Server to Server
XPay provides merchants with more structured types of solutions where sensitive data relating to the transaction (card data) are collected and managed directly by the merchant's servers.
Server to Server solutions allow complete customization of the payment experience, but are subject to obtaining the PCI DSS security certification (SAQ D questionnaire).
In the test area it is possible to try the Server to Server solutions even if you do not have the PCI DSS certification, but to make payments in production it is mandatory to provide Nexi with the SAQ D questionnaire, which must be verified before enabling the terminal of the merchant to operate.
For more information about certification, refer to the official website PCI Security Standards Council.
This type of integration is dedicated to payment cards, it is not possible to integrate alternative payment methods following the specifications given in this section. To proceed to implement other methods in a checkout page, it is recommended to create special buttons, implementing the specifications of the Hosted Payment Page solution using the "paymentService" parameter to redirect the customer to the desired payment method. In this way, the server to server solution is used for payment by card, and the Hosted Payment Page solution for other methods such as PayPal, Apple Pay, Google Pay, etc...
Below are the S2S payment types made available by Nexi:
- 2 Steps payment: payment by card subjected to 3D Secure authentication, payment is splits into two calls.
- 3 Steps payment: payment by card subjected to 3D Secure authentication, payment is divides into three calls.
- M.O.T.O.: intended for those who want to integrate the function of requesting authorization of payments by card on their system, whose data has been communicated by the cardholder to the merchant via email, telephone, etc... Not subjected to 3D Secure authentication.
2 Steps and 3 Steps payments are subjected to 3D Secure authentication, the customer must be redirected to a specific address returned by XPay, which takes him to the authorization system of the card issuer, where he can proceed with the authentication for confirm the payment.