Overview of CyberSource payment gateway integration
Zuora supports the following CyberSource gateway integration versions:
- CyberSource, Payment API v2.0
- CyberSource Enterprise Gateway, API v1.97 (to be deprecated on 28 February 2024)
- CyberSource Enterprise Gateway, API v1.28 (to be deprecated on 28 February 2024)
- CyberSource Tokenization
Deprecation NoticeOn 28 February 2024 PDT, we will deprecate the following payment gateway integrations, following changes to Cybersource’s authentication standards:
If you are on one of the preceding integrations, to prevent service disruption, please migrate to the CyberSource, Payment API v2.0 payment gateway integration by following this migration guide before 28 February 2024. We also recommend you to avoid creating new instances of integrations that will be deprecated. For any questions, please contact Zuora Global Support. |
This article describes supported features and limitations for CyberSource v2.0, v1.97 and v1.28 integrations. CyberSource Tokenization is a legacy gateway integration no longer under active development. For details about it, see CyberSource Tokenization.
If multiple instances of CyberSource gateway integrations are active at the same time, all certificates must be valid or payments may fail if an expired certificate is used.
Supported features
The following table provides a quick reference for the supported features. For details about each feature, see the later sections in this article.
Feature | CyberSource, Payment API v2.0 | CyberSource Enterprise Gateway, API V1.97 | CyberSource Enterprise Gateway, API V1.28 |
---|---|---|---|
Supported payment methods |
|
|
|
Support 3D Secure 2.0 | Yes | No | No |
Support Delayed Capture | Yes | Yes | Yes |
Support Level 2 and Level 3 card data | Yes | No | No |
Support stored credential transactions | Yes | No | No |
Support Gateway Options fields | Yes | No | No |
Gateway provider’s API version |
CyberSource WSDL version 1.192 CyberSource Simple Order APIs |
CyberSource WSDL version 1.97 CyberSource Simple Order APIs |
CyberSource WSDL version 1.28 CyberSource Simple Order APIs |
CyberSource production endpoint used for Zuora gateway integration service | https://ics2wsa.ic3.com/commerce/1.x/transactionProcessor |
||
Support Gateway Reconciliation | Yes | No | No |
CyberSource production endpoint used for Gateway Reconciliation service |
|
||
Support Payment Method Updater | Yes (Visa, MasterCard) | ||
CyberSource production endpoint used for PMU service |
|
||
Support non-referenced refunds |
Yes Supported for both Credit Cards and Credit Card Reference payment methods |
Yes Supported for Credit Cards |
Yes Supported for Credit Cards |
Support CyberSource Decision Manager | Yes | No | No |
Ignore AVS result when verifying card | Yes | No | No |
Ignore AVS result during payment with card | Yes | No | No |
Select gateway endpoint | Yes | No | No |
Support one-time payment flow through Payment Pages 2.0 | Yes | No | No |
Supported payment methods
The following table lists the supported payment methods for each CyberSource integration version:
CyberSource, Payment API v2.0 | CyberSource Enterprise Gateway, API V1.97 | CyberSource Enterprise Gateway, API V1.28 | |
---|---|---|---|
Supported Payment Methods |
|
|
|
Mandate creation |
Not Supported After you create a mandate outside of Zuora, you can pass the mandate information to Zuora for verification through the UI or API when creating or updating the payment method. |
Not Supported |
Not Supported |
For more information about setting up payment methods in Zuora, see Define and set up payment methods.
Support for Apple Pay
CyberSource, Payment API v2.0 provides support for Apple Pay. The following credit card types are supported by this gateway integration to create Apple Pay payment method and process Apple Pay payments:
- VISA
- Mastercard
- American Express
- Discover
For more information about setting up Apple Pay on CyberSource, see Apple Pay on Web.
Support for Credit Card Reference Transactions
CyberSource, Payment API v2.0 supports CyberSource tokens. Tokens are used for credit card reference transactions in Zuora. A reference transaction is simply a representation of a credit card payment method without having sensitive payment method information like the credit card number stored in Zuora. The token cannot be used with another gateway, which is why Zuora recommends storing credit card information in Zuora whenever possible.
For tokenized payment methods, you must validate them in Zuora so that payments made with these payment methods are successful. To validate tokenized payment methods, enable the following settings on the CyberSource v2.0 gateway configuration page:
- Verify new payment method
- Verify updated payment method
ACH verification
ACH payment method verification is supported through the ValidiFi account validation service. See Enable the support for ValidiFi account validation for ACH for details.
Support for 3D Secure 2.0
CyberSource, Payment API v2.0 supports 3D Secure 2.0 (3DS2) feature. The following articles provide more information:
- To enable 3DS2, see Enable 3DS2 for CyberSource gateway integration and Zuora’s implementation of 3D Secure 2.0.
- The "Best practices" section in Zuora’s implementation of 3D Secure 2.0 also provides best practices for reducing the possibility of failed transactions due to 3DS2 authentication errors.
- For more information about the configuration fields related to 3DS2, see Set up and configure a CyberSource payment gateway instance.
Support for Delayed Capture
The Delayed Capture feature allows you to authorize the availability of funds for a transaction but delay the capture of funds until a later time. You can use the Create authorization API operation to authorize a payment amount before capturing the payment. Subsequently, you can use Create a payment or Create an order to capture the authorized amount, or use Cancel authorization to cancel the authorization.
CyberSource, Payment API v2.0 supports Delayed Capture for both Credit Cards and Credit Card Reference payment methods. Most authorizations will automatically expire within 5 to 7 days if not captured.
CyberSource Enterprise Gateway, API V1.97 and CyberSource Enterprise Gateway, API V1.28 supports Delayed Capture for Credit Cards.
Zuora also supports capturing authorizations that were generated externally to call the Zuora's Create authorization API operation.
Support for Level 2 and Level 3 card data
CyberSource, Payment API v2.0 supports processing Level 2 and Level 3 credit card data. For more information, see the following articles:
Support for stored credential profiles
CyberSource, Payment API v2.0 includes support for the Stored Credential Transactions framework. For details about the supported payment methods, see Support for stored credential transactions overview. It supports stored credential transactions for the following payment processors only:
- AIBMS
- CyberSource through VisaNet
- Elavon Americas
- FDC Compass
- FDC Nashville Global
- GPN
- OmniPay Direct
- Rede
Support for Gateway Reconciliation
This feature is only available for CyberSource, Payment API v2.0. The following Gateway Reconciliation events are supported:
Payment Method | Supported GR events |
---|---|
Credit Cards |
|
ACH |
|
SEPA |
|
Note that the generated Gateway Reconciliation reports available to you are dependent on the processor you use. See Supported processors for CyberSource Gateway Reconciliation for more information.
Support for Payment Method Updater
You can configure CyberSource Payment Method Updater to keep Zuora and you informed about the changes to the Visa and MasterCard credit card information. For more information, see Configure CyberSource Payment Method Updater.
Supported Gateway Options fields
You can submit additional information to CyberSource by using Gateway Options fields. For details about the fields supported by CyberSource, Payment API v2.0, see Gateway Options fields supported by CyberSource, Payment API v2.0.
Limitation
The CyberSource, Payment API v2.0 integration does not support canceling payments or refunds.