1.1.6. Payout Transactions

Process Payout transaction

@startuml Merchant -> "MoneyNetint": Payout request activate "MoneyNetint" "MoneyNetint" --> Merchant: Order ID "MoneyNetint" -> Bank: Process payout activate Bank Merchant -> "MoneyNetint": Get status by Order ID Bank --> "MoneyNetint": Processing result deactivate Bank "MoneyNetint" --> Merchant: Final status deactivate "MoneyNetint" @enduml

Payout transaction in most cases is used for bank account funding. For funds transfer to bank card, use d2c.
If in doubt, please contact MoneyNetint support manager to clarify the preferred integration.
Payout transactions are initiated through HTTPS POST request by using URL in the following format:
https://pne-gate.moneynetint.com/paynet/api/v2/payout/ENDPOINTID
for integration purposes use staging environment pne-sandbox.moneynetint.com instead of production pne-gate.moneynetint.com

The End point ID is an entry point for incoming Merchant’s transactions and is actually the only MoneyNetint object which is exposed via API.

Payout Request Parameters

In order to initiate a Payout transaction Merchant sends an HTTPS POST request with the parameters specified in Payout Request Parameters Table below.

Payout Request Parameter Length/Type Comment Necessity*
account_number 24/String Account Number Mandatory
currency 3/String Currency the transaction is charged in (three-letter currency code). Sample values are: USD for US Dollar EUR for European Euro Mandatory
amount 10/Numeric Amount to be charged. The amount has to be specified in the highest units with . delimiter. For instance, 10.5 for USD means 10 US Dollars and 50 Cents Mandatory
client_orderid 128/String Merchant order identifier. Mandatory
bank_name 255/String Bank Name Mandatory
bank_branch 255/String Bank Branch Name Mandatory
first_name 50/String Receiver first name Conditional*
last_name 50/String Receiver last name Conditional*
phone 50/String Receiver phone Conditional*
email 128/String Customer’s E-mail Conditional*
ipaddress 7-45/String Customer’s IP address (IPv4 or IPv6) Conditional*
purpose 128/String Payout purpose Conditional*
bank_code 3/String Bank code Conditional*
bank_address1 255/String Bank address Conditional*
bank_zip_code 255/String Bank postal ZIP code Conditional*
routing_number 16/String Routing number used to identify specific bank branches in China Conditional*
credit_card_number 20/Numeric Customer’s credit card number. Conditional*
card_printed_name 128/String Customer’s full name, as printed on the card Conditional*
expire_month 2/Numeric Credit card expiration month Conditional*
expire_year 4/Numeric Credit card expiration year Conditional*
cvv2 3-4/Numeric Customer’s CVV2 code. CVV2 (Card Verification Value) is a three- or four-digit number AFTER the credit card number in the signature area of the card. Conditional*
bank_province 255/String Bank province Optional
bank_area 255/String Bank area Optional
account_name 128/String Bank account Optional
order_desc 64/String Brief order description Optional
server_callback_url 128/String URL the transaction result will be sent to. Merchant may use this URL for custom processing of the transaction completion, e.g. to collect sales data in Merchant’s database. See more details at Merchant Callbacks Optional
* Ask your Support Manager if Conditional fields are Mandatory for your integration

Payout Request Example

account_number=1234567890
&amount=100
&bank_branch=test
&bank_name=test
&client_orderid=12345
&currency=USD
&oauth_consumer_key=payout_test
&oauth_nonce=EqINVv5rkhx
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1513785920
&oauth_version=1.0
&routing_number=123456

Payout Response

Payout Request Parameters Description
type The type of response. May be async-response, validation-error, error. If type equals validation-error or error, error-message and error-code parameters contain error details.
paynet-order-id Order id assigned to the order by MoneyNetint
merchant-order-id Merchant order id
serial-number Unique number assigned by MoneyNetint server to particular request from the Merchant.
error-message If status is error this parameter contains the reason for decline or error details
error-code The error code is case of error status

Payout Response Example

type=async-response
&serial-number=00000000-0000-0000-0000-0000000624e8
&merchant-order-id=59e1e3ca-5d44-11e1-b3d6-002522b853b4
&paynet-order-id=94935

Process Payout Form transaction

@startuml title: Payout form integration skinparam ParticipantPadding 90 Merchant -> "MoneyNetint": Payout request activate "MoneyNetint" "MoneyNetint" --> Merchant: Order ID and form URL Merchant -> Bank: Open the form URL and process payout activate Bank Bank --> Merchant: Forward to redirect URL from initial request Merchant -> "MoneyNetint": Get status by Order ID Bank --> "MoneyNetint": Processing result deactivate Bank "MoneyNetint" --> Merchant: Final status deactivate "MoneyNetint" @enduml

Such transactions are initiated through HTTPS POST request by using URL in the following format:
https://pne-gate.moneynetint.com/paynet/api/v2/payout-form/ENDPOINTID
for integration purposes use staging environment pne-sandbox.moneynetint.com instead of production pne-gate.moneynetint.com

The End point ID is an entry point for incoming Merchant’s transactions and is actually the only MoneyNetint object which is exposed via API.

Payout Form Request Parameters

In order to initiate a Payout transaction Merchant sends an HTTPS POST request with the parameters specified in Payout Form Request Parameters Table below.

Payout Request Parameter Length/Type Comment Necessity*
account_number 24/String Account Number Mandatory
currency 3/String Currency the transaction is charged in (three-letter currency code). Sample values are: USD for US Dollar EUR for European Euro Mandatory
amount 10/Numeric Amount to be charged. The amount has to be specified in the highest units with . delimiter. For instance, 10.5 for USD means 10 US Dollars and 50 Cents Mandatory
client_orderid 128/String Merchant order identifier. Mandatory
redirect_url 1024/String URL the merchant or customer will be redirected to upon completion of the transaction. Please note that the user will be redirected in any case, no matter whether the transaction is approved or declined. You should not use this parameter to retrieve results from MoneyNetint gateway, because all parameters go through user’s browser and can be lost during transmission. To deliver the correct payment result to your backend use server_callback_url instead. Mandatory
bank_name 255/String Bank Name Conditional*
bank_branch 255/String Bank Branch Name Conditional*
first_name 50/String Receiver first name Conditional*
last_name 50/String Receiver last name Conditional*
phone 50/String Receiver phone Conditional*
email 128/String Customer’s E-mail Conditional*
ipaddress 7-45/String Customer’s IP address (IPv4 or IPv6) Conditional*
purpose 128/String Payout purpose Conditional*
bank_code 3/String Bank code Conditional*
bank_address1 255/String Bank address Conditional*
bank_zip_code 255/String Bank postal ZIP code Conditional*
routing_number 16/String Routing number used to identify specific bank branches in China Conditional*
bank_province 255/String Bank province Optional
bank_area 255/String Bank area Optional
account_name 128/String Bank account Optional
order_desc 64/String Brief order description Optional
server_callback_url 1024/String URL the transaction result will be sent to. Merchant may use this URL for custom processing of the transaction completion, e.g. to collect sales data in Merchant’s database. See more details at Merchant Callbacks Optional
merchant_form_data 128/String Parameters sent in merchant_form_data API parameter are parsed into macros with the same name, the parameter is url-encoded, example: testparam%3Dtest1%26mynewparam%3Dtest2 and is parsed into $MFD_testparam = test1 and $MFD_mynewparam = test2 macros in the form. Parameter name characters[a-zA-Z0-9], parameter value characters[a-zA-Z0-9], control characters [=&], 2MB max size Optional
* Ask your Support Manager if Conditional fields are Mandatory for your integration

Payout Form Request Example

account_number=1234567890
&amount=100
&bank_branch=test
&bank_name=test
&client_orderid=12345
&currency=USD
&oauth_consumer_key=payout_test
&oauth_nonce=EqINVv5rkhx
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1513785920
&oauth_version=1.0
&routing_number=123456

Payout Form Response

Payout Request Parameters Description
type The type of response. May be async-response, validation-error, error. If type equals validation-error or error, error-message and error-code parameters contain error details.
paynet-order-id Order id assigned to the order by MoneyNetint
merchant-order-id Merchant order id
serial-number Unique number assigned by MoneyNetint server to particular request from the Merchant.
error-message If status is error this parameter contains the reason for decline or error details
error-code The error code is case of error status
redirect_url The URL to the page where the Merchant should redirect the client’s browser. Merchant should send HTTP 302 redirect, see General Payment Form Process Flow

Payout Form Response Example

type=async-response
&serial-number=00000000-0000-0000-0000-0000000624e8
&merchant-order-id=59e1e3ca-5d44-11e1-b3d6-002522b853b4
&paynet-order-id=94935
&redirect_url=https://pne-sandbox.moneynetint.com/paynet/form/init/BB411111...222

Payout and payout-form requests authorization and debug

Requests to Payout API use OAuth 1.0a authorization with HMAC-SHA1 signature.
oAuth libraries may be helpful to speed up the integration process.
Key:
HMAC key value is the concatenation of consumer secret (Merchant control key) + & + token secret (empty string).
For example, it will look as follows:
F9F65098-1111-1111-1111-621611111111&
Request body and data string to sign:
Parameters in request body must be arranged in lexicographical order.
Unique random nonce and current timestamp are generated by merchant.
OAuth parameters must be included in request body (oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_version).
Whole request is used as data string to calculate HMAC-SHA1 signature.
URL and parameters in data string must be percent-encoded and have the following structure:
POST&URL&parameters
Headers and signature:
Authorization header must start from Authorization: OAuth, have oauth_signature and the same OAuth parameters and values as were included in request body (oauth_consumer_key, oauth_nonce, oauth_signature_method, oauth_timestamp, oauth_version).
Merchant login is used as oauth_consumer_key in data string and authorization header, but it is not used as a part of the signing HMAC key.
HMAC-SHA1 signature in binary format must be Base64 and percent-encoded. The signature is sent in request header named ‘Authorization’.
For example, it will look as follows:
9bSeUoR5yJSSJ4KPhotT%2BofEHSQ%3D
Authorization header example:
OAuth realm="",
oauth_version="1.0",
oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="merchantlogin",
oauth_timestamp="1513785920",
oauth_nonce="EqINVv5rkhx",
oauth_signature="9bSeUoR5yJSSJ4KPhotT%2BofEHSQ%3D"
For integration purposes use staging environment pne-sandbox.moneynetint.com instead of production pne-gate.moneynetint.com.

Testing account_number values:

  • account_number = 1234567890 to get APPROVED
  • account_number = 0987654321 to get DECLINED
  • account_number = 1987654321 to get PROCESSOR_INTERNAL_ERROR
HTTP method
URL Use /v2/payout-form/ in URL for Payout Form integration
parameters
version
consumer key
consumer secret
timestamp
nonce
signature method

normalized parameters
signature base string
signature
authorization header

Order status

Merchant must use Order status API call to get the customer’s order transaction status. After any type of transaction is sent to MoneyNetint server and order id is returned, Merchant should poll for transaction status. When transaction is processed on MoneyNetint server side it returns it’s status back to Merchant and at this moment the Merchant is ready to show the customer transaction result, whether it’s approved or declined.

Status API URL

For integration purposes use staging environment pne-sandbox.moneynetint.com instead of production pne-gate.moneynetint.com. Status API calls are initiated through HTTPS POST request by using URL in the following format:

The End point ID is an entry point for incoming Merchant’s transactions for single currency integration. https://pne-gate.moneynetint.com/paynet/api/v2/status/ENDPOINTID

The End point group ID is an entry point for incoming Merchant’s transactions for multi currency integration. https://pne-gate.moneynetint.com/paynet/api/v2/status/group/ENDPOINTGROUPID

Order status call parameters

Status call parameters Description
login Merchant login name
client_orderid Merchant order identifier of the transaction for which the status is requested
orderid Order id assigned to the order by MoneyNetint
by-request-sn Serial number assigned to the specific request by MoneyNetint. If this field exist in status request, status response return for this specific request.
control Checksum used to ensure that it is MoneyNetint (and not a fraudster) that initiates the callback for a particular Merchant. This is SHA-1 checksum of the concatenation login + client-order-id + paynet-order-id + merchant-control. See Order status API call authorization through control parameter for more details about generating control checksum.

Order Status Response

Status Response Parameter Description
type The type of response. May be status-response
status See Status List for details.
amount Amount of the initial transaction.
paynet-order-id Order id assigned to the order by MoneyNetint
merchant-order-id Merchant order id
phone Customer phone.
html HTML code of 3D authorization form, encoded in application/x-www-form-urlencoded MIME format. Merchant must decode this parameter before showing the form to the Customer. The MoneyNetint System returns the following response parameters when it gets 3D authorization form from the Issuer Bank. It contains auth form HTML code which must be passed through without any changes to the client’s browser. This parameter exists and has value only when the redirection HTML is already available. For non-3D this never happens. For 3D HTML has value after some short time after the processing has been started.
redirect-to For 3Ds authorization the merchant can redirect the customer to URL provided in this parameter instead of rendering the page provided in html parameter. The redirect-to parameter is returned only if the html parameter is returned. This parameter must be used to work with 3DS 2.0.
serial-number Unique number assigned by MoneyNetint server to particular request from the Merchant.
last-four-digits Last four digits of customer credit card number.
bin Bank BIN of customer credit card number.
card-type Type of customer credit card (VISA, MASTERCARD, etc).
gate-partial-reversal Processing gate support partial reversal (enabled or disabled).
gate-partial-capture Processing gate support partial capture (enabled or disabled).
transaction-type Transaction type (sale, reversal, capture, preauth).
processor-rrn Bank Receiver Registration Number.
processor-tx-id Acquirer transaction identifier.
receipt-id Electronical link to receipt https://pne-gate.moneynetint.com/paynet/view-receipt/ENDPOINTID/receipt-id/
name Cardholder name.
cardholder-name Cardholder name.
card-exp-month Card expiration month.
card-exp-year Card expiration year.
card-hash-id Unique card identifier to use for loyalty programs or fraud checks.
email Customer e-mail.
bank-name Bank name by customer card BIN.
terminal-id Acquirer terminal identifier to show in receipt.
paynet-processing-date Acquirer transaction processing date.
approval-code Bank approval code.
order-stage The current stage of the transaction processing. See Order Stage for details
loyalty-balance The current bonuses balance of the loyalty program for current operation. if available
loyalty-message The message from the loyalty program. if available
loyalty-bonus The bonus value of the loyalty program for current operation. if available
loyalty-program The name of the loyalty program for current operation. if available
descriptor Bank identifier of the payment recipient.
error-message If status in declined, error, filtered this parameter contains the reason for decline
error-code The error code is case status in declined, error, filtered.
by-request-sn Serial number from status request, if exists in request. Warning parameter amount always shows initial transaction amount, even if status is requested by-request-sn.
verified-3d-status See 3d Secure Status List for details
verified-rsc-status See Random Sum Check Status List for details

Order Status Response Example

type=status-response
&serial-number=00000000-0000-0000-0000-0000005b5044
&merchant-order-id=902B4FF5
&processor-tx-id=PNTEST-159884
&paynet-order-id=159884
&status=approved
&amount=10.42
&descriptor=test-usd
&gate-partial-reversal=enabled
&gate-partial-capture=enabled
&transaction-type=sale
&receipt-id=a5061379-6ff5-3565-a9ba-1b8a814d04f6
&name=TEST HOLDER
&cardholder-name=TEST HOLDER
&card-exp-month=1
&card-exp-year=2016
&email=john.smith@gmail.com
&processor-rrn=510321889824
&approval-code=242805
&order-stage=sale_approved
&last-four-digits=9001
&bin=520306
&card-type=MASTERCARD
&phone=12063582043
&bank-name=CITIBANK
&paynet-processing-date=2015-04-09 17:14:26 MSK
&by-request-sn=00000000-0000-0000-0000-0000005b2a8a
&card-hash-id=1493114
&verified-3d-status=AUTHENTICATED
&verified-rsc-status=AUTHENTICATED

Status request authorization through control parameter

The checksum is used to ensure that it is Merchant (and not a fraudster) that sends the request to MoneyNetint. This SHA-1 checksum, the parameter control, is created by concatenating of the values of the parameters in the following order:

  • login
  • client_orderid
  • orderid
  • merchant_control

For example assume the following values are corresponds the parameters above:

Parameter Name Parameter Value
login cool_merchant
client_orderid 5624444333322221111110
orderid 9625
merchant_control r45a019070772d1c4c2b503bbdc0fa22

The complete string example may look as follows:

cool_merchant56244443333222211111109625r45a019070772d1c4c2b503bbdc0fa22

Encrypt the string using SHA-1 algorithm. The resultant string yields the control parameter which is required for authorizing the callback. For the example control above will take the following value:

c52cfb609f20a3677eb280cc4709278ea8f7024c

Server callback result

Upon completion of request processing by the System it returns the result on the specified server_callback_url with the parameters described in Merchant Callbacks

The checksum is used to ensure that the callback is initiated for a particular Merchant, and not for anybody else claiming to be such Merchant. This SHA-1 checksum, the control parameter, is created by concatenation of the parameters’ values in the following order:

  • status
  • orderid
  • client_orderid
  • merchant_control

A complete string example may look as follows:

approvedS279G323P4T1209294c258d6536ababe653E8E45B5-7682-42D8-6ECC-FB794F6B11B1

Encrypt the string using SHA-1 algorithm. The resultant string yields the control parameter. For the above-mentioned example the control will take the following value:

e04bd50531f45f9fc76917ac78a82f3efaf0049c

All parameters are sent via GET method.

For more information, see Merchant Callbacks