InterPay™ – SportsPay’s proprietary gateway – offers easy integration with registration systems by using simple format messages over industry-standard SSL connections. The same technology used by your Web browser to encrypt your sensitive data is used to communicate with our card processing gateway.
Transaction messages supported by InterPay™’s integration interface consist of simple strings of name/value pairs which can be sent using either SSL or HTTPS GET.
The InterPay™ gateway supports three types of processing:
HOST-BASED
Host-based is used when the registration platform will send a complete transaction including the card information. It requires that the registration platform’s web server collect the card data (or token) and then send the request to the InterPay™ gateway. The response is received and the financial transaction is complete.
The following transaction types are supported: Sale, Void, Force Post, Return, Return Void, Auth Only, Pre-Authorization, Completion, Balance Request, Settlement.
Supports Card Verification Value 2 (CVV2) as well as tagging transactions with Invoice Number, Descriptions, Customer Name and Customer Email Address.
WEB-REDIRECT
Web-redirect is used when the browser is redirected to SportsPay’s hosted payment page and then back to the registration system once the transaction is completed. The registration platform’s web server never comes into contact with the card data and therefore is fully protected.
The first request is sent to “set up” the transaction and includes the Amount and Request ID, and the response will contain a URL for the customer’s browser to be redirected to. After the customer enters their data and is approved, the InterPay™ gateway redirects them back to the registration platform. A second request is then sent from the registration platform’s web server to the InterPay™ gateway in order to get the results of the transaction.
Web-redirect supports Sale, Refund and Tokenization for Visa Credit, Visa Debit, MasterCard Credit, MasterCard Debit.
NewEMBEDDED TOKENIZATION
Embedded Tokenization is used when the card data is sent between the browser and gateway using JavaScript.
The registration platform’s web server never comes into contact with the card and therefore is fully protected. All card data is sent between the browser and the gateway.
It begins with receiving a One-Time Token which is completed through loading InterPay JavaScript. The One-Time Token can then be used to complete a host-based transaction. Each host-based transaction returns a “permanent” token, which can then be stored and reused for subsequent transactions for that card.
Embedded Tokenization allows the registration platform to keep the customer on their page, having complete control of the user experience, payment flow, and UI/UX.
Throughout this document, “cardholder” or "customer" is referring to the end-user as in the customer (e.g. the parent paying for their child’s registration). “Organization” or "merchant" is referring to the the platform’s client who has a merchant account with SportsPay (e.g. the baseball club, the soccer organization, the hockey association, etc.). “Registration platform”, “platform” or "registration system" is referring to the registration software that is being integrated into InterPay™ including the actual software, its web server, and the database.