Standard Payment Window

- Parameters

The Standard Payment Window uses the parameters shown below. Parameters marked [parameter] are optional. Parameters are sent as for example hidden fields on a form:

Please note: At the moment it is necessary to contact Dibs support via one of the following links if you want to use this integration method.
Denmark http://help.dibs.dk
Norway http://help.dibs.no
Sweden http://help.dibs.se

Parameter

Type

Description

merchantlongShop identification. The Merchant number appears in the e-mail received from DIBS during registration with DIBS or on your contract.

Your merchant number can also be retreived by contacting your respective DIBS support department below.
Denmark
Norway
Sweden

amountlong - Minimum value of 1- maximum value 1715000000The smallest unit of an amount, eg. cent for EUR , øre for Danish crowns,
Example:
1,00 EUR = 100 or 1,50 EUR =150

orderIdString. Max 50 characters. Reg-ex format ^[a-zA-Z0-9\._-|]+$The shop’s order number for this particular puchase. It can be seen later when payment is captured, and will in some instances appear on the customer’s bank statement (both numerals and letters may be used).
currencystring. 3 digits or 3 lettersCurrency specification as indicated in ISO4217 where the EUR is no. 978.
Either the numeric or alphabetic code is accepted.
Also see our list of currencies.
paytypestring. max 30 charactersUsed to show and control the shops selection of payment methods.
This list must be in upper case and comma separated with no spaces in between.
Example: MC,VISA,ELEC,AMEX,DK,V-DK





acceptReturnUrlstring. max 1024 characters

The URL of the page to be displayed if the purchase is approved. Typically a page within the merchant's shop site. The parameters are returned to this URL using POST. HTTPS is not mandatory but it is highly recommended.

Note: The URL cannot be an IP-address

[cancelreturnurl]string. max 1024 characters. Format is validated by java's java.net.URL class.

The URL of the page to be displayed if the customer cancels the payment. Typically a page within the merchant's shop site. The parameters are returned to this URL using POST. HTTPS is not mandatory but it is highly recommended.

[callbackurl]string. max 1024 characters

A ”server-to-server” call which tells the shop´s server the status of the payment.

Note: The URL cannot be an IP-address.

[uniqueid]string. max 50 characters

The value must be identical to the orderid parameter.

If this field exists, the orderid-field must be unique i.e. there is no existing transaction with DIBS with the same order number. If such a transaction already exists, payment will be rejected with reason=7.
Unless you are unable to generate unique order numbers, we strongly urge you to utilize this field.Note: Order numbers can be composed of a maximum of 50 characters (DIBS automatically removes surplus characters) and that uniqueoid is therefore unable to work as intended if order numbers consisting of more than 50 characters are used.

[language]string. Valid IETF language tag.

Defines the language in which the page will be opened ( default en_GB):
Currently supported languages are:

da_DK = Danish
en_GB or en_UK  = English
sv_SE = Swedish
nb_NO =Norwegian
fi_FIN = Finnish

[addFee]integer. Only the value 1 is allowed. Any other value will yield an error message from DIBS. Only the value 1 is allowed

If set to 1, the charge due to the transaction will automatically be calculated and affixed.. E.g This will add the fee needed to ensure the merchant gets the full amount. The calculated fee and the total amount is shown to the end user in the payment window.

[createTicket]integer. Only the value 1 is allowed.

If set to 1 there will be sent a request to auth.cgi to identify the authorization as a ticket authorization rather than a normal transaction.

[createticketandauth]integer. Only the value 1 is allowed

If set to 1 it will perform two transactions. First a regular authorization, and if accepted followed by a ticket registration. Please notice that the orderid will be postfixed with ”-T”.

[test]integer. Only the value 1 is allowed

This field is used when tests are being conducted on the shop
If set to 1 - a test purchase will be done to the shop. When this field is declared, the transaction is not dispatched to the card issuer, but is instead handled by the DIBS test module. See also Step 5 of the 10 Step Guide for more information. Should the test system be used at a later date, this will be activated at DIBS (contact DIBS support for reactivating the test mode of your shop).

[MAC]string. Max 64 hexadecimal characters which fits a SHA-256 code

This variable enables a hmac key control of the values received by DIBS. This control confirms that the values sent to DIBS has not been tampered with.
MAC = hash_hmac(”sha256”, $string, hexdec(hkey))
where hkey is a shop specific key available through the DIBS administration interface.

Note: Values must be sorted by ASCII before the calculation

Below is an example in PHP on how to calculate the mac key.

[voucher]integer. Only the value 1 is allowed

If set to 1 paying with voucher will also be available as payment method.

 

Please Note:

For the parameters addfee, voucher, createticket, createticketandauth and test – the value must be 1. If any other values are posted the window will not be accessible resulting in an error.

Example


<html>
<body>
<form name="payform" method="post" action="https://pay.dibspayment.com/">
<input type="hidden" name="merchant" value="1111111" />
<input type="hidden" name="amount" value="200" />
<input type="hidden" name="currency" value="208" />
<input type="hidden" name="orderid" value="TEST-123456789" />
<input type="hidden" name="acceptreturnurl" value="https://yourdomain.com/acceptReturnUrl.php" />
<input type="hidden" name="paytype" value="MC,VISA,DIN" />
<input type="hidden" name="uniqueid" value="TEST-123456789" />
<input type="hidden" name="callbackurl" value="https://yourdomain.com/CallbackUrl.php" />
<input type="hidden" name="cancelreturnurl" value="https://yourdomain.com/cancelReturnUrl.php" />
<input type="hidden" name="language" value="en_GB" />
<input type="hidden" name="addfee" value="1" />
<input type="hidden" name="voucher" value="1" />
<input type="hidden" name="test" value="1" />
</form>
</body>
</html>



MAC calculation example in PHP

The shops HMAC key is available through the Dibs administration interface under the menu "Integration" submenu "HMAC".

$k = ” 64264f26515e7a71624d69283329244452564e49jd395952694863382850234956567565434c4158304
a486b43562d337948456f516e732a73586c463a6e7068”;

function hextostr($hex) {
    $string = "";
    foreach(explode("\n", trim(chunk_split($hex,2))) as $h) {
        $string .= chr(hexdec($h));
    }
    return $string;
}

$k = hextostr($k);//hex must be converted to string
$_POST = all parameters included in the FORM except MAC.

$string = ””;
ksort($_POST); // sort posted values by alphanumeric
foreach($_POST as $key => $value) {
    if(strlen($string) > 1) $string .= ”&”;
    $string .= $key . ”=” .$value; // create string representation
}
$MAC = hash_hmac(”sha256”, $string, $k);

Send MAC ? $_POST[”MAC”] = $MAC;

Response from the Dibs server

When a payment is approved the MAC key returned to the shop is calculated from the same calculation described above e.g from all the paramaters received from the acceptreturnurl or callbackurl.

When the shop receives the response, it performs the same calculation.If the keys do not match the transaction should be rejected.

Testing

General test information can be found here.

 
CMS - Content Management System By SiteLoom