MyST Rule Manager€¦ · solution, you must ensure you are using the latest version of site...

MyST Rule Manager

Version: 1.7 (c) Published: 2 August 2017

MyST Rule Manager

© Secure Trading Limited 2017 2 August 2017 / 36

Table of Contents

1 Overview ........................................................................................................................................... 3

1.1 Pre-Requisites ............................................................................................................................ 3 1.2 Introduction to Rules .................................................................................................................. 4 1.3 Rule identifiers ........................................................................................................................... 5

2 Interface ............................................................................................................................................ 6

3 Rules .................................................................................................................................................. 7

3.1 Creating Rules ........................................................................................................................... 7 3.2 Activating/deactivating Rules ..................................................................................................... 8 3.3 Deleting Rules ............................................................................................................................ 8

4 Conditions......................................................................................................................................... 9

4.1 Creating Conditions .................................................................................................................... 9 4.2 The “Manage conditions” tab ................................................................................................... 11 4.3 Advanced Settings ................................................................................................................... 13

5 Action types .................................................................................................................................... 14

5.1 Payment pages customer email action .................................................................................... 14 5.2 Payment pages merchant email action .................................................................................... 15 5.3 Payment pages redirect action................................................................................................. 16 5.4 Payment pages required fields action ...................................................................................... 17 5.5 URL Notification action ............................................................................................................. 18 5.6 Update response action ........................................................................................................... 27

6 Actions ............................................................................................................................................ 28

6.1 Creating Actions ....................................................................................................................... 28 6.2 The “Manage actions” tab ........................................................................................................ 30

7 Further Information and Support ................................................................................................. 33

7.1 SecureTrading Support ............................................................................................................ 33 7.2 SecureTrading Sales ................................................................................................................ 33 7.3 Useful Documents .................................................................................................................... 33 7.4 Frequently Asked Questions .................................................................................................... 33

8 Appendix ......................................................................................................................................... 34

8.1 Example of Customer Email Notification .................................................................................. 34 8.2 Example of Merchant Email Notification .................................................................................. 35 8.3 Example of Email Alert for Failed URL Notifications ................................................................ 36

MyST Rule Manager


1 Overview

The “Rule manager” interface enables you to create distinct rules using your MyST account. Secure Trading then use these rules to perform automated actions on your sitereference(s), under pre-specified conditions. The rule manager allows you to activate/deactivate pre-defined system rules on your account or create your own customised rules. For example:

Redirecting a customer to your own website upon a successful transaction. Sending a notification to your system when a transaction has been processed on your

site. Updating a transaction upon receiving a response from the acquiring bank.

For further information on the types of rules that can be created using the rule manager, please refer to section 5.

1.1 Pre-Requisites

Rules can only be configured on MyST by users with the following roles:

Site admin Developer Developer 2

Please refer to the MyST User Guide for further information on roles that can be assigned to MyST users.

If you have previously configured URL or email notifications using our legacy notifications system, these will stop being sent when rules with matching conditions are configured using the new MyST Rule Manager interface.

http://www.securetrading.com/files/documentation/STPP-My-ST-User-Guide.pdf

MyST Rule Manager


1.2 Introduction to Rules

When configuring rules on your account, you need to understand the following three properties:

Rule

Conditions and Actions are joined together to establish a Rule:

A Condition defines the circumstances under which an Action will be performed. An example Condition could be: for all successful Visa authorisations.

Secure Trading will perform an Action when all criteria of a Condition have been met.

An example Action could be: redirect customer’s browser from the Payment Pages to your website.

Example:

Rule

Condition Action

If Error codes in 0

Requests in AUTH

Payment types in Visa then

Redirect to: https://www.merchant.com/visa.php Fields: orderreference, transactionreference

This Condition has multiple criteria that must be met for the Action to be performed.

MyST Rule Manager


1.3 Rule identifiers

Each Rule, once created, is assigned to a single sitereference and issued a unique ID. These are used to categorise the Rules into two types:

1.3.1 Secure Trading Rules

Rules with a Rule ID of “STR-x” (where x is a number) are Secure Trading Rules. e.g. STR-1

Rules and Payment Pages site security

If you are enabling Secure Trading Rules (starting with “STR-“) for a Payment Pages solution, you must ensure you are using the latest version of site security, otherwise this could affect your service and the ability to process payments. How to check if you are using the latest version:

If the site security hash starts with the letter “g” you are using the new version.

If the site security hash does not start with the letter “g” you are using the old version.

For info on the latest version of site security, refer to the Payment Pages Setup Guide. If you are unsure, contact Support for further assistance (section 7.1).

These are pre-defined rules that are available to all merchants and are displayed within the rule manager interface. They can be activated and deactivated at any time on any of your sites. Secure Trading Rules cannot be modified or removed.

1.3.2 User-Defined Rules

Rules with a Rule ID of “UDR-x” (where x is a number) are User-Defined Rules. e.g. UDR-19 These are rules created by MyST users using the Rule Manager interface. Only users with the necessary permissions are able to create/modify rules on your account.

1.3.3 Priority

Secure Trading Rules always take priority over User-Defined Rules. User-Defined Rules of the same action type are processed in the order they were added to the system (e.g. UDR-1000 runs before UDR-1001). See section 5 for a full list of action types.

http://www.securetrading.com/files/documentation/STPP-Payment-Pages-Setup-Guide.pdf

MyST Rule Manager


2 Interface

To access the rule manager, click the “Rule manager” link in the left side menu. The main interface can be divided into three parts, shown below:

(1) In the upper-left, you can select the sitereference that you would like to configure and the

Action type required.

Please refer to section 5 for further information on all available Action types.

(2) The “Information” pane provides relevant information to the Rules displayed on-screen. (3) The table in the lower-half of the page is used to display existing Rules, Conditions and Actions (ordered by creation date). You can toggle the information displayed by clicking the tabs. This table contains three tabs:

1. “Existing rules for site”: This tab allows you to create new Rules* and view, modify and delete existing Rules. See section 3 for further information. *New Rules can only be created once an action type has been selected.

2. “Manage conditions”: This tab allows you to view, modify and delete Conditions. See section 4.2 for further information

3. “Manage actions”: This tab allows you to view, modify and delete Actions.

See section 6.2 for further information

1 2

3

MyST Rule Manager


3 Rules

3.1 Creating Rules

To create a Rule, please follow these steps: 1. Select the sitereference and Action type from the drop-down boxes in the upper-left (1) and

click “Change”. 2. Follow the instructions provided under the “Information” pane (2) and use the buttons

provided to create a Condition and an Action. 3. Under the “Existing rules for site” tab (3), use the drop-down boxes to assign a Condition

to an Action. Click “Save” to add the Rule to your site.

For a walkthrough on creating and activating a Payment Pages redirect rule, please refer to the Payment Pages Setup Guide.

3.1.1 Additional notes on Rule creation

You need to specify an Action type and click “Change” in the upper-left before you can create Rules.

Once a Rule has been created, it is immediately activated. See section 3.2 for

information on activating/deactivating Rules.

Secure Trading recommends testing your Rules on your test site reference before creating them on your live site reference.

1 2

3


MyST Rule Manager


3.2 Activating/deactivating Rules

Rules can be activated/deactivated as required from the table on the lower-half of the page (3).

When a Rule is first created, it will be shown as “Active” under the “Existing rules for site” tab, with a tick in the “Active” column. Rules can be deactivated by un-ticking the “Active” checkbox and pressing “Save” and likewise reactivated by re-ticking the “Active” checkbox and pressing “Save”.

3.2.1 Additional notes on Rule activation/deactivating

Pressing “Save” applies all changes specified on the page, including adding new Rules to your account or changing their “Active” status.

Any user who has access to the “Rule manager” page can change the active status of a Rule on sites associated with their user account.

Please note that you can manually activate Rules on individual transactions by including the unique rule ID (e.g. “STR-1” or “UDR-23”). This is explained in the following documents:

For merchants using Payment Pages: Payment Pages Setup Guide

For merchants using our API: XML Specification.

3.3 Deleting Rules

Rules can be deleted when required by using the table on the lower-half of the page (3).

Tick the “Delete” checkbox next to Rule(s) you would like to remove from your site. When you are ready to delete the Rule(s), press “Save”. The page will reload to reflect the changes made.

3.3.1 Additional notes on Rule deletion

The process of deleting Rules does not delete the Conditions and Actions that they consist of. To delete Conditions and Actions, please see sections 4.2 and 6.2 respectively.

Pressing “Save” applies all changes specified on the page, including adding new Rules to your account or changing their “Active” status.

Any user who has access to the “Rule manager” page can delete user-defined Rules on sites associated with their user account.

You can only delete User-Defined rules (ID starting with “UDR-“). You cannot delete Secure Trading Rules (ID starting with “STR-“).


http://www.securetrading.com/files/documentation/STPP-XML-Specification.pdf

MyST Rule Manager


4 Conditions

This section explains how to configure Conditions on your site(s).

A Condition defines the circumstances under which an Action will be performed.

4.1 Creating Conditions

To create a Condition, please follow these steps: 1. Select the sitereference and Action type from the drop-down boxes in the upper-left (1) and

click “Change”. 2. Click the “New condition” button in the “Information” pane (2).

1

2

MyST Rule Manager


You will be presented with a page allowing you to create a new Condition. Give the Condition an appropriate and unique name, by entering this into the “Condition name” text field in the upper-left corner of the page (e.g. successful Visa AUTH).

Now choose the filters that you would like to be used in order to specify when the Action occurs. Each filter displayed represents a different property that can be associated with a transaction. Ticking a checkbox selects the specific value.

When the drop-down box by a property is set to “in” (default), the Action will be performed when the transaction matches any of the fields ticked within this filter. When set to “not in”, the Act ion will be performed when the transaction does not match the fields ticked in the box beneath it.

e.g. If “Payment types” “in” “American Express”, “MasterCard” and “Visa” The redirect will only be performed when the customer uses the aforementioned payment types. When you have selected all the filters required, click “Save”.

When creating a Condition, ensure that you specify at least one Request type and Error code. Conditions without these two properties may cause unforeseen issues.

MyST Rule Manager


4.2 The “Manage conditions” tab

Conditions created on your user account can be managed by clicking the “Manage conditions” tab.

This tab will list any Conditions configured on your account (if you have no Conditions configured, it will prompt you to create your first).

4.2.1 Viewing more details

Conditions are listed in a table with icons to the left of each one. Clicking the icon will cause the Condition to expand in order to display its properties. When finished, you can click the icon to collapse the Condition, hiding the properties from view. Clicking the icon in the header row expands all Conditions at once. Subsequently clicking the

icon in the header row will collapse all Conditions at once, returning the table to its original state.

MyST Rule Manager


4.2.2 Modifying Conditions

To modify the properties of a Condition, click the Condition name in the table.

Please note that you can only modify Conditions your MyST user account has created.

You will be presented with a page that allows you to modify the Condition.

When modifying a Condition, ensure that you specify at least one Request type and Error code. Conditions without these two properties may cause unforeseen issues.

4.2.3 Conditions in use

When modifying a Condition that is being used by an active Rule, a yellow warning is shown at the top of the page. This lists the number of Rules that will be affected by the changes made, and their associated Secure Trading sitereferences.

MyST Rule Manager


4.2.4 Deleting Condition

Using the checkboxes to the right of each Condition, you can select Conditions for deletion.

When you have selected the Conditions you would like to delete, press the “Delete” button. You will be shown a confirmation prompt before deleting a Condition(s). You can only delete Conditions that are not part of an existing Rule.

4.2.4.1 Deleting “IN USE” Conditions

Conditions that are part of an existing Rule are highlighted with the words “IN USE” in the “Delete” column. In order to delete these Conditions, you must first delete the Rules that are using the Conditions in question. See section 3.3 for information on deleting Rules.

4.2.4.2 Finding out which sites are using “IN USE” Conditions

In order to find which sites have Rules using “IN USE” Conditions, click the Condition name from the table under the “Manage conditions” tab and go to the modify Condition page. The number of Rules using the Condition and the sitereference(s) with which these Rules are associated are shown in the warning at the top of the page.

4.3 Advanced Settings

When creating or modifying a Condition, it is possible to specify your own custom filter in the “Advanced settings” tab. customfield1 is a field that can be submitted as part of the request to the Payment Pages when processing a payment. You can configure a Condition that redirects the customer based on the contents of this field. This is useful, for example, if you have multiple online stores using the same sitereference. e.g. The following POST to the Payment Pages: https://payments.securetrading.net/process/payments/choice?sitereferen

ce=test_site12345&mainamount=123.99&version=1&currencyiso3a=GBP&custom

field1=store2

Will match the Condition: customfield1 is “store2”

MyST Rule Manager


5 Action types

This section explains the different types of actions available in the Rule Manager. For information on how to create and manage actions, see section 6.

5.1 Payment pages customer email action

This action is used to send an email to the customer’s billing email address following a Payment Pages transaction, when the associated condition(s) has been met. e.g. For successful transactions, send an email confirmation to the customer.

5.1.1 Process Overview

1) The Customer

performs a payment.2) Secure Trading

processes the request.

3) Secure Trading adds

email notification to a

queue.

4) Secure Trading

displays confirmation to

Customer.

5) Customer receives

email notification.

S E C U R E T R A D I N G

Customer email notifications are sent from Secure Trading’s systems when pre-specified criteria are met. These are designed to be sent to your customers, and can act as a receipt or confirmation following a transaction. While customer email notifications are enabled, please inform your customer to expect an email notification when they perform a payment on your Secure Trading payment page. Each customer email notification appears to the customer to be sent from the email address specified when it was configured. An example of the appearance of a customer email notification can be found in section 8.1. Within the action, you can specify the email subject and reply to address.

5.1.2 Included fields

The following fields are included as default within email notifications: Amount Auth Code Billing County Billing Email Address Billing Full Name Billing Postcode Billing Premise Billing Town Currency Merchant Name Order Reference Request Type Transaction Reference

MyST Rule Manager


5.2 Payment pages merchant email action

This action is used to send an email to yourself and members of your organisation following a Payment Pages transaction, when the associated condition(s) has been met. e.g. For successful transactions over £600, send an email confirmation to [email protected].


1) The Customer




email notification to a

queue.

4) Secure Trading

displays confirmation to

Customer.


Merchant

5) Merchant receives

email notification.

Merchant email notifications are sent from Secure Trading’s systems when pre-specified criteria are met. These are designed to be sent to your company, containing a customised selection of fields. Please ensure your email server is configured to accept all incoming emails from the email address you specified when configuring the notification. An example of the appearance of a merchant email notification can be found in section 8.2). Within the action, you can specify the recipient, email subject and reply to address.

5.2.2 Included fields

The following fields are included as default within email notifications: Amount Auth Code Billing County Billing Email Address Billing Full Name Billing Postcode Billing Premise Billing Town Currency Merchant Name Order Reference Request Type Transaction Reference

MyST Rule Manager


5.3 Payment pages redirect action

This action is used to redirect the customer’s browser from the Payment Pages following a transaction, when the associated condition(s) has been met. The customer’s browser bypasses Secure Trading’s default response page and is redirected to the URL specified in the action. e.g. For successful transactions, you could have the customer be redirected to your website. Please note: We do not support localhost, loopback or multicast IP ranges in the URL.

Redirect actions are always performed after all other action types. If multiple redirect rules are present, the first rule which meets the criteria will be used (e.g. UDR-1000 runs before UDR-1001).

5.3.1 Save time by using a pre-configured rule

To simplify the process of enabling redirects on your site, Secure Trading provides STR-6 and STR-7 for performing redirects following successful and declined transaction respectively. These rules have an action type of “Payment pages advanced redirect”. This process is explained in the rules section of the Payment Pages Setup Guide.

5.3.2 Fields to include

When creating the action, click the “Field selection” tab and select fields to be included in the

redirect. You should include the errorcode, settlestatus and transactionreference

fields as a minimum, as these can be used to indicate whether or not the transaction was successful. You can also include custom fields. These can be typed into the text box in the lower-right of the page and added by clicking “Add”.

5.3.2.1 Format of custom fields

Any lowercase or uppercase letters. Numbers 1-9 Punctuation: _ \ . - Must start with a letter (A-Z, a-z).


MyST Rule Manager


5.4 Payment pages required fields action

This action is used to designate fields as required on the Payment Pages when the associated condition(s) has been met. e.g. For MASTERCARD transactions, you could specify the billing name as required. If the customer fails to enter the information required when performing a payment, the relevant fields are highlighted in red and the customer is shown an error message to convey the problem. This allows the customer to make corrections and re-attempt the payment. All required fields are highlighted with an asterisk. When creating the Payment pages required fields action, you will need to specify the fields required when the condition has been met (see screenshot below). If you use If you use

MyST Rule Manager


5.5 URL Notification action


URL notification actions are requests sent from Secure Trading to a pre-defined URL. These notifications contain information about transactions processed on your Secure Trading account. Please note: We do not support localhost, loopback or multicast IP ranges in the URL.

Note for merchants using Payment Pages Secure Trading provides STR-8, STR-9 & STR-10 for performing URL notifications after transactions are processed. These rules have an action type of “URL advanced notification”.

This is explained further in the rules section of the Payment Pages Setup Guide.


MyST Rule Manager


5.5.1.1 Accepting Notifications

The following is a diagrammatic overview of how your system must process notifications received from Secure Trading.

MyST Rule Manager


5.5.1.2 Notification Types

The following table describes the characteristics of the three different notification types you can choose from:

Notification type Characteristics

Online The notification will be processed during the transaction. Your customer will be made to wait for your server to respond. In the event of failure, the notification will not be retried.

Offline

The notification will be scheduled during the transaction. Scheduled notifications will be processed as soon as possible after

the customer has been shown a response. In the event of failure, the notification will be retried for approximately

48 hours.

Failover

The notification will be processed during the transaction. Your customer will be made to wait for your server to respond. In the event of failure, the notification will be scheduled to be sent

again and will be retried for approximately 48 hours.

Please note that if multiple online notifications are configured for a transaction, only the first online notification will be processed during the transaction and any other online notifications will be discarded. If there are no online notifications but there are multiple failover notifications, only the first failover notification will be processed during the transaction and any other notifications will be scheduled to be sent at a later time (treated as offline notification).

Online URL Notifications

When using online URL notifications, the customer will be made to wait for your server to respond to the notification before completing the transaction.

Diagrammatic overview of a payment with online URL notifications enabled:

1) The Customer



3) Secure Trading sends

notification to Merchant

and awaits response.

5) After Merchant receives

notification, confirmation is

displayed to Customer.

Secure Trading only

sends ONE notification

and will not retry.

4) Merchant responds

to Secure Trading’s

notification.


MyST Rule Manager


Offline URL Notifications

Diagrammatic overview of a payment with offline URL notifications enabled:

1) The Customer




notification to a queue.

Notification is sent soon

afterwards.

4) Confirmation is

displayed to Customer.


5) Merchant receives

URL notification.

Secure Trading will continue to

resend the notification until

the Merchant sends a

confirmation response.

(for up to 48hrs)

Failover URL Notifications

Diagrammatic overview of a payment with failover URL notifications enabled:

1) The Customer



3) Secure Trading sends

notification to Merchant.

4) If Merchant responds

with a confirmation, Secure

Trading displays

confirmation to Customer.

5) If Merchant does not

respond, Secure Trading

adds notification to a queue

and displays confirmation to

Customer.


Secure Trading will continue to

resend the notification until

the Merchant sends a

confirmation response.

(for up to 48hrs)

MyST Rule Manager


5.5.2 Format of URL Notification

The notification sent from Secure Trading will include a valid HTTP/1.1 Content-type header to be accepted by your system. For example: Content-type: application/x-www-form-urlencoded; charset=UTF-8

The included field names and data will be urlencoded. For example, if the notification contains the fields “baseamount”, "errorcode" and "orderreference" with values "2499", “0” and "customerorder1" respectively, then the notification may look like the following (notificationreference field is always returned):

baseamount=2499&errorcode=0&notificationreference=1-A60356

&orderreference=customerorder1

5.5.2.1 Authentication (Notification Security)

To ensure the notification has not been modified by a malicious user, a field called responsesitesecurity can be included in the POST to your system, when configuring the

notification in MyST. This field contains a cryptographic hash of a predefined set of field values. Using the example above, with the addition of a notification password of "password", using the sha256 security algorithm, the notification may look like the following:

baseamount=2499&errorcode=0&notificationreference=1-A60356

&orderreference=customerorder1&responsesitesecurity=033e6bcc1971f150c5

a6d5487548b375b8971c9bdc1962b2cc1844d26ff82c2a

Please note that Secure Trading recommends you implement the sha256 security algorithm, but also supports sha1 and md5.

Please note that if you update your action to use a new notification password, all future notifications sent from the queue (offline or failover) will include a notification hash generated using the new password.

MyST Rule Manager


S T E P

1

To check the notification is legitimate, concatenate the values of all the fields in the request (excluding notificationreference and

responsesitesecurity), in order of field name, in ASCII alphabetical order:

All uppercase letters come before lowercase letters, e.g. “Z” before “a”. Digits and many punctuation marks come before letters; for example, “4”

precedes “one”. Numbers are sorted natively as strings; for example, “10” precedes “2”.

S T E P

2

To the end of this, append the notification password. This leaves: 24990customerorder1password

If a field returned in a notification has multiple values,

(e.g. fieldname=bravo&fieldname=alpha),

these values are concatenated in the order they were submitted in the POST to

Payment Pages. When included in the example above, the string generated

would be: 24990bravoalphacustomerorder1password

S T E P

3

Then generate a hexadecimal hash of this value using sha256 and ensure the

value matches the value in responsesitesecurity:

033e6bcc1971f150c5a6d5487548b375b8971c9bdc1962b2cc1844d26ff82

c2a

If the generated hexadecimal hash does not match the responsesitesecurity received

from Secure Trading, the notification should not be accepted. In such a case, please contact Secure Trading Support (see section 7.1).

5.5.3 Using Secure Socket Layer (SSL/TLS)

You can set up your system to receive URL notifications using SSL/TLS. In order to do so, your server must present a valid TLS certificate chain to the Secure Trading notifications client. A valid certificate contains the domain of the Notification URL in the common name of the certificate and the chain must correctly validate to an accepted certificate authority.

You must configure your system to accept incoming URL notifications on port 443.

Please note that If the certificate is not signed by a known certificate authority (for example Verisign), your test notifications may work but you will need to use a valid CA for live transactions.

MyST Rule Manager


5.5.4 Response to Secure Trading

You must configure your system to respond to a notification with an HTTP 200 OK response. For example: "HTTP/1.0 200 OK". Your system must reply within 8 seconds of receiving a notification.

5.5.5 Retrying Notifications

A notification is sent shortly after the criteria defined in the filters have been fulfilled. One notification is sent per transaction.

Each notification contains a unique reference that is called notificationreference.

If Secure Trading fails to receive a response to an offline or failover notification, the notification will be resent with the same notification reference.

If your system does not respond to offline and failover URL notifications, Secure Trading will continue to resend the notifications for up to 48 hours until confirmation is received.

5.5.6 Email Alerts for Failed URL Notifications

Once a day, Secure Trading will send email alerts for failed URL notifications on your account. A URL notification failure may be attributed to an invalid URL or if Secure Trading fails to receive a response from your system. The alert is sent to the email address of the user that configured the notification and has a subject of “Notification Problems”. Please ensure your email server is configured to accept all incoming emails from [email protected]. An example of the appearance of a notification failure email can be found in section 8.3.

mailto:[email protected]

MyST Rule Manager


5.5.7 Fields to include

Secure Trading recommends including at least the following fields as a minimum for inclusion in typical URL notifications:

Acquirer Response Code (acquirerresponsecode) Acquirer Response Message (acquirerresponsemessage) Auth Code (authcode) Base Amount (baseamount) (e.g. £10.50 is “1050”)* Main Amount (mainamount) (e.g. £10.50 is “10.50”)* Currency (currencyiso3a) Error Code (errorcode) Live Status (livestatus) Order Reference (orderreference) Parent Transaction Reference (parenttransactionreference) Payment Type (paymenttypedescription) Request Type (requesttypedescription) Settle Status (settlestatus) Site Reference (sitereference) ST Profile (stprofile) Transaction Reference (transactionreference)

*Please choose your preferred format.

5.5.8 Configuring Subscription Notifications

It is possible to configure URL notifications that are sent for every successful new subscription that is scheduled on your account. When creating the condition for subscription notifications, please ensure you select:

“SUBSCRIPTION” in the “Requests” box, all payment types needed in the “Payment types” box, and “0 – Ok” in the “Error codes” box.

URL notification actions can be configured to include additional Subscription-specific fields: subscriptionbegindate

subscriptionfinalnumber

subscriptionfrequency

subscriptionnumber

subscriptiontype

subscriptionunit

Please note that Secure Trading also offers a feature where a summary of all subscription payments processed on your account in a day are compiled into a daily email report. For more information, please contact Support (see 7.1).

MyST Rule Manager


5.5.9 Configuring Other Notifications

Please contact Secure Trading Support to enable the following notifications on your account (see section 7.1).

5.5.9.1 Confirmation Notifications (only for ACH transactions)

Once a day, Secure Trading performs checks for confirmation that outstanding authorisations have been settled. Following these checks, the settle status of transactions will be updated where appropriate and URL notifications are sent in the following situations:

Transaction is cancelled by the acquiring bank (settle status changes from ‘10’ to ‘3’). Transaction is settled (settle status changes from ‘10’ to ‘100’).

For more information on the ACH payment type, please refer to the ACH document.

5.5.9.2 Chargeback Notifications

Once a day, Secure Trading performs checks if any new Chargebacks have been processed against transactions settled on your account. If you opt to receive these notifications, your system will receive an individual URL notification for every Chargeback processed on your account. For more information on how Chargebacks are processed by STPP, please refer to the Chargeback document.

http://www.securetrading.com/files/documentation/STPP-ACH.pdf

http://www.securetrading.com/files/documentation/STPP-Chargebacks.pdf

MyST Rule Manager


5.6 Update response action

This action is used to automatically update the status of a transaction after it has been processed by the acquirer and the associated condition(s) has been met. e.g. For authorisations in the currency USD, you could update the settle status to suspend settlement.

When using this action type, ensure any active redirects (see section 5.3) are updated to take this into account.

5.6.1 Merchant Decline Rule (STR-1)

Please note that this rule is only supported by acquirers and payment methods that support security code checks.

When active, the Secure Trading Rule STR-1 will automatically cancel transactions (update the settle status to 3) when the security code entered by the customer does not match the value held on the bank’s records. This rule will act on all authorisations on the selected site reference (including transactions processed via the Virtual Terminal and the API). This feature allows you to display a “Merchant Declined” message to your customers when they enter an incorrect security code (this is performed automatically on the Payment Pages when the rule is enabled).

5.6.1.1 For merchants with existing rules

When a transaction is cancelled by an update transaction response rule (e.g. Merchant Decline), the error code may remain in status “0” (Ok). This would indicate that the payment was authorised by the acquiring bank, but later cancelled by Secure Trading. Therefore, you may need to update any active rules to take this possible outcome into account. To prevent a rule from being triggered on a merchant decline, remove the settle status “3” (Cancelled) from existing conditions on the affected site reference(s).

When creating new conditions using the MyST Rule Manager, we will automatically deselect settle status “3” when you select errorcode of “0”, by default.

MyST Rule Manager


6 Actions

This section explains how to configure Actions on your site(s). For a list of action types available to you, see section 5.

Secure Trading will perform an Action when criteria of a Condition have been met.

6.1 Creating Actions

To create an Action, please follow these steps: 1. Select the sitereference and Action type from the drop-down boxes in the upper-left (1) and

click “Change”. 2. Click the “New action” button in the “Information” pane (2).

1

2

MyST Rule Manager


You will be presented with a page allowing you to create a new Action. Give the Action an appropriate and unique name, by entering this into the “Action name” text field in the upper-left corner of the page. The page displayed is dependent on the type of Action you are creating. For example, the following is a screenshot of the page used to create a Payment Pages redirect Action:

Further information on creating Actions can be found on under the “General settings” tab on the Action creation page.

Please note that for certain Action types, additional settings can be found under tabs shown alongside the “General settings” tab (as in the screenshot above).

For Payment Pages redirects Actions: The field selection tab allows you to specify fields to be returned along with the redirect. For further information, please refer to the Payment Pages Redirects section of the Payment Pages Setup Guide.


MyST Rule Manager


6.2 The “Manage actions” tab

Actions created on your user account can be managed by clicking the “Manage actions” above the table.

This tab will list any Actions configured on your account (if you have no Actions configured, it will prompt you to create your first).

6.2.1 Viewing more details

Actions are listed in a table with icons to the left of each one. Clicking the icon will cause the Action to expand in order to display its properties. When finished, you can click the icon to collapse the Action, hiding the properties from view. Clicking the icon in the header row expands all Actions at once. Subsequently clicking the icon in the header row will collapse all Actions at once, returning the table to its original state.

MyST Rule Manager


6.2.2 Modifying Actions

To modify the properties of an Action, click the Action name in the table.

Please note that you can only modify Actions your MyST user account has created.

You will be presented with a page that allows you to modify the Action.

6.2.2.1 Actions in use

When modifying an Action that is being used by an active Rule, a yellow warning is shown at the top of the page. This lists the number of Rules that will be affected by the changes made, and their associated Secure Trading sitereferences.

MyST Rule Manager


6.2.3 Deleting Action

Using the checkboxes to the right of each Action, you can select Actions for deletion.

When you have selected the Actions you would like to delete, press the “Delete” button. You will be shown a confirmation prompt before deleting an Action(s). You can only delete Actions that are not part of an existing Rule.

6.2.3.1 Deleting “IN USE” Actions

Actions that are part of an existing Rule are highlighted with the words “IN USE” in the “Delete” column. In order to delete these Actions, you must first delete the Rules that are using the Actions in question. See section 3.3 for information on deleting Rules.

6.2.3.2 Finding out which sites are using “IN USE” Actions

In order to find which sites have Rules using “IN USE” Actions, click the Action name from the table under the “Manage actions” tab and go to the modify Action page. The number of Rules using the Action and the sitereference(s) with which these Rules are associated are shown in the warning at the top of the page.

MyST Rule Manager


7 Further Information and Support

This section provides useful information with regards to documentation and support for your SecureTrading solution.

7.1 SecureTrading Support

If you have any questions regarding integration or maintenance of the system, please contact our support team using one of the following methods.

Method Details

Telephone +44 (0) 1248 672 050

Fax +44 (0) 1248 672 099

Email [email protected]

Website http://www.securetrading.com/support/support.html

7.2 SecureTrading Sales

If you do not have an account with SecureTrading, please contact our Sales team and they will inform you of the benefits of a SecureTrading account.

Method Details

Telephone 0800 028 9151

Telephone (Int’l) +44 (0) 1248 672 070

Fax +44 (0) 1248 672 079

Email [email protected]

Website http://www.securetrading.com

7.3 Useful Documents

Documentation regarding the STPP system can be found on Secure Trading’s website (http://www.securetrading.com). Alternatively, please contact our support team as outlined above.

7.4 Frequently Asked Questions

Please visit the FAQ section on our website (http://www.securetrading.com/support/faq).


http://www.securetrading.com/support/support.html


http://www.securetrading.com/

http://www.securetrading.com/

http://www.securetrading.com/support/faq

MyST Rule Manager


8 Appendix

8.1 Example of Customer Email Notification

MyST Rule Manager


8.2 Example of Merchant Email Notification

MyST Rule Manager


8.3 Example of Email Alert for Failed URL Notifications

MyST Rule Manager€¦ · solution, you must ensure you are using the latest version of site...

Documents

Transcript of MyST Rule Manager€¦ · solution, you must ensure you are using the latest version of site...