Samsung Pay Developer Guide {#applepay-about-guide} =================================================== Audience and Purpose -------------------- This document is written for merchants who want to enable customers to use Samsung Pay to pay for in-app purchases. This document provides an overview for integrating the Samsung Pay SDK and describes how to request the `Bank of America` API to process an authorization. Merchants must use the Samsung Pay SDK to receive the customer's encrypted payment data before requesting the `Bank of America` API to process the transaction. Conventions ----------- The following special statements are used in this document: > IMPORTANT > An *Important* statement contains information essential to successfully completing a task or learning a concept. > WARNING > A *Warning* contains information or instructions, which, if not heeded, can result in a security risk, irreversible loss of data, or significant cost in time or revenue or both. Recent Revisions to This Document {#samsungpay-doc-revisions} ============================================================= 26.01.01 -------- Initial release of the HTML version of this document. 25.09.01 -------- This revision contains only editorial changes and no technical updates. 25.08.01 -------- This revision contains only editorial changes and no technical updates. 24.02 ----- This revision contains only editorial changes and no technical updates. 24.01 ----- This revision contains only editorial changes and no technical updates. Requirements for Using Samsung Pay {#samsungpay-requirements} ============================================================= In order to use the `Bank of America` platform to process Samsung Pay transactions, you must have: * A `Bank of America` account. If you do not already have a `Bank of America` account, contact your local `Bank of America` sales representative. * A merchant account with a supported processor. * A profile on the Samsung Pay Partner Portal and an associated partner ID. {#samsungpay-requirements_ul_scm_kwb_s4b} > IMPORTANT > Samsung Pay relies on authorizations with payment network tokens. You can sign up for Samsung Pay only when both of the following statements are true: > > * Your processor supports payment network tokens. > * ` Bank of America ` supports payment network tokens with your processor. > > {#samsungpay-requirements_ul_ugr_qxb_s4b} > If one or both of the preceding statements are not true, you must take one of the following actions before you can sign up for Samsung Pay: > > * Obtain a new merchant account with a processor that supports payment network tokens. > * Wait until your processor supports payment network tokens. > {#samsungpay-requirements_ul_tf5_txb_s4b} Getting Started {#samsungpay-getting-started-intro} =================================================== Follow these steps to set up Samsung Pay with `Bank of America`: 1. Registering with Samsung and `Bank of America`: 1. [Registering with Samsung Pay](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-registering.md "") 2. [Registering with Bank of America](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-registering-cybs.md "") {#samsungpay-getting-started-intro_ol_ed4_pcn_fpb} 2. Integrating the Samsung SDK, which includes the following tasks: 1. [Creating a Project](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-creating-project.md "") 2. [Integrating the Samsung Pay SDK](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-integrating-sdk.md "") 3. [Using the API Key](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-using-api-key.md "") 3. Using the Samsung SDK to: 1. [Verify That Your Application is Eligible for Samsung Pay](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-initalize-for-app.md "") 2. [Initiating a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-initiating-payment.md "") 3. [Requesting a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-getting-started-intro/samsungpay-requesting-payment.md "") {#samsungpay-getting-started-intro_ol_pvr_pwm_fpb} Registering with Samsung Pay {#samsungpay_registering} ====================================================== 1. Create a profile by completing the merchant application on the Samsung Pay Partner Portal. #### ADDITIONAL INFORMATION After your merchant application is approved, you receive a unique partner ID. Include this ID in your application. IMPORTANT > You need the partner ID in order to generate a Certificate Signing Request (CSR) in the ` BA360 `. Samsung requires the CSR file in order to encrypt sensitive payment data; it contains an identifier and public key. 2. Using the Samsung Pay Partner Portal, upload the CSR file. 3. Enter an application name and a package name. When you associate the CSR file with the application, Samsung generates a product ID. 4. Create login details for application developers on the Samsung Pay Partner Portal. 5. Download and integrate the Samsung Pay SDK into your application. #### ADDITIONAL INFORMATION The SDK contains: * A Javadoc * The Samsung Pay SDK files *samsungpay.jar* and *sdk-v1.0.0.jar* * A sample app * The branding guide * Image files 6. Register a Samsung account ID and request a *debug-api-key* file using the Samsung Pay Partner Portal. The Samsung account ID, the *debug-api-key*, and the product ID are used to validate your application so that you can use the Samsung Pay SDK for testing. 7. Submit your application for approval using the Samsung Pay Partner Portal. Upload the final version of the Android Application Package (APK) file using the Samsung Pay Partner Portal, and include screenshots of your checkout page displaying the Samsung Pay logo. Registering with `Bank of America` {#samsungpay_registering_cybs} ================================================================= 1. Log in to the `BA360`: #### ADDITIONAL INFORMATION * Create a CSR file for test transactions: * [`https://sandbox.sbob.merchant-services.bankofamerica.com`](https://sandbox.sbob.merchant-services.bankofamerica.com "") * [` https://sandbox.cashpro.merchant-services.bankofamerica.com`](https://sandbox.cashpro.merchant-services.bankofamerica.com "") * [` https://sandbox.associate.merchant-services.bankofamerica.com`](https://sandbox.associate.merchant-services.bankofamerica.com "") {#samsungpay_registering_cybs_ul_bts_gt2_yhc} * Create a CSR file for production transactions: * [`https://sbob.merchant-services.bankofamerica.com`](https://sbob.merchant-services.bankofamerica.com "") * [`https://cashpro.merchant-services.bankofamerica.com`](https://cashpro.merchant-services.bankofamerica.com "") * [`https://associate.merchant-services.bankofamerica.com`](https://associate.merchant-services.bankofamerica.com "") {#samsungpay_registering_cybs_ul_wk1_3t2_yhc} {#samsungpay_registering_cybs_ol_iph_jdx_dpb} 2. On the left navigation pane, click the Payment Configuration icon. 3. Click Digital Payment Solutions. The Digital Payments page opens. 4. Click Configure. The Samsung Pay Registration panel opens. 5. Enter your Samsung partner ID. 6. Click Generate New CSR. 7. To download your CSR, click the Download icon next to the key. 8. Follow your browser's instructions to save and open the file. #### ADDITIONAL INFORMATION > IMPORTANT Only one CSR is permitted for each unique Samsung partner ID. If you modify your Samsung partner ID, you must generate a new CSR. 9. Complete the enrollment process by submitting your CSR to Samsung. Creating a Project {#samsungpay-creating-project} ================================================= You use Android Studio to create a new Android Studio project, which is required to integrate the Samsung SDK. 1. Download Android Studio from the following website: [https://developer.android.com/studio/index.html](https://developer.android.com/studio/index.md ""). 2. Open Android Studio and click Start a new Android Studio project. 3. In the New Project settings menu, enter the name of your application and the company domain. 4. To change the package name, click Edit. By default, Android Studio sets the last element of the project's package name to the name of your application. 5. Click Next. 6. In the Target Android Devices settings menu, choose the required API levels. 7. Click Next. 8. Choose the required activity and click Finish. Integrating the Samsung Pay SDK {#samsungpay-integrating-sdk} ============================================================= 1. Add the *samsungpay.jar* and *sdk-v1.0.0.jar* files to the *libs* folder of your Android project. 2. Choose Gradle Scripts \> build.gradle and enter the dependencies shown below. #### ADDITIONAL INFORMATION ``` dependencies { compile files('libs/samsungpay.jar') compile files(libs/sdk-v1.0.0.jar') } ``` 3. Import the package. #### ADDITIONAL INFORMATION ``` import com.samsung.android.sdk.samsungpay; ``` Using the API Key {#samsungpay-using-api-key} ============================================= The API key is used to verify that your app (in debug mode or release mode) can use the Samsung Pay SDK APIs with the Samsung Pay application. To get the API key, you must create a *debug-api-key* file and include it in the *manifest* file. 1. To use the API key, include it in the *manifest* file with a custom tag. This enables the merchant app android *manifest* file to provide the `DebugMode`, `spay_debug_api_key` values as metadata. Example: Debug Mode {#samsungpay-apikey-ex-debug} ================================================= ``` <meta-data android:name="debug_mode" android:value="Y" /> <meta-data android:name="spay_debug_api_key" android:value="asdfggkndkeie17283094858" /> ``` Example: Release Mode {#samsungpay_apikey_ex_release} ===================================================== ``` <meta-data android:name="debug_mode" android:value="N" /> ``` Verify That Your Application is Eligible for Samsung Pay {#samsungpay-initalize-for-app} ======================================================================================== You must initialize the *SSamsungPay* class to verify that your application is eligible for Samsung Pay and to display the Samsung Pay button to the customer (refer to branding guidelines). The *SSamsungPay* class provides the following API methods: * `initialize()`---initializes the Samsung Pay SDK and verifies eligibility for Samsung Pay, including the device, software, and business area. > IMPORTANT > Request the ` initialize() ` API method of the *SSamsungPay* class before using the Samsung Pay SDK. * `getVersionCode()`---retrieves the version number of the Samsung Pay SDK as an integer. * `getVersionName()`---retrieves the version name of the Samsung Pay SDK as a string. {#samsungpay-initalize-for-app_ul_s5x_cdr_2pb} After the `initialize()` API method request is successful, display the Samsung Pay button to the customer. If the `initialize()` API method request fails, the method displays one of the following errors: * `SsdkUnsupportedException`---the device is not a Samsung device or does not support the Samsung Pay package. * `NullPointerException`---the context passed is null. {#samsungpay-initalize-for-app_ul_lnf_pdr_2pb} Example: Samsung Pay Class {#samsungpay_ex_pay_class} ===================================================== ``` SSamsungPay spay = new SSamsungPay(); try { spay.initialize(mContext); } catch (SsdkUnsupportedException e1) { e1.printStackTrace(); pay_button.setVisibility(View.INVISIBLE); } ``` Initiating a Payment {#samsungpay_initiating_payment} ===================================================== You are required to use a specific transaction request structure and required fields to initiate a payment. Required Fields for Initiating a Payment {#samsungpay-initiate-mandatory} ========================================================================= The following fields are required for initiating a payment; include these fields in the `PaymentInfo` class: > IMPORTANT > If the required fields are not included, you receive a ` NullPointerException ` error. Merchant Name : The merchant name as it appears on the payment sheet of Samsung Pay and customer's bank statement. Amount : Payment Protocol : 3-D Secure. Permitted Card Brands : Specify the card brands that are supported such as American Express, JCB, Mastercard, or Visa. Merchant ID : Order Number : Shipping Address : This field is required if SEND_SHIPPING or NEED_BILLING_AND_SEND_SHIPPING is set for `AddressVisibilityOption`. Address Visibility Option : Card Holder Name : Recurring Option : Example: Transaction Request Structure {#samsungpay-ex-txn-req-structure} ========================================================================= ``` private PaymentInfo makeTransactionDetails() { // Supported card brands ArrayList<CardInfo.Brand> brandList = new ArrayList<CardInfo.Brand>(); if (visaBrand.isChecked()) brandList.add(CardInfo.Brand.VISA); if (mcBrand.isChecked()) brandList.add(CardInfo.Brand.Mastercard); if (amexBrand.isChecked()) brandList.add(CardInfo.Brand.AMERICANEXPRESS); // Basic payment information PaymentInfo paymentReq = new PaymentInfo.Builder() .setMerchantId(“merchantID”) .setMerchantName("Test").setAmount(getAmount()) .setShippingAddress(getShippingAddressInfo()) .setOrderNumber(orderNoView.getText().toString()) .setPaymentProtocol(PaymentProtocol.PROTOCOL_3DS) .setAddressInPaymentSheet(AddressInPaymentSheet.DO_NOT_SHOW) .setAllowedCardBrands(brandList) .setRecurringEnabled(isRecurring) .setCardHolderNameEnabled(isCardHolderNameRequired) .build(); return paymentReq; } // Add shipping address details private Address getShippingAddressInfo() { Address address = new Address.Builder() .setAddressee(name.getText().toString()) .setAddressLine1(addLine1.getText().toString()) .setAddressLine2(addline2.getText().toString()) .setCity(city.getText().toString()) .setState(state.getText().toString()) .setCountryCode(country.getSelectedItem().toString()) .setPostalCode(zip.getText().toString()).build(); return address; } // Add amount details private Amount getAmount() { Amount amount = new Amount.Builder() .setCurrencyCode(currencyType.getSelectedItem().toString()) .setItemTotalPrice(productPrice.getText().toString()) .setShippingPrice(shippingPrice.getText().toString()) .setTax(taxPrice.getText().toString()) .setTotalPrice(totalAmount.getText().toString()).build(); return amount; } ``` Requesting a Payment {#samsungpay-requesting-payment} ===================================================== 1. Use the `startSamsungPay()` API method in the `PaymentManager` class. The `PaymentManager` class includes the following API methods: #### ADDITIONAL INFORMATION * `startSamsungPay()`---requests to initiate payment with Samsung Pay. * `updateAmount()`---updates the transaction amount if shipping address or card information is updated by Samsung Pay. * `updateAmountFailed()`---returns an error code when the new amount cannot be updated because of a wrong address. 2. Request the `startSamsungPay()` API method and include the following data: #### ADDITIONAL INFORMATION * `PaymentInfo`---contains payment information. * `PID`---the product ID created in the Samsung Pay Partner Portal. * `StatusListener`---the result of the payment request is delivered to `StatusListener`. This listener should be registered before you call the `startSamsungPay()` API method. When you request the `startSamsungPay()` API method, the Samsung Pay online payment sheet is displayed on your application. The customer selects a registered card for payment and can also update the billing and shipping address. The payment reply is delivered as one of the following events to `StatusListener`: * `onSuccess()`---this event is requested when Samsung Pay confirms the payment. It includes `encryptedPaymentCredential` in JSON format: * **method:** Payment protocol: 3-D Secure. * **merchant_ref:** Merchant reference code. * **billing_address.street**: Number, street name. * **billing_address.state_province:** Two-letter state code. * **billing_address.zip_postal_code:** Five-character zip code. * **billing_address.city:** City name. * **billing_address.county:**Two-letter country code. * **3ds.type:** `S` for Samsung Pay. Encrypted. * **3ds.version:** Current version `100`. Encrypted. * **3ds.data:** Base64-encoded payment data. Encrypted. {#samsungpay-requesting-payment_ul_wd1_dhr_2pb} Refer to the Samsung Pay developer website for information on how to decrypt the encrypted payment credential. * `onFailure()`---this event is requested when the transaction fails. It returns an error code and error message. Example: Request startSamsungPay() API Method {#samsungpay-ex-req-startsp-method} ================================================================================= ``` public void onPayButtonClicked(View v) { // Call startSamsungPay() method of PaymentManager class. // To create a transaction request for makeTransactionDetails() in the following code, see Example: Transaction Request Structure. try { mPaymentManager.startSamsungPay(makeTransactionDetails(), "enter product ID", mStatusListener); } catch (NullPointerException e) { e.printStackTrace(); } } private PaymentManager.StatusListener mStatusListener = new PaymentManager.StatusListener() { @Override public void onFailure(int errCode, String msg) { Log.d(TAG, " onFailed ); } @Override public void onSuccess(PaymentInfo arg0, String result) { Log.d(TAG, "onSuccess "); }; ``` Services {#samsungpay_services} =============================== The following services are available: * [Authorization Service](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro.md "") * [Authorization Reversal Service](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-reversal-intro.md "") * [Capture Service](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-capture-intro.md "") * [Sale Service](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-sale-intro.md "") {#samsungpay_services_ul_ewn_45f_fpb} Authorization Service {#samsungpay-auth-intro} ============================================== You can authorize a payment for Samsung Pay using two different types of decryption methods: `Bank of America` or Merchant. Each decryption method requires a different set of required API fields. In addition, depending on which card type is used, different fields are required for requesting the authorization service. | Payment Processor | Authorization and Capture Information | |-------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | FDMS South | For the Indonesian rupiah (IDR) and Chilean peso (CLP) currencies: * Rounding occurs, which can cause a minor discrepancy of one currency unit between the amount you requested and the amount that is authorized. * When a transaction is enabled for partial authorization, you must ensure that the requested amount does not include any digits to the right of the decimal separator. {#samsungpay-auth-intro_d19e49} | [Processor-Specific Information About Authorizations and Captures] Authorizing a Payment with JCB Using `Bank of America` Decryption Method {#samsungpay-auth-cybs-jcb-intro} ========================================================================================================== This section provides the following information: * [Required Fields for Authorizing a Payment Using JCB and the Bank of America Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-cybsdecypt-jcb-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Bank of America Decryption with JCB Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-cybsdecrypt-ex-jcb-rest.md "") {#samsungpay-auth-cybs-jcb-intro_ul_xb4_psp_npb} Required Fields for Authorizing a Payment Using JCB and the `Bank of America` Decryption Method {#samsungpay-auth-cybsdecypt-jcb-mandatory} =========================================================================================================================================== The following fields are required when submitting an authorization request using the `Bank of America` decryption method: * descriptor-set this field under the fluidData object to `RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=`. * paymentInformation.fluidData.value-set this field to the Base64-encoded value obtained from the paymentData property of the PKPaymentToken object. * processingInformation.paymentSolution-set this field to `008`. Authorizing a Payment {#samsung-auth-procedure} =============================================== 1. Send the service request to `https://api.merchant-services.bankofamerica.com``/pts/v2/payments`. 2. Include the required fields in the request. {#samsung-auth-procedure_auth-s2-reqfields} 3. Include optional fields in the request as needed.{#samsung-auth-procedure_auth-s3-optfields} 4. Check the response message to make sure that the request was successful. A 200-level HTTP response code indicates success. For information about response codes, see [Transaction Response Codes](https://developer.merchant.services.bankofamerica.com/api/reference/response-codes.md ""). Example: `Bank of America` Decryption with JCB Using the REST API {#samsungpay-auth-cybsdecrypt-ex-jcb-rest} ============================================================================================================ Authorization Request ``` { "processingInformation": { "paymentSolution": "008" }, "consumerAuthenticationInformation": { "cavv": "EHuWW9PiBkWvqE5juRwDzAUFBAk=", "eciRaw": "05" }, "paymentInformation": { "tokenizedCard": { "number": "xxxx55555555xxxx", "expirationMonth": "12", "expirationYear": "2031", "transactionType": "1", "type": "007" } }, "billTo": { "firstName": "Jane", "lastName": "Smith", "address1": "123 Main Street", "address2": "Suite 12345", "locality": "Small Town", "administrativeArea": "CA", "postalCode": "98765", "country": "US", "email": "js@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "ref123" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "processingInformation": { "reconciliationID": "15356268CR2XF23X" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "paymentSolution": "008", "avs": { "codeRaw": "I1" } } } ``` Authorizing a Payment with Mastercard Using `Bank of America` Decryption Method {#samsungpay-auth-cybs-mc-intro} ================================================================================================================ This section provides the following information: * [Required Fields for Authorizing a Payment Using Mastercard and the Bank of America Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-mc-intro/samsungpay-auth-cybsdecypt-mc-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Bank of America Decryption with Mastercard Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-mc-intro/samsungpay-auth-cybsdecrypt-ex-mc-rest.md "") {#samsungpay-auth-cybs-mc-intro_ul_oj3_jtp_npb} Required Fields for Authorizing a Payment Using Mastercard and the `Bank of America` Decryption Method {#samsungpay-auth-cybsdecypt-mc-mandatory} ================================================================================================================================================= The following fields are required when submitting an authorization request using the `Bank of America` decryption method: * descriptor-set this field under the fluidData object to `RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=`. * processingInformation.commerceIndicator-set this field to `spa`. * paymentInformation.tokenizedCard.transactionType-set this field to `1`. * processingInformation.paymentSolution-set this field to `008`. Example: `Bank of America` Decryption with Mastercard Using the REST API {#samsungpay-auth-cybsdecrypt-ex-mc-rest} ================================================================================================================== Authorization Request ``` { "clientReferenceInformation": { "code": "demorefnum" }, "processingInformation": { "paymentSolution": "008", "commerceIndicator": "spa" }, "paymentInformation": { "tokenizedCard": { "transactionType": "1" } }, "fluidData": { "descriptor": "ABCDEFabcdefABCDEFabcdef0987654321234567", "value": "RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=" }, "billTo": { "firstName": "James", "lastName": "Smith", "address1": "111 S. Division St.", "address2": "Suite 123", "locality": "Ann Arbor", "administrativeArea": "MI", "postalCode": "48104-2201", "country": "US", "email": "demo@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "demorefnum" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "processingInformation": { "reconciliationID": "13209255CGJSMQCR" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "I1" } }, "submitTimeUtc": "2015-11-03T205035Z" } } ``` Authorizing a Payment with Visa Using `Bank of America` Decryption Method {#samsungpay-auth-cybs-visa-intro} ============================================================================================================ This section provides the following information: * [Required Fields for Authorizing a Payment Using Visa and the Bank of America Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-visa-intro/samsungpay-auth-cybsdecypt-visa-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Bank of America Decryption with Visa Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-visa-intro/samsungpay-auth-cybsdecrypt-ex-visa-rest.md "") {#samsungpay-auth-cybs-visa-intro_ul_oj3_jtp_npb} Required Fields for Authorizing a Payment Using Visa and the `Bank of America` Decryption Method {#samsungpay-auth-cybsdecypt-visa-mandatory} ============================================================================================================================================= The following fields are required when submitting an authorization request using the `Bank of America` decryption method: * descriptor-set this field under the fluidData object to `RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=`. * processingInformation.commerceIndicator-set this field to `internet`. * paymentInformation.tokenizedCard.transactionType-set this field to `1`. * processingInformation.paymentSolution-set this field to `008`. Example: `Bank of America` Decryption with Visa Using the REST API {#samsungpay-auth-cybsdecrypt-ex-visa-rest} ============================================================================================================== Authorization Request ``` { "clientReferenceInformation": { "code": "demorefnum" }, "processingInformation": { "paymentSolution": "008", "commerceIndicator": "internet" }, "paymentInformation": { "tokenizedCard": { "transactionType": "1" } }, "fluidData": { "descriptor": "ABCDEFabcdefABCDEFabcdef0987654321234567", "value": "RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=" }, "billTo": { "firstName": "James", "lastName": "Smith", "address1": "111 S. Division St.", "address2": "Suite 123", "locality": "Ann Arbor", "administrativeArea": "MI", "postalCode": "48104-2201", "country": "US", "email": "demo@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "demorefnum" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "paymentInformation": { "tokenizedCard": { "prefix": "294672", "suffix": "4397", "expirationMonth": "08" } }, "processingInformation": { "reconciliationID": "13209254CGJSMQCQ" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "I1" } } } ``` Authorizing a Payment with JCB Using Merchant Decryption Method {#samsungpay-auth-merchant-jcb-intro} ===================================================================================================== This section provides the following information: * [Required Fields for Authorizing a Payment Using JCB and the Merchant Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-jcb-intro/samsungpay-auth-merdecypt-jcb-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Merchant Decryption with JCB Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-jcb-intro/samsungpay-auth-merdecrypt-ex-jcb-rest.md "") {#samsungpay-auth-merchant-jcb-intro_ul_pcj_krp_npb} Required Fields for Authorizing a Payment Using JCB and the Merchant Decryption Method {#samsungpay-auth-merdecypt-jcb-mandatory} ================================================================================================================================= The following fields are required when submitting an authorization request using the Merchant decryption method: * consumerAuthenticationInformation.cavv-set this field to the 3-D Secure cryptogram of the payment network token. * paymentInformation.card.number-set this field to the payment network token value. * paymentInformation.card.expirationMonth/ paymentInformation.tokenizedCard.expirationMonth-set this field to the payment network token expiration month value. * paymentInformation.card.expirationYear/ paymentInformation.tokenizedCard.expirationYear-set this field to the payment network token expiration year value. * consumerAuthenticationInformation.eciRaw-set this field to the ECI value contained in the Samsung Pay reply message. * paymentinformation.tokenizedCard.cryptogram-set this field to the network token cryptogram. * paymentInformation.tokenizedCard.transactionType-set this field to `1`. * processingInformation.paymentSolution-set this field to `008`. Example: Merchant Decryption with JCB Using the REST API {#samsungpay-auth-merdecrypt-ex-jcb-rest} ================================================================================================== Authorization Request ``` { "consumerAuthenticationInformation": { "cavv": "EHuWW9PiBkWvqE5juRwDzAUFBAk=", "eciRaw": "05" }, "processingInformation": { "paymentSolution": "008" }, "paymentInformation": { "tokenizedCard": { "expirationMonth": "12", "expirationYear": "2031", "number": "xxxx11111111xxxx", "transactionType": "1", "type": "007" } }, "billTo": { "firstName": "Jane", "lastName": "Smith", "address1": "123 Main St.", "address2": "Suite 12345", "locality": "Small Town", "administrativeArea": "CA", "postalCode": "98765", "country": "US", "email": "js@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "ref123" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "processingInformation": { "reconciliationID": "15356268CR2XF23X" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "X", "codeRaw": "I1" } } } ``` Authorizing a Payment with Mastercard Using Merchant Decryption Method {#samsungpay-auth-merchant-mc-intro} =========================================================================================================== This section provides the following information: * [Required Fields for Authorizing a Payment Using Mastercard and the Merchant Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-mc-intro/samsungpay-auth-merdecypt-mc-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Merchant Decryption with Mastercard Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-mc-intro/samsungpay-auth-merdecrypt-ex-mc-rest.md "") {#samsungpay-auth-merchant-mc-intro_ul_pcj_krp_npb} Required Fields for Authorizing a Payment Using Mastercard and the Merchant Decryption Method {#samsungpay-auth-merdecypt-mc-mandatory} ======================================================================================================================================= The following fields are required when submitting an authorization request using the Merchant decryption method: * paymentInformation.card.number-set this field to the payment network token value. * paymentInformation.card.expirationMonth/ paymentInformation.tokenizedCard.expirationMonth-set this field to the payment network token expiration month value. * paymentInformation.card.expirationYear/ paymentInformation.tokenizedCard.expirationYear-set this field to the payment network token expiration year value. * processingInformation.commerceIndicator- set this field to `spa`. * paymentinformation.tokenizedCard.cryptogram-set this field to the network token cryptogram. * paymentInformation.tokenizedCard.transactionType-set this field to `1`. * processingInformation.paymentSolution-set this field to `008`. * consumerAuthenticationInformation.ucafAuthenticationData--set this field to the 3-D Secure cryptogram of the payment network token. * consumerAuthenticationInformation.ucafCollectionIndicator-set this field to `2`. Example: Merchant Decryption with Mastercard Using the REST API {#samsungpay-auth-merdecrypt-ex-mc-rest} ======================================================================================================== Authorization Request ``` { "clientReferenceInformation": { "code": "demorefnum" }, "consumerAuthenticationInformation": { "ucafAuthenticationData": "ABCDEFabcdefABCDEFabcdef0987654321234567", "ucafCollectionIndicator": "2" }, "processingInformation": { "paymentSolution": "008" }, "paymentInformation": { "tokenizedCard": { "expirationMonth": "12", "expirationYear": "2021", "number": "xxxx55555555xxxx", "transactionType": "1" } }, "billTo": { "firstName": "James", "lastName": "Smith", "address1": "111 S. Division St.", "address2": "Suite 123", "locality": "Ann Arbor", "administrativeArea": "MI", "postalCode": "48104-2201", "country": "US", "email": "demo@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "demorefnum" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "processingInformation": { "reconciliationID": "13209255CGJSMQCR" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "I1" } }, "submitTimeUtc": "2015-11-03T205035Z" } } ``` Authorizing a Payment with Visa Using Merchant Decryption Method {#samsungpay-auth-merchant-visa-intro} ======================================================================================================= This section provides the following information: * [Required Fields for Authorizing a Payment Using Visa and the Merchant Decryption Method](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-visa-intro/samsungpay-auth-merdecypt-visa-mandatory.md "") * [Authorizing a Payment](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-cybs-jcb-intro/samsungpay-auth-procedure.md "") * [Example: Merchant Decryption with Visa Using the REST API](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro/samsungpay-auth-merchant-visa-intro/samsungpay-auth-merdecrypt-ex-visa-rest.md "") {#samsungpay-auth-merchant-visa-intro_ul_pcj_krp_npb} Required Fields for Authorizing a Payment Using Visa and the Merchant Decryption Method {#samsungpay-auth-merdecypt-visa-mandatory} =================================================================================================================================== The following fields are required when submitting an authorization request using the Merchant decryption method: * consumerAuthenticationInformation.cavv-set this field to the 3-D Secure cryptogram of the payment network token. * paymentInformation.card.number-set this field to the payment network token value. * paymentInformation.card.expirationMonth/ paymentInformation.tokenizedCard.expirationMonth-set this field to the payment network token expiration month value. * paymentInformation.card.expirationYear/ paymentInformation.tokenizedCard.expirationYear-set this field to the payment network token expiration year value. * consumerAuthenticationInformation.eciRaw-for JCB transactions, set this field to the ECI value contained in the Samsung Pay reply message. * processingInformation.commerceIndicator-set this field to `internet`. * paymentinformation.tokenizedCard.cryptogram-set this field to the network token cryptogram. * paymentInformation.tokenizedCard.transactionType-set this field to `1`. * processingInformation.paymentSolution-set this field to `008`. Example: Merchant Decryption with Visa Using the REST API {#samsungpay-auth-merdecrypt-ex-visa-rest} ==================================================================================================== Authorization Request ``` { "clientReferenceInformation": { "code": "demorefnum" }, "consumerAuthenticationInformation": { "cavv": "ABCDEFabcdefABCDEFabcdef0987654321234567" }, "processingInformation": { "commerceIndicator": "internet", "paymentSolution": "008" }, "paymentInformation": { "tokenizedCard": { "expirationMonth": "12", "expirationYear": "2021", "number": "xxxx100000000xxxx", "transactionType": "1" } }, "billTo": { "firstName": "James", "lastName": "Smith", "address1": "111 S. Division St.", "address2": "Suite 123", "locality": "Ann Arbor", "administrativeArea": "MI", "postalCode": "48104-2201", "country": "US", "email": "demo@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization Response ``` { "clientReferenceInformation": { "code": "demorefnum" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00" } }, "processingInformation": { "reconciliationID": "13209254CGJSMQCQ" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "I1" } }, "submitTimeUtc": "2015-11-03T205035Z" } } ``` Authorization Reversal Service {#samsungpay-reversal-intro} =========================================================== The authorization reversal service is a follow-on service that uses the request ID returned from the previous authorization. An authorization reversal releases the hold that the authorization placed on the customer's credit card funds. Use this service to reverse an unnecessary or undesired authorization. | Payment Processor | Authorization Reversal Information | |-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | FDC Germany | You are responsible for complying with the processor's specific requirements for full authorization reversals. Contact the processor for more information. | | FDMS South | Card types supported for full authorization reversals: Visa, Mastercard, Discover, and JCB (US Domestic). For JCB cards, [US Domestic](# "") means that the currency is USD and your location is the U.S., Puerto Rico, Guam, U.S. Virgin Islands, or Northern Mariana Islands. Full authorization reversals are supported only for transactions that do not go through a currency conversion. Full authorization reversals are supported for the following types of merchants and currencies: * Merchants located in the U.S. who authorize, settle, and fund in U.S. dollars. * Merchants located in Canada who authorize, settle, and fund in Canadian dollars. * Merchants located in Latin America or the Caribbean who authorize, settle, and fund in U.S. dollars. * Merchants located in Europe who authorize, settle, and fund in the currency for the country in which the merchant is located. {#samsungpay-reversal-intro_d23e69} | | Software Express | Card types supported for full authorization reversals: Visa, Mastercard. | [Processor-Specific Information About Authorization Reversals] Required Fields for Reversing an Authorization {#samsungpay-reversal-mandatory} =============================================================================== The following fields are required when creating an authorization reversal request: clientReferenceInformation.code : orderInformation.amountDetails.currency : orderInformation.amountDetails.totalAmount : processingInformation.paymentSolution : Set to `008`. Reversing an Authorization {#samsungpay-reversal-procedure} =========================================================== 1. Send the service request to `POST https://<``url_prefix``>/v2/payments/{id}/reversals`. Use one of these prefixes: * Test: `apitest.merchant-services.bankofamerica.com` * Production: `api.merchant-services.bankofamerica.com` {#samsungpay-reversal-procedure_choices_mgd_hkn_b1c} #### ADDITIONAL INFORMATION Where `id` is the authorization ID returned in the authorization response. ``` { "id": "6481692924466004003001" } ``` The URL with the `id` value is included in the authorization response: ``` {     "_links": {         "authReversal": {             "method": "POST",             "href": "/pts/v2/payments/6481692924466004003001/reversals"         }, ``` 2. Check the response message to make sure that the request was successful. A 200-level HTTP response code indicates success. For information about response codes, see [Transaction Response Codes](https://developer.merchant.services.bankofamerica.com/api/reference/response-codes.md ""). Example: Basic Credit Card Authorization Reversal Using the REST API {#samsungpay-reversal-ex-rest} =================================================================================================== Authorization Reversal Request ``` { "clientReferenceInformation": { "code": "TC50171_3" }, "reversalInformation": { "amountDetails": { "totalAmount": "102.21" }, "reason": "exception" } } ``` Authorization Reversal Response ``` { "submitTimeUtc": "2021-04-22T16:44:03Z", "status": "approved", "errorInformation": { "reason": "EXCEPTION", "message": "The request was processed successfully." } } ``` Capture Service {#samsungpay-capture-intro} =========================================== The capture service is a follow-on service that uses the request ID returned from the previous authorization. The request ID links the capture to the authorization. This service transfers funds from the customer's account to your bank and usually takes two to four days to complete. | Payment Processor | Authorization and Capture Information | |-------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | FDMS South | For the Indonesian rupiah (IDR) and Chilean peso (CLP) currencies: * Rounding occurs, which can cause a minor discrepancy of one currency unit between the amount you requested and the amount that is authorized. * When a transaction is enabled for partial authorization, you must ensure that the requested amount does not include any digits to the right of the decimal separator. {#samsungpay-capture-intro_d19e49} | [Processor-Specific Information About Authorizations and Captures] Required Fields for Capturing a Payment {#samsungpay-capture-mandatory} ======================================================================= The following fields are required when creating a capture request: clientReferenceInformation.code : orderInformation.amountDetails.currency : orderInformation.amountDetails.totalAmount : processingInformation.paymentSolution : Set to `008`. Capturing a Payment {#samsungpay-capture-procedure} =================================================== 1. Pass the original authorization ID in the URL, and send the service request to `POST https://<``url_prefix``>/v2/payments/{id}/captures`. Use one of these URL prefixes: * Test: `apitest.merchant-services.bankofamerica.com` * Production: `api.merchant-services.bankofamerica.com` {#samsungpay-capture-procedure_choices_g5g_hln_b1c} #### ADDITIONAL INFORMATION Where `id` is the authorization ID returned in the authorization response. ``` { "id": "6481692924466004003001" } ``` The URL with the `id` value is included in the authorization response: ``` { "_links": { "capture": { "method": "POST", "href": "/pts/v2/payments/6481692924466004003001/captures" } } ``` 2. Check the response message to make sure that the request was successful. A 200-level HTTP response code indicates success. For information about response codes, see [Transaction Response Codes](https://developer.merchant.services.bankofamerica.com/api/reference/response-codes.md ""). Example: Basic Credit Card Capture Using the REST API {#samsungpay-capture-ex-rest} =================================================================================== Capture Request ``` { "clientReferenceInformation": { "code": "482046C3A7E94F5BD1FE3C66C" }, "processingInformation": { "paymentSolution": "008" }, "orderInformation": { "amountDetails": { "totalAmount": "49.95", "currency": "USD" } } } ``` Capture Response ``` { "clientReferenceInformation": { "code": "482046C3A7E94F5BD1FE3C66C" }, "processingInformation": { "reconciliationID": "02850840187309570" }, "orderInformation": { "amountDetails": { "totalAmount": "49.95", "currency": "USD" } } } ``` Sale Service {#samsungpay-sale-intro} ===================================== A sale is a bundled authorization and capture. Request the authorization and capture services at the same time. `Bank of America` processes the capture immediately. Required Fields for Performing a Sale {#samsungpay-sale-cybsdecypt-amex-mandatory} ================================================================================== The following fields are required when submitting a sale request: Fields required for requesting the authorization service : Use the same values that are set for requesting the [Authorization Service](/docs/bofa/en-us/samsung-pay/developer/gpx/rest/samsungpay/samsungpay-services/samsungpay-auth-intro.md ""). The sales request is sent to the following endpoint: `https://api.merchant-services.bankofamerica.com`/pts/v2/payments. Authorizing and Capturing a Payment {#samsungpay-sale-procedure} ================================================================ You can authorize and capture a payment at the same time, which is known as performing a sale. 1. Send the service request to `https://api.merchant-services.bankofamerica.com``/pts/v2/payments`. 2. Check the response message to make sure that the request was successful. A 200-level HTTP response code indicates success. For information about response codes, see [Transaction Response Codes](https://developer.merchant.services.bankofamerica.com/api/reference/response-codes.md ""). Example: Basic Credit Card Sale Using the REST API {#samsungpay-sale-cybsdecrypt-ex-amex-rest} ============================================================================================== Authorization and Capture (Sale) Request ``` { "clientReferenceInformation": { "code": "demorefnum" }, "processingInformation": { "paymentSolution": "008", "commerceIndicator": "aesk" }, "paymentInformation": { "tokenizedCard": { "transactionType": "1", "type": "003" } }, "fluidData": { "descriptor": "ABCDEFabcdefABCDEFabcdef0987654321234567", "value": "RklEPUNPTU1PTi5TQU1TVU5HLklOQVBQLlBBWU1FTlQ=" }, "billTo": { "firstName": "James", "lastName": "Smith", "address1": "111 S. Division St.", "address2": "Suite 123", "locality": "Ann Arbor", "administrativeArea": "MI", "postalCode": "48104-2201", "country": "US", "email": "demo@example.com", "phoneNumber": "9999999999" }, "orderInformation": { "amountDetails": { "currency": "USD", "totalAmount": "100.00" } } } ``` Authorization and Capture (Sale) Response ``` { "clientReferenceInformation": { "code": "demorefnum" }, "orderInformation": { "amountDetails": { "currency": "USD", "authorizedAmount": "100.00", "totalAmount": "100.00" } }, "paymentInformation": { "tokenizedCard": { "prefix": "593056", "suffix": "0842", "expirationMonth": "08", "expirationYear": "2021" } }, "processingInformation": { "reconciliationID": "13209256CGJSMQCZ" }, "processorInformation": { "approvalCode": "888888", "responseCode": "100", "avs": { "code": "I1" } }, "submitTimeUtc": "2015-11-03T205202Z" } } ```