If you are using version 1 of our JavaScript Library to perform MOTO transactions by creating tokens to represent customer card details, you are expected to migrate to our latest library, version 3.
Before
Previously using version 1, you created card inputs and assigned attributes to these card inputs and the JavaScript Library was responsible for tokenising the card details before being posted on to the merchant server.
Now
With version 3, the new solution functions by utilising a set of iframes, which are used to separately capture the PAN, expiry date and security code on Trust Payments' server directly.
Process overview of Version 3
- The customer contacts your agent to initiate a purchase.
- Your agent signs in to your payment application.
- On page load, your application retrieves the st.js library from the Trust Payments CDN.
- Your application initialises the st.js with a securely generated and signed JWT payload from your server.
- Your application calls the card Components method provided by the st.js.
- The st.js embeds the card components onto your application's page.
- Your agent collects the customer's card details over the phone and enters them into the card components, then clicks "Pay".
- The TRU Connect gateway sends an authorisation request to the issuing bank for the purchase amount and returns the response to the st.js.
- Your server verifies the response from the gateway.
- The payment result is displayed to your agent.
- Webhooks can be configured to ensure latest transaction info is sent to your server.
Summary of development changes needed
The changes needed to upgrade your solution from version 1 to version 3 of the JavaScript Library can be summarised as follows:
- Your system no longer needs to submit payment requests including the cachetoken using our Webservices API.
- You will need to contact our Support Team to create a new user with the role “Webservices JWT”.
- New <div> for handling response messages (i.e. success and decline messages).
- New form id for the payment form.
- New <div> tags for inputting card details on the form.
- New mark-up for the submit button on the form.
- Change the URL path so the new library is referenced from our CDN
You will need to utilise JWT (JSON Web Token) in the updated solution
JSON Web Token (JWT) is an open standard that defines a secure method to transmit data as a JSON object. This information can be verified and trusted because it is digitally signed. Read more (link to external site)
Payment data is included within a signed JWT (JSON Web Token) generated by our merchants on their server side using a shared secret provided by Trust Payments.
- For MOTO transactions, you must ensure "accounttypedescription=MOTO" is submitted.
- Unlike with ECOM transactions, 3-D Secure is not applicable for MOTO, so you can exclude "THREEDQUERY" from the requesttypedescriptions field when creating your JWT payload.
Any unauthorised changes to the JWT will invalidate the signature and the request will be rejected by Trust Payments.
Ready to get started?
We provide resources that walk you through the process of implementing version 3 of the JavaScript Library.
