Welcome to the mPAY24 Developer portal.

mPAY24 makes it easy to accept payments in your website or app.
Get integrated quickly using our documentation or using a plugin for your shop system.

Backend2Backend Integration

With the Backend2Backend Integration the merchant collects all required data from the customer directly on the merchant's website and submits it to the mPAY24 system. The payment data is than processed to the corresponding financial institution by mPAY24. Afterwards the merchant is informed by the result, which could be the end of the transaction or instructions for the next step of the process (e.g. redirection). Since the merchant decides to accept sensitive data (e. g. credit card data) on the web site, the merchant is obliged to maintain the system secure and only allow secure connections between the customer’s browser client, the merchant's web server and mPAY24 for requests.

mPAY24 strongly recommends the usage of the Redirect Integration instead of the Backend2Backend Integration solution.

When processing credit cards, the merchant must take care of the Payment Card Industry Data Security Standard (PCI DSS) and the merchant's implementation would be responsible for all the sensitive data of customers. Among others, the merchant is obligated to complete the Self-Assessment Questionnaire D of PCI SSC. More information about PCI DSS: https://www.pcisecuritystandards.org

Additional the merchant may be required to perform an acceptance test with the acquirer before switching to productive system.

In any case, the merchant system has to be adjusted by interface changes made due to 3rd party or security requirements.

The Backend2Backend Integration uses the AcceptPayment operation, which has to be provided with all payment and order information.

It is highly recommended to contact the mPAY24 Support to discuss merchant specific use cases and to receive guide through the implementation process.

Integration steps

Processing a basic payment

Workflow diagram of the Backend2Backend Integration variant

Workflow diagram of the Backend2Backend Integration variant

  • The customer requests a payment (e.g. by filling out a form with all payment details such as credit card number, expiry and cvc and confirming the payment by pressing a Pay button).

The merchant is responsible to handle and/or store the entered data secure!

  • The merchant sends an AcceptPayment call including all order and payment details to mPAY24.

When processing credit cards the merchant is required to be PCI DSS certificated.

<SOAP-ENV:Envelope 
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:etp="https://www.mpay24.com/soap/etp/1.5/ETP.wsdl"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <etp:AcceptPayment>
      <merchantID>90000</merchantID>
      <tid>21736</tid>
      <pType>ELV</pType>
      <payment xsi:type="etp:PaymentELV">
        <amount>1000</amount>
        <currency>EUR</currency>
        <brand>HOBEX-AT</brand>
        <iban>AT771400000123456789</iban>
        <bic>BAWAATWWXXX</bic>
        <mandateID>ID-12751-2014-08-14</mandateID>
        <dateOfSignature>2014-08-14</dateOfSignature>
      </payment>
      <customerName>John Doe</customerName>
      <order>
        <clientIP>131.130.70.8</clientIP>
        <desciption>Direct debit example</desciption>
      </order>
    </etp:AcceptPayment>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
<SOAP-ENV:Envelope 
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
  xmlns:etp="https://www.mpay24.com/soap/etp/1.5/ETP.wsdl">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <etp:AcceptPaymentResponse>
      <status>OK</status>
      <returnCode>OK</returnCode>
      <mpayTID>1683862</mpayTID>
    </etp:AcceptPaymentResponse>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
  • mPAY24 returns the AcceptPaymentResponse with information about the transaction result.

  • The merchant informs the customer about the payment/transaction.

  • mPAY24 communicates the payment result via push using the confirmationURL (see chapter Payment notification for more information). (Confirmation Interface). Note that this step could occur before mPAY24 returned the AcceptPaymentResponse.

http://www.hotelmuster.com/conf.php?OPERATION=CONFIRMATION&TID=4002451&
  STATUS=BILLED&PRICE=1000&CURRENCY=EUR&P_TYPE=ELV&BRAND=HOBEX-AT&MPAYTID=1683862
  USER_FIELD=&ORDERDESC=Example+payment&CUSTOMER=John+Doe&CUSTOMER_EMAIL=&LANG
  CUSTOMER_ID=&PROFILE_STATUS=IGNORED&FILTER_STATUS=OK&APPR_CODE=%2Dtest%2D
  • The merchant confirms the receipt of the transaction notification with either OK or ERROR (status depends if the confirmation could successfully update the merchant' system).

In PHP this could be achieved by echo 'OK'

Processing a redirection payment

Extended workflow of the Backend2Backend integration variant

Extended workflow of the Backend2Backend integration variant

  • The customer requests a payment (e.g. by filling out a form with all payment details such as name and desired payment system and confirming the payment by pressing a Pay button).

The merchant is responsible to handle and/or store the user input data secure!

  • The merchant sends an AcceptPayment call including order and payment specific details to mPAY24.
<SOAP-ENV:Envelope 
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:etp="https://www.mpay24.com/soap/etp/1.5/ETP.wsdl">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <etp:AcceptPayment>
      <merchantID>90000</merchantID>
      <tid>2626281</tid>
      <pType>SOFORT</pType>
      <payment xsi:type="etp:PaymentSOFORT">
        <amount>1000</amount>
        <currency>EUR</currency>
      </payment>
      <customerName>John Doe</customerName>
      <order>
        <description>Example payment</description>
      </order>
      <successURL>http://www.hotelmuster.at/succ.php</successURL>
      <errorURL>http://www.hotelmuster.at/err.php</errorURL>
      <confirmationURL>http://www.hotelmuster.at/conf.php</confirmationURL>
    </etp:AcceptPayment>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
<SOAP-ENV:Envelope 
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" 
  xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" 
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
  xmlns:etp="https://www.mpay24.com/soap/etp/1.5/ETP.wsdl">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <etp:AcceptPaymentResponse>
      <status>OK</status>
      <returnCode>REDIRECT</returnCode>
      <mpayTID>1690804</mpayTID>
      <location>https://www.sofort.com/payment/go/[...]</location>
    </etp:AcceptPaymentResponse>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
  • mPAY24 returns the AcceptPaymentResponse including a returnCode = REDIRECT and a location value (if status = OK).
  • The customer is redirected to the 3rd party location URL by the merchant (e.g. by supplying the location as a link or just forwarding the browser to the URL).
  • The customer follows the payment process specified by the 3rd party.
  • mPAY24 is informed about the 3rd party server result.
  • The customer is redirected to mPAY24 by the 3rd party site. It is possible that the customer is redirected immediately and does not notice this redirection (see diagram step Redirect to successURL or ErrorURL).
  • mPAY24 communicates the payment result via the push method using the confirmationURL (see chapter Payment notification for more information).
http://www.hotelmuster.com/conf.php?OPERATION=CONFIRMATION&TID=2626281&STATUS=BILLED&PRICE=1000&CURRENCY=EUR&P_TYPE=SAFETYPAY&BRAND=&MPAYTID=1690804&USER_FIELD=&ORDERDESC=Example+order&CUSTOMER=John+Doe&CUSTOMER_EMAIL=&LANGUAGE=DE&CUSTOMER_ID=&PROFILE_STATUS=IGNORED&FILTER_STATUS=OK&APPR_CODE=%2Dtest%2D
  • The merchant confirms the receipt of the transaction notification with either OK or ERROR (status depends if the confirmation could successfully update the merchant' system).

In PHP this could be achieved by echo 'OK'

  • mPAY24 forwards the customer to the successURL or errorURL specified by the merchant dynamically within the AcceptPayment request or static over the merchant portal.
  • The customer requests the successURL or errorURL.
  • The merchant informs the customer about the payment/transaction.

Payment system integration

The following overview shows the payment system requirements and relevant chapters for integration as well as additional notes.

Description
pType
Brand
Integrated by chapter
Additional note

Billpay

BILLPAY

HP

After integration the Billpay activation needs to be performed.

Billpay

BILLPAY

INVOICE

After integration the Billpay activation needs to be performed.

Creditcards

CC

AMEX, DINERS, JCB,VISA, MASTERCARD

The merchant is obligated to complete the
VISA, MASTERCARD Self-Assessment Questionnaire D of PCI SSC.

Debit cards

MAESTRO

n/a

The merchant is obligated to complete the
Self-Assessment Questionnaire D of PCI SSC.

Direct debit

ELV

ATOS

mPAY24 highly recommends the merchant to additionally request a written SEPA mandate from the customer (see
SEPA Direct Debit).

Direct debit

ELV

HOBEX-AT, HOBEX-DE, HOBEX-NL

None

Direct debit

ELV

BILLPAY

After integration the Billpay activation needs to be performed.

Klarna

KLARNA

HP

None

Klarna

KLARNA

INVOICE

None

MasterPass

MASTERPASS

n/a

None

mpass

MPASS

n/a

None

paybox

PB

n/a

None

PayPal

PAYPAL

n/a

None

paysafecard

PSC

n/a

None

Online-Banking

EPS

n/a

None

Online-Banking

GIROPAY

n/a

None

Online-Banking

SOFORT

n/a

None

@Quick

QUICK

n/a

None

Backend2Backend Integration


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.