• TEST ENVIRONMENT

    As part of our SandBox program you will have access to all of tools and services to build your app or service, during that period of time you wont be able to process live transactions, only test ones - to make it easier for you we have put together a list of test cards you can use to test the processing aspects of our services - feel free to contact support at any time with questions.

    Test Cards

    Only the following credit card number are allowed while in test environment:

    Card Number Issuer
    4387751111111111 Visa (US)
    5442987111111111 MasterCard (US)
    371000911111111 American Express (US)
    4056850111111111 Visa (FR)
    5130113111111111 MasterCard (FR)
    36005131111111 Diners Club (GB)
    3535111111111111 JCB (JP)
    6221701111111111 LivaKash (JP)
    4580000000000000 VISA (IL)
    5326140000000000 MasterCard (IL)
    91000000 IsraCard (IL)

    * Use any future expiry date with these test cards.
    ** For American Express, pass any four digits as CVV2.
    ** For other credit card types, pass any three digits as CVV2.

    Controlling Reply

    Use the following amounts to cause either approval or various declines:

    Amount Response
    0.04 Error 1001: Soft Decline (Call)
    0.05 Error 1002: Insufficient Funds
    0.90 Approved with 5 second delay
    0.91 Approved with 10 second delay
    0.92 Approved with 20 second delay
    0.93 Approved with 30 second delay
    0.94 Approved with 40 second delay
    0.95 Approved with 50 second delay
    0.96 Approved with 60 second delay
    0.97 Approved with 70 second delay
    0.98 Approved with 80 second delay
    0.99 Approved with 90 second delay
    55.3 3D secure simulator - this will return 533 and redirect Url to complete transaction
    1.00 + Approved

    * Enabled only after all data being send are in the correct format and length
    ** Specifying any other amount will cause reply 596 (Integration mode - incorrect charge amount)

  • Recurring information

    The following examples are an overview on how to send recurring data.
    The code shown is intended to give you a start point on how to implement recurring information in our services.

    Pay attention: recurring series is limited in time. The maximum duration is 10 years.

    Each recurring field has the following format:
    {number of charges}{gap unit}{gap length}A{amount}

    Recurring Field Part Description Possible Values
    {number of charges} A number of charges in this stage of the recurring series A positive integer number between 1 and 99
    {gap unit} A unit to specify a gap between the dates of subsequent charges D (day), W (week), M (month), Q (quarter), Y (year)
    {gap length} A number of gap units 1 or more
    A{amount} Amount to charge every time (optional) with decimal point (if needed) Use only if the amount to charge at this stage is different from the initial transaction amount. If the amount is omitted, letter A must be omitted, too.

    Here are some useful samples of recurring series (having a transaction amount $10):

    Recurring1=12M1
    Annual subscription with monthly charges, $10 each charge
    Total amount is $120 for a year

    Recurring1=4Q1
    Annual subscription with quarterly charges, $10 each charge
    Total amount is $40 for a year

    Recurring1=1D5&Recurring2=12M1A30
    5 days trial, then annual subscription with monthly charges, $30 each charge
    Total amount is $370 for a year and five days

    Recurring1=1D5&Recurring2=1D25A20&Recurring3=11M1A30
    5 days trial, then a "remainder" charge ($20 for 25 days), then 11 months subscription with monthly charges, $30 each payment
    Total amount is $360 for a year

    Recurring1=3M1&Recurring2=3M1A20&Recurring3=6M1A30
    Annual subscription: first three months for $10 a month, then three months for $20 a month, then 6 months for $30 a month
    Total amount is $270 for a year

    Recurring1=1M1&Recurring2=2M1A10&Recurring3=3M1A20&Recurring4=6M1A30&RecurringTransType=0
    Annual subscription: first month for free, then two months for $10 a month, then three months for $20 a month, then 6 months for $30 a month Total amount is $260 for a year.

    Important for this sample
    - TransType must be 1, this ensures first month for free.
    - Amount should be 1, in order to affect the payment ability of the credit card as less as possible.

  • MANAGE RECURRING SERIES - SUBMITTING DATA

    This page describes how to remotely edit/cancel an existing recurring series.
    Using this interface you can:

    • suspend active series
    • resume suspended series
    • modify dates and/or amounts of future charges
    • delete series
    The request must be sent from your server to the following URL:https://process.coriunder.com/member/recurring_modify.aspx

    Sample requests:

    https://process.coriunder.com/member/recurring_modify.aspx?MerchantNumber=5722306&SeriesID=123&Action=SUSPEND

    https://process.coriunder.com/member/recurring_modify.aspx?MerchantNumber=5722306&TransID=987654&Action=RESUME

    https://process.coriunder.com/member/recurring_modify.aspx?MerchantNumber=5722306&SeriesID=123&Action=MODIFY&StartDD=15&StartMM=07&StartYYYY=2009&Recurring1=1W2A5.99&Recurring2=11M1A9.99

    REQUEST FIELDS

    Field Required Description
    MerchantNumber Yes Your merchant number - 5722306
    SeriesID Yes1 ID number of the recurring series.This field is required only if TransID is omitted.
    TransID Yes1 ID number of the initial transaction that started the recurring series.This field is required only if SeriesID is omitted.
    Action Yes Action to take on the series. Accepts one of the following values:
    • SUSPEND - Suspend the specified series, if active
    • RESUME - Resume the specified series, if suspended
    • DELETE - Delete the specified series (this cannot be undone!)
    • MODIFY - Drop all the future charges and create new charges based on the Recurring fields
    Uncharged No When resuming the series (Action=RESUME), action to take on the past charges which are still unprocessed. Accepts one of the following values:
    • CANCEL - Cancel all past charges which are still unprocessed.
    • REINSTATE - Reinstate all past charges which are still unprocessed (also charges that were manually cancelled in the past).
    • Empty (or omitted) – No changes are made to charges' state.
    Signature No Signature for verifying the authenticity of the request parameters. Field values to use: MerchantNumber + SeriesID + TransID + Action + PersonalHashKey Refer to for detailed explanation.

    OPTIONAL FIELDS - START DATE

    When the action is MODIFY, all the future charges in the specified recurring series are deleted. You can specify a date to start new charges' schedule. If omitted, the first of the new charges will be scheduled for today. If the first of the new charges is scheduled for today, it will be processed immediately!

    Field Length Description Details
    StartDD 2 Day Day to start the future charges. Between 1 and 31, depending on month specified in StartMM.
    StartMM 2 Month Month to start the future charges. Between 1 and 12.
    StartYYYY 4 Year Year to start the future charges. Cannot be less than the current year.

    OPTIONAL FIELDS - RECURRING STRINGS

    When the action is MODIFY, new payment schedule must be set. See for the recurring string structure and examples. Pay attention: recurring series is limited in time. The maximum duration is 10 years.

    Field Description MaxLength Required 2
    Recurring1 Parameter for first stage in the recurring series 12 Yes
    Recurring2 Parameter for second stage in the recurring series 12 No
    Recurring3 Parameter for third stage in the recurring series 12 No
    Recurring4 Parameter for fourth stage in the recurring series 12 No
    Recurring5 Parameter for fifth stage in the recurring series 12 No
    Recurring6 Parameter for sixth stage in the recurring series 12 No

    (1) Either SeriesID or TransID must be provided
    (2) When the action is MODIFY

    MANAGE RECURRING SERIES - CHECKING REPLY

    After the recurring series management request is received and processed, Coriunder system returns the reply code.
    This reply is for only the recurring management.
    To receive notification when recurring transaction is processed use the following setting page

    Example to how and what is replied

    Field
    Description
    Reply
    Two digits reply code (possible codes are listed below).
    Description
    The textual representation of the reply code (from the list below)
    Details
    Additional information, that may be useful for debugging purposes.
    Usually contains a list of fields with invalid values.

    Reply in case of success:

    REPLY=00&DESCRIPTION=SUCCESS

    Reply in case of failure:

    REPLY=09&DESCRIPTION=INVALID RECURRING STRING&DETAILS=Recurring2 5N1A7.01

    Reply codes

    00 = SUCCESS
    01 = MISSING ACTION
    02 = INVALID ACTION
    03 = MISSING MERCHANT NUMBER
    04 = SERIES ID CONFLICTS WITH TRANSACTION ID
    05 = MISSING SERIES ID OR TRANSACTION ID
    06 = MERCHANT NOT FOUND OR NOT AUTHORIZED
    07 = SERIES NOT FOUND FOR THE MERCHANT
    08 = MISSING RECURRING1
    09 = INVALID RECURRING STRING
    10 = INVALID START DATE
    11 = START DATE IS IN THE PAST
    12 = SERIES BLOCKED
    13 = INVALID UNCHARGED
    14 = INVALID SIGNATURE

  • MANAGE RECURRING SERIES - CHECKING REPLY

    After the recurring series management request is received and processed, Coriunder system returns the reply code.
    This reply is for only the recurring management.
    To receive notification when recurring transaction is processed use the following setting page

    Example to how and what is replied

    Field
    Description
    Reply
    Two digits reply code (possible codes are listed below).
    Description
    The textual representation of the reply code (from the list below)
    Details
    Additional information, that may be useful for debugging purposes.
    Usually contains a list of fields with invalid values.

    Reply in case of success:

    
           REPLY=00&DESCRIPTION=SUCCESS               
        

    Reply in case of failure:

    
            REPLY=09&DESCRIPTION=INVALID RECURRING STRING&DETAILS=Recurring2 5N1A7.01
        

    Reply codes

    00 = SUCCESS
    01 = MISSING ACTION
    02 = INVALID ACTION
    03 = MISSING MERCHANT NUMBER
    04 = SERIES ID CONFLICTS WITH TRANSACTION ID
    05 = MISSING SERIES ID OR TRANSACTION ID
    06 = MERCHANT NOT FOUND OR NOT AUTHORIZED
    07 = SERIES NOT FOUND FOR THE MERCHANT
    08 = MISSING RECURRING1
    09 = INVALID RECURRING STRING
    10 = INVALID START DATE
    11 = START DATE IS IN THE PAST
    12 = SERIES BLOCKED
    13 = INVALID UNCHARGED
    14 = INVALID SIGNATURE

  • SIGNATURE

    Integration with some of Coriunder payment services requires generating a hashed signature.

    SHA256 signature is used to validate the integrity of the data, for more information on SHA256 see: http://en.wikipedia.org/wiki/SHA256
    Your Personal Hash Key is managed in the Null page under Global Settings.

    Instruction

    • Concatenate the required parameters values, the list of required parameters is explained in the signature field on the API of the service you wish to use.
    • Add your Null to the end of the concatenated string.
    • Apply SHA256 hash to the string.
    • Convert the hash result to Base64.
    • URL encode the Base64 result if using GET mode.
    • Now that you have a signature, Include the result as a value of the signature field in the request.

    Example with the following values:
    CompanyNum = 1234567
    TransType = 1
    TypeCredit = 1
    Amount = 5.4
    Currency = 1
    CardNum = 4580000000000000
    RefTransID = 1234
    PersonalHashKey = AU7E468HNF

    CompanyNum + TransType + TypeCredit + Amount + Currency + CardNum + RefTransID + PersonalHashKey
    "1234567" + "1" + "1" + "5.4" + "1" + "4580000000000000" + "1234" + "AU7E468HNF"

    Base64(SHA256("1234567115.4145800000000000001234AU7E468HNF"))
    Result: "PTpzX9OACBC+V3Fd9+TNCehnwIfqMaXmnUtsZMSRyVo="

    Code Example

    The following examples show how the signature should be built in various languages.3

    All examples are using the string "1234567ABCDEFGHIJ" as input.
    The correct output with URLEncoded is "yZo3as0hwZMOO%2bVO0sTXSg%3d%3d".
    The correct output without URLEncoded is "yZo3as0hwZMOO+VO0sTXSg==".

    ASP.Net - (VB)

    Public Class Signature
            Public Shared Function GenerateSHA256(ByVal value As String) As String
            Dim sh As System.Security.Cryptography.SHA256 = System.Security.Cryptography.SHA256.Create()
            Dim hashValue As Byte() = sh.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value))
            Return System.Convert.ToBase64String(hashValue)
            End Function
            End Class
            'Usage Example
            Dim sSignature As String = Signature.GenerateSHA256("1234567ABCDEFGHIJ")

    2 - ASP.Net (C#)

    public class Signature
            {
            public static string GenerateSHA256(string value)
            {
            System.Security.Cryptography.SHA256 sh = System.Security.Cryptography.SHA256.Create();
            byte[] hashValue = sh.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value));
            return System.Convert.ToBase64String(hashValue);
            }
            }
            //Usage Example
            string sSignature = Signature.GenerateSHA256("1234567ABCDEFGHIJ");

    3 - PHP 5

    $val=base64_encode(hash("sha256", "1234567ABCDEFGHIJ", true));

    Classic ASP (VBScript)

    Private m_lOnBits(30)
            Private m_l2Power(30)
            Private K(63)
            Private Const BITS_TO_A_BYTE = 8
            Private Const BYTES_TO_A_WORD = 4
            Private Const BITS_TO_A_WORD = 32
            m_lOnBits(0) = CLng(1)
            m_lOnBits(1) = CLng(3)
            m_lOnBits(2) = CLng(7)
            m_lOnBits(3) = CLng(15)
            m_lOnBits(4) = CLng(31)
            m_lOnBits(5) = CLng(63)
            m_lOnBits(6) = CLng(127)
            m_lOnBits(7) = CLng(255)
            m_lOnBits(8) = CLng(511)
            m_lOnBits(9) = CLng(1023)
            m_lOnBits(10) = CLng(2047)
            m_lOnBits(11) = CLng(4095)
            m_lOnBits(12) = CLng(8191)
            m_lOnBits(13) = CLng(16383)
            m_lOnBits(14) = CLng(32767)
            m_lOnBits(15) = CLng(65535)
            m_lOnBits(16) = CLng(131071)
            m_lOnBits(17) = CLng(262143)
            m_lOnBits(18) = CLng(524287)
            m_lOnBits(19) = CLng(1048575)
            m_lOnBits(20) = CLng(2097151)
            m_lOnBits(21) = CLng(4194303)
            m_lOnBits(22) = CLng(8388607)
            m_lOnBits(23) = CLng(16777215)
            m_lOnBits(24) = CLng(33554431)
            m_lOnBits(25) = CLng(67108863)
            m_lOnBits(26) = CLng(134217727)
            m_lOnBits(27) = CLng(268435455)
            m_lOnBits(28) = CLng(536870911)
            m_lOnBits(29) = CLng(1073741823)
            m_lOnBits(30) = CLng(2147483647)
            m_l2Power(0) = CLng(1)
            m_l2Power(1) = CLng(2)
            m_l2Power(2) = CLng(4)
            m_l2Power(3) = CLng(8)
            m_l2Power(4) = CLng(16)
            m_l2Power(5) = CLng(32)
            m_l2Power(6) = CLng(64)
            m_l2Power(7) = CLng(128)
            m_l2Power(8) = CLng(256)
            m_l2Power(9) = CLng(512)
            m_l2Power(10) = CLng(1024)
            m_l2Power(11) = CLng(2048)
            m_l2Power(12) = CLng(4096)
            m_l2Power(13) = CLng(8192)
            m_l2Power(14) = CLng(16384)
            m_l2Power(15) = CLng(32768)
            m_l2Power(16) = CLng(65536)
            m_l2Power(17) = CLng(131072)
            m_l2Power(18) = CLng(262144)
            m_l2Power(19) = CLng(524288)
            m_l2Power(20) = CLng(1048576)
            m_l2Power(21) = CLng(2097152)
            m_l2Power(22) = CLng(4194304)
            m_l2Power(23) = CLng(8388608)
            m_l2Power(24) = CLng(16777216)
            m_l2Power(25) = CLng(33554432)
            m_l2Power(26) = CLng(67108864)
            m_l2Power(27) = CLng(134217728)
            m_l2Power(28) = CLng(268435456)
            m_l2Power(29) = CLng(536870912)
            m_l2Power(30) = CLng(1073741824)
            K(0) = &H428A2F98
            K(1) = &H71374491
            K(2) = &HB5C0FBCF
            K(3) = &HE9B5DBA5
            K(4) = &H3956C25B
            K(5) = &H59F111F1
            K(6) = &H923F82A4
            K(7) = &HAB1C5ED5
            K(8) = &HD807AA98
            K(9) = &h22835B01
            K(10) = &H243185BE
            K(11) = &H550C7DC3
            K(12) = &H72BE5D74
            K(13) = &H80DEB1FE
            K(14) = &H9BDC06A7
            K(15) = &HC19BF174
            K(16) = &HE49B69C1
            K(17) = &HEFBE4786
            K(18) = &HFC19DC6
            K(19) = &H240CA1CC
            K(20) = &H2DE92C6F
            K(21) = &H4A7484AA
            K(22) = &H5CB0A9DC
            K(23) = &H76F988DA
            K(24) = &H983E5152
            K(25) = &HA831C66D
            K(26) = &HB00327C8
            K(27) = &HBF597FC7
            K(28) = &HC6E00BF3
            K(29) = &HD5A79147
            K(30) = &H6CA6351
            K(31) = &h24292967
            K(32) = &H27B70A85
            K(33) = &H2E1B2138
            K(34) = &H4D2C6DFC
            K(35) = &H53380D13
            K(36) = &H650A7354
            K(37) = &H766A0ABB
            K(38) = &H81C2C92E
            K(39) = &H92722C85
            K(40) = &HA2BFE8A1
            K(41) = &HA81A664B
            K(42) = &HC24B8B70
            K(43) = &HC76C51A3
            K(44) = &HD192E819
            K(45) = &HD6990624
            K(46) = &HF40E3585
            K(47) = &h206AA070
            K(48) = &h29A4C116
            K(49) = &h2E376C08
            K(50) = &H2748774C
            K(51) = &H34B0BCB5
            K(52) = &H391C0CB3
            K(53) = &H4ED8AA4A
            K(54) = &H5B9CCA4F
            K(55) = &H682E6FF3
            K(56) = &H748F82EE
            K(57) = &H78A5636F
            K(58) = &H84C87814
            K(59) = &H8CC70208
            K(60) = &H90BEFFFA
            K(61) = &HA4506CEB
            K(62) = &HBEF9A3F7
            K(63) = &HC67178F2
            Private Function LShift(lValue, iShiftBits)
            If iShiftBits = 0 Then
            LShift = lValue
            Exit Function
            ElseIf iShiftBits = 31 Then
            If lValue And 1 Then
            LShift = &H80000000
            Else
            LShift = 0
            End If
            Exit Function
            ElseIf iShiftBits < 0 Or iShiftBits > 31 Then
            Err.Raise 6
            End If
            If (lValue And m_l2Power(31 - iShiftBits)) Then
            LShift = ((lValue And m_lOnBits(31 - (iShiftBits + 1))) * m_l2Power(iShiftBits)) Or &H80000000
            Else
            LShift = ((lValue And m_lOnBits(31 - iShiftBits)) * m_l2Power(iShiftBits))
            End If
            End Function
            Private Function RShift(lValue, iShiftBits)
            If iShiftBits = 0 Then
            RShift = lValue
            Exit Function
            ElseIf iShiftBits = 31 Then
            If lValue And &H80000000 Then
            RShift = 1
            Else
            RShift = 0
            End If
            Exit Function
            ElseIf iShiftBits < 0 Or iShiftBits > 31 Then
            Err.Raise 6
            End If
            RShift = (lValue And &H7FFFFFFE) \ m_l2Power(iShiftBits)
            If (lValue And &H80000000) Then
            RShift = (RShift Or (&H40000000 \ m_l2Power(iShiftBits - 1)))
            End If
            End Function
            Private Function AddUnsigned(lX, lY)
            Dim lX4, lY4, lX8, lY8, lResult
            lX8 = lX And &H80000000
            lY8 = lY And &H80000000
            lX4 = lX And &H40000000
            lY4 = lY And &H40000000
            lResult = (lX And &H3FFFFFFF) + (lY And &H3FFFFFFF)
            If lX4 And lY4 Then
            lResult = lResult Xor &H80000000 Xor lX8 Xor lY8
            ElseIf lX4 Or lY4 Then
            If lResult And &H40000000 Then
            lResult = lResult Xor &HC0000000 Xor lX8 Xor lY8
            Else
            lResult = lResult Xor &H40000000 Xor lX8 Xor lY8
            End If
            Else
            lResult = lResult Xor lX8 Xor lY8
            End If
            AddUnsigned = lResult
            End Function
            Private Function Ch(x, y, z)
            Ch = ((x And y) Xor ((Not x) And z))
            End Function
            Private Function Maj(x, y, z)
            Maj = ((x And y) Xor (x And z) Xor (y And z))
            End Function
            Private Function S(x, n)
            S = (RShift(x, (n And m_lOnBits(4))) Or LShift(x, (32 - (n And m_lOnBits(4)))))
            End Function
            Private Function R(x, n)
            R = RShift(x, CInt(n And m_lOnBits(4)))
            End Function
            Private Function Sigma0(x)
            Sigma0 = (S(x, 2) Xor S(x, 13) Xor S(x, 22))
            End Function
            Private Function Sigma1(x)
            Sigma1 = (S(x, 6) Xor S(x, 11) Xor S(x, 25))
            End Function
            Private Function Gamma0(x)
            Gamma0 = (S(x, 7) Xor S(x, 18) Xor R(x, 3))
            End Function
            Private Function Gamma1(x)
            Gamma1 = (S(x, 17) Xor S(x, 19) Xor R(x, 10))
            End Function
            Private Function ConvertToWordArray(bytearray)
            Dim lMessageLength
            Dim lNumberOfWords
            Dim lWordArray()
            Dim lBytePosition
            Dim lByteCount
            Dim lWordCount
            Dim lByte
            Const MODULUS_BITS = 512
            Const CONGRUENT_BITS = 448
            lMessageLength = UBound(bytearray)
            lNumberOfWords = (((lMessageLength + ((MODULUS_BITS - CONGRUENT_BITS) \ BITS_TO_A_BYTE)) 
            \ (MODULUS_BITS \ BITS_TO_A_BYTE)) + 1) * (MODULUS_BITS \ BITS_TO_A_WORD)
            ReDim lWordArray(lNumberOfWords - 1)
            lBytePosition = 0
            lByteCount = 0
            Do Until lByteCount >= lMessageLength
            lWordCount = lByteCount \ BYTES_TO_A_WORD
            lBytePosition = (3 - (lByteCount Mod BYTES_TO_A_WORD)) * BITS_TO_A_BYTE
            lByte = bytearray(lByteCount)
            lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(lByte, lBytePosition)
            lByteCount = lByteCount + 1
            Loop
            lWordCount = lByteCount \ BYTES_TO_A_WORD
            lBytePosition = (3 - (lByteCount Mod BYTES_TO_A_WORD)) * BITS_TO_A_BYTE
            lWordArray(lWordCount) = lWordArray(lWordCount) Or LShift(&H80, lBytePosition)
            lWordArray(lNumberOfWords - 1) = LShift(lMessageLength, 3)
            lWordArray(lNumberOfWords - 2) = RShift(lMessageLength, 29)
            ConvertToWordArray = lWordArray
            End Function
            Public Function StringToUTF8Array(astr)
            Dim x, OutArr()
            Redim OutArr(Len(astr) * 2)
            x = 0
            For i = 1 to Len(astr)
            val = Asc(Mid(astr, i, 1)) And &h0000FFFF&
            If val < 256 Then
            OutArr(x) = val
            x = x + 1
            Else
            OutArr(x) = (val \ 256)
            OutArr(x + 1) = (val And &hFF)
            x = x + 2
            End If
            Next
            Redim Preserve OutArr(x)
            StringToUTF8Array = OutArr
            End Function
            Public Function SHA256(sMessage)
            Dim HASH(7)
            Dim M
            Dim W(63)
            Dim a, b, c, d, e, f, g, h, i, j, T1, T2
            HASH(0) = &H6A09E667
            HASH(1) = &HBB67AE85
            HASH(2) = &H3C6EF372
            HASH(3) = &HA54FF53A
            HASH(4) = &H510E527F
            HASH(5) = &H9B05688C
            HASH(6) = &h2F83D9AB
            HASH(7) = &H5BE0CD19
            M = ConvertToWordArray(StringToUTF8Array(sMessage))
            For i = 0 To UBound(M) Step 16
            a = HASH(0)
            b = HASH(1)
            c = HASH(2)
            d = HASH(3)
            e = HASH(4)
            f = HASH(5)
            g = HASH(6)
            h = HASH(7)
            For j = 0 To 63
            If j < 16 Then
            W(j) = M(j + i)
            Else
            W(j) = AddUnsigned(AddUnsigned(AddUnsigned(Gamma1(W(j - 2)), W(j - 7)), Gamma0(W(j - 15))), W(j - 16))
            End If
            T1 = AddUnsigned(AddUnsigned(AddUnsigned(AddUnsigned(h, Sigma1(e)), Ch(e, f, g)), K(j)), W(j))
            T2 = AddUnsigned(Sigma0(a), Maj(a, b, c))
            h = g
            g = f
            f = e
            e = AddUnsigned(d, T1)
            d = c
            c = b
            b = a
            a = AddUnsigned(T1, T2)
            Next
            HASH(0) = AddUnsigned(a, HASH(0))
            HASH(1) = AddUnsigned(b, HASH(1))
            HASH(2) = AddUnsigned(c, HASH(2))
            HASH(3) = AddUnsigned(d, HASH(3))
            HASH(4) = AddUnsigned(e, HASH(4))
            HASH(5) = AddUnsigned(f, HASH(5))
            HASH(6) = AddUnsigned(g, HASH(6))
            HASH(7) = AddUnsigned(h, HASH(7))
            Next
            SHA256 = LCase(Right("00000000" & Hex(HASH(0)), 8) & Right("00000000" & Hex(HASH(1)), 8) & Right("00000000" &
            Hex(HASH(2)), 8) & Right("00000000" & Hex(HASH(3)), 8) & Right("00000000" & Hex(HASH(4)), 8) &
            Right("00000000" & Hex(HASH(5)), 8) & Right("00000000" & Hex(HASH(6)), 8) &
            Right("00000000" & Hex(HASH(7)), 8))
            End Function
            Function Base64Encode(inData)
            Const Base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
            Dim cOut, sOut, I
            For I = 1 To Len(inData) Step 6
            Dim nGroup, pOut
            nGroup = &h20000 * EVal("&h" & Mid(inData, I, 2))
            If I + 3 <= Len(inData) Then nGroup = nGroup + &h200 * EVal("&h" & Mid(inData, I + 2, 2))
            If I + 5 <= Len(inData) Then nGroup = nGroup + EVal("&h" & Mid(inData, I + 4, 2))
            nGroup = Oct(nGroup)
            nGroup = String(8 - Len(nGroup), "0") & nGroup
            pOut = Mid(Base64, CLng("&o" & Mid(nGroup, 1, 2)) + 1, 1) + _
            Mid(Base64, CLng("&o" & Mid(nGroup, 3, 2)) + 1, 1) + _
            Mid(Base64, CLng("&o" & Mid(nGroup, 5, 2)) + 1, 1) + _
            Mid(Base64, CLng("&o" & Mid(nGroup, 7, 2)) + 1, 1)
            sOut = sOut + pOut
            Next
            Select Case Len(inData) Mod 6
            Case 2: '8 bit final
            sOut = Left(sOut, Len(sOut) - 2) + "=="
            Case 4: '16 bit final
            sOut = Left(sOut, Len(sOut) - 1) + "="
            End Select
            Base64Encode = sOut
            End Function
            'the bellow function use Persits asp encrypt - it's appear here to compare the result of the native algorithem
            'Function ExternalCalcHash(hashString)
            '	Dim CM, Context, Hash
            '	Set CM = Server.CreateObject("Persits.CryptoManager")
            '	Set Context = CM.OpenContextEx("Microsoft Enhanced RSA and AES Cryptographic Provider (Prototype)", "", True)
            '	Set Hash = Context.CreateHash(32780)
            '	Hash.AddText hashString
            '	ExternalCalcHash = Hash.Value.Base64
            '	Set Hash = Nothing
            '	Set Context = Nothing
            '	Set CM = Nothing
            'End Function
            'Response.Write ExternalCalcHash("ValuesForTheSignature")
            '*******example of use********'
            'Response.Write Base64Encode(SHA256("ValuesForTheSignature"))

    Signature Generating Form Use the following form to compare the output signature from your code with ours.

  • CODING - Sending data

    The following examples are a basic overview on how to send data over the internet.
    The code shown is intended to give you the programmer a start point on how to implement the Coriunder API

    Sending server-side request

    Server-side ASP.Net

    
        <%@ Page Language="C#" %>
        <%@ import Namespace="System.Net" %>
        <%@ import Namespace="System.IO" %>
        <html xmlns="http://www.w3.org/1999/xhtml">
        <head>
            <title>Processor - C#</title>
        </head>
        <body>
            <script runat="server">
                public void Page_Load()
                {
                    if(! IsPostBack)
                    {
                    //------------- building url string to send
                    String sendStr;
                    sendStr = "https://www.domain.com/file.asp?";
                    sendStr += "Field1=" + Server.URLEncode(Request.Form["Var1"]) + "&";
                    sendStr += "Field2=" + Server.URLEncode(Request.Form["Var2"]) + "&";
                    sendStr += "Field3=" + Server.URLEncode(Request.Form["Var3"]);
                    //------------- creating the request
                    HttpWebRequest webReq = (HttpWebRequest)WebRequest.Create(sendStr);
                    webReq.Method = "GET";
                    //------------- checking the response
                    try
                    {
                        HttpWebResponse webRes = (HttpWebResponse)webReq.GetResponse();
                        StreamReader sr = new StreamReader(webRes.GetResponseStream());
                        String resStr = sr.ReadToEnd();
                        Response.Write("Response String: " + resStr + "<br />");
                    }
                    catch(Exception ex)
                    {
                        Response.Write(ex.Message);
                    }
                    }
                }
            </script>
        </body>
        </html>
                        

    Server-side ASP.Net (VB)

    
        <%@ Page Language="VB" %>
        <%@ import Namespace="System.Net" %>
        <%@ import Namespace="System.IO" %>
        <html xmlns="http://www.w3.org/1999/xhtml">
            <head>
                <title>Processor - VB.NET</title>
            </head>
            <body>
                <script runat="server">
                    Sub Page_Load()
                        If Not IsPostBack Then
                            '------------- building url string to send
                            Dim sendStr As String
                            sendStr = "https://www.domain.com/file.asp?"
                            sendStr &= "Field1=" & Server.URLEncode(Request.Form("Var1")) & "&"
                            sendStr &= "Field2=" & Server.URLEncode(Request.Form("Var2")) & "&"
                            sendStr &= "Field3=" & Server.URLEncode(Request.Form("Var3"))
                            '------------- creating the request
                            Dim webReq As HttpWebRequest = WebRequest.Create(sendStr)
                            webReq.Method = "GET"
                            '------------- checking the response
                            Try
                                Dim webRes As HttpWebResponse = webReq.GetResponse()
                                Dim sr As New StreamReader(webRes.GetResponseStream())
                                Dim resStr As String = sr.ReadToEnd()
                                Response.Write("Response String: " & resStr & "<br />")
                            Catch ex As Exception
                                Response.Write(ex.Message)
                            End Try
                        End If
                    End Sub
                </script>
            </body>
            </html>
                        

    Server-side Classic ASP (VB Script)

    
        <%'------------- declaration
        Dim SendStr, HttpReq, ResStr
        
        '------------- building url string to send
        sendStr = "https://www.domain.com/file.asp?"
        sendStr = sendStr & "Field1=" & Server.URLEncode(Request.Form("Var1")) & "&"
        sendStr = sendStr & "Field2=" & Server.URLEncode(Request.Form("Var2")) & "&"
        sendStr = sendStr & "Field3=" & Server.URLEncode(Request.Form("Var2"))
        '------------- creating the request
        Set HttpReq = CreateObject("Msxml2.XMLHTTP.3.0")
        HttpReq.open "get", sendStr, False
        HttpReq.send()
        '------------- checking the response
        resStr = HttpReq.responseText
        Response.Write("Response String: " & resStr)
        %>
                        

    Please note: All code samples displayed above do not contain any validation implementation, It is strongly recommended that you implement validation in your system.

    Opening a window

    Using a link (HTML)

    
        <a href="https://www.domain.com?Field1=Val1&Field2=Val2&Field3=Val3" 
        target="fraWindow" 
        onclick="window.open('', this.target, 'scrollbars=1,
        width=450, height=500, resizable=0, Status=1');">link</a>
                                    

    Using a form (HTML)

    
        <form action="https://www.domain.com" 
        method="post" 
        name="formName1" 
        target="fraWindow" 
        onsubmit="window.open('', this.target, 'scrollbars=1, width=450, height=500, resizable=0, Status=1');">
        <input type="hidden" name="Field1" value="Val1">
        <input type="hidden" name="Field2" value="Val2">
        <input type="hidden" name="Field3" value="Val3">
        <input type="submit" value="submit">
        </form>
                        
  • CODING - SERVICE USAGE

    SOAP V 1.1

    Every SOAP 1.1 request has to be enveloped within an XML file using the following elements

    <?xml version="1.0" encoding="utf-8"?>
                <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 
                    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
                    <soap:Body>
                    [Message Data]
                    </soap:Body>
                </soap:Envelope>
           

    SOAP requests in version 1.1 should also include SOAPAction Header in the request which specify the method to use
    Example

    
        SOAPAction: http://coriunder.com/ManageBlocks
            

    SOAP requests in version 1.1 should also include Content-Type Header with value of "text/xml;"
    Example:

    
                        Content-Type: text/xml; charset=utf-8
            

    SOAP V 1.2

    Every SOAP 1.2 request has to be enveloped within an XML file using the following elements

    <?xml version="1.0" encoding="utf-8"?>
        <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
        xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope">
        <soap12:Body>
        [Message Data]
        </soap12:Body>
        </soap12:Envelope>

    SOAP requests in version 1.2 should also include Content-Type Header with value of "application/soap+xml;"
    Example:

         
                Content-Type: application/soap+xml; charset=utf-8
            
  • REPLY CODES

    000 = The transaction has completed successfully
    001 = Transaction is pending authorization

    System Decline Codes

    Reply Description
    1001 Test Environment Only - Soft Decline (Call)
    1002 Test Environment Only - Insufficient Funds
    500 Merchant company number or signature is invalid
    501 Merchant is not activated
    502 Merchant is unauthorized to use this service
    503 Merchant unauthorized to process that type of credit card in that currency
    504 Merchant "authorization only" option is inactive
    505 Charge amount not in allowed range !
    506 Data is missing, check CardNum, Amount, Currency, Payments, Expiration Date and TypeCredit
    507 Credit card number is invalid
    508 Invalid data range - currency, typeCredit, data length
    509 Credit card number is blocked
    510 Credit card is expired
    511 Missing card holder Name
    512 Missing or incorrect length of card verification number (cvv2)
    513 Missing government issued id number
    514 Missing card holder phone number
    515 Missing or invalid card holder email address
    516 Missing client ip
    517 Full name is invalid
    518 TermCode is missing, invalid or not configured
    519 This card is not certified
    520 Internal error
    521 Unable to complete transaction (communication failure)
    522 System blocked transaction (duplicate transaction within the specified timeframe)
    523 System Error
    524 Processing System Error
    525 Daily volume limit exceeded
    526 Invalid request source
    527 Service not allowed from your IP Address
    528 Missing or incorrect MD5 signature
    529 Duplicate transaction
    530 Transaction amount exceeded system`s limit
    531 Currency is invalid or not setup for processing
    532 RefTransID - can't find original transaction
    533 Unable to refund more then the original transaction`s Amount
    534 The request must be sent over secure socket layer (HTTPS)
    535 Invalid RefTransID parameter
    536 Initial pre-auth transaction not found: check TransApprovalID and Currency
    537 Silent Post with credit card details is not allowed
    538 Captured amount is higher that authorized
    539 Transaction amount is invalid
    540 Billing address - missing address
    541 Billing address - missing city name
    542 Billing address - missing or invalid zip code
    543 Billing address - missing or invalid state
    544 Billing address - missing or invalid country
    545 Request length limit exceeded
    546 Previous transaction with this card is still in process, please try again after response is sent
    547 Too many cards for single email or too many emails for single card.
    548 Declined by external processor
    549 Processing stored card - merchant is unauthorized to use this service
    550 Recurring transactions - merchant is unauthorized to use this service
    551 Recurring transactions - data is missing
    552 Transaction is pending for SMS code
    553 3D Secure Redirection is needed
    554 Bank Transfer, redirection is needed
    555 Recurring limit exceeded
    556 Waiting for SMS message containing the code
    557 Billing address - invalid zip code
    558
    559 Wrong CVV length, please use 3 digit number from back of the card
    560 Not Exist in PPC List
    561 This credit card has been temporarily blocked.
    562 Cardholder data is blacklisted
    563 This credit card has been temporarily blocked.
    564 Only one refund permitted per transaction
    565
    580 Did not pass fraud detection test
    581 Negativ Country List Block
    582 Country IP is blocked
    583 Weekly charge count limit reached for this credit card
    584 Weekly charge amount limit reached for this credit card
    585 Charge count limit reached for this credit card
    586 Charge amount limit reached for this credit card
    587 Reached daily limit of failed charges
    588 Incorrect charge amount
    589 Blocked group of credit cards
    590 Input parameter is out of range
    591 Input parameter is too long
    592 Processor is not available
    593 Monthly charge count limit reached for this credit card
    594 Monthly charge amount limit reached for this credit card
    595 Integration mode - incorrect credit card number
    596 Integration mode - incorrect charge amount
    597 Daily charge count limit reached for this credit card
    598 Daily charge amount limit reached for this credit card
    599 Declined by issuing bank
    600 The customer has closed the payment page window

    Bank Decline Codes

    Reply Description
    XXX (Any other code) Transaction was not authorized See explanation in the reply string returned or in transaction list under "rejected transactions"
  • ISO CODES

    We use ISO standard two letter codes for specifying countries and states.

    Country Codes

    Code Name
    AF Afghanistan
    AX Aland Islands
    AL Albania
    DZ Algeria
    AS American Samoa
    AD Andorra
    AO Angola
    AI Anguilla
    AQ Antarctica
    AG Antigua
    AR Argentina
    AM Armenia
    AW Aruba
    AU Australia
    AT Austria
    AZ Azerbaijan
    BS Bahamas
    BH Bahrain
    BD Bangladesh
    BB Barbados
    BY Belarus
    BE Belgium
    BZ Belize
    BJ Benin
    BM Bermuda
    BT Bhutan
    BO Bolivia
    BA Bosniaand Herzegovina
    BW Botswana
    BV Bouvet island
    BR Brazil
    IO British Indian Ocean Territory
    BN Brunei
    BG Bulgaria
    BF Burkina Faso
    BI Burundi
    KH Cambodia
    CM Cameroon
    CA Canada
    CV Cape verde
    KY Cayman Islands
    CF Central african republic
    TD Chad
    CL Chile
    CN China
    CX Christmas island
    CC Cocos (keeling) islands
    CO Colombia
    KM Comoros
    CD Congo, DRC
    CG Congo, ROC
    CK Cook islands
    CR Costa Rica
    HR Croatia
    CU Cuba
    CY Cyprus
    CZ Czech Republic
    DK Denmark
    DJ Djibouti
    DM Dominica
    DO Dominican Republic
    EC Ecuador
    EG Egypt
    SV El Salvador
    GQ Equatorial Guinea
    ER Eritrea
    EE Estonia
    ET Ethiopia
    MK F.Y.R. of Macedonia
    FK Falkland islands (malvinas)
    FO Faroe islands
    FJ Fiji Islands
    FI Finland
    FR France
    GF French Guiana
    PF French Polynesia
    TF French Southern and Antarctic Lands
    GA Gabon
    GM Gambia
    GE Georgia
    DE Germany
    GH Ghana
    GI Gibraltar
    GR Greece
    GL Greenland
    GD Grenada
    GP Guadeloupe
    GU Guam
    GT Guatemala
    GG Guernsey
    GN Guinea
    GW Guinea-Bissau
    GY Guyana
    HT Haiti
    HM Heard Island and McDonald Islands
    VA Holy see (vatican city state)
    HN Honduras
    HK Hong Kong SAR
    HU Hungary
    IS Iceland
    IN India
    ID Indonesia
    IR Iran
    IQ Iraq
    IE Ireland
    IM Isle of Man
    IL Israel
    IT Italy
    CI Ivory Coast
    JM Jamaica
    JP Japan
    JE Jersey
    JO Jordan
    KZ Kazakhstan
    KE Kenya
    KI Kiribati
    KR Korea
    KP Korea (North)
    KW Kuwait
    KG Kyrgyz Republic
    LA Lao, PDR
    LV Latvia
    LB Lebanon
    LS Lesotho
    LR Liberia
    LY Libya
    LI Liechtenstein
    LT Lithuania
    LU Luxembourg
    MO Macau
    MG Madagascar
    MW Malawi
    MY Malaysia
    MV Maldives
    ML Mali
    MT Malta
    MH Marshall islands
    MQ Martinique
    MR Mauritania
    MU Mauritius
    YT Mayotte
    MX Mexico
    FM Micronesia
    MD Moldova
    MC Monaco
    MN Mongolia
    ME Montenegro
    MS Montserrat
    MA Morocco
    MZ Mozambique
    MM Myanmar
    NA Namibia
    NR Nauru
    NP Nepal
    NL Netherlands
    AN Netherlands Antilles
    NC New caledonia
    NZ New Zealand
    NI Nicaragua
    NE Niger
    NG Nigeria
    NU Niue
    NF Norfolk island
    MP Northern mariana islands
    NO Norway
    OM Oman
    PK Pakistan
    PW Palau
    PS Palestinian territory
    PA Panama
    PG Papua New Guinea
    PY Paraguay
    PE Peru
    PH Philippines
    PN Pitcairn
    PL Poland
    PT Portugal
    PR Puerto Rico
    QA Qatar
    RE R?union
    RO Romania
    RU Russia
    RW Rwanda
    SH Saint helena
    KN Saint kitts and nevis
    LC Saint lucia
    PM Saint pierre and miquelon
    VC Saint vincent & the grenadines
    BL Saint-Barthélemy
    MF Saint-Martin (French part)
    SM San Marino
    ST Sao tome and principe
    SA Saudi Arabia
    SN Senegal
    RS Serbia
    CS Serbia and montenegro
    SC Seychelle Islands
    SL Sierra Leone
    SG Singapore
    SK Slovak Republic
    SI Slovenia
    SB Solomon islands
    SO Somalia
    ZA South Africa
    GS South Georgia and the South Sandwich Islands
    SS South Sudan
    ES Spain
    LK SriLanka
    SD Sudan
    SR Suriname
    SJ Svalbard and jan mayen
    SZ Swaziland
    SE Sweden
    CH Switzerland
    SY Syria
    TW Taiwan
    TJ Tajikistan
    TZ Tanzania
    TH Thailand
    TL Timor-leste
    TG Togo
    TK Tokelau
    TO Tonga
    TT Trinidad and Tobago
    TN Tunisia
    TR Turkey
    TM Turkmenistan
    TC Turks and caicos islands
    TV Tuvalu
    VI U.S.Virgin Islands
    UG Uganda
    UA Ukraine
    AE United Arab Emirates
    GB United Kingdom
    US United States
    UY Uruguay
    UM US minor outlying islands
    UZ Uzbekistan
    VU Vanuatu
    VE Venezuela
    VN Vietnam
    VG Virgin islands, british
    WF Wallis and futuna
    EH Western sahara
    WS Western Samoa
    YE Yemen
    ZM Zambia
    ZW Zimbabwe
  • State Codes

    Code State
    Canada
    BC British Columbia
    MB Manitoba
    AB Alberta
    NB New Brunswick
    NF Newfoundland
    NL Newfoundland and Labrador
    NS Nova Scotia
    NT Northwest Territorie
    NU Nunavut
    SK Saskatchewan
    PE Prince Edward Island
    QC Quebec
    ON Ontario
    YT Yukon Territory
    United States
    AA Armed Forces Americas
    OR Oregon
    PA Pennsylvania
    RI Rhode Island
    SC South Carolina
    SD South Dakota
    TN Tennessee
    TX Texas
    UT Utah
    VA Virginia
    VT Vermont
    WA Washington
    WI Wisconsin
    WV West Virginia
    WY Wyoming
    NV Nevada
    NY New York
    OH Ohio
    OK Oklahoma
    NM New Mexico
    NH New Hampshire
    NJ New Jersey
    NC North Carolina
    ND North Dakota
    NE Nebraska
    AE Armed Forces Europe, Middle East, Africa and Canada
    AK Alaska
    AL Alabama
    AP Armed Forces Pacific
    AR Arkansas
    AZ Arizona
    MD Maryland
    ME Maine
    MI Michigan
    MN Minnesota
    MO Missouri
    MS Mississippi
    MT Montana
    CA California
    CO Colorado
    CT Connecticut
    DC District of Columbia
    DE Delaware
    FL Florida
    GA Georgia
    HI Hawaii
    IA Iowa
    ID Idaho
    IL Illinois
    IN Indiana
    KS Kansas
    KY Kentucky
    LA Louisiana
    MA Massachusetts
  • PAYMENT GROUPS:

    ID Name Abbreviation
    0 Other OP
    1 Credit Card CC
    2 ACH (Electronic Checks) EC
    3 Instant Online Bank Transfer ID
    4 European Direct Debit DD
    6 Micropay PD
    7 Online Bank Transfer OB
    8 Wallet CS
  • PAYMENT METHODS:

    ID Name Abbreviation
    0 Unknown UNKN
    20 CC Unknown CCUN
    21 Isracard ISCR
    22 Visa VISA
    23 Diners DINR
    24 Amex AMEX
    25 Mastercard MSCD
    26 Direct DIRC
    28 Maestro MAES
    29 PrepaidCards PRPD
    31 JCB JCBC
    32 Discover DISC
    33 China UnionPay CUPY
    34 LiveKash LVKS
    100 eCheck ECHK
    101 Giropay GPAY
    106 Przelewy24 PRZW
    107 EPS EPSP
    109 iDEAL IDEL
    110 TeleIngreso TLIG
    113 PostFinance PFIN
    114 Sofort SFOR
    115 POLi POLI
    117 Automatische Incasso AINC
    118 Cargo Bancario CBCO
    119 Instant Debit INDB
    120 Bankeinzug BKEZ
    121 Lastschrift LTCT
    122 Addebito ADBT
    123 Debit direct DTDB
    124 Dom 80 DM80
    125 ???????? ????? DDBS
    126 ????? ?????? DIBT
    127 Inkaso INKS
    128 Betalingsservice BLSV
    129 Otsekorraldus OKDS
    130 Suoraveloitus SUVS
    131 ????? ?????? DBIT
    132 Beingrei?slur BRSR
    133 Tie?ais Debets TSDB
    134 Tiesioginis Debetas TGDB
    135 DOM-Electronique DOME
    136 Debitu Dirett DUDI
    137 Pr?l?vement Bancaire PBNC
    138 Direct Debets DDBT
    139 Przelew Bankowy PZBK
    140 D?bito Directo DBDI
    141 Inkaso INKO
    142 Neposredne Bremenitve NBMT
    143 Autogiro AUGR
    144 TP OBT TPOB
    145 SEPA SEPA
    146 China UnionPay CUP
    149 Online Bank Transfer OLBT
    151 WebMoney WBMY
    200 SMS IN SMSI
    201 SMS OUT SMSO
    202 IVR PerCall IVRC
    203 IVR PerMin IVRM
    204 IVR FreeTime IVRF
    205 Qiwi QIWI
    231 PayPal PPAL
    232 Google Checkout GLCK
    233 MoneyBookers MNBK
  • REFUND REQUESTS - SUBMITTING DATA

    This page describes how to manage refund requests remotely.

    • Using this interface you can create new refund request and/or check refund request status
    • Refund request can be either full or partial 1.
    • Multiple partial refund request can be created for single transaction.
    • The overall amount of all refund requests for a single transaction cannot exceed the initial transaction amount.
    • Expired credit card cannot be refunded.
    • Transaction over a year old cannot be refunded.

    PAGE URL

    https://process.coriunder.com/member/RefundRequest.aspx

    Request Fields

    Field
    Description
    Max
    Length
    Required
    MerchantNumber
    Your merchant number - #######
    7 Yes
    RefTransID
    Refunded Transaction ID - ID number of the initial transaction (the one to be refunded).
    9 Yes
    Action
    Action to take - Accepts one of the following values:
    • CREATE - create new refund request.
    • STATUS - check refund request status*.
    • DELETE - delete pending refund request**.
    * If there are multiple refund requests for the transaction, status of each request is returned.
    ** If there are multiple pending refund requests for the transaction, RequestID must be specified.
    6 Yes
    Amount
    Amount to refund
    When the action is CREATE, a refund amount can be specified.
    This field is needed only for creating a partial refund request 1 on the transaction.

    The amount requested to refund cannot exceed the initial transaction amount.
    If omitted, all the initial transaction amount is requested to refund.

    If there is a partial refund request already created for the transaction,
    the new refund request amount cannot exceed the remaining amount.
    If omitted in this case, all the remaining amount is requested to refund.
    10 No
    RequestID Refund Request ID - ID number of the existing unprocessed (pending) refund request for transaction specified in RefTransID.
    9 No
    Signature
    Signature for verifying the authenticity of the request parameters.
    Field values to use: MerchantNumber + PersonalHashKey

    Refer to BASIC INFO --> SIGNATURE for detailed explanation.
    30 Yes
    Comment
    Optional text used mainly to describe the refund request reason and details 300 No

    REQUEST EXAMPLES 3

    1. Create new refund request:

    
                                https://process.coriunder.com/member/RefundRequest.aspx?MerchantNumber=7654321&RefTransID=1234567&Action=CREATE&Signature=cHFg9Dykno0W8uR/G35aIQ==
                            

    2. Create new refund request (partial) 1:

    
                                https://process.coriunder.com/member/RefundRequest.aspx?MerchantNumber=7654321&RefTransID=1234567&Action=CREATE&Amount=1.23&Signature=cHFg9Dykno0W8uR/G35aIQ==
                            

    3. Check refund request status:

    
                                https://process.coriunder.com/member/RefundRequest.aspx?MerchantNumber=7654321&RefTransID=1234567&Action=STATUS&Signature=cHFg9Dykno0W8uR/G35aIQ==
                            

    4. Delete refund request:

    
                                https://process.coriunder.com/member/RefundRequest.aspx?MerchantNumber=7654321&RefTransID=1234567&Action=DELETE&RequestID=123456&Signature=cHFg9Dykno0W8uR/G35aIQ==
                            

    (1) Due to the risk management policy, some debit terminals do not allow partial refund requests
    (2) Taken from management --> security settings
    (3) Examples include a sample only signature, for the real request to work replace signature with your own

  • REFUND REQUESTS - CHECKING REPLY

    After the remote refund request is received and processed, Coriunder system returns its reply in QueryString format.
    This reply is for the refund request only.
    To receive notification when refund is processed use the following setting page GLOBAL SETTINGS NOTIFICATIONS

    Response Fields

    Field Description
    Reply Reply code (see list below).
    ReplyDesc Reply description
    RequestID CurrentDomain number of the created refund request.
    Appears only when the requested action is CREATE.
    RequestCount Number of refund requests for the specified transaction.
    When the requested action is CREATE, includes the created refund request as well as all previous requests.
    When the requested action is DELETE, the deleted refund request is not counted.
    RequestedAmount Overall amount of all refund requests for the specified transaction.
    When the requested action is CREATE, includes the created refund request as well as all previous requests.
    When the requested action is DELETE, the deleted refund request is not counted.

    REPEATED FIELDS

    These fields appear for each refund request.
    The name of each field instance consists of the field name followed by the refund request index (from 1 to RequestCount).
    In the following description the refund request index is omitted.

    ID
    CurrentDomain number of the refund request.
    Amount
    The amount to be refunded in this request.
    Confirm
    Refund confirmation number.
    For status other than ACCEPTED, empty string is returned.
    Date
    Creation date and time of the refund request.
    The format is DD/MM/yyyy HH:mm:ss.
    Status
    The current status of the refund request. Can be one of the following values:
    CANCELED, CANCELED BY MERCHANT, CREATED, INVIK BATCH, PENDING, PROCESSED, PROCESSING.

    Response EXAMPLES

    1. Reply in case of success (STATUS - two refund requests found):

    
                        Reply=0&ReplyDesc=Success&RequestCount=2&RequestedAmount=123.00
    &ID1=12345&Amount1=100.00&Confirm1=&Date1=31/05/2009 15:59:00&Status1=Pending
    &ID2=12346&Amount2=23.00&Confirm2=&Date2=31/05/2009 16:01:00&Status2=Pending

    1. Reply in case of success (STATUS - two refund requests found):

     Reply=0&ReplyDesc=Success&RequestID=13315&RequestCount=2&RequestedAmount=123.00
    &ID1=12345&Amount1=100.00&Confirm1=&Date1=31/05/2009 15:59:00&Status1=Pending
    &ID2=12346&Amount2=23.00&Confirm2=&Date2=31/05/2009 16:01:00&Status2=Pending

    2. Reply in case of success (STATUS - no refund request found):

    
                            Reply=0&ReplyDesc=Success&RequestCount=0&RequestedAmount=0.00
                        

    3. Reply in case of success (DELETE - the only refund request was deleted):

    Reply=0&ReplyDesc=Success&RequestCount=0&RequestedAmount=0.00

    4. Reply in case of success (CREATE):

     Reply=0&ReplyDesc=Success&RequestID=13315&RequestCount=2&RequestedAmount=123.00
    &ID1=12345&Amount1=100.00&Confirm1=&Date1=31/05/2009 15:59:00&Status1=Pending
    &ID2=12346&Amount2=23.00&Confirm2=&Date2=31/05/2009 16:01:00&Status2=Pending

    5. Reply in case of failure:

    Reply=4&ReplyDesc=Refund amount exceeds the transaction amount
                  

    Reply Codes

    00 = Success
    01 = Merchant not found or not authorized
    02 = Missing or invalid RefTransID
    03 = Invalid refund amount
    04 = Refund amount exceeds the transaction amount
    05 = Missing or invalid Action
    06 = Partial refund is not allowed
    07 = Unapproved IP address
    08 = Incorrect MD5 signature
    09 = No request for that transaction
    10 = Cannot be deleted, multiple requests for that transaction, specify RequestID
    11 = Invalid RequestID
    12 = Unable to refund transaction that is older then one year

  • Payment Solutions

    Credit Cards

    SILENT POST

    PAGE URL

    https://process.coriunder.com/member/remote_charge.asp

    Request Fields

    Field Description MaxLength Required 1
    CompanyNum Your company number - ####### 7 Yes
    TransType 2 Transaction type: 0 = Debit Transaction 1 = Authorization only 2 = Capture 3 = Charge stored credit card (pass the stored card ID in CcStorageID field) 2 Yes
    CcStorageID When charging stored credit card, the ID of the stored card. 9 No 4
    CardNum Credit card number to be charged 20 Yes 3
    ExpMonth Expiration month (MM) 2 Yes 3
    ExpYear Expiration year (YYYY) 4 Yes 3
    Track2 Track 2 of credit card number 20 No 4
    Member Cardholder name as it appears on the card 50 Yes 3
    TypeCredit 2 1 = Debit 8 = Installments 0 = Refund 1 Yes
    Payments Number of installments, 1 for regular transaction 2 Yes
    Amount Amount to be charged, e.g. 199.95 10 Yes
    Currency 0 = ILS (Israel New Shekel)
    1 = USD (US Dollar)
    2 = EUR (Euro)
    3 = GBP (UK Pound Sterling)
    4 = AUD (Australian Dollar)
    5 = CAD (Canadian Dollar)
    6 = JPY (Japanese Yen)
    7 = NOK (Norwegian Krone)
    8 = PLN (Polski zloty)
    9 = MXN (Mexican Peso)
    10 = ZAR (South African Rand)
    11 = RUB (Russian Ruble)
    12 = TRY (Turkish lira)
    13 = CHF (Swiss franc)
    14 = INR (Indian rupee)
    15 = DKK (Danish krone)
    16 = SEK (Swedish krona)
    17 = CNY (Chinese yuan)
    18 = HUF (Hungarian forint)
    19 = NZD (New Zealand dollar)
    20 = HKD (Hong Kong dollar)
    21 = KRW (South Korean won)
    22 = SGD (Singapore dollar)
    23 = THB (Thai baht)
    24 = BSD (Bahamian Dollar)
    1 Yes
    CVV2 3-5 digits from back of the credit card 5 Not Applicable
    Email Cardholder email address 50 Not Applicable
    PersonalNum Cardholder Driver ID or social security number 20 Not Applicable
    DateOfBirth Date of birth of card holder format should be yyyyMMdd 8 Optional
    PhoneNumber Cardholder phone number 20 Not Applicable
    ClientIP IP address of the client making the purchase 15 Not Applicable
    BillingAddress1 1st Address line 100 Not Applicable
    BillingAddress2 2nd Address line 100 Optional
    BillingCity City name 60 Optional
    BillingZipCode Zip Code number 15 Optional
    BillingState State - 2 character iso format
    Required only when BillingCountry is US/CA.
    5 Optional
    BillingCountry Country - 2 character iso format 5 Optional
    ConfirmationNum Confirmation number 7 Optional
    Order Unique Text used to defer one transaction from another 100 Optional
    Comment Optional text used mainly to describe the transaction 500 Optional
    TransApprovalID Authorized transaction ID. Used to specify the initial pre-auth transaction ID
    when capturing pre-auth transaction (TransType = 2).
    10 Optional
    RefTransID Reference transaction ID. Used to specify the original transaction id
    when TypeCredit = 0 or when needed to complete missing transaction data.
    10 Optional
    TrmCode When activated and applied in merchant config, this parameter selects the exact terminal to use 4 Optional
    AutoCaptureHours Authorization only (TransType=1), the number of hours to wait before automatic capture is carried out.
    If omitted, the authorized transaction will not be captured automatically.
    2 Optional
    RetURL 3D secure only, In cases where 553 is returned.
    the client should be redirected to bank's site.
    when the interaction with bank is done, the client is redirected to this URL.
    255 Optional
    StoreCc Specifies, if the credit card should be stored in case of success:
    0 = Do not store the card (default)
    1 = Store the card
    In order to store the credit card,
    Credit Card Storage service should be enabled in your account.
    1 No 4
    AutoWalletRegistration Send 1 to create new wallet for the customer using customer data and CC details.
    Wallet is created only in case of success.
    1 No
    Signature Signature for verifying the authenticity of the request parameters.
    Field values to use: CompanyNum + TransType + TypeCredit + Amount + Currency + CardNum + RefTransID + PersonalHashKey
    Refer to BASIC INFO SIGNATURE for detailed explanation.
    50 Optional

    Recurring:

    See Recurring information for detailed description and for some useful examples. Pay attention: recurring series is limited in time. The maximum duration is 10 years.

    RecurringTransType Specifies transaction type for subsequent transactions. Does not affect the initial transaction. Accepts the same values as TransType. If omitted, all the subsequent transactions will be of the same type as the initial transaction. 1 Optional
    Recurring1 Parameter for first stage in the recurring series 12 Optional
    Recurring2 Parameter for second stage in the recurring series 12 Optional
    Recurring3 Parameter for third stage in the recurring series 12 Optional
    Recurring4 Parameter for fourth stage in the recurring series 12 Optional
    Recurring5 Parameter for fifth stage in the recurring series 12 Optional
    Recurring6 Parameter for sixth stage in the recurring series 12 Optional

    Response Fields

    Field Description
    TransType Transaction type
    Reply Reply code (see list below)
    TransID Transaction number
    Date Transaction time and date
    Order Transaction id or order number that was supplied by merchant
    Amount Transaction amount
    Payments Number of payments
    Currency Transaction currency
    ConfirmationNum Confirmation number
    Comment Comment as it was sent by the merchant
    ReplyDesc Reply description
    CCType Credit card brand name
    Descriptor Bank statement descriptor for this transaction
    RecurringSeries Recurring series number (only if recurring series has been created)
    Last4 Last four digits of the credit card number
    CcStorageID 4 The ID of the credit card in the Credit Card Storage
    WalletID The ID of the newly created wallet for the customer
    D3Redirect in case Reply=553 the client has to be redirected to this address to complete the transaction.
    signType at the moment, this value always equal to SHA256
    Signature a base64, urlEncoded, SHA256 of response values: to regenerate the value: 1. long_values_string = Reply + TransID + Order + Amount + Currency 2. urlEncode(base64(sha356( (long_values_string) + (merchant HashKey) )))
                    TransType=0&Reply=000&TransID=12345&Date=01/01/2000 00:00:01
                    &Order=A1234&Amount=10.99&Payments=1&Currency=0&ConfirmationNum=0123456
                    &Comment=White box&ReplyDesc=SUCCESS&CCType=VISA&Descriptor=abc ltd.
            

    Reply Codes

    000 = Authorized transaction
    001 = Transaction accepted, waiting authorization
    xxx = Transaction was not Authorized, see unauthorized comment explanation

    (1) Some field requirements are dependent on merchant configuration and can be change on your request (2) First option is default when field is empty (3) This field must be omitted when charging stored credit card (TransType=3) (4) This field is relevant only when Credit Card Storage service is enabled in the merchant account

  • HOSTED PAYMENT PAGE VER.2 - ABOUT

    Hosted Payments Page is suitable for all web sites that need to process credit card payments in real-time.
    We host and manage the payment page, which is secured by it's own SSL certificate and customisable via an online wizard.
    Suited to all sizes of merchants, it is highly cost effective and operates on an extremely robust infrastructure.
    Supports 3D verification with authentication of "Verified by Visa" and "MasterCard SecureCode".

    • Supports all transaction types
    • Multilanguage - speak to your customers in their own language
    • 3D Secure capability
    • Cost savings - does not require an SSL certificate
    • Ensures merchants are compliant with scheme regulations (PCI DSS compliant solution)
  • HOSTED PAYMENT PAGE VER.2 - MESSAGE FIELDS

    PAGE URL

    https://services.coriunder.com/hosted

    Request Fields

    Field Description Max Length Required 1
    merchantID Your 7 digits merchant number - ####### 7 Yes
    signature Signature for verifying the authenticity of the request parameters.
    Field values to use: All parameters in the order they appear in the request, first GET then POST + PersonalHashKey.

    more information can be found at the Signature section in this page
    30 Yes
    trans_amount
    Amount to be charge
    (example: 199.95)
    20 Yes
    trans_currency
    ILS = Israel New Shekel
    USD = US Dollar
    EUR = Euro
    GBP = UK Pound Sterling
    AUD = Australian Dollar
    CAD = Canadian Dollar
    JPY = Japanese Yen
    NOK = Norwegian Krone
    PLN = Polski zloty
    MXN = Mexican Peso
    ZAR = South African Rand
    RUB = Russian Ruble
    TRY = Turkish lira
    CHF = Swiss franc
    INR = Indian rupee
    DKK = Danish krone
    SEK = Swedish krona
    CNY = Chinese yuan
    HUF = Hungarian forint
    NZD = New Zealand dollar
    HKD = Hong Kong dollar
    KRW = South Korean won
    SGD = Singapore dollar
    THB = Thai baht
    BSD = Bahamian Dollar
    3 Yes
    trans_type 0 = Debit Transaction (Default when field is empty)
    1 = Authorization only
    1 Yes
    trans_installments Number of installments, 1 for regular transaction 2 Yes
    trans_refNum Unique text used to defer one transaction from another 100 Optional
    trans_comment Optional text used mainly to describe the transaction 255 Optional
    trans_storePm Send value of 1 to save the payment method for future use if the transaction success 1 Optional
    disp_payFor Text shown to buyer in payment window, Usually description of purchase (Cart description, Product name) 40 Optional
    disp_paymentType List of payment types that are available to the client.
    Available values are can be found here: Payment Methods.
    this list is use the abbreviation field from the list. If more than one, use comma to separate the values.
    (example: CC,ED)
    80 Optional
    disp_lng The default language for the UI text in the window.
    If omitted, language is taken from user's browser settings.

    Available values are:
    he-IL = עברית (ישראל)
    en-US = English (United States)
    fr-FR = français (France)
    es-ES = español (España, alfabetización internacional)
    lt-LT= lietuvių (Lietuva)
    ru-RU = русский (Россия)
    de-DE = Deutsch (Deutschland)
    zh = 中文
    5 Optional
    disp_lngList Specifies the language(s) available to user in the Language Selector in the window.

    Available values are:
    all = all languages are available (default if the field is empty or omitted)
    hide = the language selector is hidden
    comma-separated list of codes for enabling specific language(s).

    For example, disp_lngList=en-us,it-it will allow user to switch between English and Italian, and disp_lngList=en-us will show English only.
    The available languages are listed in the disp_lng field description.
    5 Optional
    disp_recurring Specifies the deviations from the standard display of the recurring charges.

    Available values are:
    0 = standard display (default if the field is empty or omitted)
    1 = hide the number of charges in the last stage of the recurring series
    3 Optional
    disp_mobile Specifies that the ui should be sized to small screen.

    Available values are:
    auto = auto detect if the client device has small screen
    true = show small size UI for small screens
    false = shows normal UI
    3 Optional
    client_id available soon 10 Optional
    client_AutoRegistration Send value of 1 to create wallet for the customer if not already exist (match by email) and return the id of the wallet 1 Optional
    url_notify
    The URL for notifying your system with the transaction result.
    Must include http:// or https://.
    This parameter can be configured in Hosted Page V.2 under the Management section. If specified in the request, overrides the configured value.
    255 Optional
    url_redirect
    The URL to which the buyer’s browser is redirected to after completing the payment
    Must include http:// or https://.
    This parameter can be configured in under the Management section. If specified in the request, overrides the configured value.
    255 Optional
    skin_no
    The skin number to apply to the window opened by the request.
    The skins can be configured in the page.
    2 Optional

    Automatic filling of form data:

    client_fullName Cardholder full name 50 Optional
    client_email Cardholder Email address 50 Optional
    client_phoneNum Cardholder phone number 15 Optional
    client_idNum Government issued ID number 9 Optional

    client_billAddress1 Client billing address line 1 50 Optional
    client_billAddress2 Client billing address line 2 50 Optional
    client_billCity Client billing city 20 Optional
    client_billZipcode Client billing zip code 20 Optional
    client_billState Client billing state in 2 char ISO code 2 Optional
    client_billCountry Client billing country in 2 char ISO code 2 Optional

    Recurring:

    See Recurring information for detailed description and for some useful examples.

    Notice: The customer can see the recurring series description containing the charge amount and the number of charges for each stage. If the number of charges in the last stage is 99, that number will not appear in the description.

    The recurring series is subject to the following configurable limitations:

    • Overall duration: 3 years
    • Number of stages: 4
    • Overall number of charges: 400
    trans_recurringType Specifies transaction type for subsequent transactions.
    Does not affect the initial transaction.
    Accepts the same values as trans_type.
    If omitted, all the subsequent transactions will be of the same type as the initial transaction.
    1 Optional
    trans_recurring1 Parameter for first stage in the recurring series
    12 Optional
    trans_recurring2 Parameter for second stage in the recurring series 12 Optional
    trans_recurring3 Parameter for third stage in the recurring series 12 Optional
    trans_recurring4 Parameter for fourth stage in the recurring series 12 Optional
    trans_recurring5 Parameter for fifth stage in the recurring series 12 Optional
    trans_recurring6 Parameter for sixth stage in the recurring series 12 Optional

    User defined parameters:

    You can append your own fields to the request.
    These fields will be stored during the request processing and returned with the reply.
    Use this to transfer more information to your url_redirect and url_notify pages.
    2000 2 Optional

    Response Fields

    Field Description
    replyCode Transaction authorization (see list below)
    replyDesc Reply description
    trans_id Transaction number
    trans_date Transaction time and date
    trans_amount A returned field from the request
    trans_currency A returned field from the request
    trans_installments A returned field from the request
    trans_refNum A returned field from the request
    client_id A returned field from the request
    client_wallet_id The id of customer's wallet if request includes client_AutoRegistration=1
    storage_id A returned storage_id if request includes trans_storePm=1
    paymentDisplay Description of the payment method used in the transaction.
    For credit cards, the description consists of the card type and the last four digits of the card number.
    For bank transfers, the description consists of the platform name and the last four digits of the account.
    signature Signature for verifying the authenticity of the Response parameters.
    Field value used: replyCode + trans_id + PersonalHashKey

    Refer to for detailed explanation.
    client_fullName Cardholder full name 3
    client_phoneNum Cardholder phone number 3
    client_email
    Cardholder Email address
    recurringSeries_id Recurring series ID number (if recurring series has been created)
    
                replyCode=000&replyDesc=SUCCESS&trans_id=123456&trans_date=01/01/2000 00:00:01&trans_amount=10.99
    &trans_currency=USD&trans_installments=1&trans_refNum=A1234567&client_id=1234

    Reply Codes

    000 = Authorized transaction
    001 = Transaction accepted, waiting authorization
    xxx = Transaction was not Authorized, see unauthorized comment explanation

    - For a more detail list of reply codes

    Signature

    The goal of the signature is to verify the request comes form the merchant and not from unauthorized party.
    The idea here is to create a hash string that contains the values from the request plus a security value (personal hash key) that is known only to the merchant and us.
    In order to compute this value you should concatenate all the values in the request in the same order they appear in the request (first GET parameters and then POST parameters), to this values string you should concatenate the personal hash key (which can be found).
    Then hash the result using SHA256, encode it with base64 and add a signature parameter with the result to the request (note that if you add the signature parameter to the URL you should also encode the result with URL encoding).

    for example:
    assuming merchantID = 1234567, trans_amount = 5.3, trans_currency = ILS, personal hash key = abcd
    then the request string will be: merchantID=1234567&trans_amount=5.3&trans_currency=ILS
    and the values string will be: 12345675.3ILS
    after adding the personal hash key the value string should be: 12345675.3ILSabcd
    base64(SHA256) of it is kXLFnMcwx2e9pVwtPTIAY0X+JkOJlfkbH+sg1CivF2E=
    then you can add to the request a url encoded signature parameter which will make the request looks like:

    
                    merchantID=1234567&trans_amount=5.3&trans_currency=ILS&signature=kXLFnMcwx2e9pVwtPTIAY0X%2BJkOJlfkbH%2Bsg1CivF2E%3D
                    

    For more general information regarding signatures, please refer to:

    (1) Some field requirements are dependent on merchant configuration and can be change on your request
    (2) The overall length of the request is subject to the 2000 byte length restriction
    (3) That field is passed only to Notification URL.

  • ACH / ECHECK - SILENT POST

    PAGE URL

    https://process.coriunder.com/member/remoteCharge_echeck.asp

    Request Fields

    Field Description Max Length
    Type Required 1
    CompanyNum
    Your company number you received from us
    7 String Yes
    AccountName
    Full bank account name
    50 String Yes
    RoutingNumber
    ABA / Routing number / Bank code
    20 Integer Yes
    AccountNumber
    Account number
    20 String Yes
    BankAccountType
    Account Type: 1 = Checking, 2 = Savings
    1 Integer Yes
    BankName
    Name of the bank
    50 String Yes
    BankCity
    City of the bank
    15 String Yes
    BankPhone
    Phone number of the bank
    15 String Yes
    BankState
    2 Char Iso Code 2 String Yes
    BankCountry
    2 Char Iso Code 2 String Yes
    Amount
    Transaction amount
    8 Double Yes
    Currency
    0 = ILS (Israel New Shekel)
    1 = USD (US Dollar)
    2 = EUR (Euro)
    3 = GBP (UK Pound Sterling)
    4 = AUD (Australian Dollar)
    5 = CAD (Canadian Dollar)
    6 = JPY (Japanese Yen)
    7 = NOK (Norwegian Krone)
    8 = PLN (Polski zloty)
    9 = MXN (Mexican Peso)
    10 = ZAR (South African Rand)
    11 = RUB (Russian Ruble)
    12 = TRY (Turkish lira)
    13 = CHF (Swiss franc)
    14 = INR (Indian rupee)
    15 = DKK (Danish krone)
    16 = SEK (Swedish krona)
    17 = CNY (Chinese yuan)
    18 = HUF (Hungarian forint)
    19 = NZD (New Zealand dollar)
    20 = HKD (Hong Kong dollar)
    21 = KRW (South Korean won)
    22 = SGD (Singapore dollar)
    23 = THB (Thai baht)
    24 = BSD (Bahamian Dollar)
    1 Integer Yes
    CreditType 2
    1 = Debit
    0 = Refund
    1 Integer Yes
    BirthDate
    Birth date of the customer formated as yyyy/mm/dd
    10 Date Yes
    BillingAddress1
    1st Address line
    100 String Not Applicable
    BillingAddress2
    2nd Address line, Ok to leave out
    100 String Optional
    BillingCity
    City name
    60 String Not Applicable
    BillingZipCode
    Zip Code number
    15 String Not Applicable
    BillingState
    State - 2 character iso format
    Required only when BillingCountry is US/CA.
    5 String Not Applicable
    BillingCountry Country - 2 character iso format
    5 String Applicable
    Email
    Account owner email
    50 String Not Applicable
    PersonalNum
    Social security number
    20 String Not Applicable
    PhoneNumber
    Account owner phone number
    20 String Not Applicable
    Order
    Transaction unique id, which is sent back with the reply
    100 String Optional
    Comment
    Client memo
    500 String Optional
    RefTransID
    Reference transaction ID. Used to specify the original transaction id when TypeCredit = 0 or TypeCredit = 4 or when needed to complete missing transaction data.
    10 Integer Optional

    Response Fields

    Field Description
    replyCode Transaction authorization (see list below)
    replyMessage Reply message in English
    transId Transaction number
    transDate Transaction time and date
    transAmount Transaction amount
    transCurrency Transaction currency
    transOrder Transaction id or order number that was supplied by merchant
    transComment Comment as it was sent by the merchant
    confirmationNumber Confirmation number
                replyCode=000&replyMessage=SUCCESS&transId=12345&transDate=01/01/2000 00:00:01
                &transAmount=10.99&transCurrency=1&transOrder=T1234&transComment=White box&confirmationNumber=0123456
            

    Reply Codes

    000 = Authorized transaction
    001 = Transaction accepted, waiting authorization
    xxx = Transaction was not Authorized, see unauthorized comment explanation

    Consumer Consent

    Merchant must add this following consumer consent for the transaction and rules and regulations at the page where the consumer is entering his debit information

                                <input type="Checkbox" name="IsEcheckAgree" value="1"> I here by authorize  to charge the above amount using my bank account details provided above.
                                I also give my consent to the <a href="javascript:var winShow=window.open('rulesPop.asp', 'fraRules', 'TOP=0, LEFT=0, WIDTH=400, HEIGHT=300, scrollbars=yes');">rules & regulations</a> presented.
                                

    (1) Some field requirements are dependent on merchant configuration and can be change on your request
    (2) First option is default when field is empty

  • INSTANT BANK DEBIT - SILENT POST

    PAGE URL

    https://process.coriunder.com/member/remoteCharge_echeck.asp

    Request Fields

    Field Description Max / Length Type Required 1
    CompanyNum Your company number you received from us 7 String Yes
    PaymentMethod 2 The ID of the Payment Method.
    Click here to see supported List
    3 Integer Yes
    AccountName Full bank account name 50 Integer Yes
    RoutingNumber Routing number / Bank code 20 Integer Yes
    AccountNumber Account number 20 String Yes
    BankCountry 2 Char Iso Code 2 String Yes
    BankID Bank ID returned from banklist 2 Integer Yes, for bank transfer
    Amount Transaction amount 8 Double Yes
    Currency 0 = ILS (Israel New Shekel)
    1 = USD (US Dollar)
    2 = EUR (Euro)
    3 = GBP (UK Pound Sterling)
    4 = AUD (Australian Dollar)
    5 = CAD (Canadian Dollar)
    6 = JPY (Japanese Yen)
    7 = NOK (Norwegian Krone)
    8 = PLN (Polski zloty)
    9 = MXN (Mexican Peso)
    10 = ZAR (South African Rand)
    11 = RUB (Russian Ruble)
    12 = TRY (Turkish lira)
    13 = CHF (Swiss franc)
    14 = INR (Indian rupee)
    15 = DKK (Danish krone)
    16 = SEK (Swedish krona)
    17 = CNY (Chinese yuan)
    18 = HUF (Hungarian forint)
    19 = NZD (New Zealand dollar)
    20 = HKD (Hong Kong dollar)
    21 = KRW (South Korean won)
    22 = SGD (Singapore dollar)
    23 = THB (Thai baht)
    24 = BSD (Bahamian Dollar)
    1 Integer Yes
    CreditType 2 1 = Debit
    0 = Refund
    4 = Client Confirm
    1 Integer Yes
    BirthDate Birth date of the customer formated as yyyy/mm/dd 10 Date Yes
    BillingAddress1 1st Address line 100 String
    BillingAddress2 2nd Address line, Ok to leave out 100 String Optional
    BillingCity City name 60 String
    BillingZipCode Zip Code number 15 String
    BillingState State - 2 character iso format
    Required only when BillingCountry is US/CA.
    5 String
    BillingCountry
    Country - 2 character iso format 5 String
    Email Account owner email 50 String
    PersonalNum Social security number 20 String
    PhoneNumber Account owner phone number 20 String
    Order Transaction unique id, which is sent back with the reply 100 String Optional
    Comment Client memo 500 String Optional
    RefTransID Reference transaction ID. Used to specify the original transaction id when TypeCredit = 0 or TypeCredit = 4 or when needed to complete missing transaction data. 10 Integer Optional
    PinCode In cases where 552 is returned. SMS with unique transaction PinCode will be send to the customer's phone number.
    you should send another request with only CompanyNum, TypeCredit = 4, RefTransID and PinCode in order to complete the transaction
    10 Integer Optional
    RetURL In cases where 553 is returned. the client should be redirected to bank's site. when the interaction with bank is done, the client is redirected to this URL. 255 String Optional
    TransApprovalID In cases where 553 is returned. Authorization code of first transaction request. 50 String Optional

    Response Fields

    Field Description
    replyCode Transaction authorization (see list below)
    replyMessage Reply message in English
    transId Transaction number
    transDate Transaction time and date
    transAmount Transaction amount
    transCurrency Transaction currency
    transOrder Transaction id or order number that was supplied by merchant
    transComment Comment as it was sent by the merchant
    confirmationNumber Confirmation number
    replyCode=000&replyMessage=SUCCESS&transId=12345&transDate=01/01/2000 00:00:01
                &transAmount=10.99&transCurrency=1&transOrder=T1234&transComment=White box&confirmationNumber=0123456

    Reply Codes

    000 = Authorized transaction
    001 = Transaction accepted, waiting authorization
    552 = Transaction accepted, but will not be processed until PinCode is confirmed
    553 = Transaction initiated but you should redirect the customer to the bank's site to confirm the transaction. when done, the bank will redirect him back to your site (by RetUrl parameter).
    xxx = Transaction was not Authorized, see unauthorized comment explanation

    Consumer Consent

    Merchant must add this following consumer consent for the transaction and rules and regulations at the page where the consumer is entering his debit information

    Implementation Notes

    Push Bank transfer implementations requires more steps that should be implemented
    • The user should first select his bank country.
    • Send the selected country to the following link:
      https://process.coriunder.com/member/remoteCharge_echeckGetBanks.asp?PaymentMethod=149&CompanyNum=[your compnay number]&Currency=[transaction currency]&Country=[Country Code]

      as a result, you will get back the following:

      Reply=000&BankList=7,Deutsche Bank,logoURL;8,Postbank,logoURL;31,Commerzbank,logoURL;

      where BankList is a comma separated list composed of bankID and bank name.

    • After the user select a bank from the returned list, send all the information to:
      https://process.coriunder.com/member/remoteCharge_echeck.asp [see instant bank debit - Silent Post].
      As a result you will get back TransID among other information of the transaction.

    • Send the transID to get the bank account the customer should transfer money to :
      https://process.coriunder.com/member/remoteCharge_echeckGetBanks.asp?PaymentMethod=149&CompanyNum=[your compnay number]&Currency=[transaction currency]&Country=[Country Code]&TransID=[returned TransID]

      the format of the result is:

      Reply=000&BankInfo=[address of the bank]&AccountInfo=[swift, IBAN]&TransferInfo=[transfer reference code and additional transfer info]&BankURL=[the URL for the customer to login his bank account]

      Use this information to present the client the necessary details to complete the transfer together with the link to his bank account.

    • The transaction is considered 'Pending' (reply=001) until the client transfer the money to the returned account and the bank send us notification about the transfer.
    • When transaction status change to approve/decline, we will send you a hidden notification as usual.

    (1) Some field requirements are dependent on merchant configuration and can be change on your request
    (2) First option is default when field is empty

  • Services

    VERIFY TRANSACTIONS - ABOUT

    What is Transaction Verification

    Transaction Verification is intended for merchants who are using either silent post or hosted payment page to make transactions, if they wish to verify one more time (at the end of a successful transaction) that the transaction has been received at <Company Name> with the correct data.
    With Transaction Verification you can verify, that an integrity of a transaction has been maintained during transmission to and from <Company Name> system.

    When to use

    If you are using hosted payment page or silent post, it is recommended to use Transaction Verification just after a transaction has been completed successfully.

    How to use

    To use Transaction Verification, send HTTP request from your server just after successfully completed transaction.
    For details about request and response fields, visit VERIFY TRANSACTIONS - Message Fields page.

  • VERIFY TRANSACTIONS- MESSAGE FIELDS

    PAGE URL

    https://process.coriunder.com/member/verify_trans.asp

    Request Fields

    Field
    Description Max Length Required
    CompanyNum Your company number - ####### 7 Yes
    TransID ID number of transaction to be verified 7 Yes
    TransDate The transaction date in our system in format dd/MM/yyyy HH:mm:ss 17 Yes
    TransType< 0 = Debit Transaction
    1 = Authorization only
    2 = Pending Transaction
    1 Yes
    TransAmount Amount to be charged
    (example: 199.95)
    8 Yes
    TransCurrency 0 = ILS (Israel New Shekel)
    1 = USD (US Dollar)
    2 = EUR (Euro)
    3 = GBP (UK Pound Sterling)
    4 = AUD (Australian Dollar)
    5 = CAD (Canadian Dollar)
    6 = JPY (Japanese Yen)
    7 = NOK (Norwegian Krone)
    8 = PLN (Polski zloty)
    9 = MXN (Mexican Peso)
    10 = ZAR (South African Rand)
    11 = RUB (Russian Ruble)
    12 = TRY (Turkish lira)
    13 = CHF (Swiss franc)
    14 = INR (Indian rupee)
    15 = DKK (Danish krone)
    16 = SEK (Swedish krona)
    17 = CNY (Chinese yuan)
    18 = HUF (Hungarian forint)
    19 = NZD (New Zealand dollar)
    20 = HKD (Hong Kong dollar)
    21 = KRW (South Korean won)
    22 = SGD (Singapore dollar)
    23 = THB (Thai baht)
    24 = BSD (Bahamian Dollar)
    1 Yes

    Reply Codes

    00 = Transaction exists
    10 = Not enough data or invalid data
    11 = Merchant does not exist
    12 = Transaction number does not exist or is not associated with merchant
    13 = Transaction date does not match
    14 = Transaction amount does not match
    15 = Transaction currency type does not match
    16 = Pending transaction approved
    17 = Pending transaction declined

  • STORING CREDIT CARDS - - MESSAGE FIELDS

    PAGE URL

    https://process.coriunder.com/member/store_card.asp

    Request Fields

    Field Description Max
    Length
    Required
    CompanyNum Your company number - ###### 7 Yes
    CardNum Credit card number to be charged 20 Yes
    ExpMonth Expiration month (MM) 2 Yes
    ExpYear Expiration year (YYYY) 4 Yes
    CHFullName Cardholder name as it appears on the card 50 Yes
    CVV2 3 digit number from back of the credit card 5 Optional
    CHEmail Cardholder email address 50 Optional
    CHPersonalNum Cardholder Driver id or social security number 20 Optional
    CHPhoneNumber Cardholder phone number 20 Optional
    Comment Usually used to display product name in reporting system 255 Optional
    billingStreet1 Client billing address line 1 50 Optional
    billingStreet2 Client billing address line 2 50 Optional
    billingCity Client billing city 20 Optional
    billingZipcode Client billing zip code 20 Optional
    billingState Client billing state in 2 char ISO code 2 Optional
    billingCountry Client billing country in 2 char ISO code 2 Optional
    Signature
    Signature for verifying the authenticity of the request parameters.
    Field values to use: CompanyNum + PersonalHashKey

    Refer to for detailed explanation.
    30 Optional

    Response Fields

    Field Description
    ReplyCode
    Reply code (see list below)
    ReplyDesc
    Reply description
    CardId
    Stored credit card ID number, to be passed as ccStorageID in Silent Post request
    InsertDate
    Exact date and time at the server
    Comment
    A returned field from the request
                    ReplyCode=00&ReplyDesc=Card has been stored successfully
    &CardId=12345&InsertDate=01/01/2000 00:00:01&Comment=test 123

    Reply Codes

    00 = Card has been stored successfully
    10 = One of the required fields is missing or invalid
    11 = Invalid Company or signature
    12 = Unrecognizable card type or invalid card number
    13 = Merchant is unauthorized to use Card Storage
    14 = Merchant is closed or blocked
    15 = Parameter CardID missing
    16 = Invalid Company or signature
    17 = Invalid CVV2

  • PAYMENT METHOD STORAGE - MESSAGE FIELDS

    PAGE URL

    Request Fields

    Field
    Description
    Max / Length Required 1
    merchantID Your 7 digits merchant number - ####### 7 Yes
    signature Signature for verifying the authenticity of the request parameters.
    Field values to use: merchantID + PersonalHashKey

    Refer to for detailed explanation.
    30 Yes
    trans_comment Optional text used mainly to describe the transaction 500 Optional
    disp_payFor Text shown to buyer in payment window, Usually description of purchase (Cart description, Product name) 40 Optional
    disp_paymentType List of payment types that are available to the client.
    If more than one, use comma to seperate the values.
    (example: CC,ED)

    Available values are:
    CC = Credit Card
    12 Optional
    disp_lng Language Code for the UI text in the window.
    If omitted, language is taken from user's browser settings.

    Available values are:
    en-us = English USA
    it-it = Italian Italy
    he-il = Hebrew Israel
    5 Optional
    client_id
    available soon 10 Optional
    url_notify The URL for notifying your system with the transaction result, Must include http:// or https://.
    (this parameter can be configured in under the managment section, if your send this parameter with the request it will overrides the configured value).
    255 Optional
    url_redirect
    The URL to which the buyer’s browser is redirected to after completing the payment, Must include http:// or https://.
    (this parameter can be configured in Hosted Page V.2 under the managment section, if your send this parameter with the request it will overrides the configured value).
    255 Optional

    Automatic filling of form data:

    client_fullName
    Cardholder full name 50 Optional
    client_email
    Cardholder Email address 50 Optional
    client_phoneNum
    Cardholder phone number 15 Optional
    client_idNum
    Government issued ID number 9 Optional
    client_billAddress1 Client billing address line 1 50 Optional
    client_billAddress2 Client billing address line 2 50 Optional
    client_billCity Client billing city 20 Optional
    client_billZipcode Client billing zip code 20 Optional
    client_billState Client billing state in 2 char ISO code 2 Optional
    client_billCountry Client billing country in 2 char ISO code 2 Optional

    User defined parameters:

    You can append your own fields to the request.
    These fields with be stored during the request processing and returned with the reply.
    Use this to transfer more information to your url_redirect and url_notify pages.
    2000 2 Optional

    Response Fields

    Field Description
    replyCode Transaction authorization (see list below)
    replyDesc Reply description
    storage_id storage number
    store_date storage time and date
    client_id A returned field from the request
    paymentMethod Description of the payment method used in the transaction.
    For credit cards, the description consists of the card type and the last four digits of the card number.
    For bank transfers, the description consists of the platform name and the last four digits of the account.
    signature Signature for verifying the authenticity of the response parameters.
    Field values used: replyCode + storage_id + PersonalHashKey

    Refer to for detailed explanation.
    replyCode=00&replyDesc=SUCCESS&storage_id=123456&store_date=01/01/2000 00:00:01&client_id=1234

    Reply Codes

    00 = Store succeeded
    xx = store failed, see reply Desc for explanation
    - For a more detail list of reply codes
    (1) Some field requirements are dependent on merchant configuration and can be change on your request
    (2) The overall length of the request is subject to the 2000 byte length restriction

  • LOGIN TOKEN

    Service to request a credentials token, used in other services for getting an authorize access.

    Service URL

    https://webservices.Coriunder.com/Merchants.asmx/Login

    Request Formats

    The service accept calls in the following protocols:
    SOAP, XML, HTTP POST and JSON

    for SOAP calls you may use the wsdl declaration in the following address:
    https://webservices.Coriunder.com/Merchants.asmx?WSDL

    <Login xmlns="http://Coriunder.com/">
                <email>string</email>
                <userName>string</userName>
                <password>string</password>
                <signature>string</signature>
                </Login>
    Field Description Max Length Required
    email your login email 255 Yes
    userName your login user name 50 Yes
    password your login password 50 Yes
    signature Signature for verifying the authenticity of the request parameters.
    Field values to use: email + userName + password + hashKey

    Refer to BASIC INFO SIGNATURE for detailed explanation.
    64 Yes

    Response Formats

    <LoginResult>
                <Result>string</Result>
                <CredentialsToken>guid</CredentialsToken>
                </LoginResult>
    Field Description Max Length Required
    Result a string with result of login
    255 Yes
    CredentialsToken * a guid that will be used to subsequent call to the service 32 Yes

    * The token expires after 20 minutes