19 Setting Up Payment Processing with Paymentech

Learn how Oracle Communications Billing and Revenue Management (BRM) cloud native integrates with Paymentech to process your customers' credit card and direct debit payments.

Topics in this document:

• About Setting Up Payment Processing with Paymentech

• Using SFTP for Batch Payment Transactions

• Using TCP/IP for Batch Payment Transactions

• Configuring TCP/IP for Online Payment Transactions

• Configuring the Paymentech Simulator for Testing

About Setting Up Payment Processing with Paymentech

Paymentech validates, authorizes, and processes credit card and debit card payments from your customers. For more information, see "Processing Credit Card and Debit Card Payments with Paymentech" in BRM Configuring and Collecting Payments.

To process payments with Paymentech in BRM cloud native:

1. Configure dm_fusa to send batch payment transactions to Paymentech using either SFTP or TCP/IP:

   • To use SFTP, see "Using SFTP for Batch Payment Transactions".

   • To use TCP/IP, see "Using TCP/IP for Batch Payment Transactions".

2. Configure dm_fusa to use TCP/IP for online payment transactions. See "Configuring TCP/IP for Online Payment Transactions".

3. Configure merchant accounts as described in "Setting Up Merchant Accounts" in BRM Configuring and Collecting Payments.

4. Set up BRM to process PINless debit payments as described in "Configuring PINless Direct Debit Payment Processing" in BRM Configuring and Collecting Payments.

5. Test payment processing using the Paymentech Simulator. See "Configuring the Paymentech Simulator for Testing".

Using SFTP for Batch Payment Transactions

You can configure dm_fusa to use SFTP for sending batch payment transactions to the Paymentech payment processor. Batch transactions include batch payments, multiple verifications, multiple authorizations, deposits, and refunds.

To use SFTP for batch payment transactions:

1. Configuring Authentication for SFTP Batch Transactions

2. Configuring dm_fusa with SFTP Settings

Configuring Authentication for SFTP Batch Transactions

To configure authentication for SFTP batch transactions:

1. Generate an RSA public/private key pair.

   For example, to generate a 4096-bit RSA key pair, run:

   ssh-keygen -t rsa -b 4096

2. (For production environments only) Copy the RSA public key to the Paymentech SFTP server:

   ssh-copy-id -i pathPublicKey  userName@hostNamePaymentech

   If prompted, enter the SFTP user password.

   where:

   • pathPublicKey: Path and file name of the public key created in step 1.

   • userName: SFTP user name on the Paymentech SFTP server.

   • hostNamePaymentech: Host name of the Paymentech SFTP server.

3. (For testing with the Paymentech Simulator only) In your override-values.yaml file for oc-cn-helm-chart, add the RSA public key in Base64-encoded format to ocbrm.dm_fusa.secret.sftpAuthorizedKeys.

   After updating your configuration, run the helm upgrade command for oc-cn-helm-chart.

Configuring dm_fusa with SFTP Settings

To configure dm_fusa to use SFTP for sending batch payment transactions to Paymentech:

1. In your override_values.yaml file for oc-cn-helm-chart, set the following keys:

   • ocbrm.dm_fusa.isEnabled: Set this to true.

   • ocbrm.dm_fusa.batchProto: Set this to sftp.

2. In the SSH Daemon (sshd) client configuration file (configmap_dm_fusa_sftp_ssh_config.yaml), configure server connection details, including server, port, algorithms, and ciphers.

   Below shows the file's default values:

   data:
      config: |    
         Host CServer    
         HostName fusa-simulator
         User omsuser      
         Port 3333           
         IdentityFile /home/omsuser/.ssh/.sftp_key      
         #KexAlgorithms ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256      
         #KexAlgorithms diffie-hellman-group14-sha256      
         #Ciphers aes128-ctr,aes192-ctr,aes256-ctr      
         #HostKeyAlgorithms ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512      
         #MACs hmac-sha2-512,hmac-sha2-256      
         #LogLevel DEBUG3      
         #LogLevel VERBOSE

3. In your dm_fusa ConfigMap (configmap_pin_conf_dm_fusa.yaml), set the following keys:

   - dm_fusa sftp_pkey_pwd passPhrase
   - dm_fusa sftp_host hostName
   - dm_fusa sftp_indir inputPath
   - dm_fusa sftp_outdir outPath
   - dm_fusa sftp_rfrfile rfrFileName
   - dm_fusa sftp_retrys retryValue
   - dm_fusa sftp_retry_interval intervalValue

   Table 19-1 describes the variables in the dm_fusa ConfigMap.

   Table 19-1 Variables Descriptions

   Parameter	Description
   passPhrase	The SFTP private key passphrase. If omitted, the passphrase is retrieved from the wallet. By default, this key is commented out.
   hostName	The host section name in the SSH client configuration file. The default is CServer.
   inputPath	(For testing with the Paymentech Simulator only) The absolute path to the input directory where batch files are uploaded using SFTP. The default is /oms/sftp_in.
   outputPath	(For testing with the Paymentech Simulator only) The absolute path to the output directory where response files are downloaded using SFTP. The default is /oms/sftp_out.
   rfrFileName	The name of the RFR file to retrieve from the output directory. If this parameter is not specified, dm_fusa downloads any unprocessed file found in remote output directory.
   retryValue	The number of times to retry connections to Paymentech. The default is 4.
   intervalValue	The interval, in seconds, before retrying the connection to Paymentech. The default is 4.

4. In your override-values.yaml file, set the following keys:

   • ocbrm.dm_fusa.secret.sftpKey: Set this to the private key in Base64-encoded format.

   • ocbrm.dm_fusa.secret.sftpKeyPassPhrase: Set this to the passphrase in Base64-encoded format.

5. Run the helm upgrade command to update the release:

   helm upgrade BrmReleaseName oc-cn-helm-chart --values OverrideValuesFile --namespace BrmNameSpace

   where:

   • BrmReleaseName is the release name for oc-cn-helm-chart and is used to track this installation instance.

   • OverrideValuesFile is the file name and path to your override-values.yaml file.

   • BrmNameSpace is the namespace in which to create BRM Kubernetes objects for the BRM Helm chart.

Using TCP/IP for Batch Payment Transactions

To configure dm_fusa to use TCP/IP for batch payment transactions:

1. In your override_values.yaml file for oc-cn-helm-chart, set the following keys:

   • ocbrm.dm_fusa.isEnabled: Set this to true.

   • ocbrm.dm_fusa.batchProto: Set this to socket.

2. In the dm_fusa environment ConfigMap (configmap_env_dm_fusa.yaml), set the following keys:

   • DMF_BATCH_PORT: Set this to the Paymentech TCP/IP port number. The default is 8780.

   • DMF_BATCH_SRVR: Set this to the name of the Paymentech TCP/IP server. The default is fusa-simulator.

3. Run the helm upgrade command to update the release:

   helm upgrade BrmReleaseName oc-cn-helm-chart --values OverrideValuesFile --namespace BrmNameSpace

   where:

   • BrmReleaseName is the release name for oc-cn-helm-chart and is used to track this installation instance.

   • OverrideValuesFile is the file name and path to your override-values.yaml file.

   • BrmNameSpace is the namespace in which to create BRM Kubernetes objects for the BRM Helm chart.

Configuring TCP/IP for Online Payment Transactions

You configure dm_fusa to send online payment transactions to Paymentech using TCP/IP. Online transactions include single authorizations and verifications.

To configure TCP/IP for online payment transactions:

1. In the configmap_env_dm_fusa.yaml file, set the following keys:

   • data.DMF_ONLINE_SRVR: Set this to the IP address or host name of the Paymentech server for online payment transactions.

   • data.DMF_ONLINE_PORT: Set this to the port where Paymentech receives online payment transactions.

2. Run the helm upgrade command to update the release:

   helm upgrade BrmReleaseName oc-cn-helm-chart --values OverrideValuesFile --namespace BrmNameSpace

   where:

   • BrmReleaseName is the release name for oc-cn-helm-chart and is used to track this installation instance.

   • OverrideValuesFile is the file name and path to your override-values.yaml file.

   • BrmNameSpace is the namespace in which to create BRM Kubernetes objects for the BRM Helm chart.

Configuring the Paymentech Simulator for Testing

You can use Paymentech simulators to test credit card and debit card transactions:

• Use answer_s to simulate online transactions.

• Use answer_b to simulate batch transactions.

For more information, see "Testing Paymentech Credit Card Processing" in BRM Configuring and Collecting Payments.

To configure the Paymentech simulator in your cloud native environment:

1. In the configmap_pin_conf_fusa_simulator.yaml file, set the following keys:

   - answer_b batch_proto sftp
   - answer_b sftp_indir inputPath
   - answer_b sftp_outdir outputPath

   where:

   • inputPath is the absolute path to the input directory where batch files are uploaded using SFTP.

   • outputPath is the absolute path to the output directory where response files are downloaded using SFTP.

2. In your override-values.yaml file for oc-cn-helm-chart, set these keys:

   • ocbrm.dm_fusa.secret.sftpKey: The private key in Base64-encoded format.

   • ocbrm.dm_fusa.secret.sftpKeyPassPhrase: The Base64-encoded passphrase for the private key.

   • ocbrm.dm_fusa.secret.sftpAuthorizedKeys: The Base64-encoded public key accepted by the server for log in.

3. Run the helm upgrade command to update the release:

   helm upgrade BrmReleaseName oc-cn-helm-chart --values OverrideValuesFile --namespace BrmNameSpace