Frequently asked questions
Only available for Vipps.
Vipps Netthandel (eCommerce) via PSP offers functionality for payments on websites and apps (P2M).
See the PSP API guide for all the technical details.
For general information and questions, please check in the Knowledge base.
API version: 3.0.0.
How can I check if a merchant or sales unit is active?
You can try to initiate payment, specifying the Merchant-Serial-Number
header:
POST:/psp/v3/psppayments/init/
.
If the merchant or sales unit is not active, you will get an error: "Merchant not available or active".
Why do I get errorCode 37 "Merchant not available or deactivated or blocked"
?
This means that the merchant not available or active.
For more details, see the
Knowledge base: Why do I get Merchant unavailable, deleted, deactivated or not allowed to make payments
Why do I get an Invalid MSN
error?
You may get an error like this:
Invalid MSN: 123456. This MSN is not valid for the provided PSP ID.
Check that you are using the correct credentials for the right environment.
This happens if the MSN was created with one PSP ID and you attempt to initiate a payment with a different PSP ID. Although Vipps can help figure this out, it is a time-consuming manual task, and we must ask the PSP to try to solve this on its own.
Why do I get Invalid MSN: 654321. This MSN is not valid for the provided PSP ID.
?
The full error message text is:
"Invalid MSN: 654321. This MSN is not valid for the provided PSP ID. Check that you are using the correct credentials for the right environment."
In addition to what the error message says, this error can occur if a PSP attempts to initiate payments for an MSN that was created by a different PSP. PSP's can only initiate payments for MSNs that are connected to them.
The solution is to create a new MSN with the PSP Signup API.
How can I update the status of a payment?
When the PSP has new information about a payment, it is important to send the new information to Vipps, so the user sees the correct status in Vipps.
The PSP must use the
POST:/psp/v3/psppayments/updatestatus
endpoint to notify Vipps of changes to the payment,
Please note: Vipps processes the information in daily batches. See: Status updates.
How can I get details for a payment?
With the PSP API, the PSP gets network tokens from Vipps (see What is a network token?).
The PSP uses the token to process the payment, and then sends Vipps information about
how it went with
POST:/psp/v3/psppayments/updatestatus
.
Vipps does not have other information about the payment than what the PSP has sent.
The PSP can use
GET:/psp/v3/psppayments/{pspTransactionId}/details
to get the details of a payment, but this will of course be the same
information that the PSP has sent earlier.
Please note: Vipps processes the information in daily batches. See: Status updates.
What is a network token?
Network tokens are payment credentials that replace the card details for online payments.
Every merchant gets a unique token for the card, so a network token can't be shared between businesses. This also means that it's possible to invalidate the token used by one merchant without invalidating the other tokens.
The EMVco token is not considered PCI DSS sensitive. See the EMVco documentation for more.
What is a PAN?
The PAN (Primary account numbers) is the 15- or 16-digit number found on all credit or debit cards. Since PANs are accepted for online payments, anyone with access to the PAN may be able to make payments without the physical card.
A PAN is unique per card, but may be shared between businesses. This means that if a PAN is invalidated, it is invalidated for everyone.
Why do I get No network token available for this Agreement
or similar?
The most common reason for this problem is that the user has a card issuer that does not support network tokens.
Banks can block tokens, for instance if the card is blocked, and are not always great at reactivating them.
It could also be that the user has not added his/her new card in Vipps.
To find out more: Contact the card issuer.
Is there a unique PSP ID for all merchants?
No, the PSP ID is unique for the PSP and used for all the PSP's merchants.
Does Vipps have a test environment?
Yes, please see: The Vipps test environment (MT).
What will be sent in the makePayment()
request if the customer declines the payment, or it times out?
From the
makePayment
specification:
Name | Type | Size | Optional | Values |
---|---|---|---|---|
confirmed | String | 7 | No | YES/TIMEOUT/CANCEL |
What is the correct response to the MakePayment
request?
Continued: "What should be the response when Confirmed
contains TimeOut
or Cancel
-
should paymentInfo.status
be OK
or FAIL
? If it is FAIL", what error code should be returned?
"
It is suggested that you send FAIL
in case of failure either at your end or -
as in this case - at our end.
If Confirmed
contains TimeOut
or Cancel
: Set paymentInfo.status
to FAIL
?
Can you help merchants that have problems with the PSP's use of the PSP API?
Merchants that use Vipps through a PSP must contact the PSP if there are problems. This is because we only provides the payment card token to the PSP, and the PSP is responsible for performing the transaction and then to notify Vipps about how it went.
Simplified flow when using Vipps through a PSP:
- The user selects to pay with Vipps at the merchant.
- The PSP uses the PSP API to initiate a payment.
- The user confirms the payment in Vipps.
- We send the user's payment card token to the PSP.
- The PSP uses the payment card token to perform the payment.
- The PSP uses the PSP API to inform us about how the payment went.
- The user gets a confirmation in their Vipps app.
It is important to understand that we only provide the payment card token to the PSP. We are not involved in the payment process. If there are any problems with the payment, it is the PSP that has all the information about that.
Is it possible to skip the landing page?
Skipping the landing page is reserved for special cases, where displaying it is not possible.
For more details, see Knowledge base: Skip the landing page.
Is it possible to lock the phone number on the landing page?
Yes. This can be done when the merchant has verified the customer's identity. The PSP must support getting the "fixed" phone number from the merchant.
This measure aims to prevent users from sending payment requests to unauthorized recipients, and it is especially useful for selling digital assets or other products susceptible to fraud, such as gift cards and top-ups.
What functionality is included in the eCom API, but not the PSP API?
See Knowledge base: Benefits of direct integration.
What happens if the user navigates back to merchant checkout from the landing page?
If the user does back-navigation in the browser to return to your checkout from the landing page after having submitted their phone number, we will cancel the payment. This is to prevent users from paying for the same order twice. Often when a user navigates back to your checkout it will be to change a minor detail of the order, f.ex. shipping address or method. In these cases, not cancelling the payment would case the user to have two active payments to the same merchant in the app, often with the same amount. To prevent user confusion we therefore cancel the payment on behalf of the user. Please note that if the user does this, you will not be able to reuse the vippsRedirectUrl as the payment is no longer active. You must therefore initiate a new payment and get a new vippsRedirectUrl.