Payflow Gateway Magtek Parameters
MagTek products for both merchants and consumers provide added security to payment transactions. For merchants, MagTek's MagneSafe card readers encrypt payment card data when the card is swiped. For consumers, MagTek has a subscription based service named Qwick Codes. Consumers can use Qwick Codes instead of their payment card details to purchase goods and services.
Note: You must have a MagneSafe card reader or the required Qwick Code information to use the MagTek specific parameters described in this appendix. Please contact MagTek directly for more information.
- MagTek MagneSafe Secure Card Readers and Qwick Codes
- Passing Encrypted Card Swipe Data and Qwick Codes to the Payflow Gateway
- Parameters for Encrypted Card Swipe Transactions
- Parameters for MagTek Qwick Code PCode Transactions
- MagTek Error Codes and Messages
MagTek MagneSafe Secure Card Readers and Qwick Codes
MagneSafe Secure Card Reader Authenticators
MagTek's MagneSafe™ secure card readers encrypt payment card track data such as the credit card account number and the expiration date. MagTek's Secure Card Reader Authenticators (SCRAs) capture data with a single swipe and can deliver dynamic card authentication, data encryption, tokenization, and device/host authentication to help protect merchants and their customers from identity theft and card fraud. MagTek's MagneSafe SCRAs can also identify counterfeit cards.
What is MagneSafe? The MagneSafe Security Architecture (MSA) is MagTek's digital identification and authentication architecture that can safeguard consumers and their personal data. MSA leverages strong encryption, secure tokenization, counterfeit detection, tamper recognition, data relevance and integrity, and dynamic digital transaction signatures to validate and protect the entire transaction.
The devices supported by MagTek's MagneSafe security and Magensa Services are:
- USB MSR: Dynamag.
- Insert MSR for Kiosks, ATMs, etc.: MagneSafe I-65 for Chip Cards and MagStripe, PSeries MagneSafe for outdoors, Slim Seal MagneSafe.
- Mobile Readers: iDynamo for iOS, Bullet for Android, uDynamo for phones and tablets with audio jack port.
- PINPads: IPAD PINPad available as standard model and also with signature capture support.
MagTek Qwick Codes
MagTek offers a subscription based service to consumers named Qwick Codes. Instead of handing over plastic cards to store clerks or inserting them into unattended terminals like ATMs or gas pumps that may have been rigged with skimmers to steal card data, consumers can scan or type a Qwick Code from their smart phone or computer. The Qwick Code token is used instead to initiate a transaction whereby the merchant or ATM's processor can gather the actual card data on the back end of the transaction where it can be better secured and shielded from potential compromise. Qwick Code tokens are also known as Protection Codes or PCodes.
Passing Encrypted Card Swipe Data and Qwick Codes to the Payflow Gateway
The Payflow Gateway can process transactions for merchants who already have MagneSafe card readers or who accept MagTek Qwick Codes. You must have a MagneSafe card reader or the required Qwick Code information to use the MagTek specific parameters described below. Please contact MagTek directly for more information on obtaining the required card readers and codes.
When you pass MagneSafe encrypted card swipe data or a Qwick Code to the Payflow Gateway, Payflow will communicate directly with MagTek's Magensa servers to retrieve the payment card information. Payflow then passes the transaction data onto your merchant bank.
Supported Transaction Types Encrypted card swipe or Qwick Code (PCode) requests can be used with the following Payflow transaction types:
- Authorization (
TRXTYPE=A) - Credit (
TRXTYPE=C) - Delayed Capture (
TRXTYPE=D) - Sale (
TRXTYPE=S) - Void (
TRXTYPE=V)
Encrypted Card Swipe Payflow Example
The purpose of this example is to show you how to format a request.You cannot use the values in this example for testing. You must have a MagneSafe card reader and test credit cards or live credit cards to send a request to the Payflow Gateway. Please contact MagTek for more information on obtaining card readers.
Request
This request contains regular Payflow parameters along with required MagTek parameters:
TRXTYPE=A&TENDER=C&VENDOR=MerchantUserID&PARTNER=PayPal&USER= UserIDIfAvailOrSameAsVendor&PWD=Pwd4Gateway&VERBOSITY=HIGH&CARDTYPE=1&SWIPEDECRHOST=MAGT&ENCTRACK2=82C69E600FF72FC1755509A76AD049E896A6EEA64D9BB2F203DF8AAD78265E90F4F8952A9AC03CFC&AMT=11.00&ENCMP=71AB2EE7A15887C36B8A23FED1CE7E6404D98119E24D15549E9B69AB6ABFB251C4A607D6A718B494449B506B7555BF8ED5FA4A9E2A6B814B&KSN=9011400B02AA0E00002B&MPSTATUS=3162209&ENCRYPTIONBLOCKTYPE=1®ISTEREDBY=PayPal&MAGTEKCARDTYPE=1&DEVICESN=B02AA0E12151
See the Encrypted Card Swipe Transactions - Request Parameters for more information.
Response
If successful, the response will contain the standard Payflow response parameters for your transaction type:
RESULT=0&PNREF=V24A0A55E168&RESPMSG=Approved&AUTHCODE=098PNI00PN&HOSTCODE=A&VISACARDLEVEL=12
If you do not pass the required MagTek parameters, you will see: RESULT=7 in the response along with a MagTek specific error message, such as:
MAGTRESPONSE=H178-ENCTRACK2 has incorrect format.
See the Encrypted Card Swipe Transactions - Response Parameters for more information.
Qwick Code - PCode - Payflow Example
The purpose of this example is to show you how to format a request.You cannot use the values in this example for testing. You must have a MagTek test Qwick Code or live Qwick Codes to send a request to the Payflow Gateway. Please contact MagTek for more Qwick Code information.
Request
This request contains regular Payflow parameters along with required MagTek parameters:
TRXTYPE=A&TENDER=C&VENDOR=MerchantUserID&PARTNER=PayPal&USER=UserIDIfAvailOrSameAsVendor
&PWD=Pwd4Gateway&VERBOSITY=HIGH&AMT=18&SWIPEDECRHOST=MAGT&PCODE=23456789
&MERCHANTID=MerchantID123&MERCHANTNAME=MerchantName&PAN4=1234&BILLTOLASTNAME=Miller
&BILLTOZIP=95131&SHIPTOZIP=94089&AUTHVALUE1=1234&AUTHVALUE2=5678
&AUTHVALUE3=9012
See the Qwick Code - PCode - Transaction Request Parameters for more information.
Response
If successful, the response will contain the standard Payflow response parameters for your transaction type:
RESULT=0&PNREF=V24A0A55E19C&RESPMSG=Approved&AUTHCODE=474PNI00PN&HOSTCODE=A
&VISACARDLEVEL=12
If you do not pass the required MagTek parameters, you will see: RESULT=7 in the response along with a MagTek specific error message, such as:
MAGTRESPONSE=H364-MERCHANTID has incorrect format.
See the Qwick Code - PCode - Transaction Response Parameters for more information.
Parameters for Encrypted Card Swipe Transactions
Encrypted Card Swipe Transactions - Request Parameters
| Field | Required | Description | Data type | Length |
|---|---|---|---|---|
ENCMP | Required | Encrypted MagnePrint Information returned by a MagneSafe device when a card is swiped. | String | |
ENCRYPTIONBLOCKTYPE | Required | The code which indicates what type of Encryption Block is used. 1=MagneSafe V4/V5 compatible 2TDEA-CBC Encryption, IV=0 Block contains data only.2=iPad V1 compatible 2TDEA-CBC Encryption Block contains header + data. | Integer | 1 |
ENCTRACK2 | Required | Encrypted Track 2 information returned by a MagneSafe device when a card is swiped. | String | |
KSN | Required | 20 character string returned by a MagneSafe device when a card is swiped. | String | 20 char |
MAGTEKCARDTYPE | Required | The code which indicates what type of Card Data Format is being submitted. 1=Encoding Format for Financial Transaction Cards (ISO 7811). | Integer | |
MPSTATUS | Required | MagnePrint Status of Card Swipe. This is an alpha numeric string, returned by a MagneSafe device when a card is swiped. | ||
REGISTEREDBY | Required | An alpha numeric entry between 1 and 20 characters long. | Alphanumeric [a-z][A-Z][0-9] | 1 to 20 char |
SWIPEDECRHOST | Required | MAGT is the only value that is accepted in theSWIPEDECRHOST parameter. If you pass a different value you will see RESULT=7 and MAGTRESPONSE with an error message in the response. | ||
DEVICESN | Optional | The device serial number. | String | |
ENCTRACK1 | Optional | Encrypted Track 1 information returned by a MagneSafe device when a card is swiped. | String | |
ENCTRACK3 | Optional | Encrypted Track 3 information returned by a MagneSafe device when a card is swiped. | String |
Encrypted Card Swipe Transactions - Response Parameters
| Field | Required | Description | Data type | Notes |
|---|---|---|---|---|
MAGTRESPONSE | This parameter appears in the response if a data validation error occurs or if the MagTek processor throws an error. | String | See the Magtek error codes for more information. |
Parameters for MagTek Qwick Code - PCode - Transactions
Qwick Code - PCode - Transaction Request Parameters
| Field | Required | Description | Data type | Length |
|---|---|---|---|---|
MERCHANTID | Required | Your Merchant ID or the Merchant ID of the merchant redeeming the Protection Code. | String | 1 to 40 characters |
PAN4 | Required | The last four digits of the PAN / account number encoded in the card. | String | Four characters |
PCODE | Required | The generated Protection Code. | String | Eight character alphanumeric |
SWIPEDECRHOST | Required | MAGT is the only value currently accepted in the SWIPEDECRHOST parameter. | ||
AUTHVALUE1 | Optional | Authentication Value 1 generated with the PCode. | String | |
AUTHVALUE2 | Optional | Authentication Value 2 generated with the PCode. | String | |
AUTHVALUE3 | Optional | Authentication Value 3 generated with the PCode. | String | |
BILLTOEMAIL | Optional | Purchaser's email address. | String | |
BILLTOLASTNAME | Optional | The last name of the card holder encoded in the card. | String | |
BILLT0ZIP | Optional | The billing zip code. | String | |
MAGTEKUSERNAME | Optional | MagTek username. | String | |
MAGTEKPWD | Optional | MagTek password. | String | |
MERCHANTNAME | Optional | |||
SHIPTOZIP | Optional | Shipping zip code. | String |
Qwick Code - PCode - Transaction Response Parameters
| Field | Description | Data Type | Notes |
|---|---|---|---|
MAGTRESPONSE | This only appears in the response if a data validation error occurs or if the MagTek processor throws an error. | String | See the Magtek error codes below for more information. |
MagTek Error Codes and Messages
If an error occurs, one of the following error codes appear in the MAGTRESPONSE response parameter.
Encrypted Card Swipe Transactions - Input Validation Error Codes
| Error Message | Notes |
|---|---|
H023 - REGISTEREDBY has incorrect length | |
H024 - REGISTEREDBY has incorrect format | |
H176 - ENCTRACK1 has incorrect format | |
H177 - ENCTRACK1 has incorrect length | |
H178 - ENCTRACK2 has incorrect format | |
H179 - ENCTRACK2 has incorrect length | |
H180 - ENCTRACK3 has incorrect format | |
H181 - ENCTRACK3 has incorrect length | |
H182 - ENCMP has incorrect format | |
H183 - ENCMP has incorrect length | |
H186 - KSN has incorrect format | |
H187 - KSN has incorrect length | |
H188 - MPSTATUS has incorrect format | |
H189 - MPSTATUS has incorrect length | |
H206 - Invalid CARDTYPE | Invalid MAGTEKCARDTYPE |
H211 - Invalid ENCRYPTIONBLOCKTYPE | |
H219 - Invalid OUTPUTFORMATCODE | |
H251 - Invalid DEVICESN |
Encrypted Card Swipe Transactions - Other Error Codes
| Error Message | Notes |
|---|---|
Y001 - No PAN Found in Track 2 Data | |
Y003 - Device is not allowed | MagTek maintains a list of registered Devices. |
Y093 - Invalid MagnePrint | Error obtained while Scoring Transaction MagnePrint against a Reference MagnePrint made up of Zeros. |
Y094 - Invalid MagnePrint | "Negative 2 - Invalid Transaction CRC / PAN" Obtained when Scoring Transaction MagnePrint against a Reference MagnePrint Made up of Zeros. |
Y095 - Error Scoring Card | |
Y096 - Inactive MagnePrint Reference | This occurs whenever the Card has an inactive MagnePrint Reference. |
Y097 - Replay Prevented | This occurs when the DUKPT KSN and Counter is replayed. |
Y098 - Problem with Reader Data | This occurs if there is a problem while decrypting the Data. |
Qwick Code - PCode - Transaction Input Validation Error Codes
| Error Message | Notes |
|---|---|
H330 - PCODE has incorrect length | |
H331 - PCODE has incorrect format | |
H336 - EMAIL has incorrect format | BILLTOEMAIL has incorrect format |
H337 - EMAIL has incorrect length | BILLTOEMAIL has incorrect length |
H348 - BTZIP has incorrect format | BILLTOZIP has incorrect format |
H349 - BTZIP has incorrect length | BILLTOZIP has incorrect length |
H360 - STZIP has incorrect format | SHIPTOZIP has incorrect format |
H361 - STZIP has incorrect length | SHIPTOZIP has incorrect length |
H364 - MERCHANTID has incorrect format | |
H365 - MERCHANTID has incorrect length | |
H366 - Invalid LASTNAME | Invalid BILLTOLASTNAME |
H375 - PAN4 has incorrect length | |
H376 - PAN4 has incorrect format | |
H380 - Invalid AUTHVALUE1 | |
H381 - Invalid AUTHVALUE2 | |
H382 - Invalid AUTHVALUE3 | |
H383 - Invalid MERCHANTNAME | |
H384 - Invalid USERNAME | Invalid MAGTEKUSERNAME |
H385 - Invalid PASSWORD | Invalid MAGTEKPWD |
Qwick Code - PCode - Transaction Other Error Codes
| Error Message | Notes |
|---|---|
P021 - Invalid Protection Code - Not Found. | |
P022 - Revoked Protection Code. | This Protection Code has already been revoked. |
P028 - Expired Protection Code. | |
P031 - Last 4 of PAN mismatch. | |
P032 - LASTNAME mismatch. | BILLTOLASTNAME mismatch. |
P033 - MERCHANTID is locked. | |
P034 - Protection Code can no longer be Redeemed. | |
P035 - USERNAME mismatch. | MAGTEKUSERNAME given does not match the one stored. |
P036 - PASSWORD mismatch. | MAGTEKPWD given does not match the one stored. |
P037 - EMAIL mismatch. | BILLTOEMAIL given does not match the one stored. |
P038 - BTZIP mismatch. | BILLTOZIP given does not match the one stored. |
P039 - STZIP mismatch. | SHIPTOZIP given does not match the one stored. |
P040 - AUTHVALUE1 mismatch. | AUTHVALUE1 given does not match the one stored. |
P041 - AUTHVALUE2 mismatch. | AUTHVALUE2 given does not match the one stored. |
P042 - AUTHVALUE3 mismatch. | AUTHVALUE3 given does not match the one stored. |
P098 - Problem with Reader Data | This occurs if there is a problem while decrypting the Data. |