Monday, January 16, 2012

Full life cycle SAP Paymentech Integration

Introduction:

I worked on a project with Sirius Satellite radio company. We were to build a website for the company where their customers could create an account, buy and subscribe to satellite radio services. The customers would also be allowed to log in and manage their account and subscriptions online.

Business Case:

One of the core components of the business was to be able to accept credit cards online, and authorize them in real time so that the radio could be shipped and a subscription for the services could be scheduled. Also, there needed to be a facility to refund money, and do offline authorization of credit cards for recurring subscription accounts.

Online Scenario:

The Spectrum Software Development Kit (SDK), provided by Chase Paymentech, is a powerful and easy-to-use Java API that enables developers to quickly create and integrate real-time electronic payment transactions into
eCommerce applications in a secure and reliable fashion.

Spectrum SDK Features and Benefits:

Security

Frame/VPN Communication
  • IP Address and TCP port restrictions
  • Preset Maximum number of connections per IP Address to a defined port
  • Frame and VPN network layer

HTTPS Processing
  • The underlying communication Protocol is HTTPS (a secure protocol).
  • Connections to HTTPS processing servers require client authentication using acombination of the Merchant ID / Division #, User ID and Password. These data elements are provided to the customer by Chase Paymentech representatives.
Programmer Highlights
  • Published API utilizing Java Interfaces
  • Data Driven Architecture using XML Templates
  • Resources are efficiently shared among transaction threads
  • Object Oriented
  • Externalized configuration for easy extendability
Enhanced Communication Options
  • TCP/IP (Intranet - Frame / VPN)
  • HTTPS (Internet)

The SDK also includes a Proxy, shown in the figure below, designed for managing the load balancing, heartbeat messages, multi-threading, retries, as well as making sure the proper close occurs (four-way handshake) for VPN/Frame communication.


Figure: Paymentech Online Scenario

Offline Scenario:

There are several situations in which information is sent to Paymentech offline, as a batch file, and information is received back as such. This whole process is accomplished using a secure FTP connection.

The scenarios that apply to this kind of situation are
Settlements
Refunds
Charge-backs
Weekly and Monthly Reports


Figure: Paymentech Offline Scenario


Test Utilities Built:

As part of the whole development effort we built several utilities/web pages that keep track and help in all the work being done with credit cards.

  • Credit Card Validation page
  • Paymentech connectivity test page
  • Paymentech authorization test page
  • Paymentech Batch test
  • Paymentech Load test
  • Logging and error handling
                          - Log of every transaction that goes to Paymentech
                          - Log of every return code, times, and amounts


Payment Card Handling in SAP

  • Payment cards securely encrypted in SAP
  • Logging of credit cards in SAP
  • Credit cards are masked when displayed to the user

Paymentech Certification

  • All the client business scenarios are taken into consideration for the certification process.
  • All the scenarios are executed during a single day.
  • These include all batch and online scenarios, as well as load tests.
  • Paymentech then issues production passwords certifying the client.
  • There is always full support from Paymentech for all the transactions that are certified.

Conclusion:

Paymentech provides full life cycle Payment integration for e-commerce solutions. As a service provider we were able to implement all the scenarios required by our client, both online and offline, and get them certified by Paymentech for production usage.