Release note 21.1
To search in the page use Ctrl+F on your keyboard
- Sips In-App
- Sips Hosted Fields
This release note gives you a of the functional content of the WL Sips 21R1 release.
It is separated in two parts:
- new additions in the Sips Solution : are listed the modifications of new functionalities added to our offer;
- regulatory changes
If you want to benefit of those new functionalities, please get in touch with your usual Sips contact if you are one of our client. Or, send us a message at the following email address: email@example.com.
Deliveries in production : from the 25th of January until the 12th of February 2021.
Cofidis 1Euro.com becomes Cofidis Pay 5X 10X 20X
In order to be consistent with the revised Cofidis brand, 1euro.com becomes Cofidis Pay 5X 10X 20X. Logos will be updated. These new logos will be applied on the following WL Sips applications:
- Sips Office Extranet pages
- Paypages 2.0
Sips Office connectors now let you know whether the card used for payment is an ecard or not. The information is returned in the response of the various methods in the “virtualCardIndicator” field of the “cardData” container. This information is available from interface version 2.35.
This feature will soon be extended to other WL Sips connectors.
New Sips In-App connector features
Our Sips In-App connector is enriched to allow you to:
- create a payment with a token rather than with a card number
- make 3-D Secure payments with cards already enrolled in the WL Sips wallet, also called OneClick (new “walletCheckEnrollment” method)
- make 3-D Secure v2 payments. Unlike 3-D Secure v1 payments, 3-D Secure v2 payments can be seamless to your customers (frictionless payment) and therefore offer a better user experience particularly suited to mobile uses. In order to promote this type of payment, please read the 3-D Secure documentation.
These new features are available from SDK version 21.1.1 onwards.
tokenPan and maskedPan fields now in the cardCheckEnrollment method response
For Sips Office and Sips In-App connectors, the tokenPan and maskedPan fields are available in the cardCheckEnrollment method response. You can use this information without being subject to severe PCI constraints since you do not handle any card number.
Here is a usage example :
In the event of a negative response (3-D error or card not enrolled) during the checking phase of the 3-D Secure card enrollment (cardCheckEnrollment method), you can send this information to a chosen anti-fraud tool in order to check the level of risk you incur in accepting the payment and to decide whether or not to accept it.
Access to Download via the Merchant Extranet (MEX) portal
From 21R1 onwards, our Download tool gets a new look and will be accessible using the “Download” tab of our Merchant Extranet portal (https://mex.fr.worldline.com/portal/home).
You will be able to connect to it with the same Download identifiers already in your possession.
Also, when registering for a new shop, a Merchant Extranet user will be automatically created from the administrator contact data and will be autonomous in the secret key and user management.
The old Download access URL will enventually be deactivated. A message inviting you to use the Merchant Extranet portal will be displayed when trying to connect.
Extension of the period of velocity rules against fraud
You can now set up velocity rules for a period of up to 99 days, not 30 days. This improvement is available on Business Score and Go-No-Go solutions.
Enrichment of the response of some Sips Office functions
In order to facilitate the management of payments, some Sips Office functions are enriched with the transaction capture limit dates and times using the “captureLimitDate” and “captureLimitDateTime” fields at the response level. The relevant functions are:
Please note that the Sips Office “directDebitOrder” function already benefited from the “captureLimitDate” field in response to the debit request.
Sips Hosted Fields
The “Sips Hosted Fields” solution allows you to let the customer pay from your pages while remaining compliant with the minimum required by PCI-DSS (SAQ-A form).
With this solution, WL Sips offers entry fields to be included in iFrames on your payment page so as to enter the card number, the validity date, the brand selection and the security code.
Your pages will be displayed and you will be able to customise them as you wish.
This solution is used with our Sips Office connector.
Details are available in our Sips Hosted Fields guide.
Transaction chaining guide added
A new guide explaining how to implement transaction chaining via each connector is available on our documentation site here.
Tokenisation guide added
Our documentation site now also includes a guide on tokenisation, a process for replacing the credit card number (PAN, which is sensitive data) with a token (non-sensitive data). Using a token eliminates the PCI DSS constraints. Details are available in our Tokenisation guide.
Sips In-App SDK accessible on our documentation website
Sips In-App SDK for Android and iOS are available in the Sips In-App documentation.
Optional entry of the security code during a OneClick 3-D Secure payment
With the implementation of the DSP2 regulations and the obligation to strongly authenticate internet transactions, merchants have the possibility of making the entry of the security code optional during a OneClick payment (card(s) registered in a wallet beforehand), or during a payment via “token”. This concerns cards from the CB, Visa and Mastercard networks, provided that the merchant’s acquirer supports this feature.
For merchants using the Paypage connector (payment page hosted on our servers), this option requires some setup at the shop level.
|Blocking the operation of duplicating a transaction if the validity date of the payment method has expired.
|Fixing the color of the message displayed when entering data incorrectly on the payment page.
|Returning a responseCode 14 instead of a responseCode 12 if the panType field is not valued with TOKEN_PAN in the request when paying via Token.
|Converting the time zone to UTC + 1 if the one indicated in the *merchantTransactionDateTime* field of the request sent by the merchant is negative and thus avoid a responseCode 12.
|Applying the GoNoGo "3-D Secure Authentication" fraud rule to 3DSv2 transactions.
|Blocking the automatic entry by the Chrome browser of a password saved in of of the fields of the cash register management interface (SOE).
|Implementation of controls on the card data entered.