CyberSource Gateway Guide

close

Services and Compatibility

Payment Gateway Company Name:
CyberSource
Services that work with Spreedly:
  • CyberSource
Supported operations:
Purchase, Authorize, Capture, Refund, Void, Verify, Store, General Credit
Supported payment types:
Credit Card, Apple Pay, Android Pay
3D Secure 1 Supported
Yes
3D Secure 2 Supported
No
Regions:
Asia Pacific, Europe, Latin America, North America
API endpoint URL:
https://ics2wsa.ic3.com/commerce/1.x/transactionProcessor

Authentication and Security

Specific names for credentials:
User Name, Transaction Key

Onboarding Merchants in:

Adding

To add a CyberSource gateway you need to supply your CyberSource user name (merchant_id), and a SOAP Toolkit secure Transaction Key generated in the CyberSource admin:


curl https://core.spreedly.com/v1/gateways.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<gateway>
        <gateway_type>cyber_source</gateway_type>
        <user_name>Your merchant_id</user_name>
        <transaction_key>key</transaction_key>
      </gateway>'

<gateway>
  <token>GExgHTggHWxaKj4XDLIs1M3Scjl</token>
  <gateway_type>cyber_source</gateway_type>
  <name>CyberSource</name>
  <description nil="true"/>
  <user_name>Your merchant_id</user_name>
  <characteristics>
    <supports_purchase type="boolean">true</supports_purchase>
    <supports_authorize type="boolean">true</supports_authorize>
    <supports_capture type="boolean">true</supports_capture>
    <supports_credit type="boolean">true</supports_credit>
    <supports_general_credit type="boolean">true</supports_general_credit>
    <supports_void type="boolean">true</supports_void>
    <supports_adjust type="boolean">false</supports_adjust>
    <supports_verify type="boolean">true</supports_verify>
    <supports_reference_purchase type="boolean">false</supports_reference_purchase>
    <supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
    <supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
    <supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
    <supports_3dsecure_purchase type="boolean">true</supports_3dsecure_purchase>
    <supports_3dsecure_authorize type="boolean">true</supports_3dsecure_authorize>
    <supports_3dsecure_2_mpi_purchase type="boolean">false</supports_3dsecure_2_mpi_purchase>
    <supports_3dsecure_2_mpi_authorize type="boolean">false</supports_3dsecure_2_mpi_authorize>
    <supports_store type="boolean">true</supports_store>
    <supports_remove type="boolean">false</supports_remove>
    <supports_fraud_review type="boolean">false</supports_fraud_review>
  </characteristics>
  <credentials>
    <credential>
      <name>user_name</name>
      <value>Your merchant_id</value>
    </credential>
  </credentials>
  <gateway_settings>
  </gateway_settings>
  <gateway_specific_fields>
    <gateway_specific_field>ignore_avs</gateway_specific_field>
    <gateway_specific_field>ignore_cvv</gateway_specific_field>
    <gateway_specific_field>decision_manager_enabled</gateway_specific_field>
    <gateway_specific_field>decision_manager_profile</gateway_specific_field>
    <gateway_specific_field>issuer_additional_data</gateway_specific_field>
    <gateway_specific_field>commerce_indicator</gateway_specific_field>
    <gateway_specific_field>collection_indicator</gateway_specific_field>
    <gateway_specific_field>mdd_field_1</gateway_specific_field>
    <gateway_specific_field>mdd_field_2</gateway_specific_field>
    <gateway_specific_field>mdd_field_3</gateway_specific_field>
    <gateway_specific_field>mdd_field_4</gateway_specific_field>
    <gateway_specific_field>mdd_field_5</gateway_specific_field>
    <gateway_specific_field>mdd_field_6</gateway_specific_field>
    <gateway_specific_field>mdd_field_7</gateway_specific_field>
    <gateway_specific_field>mdd_field_8</gateway_specific_field>
    <gateway_specific_field>mdd_field_9</gateway_specific_field>
    <gateway_specific_field>mdd_field_10</gateway_specific_field>
    <gateway_specific_field>mdd_field_11</gateway_specific_field>
    <gateway_specific_field>mdd_field_12</gateway_specific_field>
    <gateway_specific_field>mdd_field_13</gateway_specific_field>
    <gateway_specific_field>mdd_field_14</gateway_specific_field>
    <gateway_specific_field>mdd_field_15</gateway_specific_field>
    <gateway_specific_field>mdd_field_16</gateway_specific_field>
    <gateway_specific_field>mdd_field_17</gateway_specific_field>
    <gateway_specific_field>mdd_field_18</gateway_specific_field>
    <gateway_specific_field>mdd_field_19</gateway_specific_field>
    <gateway_specific_field>mdd_field_20</gateway_specific_field>
  </gateway_specific_fields>
  <payment_methods>
    <payment_method>credit_card</payment_method>
    <payment_method>apple_pay</payment_method>
    <payment_method>android_pay</payment_method>
    <payment_method>third_party_token</payment_method>
  </payment_methods>
  <state>retained</state>
  <redacted type="boolean">false</redacted>
  <created_at type="dateTime">2019-09-27T18:32:34Z</created_at>
  <updated_at type="dateTime">2019-09-27T18:32:34Z</updated_at>
</gateway>


env = Spreedly::Environment.new('C7cRfNJGODKh4Iu5Ox3PToKjniY', '4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ', base_url: 'https://core.spreedly.com')
env.add_gateway(:cyber_source, user_name: 'user', transaction_key: 'Key')


#<Spreedly::Gateway:0x007fe333847290
@token="Zyjn7hWNlR3ZYRRqXcWg6wA9Qtt",
@created_at="2017-07-27T17:48:31Z",
@updated_at="2017-07-27T17:48:31Z",
@gateway_type="cyber_source",
@state="retained",
@name="CyberSource",
@credentials={"user_name"=>"user"}>

Third-party 3D Secure 2 Auth Data

Spreedly will automatically handle the field mapping for sending third-party 3DS2 authentication data to CyberSource. For more information about how to use this feature, see the 3DS2 Third-party Authentication Guide. Spreedly fields map to the relevant CyberSource fields as described in the following table. Please see CyberSource’s third-party 3DS2 documentation for detailed descriptions of each of these fields and when to use them.

Please note that there are two 3DS2 authentication fields that CyberSource may require but which are not currently handled by the standard set defined below. These must be sent as Gateway Specific Fields rather than in the three_ds object:

  • commerce_indicator maps to commerceIndicator and is not to be confused with the ecommerce_indicator/eciRaw two-digit code.
  • collection_indicator maps to collectionIndicator and may be required for Mastercards.
Spreedly Field CyberSource Field
three_ds_version paSpecificationVersion
ecommerce_indicator eciRaw
authentication_value cavv (or authenticationData for Mastercards)
cavv_algorithm cavvAlgorithm
directory_server_transaction_id directoryServerTransactionID
authentication_response_status paresStatus
enrolled veresEnrolled

Gateway specific fields

When interacting with a CyberSource gateway to run transactions, there are some gateway specific fields you can specify when making a purchase or authorize call. These fields allow you to ignore AVS or CVV results, disable or enable decision manager, set a decision manager profile, specify up to 100 different merchant defined fields (the maximum allowed by CyberSource), and pass additional data from the issuer. Here is an example using a few of these fields:


curl https://core.spreedly.com/v1/gateways/LlkjmEk0xNkcWrNixXa1fvNoTP4/purchase.xml \
-u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
-H 'Content-Type: application/xml' \
-d '<transaction>
  <payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
  <amount>100</amount>
  <currency_code>USD</currency_code>
  <gateway_specific_fields>
    <cyber_source>
      <ignore_avs>true</ignore_avs>
      <ignore_cvv>true</ignore_cvv>
      <decision_manager_enabled>true</decision_manager_enabled>
      <decision_manager_profile>Regular</decision_manager_profile>
      <mdd_field_1>A value</mdd_field_1>
      <mdd_field_8>Another value</mdd_field_8>
      <mdd_field_20>Another custom value</mdd_field_20>
      <issuer_additional_data>Data defined by the issuer</issuer_additional_data>
      <commerce_indicator>internet</commerce_indicator>
      <collection_indicator>2</collection_indicator>
    </cyber_source>
  </gateway_specific_fields>
</transaction>'

<transaction>
  <on_test_gateway type="boolean">true</on_test_gateway>
  <created_at type="dateTime">2019-09-27T18:07:49Z</created_at>
  <updated_at type="dateTime">2019-09-27T18:07:49Z</updated_at>
  <succeeded type="boolean">true</succeeded>
  <state>succeeded</state>
  <token>WzvAg9JhIdFXURINZg8z9A35pTt</token>
  <transaction_type>Purchase</transaction_type>
  <order_id nil="true"/>
  <ip nil="true"/>
  <description nil="true"/>
  <email nil="true"/>
  <merchant_name_descriptor nil="true"/>
  <merchant_location_descriptor nil="true"/>
  <gateway_specific_fields>
    <cyber_source>
      <ignore_avs>true</ignore_avs>
      <ignore_cvv>true</ignore_cvv>
      <decision_manager_enabled>true</decision_manager_enabled>
      <decision_manager_profile>Regular</decision_manager_profile>
      <mdd_field_1>A value</mdd_field_1>
      <mdd_field_8>Another value</mdd_field_8>
      <mdd_field_20>Another custom value</mdd_field_20>
      <issuer_additional_data>Data defined by the issuer</issuer_additional_data>
      <commerce_indicator>internet</commerce_indicator>
      <collection_indicator>2</collection_indicator>
    </cyber_source>
  </gateway_specific_fields>
  <gateway_specific_response_fields>
  </gateway_specific_response_fields>
  <gateway_transaction_id>63</gateway_transaction_id>
  <gateway_latency_ms type="integer">35</gateway_latency_ms>
  <stored_credential_initiator nil="true"/>
  <stored_credential_reason_type nil="true"/>
  <amount type="integer">100</amount>
  <currency_code>USD</currency_code>
  <retain_on_success type="boolean">false</retain_on_success>
  <payment_method_added type="boolean">false</payment_method_added>
  <message key="messages.transaction_succeeded">Succeeded!</message>
  <gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
  <gateway_type>test</gateway_type>
  <shipping_address>
    <name>Newfirst Newlast</name>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
  </shipping_address>
  <response>
    <success type="boolean">true</success>
    <message>Successful purchase</message>
    <avs_code nil="true"/>
    <avs_message nil="true"/>
    <cvv_code nil="true"/>
    <cvv_message nil="true"/>
    <pending type="boolean">false</pending>
    <result_unknown type="boolean">false</result_unknown>
    <error_code nil="true"/>
    <error_detail nil="true"/>
    <cancelled type="boolean">false</cancelled>
    <fraud_review nil="true"/>
    <created_at type="dateTime">2019-09-27T18:07:49Z</created_at>
    <updated_at type="dateTime">2019-09-27T18:07:49Z</updated_at>
  </response>
  <api_urls>
  </api_urls>
  <payment_method>
    <token>1rpKvP8zOUhj4Y9EDrIoIYQzzD5</token>
    <created_at type="dateTime">2017-06-26T17:04:38Z</created_at>
    <updated_at type="dateTime">2019-09-27T18:07:46Z</updated_at>
    <email>joey@example.com</email>
    <data>
      <my_payment_method_identifier>448</my_payment_method_identifier>
      <extra_stuff>
        <some_other_things>Can be anything really</some_other_things>
      </extra_stuff>
    </data>
    <storage_state>retained</storage_state>
    <test type="boolean">true</test>
    <metadata>
      <key>string value</key>
    </metadata>
    <callback_url nil="true"/>
    <last_four_digits>1111</last_four_digits>
    <first_six_digits>411111</first_six_digits>
    <card_type>visa</card_type>
    <first_name>Newfirst</first_name>
    <last_name>Newlast</last_name>
    <month type="integer">3</month>
    <year type="integer">2032</year>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
    <company nil="true"/>
    <full_name>Newfirst Newlast</full_name>
    <eligible_for_card_updater type="boolean">true</eligible_for_card_updater>
    <shipping_address1 nil="true"/>
    <shipping_address2 nil="true"/>
    <shipping_city nil="true"/>
    <shipping_state nil="true"/>
    <shipping_zip nil="true"/>
    <shipping_country nil="true"/>
    <shipping_phone_number nil="true"/>
    <payment_method_type>credit_card</payment_method_type>
    <errors>
    </errors>
    <verification_value></verification_value>
    <number>XXXX-XXXX-XXXX-1111</number>
    <fingerprint>e3cef43464fc832f6e04f187df25af497994</fingerprint>
  </payment_method>
</transaction>

Gateway specific response fields

A response from CyberSource may contain the following gateway specific response fields:

  <transaction>
    <token>LgpTNGjsWQs9DwdxcbreUVz0R8p</token>
    <transaction_type>Store</transaction_type>
    <gateway_specific_response_fields>
       <cyber_source>
         <subscription_id>123456</subscription_id>
         <authorization_code>123456</authorization_code>
       </cyber_source>
    </gateway_specific_response_fields>
  </transaction>