Credorax gateway guide

Additional notes
When creating a gateway, you may omit the MPI credential fields if you are not using Spreedly-powered 3D Secure support with Credorax.

Adding a Credorax gateway

To add a Credorax gateway:

curl https://core.spreedly.com/v1/gateways.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<gateway>
        <gateway_type>credorax</gateway_type>
        <merchant_id>Your merchant_id</merchant_id>
        <cipher_key>Your cipher_key</cipher_key>
        <mpi_acquirer_mid>Your Acquirer MID</mpi_acquirer_mid>
        <mpi_requestorname>Your Requestor Name</mpi_requestorname>
      </gateway>'
<gateway>
  <token>11tUovIAwQAOGakSYAMq2SvdZls</token>
  <gateway_type>credorax</gateway_type>
  <name>Credorax</name>
  <description nil="true"/>
  <merchant_profile_key nil="true"/>
  <sub_merchant_key nil="true"/>
  <merchant_id>Your merchant_id</merchant_id>
  <mpi_acquirer_mid>Your Acquirer MID</mpi_acquirer_mid>
  <mpi_requestorname>Your Requestor Name</mpi_requestorname>
  <characteristics>
    <supports_purchase type="boolean">true</supports_purchase>
    <supports_authorize type="boolean">true</supports_authorize>
    <supports_capture type="boolean">true</supports_capture>
    <supports_credit type="boolean">true</supports_credit>
    <supports_general_credit type="boolean">true</supports_general_credit>
    <supports_void type="boolean">true</supports_void>
    <supports_adjust type="boolean">false</supports_adjust>
    <supports_verify type="boolean">true</supports_verify>
    <supports_reference_purchase type="boolean">false</supports_reference_purchase>
    <supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
    <supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
    <supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
    <supports_3dsecure_purchase type="boolean">false</supports_3dsecure_purchase>
    <supports_3dsecure_authorize type="boolean">false</supports_3dsecure_authorize>
    <supports_3dsecure_2_mpi_purchase type="boolean">true</supports_3dsecure_2_mpi_purchase>
    <supports_3dsecure_2_mpi_authorize type="boolean">true</supports_3dsecure_2_mpi_authorize>
    <supports_store type="boolean">false</supports_store>
    <supports_remove type="boolean">false</supports_remove>
    <supports_fraud_review type="boolean">false</supports_fraud_review>
    <supports_network_tokenization type="boolean">true</supports_network_tokenization>
    <supports_populate_mit_fields type="boolean">false</supports_populate_mit_fields>
    <supports_3dsecure_2_purchase type="boolean">true</supports_3dsecure_2_purchase>
    <supports_3dsecure_2_authorize type="boolean">true</supports_3dsecure_2_authorize>
  </characteristics>
  <credentials>
    <credential>
      <name>merchant_id</name>
      <value>Your merchant_id</value>
    </credential>
    <credential>
      <name>mpi_acquirer_mid</name>
      <value>Your Acquirer MID</value>
    </credential>
    <credential>
      <name>mpi_requestorname</name>
      <value>Your Requestor Name</value>
    </credential>
  </credentials>
  <gateway_settings>
  </gateway_settings>
  <gateway_specific_fields>
    <gateway_specific_field>eci</gateway_specific_field>
    <gateway_specific_field>cavv</gateway_specific_field>
    <gateway_specific_field>xid</gateway_specific_field>
    <gateway_specific_field>billing_descriptor</gateway_specific_field>
    <gateway_specific_field>submerchant_id</gateway_specific_field>
    <gateway_specific_field>transaction_type</gateway_specific_field>
    <gateway_specific_field>mpi_purchase_desc</gateway_specific_field>
    <gateway_specific_field>processor</gateway_specific_field>
    <gateway_specific_field>processor_merchant_id</gateway_specific_field>
    <gateway_specific_field>referral_cft</gateway_specific_field>
    <gateway_specific_field>authorization_type</gateway_specific_field>
    <gateway_specific_field>multiple_capture_count</gateway_specific_field>
    <gateway_specific_field>three_ds_transtype</gateway_specific_field>
    <gateway_specific_field>three_ds_initiate</gateway_specific_field>
    <gateway_specific_field>f23</gateway_specific_field>
    <gateway_specific_field>three_ds_reqchallengeind</gateway_specific_field>
    <gateway_specific_field>echo</gateway_specific_field>
  </gateway_specific_fields>
  <payment_methods>
    <payment_method>credit_card</payment_method>
  </payment_methods>
  <state>retained</state>
  <redacted type="boolean">false</redacted>
  <sandbox type="boolean">false</sandbox>
  <mode>default</mode>
  <created_at type="dateTime">2023-02-09T14:14:08Z</created_at>
  <updated_at type="dateTime">2023-02-09T14:14:08Z</updated_at>
</gateway>

3DS

If you create a notification endpoint at Credorax they will notify us about changes to a transaction status. Create the webhook by contacting Credorax support, with the following properties:

Endpoint URL: https://core.spreedly.com/credorax/webhooks

3DS2

This integration utilizes the Source Payment API. In order to successfully transact using 3D Secure, confirm with Credorax that your account can utilize the Source solution.

When using 3DS2 with Credorax, it is a requirement to use the Spreedly Javascript outlined in the 3DS2 guide. We strongly recommend testing the workflows outlined in that guide before proceeding.

In addition to the Spreedly 3DS2 Javascript integration, Credorax requires a value to be passed for 3DS transaction type. By default we pass the value ‘01’, however you may overide this value by passing a different value in the gateway specific field three_ds_transtype. Acceptable values for 3DS transaction type are the following:

three_ds_transtypeDescription
01Goods/Service Purchase
03Check Acceptance
10Account Funding
11Quasi-Cash Transaction
28Prepaid Activation and Loan

Third-party 3DS2 auth data

Spreedly will automatically handle the field mapping for sending third-party 3DS2 authentication data to Credorax. For more information about how to use this feature, see the 3DS2 third-party authentication guide. Spreedly fields map to the relevant Credorax fields as described in the following table. Please see Credorax’s documentation for detailed descriptions of each of these fields and when to use them.

Spreedly fieldCredorax field
three_ds_version3ds_version
ecommerce_indicatoreci
authentication_valuecavv *
directory_server_transaction_id3ds_dstrxid

*Spreedly will automatically handle the special CAVV formatting requirements specified by Credorax for Visa payment methods. You should pass this value as a 28 byte Base64-encoded string via the authentication_value field.

Gateway specific fields

When interacting with a Credorax gateway to run transactions, there are some gateway specific fields you can specify when making a purchase or authorize call.

The billing_descriptor field allows you to specify how the transaction should appear on the customer’s credit card statement and corresponds to the i2 field in Credorax’s official documentation. Please see Credorax’s Source Payment API guide for more information.

Spreedly provides a fully hosted implementation of 3DS for Credorax. For more information, please see the Spreedly 3DS guide. When using the Spreedly 3DS1 implementation, you may use the gateway specific field mpi_purchase_desc to control what purchase description is displayed at Credorax on their 3D Secure authentication page.

The submerchant_id field may be provided by payment facilitators to specify a sub-merchant.

The a9 field can be set using the transaction_type gateway specific field. If not set, the value will be sent as “9” for subsequent transactions on a payment method. Please note: transaction_type will override the a9 field set by Spreedly’s native support for stored credentials.

The processor and processor_merchant_id gateway specific fields allow you to specify a processor to send a transaction to and correspond to the r1 and r2 fields in Credorax’s documentation, respectively. In order to use this functionality, you will need to contact Credorax support and request for them to enable processor selection on your gateway integration.

The authorization_type and multiple_capture_count fields correspond to Credorax’s a10 and a11 fields, respectively. For details on acceptable values, see Required Fields > Basic Operations in Credorax’s Source Payment API guide.

The three_ds_initiate field may be provided to indicate whether to initiate the Source 3D Secure Authentication process. If this field is not specified, it will be sent with a default value of “01” which will initiate 3D Secure before completing the payment. In order to use the 3DS Adviser module, you will need to contact Credorax support and request for them to enable 3DS Adviser on your gateway integration. Once 3DS Adviser is enabled, the value of three_ds_initiate should be sent as “03” in order to initiate 3D Secure according to the 3DS Adviser result.

The f23 field may be utilized only if the 3DS Adviser module has been enabled on your gateway integration. It is optional and is used to assign an ad-hoc threshold that extends the regular fraud threshold for authorised 3D Secure transactions only. For details on acceptable values, see 3DS Adviser documentation on page 97 in Credorax’s Source Payment API guide.

The three_ds_reqchallengeind is an optional field that may be used to indicate whether a challenge is requested for this transaction. For details and a list of acceptable values, see the “SCA & 3D Secure” Appendix in Credorax’s Source Payment API Guide.

The echo field is optional and can contain any value up to 128 characters. If it is sent with the transaction request, it will be returned within the response. Note: No plaintext cardholder data should be provided in this field.

These gateway specific fields may be added like this:

curl https://core.spreedly.com/v1/gateways/LlkjmEk0xNkcWrNixXa1fvNoTP4/purchase.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<transaction>
        <payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
        <amount>100</amount>
        <currency_code>USD</currency_code>
        <gateway_specific_fields>
          <credorax>
            <cavv>CAVV</cavv>
            <xid>XID</xid>
            <eci>ECI</eci>
            <billing_descriptor>Your Name*Reno/12345</billing_descriptor>
            <submerchant_id>90210</submerchant_id>
            <transaction_type>2</transaction_type>
            <mpi_purchase_desc>Magic Beans</mpi_purchase_desc>
            <processor>ISRACARD</processor>
            <processor_merchant_id>123456</processor_merchant_id>
            <authorization_type>2</authorization_type>
            <multiple_capture_count>5</multiple_capture_count>
            <three_ds_transtype>01</three_ds_transtype>
            <three_ds_initiate>03</three_ds_initiate>
            <f23>1</f23>
            <three_ds_reqchallengeind>04</three_ds_reqchallengeind>
            <echo>Echo Parameter</echo>
          </credorax>
        </gateway_specific_fields>
      </transaction>'
<transaction>
  <on_test_gateway type="boolean">true</on_test_gateway>
  <created_at type="dateTime">2021-05-10T13:50:06Z</created_at>
  <updated_at type="dateTime">2021-05-10T13:50:06Z</updated_at>
  <succeeded type="boolean">true</succeeded>
  <state>succeeded</state>
  <token>JJ6N3qpdfXczw5dIj7QbpL66t5D</token>
  <transaction_type>Purchase</transaction_type>
  <order_id nil="true"/>
  <ip nil="true"/>
  <description nil="true"/>
  <email nil="true"/>
  <merchant_name_descriptor nil="true"/>
  <merchant_location_descriptor nil="true"/>
  <gateway_specific_fields>
    <credorax>
      <cavv>CAVV</cavv>
      <xid>XID</xid>
      <eci>ECI</eci>
      <billing_descriptor>Your Name*Reno/12345</billing_descriptor>
      <submerchant_id>90210</submerchant_id>
      <transaction_type>2</transaction_type>
      <mpi_purchase_desc>Magic Beans</mpi_purchase_desc>
      <processor>ISRACARD</processor>
      <processor_merchant_id>123456</processor_merchant_id>
      <authorization_type>2</authorization_type>
      <multiple_capture_count>5</multiple_capture_count>
      <three_ds_transtype>01</three_ds_transtype>
      <three_ds_initiate>03</three_ds_initiate>
      <f23>1</f23>
      <three_ds_reqchallengeind>04</three_ds_reqchallengeind>
      <echo>Echo Parameter</echo>
    </credorax>
  </gateway_specific_fields>
  <gateway_specific_response_fields>
  </gateway_specific_response_fields>
  <gateway_transaction_id>60</gateway_transaction_id>
  <gateway_latency_ms type="integer">0</gateway_latency_ms>
  <stored_credential_initiator nil="true"/>
  <stored_credential_reason_type nil="true"/>
  <warning nil="true"/>
  <application_id nil="true"/>
  <amount type="integer">100</amount>
  <currency_code>USD</currency_code>
  <retain_on_success type="boolean">false</retain_on_success>
  <payment_method_added type="boolean">false</payment_method_added>
  <smart_routed type="boolean">false</smart_routed>
  <message key="messages.transaction_succeeded">Succeeded!</message>
  <gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
  <gateway_type>test</gateway_type>
  <shipping_address>
    <name>Newfirst Newlast</name>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
  </shipping_address>
  <response>
    <success type="boolean">true</success>
    <message>Successful purchase</message>
    <avs_code nil="true"/>
    <avs_message nil="true"/>
    <cvv_code nil="true"/>
    <cvv_message nil="true"/>
    <pending type="boolean">false</pending>
    <result_unknown type="boolean">false</result_unknown>
    <error_code nil="true"/>
    <error_detail nil="true"/>
    <cancelled type="boolean">false</cancelled>
    <fraud_review nil="true"/>
    <created_at type="dateTime">2021-05-10T13:50:06Z</created_at>
    <updated_at type="dateTime">2021-05-10T13:50:06Z</updated_at>
  </response>
  <api_urls>
  </api_urls>
  <payment_method>
    <token>1rpKvP8zOUhj4Y9EDrIoIYQzzD5</token>
    <created_at type="dateTime">2017-06-26T17:04:38Z</created_at>
    <updated_at type="dateTime">2021-05-05T14:16:10Z</updated_at>
    <email>[email protected]</email>
    <data>
      <my_payment_method_identifier>448</my_payment_method_identifier>
      <extra_stuff>
        <some_other_things>Can be anything really</some_other_things>
      </extra_stuff>
    </data>
    <storage_state>retained</storage_state>
    <test type="boolean">true</test>
    <metadata>
      <key>string value</key>
    </metadata>
    <callback_url nil="true"/>
    <last_four_digits>1111</last_four_digits>
    <first_six_digits>411111</first_six_digits>
    <card_type>visa</card_type>
    <first_name>Newfirst</first_name>
    <last_name>Newlast</last_name>
    <month type="integer">3</month>
    <year type="integer">2032</year>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
    <company nil="true"/>
    <full_name>Newfirst Newlast</full_name>
    <eligible_for_card_updater type="boolean">true</eligible_for_card_updater>
    <shipping_address1 nil="true"/>
    <shipping_address2 nil="true"/>
    <shipping_city nil="true"/>
    <shipping_state nil="true"/>
    <shipping_zip nil="true"/>
    <shipping_country nil="true"/>
    <shipping_phone_number nil="true"/>
    <payment_method_type>credit_card</payment_method_type>
    <errors>
    </errors>
    <verification_value></verification_value>
    <number>XXXX-XXXX-XXXX-1111</number>
    <fingerprint>e3cef43464fc832f6e04f187df25af497994</fingerprint>
  </payment_method>
  <attempt_3dsecure type="boolean">false</attempt_3dsecure>
</transaction>

Referral CFT

To successfully process Referral CFT transactions (Credorax operation code [34]), you must include the gateway specific field referral_cft as part of a credit transaction request with a value of true.

curl https://core.spreedly.com/v1/transactions/KS3oZgWXCfFeirK16anYbijLxR/credit.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<transaction>
        <payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
        <amount>100</amount>
        <currency_code>USD</currency_code>
        <gateway_specific_fields>
          <credorax>
            <referral_cft>true</referral_cft>
          </credorax>
        </gateway_specific_fields>
      </transaction>'
<transaction>
  <on_test_gateway type="boolean">true</on_test_gateway>
  <created_at type="dateTime">2019-11-13T20:06:43Z</created_at>
  <updated_at type="dateTime">2019-11-13T20:06:43Z</updated_at>
  <succeeded type="boolean">true</succeeded>
  <state>succeeded</state>
  <token>SDfovnirEddMLq4axBha8v860ka</token>
  <transaction_type>Credit</transaction_type>
  <order_id nil="true"/>
  <ip nil="true"/>
  <description nil="true"/>
  <email nil="true"/>
  <merchant_name_descriptor nil="true"/>
  <merchant_location_descriptor nil="true"/>
  <gateway_specific_fields>
    <credorax>
      <referral_cft>true</referral_cft>
    </credorax>
  </gateway_specific_fields>
  <gateway_specific_response_fields>
  </gateway_specific_response_fields>
  <gateway_transaction_id>48</gateway_transaction_id>
  <gateway_latency_ms type="integer">0</gateway_latency_ms>
  <stored_credential_initiator nil="true"/>
  <stored_credential_reason_type nil="true"/>
  <warning nil="true"/>
  <amount type="integer">100</amount>
  <currency_code>USD</currency_code>
  <message key="messages.transaction_succeeded">Succeeded!</message>
  <gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
  <gateway_type>test</gateway_type>
  <shipping_address>
    <name nil="true"/>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
  </shipping_address>
  <response>
    <success type="boolean">true</success>
    <message>Successful credit</message>
    <avs_code nil="true"/>
    <avs_message nil="true"/>
    <cvv_code nil="true"/>
    <cvv_message nil="true"/>
    <pending type="boolean">false</pending>
    <result_unknown type="boolean">false</result_unknown>
    <error_code nil="true"/>
    <error_detail nil="true"/>
    <cancelled type="boolean">false</cancelled>
    <fraud_review nil="true"/>
    <created_at type="dateTime">2019-11-13T20:06:43Z</created_at>
    <updated_at type="dateTime">2019-11-13T20:06:43Z</updated_at>
  </response>
  <api_urls>
  </api_urls>
  <reference_token>AemZbZduTWVw3Ogm0w9I61in051</reference_token>
</transaction>

Gateway specific response fields

If you’ve enabled the ability to select a processor for a Credorax gateway, the response should contain the relevant processor fields, which you can find within gateway_specific_response_fields.

  • retrieval_reference_number corresponds to the Credorax field z13 and indicates an additional identifier of the transaction provided by the processor.
  • processor_response_code corresponds to the Credorax field z30 and indicates the processor routing method used for the transaction.
  • processor_routing_rule_id corresponds to the Credorax field z31 and indicates the processor routing rule ID that was responsible for the routing decision. This field is only populated when the processor_response_code is 2.
  • processor corresponds to the Credorax field z33 and indicates the payment processor that processed the transaction.
  • processor_merchant_id corresponds to the Credorax field z34 and indicates the merchant ID for the payment processor that processed the transaction.
  • processor_transaction_id corresponds to the Credorax field z39 and indicates the transaction ID for the corresponding payment processor.
  • processor_response_code corresponds to the Credorax field z41 and indicates the original response code received from the payment processor.
  • payment_account_reference corresponds to the Credorax field b20 and indicates the Payment Account Reference (PAR) received from the payment processor.
  • echo corresponds to the Credorax field d2 and is known as an echo parameter. This response field is only returned if the echo gateway specific field is sent with the transaction request.
  • merchant_advice_code corresponds to the Credorax field z44 and indicates to the merchant whether the decline is final.
  • operation_result_code corresponds to the Credorax field z2 and indicates the response code returned by the gateway.
  • operation_result_message message corresponding to the z2 code returned in operation_result_code.
  • operation_code corresponds to the Credorax field O and indicates the operation code applied to the transaction.

If you’ve enabled 3DS Adviser on your account with the Credorax gateway, additional response fields are included in the transaction response format:

  • SMART_3DS_RESULT describes the 3DS Adviser module recommendation.
  • SMART_3DS_RESULT_REASON includes the rule id which was executed as part of the Smart 3D rule engine.

For example, a transaction could look something like this:

<transaction>
  <token>LgpTNGjsWQs9DwdxcbreUVz0R8p</token>
  <transaction_type>Purchase</transaction_type>
  <gateway_specific_response_fields>
    <credorax>
      <processor_routing_method>1</processor_routing_method>
      <processor_routing_rule_id>3</processor_routing_rule_id>
      <processor>ISRACARD</processor>
      <processor_merchant_id>123456</processor_merchant_id>
      <processor_transaction_id>XZZ6891</processor_transaction_id>
      <processor_response_code>00</processor_response_code>
      <payment_account_reference>01234567890123456789012345678</payment_account_reference>
      <SMART_3DS_RESULT>01</SMART_3DS_RESULT>
      <SMART_3DS_RESULT_REASON>41</SMART_3DS_RESULT_REASON>
      <echo>Echo Parameter</echo>
      <merchant_advice_code>01</merchant_advice_code>
      <operation_result_code>0<operation_result_code>
      <operation_result_message>The transaction has been executed successfully.</operation_result_message>
      <operation_code>1</operation_code>
   </credorax>
  </gateway_specific_response_fields>
</transaction>