 inside the European Economic Area (EEA), it is no longer allowed to execute credit card transactions on normal E-Commerce terminals. Always execute your payments on your Mail Phone Order Terminal, if you are within the EEA. If you do not have a Mail Phone Order Terminal, please contact your sales contact, you have signed your existing contracts with.
Non-compliance can lead to the transaction just failing, or even legal-problems!
With a credit card, you have the following fields you may (or must) fill in:
Card Number: This is the card number or PAN of the credit card, you want to authorize. This field is mandatory!
Expiry date: This is the expiration date of the card. This field is mandatory!
Owner Name: This is the name of the owner of the card.
Card Verification Code (CVC): Also called Card Verification Value (CVV), from the backside of the credit card.
Amount: This is the amount you want to authorize. It also includes the Currency. This field is mandatory!
Reference number: This is the reference number of the transaction, also called OrderId. While optional, we recommend, that you set one, as it is also forwarded to the processor and will show up on your reconciliation files.
Make sure, that the Reference Number is unique.
Sales Description: A simple description of this transaction.
Payer note on statement: This is the text, that will show up on your customers bank statement. Normally, Saferpay will use the Reference number. However sometimes, you may want to use a different text.
This feature has to be activated, before you can use it. Please contact your sales contact, for activation.
Furthermore: While Saferpay does support quite a long text, processors and banks, often do not support more, than 12 characters.
The purchaser's email address: If you want to, you can send a confirmation e-mail to your customer. The text is largely pre-made by Saferpay, however you can choose the language from the dropdown.
Your email address: Likewise, you can also send an e-mail to one of your e-mail addresses.
While similar, the entry-form for SEPA Direct debit payments has one major difference to the card entry form:
Mandate reference: Each SEPA transaction must have a unique mandate ID. This is not optional and you must make sure, that it is indeed unique.
As mentioned before, there are three main ways of doing a transaction.
Both of them are fundamentally the same and present the same entry form, as described above. The difference lies in the processing side. As credit cards and also SEPA direct debit transactions go through a two-step flow, called an authorization and then the capture.
The difference now is, that Authorization only does exactly that, an authorization, which needs the capture afterwards. Payment however does both in one go, the authorization and also the capture.
It is important to understand the difference between both and what a capture is, since an authorization may be cancelled, while a payment requires a refund. An important distinction, that is further elaborated on over here.
Authorized by phone may look the same to a normal authorization on first glance, but it has one major difference to it.
As you can see, it is limited to credit cards, as this process is only limited to this payment method, but offers generally the same number of inputs, aside one extra input, the Processing AuthCode.
Authorized by phone has nothing to do with Mail Phone Order, as the name may suggest. Instead it describes the way, how this transaction has been authorized.
Usually, your card processor, or acquirer, has an amount-limit set, which depends on you and your business. This is done to prevent money laundering and other fraudulent behavior, for big amounts of money and also mishaps, for example a coworker entering one zero too much.
However, sometimes it may be necessary to exceed the amount limit. If the limit is exceeded on a normal authorization, a special error-message is thrown, telling you to call a special voice authorization number. This number will link you to your acquirer, through that you can request this authorization to be accepted. The acquirer will then pre-authorize the amount and in return, you will get said AuthCode, which you then have to enter into the form above, alongside the card details.
Think of it as a one-time allowance from your acquirer, to exceed the amount-limit.
As long as you do not receive said error-message and you do not have an AuthCode, this type of transaction is not possible. It is only meant for this very special circumstance, which should rarely occur.