MoTo Usage
MOTO is an abbreviation for Mail or Telefon Order and is an exception in the credit card business in terms of 3DS and PSD2 compliance. In this case, no online verification or approval of the cardholder is required.
As a result, transactions made in this way are just as "unsafe" and can be contested by the cardholder if necessary.
The whole usage is pure server commmunications via HTTPS POST requests using a simple JSON payload.
Communcation flow
Services to be implemented
All requests in production require authentication! Please see authentication for details on this.
Mandatory
- createToken → pay
- createToken → pay → reversal
- createToken → pay → pay (with negative amount)*
Optional
- createToken → authorize → settleAuthorization
- createToken → authorize → cancelAuthorization
- createToken → authorize → settleAuthorization → reversal
createToken requires a PCI-DSS compliant caller!
* not all payment providers allow this!
General information
Please refer to General Information
Webservices Reference
Please refer to Webservices
required services for MOTO usecases are shown in services to be implemented
Basic Examples
Sample javascript snippets these can run from the browsers console for demonstration purposes! Please note to keep the examples clean it uses a helper method postData which can be found here.
Feel free to copy and past it in your console!
CreateToken
let token = null
const url = "https://test-token-eu.sihot.com/0000/createToken"
let msg = {
"cardText": "Carsten Wernet",
"datetime": "2022-04-01 10:00",
"hotelID": "1",
"hotelIDType": "SIHOT.PMS",
"resNo": "4711/1",
"serviceProvider": "windcave",
"user": "CWE",
"cardNo": "4242424242424242",
"cardType": "VISA",
"cardTypeCode": "VI",
"currency": "EUR",
"cvc": "123",
"transactionID": "12",
"valid": "2023-03-30"
}
postData(url, msg).then( (e) => {
token = e.tokenNo;
console.log (e)
})
Sample response
{
"tokenNo": "0000040000289815",
"tokenExpiry": "2023-03-31",
"cardType": "4",
"cardTypeCode": "visa",
"cardNo": "424242......4242",
"transactionID": "00000004000aaea1",
"serviceProvider": "windcave",
"returnCode": "0"
}
Payment
This example requires the createToken to be completed in the same session
let transactionID = null
const url = "https://test-token-eu.sihot.com/0000/pay"
let msg = {
"cardText": "Carsten Wernet",
"datetime": "2022-04-01 10:00",
"hotelID": "1",
"hotelIDType": "SIHOT.PMS",
"resNo": "4711/1",
"serviceProvider": "windcave",
"user": "CWE",
"amount": "2000",
"cardType": "VISA",
"cardTypeCode": "VI",
"currency": "EUR",
"text": "Payment",
"tokenExpiry": "2023-03-31",
"tokenNo": token,
"transactionID": "12"
}
postData(url, msg).then( (e) => {
transactionID = e.transactionID;
console.log (JSON.stringify(e));
})
Sample response
{
"cardType": "4",
"cardNo": "424242......4242",
"cardTypeCode": "visa",
"serviceProvider": "windcave",
"transactionID": "00000003004e22ac",
"returnCode": "0"
}
Reversal
This example requires the payment to be completed in the same session
const url = "https://test-token-eu.sihot.com/0000/reversal"
let msg = {
"user": "bo",
"datetime": "2030-06-22 10:10",
"currency": "EUR",
"amount": "1000",
"resNo": "4711/1",
"transactionID": transactionID,
"serviceProvider": "windcave",
"hotelID": "1",
"hotelIDType": "SIHOT.PMS"
}
postData(url, msg).then( (e) => {
transactionID = e.transactionID;
console.log (JSON.stringify(e));
})
Sample response
{
"cardType": "4",
"serviceProvider": "windcave",
"transactionID": "00000003004e22ae",
"returnCode": "0"
}