In this section, you will find information about the differences between Netaxept hosted and merchant hosted payment windows. The relevant input and output parameters sent along the Terminal call are described in API section. Read more about the Terminal call >
Payment window options
If webshop is in question, between the Register call (to send all the data needed to complete the transaction to Nets) and the Process call (to send the financial operation to Nets to process the actual payment), the customer is involved, in order to choose the payment method and enter their payment method information. In your Netaxept implementation you can implement this phase in two ways; using either Netaxept or merchant hosted payment window. For most merchants, we recommend using Netaxept hosted payment window. In both cases you need to execute the Terminal call to send the customer to the desired payment window. If you have chosen Call centre, you don't need to implement the Terminal phase at all.
When implementing a payment window, we suggest you to avoid frames including iFrames, especially if your site is not HTTPS. Instead of using frames, we strongly encourage that you integrate Netaxept's terminal design templates that will handle any form of formatting that might be needed, making the payment window indistinguishable from any other page in your website. Read more about Terminal design templates >
Frames are not recommended because:
- Decrease of sales since customers might be worried to pay over unencrypted channel (phishing suspected).
- Password-based 3D Secure ACS servers will not work in a frame because of click-jack attack protection.
- Reloading of the page might lose the initial transaction source URL, forcing customer to prepare an order again (for example, might be a problem when selling tickets with reserved seats).
Netaxept hosted payment window
When using Netaxept hosted payment window, you don't need to process and store card data in your systems, and can thus minimize PCI DSS requirements for this part. Instead, card data is stored in a safe and PCI certified environment at Nets and removed at the end of the life cycle according to PCI DSS requirements. Netaxept hosted payment window can be optimized for desktops, mobile phones and tablets, and also can be highly customized to match your company's visual style. You can for instance switch between one- and two-page payment window, embed a mini version of the payment window on your payment page or define different payment windows for different transactions. Modifications can be done via API or in Netaxept Admin. Read more about two-page, single page and mini layout > and Terminal design templates >
Below you can find a data flow of a transaction where Netaxept hosted payment window is used. When using this option, set serviceType=B in the Register call.
Besides customizing the visual layout of the payment window, you can decide whether you want your customers to select the payment method on your webshop or on Netaxept's payment window.
- Payment method selected in your webshop: If you want the customer to select the payment method on your webshop, send the name of the selected payment method to Netaxept inside the "paymentMethodActionList" parameter in the Register call. In this option, Netaxept's payment window is shown to the customer as one-page mode for card payments. For other payment methods, the payment window is skipped and the customer is directed straight from your webshop to the selected payment method site for finishing the payment process.
- Payment method selected on Netaxept's payment window: You can also forward the customer from your webshop to Netaxept’s payment window where the payment method can be selected. In this option, the customer is directed from your webshop to Netaxept's payment window where the customer will see all the payment methods that are available in your webshop via Netaxept. After the customer has selected the desired payment method, they are directed to the selected payment method site for finishing the payment process. If you want to define the order of the payment methods on Netaxept's payment window, send the "paymentMethodActionList" element in the Register call and list all the payment methods in the desired order. Otherwise, the use of this element is not necessary for this option.
Merchant hosted payment window
If you choose to use your own hosted payment window, you will have a complete control of the layout of the payment window. However, in this case card data is transferred and stored in your systems so you need to implement your solution according to all PCI DSS requirements. PCI DSS (Payment Card Industry Data Security Standard) is a standard created by the card schemes. It requires merchants, payment service providers (like Nets) and card acquirers, to implement solutions that will secure the consumer's card data during a payment transaction, and when saved in a database. Such a solution needs to be validated yearly by external PCI DSS inspectors, at the costs of the ones hosting the solution. If you have more questions about PCI DSS, please contact your chosen card acquirer.
Below you can find a data flow of a transaction where merchant hosted payment window is used. When using this option, set serviceType=M in the Register call. Read more about merchant hosted payment window >