Comments (4)
FYI my email to SagePay asking where/what the Token was got this reply:
Thanks for your email.
The token service is an additional service we offer which is not currently on the account. I’ve included some details on it below, please let me know if you want this activated: -
The token system enables Sagepay to remember your customers details meaning when they return to purchase the process is streamline to a 1 click checkout.
- Gives Merchant ability to offer a ‘One click’ check out – Increase conversion rates
- Allows customers to store multiple cards – Amazon style format
- Combatable with our Server Solution and use with iframe templates and Direct integration
- A Token can be used multiple times up until it expires (based on card expiry). You are also only charged for stored Tokens
- All primary payment types available with Token
- Only get charged for stored Tokens on a monthly basis
- Relieves PCI compliancy impact and responsibility of Capturing/Storing card numbers
Costings: -
Number of tokens
Price
0-999 stored tokens £20/month
1,000-1,999 stored tokens £40/month
2,000-2,999 stored tokens £60/monthThis can be easily turned on in the admin panel of your Magento/Ebizmarts module.
If this is something you’re interested or have any further questions please just let me know and I can add this to your account.
from sagepay.
How strange. I guess I have not seen the Token field missing because I have been testing with surcharges. I also don't have tokens enabled on my SagePay test account, but have seen a blank Token field in the notification response.
What I will do, is ensure defaults are given for all $post elements passed into the notification handler. Rather than referencing the elements of the $post array directly - an array that comes from the application and which the library has no control over generating - I'll wrap the reading of that array in a method that can provide defaults for missing elements.
The idea of tokens is great - it is an authorisation to use the card without having to ask for details of it each time, and without having to store the credit card details anywhere (like "dhoh!" Adobe did). It is a bit like an oauth key - it is given out with specific privileges for a specific period of time, but can be revoked without notice at any time. It would be used to implement something similar to Amazon's One-click purchasing. I'm not sure how many other payment processors support something similar. Whether SagePay store the credit card details, or ask the end payment processor for a token, I don't know. It may even be a mix of both, depending on who the end processor is.
I'll try and look at this this week, but also am aware I still have your pull-request to dive into.
from sagepay.
That should fix it. Most of the $post elements are already defaulted to "". These are the elements used for tamper checking, and are flagged in the transaction metadata as "tamper: true". The few that are not a part of the tamper checks, are not assumed to be set, and will default to "" if not set. This includes Token and Surcharge. In addition, one or two fields in the transaction metadata did not have their tamper flag set, so would not have defaulted if not sent by SagePay in the notification callback.
from sagepay.
I'm assuming the last change fixed this. Pleas reopen if I'm mistaken.
from sagepay.
Related Issues (20)
- Create Omnipay Wrapper
- Make sure typehints are interfaces, not abstracts
- Helper::formatAmount silently sets Amount to Zero HOT 9
- Fields for Refund not picked out HOT 6
- Switch to PSR-4 autoloading HOT 1
- Surcharge XML is too long HOT 9
- Start using constructor injection
- Use Data Mapper model rather than up-side-down Active Record HOT 1
- possible misleading information on comment section HOT 10
- Support discounts in basket HOT 17
- Sagepay callback function is not taking sagepay tx_model HOT 2
- Passing correct customer data to Sage Pay HOT 9
- Create Omnipay connector
- Is VPSSignature utilised? HOT 4
- VendorTxCode not guaranteed to be unique or unpredictable HOT 3
- MD5 signature - change from Pending to OK for PPRO payments HOT 3
- Handle duplicate notification callbacks HOT 2
- Second CardType does not contain tamper: true HOT 1
- Support 3d Secure v2 HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sagepay.