1Introduction

This manual explains the installation, configuration and usage of the payment module for e-Commerce and Opayo.

Before beginning with the installation, please make sure that you are in possession of all necessary data:

  • You should have received a vendor name, a user name as well as a password from Opayo for the live and test platform
  • e-Commerce payment module by sellxed.com/shop
  • Access data to your server and shop

In case you don't yet have a contract with Opayo, you can gladly acquire it directly through us.

Note that you must use at least PHP version 5.6 for our plugins. PHP 8 or higher is currently not supported.

1.1Procedure of the Installation

In this document you will find all important information for the installation of the module. It is important that you strictly follow the checklist. Only by doing so, can a secure usage in correspondence with all security regulations be guaranteed.

  1. Configuration of the test administration interface of Opayo. You will find the test platform under https://test.sagepay.com/mysagepay/loginpage.msp
  2. Configuration of the basic settings of the payment module
  3. Configuration of the payment methods
  4. Carrying out of a test purchase by means of the attached test data at the end of this document
  5. If the test was successful, you can request the going live of your account by Opayo. With the obtained access data you can log into the live environment. The live environment can be found under the following URL: https://live.sagepay.com/mysagepay/loginpage.msp
Installation Service

Our payment plugins should have per default the correct settings for most of our customers' preferences. That means once you have entered the required credentials in the plugin configuration to connect your account to your website, the plugin should be fully operational. Should you be willing to receive detailed information on a setting you do not know, you may contact our support team who will be able to assist you further.

Our support team is at your disposal during regular business hours at: http://www.sellxed.com/support. Furthermore, you have the option of ordering our installation service. We will make sure the plugin is installed correctly in your shop: http://www.sellxed.com/shop/de/integration-und-installation.html

.htaccess Directory Protection

In order to test the module, any kind of directory protection or IP blocking on your server must be deactivated. This is crucial as otherwise the payment feedback of Opayo might not get through to the shop.

2Configuration Opayo - Backend

For the configuration log into Opayo in the Administration Tool (MySagePay):

The settings carried out on the following pages are a precondition for the later configuration of the main module.

2.1Valid IPs

In order for your shop to be able to access the payment page of SagePay, the IP of your server has to be saved as a valid IP with SagePay.

2.1.1Identify the IP Address of your Shop

In a first step you must find out the IP address of your shop. We display the IP on the about page of the plugin directly in your store.

Alternatively, request your IP directly with the host of your website.

Figure 2.1: You find your IP in the about section of the plugin (here a screenshot inside Magento).

2.1.2Entering the Valid IP

Click on add and enter the above identified IP address. Enter 255.255.255.000 for the subnet mask.

Figure 2.1: Adding an IP

3Module Installation and Update in the e-Commerce Shop

3.1Installation

At this time you should already be in possession of the module. Should this not be the case, you can download the necessary files in your customer account in the sellxed shop (Menu "My Downloads Downloads"). In order to install the module in your shop, please carry out the following steps:

  1. Download the plugin. The download can be found in your sellxed.com account under "My Downloads".
  2. Unzip the archive you have just downloaded.
  3. In the unzipped folder navigate to the folder "files"
  4. For some shops there are different versions of the plugin provided. If this is the case open the folder which corresponds to your shop version.
  5. Using your preferred FTP client upload entire content of this folder into the root directory of your shop. For some shops there is a specific folder containing the plugins. If that is the case upload the plugin into this folder. Make sure that the folders aren't replaced but merely merged.
  6. If you haven't yet done so, log back into your shop.

3.2Updates and Upgrades

You have direct and unlimited access to updates and upgrades during the duration of your support contract. In order to receive constant information about available updates we ask you to subscribe to our RSS feed that we publish for your module.

More information regarding the subscription of this RSS feed can be found under: http://www.sellxed.com/en/updates_upgrades.

We only recommend an update if something doesn't work in your shop, if you want to use new feature or if there is a necessary security update.

3.2.1Update Checklist

We ask you to strictly comply with the checklist below when doing an update:

  1. Always do a backup for your database and your files in your shop
  2. Use always a test system to test the update process.
  3. Wait until all the files are copied to the shop, clear the cache if there is one in your shop and then visit the configuration page of the main module so that the update process will be initialized.
Do not do updates directly in the live environment

Please test the update procedure first in your test shop. Our support team is able and willing to help you if you experience problems with the update process. However, if you decide to perform the update directly in your live shop there is the possibility of a downtime of the shop of more than two days depending on the availability of our support if you do not want to book our complementary support.

Depending on the version it could be that the database has to be migrated. We recommend you therefore, to perform the updates in times when the shop is not visited too frequently by your customers.

3.2.2Update Instructions

Please always read the update instruction. Those instructions can be found in the changelog. If there are no special remarks, you can proceed by just overwriting the files in your system.

4Module Configuration in the e-Commerce Shop

The configuration consists of two steps. The first step is the configuration of the main module with all the basic settings (cf. Configuration of the Main Module). During the second step you can then carry out individual configurations for each payment method . This allows for full flexibility and perfect adaptation to your processes.

Create backups!

Please create a backup of the main directory of your shop. In case of problems you will then always be able to return your shop to its original state.

We furthermore recommend testing the integration on a test system. Complications may arise with third party modules installed by you. In case of questions, our support is gladly at your disposal.

4.1Basic Module Configuration

Activate the plugin by selecting the module E-commerce Opayo in the Plugin menu.

The settings for the basic module can be found at Opayo > Opayo . Fill out the fields, you should have already entered the necessary data in the Opayo backend or you received it as part of your correspondence with Opayo. Each option is explained in more detail in a short info text in the shop.

4.2Payment Method Configuration

After the basic module has been configured successfully, you can proceed to the payment settings. The payment methods you want to accept in your shop can be adjusted at Settings > Store > Payments . Every payment method is listed individually. Activate the payment methods you would like to provide in your shop by ticking the corresponding boxes on the right side. Individual changes can be made for each payment method to adjust it to your processes.

4.3Direct Capturing of Transactions

The option "Capture" allows you to specify if you wish to debit payments directly or if you first wish to authorise them and then debit the payment at a later point.

Depending on your acquiring contract, a reservation is only guaranteed for a specific period of time. Should you fail to debit the payment within that period, the authorisation may therefore no longer be guaranteed. Further information on this process can be found below.

Different settings between Opayo and the module

It may be that settings saved in the payment modules overwrite settings saved in Opayo.

4.4Uncertain Status

You can specifically label orders for which the money is not guaranteed to be received. This allows you to manually control the order before shipment.

4.4.1Setting the order state

For each payment method you may select in which state the order should be set to depending on the booking state. This is the initial state of the order.

4.5Optional: Validation

Note: It can be that this option is not visible in your module. In this case just ignore this section.

With the option 'Validation' you can define the moment when the payment method should be made visible to the customer during the checkout process. This setting is relevant for modules where the usage depends on the customer's compliance with specific preconditions. For example, if a solvency check has to be carried out or if the payment method is only available in certain countries. In order for the credit check or address validation to also work with European characters, the charset of the "Blowfish mode" must be set to "UTF-8" for certain PSP settings.

You have the choice between these options:

  • Validation before the selection of the payment method: A validation verification is carried out before the customer selects the payment method. If the customer does not fulfill the requirements, the payment method is not displayed
  • Validation after selection of the payment method: The verification of the compliance occurs after the selection of the payment method and before the confirmation of the order
  • During the authorisation: The validation verification is carried out by Opayo during the authorisation process. The payment method is displayed in any case

5Settings / Configuration of Payment Methods

5.1General Information About the Payment Methods

The plugin contains the most common payment methods. In case a desired payment method is not included per default, please contact us directly.

In order to be able to use a payment method, it must be activated in your account with Opayo as well as in your shop. Information about the configuration of the payment methods can be found further above.

Below you can find important information for specific payment methods that deviate from the standard process.

5.2Information on Payment Status

For each payment method you can define an initial payment status (status for authorized payments etc.). You hereby define the payment status for each state depending on the processing type of the order (captured, authorized, etc.). It's the initial status which the order assumes. Depending on the mutation carried out by you, the status can change.

Important info regarding Order Status

Never set the status to Pending Opayo or any similar pending status which is implemented by the module.

5.2.1Order status "pending" / imminent payment (or similar)

Orders with the status 'pending Opayo' are pending orders. Orders are set to that status if a customer is redirected in order to pay but hasn't returned successfully or the feedback hasn't reached your shop yet (Customer closed window on the payment page and didn't complete payment). Depending on the payment method these orders will automatically be transformed into cancelled orders and the inventory will be cleared (so long as the Cronjob is activated). How long this takes depends on the characteristics of the payment method and cannot be configured.

If you have a lot of pending orders it usually means that the notifications from your webserver to Opayo are being blocked. In this case check the settings of your firewall and ask the Hoster to activate the IPs and User Agents of Opayo.

5.2.2Order status "cancelled"

Orders with the status "cancelled" have either been set to that status automatically due to a timeout, as described above, or have been cancelled directly by the customer.

5.3Opayo Authorization methods

Payment Page (Server) and iFrame (Server with iFrame) are the authorization methods which do not require for your shop a PCI-certificate. Please check our product description page for a real time overview of the payment methods that support the specific authorization method you are interested in. If you are PCI-certified you can feel free to activate and configure the authorization method Server Authorization (Direct). This is an integration which requires a PCI certification. It is therefore crucial that you do not integrate this authorization method if you aren’t PCI-certified.

5.3.1Selection of the Authorisation Method - National Payment Methods

You have the choice between integration via InFrame or via Payment Page. In the case of national payment methods such as ELV, Sofortüberweisung, etc., you must use Payment Page as Authorisation Method.

5.3.2Fraud Recognition Rules

You have the possibility of filtering orders based on certain criteria and then have the order be labelled by the system. You can select a combination of rules which - if the criteria are fulfilled cumulatively - will lead to the order being moved into a pending status for manual verification.

Figure 5.1: Fraud Rules Configuration.

5.4Opayo PayPal

You have the possibility of processing PayPal via Opayo. In order to do so, the payment method must be activated in your account.

Please follow the instructions of the installation guides of Opayo in order to configure the module. You will find these in the administration interface (MySagePay) under the tab 'Payment Methods'.

6The Module in Action

Below you will find an overview of the most important features in the daily usage of the Opayo module.

6.1Useful Information on Transactions

For each order processed with our module you can access an overview of the most important transaction information. Among other things, this allows you to identify each corresponding order to each transaction displayed in the backend.

You can find the orders at Dashboard > Store Sales.

Figure 6.1: Transaction information in WordPress E-Commerce.

6.2Alias Manager / Token Solution Usage

The Alias Manager allows you to store your customers' credit card data safely with Opayo. You can enable this by activating the option "Alias Manager" in the configuration of the Payment Method. The customer can then select between the saved cards when making purchases in the future and does not have to enter all credit card data again.

Figure 6.1: Alias Manager in WooCommerce
Alias Manager Options

In order to use the Alias Manager, the option has to be unlocked by Opayo. Please contact the support service if you wish to activate the option.

6.3Capture / Cancel Orders

6.3.1Capturing and Cancelling Orders

In order to capture orders, open the order first (Dashboard > Store Sales) and then open the transaction information. Enter the amount you want to capture into the input field. By clicking on Capture the card is charged directly.

An order can be cancelled by clicking "Cancel Transaction" and the transaction as well as the reserved amount is released on the customer's card immediately.

Capturing Orders in the Opayo Backend

The transaction management between Opayo and your shop is not synchronised. When capturing payments in the Opayo, the status is not adjusted in the shop and a second capture is not possible.

Figure 6.1: Cancelling and capturing orders
Partial Capturing

Please inquire, whether multiple captures are supported within your Opayo contract. Otherwise, partially captured transactions could be blocked from future captures.

6.4Order Refunds

In order to refund an order, open the transaction information (see above).

You can refund individual items or an arbitrary amount by adjusting the total amount or the number of items.

Figure 6.1: Refunds in WooCommerce for Opayo.
Maximum Refund

Our module restricts the refund amount to 100% of the originally authorised amount.

6.5Transaction History

Every action within the transaction management is processed through the module. Information on each transaction can be viewed in the corresponding order.

Figure 6.1: Transaction overview in the transaction history.

6.6Cron Job Setup

In order to activate the time-controlled plugin functions (e.g. update service, deleting pending orders etc.) you have to set up cron jobs in e-Commerce. The update function is especially relevant - it allows you to fetch subsequent transaction changes at Opayo via the API. Please keep in mind that additional options might have to be activated.

The module uses the default e-Commerce cron. Information on the setup can be found here.

7Testing

Before switching from test to live mode it is important that you test the module extensively.

Testing

Do not forget to switch the operating mode from test to live after having successfully tested the module.

7.1Test Data

In the following section you can find the test data for the various payment methods:
Credit / Debit Card
Card number
4929 0000 0000 6
Expiry Date
12/2030
CVC
123
Visa
Card number
4929 0000 0000 6
Expiry Date
12/2030
CVC
123
MasterCard
Card number
5404 0000 0000 0001
Expiry Date
12/2030
CVC
123
Debit Visa
Card number
5573 4700 0000 0001
Expiry Date
12/2020
CVC
123
Visa Electron
Card number
4917 3000 0000 0008
Expiry Date
12/2020
CVC
123

8Errors and their Solutions

You can find detailed information under http://www.sellxed.com/en/faq. Should you not be able to solve your problem with the provided information, please contact us directly under: http://www.sellxed.com/en/support

8.1The Referrer URL appears in my Analytics Tool

When a customer and the notification are redirected via Header Redirection, the Opayo Referrer URL might appear in your Analytics Tool thus hiding the original traffic source. However, most Analytic Tools are able to minimize this problem.

In case you are using Google Analytics as reporting tool, this step by step guide may help you to exclude the URLs: under bullet point 4.

9Error Logging

The module will log different unexpected errors or information depending on the configured level. If there is any issue with the module, this log can help identify the cause.

9.1Log Levels

You can configure the log level in the Opayo settings.

  • Error: Logs unexpected errors only. (Default)
  • Info: Logs extended information.
  • Debug: Logs information helpful for debugging.

9.2Log Location

The log file is stored in the logs folder of this plugin wp-content/plugins/plugins/ecommerce_sagepaycw/logs. Please make sure the path exists and it is writable by the webserver.

10Advanced Information

This section of the manual is for advanced usage of the module. The content is for advanced users with special requirements. Everything in this section is optional and not required for the daily usage of the module.

10.1Transaction Object

This section describes how to extract information from a transaction, if you need it for further processing. E.g. you require more information of the transaction for further processing an order in your ERP system.

The code snippets in this section assume your script resides in the root folder of the shop with the default shop folder structure.

Have Wordpress initialized in your script, this is required for the database connection.
require_once( dirname(__FILE__) . '/wp-load.php' );
Include the modules Util class.
require_once ABSPATH.'wp-content/plugins/ecommerce_sagepaycw/classes/SagePayCw/Util.php';
Now you can load the transaction and then extract the transactionObject.
Load the transaction by Id:
$transactionById = SagePayCw_Util::getTransactionById($transactionId);
$transactionObject = $transactionById->getTransactionObject();
Load the transaction by the external Id:
$transactionByExternal = SagePayCw_Util::getTransactionByExternalId($externalId);
$transactionObject = $transactionByExternal->getTransactionObject();
Load transactions by the order id:
$transactionsByOrder = SagePayCw_Util::getTransactionsByOrderId($orderId);
foreach($transactionsByOrder as $transaction){
	$transactionObject = $transaction->getTransactionObject();
	//Do something with each object
}