BBVA (formerly CatalunyaCaixa, via Redsys) Gateway Guide

close

Services and Compatibility

Payment Gateway Company Name:
BBVA (formerly CatalunyaCaixa, via Redsys)
Services that work with Spreedly:
  • BBVA (formerly CatalunyaCaixa, via Redsys)
Services that do not work with Spreedly:
  • The Redsys offsite payment page offering
Supported operations:
Purchase, Authorize, Capture, Refund, Void, Verify
Supported payment types:
Third Party Token
Spreedly 3DS2 Global Supported
No
Gateway Specific 3DS1 Supported
Yes
Gateway Specific 3DS2 Supported
Yes
Regions:
Europe
API endpoint URL:
https://sis.redsys.es/sis/operaciones

Authentication and Security

Specific names for credentials:
Merchant ID, Signature Algorithm, Terminal, Secret Key

Onboarding Merchants in:

Additional Notes

Merchants with BBVA can use Spreedly via the Redsys direct API. Contact us or your BBVA account manager if you have any questions.

If you receive error “SIS0252 ERROR: El comercio no permite el envío de tarjeta” the merchant should contact their BBVA account manager. The merchant needs a configuration change in their merchant account to work with Spreedly.

SHA256 Authentication

Redsys deprecated SHA1 signature authentication on November 23, 2015. Spreedly has upgraded the Redsys gateway to use SHA256.

Adding a Redsys gateway

To add a BBVA (formerly CatalunyaCaixa, via Redsys) gateway:


curl https://core.spreedly.com/v1/gateways.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<gateway>
        <gateway_type>redsys</gateway_type>
        <merchant_id>merchantid</merchant_id>
        <terminal>terminal</terminal>
        <secret_key>secretkey</secret_key>
      </gateway>'


<gateway>
  <token>W5J8YiU1Rtl9HnHT8TYOQlJtbVT</token>
  <gateway_type>redsys</gateway_type>
  <name>BBVA (formerly CatalunyaCaixa, via Redsys)</name>
  <description nil="true"/>
  <merchant_profile_key nil="true"/>
  <merchant_id>merchantid</merchant_id>
  <terminal>terminal</terminal>
  <signature_algorithm nil="true"/>
  <characteristics>
    <supports_purchase type="boolean">true</supports_purchase>
    <supports_authorize type="boolean">true</supports_authorize>
    <supports_capture type="boolean">true</supports_capture>
    <supports_credit type="boolean">true</supports_credit>
    <supports_general_credit type="boolean">false</supports_general_credit>
    <supports_void type="boolean">true</supports_void>
    <supports_adjust type="boolean">false</supports_adjust>
    <supports_verify type="boolean">true</supports_verify>
    <supports_reference_purchase type="boolean">false</supports_reference_purchase>
    <supports_purchase_via_preauthorization type="boolean">false</supports_purchase_via_preauthorization>
    <supports_offsite_purchase type="boolean">false</supports_offsite_purchase>
    <supports_offsite_authorize type="boolean">false</supports_offsite_authorize>
    <supports_3dsecure_purchase type="boolean">true</supports_3dsecure_purchase>
    <supports_3dsecure_authorize type="boolean">true</supports_3dsecure_authorize>
    <supports_3dsecure_2_mpi_purchase type="boolean">true</supports_3dsecure_2_mpi_purchase>
    <supports_3dsecure_2_mpi_authorize type="boolean">true</supports_3dsecure_2_mpi_authorize>
    <supports_store type="boolean">false</supports_store>
    <supports_remove type="boolean">false</supports_remove>
    <supports_fraud_review type="boolean">false</supports_fraud_review>
    <supports_network_tokenization type="boolean">false</supports_network_tokenization>
    <supports_populate_mit_fields type="boolean">false</supports_populate_mit_fields>
    <supports_3dsecure_2_purchase type="boolean">true</supports_3dsecure_2_purchase>
    <supports_3dsecure_2_authorize type="boolean">true</supports_3dsecure_2_authorize>
  </characteristics>
  <credentials>
    <credential>
      <name>merchant_id</name>
      <value>merchantid</value>
    </credential>
    <credential>
      <name>terminal</name>
      <value>terminal</value>
    </credential>
    <credential>
      <name>signature_algorithm</name>
      <value nil="true"/>
    </credential>
  </credentials>
  <gateway_settings>
  </gateway_settings>
  <gateway_specific_fields>
    <gateway_specific_field>user_agent</gateway_specific_field>
    <gateway_specific_field>accept_header</gateway_specific_field>
    <gateway_specific_field>authentication_method</gateway_specific_field>
    <gateway_specific_field>authentication_type</gateway_specific_field>
    <gateway_specific_field>authentication_flow</gateway_specific_field>
    <gateway_specific_field>sca_exemption</gateway_specific_field>
    <gateway_specific_field>use_webservice_endpoint</gateway_specific_field>
  </gateway_specific_fields>
  <payment_methods>
    <payment_method>credit_card</payment_method>
  </payment_methods>
  <state>retained</state>
  <redacted type="boolean">false</redacted>
  <sandbox type="boolean">false</sandbox>
  <created_at type="dateTime">2021-08-31T19:25:45Z</created_at>
  <updated_at type="dateTime">2021-08-31T19:25:45Z</updated_at>
</gateway>



env = Spreedly::Environment.new('C7cRfNJGODKh4Iu5Ox3PToKjniY', '4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ', base_url: 'https://core.spreedly.com')
env.add_gateway(:redsys, merchant_id: "Your merchant_id", terminal: "Your terminal",
                secret_key: "Your secret_key")



#<Spreedly::Gateway:0x00007fc1052f57b0
@token="XFwBklPn2oxQ1KK39rGW5hBFZOh",
@created_at="2019-09-18T15:09:10Z",
@updated_at="2019-09-18T15:09:10Z",
@gateway_type="redsys",
@state="retained",
@name="CatalunyaCaixa (via Redsys)",
@credentials={"merchant_id"=>"Your merchant_id", "terminal"=>"Your terminal", "signature_algorithm"=>""}>

Stored credential regulations

For Redsys, sending stored credential fields can be done using Spreedly’s first class support. Sending stored credential data is simple. For any Authorize or Purchase request, you need to include two fields which tell Spreedly a little bit more about the nature of the transaction:

  • stored_credential_initiator
  • stored_credential_reason_type

Learn more about how Spreedly enables seamless use of stored credentials by reviewing our Stored Credentials Guide.

MIT Exemptions

To utilize MIT Exemptions on Redsys, a Network Transaction ID is required to be associated with the payment method’s Stored Credentials. This Network Transaction ID is recorded on a payment method after performing a successful cardholder-initiated intial 3DS authentication at Redsys.

Please note that payment methods that performed a successful initial 3DS authentication at Redsys before March 22, 2021 may not have a Network Transaction ID recorded. Please perform another CIT 3DS authentication with that payment method to properly record it.

To request an MIT exemption for that payment method on a subsequent transaction, you must set the sca_exemption gateway specific field to the value MIT, and the following Stored Credential values.

  • stored_credential_initiator: 'merchant'
  • stored_credential_reason_type: 'recurring'

This will automatically pass the Network Transaction ID recorded on the payment method as a reference for the exemption.

Third-party 3D Secure 2 Auth Data

Spreedly will automatically handle the field mapping for sending third-party 3DS2 authentication data to Redsys. For more information about how to use this feature, see the 3DS2 Third-party Authentication Guide. Spreedly fields map to the relevant Redsys fields as described in the following table. Please see Redsys’s third-party 3DS2 documentation on DS_MERCHANT_MPIEXTERNAL for detailed descriptions of each of these fields and when to use them.

Please note that there are three 3DS2 authentication fields that Redsys may require but which are not currently handled by the standard set defined below. These must be sent as Gateway Specific Fields rather than in the three_ds object:

  • authentication_method maps to authenticacionMethod
  • authentication_type maps to authenticacionType
  • authentication_flow maps to authenticacionFlow
Spreedly Field Redsys Field
ecommerce_indicator Eci
three_ds_server_trans_id threeDSServerTransID
ds_transaction_id dsTransID
cavv authenticacionValue
three_ds_version protocolVersion

Gateway specific fields

Spreedly supports the following gateway specific fields when transacting with a BBVA (formerly CatalunyaCaixa, via Redsys) gateway:

  • user_agent
  • accept_header
  • use_webservice_endpoint

Both user_agent and accept_header are required when completing a 3DS 1 transaction.

use_webservice_endpoint may be set to true to force a transaction to be sent to the Webservice endpoint (https://sis.redsys.es/sis/services/SerClsWSEntradaV2) instead of the Operaciones endpoint, if you know this is necessary.


curl https://core.spreedly.com/v1/gateways/LlkjmEk0xNkcWrNixXa1fvNoTP4/purchase.xml \
  -u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
  -H 'Content-Type: application/xml' \
  -d '<transaction>
        <payment_method_token>56wyNnSmuA6CWYP7w0MiYCVIbW6</payment_method_token>
        <amount>100</amount>
        <currency_code>USD</currency_code>
        <gateway_specific_fields>
          <redsys>
            <user_agent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052912 Firefox/3.0</user_agent>
            <accept_header>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</accept_header>
          </redsys>
        </gateway_specific_fields>
      </transaction>'


<transaction>
  <on_test_gateway type="boolean">true</on_test_gateway>
  <created_at type="dateTime">2021-08-31T19:25:45Z</created_at>
  <updated_at type="dateTime">2021-08-31T19:25:45Z</updated_at>
  <succeeded type="boolean">true</succeeded>
  <state>succeeded</state>
  <token>CAJRWhjh7dHgQurmP27xtKKEWFl</token>
  <transaction_type>Purchase</transaction_type>
  <order_id nil="true"/>
  <ip nil="true"/>
  <description nil="true"/>
  <email nil="true"/>
  <merchant_name_descriptor nil="true"/>
  <merchant_location_descriptor nil="true"/>
  <merchant_profile_key nil="true"/>
  <gateway_specific_fields>
    <redsys>
      <user_agent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052912 Firefox/3.0</user_agent>
      <accept_header>text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8</accept_header>
    </redsys>
  </gateway_specific_fields>
  <gateway_specific_response_fields>
  </gateway_specific_response_fields>
  <gateway_transaction_id>46</gateway_transaction_id>
  <gateway_latency_ms type="integer">2</gateway_latency_ms>
  <stored_credential_initiator nil="true"/>
  <stored_credential_reason_type nil="true"/>
  <populate_mit_fields type="boolean">false</populate_mit_fields>
  <warning nil="true"/>
  <application_id nil="true"/>
  <amount type="integer">100</amount>
  <currency_code>USD</currency_code>
  <retain_on_success type="boolean">false</retain_on_success>
  <payment_method_added type="boolean">false</payment_method_added>
  <smart_routed type="boolean">false</smart_routed>
  <message key="messages.transaction_succeeded">Succeeded!</message>
  <gateway_token>T11bJAANtTWnxl36GYjKWvbNK0g</gateway_token>
  <gateway_type>test</gateway_type>
  <shipping_address>
    <name>Newfirst Newlast</name>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
  </shipping_address>
  <response>
    <success type="boolean">true</success>
    <message>Successful purchase</message>
    <avs_code nil="true"/>
    <avs_message nil="true"/>
    <cvv_code nil="true"/>
    <cvv_message nil="true"/>
    <pending type="boolean">false</pending>
    <result_unknown type="boolean">false</result_unknown>
    <error_code nil="true"/>
    <error_detail nil="true"/>
    <cancelled type="boolean">false</cancelled>
    <fraud_review nil="true"/>
    <created_at type="dateTime">2021-08-31T19:25:45Z</created_at>
    <updated_at type="dateTime">2021-08-31T19:25:45Z</updated_at>
  </response>
  <api_urls>
  </api_urls>
  <payment_method>
    <token>1rpKvP8zOUhj4Y9EDrIoIYQzzD5</token>
    <created_at type="dateTime">2017-06-26T17:04:38Z</created_at>
    <updated_at type="dateTime">2021-08-30T18:18:43Z</updated_at>
    <email>joey@example.com</email>
    <data>
      <my_payment_method_identifier>448</my_payment_method_identifier>
      <extra_stuff>
        <some_other_things>Can be anything really</some_other_things>
      </extra_stuff>
    </data>
    <storage_state>retained</storage_state>
    <test type="boolean">true</test>
    <metadata>
      <key>string value</key>
    </metadata>
    <callback_url nil="true"/>
    <last_four_digits>1111</last_four_digits>
    <first_six_digits>411111</first_six_digits>
    <card_type>visa</card_type>
    <first_name>Newfirst</first_name>
    <last_name>Newlast</last_name>
    <month type="integer">3</month>
    <year type="integer">2032</year>
    <address1 nil="true"/>
    <address2 nil="true"/>
    <city nil="true"/>
    <state nil="true"/>
    <zip nil="true"/>
    <country nil="true"/>
    <phone_number nil="true"/>
    <company nil="true"/>
    <full_name>Newfirst Newlast</full_name>
    <eligible_for_card_updater type="boolean">true</eligible_for_card_updater>
    <shipping_address1 nil="true"/>
    <shipping_address2 nil="true"/>
    <shipping_city nil="true"/>
    <shipping_state nil="true"/>
    <shipping_zip nil="true"/>
    <shipping_country nil="true"/>
    <shipping_phone_number nil="true"/>
    <payment_method_type>credit_card</payment_method_type>
    <errors>
    </errors>
    <verification_value></verification_value>
    <number>XXXX-XXXX-XXXX-1111</number>
    <fingerprint>e3cef43464fc832f6e04f187df25af497994</fingerprint>
  </payment_method>
  <attempt_3dsecure type="boolean">false</attempt_3dsecure>
</transaction>



env = Spreedly::Environment.new('C7cRfNJGODKh4Iu5Ox3PToKjniY', '4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ', base_url: 'https://core.spreedly.com')
env.purchase_on_gateway("LlkjmEk0xNkcWrNixXa1fvNoTP4", "56wyNnSmuA6CWYP7w0MiYCVIbW6", 4432,
  gateway_specific_fields: {
    redsys: {
      user_agent: "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052912 Firefox/3.0",
      accept_header: "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8"
    }
  }
)



#<Spreedly::Purchase:0x00007ff5ee0bcf70
@token="MF3fKkOdx5Nt1l0wkrCG3dU36TV",
@created_at="2019-09-18T15:33:51Z",
@updated_at="2019-09-18T15:33:51Z",
@state="succeeded",
@message="Succeeded!",
@succeeded="true",
@order_id="",
@ip="",
@description="",
@gateway_token="T11bJAANtTWnxl36GYjKWvbNK0g",
@gateway_transaction_id="58",
@email="",
@transaction_type="Purchase",
@merchant_name_descriptor="",
@merchant_location_descriptor="",
@on_test_gateway="true",
@currency_code="USD",
@callback_url="",
@stored_credential_initiator="",
@stored_credential_reason_type="",
@amount="4432",
@response,=
#<Spreedly::Response:0x00007ff5ee09ea20
@success="true",
@pending="false",
@cancelled="false",
@fraud_review="",
@created_at="2019-09-18T15:33:51Z",
@updated_at="2019-09-18T15:33:51Z",
@message="Successful purchase",
@avs_code="",
@avs_message="",
@cvv_code="",
@cvv_message="",
@error_code="",
@error_detail="">,
@shipping_address,=
#<Spreedly::ShippingAddress:0x00007ff5ee08f908
@name="Newfirst Newlast",
@address1="",
@address2="",
@city="",
@state="",
@zip="",
@country="",
@phone_number="">,
@gateway_specific_fields={:redsys=>{:user_agent=>"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008052912 Firefox/3.0", :accept_header=>"text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"}},
@gateway_specific_response_fields={},
@payment_method,=
#<Spreedly::CreditCard:0x00007ff5ee086ee8
@token="1rpKvP8zOUhj4Y9EDrIoIYQzzD5",
@created_at="2017-06-26T17:04:38Z",
@updated_at="2019-09-18T15:33:51Z",
@email="joey@example.com",
@storage_state="retained",
@data="<my_payment_method_identifier>448</my_payment_method_identifier>\n      <extra_stuff>\n        <some_other_things>Can be anything really</some_other_things>\n      </extra_stuff>",
@payment_method_type="credit_card",
@first_name="Newfirst",
@last_name="Newlast",
@full_name="Newfirst Newlast",
@month="3",
@year="2032",
@number="XXXX-XXXX-XXXX-1111",
@last_four_digits="1111",
@first_six_digits="411111",
@card_type="visa",
@verification_value="",
@address1="",
@address2="",
@city="",
@state="",
@zip="",
@country="",
@phone_number="",
@company="",
@fingerprint="e3cef43464fc832f6e04f187df25af497994",
@eligible_for_card_updater="true",
@errors=[]>>

Gateway specific response fields

A response from a BBVA (formerly CatalunyaCaixa, via Redsys) gateway may contain a ds_response_int.

You can find this information in gateway_specific_response_fields. For example, a transaction could have something like this:

<transaction>
  <token>LgpTNGjsWQs9DwdxcbreUVz0R8p</token>
  <transaction_type>Purchase</transaction_type>
  <gateway_specific_response_fields>
     <redsys>
       <ds_response_int>00</ds_response_int>
     </redsys>
  </gateway_specific_response_fields>
</transaction>

If you’d like to request any gateway_specific_fields or gateway_specific_response_fields, please contact Support with your request and the gateway documentation for the fields of interest.