Payment -
Software Development Kit
End-User Authentication V1.1
Date 11/03/09
Document Version 1.8
NS Online Payment SDK
End-User Authentication
Table of Contents
History ...................................................................................................................................... 3
Legal Information .................................................................................................................... 3
Contacts ....................................................................................................................................... 3
Overview .................................................................................................................................. 4
Audience ...................................................................................................................................... 4
What is Netsize End-User Authentication? .............................................................................. 5
Definition...................................................................................................................................... 5
Netsize End-User Authentication notions .........................................................................................5
End-User Authentication process ....................................................................................................6
NOP Test Platform.................................................................................................................... 7
Getting Started ........................................................................................................................ 8
API implementation process ...........................................................................................................8
Requirements ............................................................................................................................... 8
Settings the API methods ........................................................................................................ 9
Authenticate method .....................................................................................................................9
GetUserID method ...................................................................................................................... 12
Appendix ................................................................................................................................ 15
Netsize End-User Authentication localizations ................................................................................. 15
Authentication events .................................................................................................................. 15
Retry Status ................................................................................................................................ 15
Return codes .............................................................................................................................. 16
Connection details to Test platform ............................................................................................... 17
Language ISO codes.................................................................................................................... 18
History
Version Date Comments / Status
1.0 30/06/2006 First version
1.2 06/07/2006 Review of the whole document
1.3 25/07/2006 Update of Appendix section
1.4 01/08/2006 Deletion of countries where Netsize End-User Authentication solution is available.
1.5 09/08/2007 Updates to be documented
Addition of:
• Test platform information
1.6 30/11/2007 • Warning information regarding
the Return URLs
output parameters added by Netsize for implementation reasons.
Update of Test environment URL
Update of:
• Error codes
• URL access
1.7 21/04/2008 • Test Environment URL
Additions of:
• Retry status
• Marketing Use
• Product status, product type and product nature code optional
1.8 11/03/2009 Update of URL to view example of methods (p17)
Legal Information
The information supplied in this document is Netsize S.A. sole property and copyright.
It is intended for strictly informational use. It is not binding and might be subject to changes without
notice.
Any unauthorized disclosure shall be considered as unlawful.
Netsize™ is protected by French, EEC and international intellectual property laws.
All other trademarks quoted are the sole property of their respective owners.
Contacts
NETSIZE S.A.
75, rue d’Anjou Tel: +33 (0) 1 53 05 58 00
75008 Paris Fax: +33 (0) 1 53 05 59 00
FRANCE
http://www.netsize.com
Overview
Part of the Netsize Online Payment Platform
Audience
This document is intended for technical architects and application developers. Readers are supposed to be
familiar with HTTP requests, XML flows and more generally the Web or WAP development.
This API is only available on WAP sites wherever Payment Providers provide automatically End-User
authentication.
For WEB sites, the Customer manages the End-User authentication on his own.
Netsize gets the End-User identity information based on a specific Payment Provider contract.
As soon as the Payment Provider provides a MSISDN, encrypted or not, the Customer can use this API to
get the End-User authentication.
For Payment Providers that do not provide any MSISDN, the Customer shall manage the End-User
authentication on his own to know if he has already subscribed to a service.
This feature is linked to the Netsize Online Payment offer, and can be implemented only within such a project.
As described in the following section, NOP allows integrating NOP API evolutions progressively, without
damaging Customers’ running services thanks to the NOP Test platform.
Accounts
Authentication API uses the same account(s) as those used for other Netsize Online Payment APIs.
AuthenticateExperienceID
Netsize End-User Authentication is a comprehensive single entry point that is able to manage different
channels: WEB, WAP.
AuthenticateExperienceID is a way, for Customers, to define the type of authentication, on a specific
channel.
AuthenticateExperienceID Explanation Comments
Silent WAP Authentication (implies MSISDN This is the only value
10
forwarding). It is transparent to the End-User. authorized.
NOTE: Any technical parameter necessary to run the Test platform is detailed in the Getting Started section.
All details are available in the Appendix section.
Getting Started
API implementation process
This section describes the steps you need to implement to make the Netsize End-User Authentication API
run.
Requirements
The following type of information is necessary to connect to and/or use the Netsize End-User
Authentication API.
1. You provide Netsize with
your HTTP Server IP address to Netsize.
This address, necessary to perform the first request to the Netsize End-User Authentication
platform, is then authorized on the Netsize firewall.
2. Netsize provides you with two types of information, whether you want to run production or test
platform.
1. For Production environment:
one or several login / password parameters, in case you perform billing requests in
different countries;
NOTE: View Security requirements in the following section.
the Netsize End-User Authentication HTTP server address where to perform request.
NOTE: View Appendix section to view some addresses.
2. For Test environment, be aware that the production login/pwd is the same than for production
environment.
Netsize provides you with:
the Netsize Online Payment HTTP server URL where to perform requests in test;
the Netsize Online Payment HTTP server URL where to view examples of methods.
NOTE: View Appendix section to get all necessary details
In addition, Netsize provides you with necessary documentation to perform online payment with
Netsize.
Security requirements
This section lists requirements you shall consider regarding the login/password information and web
service addresses.
Login & password
• Each request of the API needs a login and password.
• End-User Authentication account information is shared with your Netsize Online Payment
account.
• You are responsible to keep this information in a safety place.
• The password has to be encrypted using the SHA1 encryption method.
This method is case sensitive.
NOTE: Customers may find existing algorithm in the System.Web.Security class of
the .NET Framework.
Password to be
SHA1 encryption:
encrypted:
Example 1 Password 8BE3C943B1609FFFBFC51AAD666D0A04ADF83C9D
Example 2 password 5BAA61E4C9B93F3F0682250B6CF8331B7EE68FD8
SSL
Netsize strongly recommends you to connect using SSL since data transferred through Netsize Web
Service are sensitive and confidential.
SSL guaranties the data encryption of the login and password enclosed in each request performed. The
Netsize End-User Authentication SSL server certificate is signed by Netsize.
Synopsis
Authenticate(
[in] string Login,
[in] string Password,
[in] string Lang,
[in] int AuthenticateExperienceID,
[in] string ReturnURL,
[in, optional] int ProductNatureCode,
[in, optional] int ProductTypeCode,
[in, optional] int ProductClassCode,
[in, optional] string OptionalParameter1,
[in, optional] string OptionalParameter2,
[in, optional] string OptionalParameter3
ProductTypeCode Integer A list of values used to identify type of product delivered. Optional
Code Label Code Label Code Label
100 News 106 Home 112 Information
101 Business 107 Food 113 Opinion
102 Sport 108 Gambling 114 Debate
103 Entertainment 109 Search 115 Voting
104 Travel 110 Mobile games 116 Image
105 Shopping 111 Guide 117 Tone
ProductClassCode Integer A list of values used to identify type of product delivered. Optional
Code Label
1 Adult
2 Other
OptionalParameter1 String Field dedicated to your purpose. This field has to be URL Optional
encoded.
OptionalParameter2 String Field dedicated to your purpose. This field has to be URL Optional
encoded.
OptionalParameter3 String Field dedicated to your purpose. This field has to be URL Optional
encoded.
GetUserID method
Description
This request is used to retrieve a UserID from an AuthenticateiID.
Request
GetUserID.dll is an HTTP request where input parameters are given by the POST method.
Synopsis
GetUserID(
[in] string Login,
[in] string Password,
[in] string AuthenticateID,
[in] string Lock
AuthenticateID String The unique transaction identifier received on the Authenticate Mandatory
method.
This field has to be URL encoded.
Lock String The hash key of the transaction identifier. Also returned by the Mandatory
Authenticate method.
This field has to be URL encoded.
AuthenticateEvent Integer Gives detailed information in case the transaction is in status Pending or Not
Authenticated.
See Appendix section for the exhaustive list.
UserIDType Integer Defines what the UserID field contains. It is only filled if Return code is different from
0.
Code Value Explanation / UserID field result
Netsize End-User Authentication cannot get any
0 Unknown End-User identifiers.
Field UserID will be blank.
1 MSSIDN Field UserID should contain a real MSISDN.
2 Encrypted MSISDN Field UserID should contain an encrypted MSISDN.
UserID String Identifies the End-User. This value depends on the UserIDType field.
XML encoded field
MarketingUse String Allow Merchants to use End-user’s MSISDN for marketing cases.
Code Explanation
0 Not allowed to use
1 End-user’s MSISDN use is free
2 Merchant needs to ask End-User’s opt-in before using the MSISDN
MCC Integer Mobile Country Code of the Payment Provider to which the End-User has subscribed.
MNC Integer Mobile Network Code of the Payment Provider to which the End-User has subscribed.
OptionalParameter1 String Optional parameter given as input on the Authenticate method.
XML encoded field
OptionalParameter2 String Optional parameter given as input on the Authenticate method.
XML encoded field
OptionalParameter3 String Optional parameter given as input on the Authenticate method.
XML encoded field
LastReturnCode Integer Last error code returned for this transaction
LastRetryStatus Integer Last retry status associated with the last return code
LastReason String Last reason of the last error code
Appendix
Netsize End-User Authentication localizations
Depending on the End-User country, you will need to connect to corresponding Netsize Web server dedicated
to the Netsize End-User Authentication API.
The following table gives a non-exhaustive list of Netsize Web server addresses.
Country MCC Netsize Web server address
Belgium 206 https://NOPbe.netsizeonline.com/NUA/1.1
Germany 262 https://NOPde.netsizeonline.com/NUA/1.1
Spain 214 https://NOPes.netsizeonline.com/NUA/1.1
Sweden 240 https://NOPse.netsizeonline.com/NUA/1.1
Authentication events
Status Code Authentication Event
1 100 Waiting End-User Access
Pending 101 Pending
2
201 Success
Authenticated
301 Operator Not Found
3 302 User Id Not Found
Not Authenticated 310 Internal Error
320 No End-User Access
Retry Status
The customer should consider following delays as non-binding and should use it to improve retry policy.
Code Reason
0 Retry is not necessary.
1 Merchant can retry within 1 minute.
2 Merchant can retry within 1 hour.
3 Merchant can retry within 1 day.
4 Merchant can retry within 1 week.
5 Merchant can retry within 1 month.
6 Merchant can retry next mandate period (will not be return in Authenticate API).
Return codes
Errors are split in four tables depending on the origin. 0 return code is used as success code.