Dibs Payment Window

- Return pages

As mentioned previously, the user can exit the Payment Window one of two ways:

1. The customer returns to "acceptreturnurl" once the payment is approved.

2. The customer cancels the payment, and is returned to "cancelreturnurl".

All the official input parameters and parameters that start with "s_" sent to DIBS Payment Window, are returned unaltered as output parameters. Parameters sent to DIBS Payment Window that are not part of the official parameters and do not start with "s_" are silently discarded. The DIBS Payment Window does not look at the return value settings in the DIBS admin interface.

Payment approved (acceptreturnurl)

Upon returning to acceptreturnurl, the customer will normally expect a receipt to be displayed. We therefore recommend you use the acceptreturnurl option for generating a customer receipt.The following parameters are returned to the acceptreturnurl:

Parameter	Type	Description
status	String (ENUM)	Accepted Declined Cancelled (Only returned to the cancelreturnurl)
amount	long - Minimum value of 1	Amount authorised in smallest unit
currency	integer	Currency code of the transfer in the ISO4217 form, e.g. 208 for DKK - 752 for SEK (see other ISO4217 currency codes).
transaction	String. Maximum 100 characters.	The ID of the transaction is returned if status is ACCEPTED.
actionCode	String. Max 20 characters	The response code returned by the acquirer.
acquirer	String. Max 20 characters.	The acquirer used for the specific transaction.
cardNumberMasked	String. Max 50 characters. May contain the characters: 0-9X	Returns the card number masked with X’s. The first six and last four digits remain unmasked.
expMonth	String. Exactly two digits (zero padded if needed) in the range 1-12.	Upon a successful credit card transaction, this parameter contains the expiration month of the credit card used.
expYear	String. Exactly two digits (zero padded if needed) representing the last two digits of the year.	Upon a successful credit card transaction, this parameter contains the expiration year of the credit card used.
cardTypeName	String. Max 20 characters.	Returns the payment type of the credit card used. Example: "MC" for mastercard.
captureStatus	String (ENUM)	Response from the capturenow input parameter: ACCEPTED or DECLINED. The status of the capture attempt. ACCEPTED means that the capture was successful. If the status is DECLINED the reason can be found in the Dibs administration.
status3D	String	3D secure status. VISA: 05 for status3D=Y 06 for status3D=A 07 and 08 indicate failure of authentication or wrong password. Mastercard: 02 for status3D=Y 01 for status3D=A Card is treated as 3DSecure enrolled only if ECI=05 for Visa and ECI=02 for Mastercard.
ECI	String	The Electronic Commerce Indicator. Informs card issuer if the transaction was protected by a security protocol.
enrollStatus	String	Credit card entrollment status. Y for Yes. N for No. U for Unknown.
xidPresent	Boolean
fee	Long. Same format as the input parameter amount	Contains the calculated fee amount (which is added to the amount if addFee was sent along).
verificationIdPresent	Boolean	In Visa transactions represents the Cardholder Authentication Verification Value (CAVV) presence. For Mastercard it indicates if the similar value, called Acountholder Authentication Value (AVV) or the Universal Cardholder Authentication Field (UCAF) is present. Possible values: 1 (which is TRUE) or 0 (which is FALSE)
validationErrors	String	Input parameters' validation errors in JSON format. Example: {"addFee":["use the value "1" or leave out this parameter"],"currency":["must match "^([0-9]{3}A-Z{3})$""]}
MAC	String. Max 64 hexadecimal characters, which fits a SHA-256 code.	This parameter contains a MAC key calculated from all the parameters returned to the merchant.

Specific output parameters for invoice payments.

Parameter	Type	Description
acquirerOrderId	String	OrderId returned by acquirer. If the acquirer does not support this feature then the merchant orderId is returned.
acquirerCustomerId	String
acquirerFirstName	String	Customer's first name as returned from acquirer.
acquirerLastName	String	Customer's last name as returned from acquirer.
acquirerDeliveryAddress	String	Customer's street address returned by acquirer.
acquirerDeliveryPostalCode	String	Customer's postal code returned by acquirer.
acquirerDeliveryPostalPlace	String	Customer's postal place returned by acquirer.
acquirerDeliveryCountryCode	String	Customer's country code returned by acquirer.

Automatic call-back (callbackurl)

There is a potential risk of the customer not following the link to the receipt and subsequently never seeing one. If the shop system is set up so that orders are stored in the database simultaneously with the receipt being displayed to the customer, the order may in fact escape registration within the shop’s own system. This would be rather unfortunate, since a payment is authorized with DIBS, the customer believes DIBS has authorized the payment, and the customer believes that the order has been carried out, yet the shop’s system has no knowledge of any such order.

To avoid such an occurrence, DIBS automatically enables the approved page to call a script in the shop’s system without involving the customer in the procedure. As is the case with the receipt page, this script must inform the shop’s order system, that the order has been carried out, and send an order confirmation to the customer, if required. It can also serve as a MAC key control to ensure that the customer himself does not call the script, resulting in the shop interpreting the order status as “carried out”.

In order to activate the automatic callback, a callback URL must be passed to the payment window. This is done through the callbackurl parameter. The URL is then automatically called when the approval page is displayed, the call is created as a post. All parameters sent to https://sat1.dibspayment.com/dibspaymentwindow/entrypoint are returned to the callbackurl. The Callbackurl accepts only port 80 (HTTP), 443 (HTTPS ) and 20080.