Hosted Vault Method
This document provides technical specifications for adding customer information and financial data for future rebills through the Tranzpay gateway by interfacing with the Gateway API and a Hosted Vault Entry Page. We have written this specifically for web designers and professionals who implement and support the intended systems. We use HTTPS POST to transmit and receive data.
Description:
To reduce your PCI DCSS requirements and liability, and eliminate sensitive card data footprints in your environment, Tranzpay provides a Hosted Vault Solution that provides the ability for customers to add their payment information for future rebills while adhering to all PCI requirements.
Summary of Steps Required
- Send non-secure customer data in initial request to prefill Customer Name, Address, Phone, Email, Policy Number, along with your PostBack and RedirectUrl to capture and store payment results.
- Receive encrypted link via API Response to prefilled vault entry form.
- Using tokenized link, customer will enter payment information to store in PCI secure vault for future use (rebill).
- Data is saved and customer is sent to provided RedirectUrl.
- Provided PostBackUrl receives POST response and stores response in database.
Initial Request
Sample Request
Notes
ThirdPartyCallID must be unique to every transaction.
PostBackUrl is your API page set up to process a POST request containing results of saved entry.
RedirectUrl is the page the customer will be directed to to view the results of the saved entry from the Postback results provided to the PostBackUrl.
CancelUrl is the page the customer will be directed to if the vault entry is cancelled before completion, or the session times-out.
CustomerID should be a minimum of 6 characters with no spaces, and a maximum of 45 characters.
To test and view the postback response within the page, it is recommended to use
demo.tranzpay.com/testThirdPartyCheck.php in the RedirectUrl field and demo.tranzpay.com/testSilentPostBack.php in the PostBackUrl field. These pages are for demonstration purposes only.
Sample Initial Response
Postback Response
| Fieldname | Required | Type | Description | Validate | Post | 
|---|---|---|---|---|---|
| Status | String | Transaction Status | SUCCESS or FAILED | Status | |
| CustomerID | String | Token ID for Vault Entry (Saved Payment Information) | Any alphanumeric. Max Len. (45) | CustomerID | |
| TransactionType | String | Transaction type. (“ThirdPartyAddCustomer”) | ThirdPartyAddCustomer | TransactionType | |
| BankRoutingNumber | String | Bank Routing Number. | 9 Digit Routing Number | BankRoutingNumber | |
| AccountNumber | String | Bank Account Number. | Last 4 Digits of Account Number | AccountNumber | |
| BankAccountType | String | Bank Account Type. | CH = Checking SV = SAVINGS | BankAccountType | |
| CardType | String | Payment method card type. | Visa, Mastercard, Discover, Amex | CardType | |
| AccountNumber | Integer | Last four digits of account number. | Numeric only | AccountNumber | |
| ExpirationDateMMYY | Integer | 2 digit month and 2 digit year | 06/24 | ExpirationDateMMYY | |
| PaymentMethod | String | Transaction Payment Type (CC or ACH) | Cell | PaymentMethod | |
| AddDate | DateTime | AddDate | Cell | 02/04/2020 1:21:30 pm | |
| ThirdPartyCallID | String | Unique ID assigned by merchant for transaction. | Any alphanumeric. Max Len. (45) | ThirdPartyCallID | |
| PolicyNumber | String | Customer policy number or equivalent. | Any alphanumeric | PolicyNumber | |
| Error | String | Returned error Message. | Any alphanumeric | Error | 
Sample Postback Success Return
Sample Postback Failed Return
Notes
Values above can be fetched in PHP via $_POST variables. Example: on the Post Back url page just use $_POST[‘Status’] to fetch “SUCCESS” or “FAILED”.
Methodology
Postback response contains ‘CustomerID’ if the customer’s information was successfully added the vault. Using the ‘CustomerID’ the following functions are available:
Billing a Customer:
To bill a vaulted customer that was previously added to the Customer Vault, provide the CustomerID and then utilize one the following API requests:
Credit Card: AddCustomerCCCharge
ACH: AddCustomerACHDebit
Updating a Vault Record:
To update a customer record in the vault, provide the CustomerID and utilize the UpdateCustomer request.
View Vault Record:
To view details of a previously stored Vault record, provide the CustomerID and utilize the GetCustomer API Request.
Test transactions can be submitted with the following information:
| Card Type | Card Number | 
|---|---|
| Visa | 4747474747474747 | 
| MasterCard | 5431111111111111 | 
| Discover | 6011601160116611 | 
| American Express | 341111111111111 | 
| Test Server | https://demo.tranzpay.com/api/transaction.php | 
| Production Server | https://www.tranzpay.com/api/transaction.php |