Overview of CyberSource payment gateway integration

Last updated
Save as PDF

Zuora supports the following CyberSource gateway integration versions:

CyberSource, Payment API v2.0
CyberSource Tokenization - no longer under active development

This article describes supported features and limitations for CyberSource v2.0. CyberSource Tokenization is a legacy gateway integration no longer under active development. For details about it, see CyberSource Tokenization.

If multiple instances of CyberSource gateway integrations are active at the same time, all certificates must be valid or payments may fail if an expired certificate is used.

Supported features

The following table provides a quick reference for features supported by CyberSource, Payment API v2.0. For details about each feature, see the later sections in this article.

Supported payment methods	Credit Card/Gift Card/Prepaid Card Debit Card (available through the Zuora UI and SOAP API operations) Credit Card Reference Transactions (Tokenization) Apple Pay ACH - Direct Debit Only SEPA BACS
Support 3D Secure 2.0	Yes
Support Delayed Capture	Yes
Support Level 2 and Level 3 card data	Yes
Support stored credential transactions	Yes
Support Gateway Options fields	Yes
Gateway provider’s API version	CyberSource WSDL version 1.192 CyberSource Simple Order APIs
CyberSource production endpoint used for Zuora gateway integration service	`https://ics2wsa.ic3.com/commerce/1.x/transactionProcessor`
Support Gateway Reconciliation	Yes
CyberSource production endpoint used for Gateway Reconciliation service	`https://api.cybersource.com` `https://api.cybersource.com/reporting/v3/report-downloads` `https://api.cybersource.com/reporting/v3/reports`
Support Payment Method Updater	Yes (Visa, MasterCard)
CyberSource production endpoint used for PMU service	`https://ebc.cybersource.com/ebc/DownloadReport` `https://api.cybersource.com`
Support non-referenced refunds	Yes Supported for both Credit Cards and Credit Card Reference payment methods
Support CyberSource Decision Manager	Yes
Ignore AVS result when verifying card	Yes
Ignore AVS result during payment with card	Yes
Select gateway endpoint	Yes
Support one-time payment flow through Payment Pages 2.0	Yes

Supported payment methods

CyberSource v2.0 supports the following payment method types:

ACH - Direct Debit Only
Apple Pay
BACS
Credit Card/Gift Card/Prepaid Card, including:
- Visa
- MasterCard
- American Express
- Discover
- JCB
- Diners Club
- Hipercard
- Elo
- China Union Pay
Credit Card Reference Transactions (Tokenization)
Debit Card (available through the Zuora UI and SOAP API operations)
SEPA

For more information about setting up payment methods in Zuora, see Define and set up payment methods.

For payment method types including Credit Card, Debit Card, Credit Card Reference Transaction, ACH, and SEPA, the address fields sent to CyberSource are populated based on the following priority order:

Address of the payment method: The address of the payment method takes precedence.
Bill-To address: If no information is available in the payment method address, the Bill-To address is used.
Sold-To address: If neither the payment method address nor the Bill-To address is available, the Sold-To address is used.

CyberSource v2.0 does not support mandate creation. After you create a mandate outside of Zuora, you can pass the mandate information to Zuora for verification through the UI or API when creating or updating the payment method.

Support for Apple Pay

CyberSource, Payment API v2.0 provides support for Apple Pay. The following credit card types are supported by this gateway integration to create Apple Pay payment method and process Apple Pay payments:

VISA
Mastercard
American Express
Discover

For more information about setting up Apple Pay on CyberSource, see Apple Pay on Web.

Support for Credit Card Reference Transactions

CyberSource, Payment API v2.0 supports CyberSource tokens. Tokens are used for credit card reference transactions in Zuora. A reference transaction is simply a representation of a credit card payment method without having sensitive payment method information like the credit card number stored in Zuora. The token cannot be used with another gateway, which is why Zuora recommends storing credit card information in Zuora whenever possible.

For tokenized payment methods, you must validate them in Zuora so that payments made with these payment methods are successful. To validate tokenized payment methods, enable the following settings on the CyberSource v2.0 gateway configuration page:

Verify new payment method
Verify updated payment method

ACH verification

ACH payment method verification is supported through the ValidiFi account validation service. See Enable the support for ValidiFi account validation for ACH for details.

Support for 3D Secure 2.0

CyberSource, Payment API v2.0 supports 3D Secure 2.0 (3DS2) feature for Credit Card transactions, and the support is processor-agnostic. The following articles provide more information:

To enable 3DS2, see Enable 3DS2 for CyberSource gateway integration and Zuora’s implementation of 3D Secure 2.0.
The "Best practices" section in Zuora’s implementation of 3D Secure 2.0 also provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.
For more information about the configuration fields related to 3DS2, see Set up and configure a CyberSource payment gateway instance.

Support for Delayed Capture

The Delayed Capture feature allows you to authorize the availability of funds for a transaction but delay the capture of funds until a later time. CyberSource, Payment API v2.0 supports Delayed Capture for both Credit Cards and Credit Card Reference payment methods. Most authorizations will automatically expire within 5 to 7 days if not captured.

For how to use the Delayed Capture feature, see Payment Authorization in Zuora API Reference.

Support for Level 2 and Level 3 card data

CyberSource, Payment API v2.0 supports processing Level 2 and Level 3 credit card data. For more information, see the following articles:

Support for stored credential profiles

CyberSource, Payment API v2.0 includes support for the Stored Credential Transactions framework and the sharing NTI feature. For details, see Support for stored credential transactions overview. It supports stored credential transactions for the following payment processors only:

AIBMS
CyberSource through VisaNet
Elavon Americas
FDC Compass
FDC Nashville Global
GPN
OmniPay Direct
Rede

Support for Gateway Reconciliation

CyberSource, Payment API v2.0 supports the following Gateway Reconciliation events:

Payment Method	Supported GR events
Credit Cards	Settlement Chargeback Rejection
ACH	Settlement Rejection
SEPA	Settlement Rejection

Note that the generated Gateway Reconciliation reports available to you are dependent on the processor you use. See Supported processors for CyberSource Gateway Reconciliation for more information.

Support for Payment Method Updater

You can configure CyberSource Payment Method Updater to keep Zuora and you informed about the changes to the Visa and MasterCard credit card information. For more information, see Configure CyberSource Payment Method Updater.

Supported Gateway Options fields

You can submit additional information to CyberSource by using Gateway Options fields. For details about the fields supported by CyberSource, Payment API v2.0, see Gateway Options fields supported by CyberSource, Payment API v2.0.

Limitation

The CyberSource, Payment API v2.0 integration does not support canceling payments or refunds.