Saferpay Secure PayGate enables you to create offers, add a payment link and send them to your buyer via e-mail. Clicking on the payment link takes the buyer directly to the Saferpay payment page, where they can pay online without card information ever being transmitted over an unsecure channel.

This allows written or telephone orders (Mail/Phone Order) to be allocated for online payment by using a 3-D Secure procedure (Verified by Visa, MasterCard SecureCode, American Express SafeKey, Diners Club Protect Buy).

Payment with Secure PayGate involves the following steps:

1. The merchant enters a offer and sends it to the buyer via e-mail through the Saferpay application or their own e-mail program.

2. The buyer activates the payment link they received in the e-mail. They are then connected to Saferpay via a secure connection. The Saferpay payment page opens in their browser. They select a payment method and make the payment.

3. The payment page confirms that the payment was successful and sends the cardholder a confirmation via e-mail.

4. The Saferpay application sends the merchant an e-mail informing them that the payment has been made.

5. The payment is visible in the journal as a Secure PayGate reservation. It must be booked there after the usual checks.

6. The booking is sent to the acquirer together with the other bookings in the batch close.

Requirements for Secure PayGate

The Secure PayGate service must be activated with Saferpay and a secure electronic commerce agreement concluded with the acquirer.

Additional technical requirements:

• For the usage of the JSON API functions a Saferpay eCommerce Licence is mandatory.

Storage and tracking of Secure PayGate payments

The following measures are necessary to ensure you are prepared for any objections (chargebacks) and can provide the acquirer with the necessary documentation on request:

• Send a copy of all e-mails to the "BCC address" and store them, together with the attached GTCs, for at least 24 months.

• Obtain the details of the cardholder's payment, including the MPI log, from the Saferpay Backoffice.

Accessing Secure PayGate

In the navigation bar, click on "Secure PayGate" or one of the sub-items to access the area concerned. You can then navigate within Secure PayGate via the same items in the menu on the left.

Settings

To activate Secure PayGate, the first time you access the application you must specify the basic settings.

First of all, enter the e-mail address you want payment notifications to be sent to.

By activating the “Default Authorization Type” function, you can define whether Secure PayGate transactions should be captured automatically or pre-authorized. Please bear in mind that the authorization must captured if it is not set to be captured automatically.

Available options are:

• Normal (final) authorization: Only the authorization takes place. The capture must be made manually.

• Preauthorization: Only the authorization takes place. The capture must be made manually. Use this options when it's likely that amount will change until the capture takes place, or if you want to capture way later (up to 30 days).

• Normal (final) authorization with automatic capturing: Transaction is captured automatically, after successful auhorization.

Then specify whether you want to retain the pre-set payment processing messages for cardholders or link clients to your own website.

Optionally, the web addresses for the confirmation pages following successful and unsuccessful payment and aborted payment can contain the placeholder {{{PAYMENTPAGETOKEN}}}. After the payment process has ended, the placeholder is replaced by the Payment Page Token. Here are a few examples:

• Address of the confirmation page following successful payment: https://www.shop.com/myspg/success/{{{PAYMENTPAGETOKEN}}}

• Address of the confirmation page following unsuccessful payment: https://www.shop.com/myspg/fail?pptoken={{{PAYMENTPAGETOKEN}}}

• Address of the confirmation page when payment is aborted by the customer: https://www.shop.com/myspg/abort#{{{PAYMENTPAGETOKEN}}}

After the Payment Page Token has been received via a confirmation page or via the URL for notification, the JSON API method PaymentPage/Assert can be selected to obtain the details of the transaction. The transaction can be assigned via the reference number of the offer. The reference number is located in the Transaction.OrderId field of the PaymentPage/Assert response.

A server-to-server message is delivered via the URL for notification for each successful payment.

The next step is to enter your "Sender e-mail address", "BCC address" and "Reply to address" for Secure PayGate.

You can choose any prefix for your "Sender e-mail address". This address is what the recipient sees when they receive your message.

The "BCC address" ensures that all e-mails sent through Secure PayGate are stored in your own e-mail system. We recommend choosing an impersonal address for the "BCC address". This ensures you comply with the contractual conditions regarding the storage of transaction documents.

The "Reply to address" is where you receive notifications about non-deliverable e-mails or error messages (recipient not available, e-mail could not be delivered).

The last step is to attach your General Terms and Conditions (T&C) so that they are sent to clients as an attachment to each e-mail. This ensures you comply with the payment acquiring company's requirement to make card holders aware of your T&C.

Choose the language and then attach the T&C in that language. At least one set of T&C must be attached.

Once you have saved your settings you will be ready to use the Secure PayGate service.

Overview

Click on "Overview" to access the Secure PayGate overview. The overview lists all the quotes you have created together with their status.

Advanced search

If the overview contains a large number of offers, you can use the Advanced search function to help find a previously created offer. Click on the filter symbol, on the overview page, to open the Advanced search dialog.

This offers you the option to filter by an expiration date, the offer status and the terminal, if you have multiple.

Offer status

An offer can have one of four status:

Open offers: Open offers are where the buyer has not yet made their payment. They are shown in the overview by means of an open green circle.

Sent offers: While more of a sub-status, an offer, that has been sent through the Saferpay Backoffice will be indicated by a little mail-symbol.

Paid offers: Paid offers are shown in the overview by means of a solid green circle.

Expired offers: Expired offers are where the buyer has allowed the payment deadline to lapse. They are shown in the overview by means of an open red circle.

Create a new Link/Offer

Create an individual offer for processing a specific transaction.

If you want to use an offer several times, it makes sense to create a template.

Once you've clicked on Create new link, a new window will open.

This window will give you multiple options.

• Individual Offer: Create a new offer, based on no template.

• Template: Below that, you'll find a list of your already created templates. The text-field above is a search-field, which will let you search through your templates, if you have multiple.

Creating the offer

Once you have made your choice, you will be redirected to the creation screen, with the following inputs:

(1) Terminal: A terminal is where all your payment methods and their attributes (Currencies, account number, other features, like 3D Secure) are connected to. Usually, only one Secure PayGate terminal is activated, but you can have more, if you wish. This can be useful, if you want to split offers between countries and/or the revenue to other bank accounts, as there usually can only be one bank account per payment method and only one type of poayment method per terminal.

You will be presented with a full list of terminals. However, you may also search for a given terminal and its description/name, which you can set under Settings => Terminals, making it easier to keep track of your terminals.

(2) Sales description: Here you can leave a short desciption, which will be displayed inside the transaction details, once a transaction is made, but also on the Saferpay Payment Page, for your customer. This text can be anything, like an order-number, or a short description, of what the customer is buying.

(3) Reference number: Also sometimes called OrderId. The Reference number is your internal, order number. It will be displayed in the transaction journal, where you also can search for said number, the transaction details, as well as your reconciliation-files. The latter makes this Id very important for accounting purposes, as it helps to keep track of your transaction.

(4) Amount & Currency: Here you can set the desired amount and currency (decimals are supported).

(5) Authorization Type: The authorization type dictates, how Saferpay should proceed, once the transaction itself has been successful. There are three different types to cose from:

• Authorization: The transaction will be authorized, but not captured. The transaction must then be reviewed and captured manually, for the money to be transfered to the merchants bank account.

• Pre-authorization (Visa/Mastercard only): Each authorization has a minimum time-limit, in which the payout of the authorized amount is guaranteed to be transfered, upon capture. Usually, this time-frame is 10 days, however a pre-authorization will extend this to 30 days, if desired.

• Automatic capture: The transaction is automatically captured, initiating the money-flow right away.

(6) Payment Page configuration: Select a Payment Page configuration, if available, allowing you to adjust the Payment Page look and feel to your corporate design.

(7) Language: Select the desired language, Saferpay will display its contents in.

(8) Store payment means: Select this, if you want the customers card to be saved within Saferpay Secure Card Data.

(9) Condition: Option for 3D Secure v2 payments. Should the Liabilityshift through 3D Secure be rejected during authentication, Saferpay will prevent a transaction. This helps to ensure, that said transaction has Liabilityshift.

• No condition: The transaction is continued, no matter the liability shift status.

• Only with liability shift during authorization: The authorization is only attempted, if 3D-Secure has reported liability shift. If no liability shift is given, the transaction will fail.

• Only with liability shift and 3-D Secure challenge: The authorization is only attempted, if a 3-D Secure challenge has been performed. Saferpay will also request a 3DS challenge, before 3-D Secure is attempted.

(10) Merchant Notification: Saferpay will send a confirmation e-mail to the provided merchant e-mail address(es), once a payment has been made.

(11) Expiry date: Choose, when the offer/link expires, either by setting a custom date and time, or selecting one of the provided options.

(12) Payment link: This is your payment link, the customer will be redirected to. You can either use the Saferpay provided mailing option, or copy the link, so you can insert it into your own mail-program.

(13) QR-Code: Your payment link as a QR-Code. This code will also be sent via the E-mail.

Customer Address

Next, you can enter the customer address and/or select the "Customer is allowed to change address data"-option, so the customer may enter it himself, or edit it, should your inputs be faulty.

If no address is needed, you can also deactivate this area for no address to be captured.

Sending the offer

The Secure PayGate offers the possibility to also send the payment link via an e-mail. If you activate this option, you can adjust the Subject, the message text, salutation/signature and of course the recipient of the sent mail.

Per default, the Secure PayGate will take the e-mail(s) you have configured in the Settings Tab. However, you can change these addresses, by clicking on change.

If you want to include additional documents, like your AGB, or a reciept, you can select and add one or more attachments by clicking on Browse under Attachments. The total volume of the e-mail may not exceed 5 MB. Permitted file types are .doc, .docx, .xls, .xlsx, .pdf, .jpg, .gif and .png. Please note that an attachment is only required if the e-mail is being sent via the Backoffice. If you are using your local e-mail program, the attachments from the Backoffice are not included for technical reasons.

Customize the payer confirmation mail

Furthermore, you can create an automated payment confirmation (in case of successful payment). As soon as the payment has gone through, your customer will receive a payment confirmation by e-mail. The e-mail is then delivered to the Recipient address, the offer has ben sent to.

Once all the details have been entered, the e-mail can be sent. If you click on "Send offer", Secure PayGate sends the offer along with the attachment to the cardholder in the chosen language.

Using the “Save” button, the displayed payment link is copied into the clipboard, e.g. to embed it into an electronic invoice.

Alongside a Save and Save & Send offer option at the bottom of the page, you can also send the offer via an e-mail program installed on your PC by clicking on the "Open in e-mail program" button.

Once the offer has been sent it is displayed in the overview and can be used again.

Batch upload

Saferpay also offers the option to create multiple Single-Use links via a batch-file upload. For that, please navigate to the order Overview and click on Create new links by file.

Upload

You will be redirected to the upload page, where you can select your desired Secure PayGate Terminal and upload your file.

File specification

If you need a file specification, you can also find it on this page, as mentioned there, or see this screenshot.

Templates

Creating a template

If a quote is used frequently, it makes sense to create a template. To do this, click on Templates and then on Insert new template.

You'll find, that the template creation looks and works in the same way, as a normal order-creation, only missing the address-section, as it is always different.

Give your template a template name, select the terminal, fill in all fields contained in the form and click on Create. Once saved, the template is shown in the list of all templates:

The template can then be used to create a offer.

Creating an offer using a template

To create a offer using a template, first switch to the overview. Click on Create new link.

The familiar selection screen will appear, with your templates being listed on the bottom. Using the text field above, you can search through your templates.

Adapting the email design

You can add a design and logo to your offer and confirmation emails which are sent to the customer . To do this, switch to the menu item “Settings” → “Payment Page Configuration” in the Saferpay Backoffice and create a new configuration. Then mark the configuration as “Default” in the overview to use this design for your offer emails.

Payment by the buyer

Once the offer has been sent, the buyer receives an e-mail with a payment link:

When they click on “Pay Now”, the client's browser is connected directly to the Saferpay payment page via a secure connection. From there, the client can select a payment method supported by you and make the payment. Once the payment has been processed successfully, both you and the client receive a payment confirmation via e-mail. The payment appears in the Saferpay Backoffice journal as a reservation.

Multiuse Links/QR-Codes

This section allows you to create payment links, alongside a QR-Code, that is valid for multiple payments, where the payer can chose the amount he/she wants to pay.

This can be helpful for simple donation-sites, or other use-cases, where a full-blown webshop is too much, where the usage of single links for each order would not outweigh the effert necessary to create them, and/or where the payer proactively should engage in a payment, without the merchant having to act beforehand.

Overview

Similar to the regular Secure PayGate offers, you'll first see the overview, that'll provide you with a list of all links you have created so far. You can either decide to remove the link, by clicking on Remove, or edit an existing link, more on that later.

After removing a link, it is marked with the status "deleted". After 6 months, the link is permanently deleted and disappears from the list. Until then, a deleted link can be restored.

Creating a new Link/QR-Code

By clicking on "Create new Multi-Use Payment Link", you will be redirected to the creation mask.

Creation Mask

While similar to the normal creation mask, multiuse links offer a reduced featureset, of a normal Secure PayGate offer, due to some not being necessary in this scenario.

(1) Sales description: Here you can leave a short desciption, which will be displayed inside the transaction details, once a transaction is made, but also on the Saferpay Payment Page, for your customer. This text can be anything, like an order-number, or a short description, of what the customer is buying.

(2) Terminal: A terminal is where all your payment methods and their attributes (Currencies, account number, other features, like 3D Secure) are connected to. Usually, only one Secure PayGate terminal is activated, but you can have more, if you wish. This can be useful, if you want to split offers between countries and/or the revenue to other bank accounts, as there usually can only be one bank account per payment method and only one type of poayment method per terminal.

You will be presented with a full list of terminals. However, you may also search for a given terminal and its description/name, which you can set under Settings => Terminals, making it easier to keep track of your terminals.

(3) Currency: Here you can set the desired currency.

(4) Fixed amount: Set a fixed payment amount. If this option is disabled, the payer can set the payment amount by itself.

(5) Authorization Type: The authorization type dictates, how Saferpay should proceed, once the transaction itself has been successful. There are three different types to cose from:

• Authorization: The transaction will be authorized, but not captured. The transaction must then be reviewed and captured manually, for the money to be transfered to the merchants bank account.

• Pre-authorization (Visa/Mastercard only): Each authorization has a minimum time-limit, in which the payout of the authorized amount is guaranteed to be transfered, upon capture. Usually, this time-frame is 10 days, however a pre-authorization will extend this to 30 days, if desired.

• Automatic capture: The transaction is automatically captured, initiating the money-flow right away.

(6) Customer email configuration: Determines whether the payer can/must enter his/her email address on the payment page.

(7) Payment Page configuration: Select a Payment Page configuration, if available, allowing you to adjust the Payment Page look and feel to your corporate design.

(8) Referencenumber prefix: If the reference number of the transactions is to be used for MRX matching, a prefix can be specified here, which is added before the automatically generated reference number of each transaction.

(9) Billing address needed: Specify whether the payer must enter the billing address.

(10) Delivery address needed: Specify whether the payer must enter the delivery address.

(11) Merchant Notification: Saferpay will send a confirmation e-mail to the provided merchant e-mail address(es), once a payment has been made.

(12) Payment link: This is your payment link, the customer will be redirected to. You can either use the Saferpay provided mailing option, or copy the link, so you can insert it into your own mail-program.

(13) QR-Code: This is your QR-code. Upon scanning, your customer is redirected to the Saferpay Payment Page, to perform the payment.

On the Payment Page

While this also uses the Saferpay Payment Page, there is one major addition to the overall payment-flow, that needs attention.

As previously mentioned, the amount itself is defined by the payer itself, so before the payment method can be selected, the payment page will display a form, that accepts the amount, the payer wants to pay.

Additionally the payers e-mail is captured, which is used to send a payment confirmation e-mail to. It is also displayed in the transaction details, under Billing Address, so you may contact your customer.

Secure PayGate API

Secure PayGate links and orders can also be crated via our Management API, which allows an application to automatically create and handle Secure PayGate offers. Please refer to our Management API over here, to learn more.

Secure PayGate Quick Guide

Here you will find a short Quick Guide for the Secure PayGate in different languages.