Our newly refurbished online payment gateway’s open API which minimises your own PCI requirements and gives you more control over how your payment page looks.
Elavon Customer Service:
0345 850 0195
Opayo Product Support:
0191 313 0299
Our newly refurbished online payment gateway’s open API which minimises your own PCI requirements and gives you more control over how your payment page looks.
PI makes integrating payments with your website simpler than ever before whilst maximising your control over the look and feel of the payment page and simultaneously reducing your exposure to sensitive card data.
Built for business whether your staring out, scaling up or already an enterprise, our innovative payment solutions will help you do more business your way. Don’t just develop your website to take payments, help your website stand out from the rest by Futureproof your website and shopper checkout experience.
PI makes integrating payments with your website simpler than ever before whilst maximising your control over the look and feel of the payment page and simultaneously reducing your exposure to sensitive card data.
Built for business whether your staring out, scaling up or already an enterprise, our innovative payment solutions will help you do more business your way. Don’t just develop your website to take payments, help your website stand out from the rest by Futureproof your website and shopper checkout experience.
In both integrations you create a session key to authenticate your calls from the browser, use the Opayo JavaScript library to tokenise the card details and receive a unique Card Identifier that you can then use to submit a payment from your server. There are 2 options using Pi allows you to accept payments in minutes, using our simple drop-in checkout or customising your payment page with your own form integration.
The Opayo direct integration is the most complex way to integrate your website with our systems.
Direct gives you complete control over the transactional process, from capturing the basic details of the order, to the credit and debit card details on your own website.
You are able to completely control the way the transaction is processed on your account, with direct we only require that you pass the details to us in a specific format.
Direct integration allows you:
When a transaction is processed through your website using Direct integration you will capture all of the details for the transaction, including the card details of your shopper. Once captured, you will then submit this information to Opayo as a single transaction registration post.
We will then validate this information to ensure this is correct then pass the transaction over to the merchant bank, and the card issuing bank (shoppers) to be authorised.
Once authorisation has been given we will then provide you with the results of the transaction status (ok, rejected, invalid) and we will provide you with the results of the transaction.
You will then be able to provide the shopper with the transaction results on your own site, at any specified page.
Once you have decided that the direct integration is for you we have a number of documents and tools available to help with your integration. We offer our vendors, partners, and developers integration documentation for each method of integration, custom template files to allow for customisation of the payment pages, and protocol and integration guidelines that outline the integration, posts, and requirements of the fields that are submitted through to Opayo.
When you are looking to implement the Opayo integration on to your site you will need to choose which method of the integration you will use.
The server method offers you enough control and security of the transactional process to enable effective management on the platform without the need to host the card capture process directly.
Server offers you:
When a transaction is processed through the Opayo systems using the server method of integration you are required to submit a transaction registration post to our systems. An acknowledgement of this is then sent to your site from Opayo including the next page (nexturl) where the shopper will be redirected too.
Once the shopper has been transferred to this page (or the iframe has been loaded within your site) the shopper will then enter the card details into the secure Opayo payment page. Opayo will then check the details are correct and submit this through for authorisation from the merchant (vendors) and card issuing (shoppers) bank.
After this authorisation has been given Opayo will provide you with the status (ok, rejected, invalid) in a notification post of the transaction and a signature string (MD5 hash value). You will then compare the signature provided by Opayo to the string you have created to ensure no tampering has taken place.
It is at this point you have the option to accept or reject the transaction and this is done by providing us with a response (to the notification post) and an instruction for re-direction. Opayo will then navigate the shopper back to the page specified by you in order to complete the transactional cycle.
Below is a full breakdown of the Server transactional process on the Opayo platform:
Once you have decided that the server integration is for you Opayo have a number of documents to help with your integration. We provide custom template files to allow for customisation of the payment pages, protocol and integration guidelines that outline the integration, posts, and requirements of the fields that are submitted through to Opayo.
It all depends how you complete your integration when using the server method of integration. Before you start your development the first choice is to decide between the Inframe solution and the standard payment pages. You can then choose between the customised version of these pages or the standard.
Aside from the Inframe being embedded into the vendors pages (website) the Inframe also involves less steps to complete the transactional process.
The standard server method of integration includes a card selection, card details, and confirmation page that the shopper must progress through before the transaction is completed. The Inframe simply has a card details page where the shopper will enter the card details to be used for the transaction.
Both the Inframe and the standard Server payment pages process will increase by 1 page each if the 3-D Secure Fraud prevention tool is activated within the account.
The form integration is the quickest, easiest, and simplest way to integration your website with our systems.
Form enables your website to take payments with minimal integration work, this includes us capturing the credit or debit card details from your shoppers on our hosted payment pages.
Most shopping carts, and web hosts who work with our systems are able to offer you an Opayo (Formerly Sage Pay) Form as the first method of integration.
With Form you have:
When a transaction is processed through your website using the form integration you are required to submit a transaction registration post to us. This post will be encrypted to ensure security using the password that was provided to you by ourselves.
Included in your transaction registration post you will include details of the shopper, along with the amount, currency, and address details. You will also provide us with a success and failure URL, these pages are used to redirect your shopper after the transaction has been authorised.
Along with this you will also transfer the shopper from your website onto the Opayo payment pages. We will then require the shopper to enter the card details and submit the transaction for authorisation.
We will then validate this information to ensure this is correct. We will then pass the transaction over to the merchant bank, and the card issuing bank (shoppers) to be authorised.
Once authorisation has been given we will then provide you with the results of the transaction status (ok, rejected, invalid) and transfer the shopper back to your website.
Where the customer is passed back through to will depend on the status of the transaction. If successful, the shopper will be passed to your success URL and if Failed, they will be passed to your failure URL.
Once you have decided that the form integration is for you we have a number of documents and tools available to help with your integration. We offer custom template files to allow for customisation of the payment pages, and protocol and integration guidelines that outline the integration, posts, and requirements of the fields that are submitted through to Opayo.
By using the customised reporting and admin feature you are able to manage your account and your transactions without having to access the MyOpayo panel.
You are able to effectively run all of your transaction reports, and amend the admin functions of your account without ever having to log into our platform.
If you are using your own system to process transactions and you do not need to access the MyOpayo panel to review your transactions, the customised reporting and admin feature will enable you to create your own reports using the information that is stored on our system.
When using the customised reporting and admin feature your system will be making secure https posts to ours.
The post itself will contain a single field called XML, within that field your request, or command will be included.
We will then respond to the post with the details of your request allowing your system to store the details that have been sent in our reply.
If you would like to use the customised reporting and admin feature but are unsure how to do this we can advise speaking to your web developer.
Your web developer can then access our integration guides and use this to link your systems to the feature.
When using the customised reporting and admin feature you have a huge variety of admin functions available to you.
Actions such as setting 3-D Secure and AVS/CV2 rules, creating users, blocking card ranges and IP addresses are available to perform remotely.
For a full list of the available admin functions available to you please download the customised reporting and admin integration guide.
It all depends on what you are looking to report on when using the customised reporting and admin feature.
You can run individual transaction detailed reports, transaction lists, card types on transactions, transaction types, and summaries all by using the reporting feature.
If you want to know all of the reporting options available to you simply download the integration guide, you will be given a full list of available reports, and admin functions.
When requesting a report from our system using the customised reporting and admin feature you can only receive 50 rows of data in any single request.
For example, if your account has processed 100 transactions and you would like to obtain a transaction report your system will need to submit 2 requests using the integration guide to our system to receive all of the transactional information.
Just like your MyOpayo you can manage the transactions that have been processed through your account.
You can:
Each action will allow you to effectively perform all of the same actions as MyOpayo without ever having to access our platform.
If you would like to manage your transactions remotely you can.
Normally companies using either the server or direct methods of integration will use our remote actions.
If you are using MyOpayo to process your mail order transactions or our form method of integration you normally won’t need to use remote actions but you can if you want.
We won’t restrict you from using remote actions regardless of the integration you are using.
When a transaction is processed through our system your site/booking platform submits a request to us with the transactional information.
The same process applies when using the remote actions. The only difference in the 2 processes is you will be passing slightly different information, to a different registration URL.
Your system will provide us with the details of the transaction you would like to action, along with the action you are performing.
When you process a transaction through us using the server or direct method of integration you will be provided with all of the details needed to perform remote actions.
If however you are using your MyOpayo, or the form method of integration you will need to perform a “gettransactiondetail” request using our customised reporting and admin panel to obtain the details you need to process a remote action.
Our customised reporting and admin information will help you with performing remote actions.
Once the request has been received we will verify the details, and then perform the action for you. You will then be sent a confirmation of the action being performed in response to your original request.
If you want to use remote actions to manage your account all you need is a copy of our shared protocol guide.
You can then integrate this with your site/booking platform and start using the remote actions on your account.
If you are unsure about how to do this we would advise speaking with your web developer who will be able to help.
If you are using Opayo form as your method of integration you are able to send, and receive confirmation emails for any orders placed through your website.
Opayo form is the only integration method available from Opayo that gives you the option to have confirmation emails.
For every order that is placed through your website you have the option to receive an email from Opayo informing you of an order that has been placed.
You are also able to send an email to your shoppers confirming that their order has been placed through your website successfully.
When your software send a Form transaction request it send a number of fields through to us for that transaction. In relation to emails , the fields ‘VendorEMail’, ‘CustomerEMail’ and ‘SendEMail’. The VendorEMail’ and ‘CustomerEMail’ are used to collect the Email address’s and ‘SendEMail’ tell the system what action to take with them.
Included in this transaction registration post you also have the option of sending a field called – sendemail.
SendEMail can have the value of:
If you do not provide us with this field we will assume the value is “1” and send both emails confirming an order has been placed.
You are able to include a message on the confirmation emails that are sent to your customers when a successful order has been placed through your website.
To do this you will need to provide us with the field email message as part of your transaction registration post.
By including this field you are able to add your own message to the email that your customer will receive when they place an order through your website.
This will give you the control to manage the message that your customers receive when they are sent a confirmation email.
Unfortunately not, confirmation emails are only available to Opayo form customers.
If you want to send confirmation emails to your customers you will need to set this up through your own site, using your own mail server to generate and send the emails.
When you register a token on the Opayo system, you are able to use it as long as the card remains valid.
The card details associated with the token are stored on the Opayo system, along with the expiry date for the card.
By performing a simple reporting and admin API command to the Opayo system you are able to obtain the details of the token that will include the expiry date for the card.
You will then be able to identify when the token will expire.
Reporting and Admin is a tool that is available to all customers using the Opayo system.
You are able to perform actions such as adding and removing users to MyOpayo, adding and removing fraud prevention rules, and obtaining information on transactions that have been processed through your Opayo account.
To find out when a token will expire on your account you will need to perform the getTokenDetails command using the reporting and admin tool.
Before you can get the details of the token you will first need to ensure that you have the token ID to hand.
You will then get the following information sent back to your system by Opayo:
A full breakdown of performing the command can be on our developer hub.
The 3 methods of integration are:
Each method of integration will allow you to link your website to our systems to process payments.
If you have a web developer, or your website is using a shopping cart we would advise speaking directly with each in order to find which integration will work best with your site.
You will then be able to choose the method that works with your site and begin processing transactions.
If you are using Opayo form as your method of integration you will be issued with an encryption password from Opayo when your account is set up.
All businesses using the Form method of integration must use the encryption password in order for transactions to be processed through your account.
An encryption password is a mixture of letters (upper and lowercase) and numbers that is used to encode and generate the Crypt string that is sent from your system when a transaction is registered through Opayo.
In order to ensure the security of your transactional information you are given both a test and live encryption password.
When your account is set-up with us you are given access to the MyOpayo admin panel. Once you have logged into your account as the main admin user you will be able to select settings followed by admin on the left of the screen. You will then see your encryption key.
If you are using an off the shelf shopping cart you will need to enter your Opayo vendor name and encryption password into the back end of the platform.
For custom build websites you will need to provide this information to your web developer who will be able to build this into your site.
Your crypt string includes all of the transactional information that is sent to Opayo. Information that is sent in the crypt string is:
There are a lot more fields that are included in the crypt string when it is sent to us. For a full list of the fields included please download a copy of our form protocol guide.
In order to ensure the information included in the crypt string is sent and received securely it is encoded using the encryption password.
The password is used as part of your encryption process and will turn your transaction information into an intelligible string of letters and numbers that cannot be read.
An example of this is:
VendorTxCode=TxCode-1310917599-223087284&Amount=36.95&Currency=GBP&Description=description&CustomerName=Fname&Surname&CustomerEMail=customer@example.com&BillingSurname=Surname&BillingFirstnames=Fname&BillingAddress1=BillAddress Line 1&BillingCity=BillCity&BillingPostCode=W1A 1BL&BillingCountry=GB&BillingPhone=447933000000&DeliveryFirstnames=Fname&DeliverySurname=Surname&DeliveryAddress1=BillAddress Line 1&DeliveryCity=BillCity&DeliveryPostCode=W1A 1BL&DeliveryCountry=GB&DeliveryPhone=447933000000&SuccessURL=https://example.com/success&FailureURL=https://example.com/failure
Crypt = @ED19A324A441FB7345DE87869E3712D13CE9A129CA177CEE62FC10FDF67EBD6C42000D53679BADCABB45661EF63BB87E6AB
3BD10FB9BA6000C16FD7D47FF8E76EC31E8D288A73DAD797DFD613131D32A30377C72FC2F56A762C384F2A3E9A0F3A2225C6
54C39E725E85DC5E4C94EE7F7CC4403AC3B049D13A8BAC2EB0E6B2AF4BCB7B55BAE6CB497B37BB8C0AB817994E13867DAAE6
086327031D140564171C5950B3D1A138661B12AE783A438787E66E58DBEDD1244FEAD138BE43A7D0BCC764A451B9F0FC6F27
This will ensure that your transaction information is not tampered with and will arrive at Opayo the same as when captured.
Our customer support team is here to help.
(Sole trader, or partnership with 3 or less partners)
(All other customers)