Difference between revisions of "PCI Friendly API"
m (moved PCI Exempt API to PCI Friendly API) |
|
(No difference)
|
Revision as of 14:40, 3 April 2012
This article is part of the Payment Processing Software Library |
|
Get it... | |
Install it... | |
Connect to it... | |
Set it up... | |
Learn to use it... | |
→ Manual & User Guide | |
Fix it... | |
→ Errors & Troubleshooting | |
Get Help... | |
More Info ... | |
See also... | |
CreditLine Payment Processing Software PA-DSS Exempt API. This site can also be reached at http://docs.911software.com
→ Looking for better rates? Get a Free Credit Card Processing Cost Comparison!
Contents
→ NOTE: PA-DSS EXEMPT is the old name that we are keeping for continuity. Per latest PCI definitions, as long as the cards are physically handled at the store and as long as the POS is using any module to process credit cards, they remain IN SCOPE of the PCI audit. However, a substential reduction of effort can be achieved by using the below technology
This guide is for developers using the DLL
Requirements
These API require version CreditLine version 4.1+
Inventory
To begin with, you will need the following:
- The interface header file CLCAPIW.h located in 911\BIN directory. This header contains the ENTIRE listing of available API.
- The library file CLCAPIW2.DLLlocated in 911\BIN directory.
- CLCUI.ini, CLCUI.exe and PIC Directory in 911\BIN directory.
→ If you use the version 4.1 Build 1101 SP7 and higher, please copy CLCUI.ini, CLCUI.exe and PIC directory to you application folder.
Language Specific Instructions
Visual Basic
- In VB you need to declare all the parameters using the ByVal prefix instead of ByRef. This includes the strings.
- If you would like to use an OCX instead for Visual Basic, you can use CLClient.ocx in the same directory. Another alternative is File Based Communication.
Public Declare Function clcInit Lib "CLCAPIW2.dll" (ByVal ClientName As String, ByVal ServerName As String As Integer)
C++
- The Header file is the regular WIN32 header file. The data type LONG is 32 bit.
- In C, the path has to be of format "C:\\911\\DATA", because back-slash is the escape char
DllImport("CLCAPIW2.dll", EntryPoint="clcInit", SetLastError=true, ExactSpelling=true, CallingConvention=CallingConvention.StdCall)
public static extern int clcInit(string ClientName, string ServerName);
.NET
- For .NET please use clcCs.dll and CLCAPIW2.dll from \911\BIN directory.
- Keep in mind that in C# and any .NET environment for instance, LONG is 64 bit so you have to use int or Integer not LONG ot Long in your definitions.
- The .NET interface is the same as C, with one exception: there is no clc prefix and you have to use an object.
→ Example: the call clcSetMerchantIndex(hObj, index)' is obj.setMerchantIndex(index).
Description
There are three ways, in which CreditLine can help your application eliminate exposure to the payment info:
- Our application pops up a custom UI for accepting and processing credit cards, debit cards or gift cards, so that your application does not have to.
- Recurrent credit card data is accepted, stored and processed through our custom UI, as well.
- Tokenization UI API is used to reference credit card data that is stored and encrypted within CreditLine, instead of your POS.
This way your application can claim that no credit card data is being stored or processed.
- Important Notice: This program was called "PCI Exempt". We changed the name to reflect the new policies of the PCI Council. PCI Exempt used to be a convenient term that Point Of Sale developers use to refer to the practice of tokenization and external UI encapsulation. 911 Software does not have the authority to exempt any vendor from PCI requirements. Please, contact your independent PCI auditor for rules applicable to your situation.
Encapsulation UI
Usage
We added "clcUI" functions in the client dll. For example, you can use clcUISale instead of clcSale. So instead of doing this:
clcSetAccountNumber(); clcSetAmount(); clcSale();
You can do this:
clcSetAmount(); clcUISale();
A screen is going to pop up and prompt the user to swipe the card. This way, the POS application does not have to deal with the credit card data.
Customization
Bitmaps
The following bitmaps in the 911\bin directory can be used to customize the appearance:
- pic_Key_Common.png - buttons
- pic_StoreCard_bg.png
- pic_ScanCard_bg.png
Behavior and Appearance
→\911\bin\clcui.ini file controls the behavior and appearance of the screens.
- Programmatically, the following API controls the UI fields which can be found in \911\bin\clcui.ini file
- clcUISetIniField
- for instance:
clcUISetIniField( "RequireCustomerName", FALSE );
- for instance:
Debit Card Processing
The following API works for both credit cards and debit cards.
For debit card transactions, use clcSetAccountType to set the next transaction as type debit, before calling clcUISale
→ You can bring up a Credit/Debit selection dialog box automatically. To enable, look for CanSelectAccountType switch in 911\bin\CLCUI.ini file. Uncommenting it (removing the leading ;) and setting to YES will bring up the dialog box
Secure UI API
- clcUIAuth
- pop up UI, get cc data and process an auth
ex.clcSetAmount();
clcUISale(); - clcUISale
- pop up UI, get cc data and process a sale
- clcUICredit
- pop up UI, get cc data and process a credit
- clcUIAddTip
- pop up UI, get cc data and add tip
- clcUIVoid
- void transaction
- clcUIStoreCard
- Stores card info in #Secure Storage API. Sets a tag to be pased extracted by clcGetTag() and passed to clcLoadCard for retrieval. Leave the second parameter as "" unless you want to set a custom tag
Gift Card Specific UI API
- clcUIActivate
- activate gift card
- clcUIDeactivate
- deactivate gift card
- clcUIInquire
- gift card balance inquiry
- clcUIAdjustBalance
- gift card balance inquiry
Reporting
- clcGetAccountNum()
- call after transaction such as clcUISale() to get the masked account number back (e.g. 4111xxxxxxxx3567), if needed for reporting purposes
- clcGetCardCode()
- call after transaction such as clcUISale() to get card code defined by the vendor in the Authorization setup of every card type. eg. VISA=VS
→ Other card info, such as Customer Name is available through #Secure Storage API (see Loading Info section)
Recurrent Charges
To store the card for monthly charges, call clcUIStoreCard. This function also pops up a screen for card number input. It then stores the card on 911 CreditLine Server and returns a tag (token) to the POS application.
Then this tag can be used in place of the actual card number:
clcSetTag(); clcSetAmount(); clcSale();
CreditLine offers tokenization of payment info to make your application "PCI Friendly"
Secure Storage API
These are additional storage API that can be used in your POS in conjuction with the UI module or stand-alone.
Storing Info
- clcSetAccountNum → Sets account number for storage (call before clcStoreCard).
- clcSetExpDate → Sets (format: MMYY). Set the expiration date for storage before calling clcStoreCard.
- clcSesSetValue → Use with CLCKEY_CUSTOMERNAME, CLCKEY_CUSTOMERNUMBER, CLCKEY_CUSTOMERZIPCODE to set the customer info for storage before calling clcStoreCard.
- clcStoreCard → Stores card info in storage. Sets a tag to be pased extracted by clcGetTag() and passed to clcLoadCard for retrieval. Leave the second parameter as "" unless you want to set a custom tag.
- clcGetTag → Retrieves the tag set by clcStoreCard
Loading Info
- clcLoadCard → Loads card info from storage. Accepts the tag returned by clcGetTag and set by clcStoreCard.
- clcGetAccountNum → Gets account number from storage (call after clcLoadCard).
- clcGetExpDate → (format: MMYY). Get the expiration date from storage (call after clcLoadCard).
- clcSesGetValue → Use with CLCKEY_CUSTOMERNAME, CLCKEY_CUSTOMERNUMBER, CLCKEY_CUSTOMERZIPCODE to get customer info from storage after calling clcLoadCard.
Deleting Info
- clcDeleteCard → Deletes card info from storage. Accepts the tag returned by clcGetTag and set by clcStoreCard.