The NEXI interfaces
About this manual
This manual describes the programming and the scope of services of the NEXI Merchant Interface and is aimed at users of NEXI. The target group for this manual includes programming and technical key staff in the company.
NEXI is a payment gateway for the secure processing of transactions via the Internet, Mail Order and POS
This chapter The NEXI interfaces provides a summary of the available interfaces. The next chapter Scope of services of NEXI describes NEXI's scope of services. The section Payment methods available offers a short introduction to the payment methods offered to you by NEXI .
About NEXI
NEXI offers several interfaces for the submission of payment tasks. The Merchant Interface described in this document serves to connect Internet shops and enterprise resource planning systems. The NEXI Merchant Interface accepts payment orders, encrypts the data and carries out payment transactions.
NEXI interfaces for Internet shops, enterprise resource planning systems, call centres and transaction management
Merchant Interface
This manual describes the programming of the Merchant Interface. NEXI also allows the submission of batch files. These are CSV files containing several payment orders which are transmitted to the NEXI. NEXI permits both manual as well as automated (FTP) transfer of batch files. You can find details of the batch process in the Manual of Batch manager.
Please note that not all interfaces are available for every payment method. For details, please refer to the descriptions of the respective payment type or contact NEXI.
Hosted Payment Page
The Hosted Payment Page is a checkout that contains only the step of selecting the payment method. It is a HTML form with responsive design that is displayed properly on all devices.
In the case of payments via Hosted Payment Page, the shop redirects its customers to the NEXI HTML form where they selects their payment method. After confirming the selection depending on the payment method NEXI forwards the customer to a NEXI HTML form or to a form from an external service provider and notifies the shop after completion about the payment result.
Credit Card Form (paySSL)
When requesting card payments via NEXI hosted forms the complexity of 3-D Secure is completely removed from the merchant implementation.
Silent Order Post (PayNow)
Silent order post is a transmission method where form data is sent from a merchant website directly to a third party server. This is usually achieved using the form action attribute, which specifies the URL where the data is to be sent.
This approach is very similar to NEXI hosted payment forms and leaves the merchant in full control of the checkout experience as all website elements are delivered from the merchant’s server.
Server-to-Server Intragration
Our server-to-server solution allows you to exchange all transaction-related data directly between your server and IG. Here, the merchant itself takes care of authentication via a separate interface.
Batch Manager
Batch Manager lets you transmit payment transactions in the form of files. In this process you assemble transaction data such as the credit card number, amount and currency in a batch file which is transmitted to NEXI. NEXI then makes the authorization or payment and saves the transaction status in the batch file. After processing, the merchant can access the batch file with the details on the transaction status via download.
NEXI
NEXI enables the merchant to manage transactions online. This is a web application with password protection and TLS encryption, which lists all transactions and also permits, for example, credits.
NEXI allows you to view all your payment processes (purchases) with the associated payment transactions (individual process steps of a process, e.g. (pre-) authorization, capture, refund, etc.). You can also create new payment processes and add payment transactions to existing payments. You also have access to graphical dashboards and can export your payment data. The application carries out a dynamic analysis directly on your transaction database so that you can always see the latest processing status. You can also set measures for fraud prevention and carry out manual postings or credit memos.
Operations overview in NEXI
The optional dashboard of the application offers you the possibility of clearly displaying all processes with the associated payment transactions in the form of tables and diagrams.
Transactions Overview in the Dashboard of NEXI
You can find details about NEXI in the User Manual document.
Virtual POS Terminal / MOTO
The NEXI virtual POS Terminal is designed for the processing of MOTO (Mail Order, Telephone Order) transactions. The POS Terminal is a clever alternative to the physical terminal and lets you process direct debits and credit card payments. You can find details about POS Terminal in the User Manual.
Test Mode
NEXI supports testing of your implementation before going live. Three different operating modes are supported:
In the live / productive operation mode all payments are forwarded live to the connected service provider (e.g. acquirer, bank, scheme, downstream service provider). These payment transactions are carried out in real life.
In the test system (Downstream) mode, payment transactions are forwarded to a downstream test system. This is not available for all payment methods and is noted in the corresponding payment method documentation.
As well as the simulation mode: In this mode all payment processes within NEXI are simulated. This mode is available for all payment types.
Response Codes
NEXI uses numerical response codes which provide information about the transaction status. To determine success or error of a transaction more precisely, please analyse the response parameter Code. For a detailed breakdown of these codes, please see the Response Codes.
Scope of services of NEXI
NEXI fraud prevention
NEXI supports different processes for fraud prevention. These include inquiries with credit agencies in the monitoring of the card's country of origin and payment guarantees for credit cards.
https://ing-developer.atlassian.net/wiki/spaces/IF/pages/75039165
Payment methods available
This chapter gives a short introduction to the operating principle of the payment methods offered by NEXI . The descriptions do not concentrate on the technology but on technical aspects from the perspective of merchants and customers.
Credit card payments with TLS
The credit card is a widely used international payment tool on the Internet. Transport Layer Security (TLS) is successor of Secure Socket Layer (SSL) and an asymmetric encryption method in the Internet which protects credit card data against tapping and manipulation, during transfer for example. In the case of credit card payments with TLS the card holder enters the credit card data in a form which is encrypted with TLS. Entry form with TLS-encryption for credit card data.
For safety reasons an SSL certificate is required for TLS-encryption.
Transaction procedure with TLS-credit card payments
In the case of TLS-payments the customer chooses the Credit card payment method at the Internet checkout. The customer is then requested on an TLS-encrypted page to input the credit card number and expiry date. The NEXI receives the credit card data and then processes the payment.
Credit card payment with TLS checks the credit limit of the customers but offers no protection against fraud using stolen card data. Please note therefore the security processes Visa Secure, Mastercard ID Check and American Express SafeKey in the following chapter.
In the case of American Express payments NEXI can protect against fraud by comparing the order address with the address stored at American Express: NEXI carries out an address comparison with American Express to ensure that the customer is the correct card holder. If the street number or postcode does not correspond with the American Express data NEXI will either refuse the payment or send you an alert by e-mail.
Credit cards with Visa Secure, Mastercard ID Check and American Express SafeKey
Mastercard ID Check (UCAF), Visa Secure (VbV) and American Express SafeKey are authentication methods which verify the identity of the card holder before making the payment. The name 3-D Secure used by technicians describes only the protocol. The correct brand names are Visa Secure, Mastercard ID Check and American Express SafeKey.
Merchants benefit from authentication with Verified by Visa, MasterCard SecureCode or American Express SafeKey because the card associations enact a liability shift: If you use Visa Secure, Mastercard ID Check or American Express SafeKey you benefit from a secure payment claim, the liability shift transmits the default risk to the card-issuing bank in case of a successful customer authorisation, should the customer dispute the payment. You obtain in effect a payment guarantee in case the customer asserts that it has not implemented the credit card payment itself.
From a technical perspective Visa Secure, Mastercard ID Check and American Express SafeKey are not payment methods but an authentication process which precedes the payment: Once the credit card data has been entered, NEXI checks the identity of the card holder and does not process the payment until after the authentication.
Transaction procedure with Visa Secure, ID Check or SafeKey
The customer selects the Credit card payment method in the Internet shop and enters the card number and expiry date. NEXI receives the card number and checks, via a connection to Visa, MasterCard or American Express, whether this credit card is registered for Visa Secure, ID Checl or SafeKey. Then extensive card data is sent to the card-issuing bank to verify the identity of the cardholder (3DS 2.1 / 3DS 2.2). The cardholder must identify himself to his bank. There are different procedures for this (SMS, TAN, APP). If the cardholder's identity has been verified by the card-issuing bank, the transaction is given a mark that indicates that the authentication was carried out with 3DS 2.x.
The subsequent authorization contains the 3DS 2.1 identifier so that the acquirer and the card-issuing bank can carry out the authorization with the identifier.
ELV Score: Direct debit with block list check
NEXI can combine SEPA direct debits in Germany and Austria with a block list check which offers high security at low cost: NEXI firstly checks whether the Customer's account number is black listed by major retailers. Secondly you can prevent fraud by setting sales limits per day, week or month which an account connection may not exceed.
Since there are substantially more accounts than credit cards, many Internet purchases are paid for by direct debit. The direct debit process is unsafe for merchants without a block list check: in the case of SEPA direct debits there is no authorisation because it is not possible to carry out a credit rating on the account of the customer. There are frequently return debit notes due to lack of funds in accounts.
The block list check links the benefits of the direct debit with the security of a block list check and individual sales limits.
NEXI can now draw a direct debit not only from German but also from Austrian or Netherland customer accounts. The precondition for this is a company account in Austria or the Netherlands.
Transaction procedure of a direct debit payment on the Internet
In order to pay with a direct debit, the customer selects the Direct debit payment method at the Internet checkout and enters his account details on an Internet page. This Internet page is TLS encrypted to protect the account data during the transmission against tapping and manipulation. After the input NEXI checks if the IBAN is plausibly, whether the account is blocked and whether the sales limit for this account has been reached. After successful verification, NEXI draws direct debits from the customer's bank.
International direct debit payments via PPRO International Direct Debit (IDD)
Electronic direct debits over NEXI are possible in UK, the Netherlands, Austria and Spain for all accounts of appropriate banks, but offer no block list checks. For customers the payment by entering their banking details is convenient and secure, because the 8 weeks period for chargebacks applies here too. The merchant gets a real-time payment, but bears the risk of possible chargebacks.
Money transfer with giropay, eps and iDEAL
NEXI supports online transfers with giropay in Germany, with iDEAL in the Netherlands, with eps in Austria and DIRECTebanking in Germany, England, Austria, Switzerland and the Netherlands. A number of surveys of Internet users verify that transfer is a popular and accepted method of payment. NEXI therefore supports this convenient, secure payment procedure. The customer potential for online merchants increases to around 20 million online-banking customers with the use of online transfers.
giropay is a standard which was founded by the German banks Sparkasse, Postbank, Volks- und Raiffeisen Banken. The giropay online transfer has a number of advantages for merchants. Firstly giropay provides the vendor with a guarantee for payments of up to 10,000 euros; secondly the transfer is a prepayment which minimises the payment term. Last but not least the customer is using the familiar and trusted online banking of its own credit institution, just the same as with online banking.
giropay links customers directly to their banks.
Dutch banks established the iDEAL money transfer standard, which works in a similar fashion to giropay in Germany. Approximately 70% of all e-commerce payments in the Netherlands are processed with iDEAL. Therefore offering iDEAL is a vital success factor for e-commerce business in the Netherlands.
In Austria NEXI supports online money transfer with the Austrian Electronic Payment Standard (EPS) which is a well established system in Austria and offering a payment guarantee to the merchant.
Example of an online transfer procedure with giropay
In the first step the customer chooses the giropay payment method at the checkout of the online shop and selects its credit institution. The customer is then connected directly to its Sparkasse/bank and logs on as normal using a PIN. A pre-completed transfer form then appears. The customer need only enter their TAN to confirm the payment.
In the Netherlands the procedure of an iDEAL online transfer is similar but there is an unlimited payment guarantee.
Entry of giropay TAN into the transfer form
Entry of giropay TAN into the transfer form
As usual with online banking, the data disclosed in the online transfer is encrypted with TLS (Transport Layer Security) to prevent manipulation.
|
Payment type |
URL |
|---|---|
|
giropay |
|
|
eps / STUZZA |
|
|
Rabo iDEAL (English) |
|
|
iDEAL-Portal (Dutch) |
Internet addresses with information about online money transfers
International online transfers
NEXI supports various online transfers in different countries via the acquirer PPRO. Merchants benefit from the payment guarantee, the immediate execution by advance payment and the large reachable customer base. On the other hand, customers use the familiar environment of their online banking and thus also gain confidence in the online shop. This lowers the number of cancelled orders and increases the conversion rate.
Przelewy24 in Poland
Przelewy 24 is supported by 18 large banks and reaches 95 % of the polish customers in online banking. The system has no transaction limit and directs customers via its online banking environment directly to the payment processing.
PostFinance Yellowpay in Switzerland
The PostFinance-Bank’s Yellowpay online transfer operates without a transaction limit, but with a payment guarantee for the merchant and reaches about one million customers with online accounts in Switzerland.
POLi in Australia and New Zealand
Over POLi you can reach 90 % of the customers in Australia and New Zealand – after all, that’s 33 million online banking customers. There is a transaction limit of 9,999 AUD.
TrustPay in Eastern Europe
TrustPay provides a real-time online transfer system in Central and Eastern Europe under the supervision of the National Bank of Slovakia. Numerous banks and the respective currencies of the participating states – Slovakia, Czech Republic, Türkey, Hungary, Estonia, Latvia, Lithuania, Croatia as well as Slovenia – are supported.
SafetyPay in Brazil, Costa Rica, Germany, Colombia, Mexico, Nicaragua, the Netherlands, Austria, Panama, Peru, Spain
SafetyPay, whose head office is in Florida, offers an international system for online bank transfers, with which the customers pay for international purchases in their own currency using their familiar online banking system. Merchants reach about 250 million potential bank customers in this way.
Trustly in Scandinavia, Poland and Spain
Founded in 2008 Trustly is a technology enterprise from Sweden, which enables secure and convenient payments via online banking for the customers. Trustly offers Collecting as well as an automated credit via API and reconciliation files for all supported acquirers (all 21 main banks in Sweden, Denmark and Finland). Trustly is FSA regulated.
PayPal Express Checkout
NEXI lets merchants process PayPal payments. It lets you receive payments from 230 million PayPal-customers worldwide. 15 million Internet users own a PayPal customer account in Germany alone.
PayPal offers its users several payment methods
PayPal was a subsidiary of eBay and is widespread amongst eBay users worldwide. The old PayPal-standard solution however has required manual processing for reasons bound up with the history of eBay. NEXI offers fully-automated payment processing with PayPal Express Checkout for mass mail-order business. Thanks to its automation in NEXI, PayPal Express Checkout is also suitable for processing larger transaction quantities, for example in the mail-order business. The manual processing of e-mails and payment processes which is normal for the PayPal-standard solution are a thing of the past.
Customers in more than 100 markets
PayPal is particularly useful for customer purchases abroad since NEXI supports all currencies and markets offered by PayPal. In many countries PayPal offers customers typical payment methods for their country. A German customer can thus have the option to pay with PayPal by credit card, direct debit or with giropay-transmit. Customers abroad can often use typical payment methods such as prepaid cards in Italy or debit cards in the UK. Integrating PayPal into your shop therefore provides your customers with several payment methods at once.
Seller protection and address verification
NEXI also provides you with the PayPal risk management. With address verification and PayPal seller protection PayPal relieves the merchant of the risk of payment failures in the case of direct debit payments, German credit card payments and unjustified customer complaints.
PayPal Express Checkout Fewer order cancellations
Long order processes increase the rate of cancellations. NEXI offers the PayPal Express Checkout to shorten the order process: your customers do not need to enter any address data but rather click on Checkout with PayPal in the shopping cart area, log on and select the invoice- and delivery address retained by PayPal. NEXI then sends the delivery address as a result parameter back to your shop.
PayPal Express Checkout button
If the customer selects Continue to Checkout instead of PayPal Express Checkout in the shopping cart area, PayPal is displayed again as a payment method on the payment page. Selecting PayPal lets your customer log into PayPal to confirm the payment. In this case it is important that the delivery address is transmitted to ensure that the PayPal seller protection is activated.
Process optimisation for PayPal payments
Along with standard processing, NEXI supports more complex supply processes with PayPal. As with credit cards you can also reserve an amount for PayPal payments which you can then capture via the usual interfaces. In this way you do not charge your customers until the goods have been shipped.
NEXI supports all transaction types as required for optimal completion of your processes. We are happy to provide you with consultation (if necessary with our colleagues from PayPal).