Introduction
Sherlock's is a secure multi-channel e-commerce payment solution that complies with the PCI DSS standard. It allows you to accept and manage payment transactions by taking into account business rules related to your activity (payment upon shipping, deferred payment, recurring payment, payment in instalments, etc.).
The purpose of this document is to explain the American Express means of payment integration into Sherlock's.
Who does this document target?
This document is intended to help you implement the American Express means of payment on your e-commerce site.
It includes:
- functional information for you
- implementation instructions for your technical team
To get an overview of the Sherlock's solution, we advise you to consult the following documents:
- Functional presentation
- Functionality set-up guide
Understanding American Express payments with Sherlock's
General principles
The American Express card is an international payment card issued by and associated with the American Express payment network.
The American Express network offers a wide range of personal and professional cards, and above all allows card users to defer settlement of the amount owed.
American Express has also joined the 3-D Secure programme, under the Safekey brand, to reduce the risk of fraud on customers online purchases.
To pay with an American Express network card, cardholders have to provide their card details, namely:
- Card number
- Expiry date
- Visual security code (or security code, referred to as CID or 4DBC for American Express)
- If the cardholder's card and your merchant ID are enrolled in Safekey, the customer will be required to enter a dynamic one-time use code, usually received on their mobile phone.
Acceptance rules
Available functionalities
Payment channels | ||
---|---|---|
Internet | V | Default payment channel |
MAIL_ORDER, TELEPHONE_ORDER | V | SafeKey authentication not applicable |
Fax | V | SafeKey authentication not applicable |
IVS | V | SafeKey authentication not applicable |
Means of payment | ||
---|---|---|
Immediate payment | X | |
End-of-day payment | V | Default method |
Deferred payment | V | In case of SafeKey authentication, the capture delay is limited to 6 days. |
Payment upon shipping | V | In case of SafeKey authentication, the capture delay is limited to 6 days. |
Payment in instalments | V | Only the 1st transaction could be SafeKey authenticated transaction. |
Subscription payment | V | SafeKey authentication not applicable |
Batch payment | V | SafeKey authentication not applicable |
OneClick payment | V |
Currency management | ||
---|---|---|
Multicurrency acceptance | V | According to your contract |
Currency settlement | V | According to your contract |
Authorisation request
The authorisation duration for American Express cards depends on your acquirer. By default, the duration is 6 days.
In the case of a deferred payment lasting 6 days or less, Sherlock's makes an authorisation request to the acquirer for the full amount of the transaction which will then be remitted according to the requested mean of payment.
As for a deferred payment lasting longer than 6 days, Sherlock's makes two authorisation requests to the acquirer:
- the 1st online authorisation request, called “account verification”, allows to check the account status and validity without impacting the authorisation limit.
- a 2nd authorisation request for the real transaction amount at the time of bank withdrawal.
Account verification on your initiative
For INTERNET, MAIL_ORDER and TELEPHONE_ORDER channels, on the Sherlock’s Office and Sherlock’s Office Batch interfaces only, you are allowed to perform an account verification on your own initiative (not conditioned by the deferred payment delay). To do this, you have to set the transaction amount to “0”. Therefore, Sherlock's will perform an account verification from the acquirer, and the transaction will be stored in the Sherlock's information system, but won’t be remitted in bank.
Cap adjustment in case of an error
During a payment, sometimes the current transaction cannot be finalised. This is the case, for instance, when one of the actors in the banking network encounters a failure when processing an authorisation request. The Sherlock's server will send a message to cancel the transaction which is called cap adjustment. This message allows the issuing bank to update, if necessary, the cardholder's card outstandings.
Payments remittance in the bank
Payments are remitted to American Express according to the payment terms you set. As standard, the remittance in bank is triggered at night as from 10 pm CET (Central European Time) via a file exchange with American Express.
Safekey programme
Overview
American Express has created the Safekey programme to enhance transactions reliability. This programme is very similar to the 3-D Secure programme offered by Visa and MasterCard. In this programme, customers trying to pay with an American Express card are asked to authenticate themselves as being cardholders. This authentication procedure involves American Express as both card acquirer and card issuer.
If all parties follow the authentication process rules, American Express may guarantee the transaction payment for you. Sherlock's does not provide any information regarding the payment guarantee offered by American Express.
The Safekey authentication procedure results may trigger the automatic transaction relegation. This means that under specific circumstances, the transaction is processed as if no Safekey authentication procedure had been performed at all.
The automatic relegation is triggered by any of these circumstances:
- the card used is not marked as enrolled in the Safekey authentication programme.
- a technical issue (e.g. temporary service failure) occurs during the Safekey authentication procedure.
Limitations on deferred payments
In the case of a deferred payment request with Safekey authentication, the delay cannot exceed 6 days (if the merchant requests a delay greater than 6 days, Sherlock's system will automatically force this delay to 6 days during the payment process).
Deactivation on demand
When you subscribe to the Safekey authentication programme, all Safekey eligible payments will be processed using this authentication system. However, it is possible to disable the Safekey authentication programme on demand, by populating a dedicated flag in the request.
Reversal request
A reversal request aims to cancel the modification of the issuer authorisation cap.
This reversal request is always linked to an authorisation request.
The reversal request is sent to the acquirer in the following case:
- the merchant fully cancels the transaction;
- the authorisation server doesn't respond positively to an authorisation request for the following reasons: "approved after identification" or "approved for partial amount";
- no response has been received after an authorisation request (timeout);
Credit holder specificity
For American Express payment mean, credit holder request must always follow an initial debit transaction.
The difference with a refund request is that credit holder request allows you to credit your customer's account from an initial debit transaction that was not created on Sherlock's.
American Express may verify the integrity of your credit holder requests by doing some checks:
- your American Express balance account should be positive;
- ratio between the number of credit holder requests and number of debit requests should be coherent;
- ...
In case of suspicion, American Express reserves the right to contact you.
Check CVV specificity
When performing CVV check, American Express accept any transaction whatever the code is right or wrong. Result of this check is returned in field (
cardCSCResultCode
You can also choose to just take in account value of field (cardCSCResultCode
)
to adapt response or eventually proceed a cancellation of transaction
Signing your American Express acceptance contract
In order to offer the American Express means of payment on your website, you have to sign a distance selling contract with American Express. Thereafter, you transmit us the contract number for recording in our information system.
Accepted currencies
All currencies may potentially be accepted on Sherlock's (Please refer to the paragraph 'currencyCode' of Data dictionary) provided they are specified in one of the contracts agreed upon with American Express. Please note that American Express contracts are single currency contracts. This means you should sign one American Express acceptance contract for each desired currency.
Order channels
If you use several order channels, you must open one American Express contract per channel.
- one contract for MOTO and Euros
- one contract for MOTO and Dollars
- one contract for Internet/In-App and Euros
- one contract for Internet/In-App and Dollars
Making an American Express payment
Sherlock's offers you three solutions to integrate the American Express means of payment:
- Sherlock’s Paypage which directly acts as the payment interface with customers via their web browser.
- Sherlock’s Office which gives you the possibility to display your payment pages and works through a server-to-server dialog.
- Sherlock’s Office Batch which allows you to process batch payments.
The remittance modes available for an American Express transaction are:
- Cancellation mode: default mode allowing transaction remittance on a predefined date, called capture delay. When this capture delay is reached, the remittance is sent automatically. This delay is set via the captureDay field with its 0 default value (end-of-day payment).
- Validation mode: you must validate the transaction to trigger the remittance. A capture delay must also be defined. When this capture delay is reached or exceeded, you will not be able to validate the transaction, which will therefore expire automatically.
The diagram below explains the different transaction statuses according to the chosen capture mode:
Making an American Express payment with Sherlock’s Paypage
The payment process for Sherlock’s Paypage is described below:
Setting the payment request
The AMEX acquisition system provides a specific system performing some additional controls on the transaction, named AMEX Enhanced Authorization (AMEX-EA).
This system uses data from multiple optional fields to perform these controls.
Analysing the response
The following table summarises the different response cases to be processed:
Status | Response fields | Action to take | |
---|---|---|---|
Payment accepted | acquirerResponseCode = 00
authorisationId = (cf. the
Data Dictionary).paymentMeanBrand =
AMEXpaymentMeanType =
CARDresponseCode =
00 |
cardCSCResultCode = 4D |
You can deliver the order. |
Payment accepted with wrong CVV | responseCode =
00cardCSCResultCode != 4D (please refer to the Data dictionary) |
Transaction is authorized but a wrong CVV has been dectected. You may cancel the transaction or keep as it | |
Refusal for wrong CVV | acquirerResponseCode =
00responseCode =
14cardCSCResultCode != 4D (please refer to the Data dictionary) |
Transaction refused because CVV is wrong | |
Acquirer refusal | acquirerResponseCode = (cf.
the Data Dictionary).responseCode =
05 |
The authorisation is refused for a reason unrelated to
fraud. If you have not opted for the "new payment attempt"
option (please read the Functionality
set-up Guide for more details), you can suggest that your
customer pay with another means of payment by generating a new
request. |
|
Refusal due to the number of attempts reached | responseCode = 75 |
The customer has made several attempts that have all failed. | |
Refusal due to a technical issue | acquirerResponseCode = 90-98
responseCode = 90,
99 |
Temporary technical issue when processing the transaction. Suggest that your customer redo a payment later. |
For the complete response codes (responseCode
) and acquirer response
codes (acquirerResponseCode
), please refer
to the Data dictionary.
For more information, please refer to the 3-D Secure guide for analysing authentication data.
Making an American Express payment with Sherlock’s Office
The payment process for Sherlock’s Office is described below:
Setting the payment request
American Express payments can be initiated using the cardCheckEnrollment
function of the
CheckOut service.
The following fields are used to send information specific to this means of payment:
Field name | Remarks/rules |
---|---|
cardNumber |
Mandatory |
cardExpiryDate |
Mandatory |
cardCSCValue |
Mandatory, 4 digits (4DBC) |
paymentMeanBrand |
Must be populated with AMEX. |
merchantLocationId |
Optional. If provided in request, will be sent with the transaction in the remittance file to Amex. |
For more information, please refer to the 3-D Secure guide on Sherlock’s Office connector to implement the other steps of a 3-D Secure payment.
Managing your American Express transactions
Available cash operations
The following operations are available on American Express transactions:
Cash management | ||
---|---|---|
Cancellation | V | |
Validation | V | |
Refund | V | |
Duplication | V |
The diagram below allows you to know which cash management operation is available when a transaction is in a given state:
Viewing your American Express transactions
Reports
The reports provided by Sherlock's allow you to have a comprehensive and consolidated view of your transactions, cash operations, accounts and chargebacks. You can use this information to improve your information system.
The availability of American express transactions for each type of report is summarised in the table below:
Reports availability | |
---|---|
Transactions report | V |
Operations report | V |
Reconciliations report | V |
Chargebacks report | V |
Sherlock's Gestion
You can view your American Express transactions and perform various cash management operations with Sherlock's Gestion.