Payment outcome notification
After authentication by the customer, through their account, Bancomat Pay processes the payment and communicates its outcome to the Gateway; the Merchant then receives a notification via HTTP post in NVP (NameValue Pair) format on the url indicated in the responseToMerchantUrl parameter.
The securityToken is, among the various passed-in-post parameters, a security quantity generated by the payment Gateway and notified to the Merchant both upon initialisation response, and upon outcome notification; for security purposes, it is recommended to make sure that the value of the securityToken received corresponds with anything received during initialisation.
In order to redirect the web session of the cardholder to a new page containing the transaction outcome, the Merchant must reply to the notification message, which was newly received with the url of its outcome page hanging the 'paymentid' up as parameter. This url may be enriched with parameters to be able to display the outcome correctly.
PAY ATTENTION: the response must not contain HTML code.
Upon notice of a hosted payment to the merchant URL response, once the connection has started, our services wait for 20 seconds to receive the final URL for the redirection. At the end of the timeout, the socket is closed.
Should the notification of the url for holder redirection fail (unavailability of the responseToMerchantUrl page, invalid content of the ToMerchantUrl response page and response timeout) the cardholder will be redirected to the recoveryUrl page, which is notified by the Merchant through the appropriate parameter of the Initialisation message. If the recoveryUrl parameter was not filled in in, the cardholder will be redirected to a courtesy page.
Parameters of HTTP message for payment outcome notification
| NAME | DESCRIPTION | FORMAT | ||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
