Payflow Gateway Magtek Parameters

Last updated: Aug 15th, 6:04am

MagTek products for both merchants and consumers provide added security to payment transactions. For merchants, MagTek's MagneSafe card readers encrypt payment card data when the card is swiped. For consumers, MagTek has a subscription based service named Qwick Codes. Consumers can use Qwick Codes instead of their payment card details to purchase goods and services.

Note: You must have a MagneSafe card reader or the required Qwick Code information to use the MagTek specific parameters described in this appendix. Please contact MagTek directly for more information.

MagTek MagneSafe Secure Card Readers and Qwick Codes
Passing Encrypted Card Swipe Data and Qwick Codes to the Payflow Gateway
Parameters for Encrypted Card Swipe Transactions
Parameters for MagTek Qwick Code PCode Transactions
MagTek Error Codes and Messages

MagTek MagneSafe Secure Card Readers and Qwick Codes

MagneSafe Secure Card Reader Authenticators

MagTek's MagneSafe ™ secure card readers encrypt payment card track data such as the credit card account number and the expiration date. MagTek's Secure Card Reader Authenticators (SCRAs) capture data with a single swipe and can deliver dynamic card authentication, data encryption, tokenization, and device/host authentication to help protect merchants and their customers from identity theft and card fraud. MagTek's MagneSafe SCRAs can also identify counterfeit cards.

What is MagneSafe? The MagneSafe Security Architecture (MSA) is MagTek's digital identification and authentication architecture that can safeguard consumers and their personal data. MSA leverages strong encryption, secure tokenization, counterfeit detection, tamper recognition, data relevance and integrity, and dynamic digital transaction signatures to validate and protect the entire transaction.

The devices supported by MagTek's MagneSafe security and Magensa Services are:

USB MSR: Dynamag.
Insert MSR for Kiosks, ATMs, etc.: MagneSafe I-65 for Chip Cards and MagStripe, PSeries MagneSafe for outdoors, Slim Seal MagneSafe.
Mobile Readers: iDynamo for iOS, Bullet for Android, uDynamo for phones and tablets with audio jack port.
PINPads: IPAD PINPad available as standard model and also with signature capture support.

MagTek Qwick Codes

MagTek offers a subscription based service to consumers named Qwick Codes. Instead of handing over plastic cards to store clerks or inserting them into unattended terminals like ATMs or gas pumps that may have been rigged with skimmers to steal card data, consumers can scan or type a Qwick Code from their smart phone or computer. The Qwick Code token is used instead to initiate a transaction whereby the merchant or ATM's processor can gather the actual card data on the back end of the transaction where it can be better secured and shielded from potential compromise. Qwick Code tokens are also known as Protection Codes or PCodes.

Passing Encrypted Card Swipe Data and Qwick Codes to the Payflow Gateway

The Payflow Gateway can process transactions for merchants who already have MagneSafe card readers or who accept MagTek Qwick Codes. You must have a MagneSafe card reader or the required Qwick Code information to use the MagTek specific parameters described below. Please contact MagTek directly for more information on obtaining the required card readers and codes.

When you pass MagneSafe encrypted card swipe data or a Qwick Code to the Payflow Gateway, Payflow will communicate directly with MagTek's Magensa servers to retrieve the payment card information. Payflow then passes the transaction data onto your merchant bank.

Supported Transaction Types Encrypted card swipe or Qwick Code (PCode) requests can be used with the following Payflow transaction types:

Authorization (TRXTYPE=A)
Credit (TRXTYPE=C)
Delayed Capture (TRXTYPE=D)
Sale (TRXTYPE=S)
Void (TRXTYPE=V)

Encrypted Card Swipe Payflow Example

The purpose of this example is to show you how to format a request.You cannot use the values in this example for testing. You must have a MagneSafe card reader and test credit cards or live credit cards to send a request to the Payflow Gateway. Please contact MagTek for more information on obtaining card readers.

Request

This request contains regular Payflow parameters along with required MagTek parameters:

1TRXTYPE=A&TENDER=C&VENDOR=MerchantUserID&PARTNER=PayPal&USER= UserIDIfAvailOrSameAsVendor&PWD=Pwd4Gateway&VERBOSITY=HIGH&CARDTYPE=1&SWIPEDECRHOST=MAGT&ENCTRACK2=82C69E600FF72FC1755509A76AD049E896A6EEA64D9BB2F203DF8AAD78265E90F4F8952A9AC03CFC&AMT=11.00&ENCMP=71AB2EE7A15887C36B8A23FED1CE7E6404D98119E24D15549E9B69AB6ABFB251C4A607D6A718B494449B506B7555BF8ED5FA4A9E2A6B814B&KSN=9011400B02AA0E00002B&MPSTATUS=3162209&ENCRYPTIONBLOCKTYPE=1&REGISTEREDBY=PayPal&MAGTEKCARDTYPE=1&DEVICESN=B02AA0E12151

See the Encrypted Card Swipe Transactions - Request Parameters for more information.

Response

If successful, the response will contain the standard Payflow response parameters for your transaction type:

1RESULT=0&PNREF=V24A0A55E168&RESPMSG=Approved&AUTHCODE=098PNI00PN&HOSTCODE=A&VISACARDLEVEL=12

If you do not pass the required MagTek parameters, you will see: RESULT=7 in the response along with a MagTek specific error message, such as:

MAGTRESPONSE=H178-ENCTRACK2 has incorrect format.

See the Encrypted Card Swipe Transactions - Response Parameters for more information.

Qwick Code - PCode - Payflow Example

The purpose of this example is to show you how to format a request.You cannot use the values in this example for testing. You must have a MagTek test Qwick Code or live Qwick Codes to send a request to the Payflow Gateway. Please contact MagTek for more Qwick Code information.

Request

This request contains regular Payflow parameters along with required MagTek parameters:

1TRXTYPE=A&TENDER=C&VENDOR=MerchantUserID&PARTNER=PayPal&USER=UserIDIfAvailOrSameAsVendor
2&PWD=Pwd4Gateway&VERBOSITY=HIGH&AMT=18&SWIPEDECRHOST=MAGT&PCODE=23456789
3&MERCHANTID=MerchantID123&MERCHANTNAME=MerchantName&PAN4=1234&BILLTOLASTNAME=Miller
4&BILLTOZIP=95131&SHIPTOZIP=94089&AUTHVALUE1=1234&AUTHVALUE2=5678
5&AUTHVALUE3=9012

See the Qwick Code - PCode - Transaction Request Parameters for more information.

Response

If successful, the response will contain the standard Payflow response parameters for your transaction type:

1RESULT=0&PNREF=V24A0A55E19C&RESPMSG=Approved&AUTHCODE=474PNI00PN&HOSTCODE=A
2&VISACARDLEVEL=12

If you do not pass the required MagTek parameters, you will see: RESULT=7 in the response along with a MagTek specific error message, such as:

MAGTRESPONSE=H364-MERCHANTID has incorrect format.

See the Qwick Code - PCode - Transaction Response Parameters for more information.

Parameters for Encrypted Card Swipe Transactions

Encrypted Card Swipe Transactions - Request Parameters

Field	Required	Description	Data type	Length
`ENCMP`	Required	Encrypted MagnePrint Information returned by a MagneSafe device when a card is swiped.	String
`ENCRYPTIONBLOCKTYPE`	Required	The code which indicates what type of Encryption Block is used. 1=MagneSafe V4/V5 compatible 2TDEA-CBC Encryption, IV=0 Block contains data only.2=iPad V1 compatible 2TDEA-CBC Encryption Block contains header + data.	Integer	1
`ENCTRACK2`	Required	Encrypted Track 2 information returned by a MagneSafe device when a card is swiped.	String
`KSN`	Required	20 character string returned by a MagneSafe device when a card is swiped.	String	20 char
`MAGTEKCARDTYPE`	Required	The code which indicates what type of Card Data Format is being submitted. 1=Encoding Format for Financial Transaction Cards (ISO 7811).	Integer
`MPSTATUS`	Required	MagnePrint Status of Card Swipe. This is an alpha numeric string, returned by a MagneSafe device when a card is swiped.
`REGISTEREDBY`	Required	An alpha numeric entry between 1 and 20 characters long.	Alphanumeric [a-z][A-Z][0-9]	1 to 20 char
`SWIPEDECRHOST`	Required	`MAGT` is the only value that is accepted in the`SWIPEDECRHOST` parameter. If you pass a different value you will see `RESULT=7` and `MAGTRESPONSE` with an error message in the response.
`DEVICESN`	Optional	The device serial number.	String
`ENCTRACK1`	Optional	Encrypted Track 1 information returned by a MagneSafe device when a card is swiped.	String
`ENCTRACK3`	Optional	Encrypted Track 3 information returned by a MagneSafe device when a card is swiped.	String

Encrypted Card Swipe Transactions - Response Parameters

Field	Required	Description	Data type	Notes
`MAGTRESPONSE`	This parameter appears in the response if a data validation error occurs or if the MagTek processor throws an error.	String	See the Magtek error codes for more information.

Parameters for MagTek Qwick Code - PCode - Transactions

Qwick Code - PCode - Transaction Request Parameters

Field	Required	Description	Data type	Length
`MERCHANTID`	Required	Your Merchant ID or the Merchant ID of the merchant redeeming the Protection Code.	String	1 to 40 characters
`PAN4`	Required	The last four digits of the PAN / account number encoded in the card.	String	Four characters
`PCODE`	Required	The generated Protection Code.	String	Eight character alphanumeric
`SWIPEDECRHOST`	Required	`MAGT` is the only value currently accepted in the `SWIPEDECRHOST` parameter.
`AUTHVALUE1`	Optional	Authentication Value 1 generated with the PCode.	String
`AUTHVALUE2`	Optional	Authentication Value 2 generated with the PCode.	String
`AUTHVALUE3`	Optional	Authentication Value 3 generated with the PCode.	String
`BILLTOEMAIL`	Optional	Purchaser's email address.	String
`BILLTOLASTNAME`	Optional	The last name of the card holder encoded in the card.	String
`BILLT0ZIP`	Optional	The billing zip code.	String
`MAGTEKUSERNAME`	Optional	MagTek username.	String
`MAGTEKPWD`	Optional	MagTek password.	String
`MERCHANTNAME`	Optional
`SHIPTOZIP`	Optional	Shipping zip code.	String

Qwick Code - PCode - Transaction Response Parameters

Field	Description	Data Type	Notes
`MAGTRESPONSE`	This only appears in the response if a data validation error occurs or if the MagTek processor throws an error.	String	See the Magtek error codes below for more information.

MagTek Error Codes and Messages

If an error occurs, one of the following error codes appear in the MAGTRESPONSE response parameter.

Encrypted Card Swipe Transactions - Input Validation Error Codes

Error Message	Notes
`H023 - REGISTEREDBY` has incorrect length
`H024 - REGISTEREDBY` has incorrect format
`H176 - ENCTRACK1` has incorrect format
`H177 - ENCTRACK1` has incorrect length
`H178 - ENCTRACK2` has incorrect format
`H179 - ENCTRACK2` has incorrect length
`H180 - ENCTRACK3` has incorrect format
`H181 - ENCTRACK3` has incorrect length
`H182 - ENCMP` has incorrect format
`H183 - ENCMP` has incorrect length
`H186 - KSN` has incorrect format
`H187 - KSN` has incorrect length
`H188 - MPSTATUS` has incorrect format
`H189 - MPSTATUS` has incorrect length
`H206` - Invalid `CARDTYPE`	Invalid `MAGTEKCARDTYPE`
`H211` - Invalid `ENCRYPTIONBLOCKTYPE`
`H219` - Invalid `OUTPUTFORMATCODE`
`H251` - Invalid `DEVICESN`

Encrypted Card Swipe Transactions - Other Error Codes

Error Message	Notes
`Y001` - No `PAN` Found in Track 2 Data
`Y003` - Device is not allowed	MagTek maintains a list of registered Devices.
`Y093` - Invalid MagnePrint	Error obtained while Scoring Transaction MagnePrint against a Reference MagnePrint made up of Zeros.
`Y094` - Invalid MagnePrint	"Negative 2 - Invalid Transaction CRC / `PAN`" Obtained when Scoring Transaction MagnePrint against a Reference MagnePrint Made up of Zeros.
`Y095` - Error Scoring Card
`Y096` - Inactive MagnePrint Reference	This occurs whenever the Card has an inactive MagnePrint Reference.
`Y097` - Replay Prevented	This occurs when the `DUKPT KSN` and Counter is replayed.
`Y098` - Problem with Reader Data	This occurs if there is a problem while decrypting the Data.

Qwick Code - PCode - Transaction Input Validation Error Codes

Error Message	Notes
`H330 - PCODE` has incorrect length
`H331 - PCODE` has incorrect format
`H336 - EMAIL` has incorrect format	`BILLTOEMAIL` has incorrect format
`H337 - EMAIL` has incorrect length	`BILLTOEMAIL` has incorrect length
`H348 - BTZIP` has incorrect format	`BILLTOZIP` has incorrect format
`H349 - BTZIP` has incorrect length	`BILLTOZIP` has incorrect length
`H360 - STZIP` has incorrect format	`SHIPTOZIP` has incorrect format
`H361 - STZIP` has incorrect length	`SHIPTOZIP` has incorrect length
`H364 - MERCHANTID` has incorrect format
`H365 - MERCHANTID` has incorrect length
`H366` - Invalid `LASTNAME`	Invalid `BILLTOLASTNAME`
`H375 - PAN4` has incorrect length
`H376 - PAN4` has incorrect format
`H380` - Invalid `AUTHVALUE1`
`H381` - Invalid `AUTHVALUE2`
`H382` - Invalid `AUTHVALUE3`
`H383` - Invalid `MERCHANTNAME`
`H384` - Invalid `USERNAME`	Invalid `MAGTEKUSERNAME`
`H385` - Invalid `PASSWORD`	Invalid `MAGTEKPWD`

Qwick Code - PCode - Transaction Other Error Codes

Error Message	Notes
`P021` - Invalid Protection Code - Not Found.
`P022` - Revoked Protection Code.	This Protection Code has already been revoked.
`P028` - Expired Protection Code.
`P031` - Last 4 of `PAN` mismatch.
`P032` - `LASTNAME` mismatch.	`BILLTOLASTNAME` mismatch.
`P033` - `MERCHANTID` is locked.
`P034` - Protection Code can no longer be Redeemed.
`P035` - `USERNAME` mismatch.	`MAGTEKUSERNAME` given does not match the one stored.
`P036` - `PASSWORD` mismatch.	`MAGTEKPWD` given does not match the one stored.
`P037` - `EMAIL` mismatch.	`BILLTOEMAIL` given does not match the one stored.
`P038` - `BTZIP` mismatch.	`BILLTOZIP` given does not match the one stored.
`P039` - `STZIP` mismatch.	`SHIPTOZIP` given does not match the one stored.
`P040` - `AUTHVALUE1` mismatch.	`AUTHVALUE1` given does not match the one stored.
`P041` - `AUTHVALUE2` mismatch.	`AUTHVALUE2` given does not match the one stored.
`P042` - `AUTHVALUE3` mismatch.	`AUTHVALUE3` given does not match the one stored.
`P098` - Problem with Reader Data	This occurs if there is a problem while decrypting the Data.