Home > Plus > Payment Devices > Supported Payment Devices > Credit Cards

Credit Cards

We developed a special credit card device to implement convenient payment by credit card. If you want to use the credit card device, you will need to set up an account with a credit card authorization provider (gateway).

Important!
Please debit your own credit card at the terminal before allowing your first customers/users to do so. This allows you to check if all settings and information are correct.

Our SiteKiosk Plus license supports the following gateways (refer to the information below for details on how to set up these gateways):
  1. Custom script
    This option allows you to create an individual credit card payment solution for any credit card gateway.
  2. I-Payment - http://www.ipayment.de
    Provider for the German market.
  3. Securetrading - http://www.securetrading.com
    Provider for the British market (UK).
  4. Authorize.Net - http://www.authorize.net/
    Provider for the US market.
  5. PayPal Payflow Pro - https://www.paypal.com/
    Provider for the US market, but operates world-wide (multi currency).
  6. Moneris - http://www.moneris.com/
    Operating on the US and Canadian market.
  7. SecurePay - http://www.securepay.com.au
    Provider for the markets in Australia and New Zealand.
  8. DIBS Payment Service - http://www.dibspayment.com/
    Provider for the Scandinavian market. Substituted the Cardia gateway in 2009.
  9. CreditCall - http://www.creditcall.co.uk/
    Provider of chip and PIN solutions (UK).
    When using a magnetic card reader, you will need one that is able to read tracks 1 and 2 under SiteKiosk, which does not apply to most generic ISO readers. To use chip and PIN together with CreditCall and the Dione Secura card reader, you will need additional files: http://www.provisio.com/download/tools/chippin.zip.
  10. DPS PaymentExpress - https://www.paymentexpress.com/
    Operating in Australia, New Zealand, the Pacific Islands, Singapore, South Africa, USA, and the United Kingdom.
  11. Magensa.net Payment Protection Gateway (MPPG) - http://www.magensa.net/
    Provider in the United States and for other countries.

    Important note on Magensa.net:
    The gateway can be used in combination with special MagTek HID MagneSafe Readers (USB) which encrypt the credit card information while reading it, which increases security significantly and makes it easier to obtain PA-DSS certification if necessary.
  12. PayPrin AxisGwy - http://www.payprin.com/
    Provider for the US market and other countries.
The following types of credit cards are accepted as a general rule:
  1. EuroCard/MasterCard
  2. American Express
  3. Diners Club
  4. VISA
  5. JCB

Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard, usually shortened to PCI, is a body of rules applied to payments that involve the processing of credit card transactions. The standard is supported by all major credit card organizations. It is the responsibility of the PCI Security Standards Council to increase security for payment and account information by providing information, training and educational advertising about the PCI Security Standards. The organization was founded by American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc.

All commercial enterprises and service providers who store, submit or process credit card transactions must meet the requirements of this standard. Please note that this standard is NO legal regulation. However, your point of acceptance may require you to obtain PCI DSS certification as soon as you start accepting credit cards as a method of payment at your terminals. If you fail to obtain this certification, acceptance of credit card payments may ultimately be denied. Compliance with the rules is usually validated based on the company's volume of sales (e.g. annual credit card transactions of 1 M or more).
Having your terminals certified according to the PCI DSS will ensure that you are in compliance with the standard. It is, unfortunately, not possible to obtain PCI DSS certification for individual software applications such as SiteKiosk as the certification always applies only to package solutions consisting of hardware and software (your kiosk terminal). Certification can only be obtained from an approved scanning vendor (ASV). For a list of certified ASVs, click here.
For more information, log on to https://www.pcisecuritystandards.org/.
Payment Application Data Security Standard (PA-DSS)
PA-DSS is a program under private law that is managed by the Council and originated in the program “Payment Application Best Practices (PABP)” which was managed under the supervision of Visa Inc. The objective of the PA-DSS is to support software providers and other vendors in developing secure payment applications which will not store any forbidden data such as complete magnetic strips, CVV2 or PIN code data and offer compliance with the PCI-DSS.
?PROVISIO GmbH guarantees that the shipping version of their "SiteKiosk" application will not store credit card information of any kind. As credit card information is transferred to a credit card gateway "certified in accordance with the PCI-DSS" only be means of an HTML form, the SiteKiosk application itself cannot be certified in accordance with the PA-DSS. Also: Even if you use applications that are certified in accordance with the PA-DSS, you will still have to obtain PCI DSS certification.


1. System requirements
1.1 Hardware
You can enter the credit card information manually. We do, however, recommend that you use an ISO magnetic card reader to read the information.

Suitable card readers must only be capable of reading the 1st data track (track 1) of the credit card (exception: CreditCall). We support the following devices:

  1. All generic ISO magnetic card readers featuring RS232 interface (COM)

  2. Emulation by keyboard (magnetic stripe card reading keyboards) (usually PS2)
    Some magnetic card readers merely transmit keyboard signals. SiteKiosk supports these special readers provided the corresponding driver can precede the card information with a certain set of characters. For more information, click here.

  3. Type: Swipe card readers
    • Producer: Magtek http://www.magtek.com
      Model: Magstripe Swipe Card Reader Mini Port-Powered RS-232 & Mini USB (HID)
      Model: Sureswipe (Part Number: 21040140) Reader HID (USB)
    • Producer: Semtek http://www.semtek.com
      Model: Mini-Swipe Magnetic Stripe card readers RS-232
    • Producer: Cherry http://www.cherrycorp.com
      Model: Cherry G81-7000/8000 keyboard with Magnetic stripe card reader (keyboard emulation)
    • Producer: ID TECH http://www.idtechproducts.com
      Model: MiniMag II, MagStripe Reader (IDMB-3351xx series, requires OPOS driver from ID TECH)

  4. Type: Insertion card readers
    • Producer: Magtek http://www.magtek.com
      Model: Magstripe Insert Card Reader MT-215 RS-232 & USB (HID)
      Model: IntelliStripe 65 RS-232 & USB (direct & emulated COM-Port versions)
    • Producer: Semtek http://www.semtek.com
      Model: Manual Insert card reader RS-232
      Model: Manual Insert card reader USB (keyboard emulation)
    • Producer: ID TECH's http://www.idtechproducts.com
      Model: Spectrum RS-232 Hybrid Partial Insert Card Reader and SPT3-323 Insertion Reader (USB)
    • Producer: Uniform Industrial
      Model: MSR 152 RS-232 and MSR 152 USB
    • Producer: Dione/VeriFone http://www.verifone.com
      Model: Dione Secura PINPad RS-232 (for chip and PIN)

  5. Type: Motorized card readers

  6. Type: MagneSafe Readers
    Special card readers that encrypt the credit card information while reading it, which increases security significantly and makes it easier to obtain PA-DSS certification if necessary. Can be used in combination with the Magensa.net Payment Protection Gateway (MPPG).
    SiteKiosk supports HID readers with Security Level 3 which are compatible with MagneSafe V5. Contact Magtek for more information.
    When using this type of reader, you should disable the option that lets you enter credit card information manually as the only data that will be encrypted is the data read directly by the reader.

1.2 Software
  1. Windows 7, 8, 10
  2. Internet Explorer 10 and 11
  3. SiteKiosk Plus license


2. Installing the hardware
We recommend that you use the credit card solution in combination with a card reader. Please install and configure the hardware corresponding to the requirements of the device you want to use. If you need further assistance, refer to the manual that comes with the device as well as the website of the respective manufacturer.


3. Configuring the credit card features
3.1 General
To configure credit card settings, go to the Payment Module page in the configuration and select the entry "Credit card: ISO/MagTek/etc." from the list of available devices and click on Customize.

The green dot next to the entry for the device indicates that the payment device has been enabled.

You will need access to a payment processing gateway if you want to be able to use the credit card device. This is because credit card debiting over the Internet is only possible through such gateways. Here is how the payment process usually works:
  1. Customers enter their credit card number or swipe the card through the reader to provide the necessary information.
  2. The information stored on the card and the amount due will be sent online to the payment processing gateway along with your merchant ID.
  3. The payment processing gateway will check the information and the amount and will, if the checking process succeeds, debit the amount due and credit it to your merchant ID.
    Advantage: False or stolen credit cards will automatically be rejected.
  4. The payment processing gateway will send feedback whether the amount could be debited or not. Best of all, this process will only take a few seconds!
  5. If the checking process is completed successfully, SiteKiosk will automatically credit the amount to the account of the Internet terminal.
  6. A few days later, you will receive a credit note on your bank account (minus the fees charged by your credit card company (MasterCard, Amex, etc.) and the payment processing gateway).
Some gateways allow users to send a comment or description. In order to let a number of terminals use the same configuration while the comment/description can be used to identify a single terminal you can use
$(computername)
for the computer name,
$(computerguid)
for the computer GUID,
$(ipaddresses)
for the IP address of the terminal and
$(fqdn)
for the Fully Qualified Domain Name of the computer.
3.2 Payment gateway selection
You can choose from seven different payment processing gateways for handling all credit card transactions at your terminals. Please contact the provider of your choice in case you have any further questions concerning your account:
CUSTOM SCRIPT SETTINGS
The custom script allows you to implement an individual credit card payment solution, e.g. transferring the card data to an existing payment/shop system, or any credit card gateway. The communication with the gateway needs to be done according to the Software Development Kit (SDK) provided by the gateway. The SiteKiosk Object Model must be used to add the credit under SiteKiosk.

If manual input of the credit card data is used the transaction with the gateway must be done according to the SDK of the gateway. After the successful transaction the SiteKiosk.Plugins("SiteCash").Credit(amount) function of the SiteKiosk Object Model can be used for the amount transaction in SiteKiosk.
If a credit card reader is used, SiteKiosk fires the SiteKiosk.Plugins("SiteCash").Devices("CreditCard").OnCardSwiped = handler event if a card has been swiped. SiteKiosk then provides access to all credit card information that is necessary to complete a transaction successfully. Please proceed in the same way as described for manual input.

Example:
The following example writes the credit card number to the SiteKiosk log file after a card has been swiped.

creditcard = SiteKiosk.Plugins("SiteCash").
Devices("CreditCard");
creditcard.OnCardSwiped = OnCardSwiped;
function OnCardSwiped(ccardinfo)
{
   SiteKiosk.Logfile.Notification
   SiteKiosk("Credit Card Number: " + ccardinfo.Number);
}

SETTINGS SecureTrading
After applying for a merchant account with Secure Trading, you will receive a user name and password along with your site reference ID. Please note that starting with SiteKiosk 8.5, SiteKiosk only supports the new STPP payment process method of Secure Trading. Please contact Secure Trading to learn how to switch from the old ST2K process to STPP.

The Card Security Code Validation (CVC) is available as an additional security option.

Another option is to enable automatic email confirmation. You will then receive an email containing the corresponding information after the completion of every credit card transaction.

You can also delay the actual charge.

If you require this information in order to identify a transaction more easily, you can also receive a description that includes, for instance, the computer name.

The Card Security Code Validation (CVC) is available as an additional security option.


SETTINGS DIBS Payment Services
The use of DIBS requires that you enter your merchant information, login ID and password.

To increase security, you can also incorporate an optional MD5 signature.

The Card Security Code Validation (CVC) is available as an additional security option.
If your payment gateway account supports the 3-D Secure procedure, you can activate this feature here. The timeout determines how long SiteKiosk is supposed to wait for the user to type in the 3-D Secure password.

 
SETTINGS
Authorize.Net

Complete the fields based on the information you received when signing up at Authorize.net. Please select the credit cards you wish to allow as well.

Authorize.net offers better terms if there is proof that the selected credit card actually exists (CardPresent). In this case, customers CANNOT type in their credit card number but will have to use a magnetic stripe reader. If you like to use this option, choose it when you sign up your Authorize.Net account.
Important: If you want to enable only the Credit Card Present payment option, you also have to disable the option "Enable manual input of credit card information" in the main credit card dialog box (Credit Card Payment).

Authorize.net also allows you to enable a test mode. This option lets you carry out billing without actually debiting the card.

To increase security, enter the MD5 signature and the referer URL as well. Authorize.Net can arrange for you to receive this additional information.

Attention:
The MD5 value does not secure the credit card transaction, but merely ensures that the response is sent from the correct server. This means that by the time SiteKiosk discovers that the MD5 values do not match, the transaction will have already been completed and the credit card will have been charged as the transaction is triggered on the server end. There is nothing SiteKiosk can do about that. SiteKiosk will then, however, not credit this transaction as it is suspected to be manipulated. We, therefore, urge you to test drive the feature when using MD5 verification.


If you require this information in order to identify a transaction more easily, you can also receive a description that includes, for instance, the computer name.


SETTINGS iPayment
iPayment provides you with access to your own personal online admin menu. As this menu can be run in test mode as well, you can practice posting amounts without actually crediting them to a user's account.

In addition to specifying the credit cards that will be accepted, you can define the text that is to appear on your customer's credit card bill (will NOT appear in your transaction report). However, the information given under 'Send comment with transactions' will appear in your transaction report you receive from iPayment. Other information that can be included comprises the computer's IP address and the time and date of the transaction.
The Card Security Code Validation (CVC) is available as an additional security option.

iPayment will ignore credit card transactions that are submitted in rapid succession if they are sent from the same IP address. However, if you use a router, you may have to disable this function. In order to do that, you will have to open SiteKiosk's configuration file .skcfg. Look for the following entry:

<disable-fraud-detection>false</disable-fraud-detection>

and set this value to "true.


SETTINGS PayPal Payflow Pro
Log on to https://www.paypal.com/us/cgi-bin/webscr?cmd=_payflow-gateway-overview-outside to sign up for your own merchant account. Once you have registered, you will receive the partner ID that is associated with your merchant account.

Payflow Pro also allows you to enable a test mode. This option lets you carry out billing without actually debiting the card.

The transaction comment allows you to track from which terminal a transaction is posted. The comment fields should not contain any special characters.

The Card Security Code Validation (CVC) is available as an additional security option.


SETTINGS Moneris Solutions
Complete the fields based on the information you received from Moneris after signing up for an account. This information includes Store ID and Api Token. Please select the credit cards you wish to allow as well.

Moneris also allows you to enable a test mode. This option lets you carry out billing without actually debiting the card.


SETTINGS SecurePay
Complete the fields based on the information you received from SecurePay after registering with them (e.g. merchant, password).

Please select the credit cards you wish to allow as well.

SecurePay also allows you to enable a test mode. This option lets you carry out billing without actually debiting the card.


SETTINGS CreditCall

Please fill out the designated fields for Terminal ID and CreditCall key. Change the Server URL field to the URL assigned to you. By default, the field for Server URL contains a CreditCall test URL that you can use together with the test mode. Note that CreditCall may change that URL. You can enter the URL that is currently up to date here.

The Card Security Code Validation (CVC) is available as an additional security option.

To use chip and PIN, please select, for instance, the Dione Secura card reader in the main dialog box that lets you pick credit card options and select the setting Use an ICC reader.


SETTINGS DPS PaymentExpress
Enter user name and password in the designated fields.

The transaction comment allows you to track from which terminal a transaction is posted. The comment fields should not contain any special characters.

The Card Security Code Validation (CVC) is available as an additional security option.


SETTINGS Magensa.net Payment Protection Gateway (MPPG)
Please enter host ID and host password as well as merchant ID and password. Next select the cards you would like to accept.

The transaction comment allows you to track from which terminal a transaction is posted. The comment fields should not contain any special characters.

The Card Security Code Validation (CVC) is available as an additional security option. Please note that the CVC dialog will only be shown if the card data has been typed in manually.

 
SETTINGS
PayPrin AxisGwy

Complete the fields based on the information you received when signing up at PayPrin. Please select the credit cards you wish to allow as well.

PayPrin also allows you to enable a test mode. This option lets you carry out billing without actually debiting the card.

If you require this information in order to identify a transaction more easily, you can also receive a description that includes, for instance, the computer name.

3.3 Input options
This option refers to the way the user can provide card information. SiteKiosk supports two different types of input:
3.4 Payment dialog boxes
The user will see the payment dialog box immediately after the card is swiped or ENTER is pressed in the payment dialog box.
3.5 Email receipt settings
The payment module also allows you to send an email receipt to your customers when a transaction is completed. You may find it useful in some cases to include your complete company address in the text.


4. Troubleshooting
4.1 Credit card are not being recognized
  1. Check the connection between card reader and PC.
  2. Verify your card reader settings and check if device functions properly by pressing the Test button.
4.2 Credit card information is not being transmitted
  1. Check the information you received from your gateway provider.
  2. Check whether the corresponding cards have been activated.
4.3 Test dialog box does not show any card information
  1. If using UAC (User Access Control, for instance, under Windows 7), you may experience that the drivers for some readers will not pass on the data to elevated programs such as the SiteKiosk Configuration Wizard. In consequence, the testing feature of the Configuration Wizard will not show any card information. The process will, however, work under SiteKiosk.

See also

Payment Simulation Dialog Box (For Testing)
Coin Acceptor WH EMP800 and 850/Change Giver GW200/Escrow E104
ccTalk Interface
Surf Time Limiter


Back to top