Integrating Paythru's payment services into your website or app will usually require the use one of our APIs. Let us help you pick the one that's right for you...
An Application Programming Interface is the specification that describes how one computer system or application should communicate with another. There a many different types of API although all of Paythru's APIs may be referred to as 'web services' since the protocol used for communication is HTTP, better known for delivering websites to web browsers. APIs are usually published with documentation describing the functions or 'methods' that are available within the service, the composition of requests to each method, and the various responses that may be returned.
All Paythru's APIs are web services. This means that they primarily use HTTP as the protocol for communication. HTTP requests are usually sent from the merchant's servers to Paythru's servers over a secure connection containing the data necessary for the chosen method, Paythru action the request, then return an HTTP response indicating whether or not the request was fulfilled successfully. For example, a request to conduct a payment transaction using a customer's stored credit card would require a request to be sent containing a reference key relating to the stored card, the currency and value of the transaction, and Paythru's response would contain an authorisation code (provided that the transaction was processed successfully).
Integration to Paythru's APIs will usually require your company to undertake development work on your servers. The development work would typically include a procedure to compose and transmit the request to Paythru including a handler to parse and deal appropriately with the response, as well as the mechanism that triggers the request (such as a 'checkout' button). APIs that require the merchant to host the payment interface will require additional development work, as will integrating with Paythru's callback notifications if required. The Integration work may be carried out on any computer platform/language that is capable of communicating by HTTP over SSL such as ASP.NET, Java, Perl and PHP.
The decision of which of Paythru's APIs is appropriate is usually based on a number of considerations such as:
Paythru's Gateway API is used by merchants who wish to host the entire customer facing payment interface themselves. The merchant is required to capture the payment details from the customer in a secure manner before submitting to the Paythru Gateway API for processing. For card payments, the merchant is therefore required to be certified to the appropriate level of PCI DSS compliance.
Paythru's Enterprise API is used by merchants who wish to redirect their customers to a payment interface hosted by Paythru to achieve a fast integration and minimal PCI compliance obligations. The merchant supplies details of the items to be purchased and Paythru respond with a URL to redirect the customer to. After completing payment (or aborting payment), Paythru redirect the customer back to a URL nominated by the merchant.
Paythru's Client POST API is a hybrid solution as it enables the merchant to host the entire checkout experience themselves yet without becoming exposed to the card data. It is therefore suited to applications where the merchant wishes to build and host the user interface whilst also maintaining minimal PCI compliance obligations.
|Gateway API||Enterprise API||Client POST API|
|Merchant required to handle card details|
|Alternative payment method support|
|Interface hosted by|| |
|Fast return checkout (card storage)|
|Multiple card storage support|
|Offline repeat transactions|
|3-D Secure support|
|Address verification (AVS) support|