Introduction

welcome to judopay accept simple and secure payments in your app or website with judopay’s sdks quickly capture your customer’s card details for immediate payments or save them securely for future payments to get started then, you will receive access to your judopay dashboard and the sandbox environment there is a due diligence process to complete before you go live, so please speak to a member of the team before doing any development work to follow the steps to quickly integrate and produce a test card payment using judopay’s web sdk, see quick start docid\ uuvcdjxtcajyqhd4xfpye important to consider when integrating your app when to have multiple judoids you can have one judoid multiple judoids a judoid can be allocated for a route or location basis multiple judoids can also be created to take into account a more granular set of transaction reporting, for example to separate online transactions, the location where transactions took place, or the most used payment method all judoid's can have different configurations enabled permissions you will receive your api credentials when setting up your account with judopay these credentials control the permissions enabled on your sandbox and live token and secret pair(s) each token and secret pair will have specific permissions configured for more information, see introduction docid\ s 8hoamytkgy13t0p657 the following illustration provides a helpful overview on the permissions that need to be set up, in order for each step in the payment flow to be able to take place the following illustration provides a helpful overview on the permissions that need to be set up, in order for each step in the payment flow to be able to take place permissions flow diagram possible configuration examples depending on the payment methods, currencies and card schemes you want to accept, you can configure these specifically, (for example visa, mastercard, apple pay, card, paypal), or set to accept all check your judoids and tokens are configured and enabled as appropriate if you want to include amex , contact customer support mailto\ help\@judopay com to set this up amex is not automatically added and requires a separate configuration payment methods transaction medium (ecom / moto) currencies card schemes transaction types block payments from a specific region using our transaction api interact with our transaction api reference docid\ bcxnm5keok nlnrztafut in the following ways select your integration version see the authentication methods available how to create a /paymentsession authenticate all requests or a specific request manually test a request view example success and error responses for more information, see interact with the transaction api docid\ apyeqdsycdrkuxggnlhup authentication methods in online and mobile payments, security is a number one concern authentication and verification of the identity of the cardholder is important for preventing fraudulent transactions and refunds each request to judopay’s transaction api requires authentication depending on how you integrate with judopay, the following methods are recommended to authenticate requests using our web sdk docid 40dwe6lbub7vdkza1qydc /paymentsession calling directly to our transaction api reference docid\ bcxnm5keok nlnrztafut /paymentsession , or tokensecretauth the token and secret pair for more information, see authentication methods docid\ ylkw5coh5nqnfq3j wjk2 testing your integration prior to testing prerequisites make sure you have the following set up prior to testing you are using sandbox tokens in the sandbox environment you are using test cards in the sandbox environment your judoids and tokens are configured and enabled as appropriate you need your sandbox account so you can process test transactions while developing your app sandbox environment the purpose of the sandbox environment is to allow you to test and replicate various use cases, payment flows and scenarios that your app should support use the test cards docid obafnuc1umhk vihhs5d and data to test your integration is working correctly this will give you confidence that all is working as expected when your integration goes live direct api integration scenarios (card payments) testing 3d secure 2 authentication docid\ bdcgiyqdm3mle ubxp1yr testing card payments docid\ nq7c98panemfgukhbpucb testing card preauths docid\ gwwuvrkwonc5yvk6qhmmi testing refunds docid\ mebkvlfmxdp3kolys0uda testing collections docid\ yvjgzt2gxwbdxm3m0wemu testing voids docid\ dmbakskjll551suxqipum testing savecard docid\ n6bow dlqrqo olwrjvfk testing checkcard docid 3ssysze0atrwujrqsiqov testing merchant initiated transactions docid\ gb1c oqbh7uuw8rzusawt testing get transactions docid\ zia7tb a4kybkm0v4okjy for more information see, testing your direct (api) integration docid 6bahfduikw3xms1pv8oex web payments integration scenarios (card payments) testing web payments card payments docid\ zv5mpxmmqxjq1rp3fayxk testing web payments card payments docid\ zv5mpxmmqxjq1rp3fayxk testing web payments card payments docid\ zv5mpxmmqxjq1rp3fayxk for more information see, testing web payments card payments docid\ zv5mpxmmqxjq1rp3fayxk mobile sdk integration scenarios (card payments) testing android sdk card payments docid\ vzb3q7wp2hf0ljgdo8vnd testing ios sdk card payments docid 9t9c80adjpmu0baiys7sk for more information see, testing your mobile sdk integration docid\ gvthuybg kbet2sxnynlo web sdk integration scenarios (card payments) testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 for more information see, testing web sdk card payments docid\ a33b4pwt6brofejpghdh2 wallet payment scenarios (via direct api integration) testing digital wallet payments via api docid\ hq1tyqlikepvzyqlw l07 testing digital wallet payments via api docid\ hq1tyqlikepvzyqlw l07 for more information see, testing digital wallet payments via api docid\ hq1tyqlikepvzyqlw l07 wallet payment scenarios (via web sdk integration) testing digital wallet payments via web sdk docid\ t13itu 7qx7ylrxgvj5jt testing digital wallet payments via web sdk docid\ t13itu 7qx7ylrxgvj5jt for more information see, testing digital wallet payments via web sdk docid\ t13itu 7qx7ylrxgvj5jt wallet payment scenarios (via mobile sdk integration) testing apple pay™ wallet via mobile sdk docid\ hyanzim115id6dabs bkp testing google pay™ wallet via mobile sdk docid\ pdwr34avmt3iws1j8xtsq for more information see, testing your wallet payment integration docid\ iyacwlidscqikmcfrrkhp key terms familiarise yourself with the key terms we use, to help you with your integration judoid the judoid is a unique id supplied by judopay, which you add to the request body of each transaction request string of numbers maximum length 9 characters format 100100100 do not include spaces or dashes api credentials you will receive your api credentials when setting up your account with judopay these credentials control the permissions enabled on your sandbox and live token and secret pair(s) each token and secret pair will have specific permissions configured for more information, see introduction docid\ s 8hoamytkgy13t0p657 3d secure 2 we support all versions of the 3d secure protocol up to and including version 3ds2 2 3d secure 2 0 aims to improve the security and consumer experience, including helping merchants achieve strong customer authentication (sca) compliance under psd2 the payment services directive (psd2), has introduced a new regulatory requirement strong customer authentication (sca) the aim of the sca is to add an increased layer of security for card not present transactions, when making mobile and online payments make sure your account has 3d secure 2 api credentials enabled contact ​customer support​​ to set this up in the 3d secure 2 payment flow, the issuer will make a decision on whether they have enough authentication data to proceed with the transaction, or if they require the cardholder to further authenticate the transaction with additional strong customer authentication (sca) checks for more information, see improving authentication in your payment flow docid 0yqdp4kpyoijj6unudn9f to authenticate the transaction, merchants can verify the consumer's identity with the issuer to be compliant with sca, 3d secure 2 transactions have additional authentication and transaction information within the payment flow for more information on 3d secure 2, see what is 3d secure? docid\ wpfmf662qaigegrpu mow merchant initiated transactions merchant initiated transactions (mit)s, for example subscription type payments unscheduled transactions tips increase in taxi fares for more information, see merchant initiated transactions docid\ ek1dldo8cgr9di226zlyf mits are also impacted by sca you need to tag your mit / recurring transactions correctly to ensure your transactions are not declined by your customers’ issuing bank card token payments use the card token in the request body, instead of the card number the card token is a randomly generated string linked to a card saved securely within the judopay card vault you will not take on additional pci scope, as the card token does not have any sensitive card information, so it can be stored in your database alternative payments alternative payment methods refers to a range of payment methods beyond the traditional ways of paying with cards and cash currently judopay accepts the following alternative payment methods paybylink via api docid 44rrma0krzsqsvnri7qbw paypal docid\ rcuemk4qqk m ndm0nh8g (beta) (beta) wallet payments integrate apple pay™ and google pay™ via web and mobile for more information, see apple pay and google pay wallets docid\ xugwb4y6tqksmz quyccz web payments a minimal integration is all that is required to enable you to take a payment generate hosted payment page links using judopay’s transaction api and redirect the consumer back to your own website, using configured redirect urls this helps minimise your pci scope by providing consumers with a secure way to pay online via their browser, optimised for any device for more information, see web payments docid\ glorwwwfkfqp34fykcxe8 sdks judopay’s sdks enables merchants to easily integrate and customise a seamless consumer checkout experience, for mobile, web and server integrations all of our sdks come built in with the following features secure customer authentication (sca) compliance 3d secure fraud prevention tools supports alternative payment methods you will not take on additional pci scope, as sensitive card information is submitted by consumers into fields hosted by judopay, encrypted and transmitted on behalf of the merchant, meaning it does not touch the merchant’s server if you prefer to use your own ui for the consumer’s checkout journey, you can still easily integrate with judopay using only a few lines of code to begin accepting payments for more information, see mobile sdks docid\ fyef n37tnl1c5dsscml3 web sdk docid 40dwe6lbub7vdkza1qydc server sdk integration docid\ mzcnx mb0nespjb4mjpz4 navigating the judopay portal access the judopay portal, to create your apps configure your apps' permissions access sandbox and live tokens and secrets set up webhooks view transactions process refunds create and configure your apps, access your tokens and secrets, view transactions, set up webhooks and process refunds, on the judopay portal when you sign in to the judopay portal, the side navigation has the following menu options account section overview overview of account | recent live transactions | account balance | previous transfers history view transactions in sandbox and live environments | search for specific transactions | view filtered transactions | export transactions to csv payments dashboard view payment summary for last 24 hours | view total transaction value (gross) for past 30 days | view total transaction count for past 30 days declines dashboard view declined transactions by month | view declined transactions summary for last 30 days | view declines by acquirer response codes pay by link view existing paybylink payments | create a new paybylink payment balance detailed account balance view | past transfer activity v terminal virtual terminal settings provides the judo id | transaction fees | funding delay | additional account details and options | transfer details | set transfer frequency for the designated account developers section your apps configure your app |access tokens | access secrets tools download our sdks | sandbox test card details | api transaction logs help section portal guide guide to navigate the porta l contact complete the form to judopay customer support creating your app from the judopay portal creating your app from the side menu, select your apps the your apps page appears click the add app button the app configuration page appears enter the name for your app for the purpose of this exercise, documentation testing app is entered to enable pre configured permissions depending on the kind of app you are creating, select one of the following options native mobile payments using our native mobile web payments using our hosted re direct web payments solution your back office using our server sdks, or build directly to our api click add app your new app will appear at the bottom of the list of apps you can select the app to view and edit the configuration settings each app has a unique configuration, meaning permissions or feature configurations (such as one click payments) are not shared between all your apps you have to configure each app separately token and secret app permissions to maximise your app’s security it is important to set permissions to allow your app to accept and process specific endpoints or payment types each token and secret pair related to an app has its own unique permissions it is advised to enable the absolute minimum permissions required for your mobile app for example, if you only perform transactions from your backend; in your backend app enable the make payments permission the following app permissions are available list all transactions make payments refund payments retrieve web payment create web payment preauth transactions register card transactions for mobile apps, it is recommended not to make a transaction from the app, as the token and secret could become compromised edit token and secret app permissions each token and secret pair will have specific permissions configured double check these permissions before using the token and secret each app has a token and secret pair for sandbox and live to edit the sandbox token and secret app permissions in the judopay portal edit app permissions from the side menu, select your apps select the app you wish to edit for the purpose of this exercise, document testing app is selected select the environment to set permissions sandbox tokens live tokens for the purpose of this exercise, sandbox tokens is selected the token information is displayed native apps have the following default permissions make payments preauth transactions click edit the permissions window appears select or deselect a permission for the purpose of this exercise, list all transactions is selected click save permissions the added permission appears in the list test to validate the change has taken effect viewing the sandbox token and secret each token and secret pair will have specific permissions configured double check these permissions before using the token and secret each app has a token and secret pair for sandbox and live for the purpose of this exercise, view the sandbox token and secret in the judopay portal from the judopay portal to view the sandbox token and secret from the side menu, select your apps select the app to view the token and secret credentials select sandbox tokens to see both the token and secret for the sandbox environment the sandbox token information is displayed you can view the token | secret | view and edit permissions | disable the token | add a new sandbox token a live token and secret will only be visible within the app once your account is activated viewing the live token and secret each token and secret pair will have specific permissions configured double check these permissions before using the token and secret each app has a token and secret pair for sandbox and live for the purpose of this exercise, view the live token and secret in the judopay portal from the judopay portal to view the live token and secret from the side menu, select your apps select the app to view the token and secret credentials select live tokens to see both the token and secret for the sandbox environment the live token information is displayed a live token and secret will only be visible within the app once your account is activated to activate your account, see introduction a live token and secret will only be visible within the app once your account is activated additional token and secret settings at the api token / api secret level, additional settings can be initiated enabling webhooks you can set webhooks to be enabled, see webhooks docid\ mqjiizxmcro1cpvauawud contact customer support mailto\ help\@judopay com to set up the following features enabling webpayments enforcing avs (address verification) enforcing 3ds cv2 (optional)