Commerce Ingenico

Module provides Ingenico ePayments (aka Ogone) integration for the Drupal Commerce framework.

Features

• Module provides 2 payment gateways:

  • Ingenico DirectLink (on-site) - allows customers to enter their payment details directly on the merchant page without being redirected off-site,
  • Ingenico e-Commerce (off-site) - hosted payment method that redirects customers off-site and returns them to the merchant page after a successful payment is made.

• Both payment gateways support Authorize and capture and Authorize only transaction modes, as selected on Commerce's Checkout flow configuration page. The Authorize only transaction mode allows merchants to capture a transaction at a later time, which can be useful for avoiding refunds.

• Both gateways support 3-D Secure credit card authentication when available.

  e-Commerce does the authentication by default, without any additional configuration required (if only the credit card being used supports it), while in case of DirectLink 3-D Secure needs to be enabled first on the payment gateway configuration page.

  Note that to use 3-D Secure authentication with DirectLink, the e-Commerce payment gateway needs to be defined as well, as when using 3-D Secure the payments initiated in DirectLink mode will end in e-Commerce mode.

• Both payment gateways support the following maintenance operations:

  • authorization capture,
  • authorization void,
  • authorization renewal,
  • captured payment refund.

• DirectLink gateway supports Ingenico's Alias Gateway, which allows reusing credit cards for future payments without re-entering their details each time.

  No sensitive credit card information is stored locally - instead only the credit card alias generated by the Alias Gateway after the first payment is stored and used for all future payments.

  Currently it is not possible to create and use credit card aliases with e-Commerce gateway, as it is not supported by Drupal Commerce yet. See relevant d.o. issue Allow offsite payment gateways to create and use payment methods for more information.

• e-Commerce gateway provides multilingual support, with any off-site pages (including 3-D Secure) being rendered in the language selected by the merchant in the gateway configuration.

Known issues

• It is not yet possible to create and use credit card aliases with off-site e-Commerce gateway, as it is not supported by Drupal Commerce yet. See relevant d.o. issue Allow offsite payment gateways to create and use payment methods for more information.

• When adding a new payment for orders created from the admin UI using a credit card that supports 3-D Secure, the return from the 3-D Secure pages fails. There is a pull request waiting to be merged into Drupal Commerce that will fix the issue.

Installation

Configure Ingenico

• Log in with your Ingenico merchant account to the test or prod environment (depending which one you want to configure)

• Make sure your test account is properly configured and activated

• In Configuration > Account > Your options you should have at least the following options activated:

  • Fraud detection module (FDM)
  • D3D (Direct Link 3D)
  • DirectLink (new payments)
  • Partial maintenance
  • Alias Manager
  • Refunds
  • User Manager up to 5 users

  You might need to contact Ingenico's Customer Care team to activate some of them.

• In Configuration > Users: create a special API user that will be used for the API calls by Drupal - click on the New user button, enter required details, select Admin profile and check the Special user for API (no access to admin) checkbox.

• In Configuration > Technical information:

  • Tab Global transaction parameters:

    • Default operation code setting doesn't matter, as it will depend on the Commerce's Transaction mode value
    • set Processing for individual transactions to Online but switch to offline when the online acquiring system is unavailable.
    • set Default ECI value to 7 - E-commerce with SSL encryption

  • Tab Global security parameters:

    • set Hash algorithm to SHA-512 (most secure)
    • set Character encoding to UTF-8

  • Tab Data and origin verification:

    • set URL of the merchant page containing the payment form that will call the page: orderstandard.asp to your site's base URL
    • set SHA-IN pass phrase twice - both for e-Commerce & Alias Gateway as well as for Ogone DirectLink and Ogone Batch (Automatic) - both keys have to be alphanumeric only and both must have the same value
    • optionally set IP address to that of your server

  • Tab Transaction feedback:

    • In HTTP redirection in the browser section:
    • no need to set Accepturl, Declineurl, Exceptionurl or Cancelurl, as they will be added automatically to each API request
    • enable I would like to receive transaction feedback parameters on the redirection URLs checkbox
    • disable I would like Ingenico e-Commerce Solutions to display a short text to the customer on the secure payment page if a redirection to my website is detected immediately after the payment process checkbox
    • In Direct HTTP server-to-server request section:
    • set Timing of the request to Online but switch to a deferred request when the online requests fail
    • set both URLs of the merchant's post-payment page to https://yoursite.com/payment/notify/<PARAMVAR>
    • set Request method to GET
    • In Security for request parameters section:
    • set SHA-OUT pass phrase

  • Tab Transaction e-mails (optionally):

    • fill in your email address
    • set Receive transaction confirmation e-mails to Yes, for all transaction submission modes
    • set Receive e-mails in the event of offline transaction status changes to Yes, for each offline status change (payment, cancellation, etc.)

Install and configure the module

• Use Composer to get the module with all its dependencies:

  commerce require drupal/commerce_ingenico

  Alternatively download the module manually together with marlon-ogone and mobiledetectlib libraries.

• Add payment gateways at Administration > Commerce > Configuration > Payment gateways. The settings for both gateways are pretty much the same and should reflect your Ingenico account settings.

• You might also want to change / verify the Transaction mode setting to be either Authorize and capture or Authorize only - at Administration > Commerce > Configuration > Checkout flows.

• Make sure that your site is visible from the Internet, as otherwise you will not be able to receive asynchronous server-to-server notifications, which are required to update to payment transaction status.

  For testing the integration on local installations you might use a service like Pagekite to make your local site visible from the Internet.

Testing

Test credit card numbers

*) Although this is a generally accepted test card, if you have configured not to accept "unknown" card types, tests with this card number will be declined.