Sagepay Help

suarve · 7 Jan 2010 at 10:49

Hi,

Am just trying to learn how to use Sagepay, as I've always used Paypal in the past.

Say I have an online store and people checkout. They leave my store and go to the sagepay website to enter their card details - would this be form integration? - http://www.sagepay.com/developers/integration_manual/form_introduction.asp - kind of similar to using paypals website pay,ent standard?

Also, not sure if I'm reading this right, but unlike paypal the money would go direct into my bank account?

Thanks

suarve · 7 Jan 2010 at 12:18

Spunkey said:
Yes - on both counts

Why the heck do people use Paypal then? Have always thoiught it's a right poain in the ass having to transfer money to your current account - that's sold me on Sagepay tbh

suarve · 13 Jan 2010 at 10:59

Have been reading more about Sagepay - think I'll be using this from now as a first choice, instead of Paypal - this time am going to practice it loads beforehand though (at least they provide some pretty detailed code examples).

suarve · 29 Jan 2010 at 13:45

Well I have 3 hours planned this week to have a proper play with it, so I guess I'll need any help

suarve · 29 Jan 2010 at 15:30

gord said:
Are you building your own integration? Form, Server or Direct?

HAven't read all the documentation yet but:

Am defo going to have a look at the form one - same as a paypal buy now button/cart where I'd send over form values.

Will be needing to take payments without the customer leaving my site - so I guess this is the direct/server integration.

Just to check, the server integration would be the eqivalent of website payments pro?

EDIT: wow, you have to be PCI DSS compliant to use thje Direct method.

suarve · 30 Jan 2010 at 13:32

gord said:
Yep, we are using direct and just sorting our compliance issues.. its a nightmare to be honest..

Although, we didn't build our cart..

Have never had to do this tbh, what does it involve exactly?

suarve · 31 Jan 2010 at 17:26

gord said:
PCI compliance? Go to their website. It's a set of rules. The level of compliance is dependent on your merchant level, defined by the # of transactions and data access.

You have to comply with the rules, perform an SAQ, perform a scan of your infrastructure and let the bank know.

That's as far as I understand.

Ah right. Had the idea someone would be auditing my site for some reason

suarve · 4 Feb 2010 at 16:53

Wow. Just quickly gone through the form integration same code and have to say it totally knocks Paypal into orbit on that front.

Can't believe how well explained and commented the code is.

Kudos to Sagepay.

suarve · 9 Feb 2010 at 14:25

Right have been having a little bit of read, am I understanding this correctly (have used Paypal pretty much exclusivly, so Im a bit new to Sagepay at the minute):

Form integration: customer leaves my website to pay on sagepay's payment pages and is then redirected back to my site - all the transaction info is stored by sagepay (cart contents etc.) - nothing like cart contents, billing info are posted back - this is all stored in the sagepay account area and not viewabkle through say my websites admin area.

Server Integration: Like above the customer will be directted to the sagepay pages but it will send a response post to ione of my scripts, allowing me to store all the order information in say a database.

Also, Paypal had a custome hidden field value you could populate with any custom data (E.g voucher code used for example) you liiked. Is this any way to do this using Sagepay? Only way I can see how to achieve this initially is add querystring data onto the notification url. Is there a better way?

suarve · 5 Apr 2010 at 19:02

Apologies for digging up a pretty old thread, have another SagePay question.

I'm currently in the final stages of using Direct on their test system.

I've noticed in the test account screen that there is an option to send HTML email, I've ticked this.

Does the test system send emails, or is that reserved for the LIVE system?

On a side note DIRECT is fairly easy to follow, but I'd personally rewrite the bits that retreieve cart contents as SagePay's method suck imo, very flimsey (E.g. x of y).

Thanky

suarve · 6 Apr 2010 at 20:02

Ah coollio, thanks

suarve · 9 Apr 2010 at 12:05

Yet another question - about 3d secure this time

I'm just looking at the 3d secure rulebase in my sagepay account. Just spoke to sagepay and they say sometimes it can cause issues with non uk cards.

I'm tempted to setup a couple of rules. E.g. with higher value orders I'll make it so all checks have to be passed, with lower value transactions I'd set it so transactions can go through without 3d secure checks. On all but the higher value transactions, I'd allow the transaction to go through without passing the checks.

Do this sound logical?

Also, I notice there's a tick box called "Allow Authorisations when MPI errors occur" - what exactly is this?

suarve · 12 Apr 2010 at 10:25

Taziir said:
That's bizarre, as 3dSecure checking comes from the card issuer, so they'd have to be able to get it right otherwise Visa/MasterCard wouldn't sign off the bank using it. AVS CV2 checking is a problem for non-uk cards as some banks only return the security code and don't check the address (Ireland cards are a good example).

With 3d checking Sage Pay sets the checks globally either on or off. High value only with valid 3d checks sounds right, medium value is best allowing 3d and non 3d cards.

For low value payments just don't have a rule. The checks will still take place but you won't filter anything, so no need for a pass, and that way you can still take maesto.

MPI failure is another way to say 'technical problem with the 3d checks'.

Excellent, cheers.