Purpose of the document
This document describes the features of the Sogenactif 2.0 solution.
More than just a payment platform, Sogenactif is a true partner in the development of your online business. Since it was created in 1995, Sogenactif has been continually evolving to expand its offering and meet your responsiveness, simplicity and security requirements.
Our solution offers you a simple or advanced mode depending on your use cases.
- Simple integration:
- Standard integration of the payment module
- Integration mode selection to adapt to your specificities
- Help with the integration and daily support
- A modular solution:
- Features at the service of your business (recurring/deferred/partial payment, etc.)
- Autonomous control of features chosen on an à la carte basis
Our platform makes the customer journey smoother in order to optimise the conversion rate.
- Payment interfaces for all situations:
- A unified multichannel experience, regardless of the terminal used (mobile, PC, tablet, etc.)
- Customisation of payment pages
- Services that suit the customer’s needs:
- A wide array of means of payment
- Quick, easy payment with OneClick payment
- Recurring payments
Our platform enables you to control your activity using efficient, secure tools.
- Intuitive business management:
- A single portal for accessing all modules
- A configurable, adjustable anti-fraud module
- A user-friendly transaction management module
- A comprehensive reporting tool:
- Visual dashboards that highlight your performance indicators
- Daily reporting for a better overview of your business
- Banking reconciliation
This chapter briefly describes the Sogenactif interfaces. The latter provide your customer with a unified experience on all channels and easy management of your business.
A specific chapter describes their uses and features in greater detail.
To make our solution easier to use, we provide you with a portal that groups together the following applications, which you can access with a single username and password:
- Home: displays a summary of your data or those of the selected webshop
- Transactions: for viewing and executing operations on a webshop's transactions
- Users: administration of the users associated with you and your webshops
- Fraud: configuration of anti-fraud tools
- Customisation: for customising the look of the payment pages on which customers enter their data
A multichannel solution
Sogenactif is a flexible solution that can adapt to any sales channel: Internet, MOTO, mobile devices and e-mail.
For each channel, Sogenactif has various interfaces that provide you with homogeneous, unified management of your payments.
Sogenactif meets your needs with an array of interfaces that suit your business, your organisation and the option you chose regarding compliance with PCI DSS constraints (see the “Security” chapter).
This choice primarily depends on the hosting you choose for your payment pages:
- Your customer is redirected to the payment page hosted by Société Générale -> Sogenactif Paypage with or without iFrame.
- The payment page is hosted by you -> Sogenactif Office Serveur.
- The payment is made via an application -> Sogenactif In-App.
Requests can be sent 24 hours a day regardless of the interface used.
|Payment page||Sogenactif Paypage||Sogenactif iFrame||Sogenactif Office Serveur||Sogenactif In-App|
|Hosting||Société Générale||iFrame container page: merchant
iFrame content: Société Générale
|PCI DSS compliance||Société Générale||Société Générale||Merchant||Merchant (streamlined)|
|Customisation||Société Générale CSS||iFrame container: merchant
iFrame content: via CSS
|Means of payment||All||CB, Visa, MasterCard, VPay, Maestro, Electron, Amex and Bancontact||Most (cf. means of payment documentations)||CB, Visa, MasterCard, VPay, Maestro, Electron, Amex and Bancontact|
|3-D Secure||Société Générale||Société Générale||Merchant||Merchant|
Transaction management and reporting
Sogenactif enables you to easily manage all your payments regardless of the channels or means of payment your customers use.
Sogenactif Office Serveur enables you to create payment transactions, but also to perform transaction management operations (refunds, cancellations, etc.).
You can also view and manage your transactions through a dedicated extranet, Sogenactif Gestion.
|Sogenactif interface||Transaction creation||Transaction management|
|Sogenactif Office Serveur||Yes||Yes|
|Sogenactif Office Batch||Yes||Yes|
To improve and automate tracking, the following reports can be sent to you:
- Transactions reports
- Operations reports
- Reconciliations reports (depending on the acquirer)
- Chargebacks reports (depending on the means of payment and the acquirer)
Means of payment
Sogenactif assists you in your development in France and abroad thanks to its connections with acquirers in over 40 countries, and its many domestic, international and alternative means of payment.
Interbank and charge cards refer to the cards issued by predominantly international networks. This type of means of payment is the most widely used in the world of e-commerce, with a predominance of the international Visa & MasterCard networks, which coexist with domestic networks (CB for France, Bancontact for Belgium, etc.).
The Sogenactif solution is subject to the European MIF regulation. One of its rules, “Brand Selection”, requires that you let a customer who holds a co-branded card choose the brand at the time of payment. A co-branded card supports at least two brands. Most of the cards issued in France are co-branded with CB (CB/VISA, CB/MASTERCARD, CB/MAESTRO, etc.). By way of illustration, the screen below shows an example of a co-branded CB + Visa card with CB as the default brand. The customer can switch brands by clicking on the link at the bottom of the screen.
Sogenactif enables your customers to use the following cards:
- American Express
Online credit, private cards and gift cards
To enable your customers to benefit from payment facilities, Sogenactif provides online credit solutions and payment facility offers that are or are not affiliated with cards. These solutions are mostly issued by banking networks. Payment facilities options vary according to the solutions and the private networks that issue them.
Sogenactif notably provides you with the means of payment from the following issuers:
Sogenactif also helps you develop customer loyalty by accepting gift cards or electronic holiday vouchers.
The SEPA Direct Debit (SDD) is a means of payment available as part of the SEPA (Single Euro Payment Area), which aims to unify and simplify all means of payment in Europe. It represents a major and essential evolution of payment in Europe. In this context, Société Générale has developed "SPS", a comprehensive platform for managing SEPA mandates and direct debits. The platform is connected to Sogenactif and thus provides a complete SDD solution.
This platform is also connected to the SafeDebit solution, offered by Score & Secure Payment (SSP) and which makes it possible to issue a payment guarantee for SDD chargebacks. You must have a SafeDebit contract with SSP to be eligible for this guarantee.
When paying by bank transfer, the customer is redirected to their online bank so they can pay for their order with this method. The bank transfer offering and processes differ from across countries. This is why Sogenactif provides you with a wide offering:
The wallet is a virtual account for storing money and/or means of payment. Wallets make the payment process smoother.
Sogenactif notably provides you with the following wallets:
The mobile payment market has evolved significantly in the last few years and offers a widely diversified range of solutions.
For example, with Sogenactif, you can propose to your customers to use:
- Bancontact mobile
Thanks to Sogenactif, you can provide your customers with a great variety of payment terms. Some of them are not applicable to all means of payment.
In the case of an end-of-day payment, the authorisation request is sent online during the purchase, and all the transactions accepted during the day are captured at the end of the day.
This mode applies to the means of payment that operate in “dual message" mode (i.e. one message for the authorisation, and another for the capture). It applies especially if you are sure that the products paid for are available on your site, because the customer's account is debited on the very same day.
With deferred payment, you set a maximum capture time in days. The capture is performed in accordance with the selected capture mode:
- In automatic capture mode (or “Cancellation” mode), the transaction is captured when the capture deadline is reached.
- In “Validation” mode, the transaction is captured at any time, when you choose to do so.
Deferred payment enables you to schedule the deadline on which your customer's account will be debited. This deadline can be brought forward if needed.
Payment upon shipment of the goods
In the case of payment upon shipment of the goods, the transaction is captured following your validation. You specify the validity period of your transaction in your request. If you do not validate a given transaction before this period ends, this transaction expires. If you forget to validate the transaction in time, you can submit the transaction again using the duplication operation. You can validate all or part of the transaction amount; however, you cannot validate an amount greater than the initial amount of the transaction.
Payment upon shipment of the goods enables you to debit your customer's account only if you are sure that you can deliver the order.
Payment in instalments
Payment in instalments enables you to create multiple instalments associated with a transaction, in a single payment request.
You can split a transaction into several instalments that will be captured at fixed intervals. In this case, a payment transaction with N instalments generates N transactions, each of which has a distinct ID. Each transaction in the schedule is independent of the others and is subject to a systematic authorisation request, issued on the day the customer is debited. If it is refused, the transaction is not captured and the client will not be debited.
You must be careful when offering payment in multiple instalments:
- There is no guarantee that subsequent instalments will be paid.
- A lost or stolen card or a card with insufficient credit might cause substantial losses for you.
- If the first transaction has been authenticated using 3-D Secure, the following instalments cannot benefit from the liability shift.
- If the authorisation for the first instalment is rejected, subsequent instalments will not be created.
- If the authorisation of one of the subsequent instalments is rejected, the following instalments remain valid.
- If the authorisation of one of the subsquent instalments is rejected following a technical issue (e.g. acquirer authorisation server is unavailable), this instalment will be automatically submitted again on the next day.
Recurring payment enables you to make automatic payments at regular intervals without the customer's presence. Recurring payment is very useful to manage subscriptions.
You can generate a recurring payment from:
- a wallet. The means of payment is already saved and can be reused easily
- an existing transaction. Using the duplication operation you can make recurring payments without having the card number, or you can propose payment when upselling, without any extra data entry by the customer. Duplication can be automated with Sogenactif Office Serveur or Sogenactif Office Batch
- the customer's Primary Account Number (PAN). You can create recurring payments by specifying the customer's PAN. (e.g. card number). However, this process requires that you provide the customer's personal data, thus forcing you to comply with the PCI DSS security standards in force
In the case of immediate payment, the transaction is stored during the online authorisation. This payment term is used more rarely, and only for the means of payment that support the "single message" mode (i.e. single message for both the authorisation and the payment). This is the case, for example, of “online banking"-type methods that redirect the customer to their bank's website.
Batch payment is a deferred exchange of information (in file mode) between you and Sogenactif. It allows you to create transaction and/or operation files and then upload them to a secure Sogenactif FTP Account.
It is therefore different from a number N of information communicated in real time (transaction mode).
The wallet aims to:
- simplify the online payment journey with One Clic payment
- make subscription payments without PCI DSS constraints
The Sogenactif wallet supports multiple channels, merchants and means of payment:
- Multiple channels: a wallet can be created and used with different types of interfaces, thus adapting to the customer journey
- Multiple stores: the customers’ IDs and their stored cardholder data can be shared by several stores of the same merchant
- Multiple means of payment: the wallet supports several of means of payment
The data of the means of payment are directly supplied by the customer and stored by Sogenactif. Therefore, you do not have to convey them, which frees you from PCI DSS constraints.
The table below describes in detail the options available in the wallet for every interface:
|Interfaces||Create a wallet||Delete a wallet||Add a means of payment||Delete a means of payment||View wallet data||Pay with a wallet|
|Sogenactif Office Serveur||Yes
|Sogenactif Office Batch||Yes
The One Clic option facilitates and speeds up the customer journey during online wallet payments via the Sogenactif Paypage interface.
When they make their first purchase on your site, the customer can opt for this payment facility by checking the relevant box. You must first specify, in the payment request, a wallet ID to be created.
If the customer decides to use the card means of payment of the Visa / MasterCard networks, and you are enrolled in the 3-D Secure programme, the cardholder is authenticated when the card is saved.
If you provide the wallet ID when making future purchases on your site, the One Clic payment will be offered to the customer. The default means of payment already stored in the wallet is offered. The customer can confirm it, choose another means of payment stored in the wallet, or decide to pay with a new means of payment that they can also save. This solution complies with the PCI DSS standards since the means of payment are stored by Sogenactif in a PCI DSS-certified environment.
Using strong authentication and the 3-D Secure programme on One Clic processes can lead to a more seamless custom experience by not requesting your customer to enter their card security code on the payment pages (available for the CB/VISA/MASTERCARD means of payment and provided that your acquirer supports this feature).
The saving and management of the wallet by the customer can be dissociated from the payment process.
You can redirect your customer to the Sogenactif Walletpage pages where they can save one or more means of payment online without having to make a purchase. The customer can also access the Sogenactif Walletpage pages to view, modify or delete the means of payment already saved. The Sogenactif Walletpage pages share the same graphic charter as the one defined for the Sogenactif Paypage pages, which makes customisation easier for you.
The wallet also makes recurring payments easier. You can use it to make payments without the customer's presence while freeing yourself from PCI DSS constraints. These payments can be made in bulk using the Sogenactif Office Batch connector.
Sogenactif can accept all currencies provided that your acquiring contract accepts them. This contract enables payments to:
- either be converted into a single currency when your account is credited
- or be created in the acceptance currency, which is displayed to the customer
Payment in the merchant's currency
During the acceptance phase, Sogenactif sends the currency code in the authorisation request and in the transactions captured by the acquirer. The acceptance process is carried out using the original currency (currency of the holder’s card). When acquiring (capturing) payments, if your payment is made in Euros, the acquirer makes the conversion into Euros. The conversion details are provided in the Reconciliations reports (depending on the acquirer).
Payment in the original currency
During the acceptance and acquiring phases, the process is carried out in the original currency (currency of the holder's card). No currency conversion is performed. The various amounts (gross, net, and commissions) are specified in the original currency in the Reconciliations reports (depending on the acquirer).
Dynamic Currency Conversion (DCC)
Sogenactif provides a DCC service that enables the customer to pay in a currency other than those you accept, which helps improve the customer journey. The customer knows the initial amount and the invoice amount, including the exchange rate applied by the changer.
Detect a risk of fraud with the Go-No-Go solution
The Go-No-Go solution makes it easy to limit the risk of fraud. This solution is based on checks that block the transaction if needed.
Sogenactif offers two modes:
- Go-No-Go -> the most common checks (18 rules)
- Go-No-Go + -> extra checks (72 rules)
An interface accessible from the Portail Sogenactif enables you to directly configure the checks that should be performed, in accordance with your business. The checks added or modified from this interface are effective immediately.
Assign scores to your transactions with the Business Score solution
The Business Score offering enables you to calculate a score for each transaction. This overall score is based on the weights you defined for the checks. A colour score is assigned to the transaction, based either on this overall score or on the use of decisive rules:
- Black or white -> the decision is made without taking into account the overall score, which is only informational
- Red, orange or green -> the decision is made from the overall score of the transaction, which is compared to the orange and green thresholds that were defined
The colour code is as follows:
- White -> the transaction is authorised because a decisive rule has given a favorable result
- Green -> the transaction is authorised because of its score
- Orange -> the transaction is authorised because of its score, unless the webshop configuration allows orange scores to be blocked. In this case, the transaction remains blocked until you have checked it (see "Challenge" operation)
- Red -> the transaction is not authorised because of its score
- Black -> the transaction is not authorised because a decisive rule has given an unfavorable result
An interface accessible from the Portail Sogenactif enables you to directly configure the checks that should be performed and their weights in accordance with your business. The checks added or modified from this interface are effective immediately.
Benefits of 3-D Secure and of safekey
Thanks to the 3-D Secure service (referred to as "CB Paiement Sécurisé", "Visa Secure", "MasterCard Identity Check" and "American Express Safekey" by CB, Visa, MasterCard and American Express, respectively), the cardholder is also authenticated as part of the payment transaction. The bank that issued the card and the network (CB, Visa, Mastercard or American Express) are involved in this authentication.
The programme has several advantages:
- The customer makes the payment secure by providing their bank with additional data.
- You are sure that your customer is indeed the cardholder since they have been authenticated by their bank.
Authentication via 3-D Secure is fully integrated into the Sogenactif Paypage interface and requires no additional development for you. With the Sogenactif Office Serveur interface, you can have us process both the authentication and authorisation flows, or only one of them (the other one may be handled by another PSP).
For this type of transaction, you can benefit from the payment
guarantee under conditions that depend on the banking regulations in
force. The liability shift which you benefit from is specified in the
GuaranteeIndicator field of the
Sogenactif reports. It is not systematic and must not
replace the anti-fraud checks you set up. An excessive rate of chargebacks
might jeopardise your acceptance of means of payment.
Moreover, 3-D Secure cannot handle all payment processes. 3-D Secure cannot be used for:
- deferred payments of more than 6 days
- payments in multiple instalments or captured in multiple instalments
- recurring transactions (e.g. created through the duplication function)
- non-Internet payments (manual entry by the merchant, created by the merchant, etc.)
Transaction management consists in creating or modifying a transaction carried out using Sogenactif. The transaction management tools enable you to perform operations on transactions up to 18 months after their creation (period during which the transactions are stored in the database). Sogenactif provides three management interfaces: Sogenactif Gestion, Sogenactif Office Serveur and Sogenactif Office Batch.
The available features enable you to optimise your management and improve the service provided to customers (e.g. debit upon shipment of the goods).
These management interfaces allow for:
- the total or partial cancellation of transactions before they are captured
- the total or partial validation of transactions so they are captured
- the total or partial refund of transactions that have already been captured
- the creation or duplication of transactions
Some means of payment may have management rules that do not allow all transaction management operations.
A transaction is identified by a unique reference per shop. This reference is valid throughout the transaction life cycle. This reference enables you to manage your payments. It is accessible on all the interfaces, reports and reporting tools at your disposal.
Creation of the transaction
In a payment request, you choose the payment options that best suit the services you want to provide your customers with.
||Type of payment (one shot, initial payment, recurring payment, etc.)|
||Order channel used (Internet, MOTO, Fax, etc.). Internet is the default. The use of this field must match the conditions defined in the acquirer contract.|
||Transaction anti-fraud rules settings allowing you to dynamically customise the rules saved in your shop configuration.|
Transaction capture mode:
||Capture time before the transaction is captured. This time
is set in days. It makes it possible to provide same-day (
This feature makes it possible to cancel the transaction fully or partially before capturing it. Partial cancellation enables you to modify the amount to be captured. This feature is useful if you need to make sure the products are in stock.
If a customer has ordered several products, you can partially cancel the amount for an unavailable product to debit the customer's account only with the amounts of the products actually delivered.
The cancellation of a transaction must take place before this transaction is captured. If the transaction has already been captured, cancellation is not possible. You can still refund your customer fully or partially.
A transaction in instalments can be cancelled, as long as the day on which the payment is due is not reached and the transaction balance is not null. In the case of a partial cancellation, the transaction balance automatically goes into payment when the capture deadline expires.
When a cancellation is requested, the Sogenactif server checks two parameters:
- amount -> you cannot cancel an amount greater than the original amount of the transaction
- capture deadline -> this parameter was defined at the time of the authorisation request. When this deadline is exceeded, the transaction is captured and can no longer be cancelled
A request for an adjustment to the authorisation limit of the cardholder's card is made if this functionality is supported by the acquirer.
The validation feature makes it possible to trigger the transaction capture. It thus enables you to provide deferred payment by debiting your customer’s account when the purchased products are shipped. When the “Validation” mode is chosen, each transaction must be validated so it can be captured. If you do not validate a given transaction before its capture time expires, this transaction expires. It will then be impossible to capture it. If you fail to validate the transaction in time, you will be able to submit the transaction again through the duplication operation. You can validate all or part of the transaction amount. The validated amount will be paid on the day it is validated. You cannot validate an amount greater than the original amount of the transaction.
A refund makes it possible to credit the account of a customer who has previously been charged (product not received, unavailable, damaged, return, etc.). The refunded amount is credited to the customer's account, and the same amount is debited from your account. The refund is captured on the same day as the operation. You can refund a customer up to 18 months after their order. You can make as many partial refunds as you want as long as you do not exceed this 18-month maximum period and the cumulative amount of refunds does not exceed the amount of the original transaction.
A feature makes it possible to prevent the refund of a transaction whose status is "chargeback". This status appears on the extranet.
You can create a new transaction from an old one if you know its reference. The duplication of a transaction is possible up to 18 months after its creation date and within the limit of the expiry date of the means of payment. The transaction created during the duplication phase is a new transaction, all characteristics of which can be changed except for the card information, which you do not need to store in your information system. A transaction created by means of a duplication can in turn be duplicated. The duplication of a transaction results in a new authorisation request based on the payment data (card number, account number, etc.) corresponding to the original transaction. The outcome of the duplicate transaction does not depend on the outcome of the original transaction: if the original transaction was rejected, it may be accepted after duplication, and vice versa. A transaction associated with a payment in multiple instalments can be duplicated. The payment for this new transaction will be made in one single go.
Duplication thus enables you, for example, to rectify a transaction that was not validated because of an error or oversight, or a transaction that was rejected.
If you use the Scoring solution, each transaction is analysed and evaluated through numerous criteria to establish a score. The “Challenge” function enables you to check the fraud risk of transactions with orange fraud scores. Depending on the level of tolerance decided by your analysts, the transaction will be accepted or rejected:
- transaction accepted -> the life cycle of the transaction resumes
- transaction rejected -> the life cycle of the transaction is interrupted; it is not captured even if a validation operation has been performed or if the capture date has been reached
The operations affect the status of the transaction. The following diagram shows all the possible statuses of a Visa or MasterCard transaction life. This diagram is the most comprehensive one; however, depending on the means of payment, the life cycle can be much simpler.
|CANCELLED||The transaction has been totally cancelled by the merchant.|
|CAPTURED||The transaction has been captured by the acquirer.|
|CREDITED||The transaction has been totally refunded by the merchant.|
|EXPIRED||The transaction has expired.|
|REFUSED||The transaction has been rejected.|
|TO_AUTHORIZE||Awaiting new authorisation request before capture.|
|TO_CHALLENGE||The transaction is to be verified by the merchant following an orange fraud score.|
|TO_CREDIT||Awaiting capture to credit the customer's account.|
|TO_REPLAY||Awaiting new authorisation request before capture.|
|TO_VALIDATE||Awaiting the merchant's validation before capture.|
Capture, which consists in crediting your account and debiting the customer's (or vice versa in the case of a refund) is triggered by Sogenactif every night. Then each bank is free to credit your account on a given value date. The payment of your transactions depends on the chosen capture mode (validation, cancellation or immediate) as well as the capture time you have specified.
The Sogenactif reporting is feature-packed. Several tools enable you to track the transactions made on your shop: automatic and manual responses, the Transactions and Operations reports, the transaction viewing tool (Sogenactif Gestion), the Reconciliations report, and the Chargebacks report.
Sogenactif sends notifications to you and your customer.
When you use Sogenactif Paypage, you are informed in real time of the response to the transaction. The manual response is sent to you when the customer is redirected to your site after the payment or wallet management. On the other hand, the automatic response is sent whether the customer returns to the shop or not. Besides, if your server is temporarily unavailable, multiple attempts to send the response are made (for more information on this option, please refer to the 'Online reporting > Automatic response' section of the functionality set-up guide). In addition, you can request an e-mail confirmation, which will enable you to compensate for any loss of Internet connection. The e-mail confirmation will be identical to the one possibly sent to the customer.
If you so wish, the customer can receive, in addition to the payment receipt, an e-mail or text message receipt that confirms the outcome of the transaction. Of course, the receipt sent via e-mail can be customised. It can be sent in plain text or HTML format, and can include images. The receipt sent via text message is shorter. It includes the most important information of the transaction and can be useful in the case of a payment via Sogenactif Paypage, since the customer did not necessarily provide an e-mail address. In addition, for Web and Mobile solutions, a button on the receipt page enables the customer to return to your shop. If this action is performed, Sogenactif will send you the result of the transaction again so you can adapt your page content. You can thank the customer for their purchases or, conversely, suggest another means of payment to them.
To know the detailed status of a transaction, you can also send a diagnostic request on it. This request can be useful, especially if you have not received a manual or automatic response.
To improve transaction tracking, you can also view the payments made on your webshop, through Sogenactif Gestion.
You can view:
- a single transaction from its number, the PAN, and the transaction date
- a transaction list, based on a set of criteria (transaction number, date, merchant reference, transaction status, card type, currency, etc.). The results page enables you to view all the information related to a specific transaction
For most merchants, reports are sent once a day between 4:00 a.m. and 6:00 a.m. This information is usually sent as an e-mail attachment in CSV format. The data may also be sent via FTP, for large files for example. When your files regularly exceed 10 MB, we recommend choosing the FTP sending mode.
The Transactions report informs you of all the payments made on your site (whether they were accepted or rejected). From this report, you can decide to deliver all the orders the payment of which was accepted.
The Operations report informs you of the evolution of the transactions life cycle. The report includes the list of cash management operations (validation, refund) as well as the captured transactions if you so wish.
This report is the result of the reconciliation between the transactions stored by Sogenactif and the payment results returned by the acquirer or the financial institution after the transactions were captured. Sogenactif processes these results to enrich the acquirer’s data with the Sogenactif context of the transaction (transaction number, merchant-specific references, etc.). This report lets you know whether each transaction was actually credited by your acquirer/banking institution. The Reconciliations report consolidates the financial view of the various means of payment accepted by your shop.
This report is the result of the reconciliation between the transactions stored by Sogenactif, and the chargebacks (for example due to a customer dispute) reported by the acquirer or the financial institution. This return flow is processed by Sogenactif to enrich the acquirer's data with the Sogenactif context of the transaction (transaction number, merchant-specific references, etc.). Thus you get detailed chargeback information and you can manage your customer reminders accordingly.
Expired cards report
This report includes all the cards saved in your wallets and that will expire within a specific period of time (between one and three months).
Payment pages hosted by Sogenactif: Sogenactif Paypage
Sogenactif Paypage is an interface that supports the global payment process in a secure way. From the page used to select the means of payment to the display of the receipt, the entire data entry is carried out by Sogenactif servers, thus guaranteeing simplicity and security. Sogenactif Paypage includes all Sogenactif features already available on the Web and is enriched with new multichannel media: touchscreen tablets, interactive TVs, ATMs/banking machines, etc.
Choice of means of payment
By default, Sogenactif displays the logos of the means of payment you set up on your site. Thanks to the transaction details (basket amount, foreign customer, etc.), and if you so wish, you can then display a reduced list of means of payment (e.g. credit cards, PayPal). If you only accept bank cards as means of payment, this intermediate page is then "bypassed" and the payment information entry page is displayed directly.
By default, Sogenactif displays the payment receipt and specifies the important data of the transaction (amount, reference, authorisation number, etc.). You can, however, display the receipt directly on your site.
Mobile phone payment application: Sogenactif In-App
If you have developed a specific mobile application to provide your customers with a fully integrated journey perfectly adapted to the laptop/tablet environment, Sogenactif provides its mobile SDK tool. This tool enables your application to easily accept means of payment and optimise your customers’ shopping journey, in a secure environment that complies with the PCI DSS standard. Sogenactif In-App is compatible with iOS and Android environments.
Transactions and operations in message mode: Sogenactif Office Serveur
Sogenactif Office Serveur is an interface that works through a server-to-server dialog. It enables you to manage your own payment pages as well as your own management interface. This interfacing mode provides you with numerous advantages:
- There is no need to install and run an application on your infrastructures, which makes your system more flexible and reduces deployment time.
- Exchanges are based on standardised protocols widely used on the Internet; therefore, interfacing the systems is easier and quicker.
- The services are associated with a versioning system that can update them in a completely seamless way for the merchant systems that connect to them.
If you use Sogenactif Office Serveur for payment, you have chosen to capture your customers' payment data yourself before sending this data to Sogenactif Office Serveur. Therefore, you will have to develop the interfacing with your customers, and handle the security and regulatory aspects accordingly.
For cash management, operations (refunds, cancellations, etc.) are always carried out using transaction aliases, which enables you not to use or keep sensitive data (card numbers, account numbers), thus freeing you from PCI DSS constraints.
File-based transactions and operations: Sogenactif Office Batch
The Sogenactif Office Batch interface enables you to build transaction and operation files, and then upload them to a secure FTP account. Sogenactif Office Batch notably enables you to perform mass cash management operations, but also recurring payment and subscription.
It must be noted that the syntax of Sogenactif Office Batch and Sogenactif Office Serveur requests is almost identical. When constructing requests, only the specificities due to the technical interfaces will differentiate them. This greatly facilitates the transition from one to the other for complementary uses.
Merchant Extranet: Sogenactif Gestion
Sogenactif Gestion is a secure Web interface (https).
You only need some basic Internet access. You connect via the Portail Sogenactif.
You can do some cash management or trigger a payment. The latter function is especially useful if you take orders over the phone or receive purchase orders.
Comparison between Sogenactif Paypage and Sogenactif Office Serveur
|Criterion||Sogenactif Paypage interface||Sogenactif Office Serveur interface|
|Functional scope||Transaction creation only.||Transaction creation and cash management. Please note you can use Sogenactif Paypage for payment and Sogenactif Office Serveur for cash management.|
Benefits from PCI certification because the payment process is outsourced to the Sogenactif servers.
You do not have to know the customer's PAN.
|In the case of transaction creation, payment pages
management is done on your premises; therefore, you are subject to
the PCI DSS certification.
Tip: you can limit your scope by not storing any PAN information in your information system (e.g. by replacing the PAN with a wallet ID or a hashPan).
|3-D Secure||3-D Secure process handled by Sogenactif and seamless for you.||
You drive the 3-D Secure authentication process.
You may also use Sogenactif and another PSP to process your authentication and authorisation requests, dispatching them as you need.
|Integration effort||Plug & Play solution that is easy to integrate.||Solution that requires more development work: payment on the merchant side with management of the payment pages|
|Adding a means of payment||No development work for you in most cases.
Note: sometimes, you must fill in specific fields in the payment request in order to benefit from the options of the means of payment (e.g. PayPal).
|Development work is required to integrate the means of payment (process management, page management, etc.).|
|Customer journey||Limited difference between your website and the payment server through your customisation (CSS, URL) of the payment pages.||No difference between your website and the payment server.|
|Integration into your IS||Interfaces with your shop.||Interfaces with your shop for transaction creation and/or your Back Office for cash management.|
|Reporting||Standardised reporting.||Standardised reporting.|
Page customisation tool: Sogenactif CustomPages
Sogenactif CustomPages is a Web interface that enables you to customise the pages hosted on the Sogenactif server. With this tool you can:
- customise your payment pages in accordance with your graphic charter
- customise your wallet management pages in accordance with your graphic charter
- preview the look of these pages
- trigger the installation of your customisation elements (CSS, images, header, footer) into the production environment
PCI DSS programme
PCI DSS is an international security standard that aims to ensure the confidentiality and integrity of cardholders’ data, and thus to secure card and transaction data. Merchants as well as payment providers must comply with it to varying degrees depending on the importance of their business. Sogenactif solution has been PCI DSS-certified since 2006. You are also required to comply with this security standard. We suggest you discuss this subject with your acquiring institution.
With Sogenactif, you can operate on multiple channels (Internet, phone, mobile) and provide payment facilities, payment by subscription or in instalments without having to know cardholders’ sensitive data. This greatly facilitates your PCI DSS certification process.
Sogenactif helps merchants, as much as possible, to comply with this standard:
- through the Sogenactif Paypage interface -> the merchant does not know the cardholders’ data
- through the very advanced customisation offered on these payment pages secured by Sogenactif, from graphic customisation to that of the payment URL
- through the payment facilities proposed (payment deferred until shipment, payment in instalments) from a transaction ID
- through the recurring payment features available
Sogenactif offers several payment securing techniques:
|Technique||Description||Benefits||Shortcomings||PCI DSS Self-Assessment Questionnaire|
|Payment via Sogenactif Paypage.||
|Payment via Sogenactif Paypage iFrame.||
|MOTO payment via Sogenactif Paypage.||
|Payment via Sogenactif Office Serveur.||
|Payment via Sogenactif In-App.||
|MOTO payment via Sogenactif Gestion.||
Security of exchanges
The security of Sogenactif is based on four essential pillars:
- merchant authentication
- authorisation request made to the cardholder’s bank
- confidentiality of the data, which is transmitted on the Internet in an encrypted form (card number, validity date, etc.)
- data integrity to prevent any alteration of the messages exchanged
In order to secure the online payment process, you share a secret key with Sogenactif, which enables the latter to authenticate you when you call Sogenactif Paypage.
You are responsible for preserving this key and you must take every appropriate measures to:
- save it in an encrypted form
- never copy it to a non-secure disk
- restrict access to it
- never send it using a non-secure method (electronic or postal mail)
A secret key compromised and used by a malicious third party would disrupt the standard operation of the shop, and could notably generate unjustified transactions on your site or cause transaction management operations (e.g. refunds). Also, in case the key is compromised, you are required to ask as quickly as possible for its revocation and renewal from our customer support.
To implement Sogenactif, you must first sign contracts with various acquirers or service providers.
You will then have to choose your connectors and integrate them so you can connect your merchant site to the Sogenactif payment server.
After a test phase, you will be able to open your site to the public and enable your customers to make purchases and pay for them.
The use of Sogenactif requires that you first sign one (or more) acquiring contract(s) with acquirers, or banking or financial organisations, according to the means of payment of your choosing.
For the implementation of 3-D Secure, a three-party agreement is required between you, the acquirer and Société Générale.
To accept multiple currencies, you must contact your banking or financial institution. Sogenactif supports the most commonly accepted currencies in the world.
This guide includes an interface comparison table that enables you to choose the interfaces adapted to your specific characteristics.
Depending on the chosen interface:
- You will need to implement the communication between your server (Front Office and/or Back Office) and Sogenactif. This implementation is detailed in the connector guides.
- You (or your service provider) must comply with the PCI DSS regulation.
Tests and go-live
Shops are always registered with your actual merchant ID; however, in the test environment, you use an ID and a secret simulation key provided in the documentation and shared by the various merchants. This test environment, also called simulation mode, enables you to validate your developments and thus the integration of connectors between the website and the payment platform. At the end of these tests, your shop is activated in the production environment.
Find out more
The following guides will provide you with further information for an even more advanced implementation of the Sogenactif solution. This is not a comprehensive list.
|Guide||Why read it?|
|Data Dictionary||This guide provides you with the definitions and values of connector and report fields.|
|Functionality setup||This guide explains how to implement Sogenactif features.|
|Reports description||This guide describes the content of the reports sent by Sogenactif.|
|Sogenactif Paypage eShop customisation and Sogenactif CustomPagesPayment pages customisation toolCustomPages||These guides explain how to customise your payment pages so their graphic charter is similar to the rest of your site.|
|One Clic payment||This guide describes the One Clic solution that enables your customers to pay with one single click without having to re-enter their card data.|
|"Confirmation de paiement par email"||This guide explains how to implement the "Confirmation de paiement par email" solution that enables you to send your customers payment notifications via e-mail or text message.|
|Sogenactif Téléchargement||This guide explains how to download the documentation and your secret key via the Sogenactif Téléchargement extranet.|
|Sogenactif Gestion||This guide describes all the cash management actions you can perform through the Sogenactif Gestion.|
|Fraud risk management - Go-No-Go and Business Score||These guides explain the operation, configuration and use of the Go-No-Go anti-fraud engine and the Business Score system. They enable you to define the fraud acceptance rules you want to set up during payments.|
|Sogenactif Paypage and Sogenactif Office Serveur||These guides describe and explain how to implement the full set of Sogenactif connector options.|
|Means of payment integration guides||These guides exist for each means of payment and describe in detail their specific characteristics, life cycles and processes.|