token request

paySubscriptionCreate

Credit Card Tokenization in the Data Security and Encryption Guide on My Oracle Support (1988467.1)

authorization request:

•         online

•         batch

•         token and authorization

ccAuthService

Performing Online Credit Card Authorizations and Using Batch Authorization

deposit request:

•         debit

•         credit

•         authorization and debit

ccCaptureService

ccCreditService

Processing Auto Deposits (SDEP)

authorization reversal request

ccAuthReversalService

Credit Card Authorization Reversal

level II and level III processing

Level II and III Discounting

multicurrency

Multi Currency by Offer (E03) 

card identification (CSV/CSP) for online transactions

Credit Card Security Service (CID, CVV2, CVC2)

Verified by Visa and MasterCard Secure Code programs

Credit Card Authentication Service

full address verification (AVS)

Address Verification Service (AVS)

deferred and installment billing

Deferred/Installment Billing Overview

Decision Manager

CyberSource Decision Manager Fraud Scoring

Service code

Must be CYB.

Application

Enter Auth/Deposit.

Merchant ID

Supplied by CyberSource.

Charge description

Enter CYBERSOURCE.

Request token

Select this field to perform credit card tokenization; otherwise, leave unselected.

Void auth at deposit

Select this field to void any unused portion of an authorization at deposit time; see Void Unused Authorization After Initial Deposit for processing details.

Send reversal

Select this field to perform a credit card authorization reversal when you process a cancellation associated with a credit card payment or deactivate a credit card payment; see Credit Card Authorization Reversal for processing details.

Integration layer processes

Leave these fields blank.

Media type

Enter Communication.

Batch/online

Enter Online or Batch.

Immediate response

Must be selected.

Immediate deposit

Leave unselected.

Primary authorization service

Must be .IL; see .IL Service Bureau Setup.

Communication type

Enter Payment Link to indicate messages sent to and from CyberSource are processed directly.

Response time

Defines the timeout property passed to CyberSource; this is the number of seconds Order Management System waits for a response from CyberSource. The recommended setting is 30 seconds. Note: Order Management System does not wait the entire response time if it is not necessary.

Test mode?

Not used for the CyberSource integration; the CYB_PAY_LINK_SERVICE_SEND_TO_PRODUCTION setting in Working with Customer Properties (PROP) defines whether transactions are sent to the CyberSource TEST server or PRODUCTION server.

Override Reconciliation Id

Indicates whether to pass the invoice number or alternate order ID as the reconciliationID in a debit deposit, credit deposit, or authorization and deposit request to CyberSource, or not to pass either of these fields.

Country codes

Define a cross reference between your country code and the country code used by CyberSource.

Note:  This option also indicates whether a service bureau performs address verification processing for the country; however, regardless of the AVS setting, CyberSource always performs address verification.

See Defining Authorization Service Countries.

Currency codes

Define a cross reference between your currency code and the currency code used by the service bureau; see Defining Authorization Service Currencies.

Merchant ID Override

Define a merchant ID override for the different entities in your company; see Defining Merchant ID Overrides.

Paytype codes

Define a cross reference between your pay type code and the pay type code used by the service bureau; see Defining Vendor Paytype Codes.

Response codes

Define the reasons that the service bureau approves (authorizes) or declines a transaction. The codes are assigned to each transaction by the service bureau when approving or declining the request; see Defining Vendor Response Codes.

CYB_PAY_LINK_SERVICE_KEY_DIRECTORY

The location of the encrypted security key file used by the web service API program to validate and secure transactions from Order Management System.

Note:  When defining the location, use a single forward slash.

Example:  /domain/conf/OMSFiles/Integrations/Cybersource/Key/, where domain is the WebLogic domain directory for Order Management System.

CYB_PAY_LINK_SERVICE_LOG_DIRECTORY

The location of the log written by the web service API program. Use this log to review the transactions processed between Order Management System and CyberSource.

Data security: For data security, Order Management System masks credit card information in this log.

Note:  When defining the location, use a single forward slash.

Example:  /domain/conf/OMSFiles/Integrations/Cybersource/Log/, where domain is the WebLogic domain directory for Order Management System.

CYB_PAY_LINK_SERVICE

The name of the external system. Set this to CyberSource.

CYB_PAY_LINK_SERVICE_ENABLE_LOG

Defines whether the web service logs request and response messages.

true = Order Management System writes request and response messages to the CyberSource log.

false = Order Management System does not write request and response messages to the CyberSource log.

Data security: Set this value to false unless you are troubleshooting the Order Management System integration with CyberSource. Once you are done troubleshooting, delete any log files that are created.

CYB_PAY_LINK_SERVICE_SEND_TO_PRODUCTION

Defines whether transactions are sent to the CyberSource TEST server or PRODUCTION server.

true = Order Management System sends transactions to the CyberSource PRODUCTION server.

false = Order Management System sends transactions to the CyberSource TEST server.

CyberSource Decision Manager Fraud Scoring Settings

Decision Manager Fraud Scoring uses the following settings.

CYB_PAY_LINK_DECISION_MANAGER_ENABLED

Defines whether CyberSource Decision Manager Fraud Scoring processing is enabled in the Order Management System Point-to-Point integration with CyberSource.

false = the Order Management System Point-to-Point integration with CyberSource does not support Decision Manager processing in CyberSource. Order Management System sends all authorization transactions to CyberSource with the decisionManager_enabled tag set to false, indicating Decision Manager processing should not occur. However, you can use CyberSource’s Decision Manager for authorization transactions you process on your web storefront.

true = the Order Management System Point-to-Point integration with CyberSource supports Decision Manager processing in CyberSource. Order Management System sends all authorization transactions to CyberSource with the decisionManager_enabled tag set to true, indicating Decision Manager processing should occur. See CyberSource Point-to-Point Decision Manager Process for more details.

CYB_PAY_LINK_DECISION_MANAGER_MERCHANT_ID_OVERRIDE

The merchant ID provided by CyberSource to use during Decision Manager Fraud Scoring processing. Used as the portfolio merchant ID in the URL, and the child merchant ID is e passed as report parameter.

If this setting is blank, the system uses the following hierarchy to determine the merchant ID to use:

•         Merchant # field in the CC Paytype Cross Ref table

•         Merchant ID field in the Merchant ID Override table

•         Merchant ID field in the Authorization Services table

CYB_PAY_LINK_DECISION_MANAGER_KEY

A key, generated in CyberSource Decision Manager, that is used to authenticate the CyberSource Decision Manager Update periodic function (CYBDMUP).

CYB_PAY_LINK_DECISION_MANAGER_SECRET_KEY

A key, generated in CyberSource Decision Manager, that is used to authenticate the CyberSource Decision Manager Update periodic function (CYBDMUP).

CYB_PAY_LINK_DECISION_MANAGER_SEND_TO_PRODUCTION

Defines whether transactions are sent to the CyberSource Decision Manager TEST server or PRODUCTION server.

true = Order Management System sends transactions to the CyberSource Decision Manager PRODUCTION server.

false = Order Management System sends transactions to the CyberSource Decision Manager TEST server.

FC

Fraud Cancellation Hold

The CyberSource Decision Manager Update Process retrieves order information from Decision Manager for orders that were marked as review during the CyberSource Decision Manager Review Process. If the new decision assigned to the order is REJECT, indicating a user in Decision Manager reviewed the order and rejected the order, Order Management System:

•         cancels the entire order using the cancel reason code defined in the Fraud Score Cancel Reason Code (M14) system control value.

•         If the entire order cannot be cancelled, the system places the order on FC Fraud Cancellation hold.

FS

Fraud Scoring Hold

The online authorization transaction sent to CyberSource for the credit card payment on the order was evaluated by CyberSource Decision Manager Fraud Scoring and, based on the Decision Manager Order Profile settings, requires review for possible fraud.

400

Fraud Score Exceeds Threshold.

Enter hold reason FS Fraud Scoring Hold to place the order on hold when an online authorization transaction receives this vendor response code from CyberSource.

480

Review Fraud Scoring.

Enter hold reason FS Fraud Scoring Hold to place the order on hold when an online authorization transaction receives this vendor response code from CyberSource.

481

Rejected by Decision Manager.

Enter hold reason FS Fraud Scoring Hold to place a web order on hold when an online authorization transaction receives this vendor response code from CyberSource.

Define a pop-up window message to display on the Select Authorization Response Option Window.

Note:  If the reason code returned from CyberSource is 481, the system deactivates the payment method on the order and requires you to enter another form of payment before you can accept the order.

Fraud Score Cancel Reason Code (M14)

Enter the cancel reason code the system assigns to an order that is automatically canceled due to the fraud scoring results from CyberSource Decision Manager.

Cancel reason codes are defined in and validated against the Cancel Reason Code table; see Establishing Cancel Reason Codes (WCNR).

Product Classification for Fraud Scoring (M15)

Defines the product classification Order Management System sends to CyberSource during CyberSource Decision Manager Fraud Scoring.

•         ITM CLASS = Order Management System maps the item’s item class description to the ProductCode in the CyberSource Authorization Request (ccAuthService) XML Message when CyberSource Decision Manager Fraud Scoring is enabled.

•         ITM CATGRY = Order Management System maps the item’s item category description to the ProductCode in the CyberSource Authorization Request (ccAuthService) XML Message when CyberSource Decision Manager Fraud Scoring is enabled.

Note:  It is your responsibility to set up the item class description or item category description to match the correct value required by CyberSource Decision Manager.

Use Activation / Reversal Batch Processing (I50)

Must be unselected. If unselected, you must start the SVC_REVSL integration layer job to monitor for new authorization reversal triggers to process immediately.

Use Credit Card Tokenization (L18)

Select this system control value to replace the credit card number in the Order Management System database with a token provided by CyberSource. In addition, the number will be encrypted if you have credit card encryption enabled.

Require Credit Card Token (L40)

Select this system control value to require a token for a credit card number. This ensures that credit card numbers are never stored in the Order Management System database and follows full PCI compliance and maximum security of sensitive data.

If the Credit Card Tokenization Process is unable to replace the card number with a token, the system:

•         During Order Entry/Maintenance, Customer Memberships, and Change Invoice Payment Method: displays the Tokenization Warning window, requiring you to enter a different form of payment.

•         During web order processing: replaces the credit card number with the text TOKENIZATION FAILED and places the order in an error status with the reason Invalid Credit Card. You can correct the credit card payment method and resend the card for tokenization in batch order entry.

Deselect this system control value to allow the system to accept a credit card number that has not been replaced with a token. The credit card number will be replaced by a token during authorization processing or when you use Work with Batch Tokenization (WBTK).

Note:  If you change the setting of this system control value, you must stop and restart the ORDER_IN integration layer job before your change takes effect for orders received through the Generic Order Interface (Order API).

1.

Order Management System looks at the Communication type field for the CYB service bureau to determine how transactions are processed between Order Management System and the CyberSource service bureau.

For the CyberSource integration with Order Management System, the setting is Payment Link indicating Point-to-Point communication. The system sends token transactions directly to the CyberSource service bureau.

2.

If the Communication type field for the service bureau is Payment Link, Order Management System creates the CyberSource Token Request (paySubscriptionCreate) XML Message.

Note:  Order Management System removes any non-standard keyboard characters from the XML message before sending it to CyberSource.

The system also writes the token request message to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

3.

Order Management System uses the settings in the CyberSource Interface Properties to send the CyberSource Token Request (paySubscriptionCreate) XML Message directly to the CyberSource service bureau.

Communication failure: The system tries to connect to CyberSource 3 times before flagging a transaction with a 150 General System Failure response code. If a transaction fails, any subsequent transactions will continue to process.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property setting is set to true, the system writes the token request message to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

4.

Once Order Management System sends the token request to CyberSource, the system waits for a response to the token request using the number of seconds defined in the Response time field for the CYB service bureau.

5.

The CyberSource service bureau receives the CyberSource Token Request (paySubscriptionCreate) XML Message, processes the request, and sends the CyberSource Token Response (paySubscriptionCreate) XML Message back to Order Management System.

6.

Order Management System receives the CyberSource Token Response (paySubscriptionCreate) XML Message and processes the response.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property setting is set to true, the system writes the token response to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

The system writes the token response to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

7.

See the Security document for the updates that take place in Order Management System, depending on whether the tokenization transaction was approved or declined by the service bureau.

1.

Order Management System looks at the Communication type field for the CYB service bureau to determine how transactions are processed between Order Management System and the CyberSource service bureau.

For the CyberSource integration with Order Management System, the setting is Payment Link indicating Point-to-Point communication. The system sends authorization transactions directly to the CyberSource service bureau.

2.

If the Communication type field for the service bureau is Payment Link, Order Management System creates the authorization request.

Credit Card Tokenization?

•         If you do not use credit card tokenization with CyberSource, the system sends a CyberSource Authorization Request (ccAuthService) XML Message to CyberSource.

•         If you use credit card tokenization with CyberSource and:

-      The credit card number for the payment requesting authorization has already been replaced with a token, the system creates the CyberSource Authorization Request (ccAuthService) XML Message.

-      The credit card number for the payment requesting authorization has not been replaced with a token, the system creates the CyberSource Token and Authorization Request (paySubscriptionCreate and ccAuthService) XML Message. In this situation, the system sends an authorization request and also requests to replace the credit card number with a token.

Decision Manager Fraud Scoring?

If the CYB_PAY_LINK_DECISION_MANAGER_ENABLED property is true and you are processing an online authorization transaction, the system sends the online authorization transaction to CyberSource with the decisionManager_enabled tag set to true, indicating Decision Manager processing should occur. See CyberSource Decision Manager Fraud Scoring for processing details.

Note:  Order Management System removes any non-standard keyboard characters from the XML message before sending it to CyberSource.

3.

The system writes the authorization request message to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

4.

Order Management System uses the settings in Working with Customer Properties (PROP) to send the authorization request directly to the CyberSource service bureau.

Communication failure: The system tries to connect to CyberSource 3 times before flagging a transaction with a 150 General System Failure response code. If a transaction fails, any subsequent transactions will continue to process.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property is set to true, the system writes the authorization request message to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

5.

Once Order Management System sends the authorization request to CyberSource, the system waits for a response to the authorization request using the number of seconds defined in the Response time field for the CYB service bureau.

6.

The CyberSource service bureau receives the authorization request, processes the request, and sends the authorization response back to Order Management System.

•         If the authorization was processed using a token, CyberSource sends the CyberSource Authorization Response (ccAuthService) XML Message to Order Management System.

•         If the authorization also requested a token, CyberSource sends the CyberSource Token and Authorization Response (paySubscriptionCreate and ccAuthService) XML Message to Order Management System.

7.

Order Management System receives the authorization response and processes the response:

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG setting in the property is set to true, the system writes the authorization response to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

The system writes the authorization response to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

8.

See:

Online authorizations: What Happens When a Credit Card is Approved? and What Happens When a Credit Card is Declined? for the updates that take place in Order Management System, depending on whether the online authorization transaction was approved or declined by the service bureau.

Decision Manager Fraud Scoring: CyberSource Decision Manager Fraud Scoring for the updates that take place in Order Management System, depending on the fraud score assigned to the online authorization transaction.

Batch authorizations: Approved Authorizations and Declined Authorizations for the updates the take placed in Order Management System, depending on whether the batch authorization transaction was approved or declined by the service bureau.

Tokenization: Credit Card Tokenization in the Data Security and Encryption Guide on My Oracle Support (1988467.1) for the updates that take place in Order Management System, depending on whether a token is returned in the authorization transaction.

Placing the credit card on hold: The credit card pay type may be placed on hold if the credit card is not approved, the AVS verification fails, or if the credit card identification fails. See Hierarchy for Placing the Credit Card On Hold for more information on the hierarchy the system uses to determine if the credit card pay type should go on hold.

1.

When Order Management System creates the online authorization request to send to CyberSource, if Decision Manager is enabled, the system includes additional information in the CyberSource Authorization Request (ccAuthService) XML Message:

•         the decisionManager enabled tag is set to true 

•         billTo name and address information

•         shipTo name and address information

•         item information

2.

If the online authorization transaction is approved, the system uses the Decision Manager settings in Working with Customer Properties (PROP) to connect to the CyberSource Decision Manager application.

3.

Decision Manager uses the information in the CyberSource Authorization Request (ccAuthService) XML Message, the reply data received from the credit card authorization, and any additional processing to evaluate the order for fraud scoring. Decision Manager automatically accepts an order unless a business rule causes the order to be rejected or marked for review.

•         Decision state REJECT indicates the order failed decision manager fraud scoring. Even if the authorization was approved, the order should not be processed.

•         Decision state REVIEW indicates the order is flagged as possible fraud and needs to be reviewed by a user.

Orders that receive a REVIEW decision are assigned to a case management work queue where a user can review the order and decide whether to accept or reject it.

4.

CyberSource sends the CyberSource Authorization Response (ccAuthService) XML Message back to Order Management System, including the results of the Decision Manager fraud score.

The replyMessage decision setting in the response indicates whether the online authorization transaction was approved or declined by Decision Manager:

•         ACCEPT indicates CyberSource approved the transaction.

•         REVIEW indicates CyberSource Decision Manager marked the order for review for further analysis. The credit card authorization remains approved and valid, but the order may or may not be processed at a later time.

•         ERROR indicates an error occurred while CyberSource was processing the transaction.

•         REJECT indicates CyberSource Decision Manager rejected the transaction.

If the decision was REVIEW or REJECT, the replyMessage reasonCode provides additional information for the decision.

•         400 indicates the fraud score exceeds your threshold.

•         480 indicates the order is marked for review by Decision Manager.

•         481 indicates the order is rejected by Decision Manager.

The response includes additional information related to Decision Manager in the afsReply, such as the total fraud score calculated for the order, the risk associated with the customer’s email domain, information that affected the score of the order, and whether the customer has a high order velocity.

Note:  The ccAuthReply reasonCode provides the reason the authorization transaction was approved or rejected by the authorization service; see CyberSource Point-to-Point Authorization Process for more information on the processing that occurs when an credit card authorization is approved or declined by CyberSource.

5.

Order Management System receives the online authorization response and processes the response.

•         If the decision setting in the response is REVIEW (reason code 480), Order Management System places the order on FS Fraud Scoring hold. See CyberSource Decision Manager Review Process for more information.

•         If the decision setting in the response is REJECT (reason code 481), Order Management System deactivates the credit card payment and requires you to add another form of payment before you can accept the order. See CyberSource Decision Manager Reject Process for more information.

•         If the decision setting in the response is ACCEPT, Order Management System accepts the order; see What Happens When a Credit Card is Approved? for the updates that take place in Order Management System when an online authorization transaction is approved by the service bureau.

HOLD

SYS HLD - Fraud Scoring Hold

120.00

your admin user

RELEASE

Removed Fraud Scoring hold

your admin user

APPROVED BY ABC | ISSUER VERIFIED NAME AND ADDRESS

Nowhere

your admin user

MAINT

System generated cancel processed

your admin user

CANCEL

Cancelled by Fraud Scoring

your admin user

REJECTED BY ABC | FRAUD

Nowhere

your admin user

HOLD

Apply Fraud Scoring Cancellation hold

your admin user

SYSTEM UPDATE

FRAUD SCORE - REJECTED BY DECISION MANAG

120.00

your admin user

1.

Order Management System looks at the Communication type field for the CYB service bureau to determine how transactions are processed between Order Management System and the service bureau. F

For the CyberSource integration with Order Management System, the setting is Payment Link indication Point-to-Point communication. The system sends online authorization transactions directly to the CyberSource service bureau.

2.

If the Communication type field for the service bureau is Payment Link, Order Management System creates the deposit request:

•         If the deposit is a debit to the credit card, Order Management System sends a CyberSource Debit Deposit Request (ccCaptureService) XML Message to CyberSource.

•         If the deposit is a credit to the credit card, Order Management System sends a CyberSource Credit Deposit Request (ccCreditService) XML Message to CyberSource.

•         If the deposit is a debit to the credit card and the deposit amount is greater than the authorization amount, the authorization has expired, or the deposit is for an installment amount, Order Management System sends a CyberSource Authorization and Deposit Request (ccAuthService and ccCaptureService) XML Message to CyberSource.

Note:  Order Management System removes any non-standard keyboard characters from the XML message before sending it to CyberSource.

The system writes the deposit request message to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

3.

Order Management System uses the settings in the CyberSource Interface Properties to send the deposit request directly to the CyberSource service bureau.

Communication failure: The system tries to connect to CyberSource 3 times before flagging a transaction with a 150 General System Failure response code. If a transaction fails, any subsequent transactions will continue to process.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property is set to true, the system writes the deposit request message to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

4.

Once Order Management System sends the deposit request to CyberSource, the system waits for a response to the deposit request using the number of seconds defined in the Response time field for the CYB service bureau.

5.

The CyberSource service bureau receives the deposit request, processes the request, and sends the deposit response back to Order Management System.

•         If the deposit is a debit to the credit card, CyberSource sends a CyberSource Debit Deposit Response (ccCaptureService) XML Message to Order Management System.

•         If the deposit is a credit to the credit card, CyberSource sends a CyberSource Credit Deposit Response (ccCreditService) XML Message to Order Management System.

•         If the deposit is a debit to the credit card and the deposit amount is greater than the authorization amount, the authorization has expired, or the deposit is for an installment amount, CyberSource sends a CyberSource Authorization and Deposit Request (ccAuthService and ccCaptureService) XML Message to Order Management System.

6.

Order Management System receives the deposit response and processes the response:

•         Matches the deposit response to a deposit record in the CC Deposit Transaction table. When a match is found, the system updates the status of the Credit Card Deposit Transaction record to *RCVD and with the values in the deposit response. Also:

-      If an authorization code is returned in the response that does not match the authorization that was sent, the system creates an Authorization History record.

-      If an authorization exists on the order that was not used (the system sent a CyberSource Authorization and Deposit Request (ccAuthService and ccCaptureService) XML Message to CyberSource because the deposit was a debit to the credit card and the deposit amount was greater than the authorization amount), the system voids the unused authorization(s).

•         Completes the AUTO_DEP job and submits the DEP_UPDATE job to the QSYSNOMAX queue to process the remaining updates, such as generating reports. See Batch Deposit Updates.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property is set to true, the system writes the deposit response to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

The system writes the deposit response to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

1.

Order Management System looks at the Communication type field for the CYB service bureau to determine how transactions are processed between Order Management System and the CyberSource service bureau.

For the CyberSource integration with Order Management System, the setting is Payment Link indicating Point-to-Point communication. The system sends authorization reversal transactions directly to the CyberSource service bureau.

2.

If the Communication type field for the service bureau is Payment Link, Order Management System creates the CyberSource Authorization Reversal Request (ccAuthReversalService) XML Message.

Note:  Order Management System removes any non-standard keyboard characters from the XML message before sending it to CyberSource.

The system also writes the authorization reversal request message to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

3.

Order Management System uses the settings in the CyberSource Interface Properties to send the CyberSource Authorization Reversal Request (ccAuthReversalService) XML Message directly to the CyberSource service bureau.

Communication failure: The system tries to connect to CyberSource 3 times before flagging a transaction with a 150 General System Failure response code. If a transaction fails, any subsequent transactions will continue to process.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property is set to true, the system writes the authorization reversal request message to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

4.

Once Order Management System sends the authorization reversal request to CyberSource, the system waits for a response to the authorization reversal request using the number of seconds defined in the Response time field for the CYB service bureau.

5.

The CyberSource service bureau receives the CyberSource Authorization Reversal Request (ccAuthReversalService) XML Message, processes the request, and sends the CyberSource Authorization Reversal Response (ccAuthReversalService) XML Message back to Order Management System.

6.

Order Management System receives the CyberSource Authorization Reversal Response (ccAuthReversalService) XML Message and processes the response.

If the CYB_PAY_LINK_SERVICE_ENABLE_LOG property is set to true, the system writes the authorization reversal response to the CyberSource web service log defined in the CYB_PAY_LINK_SERVICE_LOG_DIRECTORY. Order Management System masks the information in this log.

The system writes the token response to the Trace Log if its Logging Level is set to DEBUG. Order Management System masks the card number in the log based on the setting of the Display Partial Credit Card Number in Logs (J16) system control value.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is selected in any company, the system displays the last four digits of the credit card number in the log; for example *************1111. If the credit card number is 4 digits or less, the entire credit card number displays as **********.

•         If the Display Partial Credit Card Number in Logs (J16) system control value is unselected in every company, the system replaces the credit card number in the log with the word ***REMOVED***.

7.

See What Happens When the Authorization Reversal is Approved? and What Happens When the Authorization Reversal is Declined? for the updates that take place in Order Management System, depending on whether the authorization reversal transaction was approved or declined by the service bureau.

subsequentAuthFirst

Set to true if this is the first authorization request for the payment method, and not a merchant-initiated transaction. A first authorization can be:

•         The first authorization request for the order payment method.

•         The first authorization request after changing the credit card number for the order payment method.

•         The authorization request generated after the first request failed.

•         The authorization request for an order originating a customer membership.

•         The authorization request for the first generated membership order after the credit card for the customer membership was updated.

If this is a subsequent authorization request, this tag is not passed. A subsequent request can be:

•         A request generated after a previous request, such as a first authorization for a deferred or installment pay plan, has succeeded.

•         A request generated after a previous request was voided.

•         A request generated after an initial deposit request failed.

•         A request generated for a generated membership order after the authorization was obtained.

subsequentAuth

Set to true if this is a subsequent authorization request (the subsequentAuthFirst was not passed), and

•         The credit card information is tokenized; or,

•         The credit card information is not tokenized, and the ci_transaction_id is stored on the Order Payment Method record. See the discussion of the subsequentAuthTransactionID, below, for more information.

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

subsequentAuth Reason

If subsequentAuth is set to true:

•         Set to 3 if:

•         The request is for a reauthorization for split shipment or delayed shipment. A split or delayed shipment occurs when some of the goods that were ordered are not available for shipment at the time of purchase. When you ship goods after the authorization validity time limit set by Visa, you must perform a separate authorization to ensure that customer funds are available.

•         This is an authorization and deposit request for a deferred or installment pay plan after the initial authorization, and the Notify of installments setting for the pay type is not selected.

•         This is an authorization request for a generated membership order after the authorization was obtained for the customer membership.

•         Set to 1 if the request is for resubmission of a declined deposit in an authorization and deposit request. This situation can occur if the Supports Auth Resubmission flag is selected for CyberSource in Defining Authorization Services (WASV) and a previous deposit request failed.

•         This is not a subsequent authorization request or authorization and deposit request, or

•         This is an authorization and deposit request that is for an order using deferred or installment billing, and the Notify of installments setting for the pay type is selected, or

•         This is an authorization and deposit request that is not for an order using deferred or installment billing, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

subsequentAuth TransactionID

The ci_transaction_id identifying the authorization. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN),, or from the customer membership if this is a generated membership order.

This transaction ID is cleared from the Order Payment Method if you change the credit card number.

•         This is not a subsequent authorization request, or

•         There is no ci_transaction_id stored on the Order Payment Method record, or

•         The card is tokenized.

subsequentAuth StoredCredential

Set to true if the authorization credentials are stored. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, or through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN).

•         This is not a subsequent authorization request, or

•         This is an authorization and deposit request that is for an order using deferred or installment billing, and the Notify of installments setting for the pay type is selected, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

subsequentAuth OriginalAmount

The amount of the original approved authorization.

Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, or through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN).

•         If this is the CyberSource Authorization and Deposit Request (ccAuthService and ccCaptureService) XML Message, and the previous deposit request failed without a change to the card number, this is the auth amount from Auth History.

•         If this is the CyberSource Authorization Request (ccAuthService) XML Message or the CyberSource Token and Authorization Request (paySubscriptionCreate and ccAuthService) XML Message for a generated membership order, this is the original authorization amount from the customer membership, that was written to the order’s payment method record.

•         Otherwise, if this is the CyberSource Authorization Request (ccAuthService) XML Message or the CyberSource Token and Authorization Request (paySubscriptionCreate and ccAuthService) XML Message and there was a previous approved authorization for the same card number on the order payment method, this is the authorization amount from the oldest Auth History record.

•         This is not a subsequent authorization request, or

•         This is an authorization and deposit request that is for an order using deferred or installment billing, and the Notify of installments setting for the pay type is selected, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number. If the request is not associated with an order, the order number is zero-filled. From the Company and Order # fields in the Order Payment Method table.

billTo

CyberSource performs address verification against the bill to name and address included in the Token Request.

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: 123 MAIN ST APT 2B. From the:

•         Street address and APT Code in the Customer Bill To table, or

•         NAM Street address and Apartment in the Customer Sold To table.

street2

The second address line on the bill to customer’s address. From the:

•         Address line 2 field in the Customer Bill To table, or

•         NAM Address line 2 in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@Cybersource.com defaults.

From the CST email address field in the Customer Sold To table.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

card

CyberSource validates the credit card information included in the Token Request.

accountNumber

The card number to replace with a token.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

expirationMonth

The month when the card expires, in MM format.

From the first 2 positions of the OPM expiration date field in the Order Payment Method table.

expirationYear

The year when the card expires, in YYYY format.

From the last 2 positions of the OPM expiration date field in the Order Payment Method table.

cardType

The vendor paytype code defined for the credit card pay type. This is the code CyberSource uses to identify the method of payment.

From the CPC vendor paytype/code field in the CC Paytype Cross Ref table.

cvIndicator

The card identification indictor defined for the card, indicating if a CID number has been defined. Valid values:

•         1 = CID number is present on card.

•         2 = CID number is present on card, but is illegible.

•         9 = CID number is not present on card.

Included only for online transactions.

cvNumber

The card identification number defined for the card.

•         Visa, MasterCard, Discover: The card identification number is a 3 digit number.

•         American Express: The card identification number is a 4 digit number.

Note:  The card identification number is available only for online transactions; once an order is accepted, the system removes the card identification number from the order.

issueNumber

The card issue number defined for the card being processed.

From the OPM card issue # field in the Order Payment Method table.

startMonth

The start month defined for the card being processed, in MM format.

From the first 2 positions of the Start date field in the Order Payment Method table.

startYear

The start year defined for the card being processed, in YYYY format.

From the last 2 positions of the Start date field in the Order Payment Method table.

decisionManager

enabled

false defaults.

recurringSubscriptionInfo

frequency

on-demand defaults.

paySubscriptionCreate

Service_run

true defaults, indicating the message is for a token request.

replyMessage

The response returned by CyberSource indicates whether the token request was accepted or rejected. If the transaction was accepted, CyberSource returns a token in the requestToken tag.

merchantReferenceCode

The company code + order number, used to match the response to the request. If the request is not associated with an order, the order number is zero-filled.

Corresponds to the Company and Order # fields in the Order Payment Method table.

requestID

A code assigned by CyberSource to match this response to subsequent transactions.

decision

ACCEPT indicates CyberSource approved the transaction.

ERROR indicates an error occurred while CyberSource was processing the transaction.

REJECT indicates CyberSource rejected the transaction.

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestToken

The credit card number requesting tokenization, encrypted.

Updates the OPM credit card number field in the Order Payment Method table.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

Corresponds to the ASC Currency code field in the Auth Service Currency table.

ccAuthReply

CyberSource returns authorization information in the Token Response; however, Order Management System ignores this information.

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

amount

0.00 defaults for token transactions.

authorizationCode

The authorization code assigned to the transaction.

avsCode

The AVS code assigned to the transaction.

avsCodeRaw

The AVS code assigned to the transaction.

cvCode

The card identification response for the credit card.

authorizedDateTime

The date and time when the transaction was processed, in YYYY-MM-DDTHH:MM:SSZ format.

processorResponse

The response code from the bank. Informational only.

reconciliationID

A code assigned by CyberSource as a reference number for the transaction.

paySubscriptionCreateReply

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

subscriptionID

The token assigned to the credit card payment.

CyberSource uses this code to reference the customer profile information in the CyberSource database.

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         CYB_PAY_LINK_DECISION_MANAGER_MERCHANT_ID_OVERRIDE property, or

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number + order payment method sequence number.

From the Company, Order # and OPM Seq # fields in the Order Payment Method table.

Subsequent authorization tags: See Subsequent Authorization Requests to CyberSource for more information on the following tags.

subsequentAuthFirst

Set to true if this is the first authorization request for the payment method, and not a merchant-initiated transaction. A first authentication can be:

•         The first authorization request for the order payment method.

•         The first authorization request after changing the credit card number for the order payment method.

•         An authorization request generated after the first request failed.

•         The authorization request for an order originating a customer membership.

•         The authorization request for the first generated membership order after the credit card for the customer membership was updated.

Not passed when: If this is a subsequent authorization request, this tag is not passed. A subsequent request can be:

•         A request generated after a previous request, such as a first authorization for a deferred or installment pay plan, has succeeded.

•         A request generated after a previous request was voided.

•         A request generated after an initial deposit request failed.

•         A request generated for a generated membership order after the authorization was obtained.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuth

Set to true if this is a subsequent authorization request (the subsequentAuthFirst was not passed), and

•         The credit card information is tokenized; or,

•         The credit card information is not tokenized, and the ci_transaction_id is stored on the Order Payment Method record. See the discussion of the subsequentAuthTransactionID, below, for more information.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthReason

Set to 3 if subsequentAuth is set to true and:

•         The request is for a reauthorization for split shipment or delayed shipment. A split or delayed shipment occurs when some of the goods that were ordered are not available for shipment at the time of purchase. When you ship goods after the authorization validity time limit set by Visa, you must perform a separate authorization to ensure that customer funds are available.

•         This is an authorization request for a generated membership order after the authorization was obtained for the customer membership.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

subsequentAuthTransactionID

The ci_transaction_id identifying the authorization. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is a generated membership order.

This transaction ID is cleared from the Order Payment Method if you change the credit card number.

Not passed when:

•         This is not a subsequent authorization request, or

•         There is no ci_transaction_id stored on the Order Payment Method record, or

•         The card is tokenized.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthStoredCredential

Set to true if the authorization credentials are stored. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is for a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthOriginalAmount

The amount of the original approved authorization. This is the authorization amount from the oldest Auth History record.

Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is for a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

billTo

Included if:

•         you send the credit card number and not a token provided by CyberSource

•         the CYB_PAY_LINK_DECISION_MANAGER_ENABLED setting in the CyberSource Interface Properties is set to true 

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: 123 MAIN ST APT 2B. From the:

•         Street address and APT Code in the Customer Bill To table, or

•         NAM Street address and Apartment in the Customer Sold To table.

street2

The second address line on the bill to customer’s address. From the:

•         Address line 2 field in the Customer Bill To table, or

•         NAM Address line 2 in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

phoneNumber

The bill to customer’s day phone number.

From the:

•         CT# Phone field in the Customer Bill To Phone # table for Phone # type D, or

•         CS# Phone field in the Customer Sold To Phone # table for Phone # type D.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@Cybersource.com defaults.

From the CST email address field in the Customer Sold To table.

customerID

The Order Management System sold to customer number.

From the CST Customer # field in the Customer Sold To table.

customerPassword

The customer’s account password, used for merchant velocity use only and it not stored, displayed, or returned.

Note:  This field is not currently implemented in the Order Management System integration with CyberSource.

personalID

Personal identifier, supported only for CyberSource Latin American Processing.

Note:  This field is not currently implemented in the Order Management System integration with CyberSource.

shipTo

Included if the CYB_PAY_LINK_DECISION_MANAGER_ENABLED property is set to true.

The shipTo is different from the billTo if the customer specified an alternate shipping address on the order:

•         order ship to: see Assigning an Order Shipping Address

•         permanent ship to: see Using a Permanent Shipping Address in Order Entry

•         recipient customer: see Adding a Recipient Order in Order Entry

firstName

The ship to customer’s first name. From the:

•         First name field in the Customer Ship To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The ship to customer’s last name. From the:

•         Last name field in the Customer Ship To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the ship to customer’s address, followed by the text APT and the apartment or suite number defined for the ship to customer’s address. For example: 123 MAIN ST APT 2B. From the:

•         Street address and Apartment in the Customer Ship To table, or

•         NAM Street address and Apartment in the Customer Sold To table.

street2

The second address line on the ship to customer’s address. From the:

•         Address line 2 field in the Customer Ship To table, or

•         NAM Address line 2 in the Customer Sold To table.

city

The city on the ship to address. From the:

•         City field in the Customer Ship To table, or

•         City field in the Customer Sold To table.

state

The state code on the ship to customer’s address. From the:

•         State field in the Customer Ship To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the ship to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Ship To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the ship to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Ship To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

phoneNumber

The ship to customer’s day phone number.

From the:

•         CT# Phone field in the Customer Ship To Phone # table for Phone # type D, or

•         CS# Phone field in the Customer Sold To Phone # table for Phone # type D.

shippingMethod

The service level defined for the ship to customer’s zip code.

Service levels defined in CyberSource Decision Manager are:

•         sameday: Courier or same day service.

•         oneday: Next day or overnight service.

•         twoday: Two day service.

•         threeday: Three day service.

•         lowcost: Lowest cost service

•         pickup: Store pickup. When a ShippingMethod is defined for a ship to in the ccAuthService message, the shipping address is not automatically added to the negative list. You can add a shipping address to the negative list using the Transaction Marking Tool; see Marking Order Data During Order Review in the Case Management section of the Decision Manager User Guide.

•         other: Other shipping method.

•         none: No shipping method because product is a service or subscription.

Note:  To use a custom value, create a Decision Manager custom rule with the shipping method order element.

From the Decision Manager Service Level field in the Ship Via table.

item

Included if the CYB_PAY_LINK_DECISION_MANAGER_ENABLED property is set to true.

id

The number of items on the order, starting with 0. For example, if two items are on the order, the first item would be set to 0 and the second item would be set to 1.

unitPrice

The unit selling price of the product.

From the ODT Price field in the Order Detail table.

quantity

The quantity of the product being purchased.

From the ODT qty reserved field in the Order Detail table.

productCode

The type of product.

Product codes used by CyberSource services are:

•         adult_content: Adult content.

•         coupon: Coupon applied to the entire order.

•         default: Product classification has not been defined for the product.

•         electronic_good: Electronic product other than software.

•         electronic_software: Software distributed electronically rather than on disks or other media.

•         handling_only: Fee that you charge the customer to cover administrative selling costs.

•         service: Service that you perform for the customer.

•         shipping_and_handling: The shipping portion is the charge for shipping the product to the customer. The handling portion is the fee you charge the customer to cover your administrative selling costs.

•         shipping_only: Charge for transporting tangible personal property from your location to the customer. You must maintain documentation that clearly establishes the location where the title to the property passed from you to the customer.

•         subscription: Subscription to a web site or other content.

The setting of the Product Classification for Fraud Scoring (M15) system control value determines whether Order Management System sends the item’s item class description or item category description to CyberSource.

•         If set to ITM CLASS, from the ICL description field in the Item Class table.

•         If set to ITM CATGRY, from the Item category description field in the Item Category table.

productName

The name of the product.

If the item is a non-SKUed item, this is the item description.

If the item is a SKUed item, this is a concatenation of the item description + SKU description.

From the Description field in the Item table + the Description field in the SKU table.

productSKU

Merchant’s product identifier code.

If the item is a non-SKUed item, this is the item number.

If the item is a SKUed item, this is a concatenation of the item number + SKU code.

From the ITM Number field and SKU Code field in the SKU table.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

grandTotalAmount

The amount to authorize, including decimals, in the currency defined on the order.

Online transactions: From the OLA auth amt field in the Online Authorization table.

Batch transactions: From the Auth $ amt field in the CC Authorization Trans table.

recurringSubscriptionInfo

Included only if the credit card number has been replaced with a token provided by CyberSource.

subscriptionID

The token for the credit card payment.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

frequency

on-demand defaults.

card

Included if you send the credit card number and not a token provided by CyberSource.

accountNumber

The card number to authorize and replace with a token.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

expirationMonth

The month when the card expires, in MM format.

From the first 2 positions of the OPM expiration date field in the Order Payment Method table.

expirationYear

The year when the card expires, in YYYY format.

From the last 2 positions of the OPM expiration date field in the Order Payment Method table.

cardType

The vendor paytype code defined for the credit card pay type. This is the code CyberSource uses to identify the method of payment.

From the CPC vendor paytype/code field in the CC Paytype Cross Ref table.

cvIndicator

The card identification indicator defined for the card, indicating if a CID number has been defined. Valid values:

•         1 = CID number is present on card.

•         2 = CID number is present on card, but is illegible.

•         9 = CID number is not present on card.

Included only for online transactions.

cvNumber

The card identification number defined for the card.

•         Visa, MasterCard, Discover: The card identification number is a 3 digit number.

•         American Express: The card identification number is a 4 digit number.

Note:  The card identification number is available only for online transactions; once an order is accepted, the system removes the card identification number from the order.

issueNumber

The card issue number defined for the card being processed.

From the OPM card issue # field in the Order Payment Method table.

startMonth

The start month defined for the card being processed, in MM format.

From the first 2 positions of the Start date field in the Order Payment Method table.

startYear

The start year defined for the card being processed, in YYYY format.

From the last 2 positions of the Start date field in the Order Payment Method table.

merchantDefinedData

The merchantDefinedData fields can be used to store many types of information that may be unique to your business.

Note:  The merchantDefinedData fields are not currently implemented in the Order Management System integration with CyberSource. Contact your Order Management System representative if you would like to implement these fields in the Order Management System integration with CyberSource.

See Potential Uses for Merchant-Defined Data Fields in the CyberSource Decision Manager Developer Guide for examples of the type of information that can be captured in these fields.

merchantDefinedData_mddField_1 tomerchantDefinedData_mddField_100

Optional fields that you can use to store information.

The value appears in the Case Management Details window in the Business Center.

Merchant defined fields cannot be used to capture personally identifying information.

These fields can only be used if you are referencing target API version 1.75 or higher.

decisionManager

enabled

•         true defaults if the CYB_PAY_LINK_DECISION_MANAGER_ENABLED property is set to true. In this situation, CyberSource Decision Manager evaluates the transaction for possible fraud. See CyberSource Decision Manager Fraud Scoring for processing details.

•         false defaults if the CYB_PAY_LINK_DECISION_MANAGER_ENABLED property is set to any value other than true.

profile

Allows you to specify the name of a different profile to use to evaluate orders.

Note:  This field is not currently implemented in the Order Management System integration with CyberSource.

ccAuthService

ccAuthService_run

true defaults.

commerceIndicator

internet defaults if the E-Commerce indicator (Future use status 1) field in the Order Header table is set to I or the order type for the order matches the order type defined in the E-Commerce Order Type (G42) system control value; otherwise, moto defaults.

cavv

A code received from an authentication service, such as Visa’s Verified by Visa program or MasterCard’s SecureCode program, indicating whether the card authentication password the cardholder provided was approved for the credit card. See Credit Card Authentication Service for more information.

From the Authentication value field in the Order Payment Method table.

eciRaw

A code received from an authentication service, such as Visa’s Verified by Visa program or MasterCard’s SecureCode program, indicating whether the card authentication password the cardholder provided was approved for the credit card. See Credit Card Authentication Service for more information.

From the Authentication value field in the Order Payment Method table.

businessRules

ignoreAVSResult

true defaults.

ignoreCVResult

true defaults.

replyMessage

merchantReferenceCode

The company code + order number + order payment method sequence number, used to match the response to the correct request.

Corresponds to the Company, Order # and OPM Seq # fields in the Order Payment Method table.

requestID

The unique transaction ID assigned by CyberSource for the transaction.

Updates the Transaction ID field in the Authorization History table, and saved in the Invoice Payment Method table at billing.

decision

The overall decision for the entire request from Decision Manager.

ACCEPT indicates CyberSource approved the transaction.

REVIEW indicates CyberSource Decision Manager marked the order for review for further analysis. The credit card authorization remains approved and valid, but the order may or may not be processed at a later time. See CyberSource Decision Manager Review Process for more information.

ERROR indicates an error occurred while CyberSource was processing the transaction.

REJECT indicates CyberSource Decision Manager rejected the transaction. Order Management System deactivates the credit card payment and requires you to add another form of payment before you can accept the order. See CyberSource Decision Manager Reject Process for more information.

reasonCode

The reason the transaction was approved or rejected by Decision Manager.

Corresponds to the Response Code field in the CC Vendor Response table.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

400 indicates the fraud score exceeds your threshold.

480 indicates the order is marked for review by Decision Manager.

481 indicates the order is rejected by Decision Manager.

See the CyberSource documentation for a complete list of valid reason codes.

requestToken

The token assigned to the credit card associated with the authorization transaction, encrypted.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

Corresponds to the ASC Currency code field in the Auth Service Currency table.

ccAuthReply

reasonCode

The reason the authorization transaction was approved or rejected by the authorization service.

Corresponds to the Response Code field in the CC Vendor Response table and updates the AUH vendor response field in the Authorization History table.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See the CyberSource documentation for a complete list of valid reason codes.

amount

The amount authorized by CyberSource, including decimals, in the currency defined on the order.

If the authorization is for a customer membership order, the original authorization amount is also saved for the customer membership if it was not already populated.

Updates th e AUH amount authorized field in the Authorization History table.

authorizationCode

The authorization number provided by CyberSource.

Updates the AUH auth # field in the Authorization History table.

avsCode

The address verification response for the credit card.

Updates the AUH AVS response field in the Authorization History table.

avsCodeRaw

The address verification response for the credit card, from the processor.

cvCode

The card identification response for the credit card.

Updates the AUH Vendor Response 2 field in the Authorization History table.

authorizedDateTime

The date and time the credit card was authorized, in YYYY-MM-DDTHH:MM:SSZ format.

Updates the AUH auth date field in the Authorization History table.

processorResponse

The response code from the bank. Informational only.

reconciliationID

A code assigned by CyberSource as a reference number for the transaction.

paymentNetworkTransactionID

The customer-initiated transaction ID obtained when authorizing the credit card. Included only when the credit card has not previously been authorized.

A customer-initiated transaction ID is required for a credit card payment method only when tokenization is not enabled for CyberSource.

This ID can also be updated with the ci_transaction_id in the Inbound Order XML Message (CWORDERIN). It is stored for the Order Payment Method, and not updated once populated unless you change the credit card number.

If the authorization is for a customer membership order, the ID is also saved for the customer membership if it was not already populated.

ownerMerchantID

The account number assigned by CyberSource to identify transmissions. Corresponds to the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

afsReply

CyberSource Advanced Fraud Screen reply. Informational only; these fields are not implemented in the Order Management System integration with CyberSource.

Included if the CYB_PAY_LINK_DECISION_MANAGER_ENABLED setting in the CyberSource Interface Properties is set to true.

reasonCode

Numeric value corresponding to the result of the Advanced Fraud Screen request.

afsResult

Total score calculated for the order.

hostSeverity

The risk associated with the customer’s email domain. From 0-5, where 0 represents an undetermined risk and 5 represents the highest risk.

consumerLocalTime

Customer’s local time in HH:MM:SS format. Calculated from the request time and the customer’s billing address.

afsFactorCode

Information that affected the score of the order. This field can contain one or more codes, separated by carets (^), for example: B^Y.

See Risk Factor Codes in the CyberSource Decision Manager Developer Guide for a list of factor codes used by CyberSource.

addressInfoCode

Indicates a mismatch between the customer’s billing and shipping addresses. This field can contain one or more codes, separated by carets (^).

See Address Information Codes in the CyberSource Decision Manager Developer Guide for a list of address info codes used by CyberSource.

internetInfoCode

Indicates a problem with the customer’s email address, IP address, or billing address. This field can contain one or more codes, separated by carets (^). See Information Codes in the CyberSource Decision Manager Developer Guide for a list of possible values.

suspiciousInfoCode

Indicates that the customer provided potentially suspicious information. This field can contain one or more codes, separated by carets (^), for example: INTL-BIN^RISK-T.

See Suspicious Data Information Codes in the CyberSource Decision Manager Developer Guide for a list of suspicious info codes used by CyberSource.

velocityInfoCode

Indicates that the customer has a high order velocity (purchase frequency). This field can contain one or more codes, separated by carets (^), for example: VELV-SA^VELI-CC^VELSIP.

scoreModelUsed

Name of the score model used for the transaction.

binCountry

Two-digit country code associated with the BIN of the customer’s card used for the payment.

cardAccountType

Type of payment card account, such as credit card, debit card, or prepaid card account type.

cardScheme

Subtype of card account.

•         Maestro International

•         Maestro UK Domestic

•         MasterCard Credit

•         MasterCard Debit

•         Visa Credit

•         Visa Debit

•         Visa Electron

cardIssuer

Name of the bank or entity that issued the card account.

decisionReply

CyberSource Decision Manager reply. Informational only; these fields are not implemented in the Order Management System integration with CyberSource.

activeProfileReply_

destinationQueue

When verbose mode is enabled, name of the queue where orders that are not automatically accepted are sent.

activeProfileReply_name

When verbose mode is enabled, name of the active profile chosen by the profile selector. If no profile selector exists, the default active profile is chosen.

activeProfileReply_

rulesTriggered_

ruleResultItem_#_

decision

When verbose mode is enabled, summarizes the result for the rule specified according to the setting that you chose in the Profile Editor. This field contains one of the following values:

•         ACCEPT

•         ERROR

•         REJECT

•         REVIEW

activeProfileReply_

rulesTriggered_

ruleResultItem_#_

evaluation

When verbose mode is enabled, raw evaluation result of the rule specified by the number #. This field contains one of the following values:

•         T: The rule is true.

•         F: The rule is false.

•         N: The rule cannot be evaluated because the data is insufficient.

•         E: The rule cannot be evaluated because an

error occurred.

activeProfileReply_

rulesTriggered_

ruleResultItem_#_name

When verbose mode is enabled, description of the rule as it appears in the Profile Editor.

activeProfileReply_

selectedBy

When verbose mode is enabled, name of the profile selector rule that chooses the profile to use for the transaction. If no profile selector exists, the value is Default Active Profile.

casePriority

You receive this field only if you subscribe to the Enhanced Case Management service. The priority level ranges from 1 (highest) – 5 (lowest); the default value is 3. If you do not assign a priority to your rules or to your profiles, the default value is given to the order.

velocityInfoCode

List of information codes triggered by the order.

These information codes were generated when you created the order and product velocity rules and are returned so that you can associate them with the rules.

’

single quote

'

"

double quote

"

>

greater than

>

<

less than

&lt;

&

ampersand

&amp;

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number + order payment method sequence number.

From the Company, Order # and OPM Seq # fields in the Order Payment Method table.

Subsequent authorization tags: See Subsequent Authorization Requests to CyberSource for more information on the following tags.

subsequentAuthFirst

Set to true if this is the first authorization request for the payment method, and not a merchant-initiated transaction. A first authentication can be:

•         The first authorization request for the order payment method.

•         The first authorization request after changing the credit card number for the order payment method.

•         An authorization request generated after the first request failed.

•         The authorization request for an order originating a customer membership.

•         The authorization request for the first generated membership order after the credit card for the customer membership was updated.

Not passed when: If this is a subsequent authorization request, this tag is not passed. A subsequent request can be:

•         A request generated after a previous request, such as a first authorization for a deferred or installment pay plan, has succeeded.

•         A request generated after a previous request was voided.

•         A request generated after an initial deposit request failed.

•         A request generated for a generated membership order after the authorization was obtained.

•         See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuth

Set to true if this is a subsequent authorization request (the subsequentAuthFirst was not passed), and

•         The credit card information is tokenized; or,

•         The credit card information is not tokenized, and the ci_transaction_id is stored on the Order Payment Method record. See the discussion of the subsequentAuthTransactionID, below, for more information.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthReason

Set to 3 when subsequentAuth is set to true and:

•         The request is for a reauthorization for split shipment or delayed shipment. A split or delayed shipment occurs when some of the goods that were ordered are not available for shipment at the time of purchase. When you ship goods after the authorization validity time limit set by Visa, you must perform a separate authorization to ensure that customer funds are available.

•         This is an authorization request for a generated membership order after the authorization was obtained for the customer membership.

Not passed when this is not a subsequent authorization request.

subsequentAuthTransactionID

The ci_transaction_id identifying the authorization. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is a generated membership order.

This transaction ID is cleared from the Order Payment Method if you change the credit card number.

Not passed when:

•         This is not a subsequent authorization request, or

•         There is no ci_transaction_id stored on the Order Payment Method record, or

•         The card is tokenized.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthStoredCredential

Set to true if the authorization credentials are stored. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthOriginalAmount

The amount of the original approved authorization. This is the authorization amount from the oldest Auth History record.

Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is for a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

billTo

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: 123 MAIN ST APT 2B. From the:

•         Street address and APT Code in the Customer Bill To table, or

•         NAM Street address and Apartment in the Customer Sold To table.

street2

The second address line on the bill to customer’s address. From the:

•         Address line 2 field in the Customer Bill To table, or

•         NAM Address line 2 in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@Cybersource.com defaults.

From the CST email address field in the Customer Sold To table.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

grandTotalAmount

The amount to authorize, including decimals, in the currency defined on the order.

Online transactions: From the OLA auth amt field in the Online Authorization table.

Batch transactions: From the Auth $ amt field in the CC Authorization Trans table.

card

accountNumber

The card number to authorized and replace with a token.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

expirationMonth

The month when the card expires, in MM format.

From the first 2 positions of the OPM expiration date field in the Order Payment Method table.

expirationYear

The year when the card expires, in YYYY format.

From the last 2 positions of the OPM expiration date field in the Order Payment Method table.

cardType

The vendor paytype code defined for the credit card pay type. This is the code CyberSource uses to identify the method of payment.

From the CPC vendor paytype/code field in the CC Paytype Cross Ref table.

cvIndicator

The card identification indictor defined for the card, indicating if a CID number has been defined. Valid values:

•         1 = CID number is present on card.

•         2 = CID number is present on card, but is illegible.

•         9 = CID number is not present on card.

Included only for online transactions.

cvNumber

The card identification number defined for the card.

•         Visa, MasterCard, Discover: The card identification number is a 3 digit number.

•         American Express: The card identification number is a 4 digit number.

Note:  The card identification number is available only for online transactions; once an order is accepted, the system removes the card identification number from the order.

issueNumber

The card issue number defined for the card being processed.

From the OPM card issue # field in the Order Payment Method table.

startMonth

The start month defined for the card being processed, in MM format.

From the first 2 positions of the Start date field in the Order Payment Method table.

startYear

The start year defined for the card being processed, in YYYY format.

From the last 2 positions of the Start date field in the Order Payment Method table.

ccAuthService_run

true defaults.

recurringSubscriptionInfo

frequency

on-demand defaults.

decisionManager

enabled

false defaults.

ccAuthService

ccAuthService_run

true defaults.

commerceIndicator

internet defaults if the E-Commerce indicator (Future use status 1) field in the Order Header table is set to I or the order type for the order matches the order type defined in the E-Commerce Order Type (G42) system control value; otherwise, moto defaults.

cavv

A code received from an authentication service, such as Visa’s Verified by Visa program or MasterCard’s SecureCode program, indicating whether the card authentication password the cardholder provided was approved for the credit card. See Credit Card Authentication Service for more information.

From the Authentication value field in the Order Payment Method table.

eciRaw

A code received from an authentication service, such as Visa’s Verified by Visa program or MasterCard’s SecureCode program, indicating whether the card authentication password the cardholder provided was approved for the credit card. See Credit Card Authentication Service for more information.

From the Authentication value field in the Order Payment Method table.

paySubscriptionCreate

Service_run

true defaults.

businessRules

ignoreAVSResult

true defaults.

ignoreCVResult

true defaults.

replyMessage

merchantReferenceCode

The order number + order payment method sequence number, used to match the response to the correct request.

Corresponds to the Order # and OPM Seq # fields in the Order Payment Method table.

requestID

The unique transaction ID assigned by CyberSource for the transaction.

Updates the Transaction ID field in the Authorization History table.

decision

ACCEPT indicates CyberSource approved the transaction.

ERROR indicates an error occurred while CyberSource was processing the transaction.

REJECT indicates CyberSource rejected the transaction.

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table and updates the AUH vendor response field in the Authorization History table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestToken

The token assigned to the credit card associated with the authorization transaction, encrypted.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

Corresponds to the ASC Currency code field in the Auth Service Currency table.

ccAuthReply

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

amount

The amount authorized by CyberSource, including decimals, in the currency defined on the order.

If the authorization is for a customer membership order, the original authorization amount is also saved for the customer membership if it was not already populated.

Updates the AUH amount authorized field in the Authorization History table.

authorizationCode

The authorization number provided by CyberSource.

Updates the AUH auth # field in the Authorization History table.

avsCode

The address verification response for the credit card.

Updates the AUH AVS response field in the Authorization History table.

avsCodeRaw

The address verification response for the credit card, from the processor.

cvCode

The card identification response for the credit card.

Updates the AUH Vendor Response 2 field in the Authorization History table.

authorizedDateTime

The date and time the credit card was authorized, in YYYY-MM-DDTHH:MM:SSZ format.

Updates the AUH auth date field in the Authorization History table.

processorResponse

The response code from the bank. Informational only.

reconciliationID

A code assigned by CyberSource as a reference number for the transaction.

paymentNetworkTransactionID

The customer-initiated transaction ID obtained when authorizing the credit card. Included only when the credit card has not previously been authorized.

A customer-initiated transaction ID is required for a credit card payment method only when tokenization is not enabled for CyberSource; however, if the ID is passed, it is stored regardless of whether tokenization is enabled.

This ID can also be updated with the ci_transaction_id in the Inbound Order XML Message (CWORDERIN). It is stored for the Order Payment Method, and not updated once populated unless you change the credit card number.

If the authorization is for a customer membership order, the ID is also saved for the customer membership if it was not already populated.

paySubscriptionCreateReply

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

Corresponds to the Response Code field in the CC Vendor Response table.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

subscriptionID

The token assigned to the credit card payment.

CyberSource uses this code to reference the customer profile information in the CyberSource database.

Updates the OPM credit card number field in the Order Payment Method table.

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number + order payment method sequence number.

From the Company, Order # and OPM Seq # fields in the Order Payment Method table.

invoiceHeader

userPO

The purchase order number associated with the deposit. From the Purchase order # field in the Order Ship To table.

If a purchase order is not defined, the system defaults the Order Management System order number. From the Order # field in the Order Payment Method table.

Included only if the transaction qualifies for level II or III discounting and the payment method is Visa, American Express, or MasterCard; see Level II and III Discounting.

billTo

Included only if you do not use credit card tokenization or if the credit card payment has not yet been replaced with a token from CyberSource.

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address. From the:

•         Street address in the Customer Bill To table, or

•         NAM Street address in the Customer Sold To table.

street2

The second address line on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: GARDEN TERRACE APT 2B. From the:

•         Address line 2 and APT Code in the Customer Bill To table, or

•         NAM Address line 2 and Apartment in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@CyberSource.com defaults.

From the CST email address field in the Customer Sold To table.

item

id

0 defaults.

unitPrice

The unit price of the item, including decimals, in the currency defined on the order, minus any hidden tax included in the item price.

From the IDT Price field in the Invoice Detail table.

Included only if the transaction qualifies for level II or III discounting and the payment is a method other than Discover or JCB; see Level II and III Discounting.

quantity

The quantity of the item shipped.

From the IDT Qty shipped field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productCode

The item number on the deposit.

From the ITM Number field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productName

A description of the item.

From the Description field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productSKU

The SKU of the item on the deposit.

From the SKU Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxAmount

The tax amount for the item, including decimals, in the currency defined on the order, including any hidden tax included in the item price.

From the Tax field in the Invoice Detail table.

Included only if the transaction qualifies for level II discounting and the payment method is Visa, American Express, or MasterCard, or the transaction qualifies for level III discounting and the payment method is Visa or MasterCard. See Level II and III Discounting.

unitOfMeasure

The unit of measure defined for the item.

From the Unit of measure field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxRate

The tax rate defined for the item. The system uses this calculation to determine the tax rate:

taxAmount / unitPrice = taxRate 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

totalAmount

The total price of the item, including decimals, in the currency defined on the order. The system uses this calculation to determine the total amount:

item_#_quantity x the item_#_unitPrice = item_#_totalAmount 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

discountAmount

The discount amount applied to the item, including decimals, in the currency defined on the order.

From the IDT Discount amount field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

commodityCode

The commodity code defined for the item.

From the SKU Commodity Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

grossNetIndicator

Y defaults if a value is passed in the vatTaxAmount tag; otherwise, N defaults.

Included only if the transaction qualifies for level III discounting and the payment method is MasterCard; see Level II and III Discounting.

discountIndicator

Y defaults if an amount greater than 0 exists in the discountAmount tag; otherwise, N defaults.

Included only if the transaction qualifies for level III discounting and the payment method is MasterCard; see Level II and III Discounting.

purchaseTotals

currency

The currency on the order.

The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

discountAmount

The discount amount for the deposit, including decimals, in the currency defined on the order.

From the INS Discount amount filed in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

dutyAmount

The duty amount for the deposit, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge D.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

grandTotalAmount

The amount to deposit, including decimals, in the currency defined on the order.

From the Total $ amt field in the CC Deposit Transaction table.

freightAmount

The freight amount for the deposit, including decimals, in the currency defined on the order.

From the INS Freight field in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

otherTax

vatTaxAmount

The VAT tax amount defined for the item, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge V.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

vatTaxRate

The VAT percent defined for the ship to customer’s country.

From the CNT VAT percent in the Country table.

Included only if the transaction qualifies for level II discounting and the payment method is Visa; see Level II and III Discounting.

See How Hidden Tax is Calculated by Percentage for more information.

card

Included only if you do not use credit card tokenization or if the credit card payment has not yet been replaced with a token from CyberSource.

accountNumber

The card number to authorized and replace with a token.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

expirationMonth

The month when the card expires, in MM format.

From the first 2 positions of the OPM expiration date field in the Order Payment Method table.

expirationYear

The year when the card expires, in YYYY format.

From the last 2 positions of the OPM expiration date field in the Order Payment Method table.

cardType

The vendor paytype code defined for the credit card pay type. This is the code CyberSource uses to identify the method of payment.

From the CPC vendor paytype/code field in the CC Paytype Cross Ref table.

issueNumber

The card issue number defined for the card being processed.

From the OPM card issue # field in the Order Payment Method table.

startMonth

The start month defined for the card being processed, in MM format.

From the first 2 positions of the Start date field in the Order Payment Method table.

startYear

The start year defined for the card being processed, in YYYY format.

From the last 2 positions of the Start date field in the Order Payment Method table.

ccCaptureService

ccCaptureService run

true defaults.

authRequestID

The transaction ID for the authorization associated with the deposit.

From the Transaction ID field in the Authorization History table.

reconciliationID

If the Override Reconciliation Id for CyberSource is set to:

•         blank: Not passed.

•         Invoice Number: The invoice number assigned at billing.

•         Alternate Order Number: The alternate order number from the Order Header Extended table, if any; otherwise, not sent. This field is labeled the Alt ord at the Display Order Properties Screen.

For an e-commerce order, the alternate order number is the order_number passed in the Inbound Order XML Message (CWORDERIN) message to identify the order in the originating system or on the web storefront. If the e-commerce order number is a date, it is formatted without punctuation, for example: 20200114T123456.

If the reconciliationID in the request message does not specify an invoice number or alternate order number, then CyberSource assigns a reconciliationID as a reference number for the transaction, and passes it in the response message.

Note:  

•         The supported size of the reconciliationID varies based on the credit card processor. You need to confirm that the credit card processor used supports the length and attributes of the invoice number or alternate order number.

•         It is possible that the reconciliationID may not be unique in CyberSource if, for example, you have multiple companies.

purchasingLevel

3 defaults if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; otherwise, this value is not passed. See Level II and III Discounting.

paySubscriptionCreate

Service_run

true defaults if a token is requested in the deposit transaction.

ccCapture_sequence

The current sequence number for the order payment authorization request id for the deposit. Set to 1 if this is the first deposit for the order, and incrementing by 1 for each subsequent deposit.

Not sent if both the ccCapture_sequence and the ccCapture_totalCount are set to 1.

Sent when? This field is sent only if the Void auth at deposit flag for the authorization service is unselected, and the entire order does not ship and bill at once, based on the fact that it’s a debit invoice for less than the authorization amount.

Maximum sequence number: The maximum sequence number sent is 99, regardless of whether the actual number of deposits for the order is greater, and a sequence number of 99 is sent only for the final deposit. Otherwise, the message continues to include a sequence number of 98 until the final deposit request is generated. Note that the actual number of deposits is still tracked in the Authorization History record.

For more information: See Void Unused Authorization After Initial Deposit for background and more examples.

ccCapture_totalCount

The total number of deposits for the order. Set to 99 if the total number of deposits is unknown.

Not sent if both the ccCapture_sequence and the ccCapture_totalCount are set to 1.

If this is the final deposit for the order, the total count is set to match the current sequence number.

Example:  There are two lines on the order shipping separately. When the first line ships, the sequence is set to 1 and the total count is set to 99. When the second and final line ships, the sequence is set to 2 and the total count is also set to 2.

Sent when? This field is sent only if the Void auth at deposit flag for the authorization service is unselected, and the entire order does not ship and bill at once, based on the fact that it’s a debit invoice for less than the authorization amount.

If large number of deposits: If the number of deposits to process for the order exceeds 99, a total count of 99 still continues to be sent in the deposit request message. Note that the actual number of deposits is still tracked in the Authorization History record.

For more information: See Void Unused Authorization After Initial Deposit for background and more examples.

replyMessage

merchantReferenceCode

The company code + order number + order payment method sequence number, to match the response to the correct deposit.

Updates the Company, Order # and OPM Seq # fields in the CC Deposit History table.

requestID

The unique transaction ID assigned by CyberSource for the transaction.

decision

ACCEPT indicates CyberSource approved the transaction.

ERROR indicates an error occurred while CyberSource was processing the transaction.

REJECT indicates CyberSource rejected the transaction.

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

Corresponds to the Response Code field in the CC Vendor Response table and updates the Response code field in the CC Deposit History table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestToken

The token assigned to the credit card associated with the deposit transaction, encrypted.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

Corresponds to the ASC Currency code field in the Auth Service Currency table.

ccCaptureReply

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

Corresponds to the Response Code field in the CC Vendor Response table. Updates the Response code field in the CC Deposit History table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestDateTime

The date and time the deposit was authorized by CyberSource, in YYYY-MM-DDTHH:MM:SSZ format. Order Management System translates this date format to CYYMMDD format.

Updates the Deposit date field in the CC Deposit History table.

amount

The amount deposited, including decimals, in the currency defined on the order.

Updates the Deposit Amount field in the CC Deposit History table.

reconciliationID

The alternate order number or invoice number that was sent as the reconciliationID in the CyberSource Debit Deposit Request (ccCaptureService) XML Message; otherwise, this is a code assigned by CyberSource as a reference number for the transaction.

Note:  If this ID does not match alternate order number or invoice number that was sent in the request message, this could be because the number submitted in the request did not meet the length and formatting requirements of the credit card processor.

purchasingLevel3

Enabled

Y defaults if the transaction qualifies for level II discounting; otherwise, this value is not passed.

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number + order payment method sequence number.

From the Company, Order # and OPM Seq # fields in the Order Payment Method table.

invoiceHeader

userPO

The purchase order number associated with the deposit.

From the Purchase order # field in the Order Ship To table.

If a purchase order is not defined, the system defaults the Order Management System order number. From the Order # field in the Order Payment Method table.

Included only if the transaction qualifies for level II or III discounting and the payment method is Visa, American Express, or MasterCard; see Level II and III Discounting.

billTo

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address. From the:

•         Street address in the Customer Bill To table, or

•         NAM Street address in the Customer Sold To table.

street2

The second address line on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: GARDEN TERRACE APT 2B. From the:

•         Address line 2 and APT Code in the Customer Bill To table, or

•         NAM Address line 2 and Apartment in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@Cybersource.com defaults.

From the CST email address field in the Customer Sold To table.

item

id

0 defaults.

unitPrice

The unit price of the item, including decimals, in the currency defined on the order, minus any hidden tax included in the item price.

From the IDT Price field in the Invoice Detail table.

Included only if the transaction qualifies for level II or III discounting and the payment is a method other than Discover or JCB; see Level II and III Discounting.

quantity

The quantity of the item shipped.

From the IDT Qty shipped field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productCode

The item number on the deposit.

From the ITM Number field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productName

A description of the item.

From the Description field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productSKU

The SKU of the item on the deposit.

From the SKU Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxAmount

The tax amount for the item, including decimals, in the currency defined on the order, including any hidden tax included in the item price.

Included only if the transaction qualifies for level II discounting and the payment method is Visa, American Express, or MasterCard, or the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

unitOfMeasure

The unit of measure defined for the item.

From the Unit of measure field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxRate

The tax rate defined for the item. The system uses this calculation to determine the tax rate:

taxAmount / unitPrice = taxRate 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

totalAmount

The total price of the item, including decimals, in the currency defined on the order. The system uses this calculation to determine the total amount:

item_#_quantity x the item_#_unitPrice = item_#_totalAmount 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

discountAmount

The discount amount applied to the item, including decimals, in the currency defined on the order.

From the IDT Discount amount field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

commodityCode

The commodity code defined for the item.

From the SKU Commodity Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

discountAmount

The discount amount for the deposit, including decimals, in the currency defined on the order.

From the INS Discount amount filed in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

dutyAmount

The duty amount for the deposit, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge D.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

grandTotalAmount

The amount to deposit, including decimals, in the currency defined on the order.

From the Total $ amt field in the CC Deposit Transaction table.

freightAmount

The freight amount for the deposit, including decimals, in the currency defined on the order.

From the INS Freight field in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

otherTax

vatTaxAmount

The VAT tax amount defined for the item, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge V.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

vatTaxRate

The VAT percent defined for the ship to customer’s country.

From the CNT VAT percent in the Country table.

Included only if the transaction qualifies for level II discounting and the payment method is Visa; see Level II and III Discounting.

See How Hidden Tax is Calculated by Percentage for more information.

recurringSubscriptionInfo

Included only if a token is passed.

subscriptionID

The token for the credit card payment.

From the OPM credit card number field in the Order Payment Method table.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

frequency

on-demand defaults.

ccCreditService

ccCreditService run

true defaults.

reconciliationID

If the Override Reconciliation Id for CyberSource is set to:

•         blank: Not passed.

•         Invoice Number: The invoice number assigned at billing.

•         Alternate Order Number: The alternate order number from the Order Header Extended table, if any; otherwise, not sent. This field is labeled the Alt ord at the Display Order Properties Screen.

For an e-commerce order, the alternate order number is the order_number passed in the Inbound Order XML Message (CWORDERIN) message to identify the order in the originating system or on the web storefront. If the e-commerce order number is a date, it is formatted without punctuation, for example: 20200114T123456.

If the reconciliationID in the request message does not specify an invoice number or alternate order number, then CyberSource assigns a reconciliationID as a reference number for the transaction, and passes it in the response message.

Note:  

•         The supported size of the reconciliationID varies based on the credit card processor. You need to confirm that the credit card processor used supports the length and attributes of the invoice number or alternate order number.

•         It is possible that the reconciliationID may not be unique in CyberSource if, for example, you have multiple companies.

purchasingLevel

3 defaults if the transaction qualifies for level II discounting and the payment method is Visa or MasterCard; otherwise, this value is not passed.

replyMessage

merchantReferenceCode

The company code + order number + order payment method sequence number, to match the response to the correct deposit.

Updates the Company, Order # and OPM Seq # fields in the CC Deposit History table.

requestID

The unique transaction ID assigned by CyberSource for the transaction.

decision

ACCEPT indicates CyberSource approved the transaction.

ERROR indicates an error occurred while CyberSource was processing the transaction.

REJECT indicates CyberSource rejected the transaction.

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

Corresponds to the Response Code field in the CC Vendor Response table and updates the Response code field in the CC Deposit History table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestToken

The token assigned to the credit card associated with the deposit transaction, encrypted.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

Corresponds to the ASC Currency code field in the Auth Service Currency table.

ccCreditReply

reasonCode

The reason the transaction was approved or rejected by CyberSource.

100 indicates the transaction was successful.

151 indicates the request was received by CyberSource but there was a server timeout. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

152 indicates the request was received by CyberSource but a service did not finish running in time. If you receive this reason, do not resend the request until you have reviewed the transaction status in the CyberSource Business Center. See the documentation for your CyberSource client (SDK) for information about how to handle retries in the case of system errors.

Corresponds to the Response Code field in the CC Vendor Response table.

Corresponds to the Response Code field in the CC Vendor Response table. Updates the Response code field in the CC Deposit History table.

See Reason Codes for the Simple Order API in the CyberSource Credit_Cards_SO_API.pdf document for a complete list of valid reason codes.

requestDateTime

The date and time the deposit was authorized by CyberSource, in YYYY-MM-DDTHH:MM:SSZ format. Order Management System translates this date format to CYYMMDD format.

Updates the Deposit date field in the CC Deposit History table.

amount

The amount deposited, including decimals, in the currency defined on the order.

Updates the Deposit Amount field in the CC Deposit History table.

reconciliationID

The alternate order number or invoice number that was sent as the reconciliationID in the CyberSource Credit Deposit Request (ccCreditService) XML Message; otherwise, this is a code assigned by CyberSource as a reference number for the transaction.

Note:  If this ID does not match alternate order number or invoice number that was sent in the request message, this could be because the number submitted in the request did not meet the length and formatting requirements of the credit card processor.

purchasingLevel3

Enabled

Y defaults if the transaction qualifies for level II discounting; otherwise, this value is not passed.

ownerMerchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

requestMessage

merchantID

The account number assigned by CyberSource to identify transmissions. From the:

•         Merchant # field in the CC Paytype Cross Ref table, or

•         Merchant ID field in the Merchant ID Override table, or

•         Merchant ID field in the Authorization Services table.

merchantReferenceCode

The company code + order number + order payment method sequence number.

From the Company, Order # and OPM Seq # fields in the Order Payment Method table.

Subsequent authorization tags: See Subsequent Authorization Requests to CyberSource for more information on the following tags.

subsequentAuthFirst

Set to true if this is the first authorization request for the payment method, and not a merchant-initiated transaction. A first authentication can be:

•         The first authorization request for the order payment method.

•         The first authorization request after changing the credit card number for the order payment method.

•         An authorization request generated after the first request failed.

•         The authorization request for an order originating a customer membership.

•         The authorization request for the first generated membership order after the credit card for the customer membership was updated.

Not passed when: If this is a subsequent authorization request, this tag is not passed. A subsequent request can be:

•         A request generated after a previous request, such as a first authorization for a deferred or installment pay plan, has succeeded.

•         A request generated after a previous request was voided.

•         A request generated after an initial deposit request failed.

•         A request generated for a generated membership order after the authorization was obtained.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuth

Set to true if this is a subsequent authorization request (the subsequentAuthFirst was not passed), and

•         The credit card information is tokenized; or,

•         The credit card information is not tokenized, and the ci_transaction_id is stored on the Order Payment Method record. See the discussion of the subsequentAuthTransactionID, below, for more information.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthReason

Set to:

•         1 if the Supports Auth Resubmission flag is selected for CyberSource in Defining Authorization Services (WASV) and if the request is for authorization and deposit of a failed deposit request.

•         3 if subsequentAuth is set to true. For an authorization and deposit request for a deferred or installment pay plan after the initial authorization, set to 3 if the Notify of installments setting for the pay type is not selected.

Not passed when:

•         This is not a subsequent authorization and deposit request, or

•         This is an authorization and deposit request that is for an order using deferred or installment billing, and the Notify of installments flag for the pay type is selected, or

•         This is an authorization and deposit request that is not for an order using deferred or installment billing, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

subsequentAuthTransactionID

The ci_transaction_id identifying the authorization. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is for a generated membership order.

This transaction ID is cleared from the Order Payment Method if you change the credit card number.

Not passed when:

•         This is not a subsequent authorization request, or

•         There is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthStoredCredential

Set to true if the authorization credentials are stored. Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

subsequentAuthOriginalAmount

The amount of the original approved authorization.This is the auth amount from Auth History:

•         If this is for a generated membership order, this is the original authorization amount from the customer membership, that was written to the order’s payment method record.

•         Otherwise, if there was a previous approved authorization for the same card number on the order payment method, this is the authorization amount from the oldest Auth History record.

Passed when this is a subsequent authorization (the subsequentAuthFirst was not passed), and the ci_transaction_id is stored on the Order Payment Method, either through the paymentNetworkTransactionID from a previous message from CyberSource, through the ci_transaction_id received in the Inbound Order XML Message (CWORDERIN), or from the customer membership if this is a generated membership order.

Not passed when:

•         This is not a subsequent authorization request, or

•         The order uses deferred or installment billing, and the Notify of installments setting for the pay type is selected, or

•         The credit card information is not tokenized, and there is no ci_transaction_id stored on the Order Payment Method record.

See Subsequent Authorization Requests to CyberSource for more information.

invoiceHeader

userPO

The purchase order number associated with the deposit.

From the Purchase order # field in the Order Ship To table.

If a purchase order is not defined, the system defaults the Order Management System order number. From the Order # field in the Order Payment Method table.

Included only if the transaction qualifies for level II or III discounting and the payment method is Visa, American Express, or MasterCard; see Level II and III Discounting.

billTo

Included only if you do not use credit card tokenization or if the credit card payment has not yet been replaced with a token from CyberSource.

firstName

The bill to customer’s first name. From the:

•         First name field in the Customer Bill To table, or

•         NAM First name field in the Customer Sold To table.

lastName

The bill to customer’s last name. From the:

•         Last name field in the Customer Bill To table, or

•         NAM Last name field in the Customer Sold to table.

Note:  If a last name is not passed, CyberSource fails the transaction.

street1

The street address on the bill to customer’s address. From the:

•         Street address in the Customer Bill To table, or

•         NAM Street address in the Customer Sold To table.

street2

The second address line on the bill to customer’s address, followed by the text APT and the apartment or suite number defined for the bill to customer’s address. For example: TERRACE GARDEN APT 2B. From the:

•         Address line 2 and APT Code in the Customer Bill To table, or

•         NAM Address line 2 and Apartment in the Customer Sold To table.

city

The city on the bill to address. From the:

•         City field in the Customer Bill To table, or

•         City field in the Customer Sold To table.

state

The state code on the bill to customer’s address. From the:

•         State field in the Customer Bill To table, or

•         NAM State field in the Customer Sold To table.

postalCode

The zip code on the bill to customer’s address.

If the country code is US, the 9-digit zip code is in 99999-9999 format.

If the country code is CA, the 6-digit zip code is in A1B 2C3.

If the country code is JP, the 7-digit zip code is in 999-9999 format.

If the country code is GB, the 6-digit zip code is in AB12CD format.

From the:

•         Zip field in the Customer Bill To table, or

•         NAM Zip field in the Customer Sold To table.

country

The country code on the bill to customer’s address. The system uses the Work with Authorization Service Country Screen to cross-reference the Order Management System country code in the Customer Bill To table or Customer Sold To table to the CyberSource country code.

From the Auth Service Country field in the Auth Service Country table.

email

The bill to customer’s email address.

If an email address is not defined for the bill to customer, null@CyberSource.com defaults.

From the CST email address field in the Customer Sold To table.

item

id

0 defaults.

unitPrice

The unit price of the item, including decimals, in the currency defined on the order, minus any hidden tax included in the item price.

From the IDT Price field in the Invoice Detail table.

Included only if the transaction qualifies for level II or III discounting and the payment is a method other than Discover or JCB; see Level II and III Discounting.

quantity

The quantity of the item shipped.

From the IDT Qty shipped field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productCode

The item number on the deposit.

From the ITM Number field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productName

A description of the item.

From the Description field in the Item table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

productSKU

The SKU of the item on the deposit.

From the SKU Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxAmount

The tax amount for the item, including decimals, in the currency defined on the order, including any hidden tax included in the item price.

Included only if the transaction qualifies for level II discounting and the payment method is Visa, American Express, or MasterCard, or the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

unitOfMeasure

The unit of measure defined for the item.

From the Unit of measure field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

taxRate

The tax rate defined for the item. The system uses this calculation to determine the tax rate:

taxAmount / unitPrice = taxRate 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

totalAmount

The total price of the item, including decimals, in the currency defined on the order. The system uses this calculation to determine the total amount:

item_#_quantity x the item_#_unitPrice = item_#_totalAmount 

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

discountAmount

The discount amount applied to the item, including decimals, in the currency defined on the order.

From the IDT Discount amount field in the Invoice Detail table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

commodityCode

The commodity code defined for the item.

From the SKU Commodity Code field in the SKU table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting.

purchaseTotals

currency

The currency on the order. The system uses the Work with Authorization Service Currency Screen to cross-reference the Order Management System currency code to the CyberSource currency code.

From the ASC Currency code field in the Auth Service Currency table.

discountAmount

The discount amount for the deposit, including decimals, in the currency defined on the order.

From the INS Discount amount filed in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

dutyAmount

The duty amount for the deposit, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge D.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

grandTotalAmount

The amount to deposit, including decimals, in the currency defined on the order.

From the Total $ amt field in the CC Deposit Transaction table.

freightAmount

The freight amount for the deposit, including decimals, in the currency defined on the order.

From the INS Freight field in the Invoice Ship To table.

Included only if the transaction qualifies for level III discounting and the payment method is Visa or MasterCard; see Level II and III Discounting

otherTax

vatTaxAmount

The VAT tax amount defined for the item, including decimals, in the currency defined on the order.

From the IDC Amount field in the Invoice Detail Charge table for IDC Type of Charge V.

Included only if the transaction qualifies for level III discounting and the payment method is Visa; see Level II and III Discounting.

vatTaxRate

The VAT percent defined for the ship to customer’s country.

From the CNT VAT percent in the Country table.

Included only if the transaction qualifies for level II discounting and the payment method is Visa; see Level II and III Discounting.

See How Hidden Tax is Calculated by Percentage for more information.

card

Included only if you do not use credit card tokenization or if the credit card payment has not yet been replaced with a token from CyberSource.

accountNumber

The card number to authorized and replace with a token.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

From the OPM credit card number field in the Order Payment Method table.

expirationMonth

The month when the card expires, in MM format.

From the first 2 positions of the OPM expiration date field in the Order Payment Method table.

expirationYear

The year when the card expires, in YYYY format.

From the last 2 positions of the OPM expiration date field in the Order Payment Method table.

cardType

The vendor paytype code defined for the credit card pay type. This is the code CyberSource uses to identify the method of payment.

From the CPC vendor paytype/code field in the CC Paytype Cross Ref table.

issueNumber

The card issue number defined for the card being processed.

From the OPM card issue # field in the Order Payment Method table.

startMonth

The start month defined for the card being processed, in MM format.

From the first 2 positions of the Start date field in the Order Payment Method table.

startYear

The start year defined for the card being processed, in YYYY format.

From the last 2 positions of the Start date field in the Order Payment Method table.

recurringSubscriptionInfo

subscriptionID

The token for the credit card payment.

From the OPM credit card number field in the Order Payment Method table.

If you use credit card encryption, the system decrypts the credit card number before sending it to CyberSource; see the Data Security and Encryption Guide on My Oracle Support (1988467.1).

frequency

on-demand defaults.

decisionManager

enabled

false defaults.