PrestaShop - MasterCard Payment Gateway Services
Installation
You can obtain the module by downloading the module zip from Github, the module is licensed using OSL 3.0.
The module has been tested with the PrestaShop 1.7.4.4 and 1.7.5.0, and PHP 7.1 and 7.2.
Please refer to official Prestashop documentation for general installation guidelines
Compatibility
The module has been tested and is compatible with the below Prestashop versions:
- 1.7.4.4
- 1.7.5.0
- 1.7.5.2
- 1.7.6.2
- 1.7.6.4
- 1.7.7.8
- 1.7.8.3
Feature Support
Prestashop Mastercard Payment Gateway Service module supports the following list of features:
- Card payments
- Alternative payment methods
- Hosted Session
- Hosted Checkout
- Full refunds
- Partial refunds
- AVS
- 3DSv1
- 3DSv2
Configuration
Once you have the Mastercard Payment Gateway Service module installed, you can configure the module from the admin panel.
Find the relevant Configure button under your Module Manager:
General Settings
This workspace provides the basic extension configuration.
The Live Mode setting toggles between Test and Live mode. Both modes have their own set of credential fields which you need to fill separately. It gives you the ability to switch between modes without re-entering your credentials every time.
The API endpoint should be selected based on your account region.
The Send Line Items toggle allows you to choose if you want shopping cart data to be sent to MasterCard, this includes product information, grand total, etc.
The next block that includes Merchant ID, API Password, and Webhook Secret should be added to allow the integration.
Credentials Configuration
Test Mode
Firstly, it’s important to configure your Merchant credentials in TEST mode and make sure that everything works
If the credentials are incorrect for any reason, there will be a warning displayed on the top of the configuration page.
If merchant credentials are not configured correctly, you can not enable any of the module's payment methods.
To find and set up the credentials, please login into your MasterCard Merchant Administration interface
API Password
To obtain an API password, you need to enable integration access via password.
Once logged into your merchant account, select Admin → Integration Settings
Click the Edit button on the Integration Settings page:
The Integration Authentication Passwords workspace will appear, you will need to click Generate New button next to Password 1:
Once the password has been generated, select the Enable Integration Access Via Password checkbox, copy the password and click the Submit button.
Webhook Secret
To obtain the Webhook Secret, you need to enable integration access via password.
Once logged in in the merchant account, select Admin > Webhook Notifications
On the Webhook Notifications page:
- Select the Enabled checkbox.
- Select JSON/REST from the Web Services API Format drop-down list.
- Copy the Notification Secret (it will be used for the MasterCard Payment Gateway Services extension).
- Click the Save button.
The notification URL is not used for this integration.
Integration Methods
The module supports 2 different ways of integration, either Hosted Checkout or Hosted Session.
The Hosted Checkout model allows you to collect payment details from your payer through an interaction hosted and displayed by the Mastercard Payment Gateway. With this model of integration, you never see or handle payment details directly because these are collected by the hosted payment interface and submitted directly from the payer's browser to the Mastercard Payment Gateway.
If Hosted Checkout is integrated and enabled for the Mastercard Payment Gateway module, once the user will enter required card details on the popup and click on submit an order, then upon successful authorization of entered card details, funds will be deducted from the user’s account and will be automatically transferred to merchant/seller’s account. It may take some time to get funds credited but this process will be automatic.
Choose the Hosted Session model if you want control over the layout and styling of your payment page while reducing PCI compliance costs. The Hosted Session JavaScript client library enables you to collect sensitive payment details from the payer in payment form fields, sourced from and controlled by Mastercard Payment Gateway. The gateway collects the payment details in a payment session and temporarily stores them for later use. You can then include a payment session in place of payment details in the transaction request to process a payment.
Hosted Checkout Integration
Below is the list of Hosted Checkout method configurations which you will find in admin:
To enable this option, click Yes in the Enabled configuration switch.
The text provided in the Title option will appear on the front-end checkout page/payment method section.
You can apply the effects of the theme on the Mastercard Payment Gateway popup by editing the Theme option.
There are two different payment flow methods under Hosted checkout integration:
1 Purchase (Pay)
If Purchase has been selected for the payment model, then the transaction will be done automatically. After the user has entered card detail and submits an order, the amount of the total order will be deducted from the user’s card and will be automatically transferred to the merchant’s account. It may take some time for reflecting the amount into the merchant’s account, but the process will be automatic.
2 Authorize & Capture
If Authorize & Capture has been selected for the payment model, then the merchant will have to manually process transactions and accept the payment amount. Manually process of capturing funds can be done via Prestashop Admin as well as Merchant’s Mastercard Payment Gateway account login.
The Order Summary display option has these values to choose from:
- Hide - to not display any order and card details to the user before submitting the order;
- Show - to display order and entered card details to the user before submitting the order;
- Show (without payment details) - to display only order details to the user before submitting the order.
Hosted Session integration
Same as mentioned above for Hosted Checkout Integration, there are two different payment flow methods available: Purchase (Pay) and Authorize & Capture
Below is the list of Hosted Session method configurations which you will find in admin:
To enable this option, click Yes in the Enabled configuration switch.
The text provided in the Title option will appear on the front-end checkout page/payment method section.
On the Payment Model you can select either:
-
Purchase - Fund will be transferred to merchant account as soon as the user’s entered card details have been successfully verified and the order is placed.
-
Authorize & Capture - 2 stage process; once the order is placed, it will only authorize the user’s card details. Payment amounts need to be captured manually by the merchant.
The 3D Secure has two options available:
- YES - to add an extra layer of security for completing the order process. After the user will enter card details, it will redirect to the user's bank payment gateway for verification.
- NO - after the card details are verified, the order will be placed. No extra layer of security will be used.
Back-office Operations
As we've previously specified, if Hosted Session has been integrated for Mastercard Payment Gateway Service module and Authorize & Capture payment method has been selected, then Funds need to be captured or refund manually.
Capture Funds
Capture Payment is used for processing transactions and getting order funds into the merchant’s account.
Under the Order detail page, when clicking on Capture Payment button, it will process transactions and amount of order will be transferred to merchant's account.
After clicking on Capture Payment, the page will be load and you will get a success message. The order status will be changed to Payment Accept.
Void Transaction
Void Transaction is used to cancel order if merchant finds any fraud/suspect in that order.
Under the Order detail page, when clicking on the Void Transaction button, the order will be canceled automatically.
The order amount will be credited to the user’s card (if payment has been captured).
Refund Payment
A Refund is used to cancel the order if the merchant decided to send the money back to the cardholder.
Under the Order detail page, when clicking on the Full Refund button, the full amount captured for that order will be sent back to the user of the card.
To Restock the ordered product, you will need to do the process of creating Prestashop Refund on top of the Mastercard Payment Gateway module refund process.
Advanced Configurations
Below is the list of advanced configurations of the extension.
This module logs data into var/logs/mastercard.log - the Logging Verbosity dropdown controls how much data should be logged:
-
Errors Only is the default option, which only logs errors;
-
Everything option logs everything related to error when it occurs (Like: API Response/status, errors, warning, etc).
-
Errors and Warning Only logs only errors and warnings messages when the error occurred.
-
Disabled nothing will be logged when error will occurred if this option is selected.
In case one Merchant ID is used by multiple installations, then the Gateway Order ID Prefix can be used to add a prefix to order IDs so that they will not conflict in the gateway. The default state is blank.
The Custom Webhook Endpoint field is mostly used by development or with some complex webserver rules, where the URL is not automatically detected correctly.
It is suggested to keep all these fields with the assigned default value. If required, then do required configuration changes based on your needs but first consult your Technical team / Mastercard Payment Gateway Module support for these.
Internal Testing
Once you have successfully configured your PrestaShop Mastercard Payment Gateway Service, a few basic tests should be performed to make sure your implementation is working as expected. The scenarios that follow should be considered the minimum level of testing and MasterCard Payment Gateway Services encourage the creation of your test scenarios that suit your specific business needs.
To access the MasterCard Payment Gateway test simulator, ensure gateway mode is set to TEST. The test simulator is configured to generate predictable results based on the transaction request and card details you supply.
You can trigger specific transaction responses, for example the MasterCard Payment Gateway Response Code and Card Security Code validation, as well as Address Verification response codes. You can also test features like Risk Management and Wallet functionality. Details of test cards can be found here.
-
Successful Authorization including 3D Secure
- Ensure you can perform a successful transaction through the PrestaShop checkout.
- Ensure the transaction is showing the correct state in both PrestaShop Admin Panel and Merchant Administration
-
Declined Authorization
- Ensure declined transactions have the correct state in the PrestaShop Admin Panel.
-
Create an Invoice & Capture Online
- Create an invoice from an authorized transaction.
- Ensure the transaction is showing the correct state in both PrestaShop Admin Panel and Merchant Administration
-
Submit a full refund for a invoiced order
- Ensure you can perform a successful refund for the full amount of the order.
- Ensure the transaction is showing the correct state in both PrestaShop Admin Panel and Merchant Administration
-
Submit a partial refund for an invoiced order
- Ensure you can perform a successful refund for a partial amount of the full order.
- Ensure the transaction is showing the correct state in both PrestaShop Admin Panel and Merchant Administration
-
Refund, Capture, Void via Merchant Administration
- In some business scenarios it may be necessary to undertake certain actions via Merchant Administration. It is possible (with the correct user privileges) to perform refunds, voids and captures via the Gateway Interface.
- You should ensure you have sufficient business processes in place to manually update the order state in PrestaShop where necessary.
Known Isssues
- Issues with performing actions by the module from the admin panel:
- There are no confirmations about successful voiding, capturing, or performing full refund actions by the module from the Order View page.
- Admin redirected to Order Listing page instead of the Order View page after successfully progressed void, capture, or full refund actions.
- Page with Error Message is not entirely loaded if any error happens on the Gateway side during void, capture, or full refund actions by the module.
Support
If you have completed all of the configuration steps above, but are not able to successfully process transactions, you may need to contact your Integrator.