CardGate.net Pty Ltd CardGate® Payment Gateway V4 ... · Each Merchant ID configured on the Bank's host must have a minimum of one terminal ID (CATID) assigned to it. A terminal

CardGateV4-TM.014.doc Commercial-in-confidence Issue 14 - Page 1 of 66

CardGate.net Pty Ltd

CardGate®

Payment Gateway V4

Technical Manual

CardGate program version 4.09

16 July 2008

Issue 14

CardGate.net Pty LtdA.C.N. 086 679 950

1/200 Wellington RdClayton 3168

Australia

PO Box 4297Mulgrave 3170

Australia

Tel (03) 9582 7000Fax (03) 9582 7001

Support (03) 9582 7099

[email protected]

www.cardgate.net

Reference : DOC-CardGateV4-TM

Copyright© 1999-2005 UMD IP Pty Ltd ACN 087 361 644


1. Introduction ..........................................................................................................................................3

1.1 Overview ........................................................................................................................................3

1.2 What is the CardGate Payment Gateway?......................................................................................3

1.3 What does the Merchant need to supply? .......................................................................................3

1.4 Communications between CardGate and COMMLINK.................................................................3

1.5 Virtual Terminals............................................................................................................................4

1.6 This Manual....................................................................................................................................4

1.7 Trademarks .....................................................................................................................................4

1.8 Confidentiality and Copyright ........................................................................................................4

1.9 Abbreviations .................................................................................................................................4

2. Configuring CardGate ..........................................................................................................................5

2.1 Win32 Registry...............................................................................................................................5

2.1.1 Strings......................................................................................................................................5

2.1.2 Registry Values........................................................................................................................6

2.2 External Files................................................................................................................................11

2.2.1 Terminal definition file..........................................................................................................11

2.2.2 Sequence number files...........................................................................................................12

2.2.3 Remembered state file ...........................................................................................................12

2.2.4 Warning bulletin file..............................................................................................................13

2.3 Operating System Settings............................................................................................................13

3. Interapplication Communications.......................................................................................................14

3.1 System Partitioning.......................................................................................................................14

3.2 Interfacing with CardGate ............................................................................................................14

3.2.1 File method............................................................................................................................14

3.2.2 Sockets method......................................................................................................................15

3.3 Custom Interfaces.........................................................................................................................15

4. Merchant Application Data Interchange.............................................................................................16

4.1 Record Structure...........................................................................................................................16

4.2 CardGate Responses.....................................................................................................................16

4.3 Requests Fields.............................................................................................................................18

4.3.1 Source ID...............................................................................................................................18

4.3.2 Sequence Number..................................................................................................................18

4.3.3 Message Type........................................................................................................................18

4.3.4 Merchant ID...........................................................................................................................18

4.3.5 Reference Text.......................................................................................................................18

4.4 Non-Financial Authorisation / Financial Transaction Request / Warning Bulletin Lookup.........19

4.4.1 Authorisation /Financial Transaction Response....................................................................21

4.4.2 Authorisation / Financial Acknowledgment ..........................................................................23


4.4.3 Reversals................................................................................................................................27

4.5 Financial Capture Transaction Request ........................................................................................28

4.5.1 Financial Capture Response ..................................................................................................29

4.5.2 Financial Capture Response Acknowledgment .....................................................................31

4.6 Reconciliation Advice ..................................................................................................................32

4.6.1 Reconciliation Response........................................................................................................33

4.6.2 Reconciliation Response Acknowledgment ..........................................................................33

4.6.3 Settlement Options ................................................................................................................34

4.7 CardGate Immediate Commands..................................................................................................35

4.8 Training Mode / Host Emulation..................................................................................................39

5. Traceability, Logging and Anomalies ................................................................................................40

5.1 CardGate Record Of Transaction Log..........................................................................................40

5.2 Monitor Log..................................................................................................................................40

5.2 Monitor Log via Socket Stream....................................................................................................42

5.4 Socket Request Log......................................................................................................................42

5.5 Host Communications Log...........................................................................................................43

5.6 Event Logging ..............................................................................................................................43

5.7 Typical Anomalies........................................................................................................................45

5.6.1 Event ID 7 and ID 37.............................................................................................................45

5.7.2 Event ID 24............................................................................................................................45

5.7.3 Event ID 34............................................................................................................................45

6. User Interface .....................................................................................................................................46

6.1 State View ....................................................................................................................................46

6.2 Console View ...............................................................................................................................46

7. Support ...............................................................................................................................................46

8. Revision History.................................................................................................................................47

Appendix A. COMMLINK Response Codes .........................................................................................49

Appendix B. CardGate Response Codes ................................................................................................50

Appendix C. Version Differences...........................................................................................................53

C.1 Version 4 differences ...................................................................................................................53

Appendix D. Sample Reference Visual Basic Client..............................................................................54

Appendix E. Leased Line Configuration ................................................................................................58

E.1 CardGate Registry Settings ..........................................................................................................58

E.2 Telecom side cable.......................................................................................................................58

E.3 Netcomm IG6000.........................................................................................................................58

E.4 Dataplex DPX-234-01..................................................................................................................59

E.5 Dataplex DPX-225-30..................................................................................................................59

E.6 Banksia Pro 144 ...........................................................................................................................60

E.6.1 Internal settings .....................................................................................................................60

E.6.2 Software settings ...................................................................................................................60


Appendix F. Optus/TNS Configuration..................................................................................................61

F.1 CardGate Registry Settings..........................................................................................................61

Appendix G. Telstra Argent Configuration............................................................................................62

G.1 CardGate Registry Settings..........................................................................................................62

Appendix H. Configuring Windows NT ................................................................................................63

H.1 Starting CardGate without logging on .........................................................................................63

Appendix I. Year 2000 Compliance Statement ......................................................................................64

Appendix J. Upgrading from Version 3 to 4..........................................................................................65

J.1 Set up directory.............................................................................................................................65

J.2 Update the Terminal Definition File.............................................................................................65

J.3 Create a new Registry Profile for ENG.........................................................................................65

J.4 Update the new Registry Profile with old settings........................................................................65

J.5 Set up for Optus/TNS Solution.....................................................................................................65

J.6 Transfer state file..........................................................................................................................66

J.7 Test current communications channel...........................................................................................66


1. Introduction

1.1 OverviewCardGate® is a payment gateway that operates exclusively with the Commonwealth Bank ofAustralia's COMMLINK on-line credit card authorisation and transaction system which allowsmerchants to conduct credit card transactions in real-time.

CardGate® is a PC based system that interfaces to the Commonwealth Banks’ COMMLINK host.

CardGate® simply interfaces with a Merchant's computer or interactive voice response (IVR) system.

Custom interfaces to CardGate® can be built to suit a Merchant's exacting requirements.

CardGate® takes the certification load, ie the Merchant system does not need to be evaluated by theCommonwealth Bank prior to taking live transactions.

1.2 What is the CardGate Payment Gateway?The CardGate Payment Gateway is a turnkey PC based package that interfaces a merchant’s transactionsystem - be it a standalone PC, DOS/WINDOWS/UNIX etc based LAN, mini computer, mainframe orIVR systems with the Commonwealth Bank’s COMMLINK™ real-time credit and charge cardauthorisation system.

The package includes -

• CardGate software• CardGate.net's Supply of Turnkey System Agreement incorporating the Merchant

Agreement• Consultancy, customisation, installation• Maintenance which includes 24h x 7d support, software maintenance updates and

alerting service

1.3 What does the Merchant need to supply?CardGate interfaces with the Merchant Application which must be modified to produce the requiredfiles and/or communications links. The standard CardGate interfaces are described in this manual.

The Merchant is responsible for supplying the computer connected to their local area network with anappropriate MS-Windows operating system.

Before CardGate is supplied, the Merchant must sign CardGate.net's Supply of Turnkey SystemAgreement which incorporates the Merchant Agreement.

1.4 Communications between CardGate and COMMLINKCardGate communicates via Bank supplied communications links with the Commonwealth Bank'sCOMMLINK host system by sending it formatted messages and receiving responses. CardGatecompletely handles the communications and error processing requirements.

CardGate can use multiple communications channels, which includes Optus/TNS VPN solution,Telstra Argent®, dial up modem or dedicated leased line via modem using the Commonwealth BankEnterprise Network Gateway (ENG) located at local Bank branches (which is now decommissioned).


1.5 Virtual TerminalsEach Merchant ID configured on the Bank's host must have a minimum of one terminal ID (CATID)assigned to it. A terminal can be regarded exactly like an EFTPOS terminal typically used in retailstores. Each terminal can process only one transaction at a time which will normally complete within afew seconds. It should be noted however that "stuck transactions" can occur which hold up a terminalfor up to half an hour (after which it is deleted from CardGate’s state file).

The number of terminal ID's assigned to a given Merchant ID determines the number of credit cardtransactions that can be handled simultaneously for that Merchant ID.

CardGate introduces the concept of "virtual terminals" where multiple Merchant ID's and multipleterminals per Merchant ID can be handled on a single CardGate gateway. The number of virtualterminals installed determines CardGate pricing.

1.6 This ManualThis manual should be read in conjunction with the Commonwealth Bank of Australia’s COMMLINKspecifications, Version 2.1.

Differences between version 3 and version 4 CardGate will be highlighted in RED.Recommendations will be highlighted in BLUE.

1.7 TrademarksArgent® is a registered trademark of Telstra.

CardGate® is a registered trademark of UMD IP Pty Ltd.

COMMLINK is a trademark of the Commonwealth Bank of Australia.

Microsoft® is a registered trademark of Microsoft Corporation, and Windows is trademark ofMicrosoft Corporation in the United States of America and other countries.

Other brand and product names are trademark or registered trademark of their respective holders.

1.8 Confidentiality and CopyrightNo part of this literary work may be reproduced or transmitted, in any form or by any means,electronic, mechanical, photocopying, recording, or otherwise, stored in any retrieval system of anynature without the written permission of the copyright holder, application for which shall be made tothe copyright holder.

1.9 Abbreviations• ABP – Asynchronous Block Protocol

• ATA – Argent Terminal Adapter

• CBA - Commonwealth Bank of Australia

• CLNP – Connectionless Network Protocol

• ENG - Enterprise Network Gateway, ie CBA's branch network

• MTA – Managed Terminal Adapter

• ROT - Record Of Transaction

• TNS – Transaction Network Services

• TPDU - Transport Protocol Data Unit


2. Configuring CardGateThe CardGate software is configured to suit a particular Merchant Application by:

a) the Win32 Registry

b) Configuration files

c) Operating system settings

2.1 Win32 RegistryCardGate uses registry sub-key "\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate PARM"to store its configuration values, where PARM is the optional command line parameter used to call theCardGate executable. This concept of profiles is new to CardGate V4 and proves very useful in a multi-connectivity and/or multi-session environments.

For example: you could have a Windows short cut labelled “CardGate via ENG”, with the short cuthaving the target set to:

“C:\program files\cardgatev4\cardgate.exe” ENG

This would use registry sub-key:

"\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate ENG"

2.1.1 StringsRegistry string values may contain the following 'escape' characters:

\\ single back slash (\)\r carriage return ie 0Dh\n line feed ie 0Ah\t tab ie 09h\nnn octal value nnn\xhh hexadecimal value hh


2.1.2 Registry Values

Software unlockingValue name Type limits default

Serial Nr String max length 8 ""

This parameter is supplied by CardGate.net. It is used to serialise the package and "unlock" virtualterminals.

State file back upValue name Type limits default

State Backup File String max length 40 ""

If you want the state.dat file backed up in real time, provide the file name (and path if not in the currentdirectory), eg “state.bak” or “d:\\cardgatebak\\state.bak”

It is recommended that a backup of the important state file be enabled.

CommunicationsValue name Type Limits default

Dial0 String max length 40 ""

Telephone number used to access the Bank host.

Value name Type Limits default

Line Mode 0 DWORD 0

0 = Dial up modem access1 = Leased line modem access2 = Serial port direct with Data Carrier Detect (DCD)3 = Serial port direct without Data Carrier Detect (DCD)4 = Asynchronous Block Protocol (ABP) wrapping Connectionless Network Protocol (CLNP) - used by Telstra Argent®5 = Asynchronous Block Protocol (ABP) wrapping Transport Protocol Data Unit (TPDU)…..- used by Optus/TNS Solution via MTA serial port6 = TCP/IP, length prepending Transport Protocol Data Unit (TPDU)…..- used by Optus/TNS Solution via MTA ethernet port (NOTE – Option 6 is NOT IMPLEMENTED YET)


Line Nr 0 DWORD 0 ..16 0

When Line Mode 0 = 0 (ie dial up) indicates which TAPI line number to use to dial. 0 is don't care, 1 is thefirst line, 2 the second line and so on.

Value name Type limits default

Comms Port String "COM2"

When Line Mode 0 = 1 to 5, it indicates which communications port to use for the connection.



Comms Mode String "9600,N,8,2"

When Line Mode 0 = 1 to 5 this string is used as the mode command to configure the communications portindicated in Comms Port.

Value name Type Limits Default

Refused String String max length 40 "Connection refused!"

Banner String String max length 40 "\x05"

Logon String String max length 40 “”

Logged On String 0 String max length 40 “CHANNEL 1\r\n”

Logged On String 1 String max length 40 “\x151\x81\xC55)\xFF”

These strings are used in the host logon process. Upon modem connection, CardGate waits for the receiptof the banner string. Once the banner string is received, the logon string is transmitted and then receptionof either logged on string 0 OR logged on string 1 is awaited before proceeding with transmission oftransaction requests.

Refer to the Configuration Settings Appendix relevant to the communications channel you are using (egOptus/TNS) as the defaults above are not relevant to all these options.


Banner Timeout DWORD 1 .. 500

Used by ReadFile(). Is the initial intercharacter gap, in milliseconds, to use when logging on to the host.Used to ensure reception of the banner string and any required delay between transmissions of the firstmessage.


Read Interval Timeout DWORD 1 .. 30 000 10

Used by the Win32 ReadFile() routine to indicate what the intercharacter time is (in milliseconds) beforereturning with a buffer read


No Activity Timeout DWORD 0 ..60 000 0

Time to wait in seconds before disconnecting a call when there is no activity. 0 means don't hang up.


Post Message Delay DWORD 0 .. 30 000 0

Inter message delay in milliseconds. 0 means no delay.


NSAP SHA DWORD 0 .. 0

Telstra Argent® - Network Service Access Point Symbolic Host Address (supplied by the Bank)



NSAP Terminal Id DWORD 0 .. 0

Telstra Argent® - Network Service Access Point Terminal Identifier (supplied by Telstra, tied to theTerminal Adapter)


Listen Port DWORD 4000

TCP/IP sockets server listening port. Note that the Monitor port is this value + 1.


Host Address nn STRING

TCP/IP address (eg 192.168.10.80), or address:port (eg 192.168.10.80:xxxx) of the nnth iNAC (TCP/IPNetwork Access Controller) for the Transact Plus TCP/IP solution. If a port is not specified, then thedefault port xxxx is assumed.

NOTE – NOT IMPLEMENTED


File Mode DirectoriesValue name Type Limits Default

Request Directory string max length 39 "DATA\"

This is where CardGate reads in the request files. NOTE – must end directory names with “\”.


Response Directory 0 string max length 39 "DATA\"

Response Directory 1 string max length 39 “”

Response Directory 2 string max length 39 “”

This is where CardGate writes the record of transaction files. Note that the same file is written out multipletime for redundancy. An empty string indicates not to write out a file. NOTE – must end directory nameswith “\”.

Warning BulletinValue name Type Limits Default

Warning BulletinDirectory

string max length 40 ""

This is where CardGate reads in the Warning Bulletin file. NOTE – must end directory names with “\”.

Note that this directory should be dedicated to only holding the warning bulletin file as whenever any file iswritten to this directory, the Warning Bulletin file is reloaded.


Warning Bulletin File string max length 40 ""

This is the Warning Bulletin file. Blank string means no file present.


Warning BulletinFormat

DWORD 0.. 0

This is the format of the Warning Bulletin file. Only one format handled at the moment.

LoggingValue name Type Limits default

Online Log DWORD 0 .. 1

0 means to not log sockets communications.1 means to log sockets communications as time stamped data to the "ONLINE_YYYYMMDD.TXT" file.2 means to log sockets communications as time stamped data to "COMMS_YYYYMMDD.TXT" file(V3.2)

This should normally be disabled (ie set to 0) in production.



Comms Log DWORD 0 .. 0

0 means to not log received and transmitted frames, 1 means log all bytes received as raw time stampeddata to the "COMMS_YYYYMMDD.TXT" file.

This would normally be disabled (ie set to 0) in production.


Debug Log DWORD 0 .. 1

0 means to not log.1 means to write the monitor output to file "MONITOR_YYYYMMDD.TXT".

This would normally be enabled (ie set to 1) in production.


Error Level DWORD 0 .. 0

0 means standard level of error reporting.

1 means to log socket connections lost and ‘C’ and ‘V’ acknowledgement timeouts to the Event Log.

Note as these errors are more readily viewed in the Debug Log file if enabled, recommendation is to leavethis setting at 0.


Event Log Server String ""

Windows NT event logging is put to the computer named here. If the string is empty, this indicates to usethe local computer's event logging service.

Host emulationValue name Type Limits default

Test Mode DWORD 0 .. 0

0 means normal operation,1 means simulate host response,2 indicates to connect in usual way with host using modem, but simulate host response.


Success Rate DWORD 0 .. 0

When Test Mode is 1, 0 indicates to use cents part of transaction value as the Bank response code; forexample a transaction request with value $1.23 in emulation mode will respond with emulated bankresponse of “23”.Values 1 to 10 is n * 10% success rate, so 10 means 100% success rate.


2.2 External Files

2.2.1 Terminal definition fileCardGate allows multiple Merchants and multiple virtual terminals to be defined for each Merchant.

The terminal definition file "terminalv4.txt" is used to set up these virtual terminals with their CAIC (ieMerchant ID) and CATID (ie Terminal ID) numbers, as assigned by the Bank. [NOTE that CardGateVersion 3 used file “terminal.txt”.]

Terminalv4.txt is a TAB control character delimited text file with the following [optional] fields:

CAIC CATID KEY FLAGSComment [SaleLimit] [RefundLimit]

Comments may be included by starting the line with the “#” character.

FLAGS is made up of a sequence of ASCII HEXADECIMAL digits, ie '0' through ‘9', ‘A’ through ‘F’characters. For boolean values, ‘1’ meaning ENABLE and all other values mean DISABLE.

Position Meaning

1 (most left hand) Refund enable, (boolean).

2 Void enable, (boolean).

3 For sockets transactions, write Record Of Transaction File0 = Don’t write file1 = Write file as CAIC.ROT2 = Write file as CAIC.YYYYMM.ROT where YYYYMM = transactiondate as returned in field 013 (V4.2)3 = Write file as CAIC.YYYYMMDD.ROT where YYYYMMDD =transaction date as returned in field 013 (V4.2)4 = Write file as CAIC.YYYYMM.ROT where YYYYMM = settlementdate as returned in field 015 (V4.2)5 = Write file as CAIC.YYYYMMDD.ROT where YYYYMMDD =settlement date as returned in field 013 (V4.2)

4 Warning Bulletin File look up, (boolean).

5 Return the Primary Account Number (PAN - ie card number) in field911. (V4)

0 = don’t return field 9111 = return the PAN as the FULL card number, eg "5353100000000000"2 = return the TRUNCATED PAN as the first six digits, dot, last threedigits of the PAN, eg "535310.001"3 = return the TRUNCATED PAN as the first four digits, dot, last fourdigits of the PAN, eg "5353.0001"4 = return the TRUNCATED PAN as the first 2 digits, dot, last fourdigits of the PAN, eg "53.0001"5 = return PAN as MD5 hash (refer to document CardGateV4-SM forfurther information)6 = return PAN as first half of MD5 hash (refer to documentCardGateV4-SM for further information)7 = return PAN as second half of MD5 hash (refer to documentCardGateV4-SM for further information)8..A = reserved

6 Return the Card Type (first two digits of the card) in field 913,(boolean). (V4)

7 Terminal is barred from use. Transaction attempts will returnINF_INVALID, (boolean). (V4)

8 Log sockets client IP address and Port number and authenticated user in


fields 914, 915 and 916, (boolean).

9 Authentication required for SALE above sale limit. (V4)Unauthorised transaction attempts will return ERR_AMOUNT_BAD,(boolean).

10 Authentication for REFUNDS (V4)0 = Authentication not required1 = Authentication required TO the refund limit2 = Authentication required ABOVE the refund limit3 = Authentication required for ANY refundUnauthorised transaction attempts will return ERR_AMOUNT_BAD

11 Authentication required to view terminal status (ie perform Statusimmediate command), (boolean). (V3.8)

12 Return field 917 (year), (boolean). (V4.2)

13 Return Expiry Date in field 912, (boolean). (V4.4)

14 Confirm Command Acknowledgement not required (v4.9)

For example:

# Name changed311000062120500 82120507 76749 111021 My business311000062120500 82120508 44366 001021 My business

311000062121300 82121300 37962 111100 Your business311000062121300 82121301 05589 111100 Your business311000062121300 82121302 05349 111100 Your business

# No refunds wanted on the following311000062121300 82121301 05589 1111000002 Joes 0 50000

A sample terminal definition files is provided in the software distribution as “terminalv4-sample.txt”.

2.2.2 Sequence number filesA sequence number file is maintained in the CardGate directory for each Merchant ID (CAIC) that is tohave file mode input to record the highest sequence number received from the Merchant Application.The file name is simply the CAIC number with a ".TXT" extension eg:

311000062121300.TXT

The contents of the file is a six ASCII digit sequence number, for example:

016001

With Version 4, this file will be automatically created if it does not exist, which will be the case whenadded a new merchant facility.

2.2.3 Remembered state fileCardGate maintains the current state of each virtual terminal in file “STATE.DAT”. It is used to ensurethat any outstanding transactions are completed in the event of an outage. It is important that this filenot be deleted as it holds the Systems Trace Audit Number for each virtual terminal .

With Version 4, every time CardGate is started, the current state.dat file is first written to a backup filenamed state.YYYYMMDD-HHMMSS.dat where “YYYYMMDD-HHMMSS” represents date andtime, eg state.20050406-091431.dat. This is done BEFORE it is updated with any new or deletedvirtual terminals.

With Version 4, a registry value has been added, “State Backup File” which allows for the state file tobe mirrored to a second file. This proves useful for backup and recovery procedures and it isrecommended that this facility be enabled.


2.2.4 Warning bulletin fileThe optional warning bulletin file holds card numbers and partial card numbers that will optionally besearched (if the Warning Bulletin Lookup flag is set in the terminal definition file) for pre-authorisation, financial and offline transactions.

This file is also searched with the "W" warning bulletin look up transaction. All these transactions willreturn INF_WARNING_LIST if a match is found in the file.

The file is ASCII text, one record per line. In the example below, 4015200000000001 and4015200000000012 will be matched with the first record.

Here is an example of the file's layout:

401520 ALL CARDS40283800081820204028380009093697407220201083383540722020108469024072202010851969

Note that if the Warning Bulletin Directory is set in the registry, CardGate will monitor it for anydirectory changes. As soon as a new file is written to this directory, CardGate will reload the warningbulletin file to memory. For this reason, the warning bulletin directory should only contain one file, thewarning bulletin file. This allows, for example, daily updates to the warning bulletin list withoutrestarting CardGate.

2.3 Operating System SettingsCardGate PC must be using the TCP/IP protocol stack if the sockets interface is to be used. The modemdevice driver and settings must be set up if dial up access is required.


3. Interapplication Communications

3.1 System PartitioningMerchant Applications can connect with the CardGate Payment Gateway in a variety of ways:

Merchant Application--LAN--CardGate—Comms--COMMLINK

Merchant Application--Custom Interface--CardGate--C omms--COMMLINK

3.2 Interfacing with CardGateThere are two methods of inter-application communication provided by CardGate, file and sockets.

3.2.1 File methodThe Merchant Application may communicate with CardGate by writing standard tab delimited ASCIItext Request files (name with file extension ".REQ") to the Request directory (as configured in theregistry). The gateway reads these request files, performs the transactions and responds by writing aRecord Of Transaction response file with the ".ROT" extension. These files hold all bank responsesand CardGate rejected requests. Once the request file has been completely read, its' extension isrenamed from ".REQ" to ".FIN".

For

Request Directory = REQUEST\

Response Directory 0 = RESPONSE\

REQEST\SAMPLE.REQ � Processed by CardGate � RESPONSE\SAMPLE.ROT

� renamed on completion � REQUEST\SAMPLE.REQ of read


3.2.2 Sockets methodCardGate provides a standard "sockets" interface to allow inter-application communications with aMerchant system over a TCP/IP network. It acts as a sockets server, listening on a user configurableTCP/IP port (default is port 4000).

The sockets interface is typically used when a "real-time" response is required, for example to respondto a card holder waiting on the end of a telephone conversation for confirmation of a credit cardpayment request.

Some pseudo code follows:

// create the socketsh = socket(PF_INET, SOCK_STREAM,…);// Initialise host socket address to connect withsa.sin_addr = "128.23.23.1"; // IP address of CardGa te PCsa.sin_port = 4000; // port number used by CardGate

// seek a connectionok = connect(sh,sa)if ok == 0 do{ SeqNr = SeqNr + 1; // Bump SeqNr

// get request for credit card transactionGetRequest(&request);send(sh, request); // send to hostStartTimer;ok = recv(sh,response); // receive from host

if (ok > 0){ // we have a response - act on it

ActOnResponse(&RxSeqNr);StopTimer(RxSeqNr);// acknowledge receipt of response to CardGatesend(sh, 'C'+ RxSeqNr);

}elseif (timeout){ // timed out - ask CardGate to reverse

// original transactionsend(sh, 'V' + SeqNr);// Let the requesting process know we had a problemErrorReport(SeqNr);

}} while(not finished);closesocket(sh);

To learn more about sockets programming, refer to "Windows Sockets Network Programming" by BobQuinn and Dave Shute, published by Addison Wesley. Microsoft's web site also has extensiveinformation on Winsock programming. A sample Visual Basic 5 client application is listed inAppendix D.

3.3 Custom InterfacesCustom Interfaces can be written to interface a Merchant Application with CardGate. They willtypically be written to connect a Merchant Application which is not readily modifiable to communicatedirectly with CardGate.

Reference client applications, including source, are provided here:

http://www.cardgate.net/cardgate


4. Merchant Application Data InterchangeThe Merchant Application initiates all exchanges of messages with CardGate, passing a request toCardGate to perform a task. On completion of the task, CardGate passes back a response.

The response is written to a Record Of Transaction file and/or the socket interface (if this is where therequest came from).

4.1 Record StructureMerchant Application requests and CardGate responses use simple tab delimited ASCII text records.The format of these records are:

a) fields made up of printable ASCII characters (ie 20h to 7Fh)

b) tab (<HT>) control characters (ie 09h) which act as field delimiters, and,

c) carriage return/line feed (ie 0Dh/0Ah) control character pairs that act asrecord delimiters.

This record format was chosen as it provides a universal format which is independent of machine,operating system and other program specifics.

4.2 CardGate Responses CardGate responses consist of :

a) ASCII representation of the raw response from the Bank host.

b) CardGate generated fields.

Each response field is prepended with a three ASCII digit "bit number" followed by the "=" symbol.For example, bit 11 is the systems trace audit number, an example being "011=123456".

Each field is returned in bit number ascending order, with bit "000" being the message type identifier.Refer to the Commonwealth Bank specifications for an explanation of bit numbers and the responsesexpected.

Bit numbers 900 and above are generated by CardGate, not the Bank network.

All fields may not necessarily be returned, eg bit 910 will only be returned when bit 039 is present.

Bit No Field Length Contents

900 Source ID ..20 From the request, eg "PC23"

901 Sequence number 6 From the request, eg "001345". Note, formatted tosix digits, zero filled. So, in this example, the requestcould have had "1345".

902 Reference text ..40 From the request, eg "Invoice 123"

903 CardGate Error Code ..6 eg 20

904 CardGate Response Text ..80 eg "ERR CHECK DIGIT"

910 Bank suggested response ..80 Bank suggested message to display for the bankresponse given in bit 039 eg "Do not honour"

911 Primary Account Number ..19 Optional field (refer to flags in terminal definitionfile).

From the request. Is either the FULL PAN withblanks, etc removed. Eg "5353100000000000",OR,the TRUNCATED PAN, eg first six digits, dot, lastthree digits of the PAN, eg "535310.001"(V3.8)

912 Expiry date 4 Optional field (refer to flags in terminal definitionfile).


From the request. YYMM format. (V3.2)

913 Card Type 2 Optional field (refer to flags in terminal definitionfile).

From the request. Is the first two digits of the PAN.(V3.8)

914 Client IP Address 11 Optional field (refer to flags in terminal definitionfile).

TCP/IP address in nnn.nnn.nnn format of the socketsclient which made the request. (V3.8)

915 Client Port Address 5 Optional field (refer to flags in terminal definitionfile).

TCP/IP port number in nnnnn format of the socketsclient which made the request. (V3.8)

916 Client user id ..16 Optional field (refer to flags in terminal definitionfile).

Authenticated user id.(V3.8)

917 Year 4 Optional field (refer to flags in terminal definitionfile).

Year returned by PC’s real-time clock.(V4.2)

920 Summary of Transactions “Merchant Side” totals sent out with Reconciliationrequest

930 Command response Response to immediate command (V3.2)


An example of a Record Of Transaction with no CardGate generated errors is:

000=0210 003=003000 004=000000001250 011=006301 012 =092245 013=0113015=1030 039=39 041=82121300 042=311000062121300 90 0=ME 901=001234902=Invoice 123 910=NO CREDIT ACCOUNT

An example of a Record Of Transaction with a CardGate generated error is:

900=001 901=001234 902=Invoice 123 903=20 904=Check Digit Invalid!

4.3 Requests FieldsAll requests to CardGate have five common fields : source id, sequence number, message type,merchant id and reference text.

4.3.1 Source IDWhen there are multiple Merchant Applications (ie clients) communicating with CardGate, the "sourceid" field is used to identify which client generated the request. This field is not used by CardGate forany other purpose other than providing traceability and therefore each client instance should be given aunique source id.

This field is always returned with the response unchanged.

4.3.2 Sequence NumberA Merchant Application sends a request to CardGate with its own unique six digit sequence number toidentify the request. CardGate responds to the request with the same sequence number and is used todetermine which response it belongs to. A sequence number of "000000" means don't care and shouldonly be used with file method of input for test purposes.

With file input, the unique sequence number is used to ensure that file transactions are not processedtwice. The sequence number enables a request file to be partially processed, then input again intoCardGate without fear that transactions will be doubly processed. This is achieved by holding thehighest sequence number processed on file. If a higher sequence number is received, this number isstored to file, otherwise, if the number is less than that on file, it is rejected with the CardGate errorcode 21 - "Sequence number too low!". The file used to store these sequence numbers has the CAIC(merchant id) number as its name, eg "3110000612345.".

This field is returned with the response (beware that it may be reformatted).

4.3.3 Message TypeThe Message Type field is used to indicate the sort of request.

4.3.4 Merchant IDThe Message ID (Card Acceptor Identification Code) is used by the host to determine which merchantthe transaction is for.

4.3.5 Reference TextThis field is simply returned with the response. It is use for private purposes by the MerchantApplication, typically to provide a key to the originating transaction.


4.4 Non-Financial Authorisation / Financial Transaction Request /Warning Bulletin LookupA non-financial authorisation request is where the card issuer's pre-approval of a transaction is sought.When this approval is given, an approval code is provided as proof of the approval. The pre-authorisedtransaction is not captured for settlement. This request is commonly referred to as a "Pre-Authorisation".

A financial transaction request is where the card issuer's approval of a sale transaction is sought. Ifapproved, the transaction is used for settlement. This request is commonly referred to as "Financial orFor Value" request.

With CardGate Version 3 and upwards, the "W" warning bulletin lookup message type has been added.This command instructs CardGate to verify the check digit of the card number, the expiry date and lookup the optional Warning Bulletin file (refer to 2.2.3 Warning Bulletin file). With this command, aCardGate error response is always returned. If the card number passes all checks,INF_NO_WARNING will be returned; INF_WARNING_LIST if found in the warning bulletin file,INF_EXPIRY_DATE if the expiry date is not valid or INF_CHECK_DIGIT if the card number is inerror.

As these requests require essentially the same data they are grouped together in this description.

Pos Field Name Length Contents

0 Source ID ..20 Returned with response as bit number 900.This field is typically used as the Merchant Application originatedsource id that uniquely identifies which application or clientgenerated this transaction, eg "PC23"

1 Sequence Number 6 Returned with response as bit number 901 (formatted as six digits,zero filled)

This is the Merchant Application originated transaction sequencenumber. When combined with the Source ID it uniquely identifiesthe transaction for a given online client. In the file method, it is usedensure that batches are not doubly processed for a given MerchantID. This number remains unchanged throughout the duration of thetransaction. The sequence number will be incremented by theMerchant Application for every new transaction. It starts from"000001" and increments upto "999999" and wraps around to"000001" again."0" means don't care.

2 Message Type 1 "A" - Pre-Authorisation Request; "a" - Training Mode"F" - Financial Transaction Request; "f" - Training Mode"W" - CardGate Warning Bulletin lookup and Card Number /Expiry Date check

3 Card AcceptorIdentificationCode

15 Supplied by the bank. This code must be listed in the terminalconfiguration file.

4 Reference text ..40 Returned with response as bit number "902"

5 Transaction Type 1 "S" - Sale"R" - Refund (only relevant for message type "F")

6 Primary AccountNumber

..19 eg "535001231123345". May contain blanks or "-" characters

7 AmountTransaction

..12 Whole cents eg "1234" for $12.34

8 Expiry Date 4 YYMM eg "9610"

9 CVC2 Data ..6 This optional field may contain


- three digit CVC 2 data for MasterCard, or,- six digit CVC 2 data for Visa. (V3.3)

NOTE – As Commlink HAS NOT implemented CVC2 input, doNOT use this field!


4.4.1 Authorisation /Financial Transaction ResponseThe following is CardGate's response to an authorisation request/financial transaction request, whenthere is no CardGate generated error.

For sockets interface requests, CardGate optionally writes the response to a "Record Of Transaction"log file named after the requesting Merchant ID appended with the ".ROT" extension, eg"311000062121706.ROT". This option is enabled in the flags field in the terminal.txt configurationfile.

Note that the fields with bit numbers 0 to 128 are what the bank returns and are not manipulated byCardGate (other than reformatting them into ASCII and appending the bit number). TheCommonwealth Bank specification should be referred to.


000 Message Type 4 "0110" for Non-Financial Authorisation RequestResponse "0210" for Financial Transaction RequestResponse "0430" for Reversal Advice Response

003 Processing Code 6 as set in the request (hidden), ie "003000" for transactionauthorisation or sale transaction. "203000" for refund"223000" for void of transaction

004 Amount Transaction 12 eg "000000001234" for $12.34 as in request

011 Systems Trace AuditNo.

6 Uniquely identifies the transaction as in request (hidden)

012 Time, local transaction 6 hhmmss eg "120254"

013 Date, local transaction 4 mmdd eg "1129"

015 Date Settlement 4 mmdd eg "1130" Date on which settlement with themerchant is to occur.

037 Retrieval ReferenceNo.

12 This number is generated by the host and shall be used toreference a transaction for further processing.

038 Authorisation IDresponse

6 When the Response Code is "00" (approved), this fieldcontains the approval code for the transaction. When theResponse Code is "02", this field contains the Bankreferral number. This field will not be present forMessage Type "0430" - Reversal Advice Response

039 Response Code 2 See Appendix A for details eg "05".

041 Card Acceptor SystemID

8

042 Card Acceptor IdCode

15

900 Source ID ..20 From the request

901 Sequence Number 6 From the request but formatted as six digits, zero filled.

902 Reference ..40 From the request

910 Response Text ..80 Generated by CardGate. Provides textual description toBank response code. See Appendix A eg "DO NOTHONOUR"


..19 Optional field (refer to flags in terminal definition file).

From the request. Is either the FULL PAN with blanks,etc removed. Eg "5353100000000000",OR, is the TRUNCATED PAN, ie the first six digits, dot, last


three digits of the PAN, eg "535310.001" (V3.2)

912 Expiry Date 4 Optional field (refer to flags in terminal definition file).

From the request. YYMM format. (V3.2)

913 Card Type 2 Optional field (refer to flags in terminal definition file).


914 Client IP Address 11 Optional field (refer to flags in terminal definition file).


915 Client Port Address 5 Optional field (refer to flags in terminal definition file).

TCP/IP port number in nnnnn format of the sockets clientwhich made the request. (V3.8)

916 Client user id ..16 Optional field (refer to flags in terminal definition file).


917 Year 4 Optional field (refer to flags in terminal definition file).



4.4.2 Authorisation / Financial AcknowledgmentWhen using the sockets method for interfacing with CardGate, it is the Merchant system'sresponsibility to positively acknowledge reception of an Authorisation or Financial Response fromCardGate.

This requirement for positive acknowledgment is imposed by CardGate. The methodology has beendesigned to ensure that the Merchant system has concluded the transaction, and has left the card holderunderstanding the outcome of the transaction. This is particularly important in fully automated Internetand Interactive Voice Response systems. For example, if a card holder prematurely hangs up a callbefore the Bank response is received, then the Merchant system should not accept payment as theservice has not been delivered.

Upon receiving a Bank a "0110" or "0210" message type response to an Authorisation or Financialrequest, the Merchant system must acknowledge reception by sending a 'C' positive acknowledgmentmessage as detailed below.

If this message is not received by CardGate within 30 seconds, or a 'V' negative acknowledgmentmessage is sent instead of the 'C' message, the original request is automatically reversed (ie a 0420message is sent). A reversal with response code of 00 means that the financial capture was cancelledwith the Bank. Note that for successful authorisation/financial request the authorisation (ie reservationof funds) is NOT cancelled by a reversal.

Upon initiating a reversal, CardGate will send the socket a reversal pending message (see the nextsection) to the Merchant Application. When the reversal is concluded by the Bank, it will respond witha 0430 'Reversal Advice Response' message.

Field No Field Length Contents

0 Source ID ..20 As in the request.

1 Sequence Number 6 As in the request

2 Message Type 1 "C" - Confirm (ie Positive Acknowledgment)

"V" – Reverse Financial request (ie Negative Acknowledgment)

3 Card AcceptorIdentification Code

15 Supplied by the bank. This code must be listed in theterminal configuration file.

4 Card AcceptorTerminal ID

8 For Message Type ‘C’ only.This field is optional but it is should be used.

If the CATID field is supplied, then this is used insteadof the Source ID and Sequence Number fields to identifywhich Virtual Terminal to clear.

5 Systems Trace AuditNumber

6 Indicates that this is an “Enhanced Confirm” command(V4.06)

This is the STAN of the transaction that is beingconfirmed. Will ellicit a response from CardGate.


Here is an example of the message protocol:

Merchant App CardGate Host Comments Case 1 – normal‘F’Request 1 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 Record Of Transaction

Received by merchant‘C’ -> Confirm command

Trans#1 completed

Case 2 – negative ack‘F’Request 2 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 Record Of Transaction

Cardholder hangs up or message not received‘V’ -> Negative acknowledgement <-903=25 904=Reversal Pending CardGate Response 0420 -> Reversal Request <- 0430 Reversal Response

<-000=0430 Record Of TransactionTrans#2 reversed

Case 3 – no ack‘F’Request 3 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 Record Of Transaction

Cardholder hangs up or message not received30 seconds No acknowledgement <-903=25 904=Reversal Pending CardGate Response 0420 -> Reversal Request <- 0430 Reversal Response


4.4.2.1 Enhanced Confirm

The “Enhanced Confirm” command has been added with Version 4.06 of CardGate. It is designed foruse when there is, for example, unreliable socket communications (eg via the Internet) between theMerchant Application and the CardGate payment gateway. When this command is used, CardGate willacknowledge receipt of the command by responding with a CardGate Response, ie anacknowledgement of the acknowledgement.

The normal Confirm command is changed to a Enhanced Confirm command by adding the STAN infield five.


Here is an example of the message protocol using the “Enhanced Confirm” command:

Merchant App CardGate Host Comments Case 4 – normal‘F’Request 4 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 011=000004 Record Of Transaction

Received by merchant‘C’…’000004’ -> Enhanced Confirm <-903=60 904=OK Trans#4 committed so CardGate Acknowledges Confirm received

Trans#4 completed

Case 5 – Confirm not received by CardGate‘F’Request 5 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 011=000005 Record Of Transaction

Received by merchant‘C’…’000005’ -X Enhanced Confirm sent Not received by CardGate!10 second timeout No response received by Merchant – resends after 10 second timeout.‘C’…’000005’ -> Enhanced Confirm resent <-903=60 904=OK Trans#5 committed so CardGate Acknowledges Confirm Received

Trans#5 completed

Case 6 – CardGate Acknowledgement not received‘F’Request 6 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 011=000006 Record Of Transaction

Received by merchant‘C’…’000006’ -> Enhanced Confirm sent X- 903=60 904=OK Trans#6 committed so CardGate Acknowledges Confirm Received, BUT it is not received by merchant10 second timeout No response received by Merchant – resends after 10 second timeout.‘C’…’000006’ -> Enhanced Confirm resent <-903=60 904=OK CardGate Acknowledges Confirm Received

Trans#6 completed


Case 7 – Late Enhanced Confirms‘F’Request 7 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 011=000007 Record Of Transaction ‘C’…’000007’ -X Enhanced Confirm sent but

Not received by CardGate!10 second timeout No response received by Merchant – resends after 10 second timeout.‘C’…’000007’ -X Enhanced Confirm resent but

Not received by CardGate!10 second timeout‘C’…’000007’ -X Enhanced Confirm resent but

Not received by CardGate!10 second timeout‘C’…’000007’ -X Enhanced Confirm resent but

Not received by CardGate!10 second timeout

As Enhanced Confirm not received by Cardgate 30 sec CardGate timeout <-903=25 904=Reversal Pending CardGate Response 0420 -> Reversal Request‘C’…’000007’ -> Late Enhanced Confirm sent

<-903=25 904=Reversal Pending CardGate Response <- 0430 Reversal Response


‘C’…’000007’ -> Late Enhanced Confirm sent <-903=7 904=SLOT CLASH CardGate Response

‘F’Request 8 -> 0200 -> Financial Request <- 0210 Financial Response <-000=0210 011=000008 Record Of Transaction

Received by merchant‘C’…’000007’ -> Late Enhanced Confirm sent (note STAN is for tran#7 not 8) <-903=51 904=STAN not found! CardGate Response 30 sec CardGate timeout

<-903=25 904=Reversal Pending CardGate Response <- 0430 Reversal Response


In summary, CardGate responses to the Enhanced Conf irm command are:

Response Code(field 903)

Response Text(field 904)

Meaning

60 OK Transaction completed okay

25 Reversal Pending Transaction is about to be revers ed

7 SLOT CLASH Transaction has been reversed

51 STAN not found! A new transaction has beeninitiated on this terminal


4.4.3 ReversalsWhenever the host does not respond to a 0100 or 0200 request within a 30 second timeout period, orthe confirm command has not been received from the merchant application, CardGate willautomatically send a reversal request message to the host. With sockets connections, upon initiating areversal, CardGate will also send a "reversal pending" (error code 25) error message to the MerchantApplication socket so that it may continue on with other processing if desired.

Should a reversal advice response from the host not be received within the agreed timeout period, arepeat reversal request message shall be sent at regular intervals until a response is received. After fiveminutes of no response, the transaction is classed as "sticky" and reported to the record of transactionfile or online sockets connection with a CardGate error “Sticky transaction, possibly stuck” (error code23). After 30 minutes of no response, the sending of repeat reversal requests is aborted and thetransaction is marked as "stuck" and reported to the Windows Event Logging service as well as therecord of transaction file or sockets connection as a CardGate error “Stuck transaction being clearedfrom system! REPORT DETAILS TO BANK!” (error code 24). [Note that merchants typically do notreport stuck transactions to the Bank!]

Note that for successful authorisation/financial request the authorisation (ie reservation of funds) isNOT cancelled by a reversal, just the financial capture.


4.5 Financial Capture Transaction RequestA financial capture transaction request is where the card issuer's approval of a sale transaction issought. If approved, the transaction is used for settlement.

This request is commonly referred to as an "Offline Transaction", or “Forced Post Auth”.


0 Source ID ..20 Returned with response as bit number 900.This field is typically used as the Merchant Application originatedsource id that uniquely identifies which application or clientgenerated this transaction, eg "PC23"

1 Sequence Number 6 Returned with response as bit number 901, formatted as six digits,zero filled.

This is the Merchant Application originated transaction sequencenumber. When combined with the Source ID it uniquely identifiesthe transaction for a given online client. In the file method, it is usedensure that batches are not doubly processed for a given MerchantID. This number remains unchanged throughout the duration of thetransaction. The sequence number will be incremented by theMerchant Application for every new transaction. It starts from"000001" and increments upto "999999" and wraps around to"000001" again.

"0" means don't care.

2 Message Type 1 "O" - Financial Capture Transaction Request"o" - Training Mode - Financial Capture Transaction Request

3 Card AcceptorIdentificationCode

15 Supplied by the bank. This code must be listed in the terminalconfiguration file.

4 Reference text ..40 Returned with response as bit number "902"

5 Transaction Type 1 "S" - Sale"R" - Refund


..19 eg "535001231123345". May contain blanks or "-" characters

7 AmountTransaction

..12 Whole cents eg "1234" for $12.34

8 Expiry Date 4 YYMM eg "9610"

9 Authorisation ID 6 Optional field. Should be used where possible. Alphanumericapproval code - assumed to be the same as that for a priorauthorisation (bit 38).

10 AdditionalAmount

..12 This optional field may contain the tip amount. The tip amount isincluded in the amount transaction. Whole cents eg"100" for $1.00

11 CVC2 Data ..6 This optional field may contain- three digit CVC 2 data for MasterCard, or,- six digit CVC 2 data for Visa. (V3.3)

NOTE – As Commlink HAS NOT implemented CVC2 input, doNOT use this field!


4.5.1 Financial Capture ResponseThe following is CardGate's response to a financial capture transaction request, when there is noCardGate generated error.


000 Message Type 4 "0230" for Financial Capture Response

003 Processing Code 6 As set in the request (hidden), ie "003000" for salecompletion or offline sale transaction; "203000" for anoff-line refund transaction.

004 Amount Transaction 12 eg "000000001234" for $12.34 as in request

011 Systems Trace Audit No. 6 Uniquely identifies the transaction as in request (hidden)

012 Time, local transaction 6 Hhmmss eg "120254"

013 Date, local transaction 4 Mmdd eg "1129"

015 Date Settlement 4 Mmdd eg "1130" Date on which settlement with themerchant is to occur.

037 Retrieval Reference No. 12 This field is optional (typically not returned). Thisnumber is generated by the host and shall be used toreference a transaction for further processing. It isassumed that the retrieval reference number for thesetransactions will be the same number used on any priorauthorisation or transaction


041 Card Acceptor SystemID

8

042 Card Acceptor Id Code 15

044 Additional ResponseData

..25 This optional field may contain the identity of the hostsystem that generated the 0230 response as follows:"00" - unspecified"01" - Response from host"02" - Response from stand-in processor




910 Response Text ..80 Generated by CardGate. Provides textual description toBank response code. See Appendix A eg "APPROVED"


..19 Optional field (refer to flags in terminal definition file).From the request. Is either the FULL PAN with blanks,etc removed. Eg "5353100000000000",OR, is the TRUNCATED PAN, ie the first six digits,dot, last three digits of the PAN, eg "535310.001"(V3.2)

912 Expiry Date 4 Optional field (refer to flags in terminal definition file).From the request. YYMM format. (V3.2)

913 Card Type 2 Optional field (refer to flags in terminal definition file).


914 Client IP Address 11 Optional field (refer to flags in terminal definition file).



915 Client Port Address 5 Optional field (refer to flags in terminal definition file).

TCP/IP port number in nnnnn format of the socketsclient which made the request. (V3.8)

916 Client user id ..16 Optional field (refer to flags in terminal definition file).


917 Year 4 Optional field (refer to flags in terminal definition file).



4.5.2 Financial Capture Response AcknowledgmentWhen using the sockets method for interfacing with CardGate, it is the Merchant system'sresponsibility to positively acknowledge reception of a Financial Capture Response from CardGate.

This requirement for positive acknowledgment is imposed by CardGate. Upon receiving a Bank a"0230" message type response to a Financial Capture request, the Merchant system must acknowledgereception by sending a 'C' positive acknowledgment message as detailed below.

For 0230 Financial Capture responses, if the 'C' positive acknowledgement message is not received byCardGate within 30 seconds, the original request is automatically repeated (ie sent as a 0221 FinancialCapture Repeat).




2 Message Type 1 "C" - Confirm receipt (ie Positive Acknowledgment)



4 Card Acceptor TerminalID

8 This field is optional but it is preferred that it is used.

If the CATID field is supplied, then this is used instead ofthe Source ID and Sequence Number fields to identifywhich Virtual Terminal to clear.

Note that the 0220 messages protocol is fundamentally different to the protocol used with0100/0200 messages. Here repeat messages (0221) are sent UNTIL a 0230 response is received.There is no "reversal" capability.

This means that if the Merchant Application does not get a response for whatever reason, itshould not re-send the offline transaction as it may cause the cardholder to be multiply debited asthere is a possibility that the Bank has responded to the stuck transaction. Please contactCardGate.net for further advice.

Here is an example of the message protocol:

Merchant Application CardGate Comments

"O" Request 1 � 0220 Request sent to Bank

0230 Bank Response

Response 1 Received ok

Positive Acknowledgment� Transaction 1 completed ok

"O" Request 2 � 0220 Request sent to Bank

0230 Bank Response

Message not received by Merchant

No acknowledgment � 0221 Request Repeat sent to Bank

0230 Bank Response Transaction 2 completed


4.6 Reconciliation AdviceA reconciliation advice is sent to the host to advise that the Merchant has changed business days.

Pos Field name Length Contents

0 Source ID ..20

1 Sequence Number 6

2 Message Type 1 "R" - Reconciliation Advice

3 Card Acceptor IdentificationCode

15

4 Reference text ..40

5 Card Acceptor Terminal Id 8 eg "82517000"

6 Settlement Date 4 mmdd. The date on which settlement with the merchant isto occur, eg "1130". This field is optional. If left out,CardGate will send the system date.

7 Summary Of Transactions 36 This field shall contain information from the Merchant'spoint of view:Debit count - 6 chars - the number of debits accumulated.Debit amount - 12 chars - the total amount of debittransactions in the system (ie accumulation of the amounttransaction fields of all debit transactions) Credit count -6 chars - the number of credits accumulated.Credit amount - 12 chars - the total amount of credittransactions in the system (ie accumulation of the amounttransaction fields of all credit transactions)

If this field is left blank, then CardGate will use its owninternally maintained Summary Of Transactions record.

New file name 0 ..40 Optional parameter. If this parameter is provided, itindicates to rename the record of transaction file (which,for online transactions is CAIC.ROT where CAIC is theCAIC number eg 311000062000000.ROT, or, for Batchtransactions, the name of the request file) in ResponseDirectory 0 to contents of this field AFTER receipt of thereconciliation response from the Bank. (V3.2)

9 New file name 1 ..40 Optional parameter. As field 8, but for ResponseDirectory 1. (V3.2)

10 New file name 2 ..40 Optional parameter. As field 8, but for ResponseDirectory 2. (V3.2)


4.6.1 Reconciliation ResponseThe following is CardGate's response to an reconciliation advice request when there is no CardGategenerated error.


000 Message Type 4 "0530" for Reconciliation Response

011 Systems Trace Audit No. 6 Uniquely identifies the transaction as in request(hidden)

012 Time, local transaction 6 hhmmss eg "120254"

013 Date, local transaction 4 mmdd eg "1129"

015 Date Settlement 4 mmdd eg "1130"


041 Card Acceptor System ID 8

042 Card Acceptor Id Code 15

062 Summary Of Transactionsnumber

063 Summary Of Transactions 36 This field shall contain information from the host'spoint of view:

Debit count - 6 chars - the number of debitsaccumulated.Debit amount - 12 chars - the total amount of debittransactions in the system (ie accumulation of theamount transaction fields of all debit transactions)Credit count - 6 chars - the number of creditsaccumulated.Credit amount - 12 chars - the total amount of credittransactions in the system (ie accumulation of theamount transaction fields of all credit transactions)




910 Response Text ..80 Generated by CardGate. Provides textual description toBank response code. See Appendix A

920 Merchant View Summaryof Transaction

This field shall contain information from theMerchant's point of view:Debit count - 6 chars - the number of debitsaccumulated.Debit amount - 12 chars - the total amount of debittransactions in the system (ie accumulation of theamount transaction fields of all debit transactions)Credit count - 6 chars - the number of creditsaccumulated.Credit amount - 12 chars - the total amount of credittransactions in the system (ie accumulation of theamount transaction fields of all credit transactions)

4.6.2 Reconciliation Response AcknowledgmentWhen using the sockets method for interfacing with CardGate, it is the Merchant system'sresponsibility to positively acknowledge reception of a Reconciliation Response from CardGate.


This requirement for positive acknowledgment is imposed by CardGate. Upon receiving a Bank a"0530" message type response to a Reconciliation request, the Merchant system must acknowledgereception by sending a 'C' positive acknowledgment message as detailed below.

For 0530 Reconciliation responses, if the 'C' positive acknowledgement message is not received byCardGate within 30 seconds, the original request is automatically repeated (ie sent as a 0521Reconciliation Repeat).




2 Message Type 1 "C" - Confirm receipt (ie Positive Acknowledgment)



4 Card Acceptor TerminalID

8 This field is optional but it is preferred that it is used.

If the CATID field is supplied, then this is used instead ofthe Source ID and Sequence Number fields to identifywhich Virtual Terminal to clear.

Note that the 0520 messages protocol is fundamentally different to the protocol used with0100/0200 messages. Here repeat messages (0521) are sent UNTIL a 0530 response is received.There is no "reversal" capability.

4.6.3 Settlement OptionsThere are a number of options for settlement with the Bank's host.

a) Forced by the Bank. This occurs at roughly 2145hrs each banking day. With this option the Bankdoes not send a specific message to the Merchant containing totals. To obtain the totals, theMerchant must issue a reconcile request after the reconciliation has occurred.

b) Fixed Time. This operates as above but occurs at time nominated by the Merchant (between0100hrs and 2145hrs).

c) Your Option. Settlement request is initiated by the Merchant at a time of their choosing, which theBank responds to with a totals message.

In every case the Merchant will know that settlement has occurred because the settlement date field (bit015) of the NEXT transaction will have "clicked over" to the following business day.


4.7 CardGate Immediate CommandsWith Version 3, "immediate commands" have been introduced. These allow commands to be sent toCardGate in a similar fashion to the Bank transaction requests. Typically these would be sent from aTelnet session to the Listen Port, which is typically port 4000.

All immediate commands have the following format:

Pos Field name Length Contents

0 Source ID ..20 Returned with response as bit number 900.

1 Sequence Number 6 Returned with response as bit number 901

2 Message Type 1 "0" - CardGate Immediate Command

3 Sub Command 1 See table below

4 Parameter 1 ..20 Optional - depends on sub-command




Sub Command Description

C Close (ie shutdown) CardGate application. (V3.8)

Authentication level “system control” required to perform this command.

Parameter 1 is mandatory and is the exit code to be used by the program.

Returns response codes:INF_INVALID – Parameter 1 missingINF_FAIL – not authorised to perform this commandINF_OK

F Set flags/variables. (V3.7). Parameter 1 indicates which volatile variable to set toParameter 2.Parameter 1 meanings:0 – don't set any variable - return values of each variable.1 - set CommsLog to Parameter 22 - set DebugLog to Parameter 23 - set OnlineLog to Parameter 2

Command Response field 930 is returned with further fixed length, comma delimitedand labelled status fields:CommsLog[1]=n,DebugLog[2]=n,OnlineLog[3]=n

Returns response codes:INF_FAIL – not authorised to perform this commandINF_INVALID - Parameter 1 invalidINF_OK

G Global status of CardGate. (V3.2)Returns response code : INF_OK

Command Response field 930 is returned with a comma delimited and labelled fields:

dd/mm/yy hh:mm:ss.mmm, Sockets=n, Active=n, ReversalPend=n, Stuck%=n,Approved=n, Declined-01=n, Declined-05=n, Declined-91=n, Uptime=n

Where:

dd/mm/yy hh:mm:ss.mmm – current time and date


Sockets is the number of socket connections

Active is the number of transacting virtual terminals

ReversalPend is the number of outstanding reversals

Stuck% is the percentage of transactions that are currently being reversed ieReversalPend * 100/Active

Approved is the number of transactions approved since CardGate started

Declined-nn is the number of transactions declined with response code nn sinceCardGate started

Uptime is the number of seconds since CardGate was started.

H Hold All - forces all virtual terminals to return BUSY when a request is made.Returns response codes :INF_FAIL – not authorised to perform this commandINF_OKINF_PENDING – at least one terminal was pending a response

H Hold Merchant Facility (Parameter 1 = CAIC) - forces all virtual terminals associatedwith merchant id CAIC to return BUSY when a request is made. (V4.2)Returns response codes :INF_FAIL – not authorised to perform this commandINF_OKINF_PENDING – at least one terminal was pending a responseINF_INVALID – Merchant id/CAIC not found


K Kill stuck terminal (Parameter 1=CATID)- ie stops repeating reversals and logs toEventLog. (V3.05) Returns response codes:INF_FAIL – not authorised to perform this commandINF_INVALID if CATID not foundINF_OK

L Login /logout user. (V3.09)

If logged in and no parameters, then this command logs out the user.

Parameter 1=user idParameter 2=authenticatorParm3=random (optional)Parm4=encryption key (optional) – indicates to encrypt this channel

Returns response codes:INF_FAIL – not authorised to log inINF_INVALID – number of paramaters incorrectINF_OK – logged in okay

M Get Modem Status (Parameter 1 empty or 0). Returns response codes:INF_NOT_READY - hung upINF_PENDING – is diallingINF_REVERSAL_PENDING – online, but last transaction is reversal pendingINF_OK – online

M Hangup Modem (Parameter 1 = 1). Returns response codes:INF_FAIL – not authorised to perform this commandINF_OK

M Dial Modem (Parameter 1 = 2). Returns response codes:INF_FAIL – not authorised to perform this commandINF_OK

N Rename file Parameter 1 in all three response sub-directories. (V3.5)Parameter 2 = new name for ResponseDirectory0 fileParm3 = new name for ResponseDirectory1 fileParm4 = new name for ResponseDirectory2 fileReturns response codes:INF_OKINF_FAIL.

Q Closes the socket that this request has come from. (V3.3)Returns response code: INF_PEND.

R Release All – releases all virtual terminals from the Hold state.Returns response code:INF_FAIL – not authorised to perform this commandINF_OK

R Release Merchant Facility (Parameter 1 = CAIC) - releases all virtual terminalsassociated with merchant id CAIC from the Hold state. (V4.2)Returns response code:INF_FAIL – not authorised to perform this commandINF_OKINF_INVALID – Merchant id/CAIC not found


S Return status of Virtual Terminal (Parameter 1 = CATID or virtual terminal number(1..)). (V3.2)

Returns response codes:INF_FAIL – not authorised to perform this commandINF_INVALID – Terminal number/CATID not foundINF_NOT_READY - waiting for host connectionINF_IDLE – ReadyINF_PENDING – Waiting on responseINF_REVERSAL_PENDING - Waiting on reversal response

Command Response field 930 is returned with further fixed length, comma delimitedand labelled status fields:

dd/mm/yy hh:mm:ss.mmm - current date & timeCATID=nnnnnnnn - CATID of terminal being interrogatedSTAN=nnnnnn – Systems trace audit numberInUse=n - 0 if idle, 1 if in useState=nn - where nn = 00 NOT READY 1 01 WAIT LOGON 02 READY 03 WAIT RESPONSE 04 reserved 05 WAIT ACK 06 NOT READY 2 07 WAIT ADVICE RESPONSE 08 NOT READY 3

Retries=nnn – number of retriesSecsLeft=nnn – countdown timer - seconds before timeoutDebits=nnnnnnnnn - number of debit transactions since last forced reconciliationDebitAmt=nnnnnnnnnnnn - amount in cents of debit transactions since last forcedreconciliationCredits=nnnnnnnnn - number of credit transactions since last forced reconciliationCreditAmt=nnnnnnnnnnnn - amount in cents of credit transactions since last forcedreconciliationLabel=aaaaaaaaaaaaaaaaaaaa - comment field from terminal.txt

U Update virtual terminals from terminal.txt file. (Parameter 1 empty or 0) (V3.6) Returnsresponse codes:INF_BUSY - if could not proceed due to terminals being busyINF_FAIL – not authorised to perform this commandINF_OK.

U Update access control list from cardgate.acl file. (Parameter 1 not 0) (V3.9) Returnsresponse codes:INF_FAIL – not authorised to perform this commandINF_OK

V Add virtual terminal to terminal.txt file. (V3.7) Parameters 1onwards represent each tabdelimited field in the text file, ie Parameter 1= CAIC, Parameter 2=CATID,Parm3=Key, Parm3=Flags, Parm4=Comment, Parm5=SpareReturns response codesINV_INVALID - not enough fields (must have at least Parameter 1..Parm3)INF_OK


For example, to hang up the modem, issue the following:

0 0 0 M 1

The response would be:

900=0 901=000000 902=CMD[M,1,0,,,] 903=60 904=OK914=127.0.0.1 915=3814 916=myid

To return the status of virtual terminal with CATID 82512345, issue this:

0 0 0 S 82512345

If the state of the virtual terminal is waiting for a reversal, the response would be:

900=0 901=000000 902=CMD[S,82512345,,,] 903=25904=Reversal Pending! 914=127.0.0.1 915=3814916=myid 930=20/04/2001

17:48:03.172,CATID=82512345,STAN=001234,Inuse=1,Ret ries=001,Secs=010,Debits=000000231,DebitAmt=000001234567,Credit s=0,CreditAmt=000000000000,Label=Dev

4.8 Training Mode / Host EmulationTo aid in the integration process, CardGate Version 3 provides Training Mode with the Pre-Authorisation, Financial and Financial Capture transactions. Here, Bank responses are emulated whenthe appropriate message type (ie "a", "f" or "o") is used. Note that for sockets communications, theemulated response is NOT saved to the Record Of Transaction file, thereby allowing Training Mode tobe safely used with a LIVE CardGate system for development and training purposes.

Test Mode is another integration facility provided by setting the registry entry "Test Mode" to 1. HereCardGate emulates host responses for ALL requests put to it.

With both Training and Test modes, the responses will differ from a live response in a number of ways.

A) The Systems Trace Audit Number is "000000", which is illegal in the LIVE system.

B) Bit 37, Retrieval Reference Number, is returned for approved transactions as "999999999999". Itis typically not returned in LIVE responses.

C) Bit 38 is not returned for approved transactions, whereas it typically is in LIVE responses.

D) The response will consistently come back within 2 seconds.

Training and Test modes were not designed to be used for advanced testing of Merchant Systems. TheBank's development system should be used for this. It was provided to assist in the early stages ofsystems integration and debugging. For example, Training and Test Modes don't handle reversals orreconciliation requests.


5. Traceability, Logging and Anomalies

5.1 CardGate Record Of Transaction LogCardGate keeps a Record Of Transaction (ROT) log file of all bank responses and CardGate errorresponses for rejected requests for batch files. Record of Transaction files are also optionally writtenfor sockets connections (as flagged in the terminal.txt configuration file) (this is highly recommended).

Each of these log records has the Merchant Application's originating source id/sequence number andMerchant Application's originating reference text appended.

The bank traces transactions by way of the Systems Trace Audit Number (STAN) and the CardAcquirer Terminal ID (CATID) pair. These numbers are assigned by CardGate to each request sent tothe bank.

Transactions can be traced through the system from the Merchant Application's end by using thereference text (typically a customer or invoice number) and matching it in the Record Of Transactionlog to the assigned CATID and STAN. Conversely, given a transaction from the bank side, using theCATID and STAN, one can trace this back to the originating request.

5.2 Monitor LogCardGate optionally maintains a local time stamped log file of high level transactional details. It is astandard ASCII text file that can be viewed with the Windows Notepad text editor. This log file is"MONITOR_YYYYMMDD.TXT" (where YYYYMMDD represents the date).

It is recommended that this logging facility be enabled as it proves most useful in tracking downproduction issues. To enable it, you set the registry value “Debug Log” to 1.

Each line in the log is time stamped and represents an activity of note. Here is a typical line:

04/04/2005 13:00:49.653 Tx(0100,23000001,000011,00,te st)

The activities logged are:

Meaning Template

Message sent to host Tx(MessageType,CATID,STAN,00,Co mment)Eg:Tx(0200,82121700,010094,00,DEV)

Message received from host Tx(MessageType,CATID,STAN ,ResponseCode,Comment)Eg:Rx(0210,82121700,010094,56,DEV)

Acknowledgement fromMerchant Application

Ak(Type,CATID,STAN,Comment)Where type = CONF, CONFE, VOID, VOIDE, NONE, LATE,BADSTANEg:Ak(CONF,82121700,010094,DEV)

CONF – Confirm command received okayCONFE – Enhance Confirm command received okayVOID – Void command receivedVOIDE – Enhance Void command receivedNONE - acknowledgement NOT been received from themerchant application within 30 secondsLATE – Confirm command received too late,transaction has been reversedBADSTAN – STAN in confirm command not found.

Terminal busy, cannot sendaccept transaction request

Busy(CAIC,Comment)Eg:Busy(3110000620000, DEV)

Simulated Message to host ST(MessageType,CATID,STAN, 00,Comment)Eg:ST(0200,82121700,010094,00,DEV)

Simulated Message received SR(MessageType,CATID,STAN ,ResponseCode,Comment)Eg:


Rx(0210,82121700,010094,56,DEV)

Message could not betransmitted as waiting onACK from communicationsadapter

WA(slot,CATID,STAN,Comment)

Connected state Disconnected

Connected state Connect

Data Carrier Detect DCD Down

Data Carrier Detect DCD Up

Reset Modem ResetModem

Asserting Data TerminalReady/Request To Send pinson communications port

Assert DTR/RTS

Update command issued andhave held all terminals(return Busy!)

Global(Hold,Update Cmd)

Update command completed andhave released all terminals

Global(Release,Update Cmd)

Hold command issued Global(Hold,Hold Cmd)

Release command issued Global(Release,Release Cmd)

Hold all terminals (returnBusy!) as could not writeout to any Record OfTransaction files

Global(Hold,Write Fault)

Confirm CONF

The monitor log proves to be most useful for tracking issues. A number of examples are providedbelow in tracking various scenarios.

Normal pre-authorisaton transaction sequence. You c an determine turnaraound time forhost response, the transaction was declined with re sponse code 56:04/04/2005 13:00:49.653 Tx(0100,23000001,000011,00,te st)04/04/2005 13:00:59.267 Rx(0110,23000001,000011,56,te st)04/04/2005 13:00:59.397 Ak(CONF,23000001,000011,test)

Normal financial transaction sequence.04/04/2005 16:20:24.407 Tx(0200,23000001,000014,00,TE ST)04/04/2005 16:20:25.599 Rx(0210,23000001,000014,56,TE ST)04/04/2005 16:20:25.719 Ak(CONF,23000001,000014,TEST)

Communications adapter going offline and then back on:04/04/2005 12:10:27.648 DCD Down04/04/2005 12:10:27.658 Disconnected04/04/2005 12:14:25.660 DCD Up04/04/2005 12:14:25.670 Connect04/04/2005 12:25:13.712 DCD Down04/04/2005 12:25:13.712 Disconnected04/04/2005 12:25:45.297 DCD Up04/04/2005 12:25:45.297 Connect

No bank response after timeout, so reversal request sent and then reversal responsereceived:04/04/2005 12:56:59.402 Tx(0100,23000001,000142,00,te st)04/04/2005 12:57:27.442 Tx(0420,23000001,000142,01,te st)04/04/2005 12:57:57.496 Tx(0421,23000001,000142,02,te st)04/04/2005 12:57:59.198 Rx(0430,23000001,000142,21,te st)

No bank response at all, so reversal request sent f ollowed by multiple reversalrequest repeats:04/04/2005 16:24:07.207 Tx(0200,23000001,000015,00,te st)04/04/2005 16:24:37.371 Tx(0420,23000001,000015,01,te st)04/04/2005 16:25:07.414 Tx(0421,23000001,000015,02,te st)04/04/2005 16:25:37.457 Tx(0421,23000001,000015,03,te st)04/04/2005 16:26:07.490 Tx(0421,23000001,000015,04,te st)


04/04/2005 16:26:37.524 Tx(0421,23000001,000015,05,te st)04/04/2005 16:27:07.587 Tx(0421,23000001,000015,06,te st)04/04/2005 16:27:37.620 Tx(0421,23000001,000015,07,te st)04/04/2005 16:28:07.653 Tx(0421,23000001,000015,08,te st)04/04/2005 16:28:37.696 Tx(0421,23000001,000015,09,te st)04/04/2005 16:29:07.750 Tx(0421,23000001,000015,10,te st)04/04/2005 16:29:37.793 Tx(0421,23000001,000015,11,te st)04/04/2005 16:34:38.255 Tx(0421,23000001,000015,12,te st)04/04/2005 16:39:38.657 Tx(0421,23000001,000015,13,te st)04/04/2005 16:44:39.079 Tx(0421,23000001,000015,14,te st)04/04/2005 16:49:39.521 Tx(0421,23000001,000015,15,te st)04/04/2005 16:54:39.943 Tx(0421,23000001,000015,16,te st)04/04/2005 16:59:40.385 Tx(0421,23000001,000015,17,te st)

Ran out of available virtual terminsl as indicated by Busy()15/03/2005 17:38:14.629 Tx(0200,23000001,000025,00,te st)15/03/2005 17:38:14.629 Busy(311000062000000,test)15/03/2005 17:38:16.912 Rx(0210,23000001,000025,00,te st)15/03/2005 17:38:16.972 Ak(CONF,23000001,000025,test)

Normal transaction sequence, but no acknowledgement received from the merchantapplication as indicated by Ak(NONE…. This leads to a reversal request being raised.In this case, it is an “Approved Reversal” (funds t aken, then reversal):05/04/2005 02:14:13.544 Tx(0200,23000001,073444,00,te st)05/04/2005 02:14:20.564 Rx(0210,23000001,073444,00,te st)05/04/2005 02:14:46.281 Ak(NONE,23000001,073444,test)05/04/2005 02:14:46.321 Tx(0420,23000001,073444,00,te st)05/04/2005 02:14:50.888 Rx(0430, 23000001,073444,00,t est)

5.2 Monitor Log via Socket StreamAs well as optionally writing to the monitor log file, CardGate Version 4 will write the monitor logoutput to socket clients (eg telnet terminal such as Windows Hyperterminal) that have connected to theCardGate monitor TCP/IP port. The monitor port is the listen port configured in the registry plus one.As the default listen port is 4000, then the default monitor port is 4001.

This enables one to remotely view the real-time status of transactions by simply “telnetting” to port4001 (say). An example command line to run a telnet session to do this is:

telnet 127.0.0.1 4001

5.4 Socket Request LogCardGate optionally maintains a local time stamped log file of all sockets requests to aid tracking ofonline transactions. It is a standard ASCII text file that can be viewed with the Windows Notepad texteditor. This log file is "ONLINE_YYYYMMDD.TXT " (where YYYYMMDD represents the date).

This logging facility should normally only be enabled during integration testing phases of theimplementation and is disabled by default. To enable it, you set the registry value “Online Log” to 1.

The example below shows a typical sockets transaction - at 14:31:43 CardGate received a Financialrequest from the Merchant Application. At 14:31:44, CardGate passed on the Bank response to theMerchant Application. At 14:31:45, the Merchant Application sent a Confirm positiveacknowledgment response.

13/11/1997 14:31:43.310 6000006E O/L Rx 021 037462F 311000062320900 JVD9MVC44BS12GTX00LHR40S11 S4532667109000088 500 9912

13/11/1997 14:31:44.401 6000006F O/L Tx 000=0210003=003000 004=000000000500 011=048268 012=143048 013=1 113015=0225 039=05 041=82320905 042=311000062320900900=021 901=037462 902=JVD9MVC44BS12GTX00LHR40S11910=Do not honour


13/11/1997 14:31:45.403 6000006E O/L Rx 021 037462C 311000062320900 82320905

It is highly recommended that this log be disabled in full production as it:

a) contains card numbers in the clear

b) slows down processing

c) grows quickly

5.5 Host Communications LogCardGate optionally maintains a local time stamped log file of all communications to and from the hostcomputer. It is a standard ASCII text file that can be viewed with the Windows Notepad text editor.This log file is "COMMS_YYYYMMDD.TXT " (where YYYYMMDD represents the date).

This logging facility should normally only be enabled during integration testing phases of theimplementation and is disabled by default. To enable it, you set the registry value “Comms Log” to 1.

Note that three lines are printed for each buffer dump: the first line is the time stamp, the second thehexadecimal value of each character and the third line the ASCII representation of each character.

The example below shows a transaction - at 14:31:43 CardGate sent an 0200 Financial request messageto the host. At 14:31:44, CardGate received an 0210 Financial response message fromt the host.

13/11/1997 14:31:43.430 60000065 Tx 60 bytes

02007024048000C000001645326671090000880030000000000 00500039192991200121538323332303930363331313030303036323332303930300D

. . p $ . . . . . . . E 2 $ q . . . . . 0 . . . . . . . . . .. . . . . 8 2 3 2 0 9 0 6 3 1 1 0 0 0 0 6 2 3 2 0 9 0 0 .

13/11/1997 14:31:44.291 60000064 Rx 1 bytes

60

`

13/11/1997 14:31:44.381 60000064 Rx 59 bytes

000000000210303A000002C0000000300000000000050004826 814304811130225303538323332303530353331313030303036323332303930300D

. . . . . . 0 : . . . . . . . 0 . . . . . . . . . h . 0 H . .. % 0 5 8 2 3 2 0 9 0 5 3 1 1 0 0 0 0 6 2 3 2 0 9 0 0 .

It is recommended that this log be disabled in full production as it:

d) contains card numbers in the clear

e) slows down processing

f) grows quickly

5.6 Event LoggingCardGate makes extensive use of Windows NT Event logging to log application level errors. EventLogging provides a standard, centralized way for applications (and the operating system) to recordimportant software and hardware events. It also supplies a standard user interface for viewing the logsand a programming interface for examining the logs.

The Event viewer is found under the following NT menu structure: Start:Programs:AdministrativeTools(common):Event Viewer.


The Event viewer should be utilised whenever there are problems to be traced. A list of response codesgenerated by CardGate is provided in Appendix B. Note that CardGate only puts "system" and "dataerror" errors to the NT event log. The following error codes are NOT logged :

ERR_BUSY, ERR_DATE_INVALID, RET_REVERSAL, RET_ACK, ERR_CHECK_DIGIT,ERR_EXPIRY_DATE, ERR_REVERSAL_PENDING, FRAME_RX, FRAME_TX,ONLINE_RXand ONLINE_TX.

The NT event will provide the following information:

- Time and date of event.

- Source of the event. This is "CardGate" for CardGate generated events.

- Event id. This corresponds to either a CardGate response code or an operating system error code,eg event id 13 is INF_STARTUP.

- Description. For CardGate response codes, this will contain the corresponding responsedescription as given in Appendix B. It will also give the name of the function that in which theevent was generated, eg "Application starting! InitCG() Win NT".

- Data. Certain events will display binary data that corresponds to important information that willhelp resolve the anomaly. Typically the event description will contain the text "Data is …" toindicate what the binary data represents, eg "Data is rx buffer" indicates that the contents of thecommunications receive buffer is displayed.


5.7 Typical Anomalies

5.6.1 Event ID 7 and ID 37Event ID 7 (ERR_SLOT_CLASH) " Virtual Terminal was found to be NOT in use. ActOnFrame() -Frame received has problem. Data is rx buffer (incl TPDU): "

Event ID 37 (ERR_MSG_TYPE_BAD) "Message Type Identifier unexpected! ActOnFrame() - Framereceived has problem. Date is rx buffer (incl TPDU):"

These events indicate that an unexpected response has been received. Typically this is due to the hostbeing slow to respond, as shown in the following examples:

Tx Rx

0200

0420

0421

0430

0210 � Event ID 7 error - rejected and never seen by Merchant Application

0430 � Event ID 7 error - rejected and never seen by Merchant Application

0200 #1

0420 #1

0421 #1

0430 #1

0200 #2

0210 #1� Event ID 37 error - rejected and never seen by Merchant Application

0210 #2

5.7.2 Event ID 24Event ID 24 (ERR_STUCK_TRANSACTION) "Stuck transaction being cleared from system!REPORT DETAILS TO BANK!"

This event indicates that the 30 minute time out period has expired without a response from the host fora transaction. This is termed a "STUCK TRANSACTION" and the details should be reported to theBank, ESPECIALLY for 0221 Financial Capture Advice.

5.7.3 Event ID 34Event ID 34 (ERR_TPDU_BAD) "Bad TPDU header! Data is rx buffer"

This event indicates that garbage has been received on the communications line. CardGate will recoverif it is not received during a transaction.


6. User InterfaceCardGate's user interface consists of two windows

- the graphical "state view" which shows the state of the application, and,

- the textual "console view", which show events as they happen on a time basis.

6.1 State ViewThe state view provides a method of viewing the real-time activity on the first eight virtual terminals(as defined in the terminalv4.txt file). For each terminal, the CATID, state of the protocol, the countdown timer, retry count and comment is displayed.

The View:Terminal menu option allows the transaction details of a specified terminal to be displayed.

The state view also shows the number of messages sent to, and received from, the host. In the idealsituation, the host messages sent will equal the number of messages received.

An open socket count is also displayed for client, monitor and host (not implemented) connections.

6.2 Console ViewThe console view provides a simple textual log of events as they occur. This provides a means oftracking activity in real time which proves to be useful in production as well as during integrationtesting.

7. SupportCardGate.net provides 24 hour x 7 days per week telephone support via (03) 9582 7099. For non-urgent problem rectification, email [email protected].

The Bank provides 24 hour help desk to support COMMLINK and communications related issues only(ie anything past the computer). Telephone 1800 022 966 and have your Merchant ID (CAIC) orTerminal Number (CATID) ready.

Daily reconciliation reports, report number CM5070, can be ordered from the Bank by phoningMerchant Enquiries on 1800 230 177. This report contains the STAN and truncated credit cardnumbers for each transaction.


8. Revision HistoryIssue Date By Comments

D2 07/07/97 HR Updated to match V2.00 software

D3 17/07/97 HR Fixed sockets example. Added Financial Response Acknowledgment.

D4 28/07/97 HR Added Appendix C for Version 1 differences

D5 03/08/97 HR Expanded sockets example. CardGate now operates with multiplesockets connections. Added write ROT file flag to terminal.txt section.Completed registry section. Added Virtual Terminals, Reversals andVisual Basic sample sections.

1 22/09/97 HR Updated to match V2.07 software– TERMINAL.TXT has starting STAN removed

- Test Mode 1 is now host simulation

- Added Response Directory 1 & 2

2 05/01/98 HR Updated to match V2.17 software- Text for ERR_CHECK_DIGIT changed from "Check digit invalid!"to "Card number invalid!"- Added TestMode 2- Changed BM_ACK to RET_ACK- Changed BM_REVERSAL to RET_REVERSAL- Text for ERR_SLOT_CLASH changed from "A request to transmit amessage from a slot that is not marked as in use has been received." to"Virtual Terminal was found to be NOT in use."- Changed Source ID type from integer to string- Chapter 4 extended- Chapter 5 added

3 07/01/98 HR - Added Appendix E- Added Q5, Z2 and Z3 error codes to Appendix A

4 06/03/98 HR - Added Appendix F - Modem Configuration- Appendix D - Visual Basic Client modified

5 11/03/98 HR - Appendix F - LK 4 and 7 changed to LK 3 and 5.

6 18/03/98 HR - Added Appendix G - Windows NT Configuration

7 14/07/98 HR - Added configuration for Dataplex modem- Added Support section

8 08/10/98 HR - Changed config of modems. Disconnects if no error correction cannotbe negotiated. (Dataplex from &E1 to &E5, Banksia from \N7 to \N2)

9 16/11/98 HR - Enhanced Appendix E - Integration Process to now outline the stepsinvolved in setting up a CardGate system- Modem configuration


10 18/06/99 HR - Updated to Version 3 CardGate - renamed file S200V2TM.DOC toCardGateV3-TM.DOC- Copyright, trademark and confidentiality notice- Configuration of DPX225 modem – 2400 baud is preferred– Added V3 Logged On String 0 & 1 and Warning Bulletin registryvalues– V3 Comms Log registry value – value 2 removed– Added V3 Warning Bulletin lookup flag to TERMINAL.TXT- Added "W" message type - warning bulletin lookup- Added IG6000 and DPX234 modem configurations- Registry sub-key now CardGate not S200- Added "O" Financial Capture message type- Added "0" Immediate Commands message type- Missing Bank error codes added- Various fixes- Added Appendix H - Y2000 Compliance Statement

11 28/03/01 HR - Example of Modem status command response fixed- INF_OK, INF_PENDING, INF_REVERSAL_PENDING andINF_FAIL assignment fixed in Appendix B- Added 4.6.2 - Reconciliation Response Acknowledgement as 0530messages need to be acknowledged- Settlement date in "R" command is optional- Added optional file rename parameters to "R" command (V3.2)- Online Log registry parameter value of 2 (V3.2)- Added "G" immediate command (V3.2)- "S" Immediate Command enhanced (V3.2)- "Q" Immediate Command added (V3.3)- 911, 912, 930 fields added (V3.2)- Setup string for IG6000 modem changed from:AT &F &L1 &D2 B8 M0 Q2 &K3 #MEM0 \N2 %C0 #J0 &Wto:AT &F &L2 &D0 B8 M0 Q2 &K3 #MEM0 \N2 %C0 #J0 &W- Setup string for DPX234-01 modem changed from:AT &F F5 S0=0 &D2 &L1 M0 &E5 &Wto:AT &F F5 M0 &D0 &E6 &K2 &L1 *Q0 S0=0 &C1 &W- Optional CVC2 data for O Command (V3.3)

12 20/04/05 HR Renamed document to CardGateV4-TMUpdated manual for Version 4 release

13 18/05/05 HR Added Monitor log, Enhanced Confirm command, Appendix -Upgrading CardGate from Version 3 to 4.Fixed address, support numbers.Appendix C – version differences – deleted V1, V2, V3Appendix E – Implementation – deleted..

14 16/07/08 HR Clarified Enhanced Confirm CommandAdded Flag 14 to terminalv4.txt – Confirm CommandAcknowledgement not required (v4.09)


Appendix A. COMMLINK Response CodesThe Merchant Application should only accept a financial transaction if the response code returned is'00'.

Code Description Response Text

00 Transaction approved APPROVAL CODE auth no

01 Phone card issuer PLEASE CALL ISSUER

03 Phone the Authorisation Referral Centre ERROR - S/E NUMBER

05 Credit transaction is not allowed DO NOT HONOUR

12 Invalid Transaction - declined ERROR-INVLD TRAN

13 The Transaction Amount is invalid ERROR-INVLD AMOUNT

14 The Card Number is invalid ERROR-INVLD CARD

19 Enter the Transactin again RE-ENTER TRANSACTION

21 No Action is taken for this transaction no message...

25 The Terminal is not Active or Able ERROR-TERM. INACTIVE

30 The message contains invalid Data ERROR-INVLD FORMAT

31 The Card is not accepted by the Host/Interchange ERROR - N S

39 No credit Account attached to Card NO CREDIT ACCOUNT

51 Not sufficient Funds in the Account DECLINED

54 The Card has Expired EXPIRED CARD

56 No record exists for this Card NO CARD RECORD

57 The transaction is not permitted for the Card TRANS NOT PERMITTED

58 The transaction is not allowed at the terminal TRANS NOT ALLOWED

61 The withdrawal limit has been exceeded LIMIT EXCEEDED

76 An incorrect descriptor has been entered ERROR - DESCRIPTOR

91 The Host is currently unavailable - try later ERROR - HOST UNAVAIL.

94 The Sequence Number is incorrect or thetransaction is out of sequence

ERROR - SEQUENCE NO

95 The Reconciliation Totals have not matched No message...

97 Reconciliation Totals have been reset No message...

Q5 Already settled - can't settle twice in a day SYSTEM ALREADY SETTLED

Z2 The transaction has already been reversed No message…

Z3 Transaction amount is greater than authorised AMOUNT TOO LARGE


Appendix B. CardGate Response Codes// Software error trap #0!#define ERR_SOFTWARE_0 1

// Software error trap #1!#define ERR_SOFTWARE_1 2

// Too long!#define ERR_TOO_LONG 3

// Not numeric!#define ERR_NOT_NUMERIC 4

// Invalid!#define ERR_INVALID 5

// Busy!#define INF_BUSY 6

// Virtual Terminal was found to be NOT in use.#define ERR_SLOT_CLASH 7

// Date invalid!#define INF_DATE_INVALID 8

// Reversal requested from Merchant Application.#define RET_REVERSAL 9

// Acknowledgement received from Merchant Applicat ion.#define RET_ACK 10

// Must be in ONLINE mode, not Batch!#define ERR_MUST_BE_ONLINE_MODE 11

// Refunds and Voids barred!#define ERR_REFUND_VOID_BARRED 12

// Application starting!#define INF_STARTUP 13

// Unable to unlock using key!#define ERR_SOFTWARE_LOCK 14

// Not found!#define ERR_NOT_FOUND 15

// Application closing!#define INF_CLOSE 16

// Card number invalid!#define INF_CHECK_DIGIT 20

// Expiry date exceeded!#define INF_EXPIRY_DATE 21

// Message type invalid!#define ERR_MESSAGE_TYPE 22

// Sticky transaction, possibly stuck!


#define ERR_STICKY_TRANSACTION 23

// Stuck transaction being cleared from system! RE PORT DETAILS TOBANK!#define ERR_STUCK_TRANSACTION 24

//// Reversal pending!#define ERR_REVERSAL_PENDING 25

// Reversal!#define ERR_REVERSAL 26

// Missing field or parameter!#define ERR_MISSING 27

// Warning Bulletin Alert!#define INF_WARNING_LIST 28

// No Warning Bulletin!#define INF_NO_WARNING 29

// Timeout!#define ERR_TIMEOUT 30

// Bad frame!#define ERR_BAD_FRAME 31

// Unexpected!#define ERR_UNEXPECTED 32

// Communications error!#define ERR_COMMS 33

// Bad TPDU header!#define ERR_TPDU_BAD 34

// CATID unexpected!#define ERR_CATID_BAD 35

// CAIC unexpected!#define ERR_CAIC_BAD 36

// Message Type Identifier unexpected!#define ERR_MSG_TYPE_BAD 37

// Processing Code unexpected!#define ERR_PROC_CODE_BAD 38

// Amount unexpected!#define ERR_AMOUNT_BAD 39

// INI File/Registry parameter of bad type!#define ERR_INI_BAD_TYPE 40

// INI File/Registry parameter out of range!#define ERR_INI_OUT_OF_RANGE 41

// Sockets error!#define ERR_SOCKETS 42


// Requested CAIC not installed!#define ERR_CAIC_NOT_DEFINED 50

// STAN not found!#define ERR_STAN_NOT_FOUND 51

// Sequence number too low!#define INF_SEQ_TOO_LOW 52

// Sequence number not found!#define ERR_SEQ_NOT_FOUND 53

// OK#define INF_OK 60

// PENDING#define INF_PENDING 61

// REVERSAL PENDING#define INF_REVERSAL_PENDING 62

// FAIL#define INF_FAIL 63

// NOT READY#define INF_NOT_READY 64

// INVALID#define INF_INVALID 65

// IDLE#define INF_IDLE 66

// EMPTY#define INF_EMPTY 67

// Rx Frame#define FRAME_RX 100

// Tx Frame#define FRAME_TX 101// Rx Online Rec#define ONLINE_RX 110// Tx Online Rec#define ONLINE_TX 111// Wait aborted!#define WAITERR_WAITABORTED 120// Wait timed out!#define WAITERR_WAITTIMEDOUT 121


Appendix C. Version Differences

C.1 Version 4 differencesVersion 4 adds a number of improvements. For full details refer to the version history file cardgate-version.txt.

To be completed!


Appendix D. Sample Reference Visual Basic Client' R288C - CardGate Example Client Application (Written in VB5)' Connects to UMD Server/ CardGate using sockets.' Operator inputs Reference, Card Number, Expiry da te and amount' then waits for response from CardGate.' Note that this application is a reference example only,' requires production facilities such as configurat ion parameters.'' Version History' 11/07/97 - HR' - Created' 14/07/97 - HR' - Form_Load() now sets up registry keys BEFORE connecting' 04/03/98 - HR' - Confirm command now matches V2.17 CardGate' - Now confirms 0530 messages as well as 0210'

Dim gstrClientID, gstrCAIC, gstrSeqNr As StringDim gTransactionState As Integer

' Constants used by gTransactionStateConst tsIdle = 0Const tsRequest = 1Const tsAcking = 2Const tsReversing = 3Const tsCompleted = 4

Private Sub Form_Load()' The name of the Winsock control is Winsock1.' Note: to specify a remote host, you can use eithe r the IP address (ex:"121.111.1.1")' or the computer's "friendly" name Dim strEntry As String Dim rc, intEntry As Integer

' Get registry settings for this session gstrClientID = GetSetting("UMD", "UMDR288C", "C lient ID", "000")

' Having a Client ID of 0 implies that this is a new installation ' so set up the registry with new keys If (gstrClientID = 0) Then SaveSetting "UMD", "UMDR288C", "Seq Nr", 1 SaveSetting "UMD", "UMDR288C", "Client ID", "001" SaveSetting "UMD", "UMDR288C", "CAIC", "000 000000000000" SaveSetting "UMD", "UMDR288C", "Remote Host ", "0.0.0.0" SaveSetting "UMD", "UMDR288C", "Remote Port ", 4000 rc = MsgBox("Have set up default Registry k eys", vbOKOnly, "UMD CardGateClient") End If

gstrCAIC = GetSetting("UMD", "UMDR288C", "CAIC" , "ERR NOT DEFINED") gTransactionState = tsIdle

' Get host/port details for socket communicatio ns ' eg "128.0.0.2" Winsock1.RemoteHost = GetSetting("UMD", "UMDR28 8C", _ "Remote Host", "0.0.0.0") Winsock1.RemotePort = GetSetting("UMD", "UMDR28 8C", _ "Remote Port", "4000") TextIP.Text = Winsock1.LocalIP ' display w ho we are

Winsock1.Connect TextStatus.Text = Winsock1.State

End Sub

Private Sub Winsock1_Connect()' Winsock Connect event action TextStatus.Text = "Connected"End Sub

Private Sub SubmitButton_Click()


' Submits the request' ie operator has clicked submit button after filli ng out all fields Dim strRequest As String Dim SeqNr As Long Dim rc As Integer

TextStatus.Text = Winsock1.State If (Winsock1.State = sckConnected) Then ' Stop sending another transaction unless t he last was completed If (gTransactionState <> tsCompleted) And ( gTransactionState <> tsIdle) Then rc = MsgBox("Last transaction not compl ete. Wait!", _ vbOKOnly + vbInformation, _ " CardGate Client Error") Exit Sub End If

TextResponse.Text = "" TextMessage.Text = ""

' Get unique sequence number from registry and bump and save back SeqNr = GetSetting("UMD", "UMDR288C", "Seq Nr") gstrSeqNr = Format(SeqNr, "000000") ' eg convert SeqNr to "nnnnnn"

SeqNr = SeqNr + 1 If SeqNr > 999999 Then SeqNr = 1 SaveSetting "UMD", "UMDR288C", "Seq Nr", Se qNr

' Build request record - "F" for financial transaction, "S" for sale strRequest = gstrClientID & vbTab & _ gstrSeqNr & vbTab & _ "F" & vbTab & _ gstrCAIC & vbTab & _ TextRef.Text & vbTab & _ "S" & vbTab & _ TextPAN.Text & vbTab & _ TextAmount.Text & vbTab & _ TextExpDate.Text & vbCr

' Send request to CardGate gTransactionState = tsRequest Winsock1.SendData strRequest

Else ' could not submit - display error rc = MsgBox("Could not submit request. WSAS tate=" & Winsock1.State, _ vbOKOnly + vbCritical, _ " CardGate Client Error") End IfEnd Sub

Private Sub Winsock1_DataArrival(ByVal bytesTotal A s Long)' Winsock DataArrival event action.' We have recieved a response from CardGate Dim strData As String Dim strField As String Dim strCATID As String Dim rc, State As Integer

TextStatus.Text = "Response received" Winsock1.GetData strData, vbString TextResponse.Text = strData

' Display CardGate error message or CBA suggest ed response text If ParseROT(strField, strData, 904) Then TextMessage.Text = strField ' Display CardG ate error text ' See if this is a "Reversal Pending!" resp onse from CardGate. ' If it is, then this means that we now awa it the Reversal response If ParseROT(strField, strData, 903) Then If StrComp(strField, "25") = 0 Then gTransactionState = tsReversing Exit Sub End If End If

GoTo TransCompleted ' as no need to acknowl edge CardGate Else


If ParseROT(strField, strData, 910) Then '9 10=CBA suggested response If strField = "" Then strField = "Blank CBA message" TextMessage.Text = strField ' Display C BA suggested response Else ' No CardGate error text or CBA sug gested response ' We should not get this! Is a syst em error TextMessage.Text = "No message - system error" End If End If

' Was this a 0210 or 530 response? If so, then we need to acknowledge CardGate ' with a "CONFIRM" command that we have success fully received

' To get here, must have had a CBA response, so no field "000" is ' a system error of some sort? State = 0 If ParseROT(strField, strData, 0) = 0 Then GoTo SanityFail

' We have a CBA Message - extract Message Type If (StrComp(strField, "0210") <> 0) And _ (StrComp(strField, "0530") <> 0) Then GoTo TransCompleted

' We have a 0210/0530 response - respond with ' C' Confirm command ' but some sanity checks first

' Sanity check 1 - does ClientID match that sen t? State = 1 If ParseROT(strField, strData, 900) = 0 Then Go To SanityFail State = 2 If StrComp(strField, gstrClientID) <> 0 Then Go To SanityFail

' Sanity check 2 - does SeqNr match that sent? State = 3 If ParseROT(strField, strData, 901) = 0 Then Go To SanityFail State = 4 If StrComp(strField, gstrSeqNr) <> 0 Then GoTo SanityFail

' Sanity check 3 - have we got a CATID? State = 5 If ParseROT(strCATID, strData, 41) = 0 ThenSanityFail: rc = MsgBox("SEE SUPERVISOR - RESPONSE NOT FOR ME! State=" & State, _ vbOKOnly + vbCritical, " Ca rdGate Client Error")TransCompleted: gTransactionState = tsCompleted TextStatus.Text = "Completed" Exit Sub End If

' Okay - passed sanity checks - send 'C' comman d If (Winsock1.State = sckConnected) Then gTransactionState = tsAcking ' Indicate waiting on ACK to complete Winsock1.SendData gstrClientID & vbTab & _ gstrSeqNr & vbTab & _ "C" & vbTab & _ gstrCAIC & vbTab & _ strCATID & vbCr Else ' Problem! Could not acknowledge 0210 - BE WARE this means that ' the 210 message will be reversed... rc = MsgBox("SEE SUPERVISOR - CANNOT ACK RE SPONSE! WSAState=" &Winsock1.State, _ vbOKOnly + vbCritical, " Ca rdGate Client Error")

End IfEnd Sub

Private Sub Winsock1_SendComplete()' Winsock SendComplete event action.' This either means' a) Financial Request was sent okay' b) An ACK to a Financial Response was sent okay' c) A VOID command was sent okay' Display status of transaction to operator If (gTransactionState = tsRequest) Or _ (gTransactionState = tsReversing) Then TextStatus.Text = "Waiting for response ..." ElseIf gTransactionState = tsAcking Then


TextStatus.Text = "Completed" ' A CK sent ok! gTransactionState = tsCompleted Else TextStatus.Text = "Send completed..." ' c onfusion here! End If

End Sub

Private Sub Winsock1_Error(ByVal Number As Integer, Description As String, ByVal ScodeAs Long, ByVal Source As String, ByVal HelpFile As String, ByVal HelpContext As Long,CancelDisplay As Boolean)' Winsock Error event action TextStatus.Text = "Err:" & DescriptionEnd Sub

Private Sub Form_Unload(Cancel As Integer) Winsock1.CloseEnd Sub


Appendix E. Leased Line ConfigurationPrior to May 2005, the Bank provides a leased line connection between the Merchant's premises and itsEnterprise Network Gateway (ENG) located in Bank branches. This note describes how to configurethe supplied modems to be leased line access.

It is suggested that CardGate be started with a command line parameter that reflects the mode ofcommunication, eg

cardgate Argent.


"\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate Argent"

E.1 CardGate Registry SettingsThe following are the CardGate registry settings that need to be set for leased line operation:

Value name Type Default SET TO

Line Mode 0 DWORD 0 1

Dial up modem access = 0, Leased line modem access = 1


Comms Port string "COM2" As appropriate

When Line Mode 0 = 1 (ie leased line mode) indicates which communications port to use for the modemconnection.


Comms Mode string "9600,N,8,2" "2400,N,8,2"

When Line Mode 0 = 1 (ie leased line mode) this string is used as the mode command to configure thecommunications port indicated in Comms Port.

E.2 Telecom side cableCardGate.net will supply a modem cable pre-configured for leased line connection. This documents thearrangement.

Telecom will install a two wire leased line in the Merchant's premises, terminated with a standard 6way telephone socket with wires being located on pins 4 and 6.

Wires on pin 4 and 6 on the telecom jack need to be connected to pins 2 and 3 (ie the middleconnectors) on the four way modular RJ-12 connector as detailed below.

E.3 Netcomm IG6000The IG6000 has no internal switch settings to be altered, it is configured completely by command.

The Bank ENG standard rate for COMMLINK is 2400 baud. Use the following string to configure themodem (exactly in this order):

AT &F &L2 &D0 B8 M0 Q2 &K3 #MEM0 \N2 %C0 #J0 &W


E.4 Dataplex DPX-234-01The DPX-234 has no internal switch settings to be altered, it is configured completely by command.Ensure that the firmware revision being used is Rev 1.11 or higher. If the firmware revision is notcorrect, Dataplex can provide an EXE file which will load the correct firmware.


AT &F F5 M0 &D0 &E6 &K2 &L1 *Q0 S0=0 &C1 &W

E.5 Dataplex DPX-225-30The DPX-225 has no internal switch settings to be altered, it is configured completely by command.


AT&F&T4F5M1&C1&D2&L1&E5&K0*L1S0=0S15=8*A4S15=0S25=1S38=60Q2&Q0&W

The following string configures the modem for operation at 9600 baud. It should be sent to themodem at 2400 baud as CardGate will be communicating with the modem at this speed:

AT&F&T4F6M1&C1&D2&L1&E5&K0*L1S0=0S15=8*A4S15=0S25=1S38=60Q2&Q0&W

Command Meaning of command&C1 DSR on during training and DCD on when the modem is online and ready to transmit data&F Load factory defaults&T4 Enable Remote Digital Loopback (RDLB) responseF5 Comms format: 2400 baud, QAM, V.22bis (F6 means 9600 baud, QAM, V.32 TCM)M1 Speaker on while trainingQ2 Return result codes only in originate mode, not in answer mode. No "RING" message sent&D2 Modem set to on-hook and returns to command state when DTR drops (ATH)&E5 Error correction enabled. Disconnects if no MNP modem at remote end & returns ERROR&K0 Flow control disabled&L1 Leased line mode&Q0 Do not check for eye quality when online&W Write current configuration to non-volatile RAM*A4 Special command*L1 V.24 test leads enabledS0=0 Disable automatic answerS15= Special commandS25=1 DTR delay is 1 second.S38= Special commandThe active modem configuration is accessed by issuing the AT*C command. The profile below is forleased line operation at 2400 baud.

CONFIGURATION STATUSB Bell Mode 0 &E ERR Correct 5 *B DTR Busy 0C Cont. Carr. 0 &G Guard Tone 0 *D DTR Dial 0E Echo 1 &I Const Speed 1 *E Data Comp 1F Format 5 &K Flow Ctrl 0 *F Analog Flow 0L Loudness 2 &L Leased line 1 *G Call tone 0M Speaker 1 &M Sync Mode 0 *L V.54 Enable 1N Curr Tel no 1 &O Output Mode 0 *M MR/DSR Led 0P Pulse dial 1 &P Pulse Ratio 1 *O Overspeed 0Q Quiet 2 &Q Eye Quality 0 *P Password 0R Line Rate 0 &R RTS/CTS 0 *Q Sig Qual 3V Verbose 1 &S Switch Ctrl 1 *R Rem Config 0X Results 4 &T RDLB Enable 4 *T Trellis 1&B Busy 0 &U User Flow 0 *V V25bis 0&C DCD Option 1 &V Dumb Mode 0 *X Sync Clock 0&D DTR Option 2 &X Tx Clk 0 *Y Break Ctrl 0

Dial up connection can be configured using the following string (don't forget to install the modem's NTdevice drivers onto your PC for dial up access):

AT&FF7&T4&L0&C1&D2M1&E5&K2*L1S0=0S25=1S38=60Q2&V1&W


E.6 Banksia Pro 144

E.6.1 Internal settingsTo access the internal jumper and switch settings for the modem, use an Allen key to unscrew the fourretaining screws on the bottom of the modem.

For switch bank 1 (SW1), which is the block most furthest from the DB25 connector, set switch 5 toON and all the rest to OFF. Switch 1/5 locks the modem to leased line operation.

For switch bank 2 (SW2), which is the block nearest the DB25 connector, for 2400 baud operation, setswitches 3 and 4 to ON and all the rest to OFF. For 9600 baud operation, set switch 3 ON and the allthe rest to OFF.

Link 1 (LK1) should have pins 2 and 3 jumpered. Install links LK3 and LK5.

E.6.2 Software settingsThe active profile of the modem is accessed by issuing the AT&V command. The profile below is forleased line operation at 9600 baud.

ACTIVE PROFILE:

B0 E1 L2 M1 N0 Q0 V1 W0 X4 Y0 &B1 &C1 &D2 &E1 &G0 & I0 &J0 &K3 &L1 &N1&O1 &P1

&Q6 &R0 &S0 &U1 &X0 &Y0 \A3 \C2 \G0 \J0 \K5 \N2 \V0 %A013 %C1 %D020S00=000

S06=003 S07=030 S08=002 S09=001 S10=014 S11=080 S12 =050 S14=170S15=000S18=000

S20=000 S21=048 S22=246 S23=027 S24=135 S25=005 S26 =001 S27=014S28=195S29=000

S30=015 S31=000 S32=000 S33=026 S34=000 S35=010 S36 =004 S37=009S38=020S39=128

S40=000 S46=013 S47=017 S48=007 S49=003 S50=000 S52 =128 S53=000S54=007S55=000

To set leased line mode, issue the &L1 command.

To set the modem to originate mode, set register S14 Bit 7 ON. If you use the default values for En, Vnand T, the value is 170.

Use register S23 to set the local DTE rate. For 2400 baud, use 23 for 9600 baud, use 27.

So, to set up the modem for 2400 baud leased line operation, issue the following command (the &Wwrites the registers to memory): AT&L1\N2&Q6S14=170S23=23&W. NOTE THAT 2400 baudconfig is provided here for information only - the Banksia Pro 144 is not compatible with Bank ENGmodems operating at 2400 baud.

For 9600 baud leased line operation, use: AT&L1\N2&Q6S14=170S23=27&W.


Appendix F. Optus/TNS ConfigurationAfter May 2005, the Bank will have phased out their Enterprise Network Gateway service for leasedline access to their COMMLINK host. In its place is the Optus/Transaction Network Services (TNS)secure VPN solution which uses TCP/IP with an ADSL service over a PSTN line. The ADSLconnection, router and Managed Terminal Adapter ("MTA") will be provided by Optus, with themerchant providing the telephone line.

The MTA connects to the Optus managed router via Ethernet and the CardGate PC connects to theMTA using it's serial port. This means that you will not need to install a router/firewall in front of theADSL router as there is no practical connection between your TCP/IP network and the ADSL VPNsolution.


cardgate TNS


"\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate TNS"

F.1 CardGate Registry SettingsThe following are the CardGate registry settings that need to be set for connection to the Optus/TNSsolution:



5 = Asynchronous Block Protocol (ABP) wrapping Transport Protocol Data Unit (TPDU)…..- used by Optus/TNS Solution via MTA serial port





Comms Mode string "9600,N,8,2" " 9600,N,8,2"



Appendix G. Telstra Argent ConfigurationThe CardGate Payment Gateway can also connect to Telstra’s Argent® service.

The Argent Terminal Adapter (ATA) connects to the Telstra managed network and the CardGate PCconnects to the ATA using it's serial port.


cardgate Argent.


"\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate Argent"

G.1 CardGate Registry SettingsThe following are the CardGate registry settings that need to be set for connection to theTelstra/Argent® solution:



4 = Asynchronous Block Protocol (ABP) wrapping Connectionless Network Protocol (CLNP) - used by Telstra Argent®





Comms Mode string "9600,N,8,2" " 9600,N,8,2"



NSAP SHA DWORD 0 .. 0

Telstra Argent® - Network Service Access Point Symbolic Host Address (supplied by the Bank). Typicallysupplied as a hexadecimal number, eg hexadecimal 82805100


NSAP Terminal Id DWORD 0 .. 0

Telstra Argent® - Network Service Access Point Terminal Identifier (supplied by Telstra, tied to theTerminal Adapter). Typically supplied as a hexadecimal number, eg hexadecimal 68f6e


Appendix H. Configuring Windows NT

H.1 Starting CardGate without logging on

To enable auto logging on, edit the registry using REGEDIT.EXE or REGEDT32 programs.

Edit registry sub-key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon" setting:

AutoAdminLogon: "1"

DefaultDomainName: domain

DefaultUserName: username

DefaultPassword: password

DontDisplayLastUserName : "0"


Appendix I. Year 2000 Compliance Statement

CardGate Credit Card Payment Gateway, Versions 1, 2, 3 and 4.

The software is designed to ensure year 2000 compatibility including, without limitation, date datacentury recognition, calculations that accommodate same century and multi-century formulas and datevalues, and date data interface values that reflect the century.

This software package has been certified by the Commowealth Bank for connection to the Bank'sEFTPOS network.

I confirm that we can continue providing the service without limitation before, on and after 1 January2000.

Harry RamadanDevelopment ManagerCardGate.net Pty Ltd


Appendix J. Upgrading from Version 3 to 4The following provides a suggested upgrade path from Version 3 to 4. Other methods and sequencescan readily be envisaged. Please call for advice!

J.1 Set up directoryIf you are upgrading CardGate Version 3 to 4 on the same machine, it is suggested that a new directorybe created “c:\Program Files\CardGateV4”. Copy the contents of the cardgatev4.zip archive into it.

J.2 Update the Terminal Definition FileCopy the terminal definition file “terminal.txt” from your current CardGate installation in the newdirectory. Edit it, copying its contents into the clipboard. Next, open terminalv4-sample.txt in your texteditor and paste the clipboard contents at the bottom of the file. Save the file as “terminalv4.txt”. Thisis your new terminal definition file. [It is suggested that you go through this process so that youincorporate the flag definition comments from the sample terminal file.]

Next, enhance each terminal definition line with comments and refund/sale limits (even if you will notbe enabling this new feature). Enable the new Version 4 features that you want by way of the flagsfield. For example:

Old definition terminal definition311000062000000 23000001 85765 112

New terminal definition:311000062000000 23000001 85765 112020010001 samplemerch 300000

50000

J.3 Create a new Registry Profile for ENGSet up a Windows short cut on the desktop, labelled “CardGate via ENG” (“ENG” here stands forEnterprise Network Gateway – ie leased line operation) with the short cut having the target set to:

“C:\program files\cardgatev4\cardgate.exe” ENG

Run the short cut. This would create a new registry sub-key:

"\\HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate ENG"

Now close CardGate by opening the File:Exit menu or clicking on the “X” close box in the State Viewwindow.

J.4 Update the new Registry Profile with old settingsRun regedit on the original installation. Export the key"\\HK_LOCAL_MACHINE\SOFTWARE\UMD\CardGate” to file, say “cardgatev3.reg” and copy it tothe new installation.

Edit cardgatev3.reg with a text editor (notepad is good), adding the profile name to this line: [HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate]ie

[HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate ENG]

Now import the old registry settings into the new. At this stage, refer to the recommendations in theChapter 2 – Configuring CardGate, and edit as appropriate, eg set Debug Log to 1.

This profile is now ready for running CardGate V4 for the ENG line.

Export the new settings to file “cardgatev4-eng.reg” for safe keeping.

J.5 Set up for Optus/TNS SolutionSet up another Windows short cut on the desktop, labelled “CardGate via OPTUS” with the short cuthaving the target set to:


“C:\program files\cardgatev4\cardgate.exe” OPTUS

Edit cardgatev4-eng.reg with a text editor, changing the line with “ENG” to “OPTUS”:ie

[HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate OPTUS]

Save the file as “cardgatev4-optus.reg”.

Now import the registry settings by double clicking file “cardgatev4-optus.reg”.

Run regedit, and change the appropriate settings under sub-tree“HKEY_LOCAL_MACHINE\SOFTWARE\UMD\CardGate OPTUS”, referring to Appendix G (ieLine Mode 0, Comms Port and Comms Mode). At this stage, refer to the recommendations in theChapter 2 – Configuring CardGate, and edit as appropriate, eg set Debug Log to 1.

Export the updated registry tree to “cardgatev4-optus.reg” for safe keeping.

J.6 Transfer state fileOnce you are ready to go live, copy the “state.dat” from the old installation to the new. This isimportant as it file holds the highest Systems Trace Audit Number (STAN) for each terminal. If theSTAN’s are too low, the Bank host will not respond to transaction requests.

J.7 Test current communications channelStop the old version of CardGate and run the “CardGate via ENG” short cut – it should behave just thesame. Look for error messages in the Console View and event logs.

Documents

CardGate.net Pty Ltd CardGate® Payment Gateway V4 ... · Each Merchant ID configured on the Bank's host must have a minimum of one terminal ID (CATID) assigned to it. A terminal