8 posts / 0 new
Last post
andymckenna3981
Merchant management

I'd like to be able to programmatically register merchants and modify their Sandbox/Live status and retrieve their Merchant Token and JS Token to send to them. I'd also like to be able to find out (through the API) if they have TransArmor enabled.


rohitrajagopal3538
Re: Merchant management

Hi Andy,

1. Merchants who do not have a merchant account with First Data will need to apply for one before using Payeezy. For this, we can provide you a link using which merchants can apply for a new merchant account. When merchants apply through your link, they are automatically added to your developer account which will give you the Merchant token and JS_Security_key

2. For a given merchant account, there is no need to toggle between sandbox and live. Merchant accounts by nature are either for our sandbox or live environments. Currently for our sandbox environment, we have a demo merchant account called "Acme Sock" that our developers use to build their integration. This demo account is common to all and will appear in your developer account by default. At this time, we do not allow developers to add their own demo accounts. For live obviously, you will need to add real merchant accounts to your developer account.

3. At this time, it is not possible to programmatically retrieve the merchant token and js_security_key from your developer account. We do have a plan to add such a feature but have no target date yet. This will need to be done manually for now. 

4. The merchant can easily check if Transarmor is enabled for their account by going to the virtual terminal interface - https://globalgatewaye4.firstdata.com. You could also do this programmatically by issuing a sample authorization transaction. We will include a token in the response if Transarmor is enabled for the merchant.

Regards,

Payeezy team

 


andymckenna3981
Re: Merchant management

Do the merchants rely on me to provide them with the merchant token and JS token? Are they unique to my app? Can the merchant get the token and JS token without me?

I'm going to publish a plugin for a shopping cart and I'd like to make it easy for anyone to download my plugin and use it in Sandbox mode but require an order to use it in live mode. I can manually provide the tokens for now but want to be sure on how this authenticates or if I need to put my own license key system on top of it.


rohitrajagopal3538
Re: Merchant management

Yes, as of today, merchants will rely on you to provide them the merchant token and js_Security_key. However, we are working towards a solution to remove this dependency.

So to use the plugin in sandbox mode, the merchant will not need to provide anything. In your plugin, in sandbox mode, you would use your api key, api secret, the sandbox merchant token, sandbox js_Security_key and "NOIW" as the ta_token. 

When it comes to using your plugin in Live mode, the api key and api secret can remain the same but merchants will need to use their own merchant token, je_Security_key and ta_Token. Now, the merchant token and js_security_key will only be available via your developer account. So, you will have control over who uses your plugin.

Regards,

Payeezy team


andymckenna3981
Re: Merchant management

The downside of having them use the shared ACME merchant in sandbox mode is that they can't see the transactions coming through on their First Data admin side. The upside is since I'm controlling the merchants that can use the plugin I can just offer a refund if they aren't happy because I can remove their access, something I couldn't do when I was just distributing my own license keys.

I'm good on the tokenization, too. I haven't gotten to the point where I'm actually tokenizing cards yet and didn't know I had to send in the TA token. Having the merchant retrieve that actual value from their account will alert them that it's not set up. With the GGe4 API, you have to just hope they know that or figure it out when their tokens start coming back blank.

I'm really liking this Payeezy API way more than GGe4. Especially the clean documentation with sample forms and expected return messages for each scenario.


rohitrajagopal3538
Re: Merchant management

Andy - We plan to add the ability to add other demo merchant accounts as well so that merchants will then be able to see their sandbox transactions on their gateway portal interface.


andymckenna3981
Re: Merchant management

Another question, if the developer has the Merchant Tokens, what's to stop them from running fraudulent transactions as that merchant? Should a field be required that only the merchant has access to?


rohitrajagopal3538
Re: Merchant management

At the outset, we give a developer the merchant token only if the merchant permits it. A merchant can always revoke that permission by calling our help desk in which case the merchant token is rendered useless.

Regards,

Payeezy team