Original Oracle EBS R12 Connector Document For Venkati SR

CardConnect
Oracle Payments R12 Connector Document

Version: 5.4/December 2016
DISCLAIMER
The CardConnect Gateway™ is a product of Cardconnect.
All other product and company names mentioned herein are the trademarks of their
respective owners.
This publication is for informational purposes only and its content does not represent a
contract in any form. CardConnect reserves the right to alter product documentation
and specifications without notice.
If you have any questions about this publication or the product it describes, or if you
require any additional copies, please contact CardConnect at:
CardConnect
1000 Continental Drive
Suite 600, King Of Prussia, PA 19406
USA
Telephone Number: 1-484-581-2200
Fax Number: 1-484-581-2201
Copyright © 2014, CardConnect™. All rights reserved, including those to reproduce this
publication or parts thereof in any form without permission in writing from
CardConnect™.
Table of Contents
Introduction 2
Technical Database Configuration 4

Oracle Wallet Manager.........................................................................................4
Oracle ACL for CardConnect................................................................................10
Oracle Payments Security Options......................................................................11
Oracle Payments Profile Options........................................................................13
Oracle Payments Credit Card Ranges..................................................................14
POODLE Vulnerability SSLv3................................................................................15
BEPKEY Patch for Multiple MIDs per BEP (R12.1 only).......................................15
Custom PSON Formatting Patch..........................................................................16
Technical Networking Configuration 17

Firewall Rule Configuration.................................................................................17
Proxy Authentication Rule Configuration............................................................17
Oracle EBS Functional Configuration 18

Gateway Model Setup.......................................................................................................18
Oracle Payments Profile Options........................................................................18

Verify Payment System Setup.............................................................................18
Verifying Payment System Account Number......................................................21
Verifying Payee Definition...................................................................................22
Processor Model Setup......................................................................................................25
XML Publisher Format Template Setup...............................................................25

Format Setup.......................................................................................................26
Transmission Configuration Setup......................................................................27
Payment System Setup........................................................................................29
Adding Payment System Account Numbers........................................................30
Funds Capture Process Profiles Setup.................................................................31
Payee Definition..................................................................................................33
Level 2/Level 3 information.................................................................................34
Routing Rules.....................................................................................................................35
Oracle Payments Transaction Testing 36

Funds Capture Process Manager.........................................................................36
R12 Oracle Payments Connector Document 1

Copyright 2014. CardConnect™. All rights reserved
Logging and Debugging.......................................................................................41
CardConnect UI -> Authorizations.......................................................................43
Appendix A – Sample PSON Customizer Code 46
Appendix B – Oracle Payments Field Mapping 47
Appendix C – CardConnect Response Codes 48

Transaction Response Codes...............................................................................48
Address Verification Response Codes.................................................................48
Change History 49
I NTRODUCTION
The CardConnect Gateway™ is a payment card middleware solution from CardConnect. The
CardConnect Oracle Connector integrates Oracle E-Business Suite systems with the CardConnect
gateway for payment card processing. The connector fully implements the payment card
gateway model as defined by Oracle Corporation within their EC Application Servlet
specification.
This document is intended to guide the reader(s) through the functional and technical setup
steps to fully install, test and debug the CardConnect solution. Each of the following sections
will clearly indicate the access required.
The following list of items represents an inventory of files and information provided by the
CardConnect team to complete your installation:
 R12 Oracle Payments Connector document (this document)

 TnxCustomizer_ppg.java
 LOADIBYCCRANGES.sql (see related section)
 CardConnect site certificate
 CardConnect hosted server name
 Test token number
 At least 1 merchant id
 CardConnect gateway UI username and password
 XXPPS_PSON_CUSTOMIZER.sql

Best Practice: Please be sure to perform a backup of your system before applying an of the
changes in the document.

T ECHNICAL D ATABASE C ONFIGURATION
This section of the document covers configuration steps to be performed by a DBA who will
require the following levels of access:
 Username/password for the UNIX owner id of the Oracle database (oracle)

 Location and password for the Oracle wallet
 Username/password for the UNIX owner id of the EBS application owner (applmgr)
 Payments Setup Administrator responsibility
 System Administrator responsibility
O R A CL E W AL L E T M A NA G E R
During Oracle Payments transactions like authorization and capture, your EBS database server
quite literally becomes a “client” to the CardConnect gateway. This is evidenced by the
construction of a URL that equates to an HTTPS request from the EBS database to CardConnect.
And whereas your browser has the ability to “negotiate” an SSL handshake, exchange
certificates and establish a connection to a webserver, your EBS datatbase is unable to perform
this dynamically.
To satisfy this requirement (as well as others), Oracle has designed a solution so that you can
intall or import the SSL certificate for the remote server (CardConnect, in this case) into a
truststore locally on your EBS server. This truststore called a “wallet” then provides the basis
for secure communications when needed. Importing an SSL certificate into the Oracle wallet is
typically performed by your DBA as the “oracle” database userid. The next section of this
document provides some guidance for importing a certificate.
This section of the document illustrates one possible use of an X environment to establish a
connection to your EBS for the purpose of importing a certificate. You environment may vary.
LOCATE THE CERTIFICATE

Download or obtain a copy of the certificate from the CardConnect server or from the
CardConnect project manager. Then FTP the certificate to a suitable directory on your
EBS database server like /tmp.
STARTING THE XSERVER

Login to your EBS database server as the Oracle database user then start the Xserver
on the UNIX host using the following command:
vncserver 1
The UNIX host should respond with output similar to the following:
New 'orlin.prinpay.com:1 (oracle)' desktop is orlin.prinpay.com:1
If this is the first time you are starting vncserver, the output may differ slightly but the
confirmation for successful start should be similar:
[oracle@orlin ~]$ vncserver

You will require a password to access your desktops.
Password:
Verify:
xauth: creating new authority file /home/oracle/.Xauthority
New 'orlin.prinpay.com:1 (oracle)' desktop is orlin.prinpay.com:1
Creating default startup script /home/oracle/.vnc/xstartup

Starting applications specified in /home/oracle/.vnc/xstartup
Log file is /home/oracle/.vnc/orlin.prinpay.com:1.log
Here is a screenshot of a sample session. Please note the port number after the colon
(:). In our example, we are using port 1.
STARTING THE XCLIENT

Start the X client on your workstation. In our example, we are using VNCViewer and
have specified the port for the viewer to match the port of the server:
When prompted, enter the password for the XServer. This will establish a connection
to your remote desktop running on the server:

Now you can start the Oracle Wallet Manager by typing “owm” at the command
prompt.
IMPORTING TO WALLET
Assuming that the target certificate has already been uploaded to the server and
copied to a directory like /tmp, here are the steps required to import the certificate
into the Oracle wallet:
1. Start the Oracle Wallet Manager using command “owm”

2. Open the wallet by clicking on Wallet -> Open

3. Navigate to the directory where the Oracle Wallet is stored (not the
certificate), then click OK to open.
4. Supply the wallet password when prompted.
Here is a screenshot of the open wallet:

5. Now click on Operations -> Import Trusted Certificate and select the option to
“Select a file that contains the certificate”

6. Browse to the directory where you staged the certificate and select it
7. If no errors occur, the certificate was imported successfully.

8. Close the wallet and when prompted save it
If the wallet is newly created, please note the location (directory path) and the password you
specified. Both will be needed to specify te Oracle Payments Profile Options below.
O R A CL E ACL F OR C AR D C O NNE C T
Not Required For R12.2
The Oracle database provides a control mechanism called an Access Control List to limit objects
and privileges for several core packages which coordinate access to external network resources.
The ability to invoke the UTL_HTTP package and, therefore transact with the CardConnect
Gateway is limited by your database inherently. Your DBA will need to perform the following
steps to permit transactions to flow:
1. Create an ACL to allow the APPS user to invoke UTL_HTTP to connect to CardConnect
2. Associate the “cardconnect.com” domain with the ACL created above
3. Optionally, test the connection using a simple procedure
Here are the commands required for each step, please execute as SYS:
CREATE THE ACL

BEGIN
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL (
acl => 'cardconnect.xml',
description => 'Permissions to access cardconnect',
principal => 'APPS',

is_grant => TRUE,
privilege => 'connect');
COMMIT;
END;
ASSOCIATE CARDCONNECT.COM DOMAIN

BEGIN
DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL (
acl => 'cardconnect.xml',
host => '*.cardconnect.com' );
COMMIT;
END;
VERIFY ACL DEFINITION

SELECT grantee , table_name , privilege
FROM dba_tab_privs
WHERE table_name = 'UTL_HTTP';
The output should look similar to the following and is considered indicative of success as long as
the EXECUTE privilege has been granted to PUBLIC or APPS:
GRANTEE TABLE_NAME PRIVILEGE

PUBLIC UTL_HTTP EXECUTE
ORDPLUGINS UTL_HTTP EXECUTE
FLOWS_030000 UTL_HTTP EXECUTE
APEX_030200 UTL_HTTP EXECUTE
O R A CL E P AY M E NT S S E C U R I T Y O P T I O NS
Once the values and locations for some of the features above are known, the DBA should login
as the Payments Setup Administrator and set the appropriate options. To do so, login to your
EBS instance, then expand the Payments Setup Administrator responsibility menu and select
Oracle Payments Setup as illustrated below:

This will display the Oracle Payment Setup page. Please click on the “Go To Task” icon next to
“System Security Options”.
There are 3 categories of security options that are available for you to secure your payment
processing environment. They include:
1. Encryption
2. Masking

3. Verification
ENCRYPTION
Encryption refers to the obfuscation of sensitive data as it resides (at rest) in the Oracle
tables under the various EBS modules. Since you are implementing tokenization using
CardConnect, the sensitive data has already been removed from your system, so no
encryption is required.
Furthermore, it is the recommendation of CardConnect that you do not enable encryption.
MASKING
Masking refers to that portion of sensitive data that you deem necessary to remain visible
to end-users. Be sure to set the Credit Card masking options to display the last 4 digits.
You may optionally configure Bank Account masking at this point as well.
VERIFICATION
Verification refers to options that control additional required transaction attributes. You
may optionally compel users to enter their credit card security code (CVV) and/or their
billing address.
Once all options are specified to your liking, please click “Apply” as shown in the image below:
O R A CL E P AY M E NT S P RO F IL E O PT I O NS
The following profile options are required for the middle-tier to have secure access to the
Oracle Wallet. Access to the wallet is needed for the following:
1. To allow SSL communication to the IBY ECAPP servlet

2. To perform HTTP authentication to the payment system
3. To store the system or master key used to encrypt sensitive data
Once the location and the password for the wallet as outlined above have been finalized, the
DBA should login to EBS, assume the System Adminstrator responsibility and update the values
for the following System Profile Options:
Profile Option Name Description Value
Path to the directory where the Oracle

IBY: Wallet Location Example: /etc/Oracle/wallet
Wallet is stored – Not Required For R12.2
Password to opening the Oracle Wallet –

IBY: Wallet Password Password
Not Required For R12.2
Database Wallet Path to the directory where the Oracle

Example: /etc/Oracle/wallet
Directory Database Wallet is stored
O R A CL E P AY M E NT S C R ED I T C AR D R A NG E S
With the CardConnect solution, you will be using tokens within Oracle EBS. Many application
entry forms validate the card numbers to determine the card issuer or brand like MC, VI, AMEX,
etc. From release 12.1.3 onward, the validation is a required step and may cause a failure
during processing. To allow for successful processing, we need to add several valid card ranges
to the IBY_CC_ISSUER_RANGES table. To match the same, granular validation that currently
exists, we need to duplicate all the current ranges and simply prefix the existing ranges with a
“9”. Here is a script that will load the rows for you. Please run as the APPS user against your
Oracle R12 database:
INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

card_number_length, created_by,creation_date, last_updated_by, last_update_date, last_update_login,
object_version_number)
VALUES(20001, 'AMEX', '93', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20002, 'VISA', '94', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20003, 'MASTERCARD', '95', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20004, 'DISCOVER', '96', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20005, 'DINERS', '936', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20006, 'DINERS', '938', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);

VALUES(20007, 'MASTERCARD', '92', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);
Paypal – The following insert should only be done if you will be utilizing Paypal external
authorizations. Please contact your Card Connect representative if you are unsure if this step
is required.

VALUES(20100, 'PPAL', '999999', 16, -1, SYSDATE, -1, SYSDATE, -1, 1);
POODLE V UL NE R A B I L I T Y SSL V 3
To mitigate the SSLv3 vulnerability (aka “POODLE”) for all customers, the CardConnect team has
disabled the ability to negotiation SSLv3 communication protocol within our data center. We
are therefore requiring all merchants to patch or upgrade their Oracle middle-tier and
databases services in compliance with the Oracle Support note listed below:
VE-2014-3566 - Instructions to Mitigate the SSLv3 Vulnerability ("POODLE Attack") in Oracle EBS
Further information on mitigating this vulnerability can be found in the document attached
below.
BEPKEY P A T C H F OR M UL T I P L E MID S PER BEP (R12.1 O NL Y )

There is a bug in Oracle code that manifests itself during funds capture for merchants using
more than one merchant id for payment transactions. There are two Oracle Support notes
related to the deficiency:
Routing Rules Are Not Working Correctly For Credit Card Transactions After Submit Offline Transactions
Is Run (Doc ID 1452743.1)
Settlement Transactions are Sent to the Payment System Using the Wrong Payment System Account
(Doc ID 1406063.1)
The root cause for both has been identified and addressed with the following patch. Please do
not be misled by the description:
Patch 13789657: 1OFF:13609836:N/A:12.1.3:PAYPAL: NEED DATAFIX FOR FAILED TRANSACTIONS

C U S T O M PSON F O R M A T T I NG P A T C H
This is an optional configuration step!
When an Oracle module accepts and processes a credit card transaction, it typically applies a
payment system order number (PSON) that provides a unique reference and is indicative of the
source of the transaction. If the transaction originates in Order Management, the PSON begins
with “ONT”. If Receivables, the PSON begins with “AR”. This is useful, however the PSON does
not equate to any user-visible element in the source application.
Ideally, the PSON should be more reflective of some meaningful business object that is familiar
to the user. There is a way to override the default value with the Order Number from Order
Management, for example.
Oracle has released a patch that can be applied and allows you to customize the PSON value.
The patch implements the following features:
1. Call to a new custom procedure from within the card transaction code.
2. Sample/shell procedure that should be customized to return a new PSON that is
formatted to fit your requirements.
More information about the patch can be found in metalink by searching for the document id
below:
How to Change the Format of the PSON to a User Defined Format? (Doc ID 1159244.1)
Appendix A contains sample code that you can use as a starting point for your solution.
This concludes the work required from the DBA team.

T ECHNICAL N ETWORKING C ONFIGURATION
This section of the document covers configuration steps to be performed by your network
administrator who will require the following levels of access:
 Administrative access to firewall rules

 Administrative access to proxy authentication rules
F I R E WA L L R U L E C O NF I G U RA T I O N
Many CardConnect customers have secure processing environments which are futher protected
via the use of firewall hardware and software components. The CardConnect solution requires
your EBS middle-tier to be able to communicate with your hosted gateway server within the
CardConnect data center. To allow this communication, the rules within your firewall may need
to modified to permit this communication.
The general approach for this modification is outlined below:
1. Determine the IP address of your EBS middle-tier server.
[Your network administrator probably already knows this value.]
2. Determine the IP address of your hosted gateway server running within the
CardConnect data center.
[This value can be found by “pinging” the name of the server as supplied to you by your
CardConnect project manager. Hosted server names for our customers typically take
the form of customer.cardconnect.com.]
[Also, please note that the “ping” will not be successful, however the IP address of the
target server will be displayed as output of the command.]
3. Please create a firewall rule that will allow TCP traffic between to 2 hosts. Please
contact your CardConnect project manager for the CardConnect IP addresses for your
implementation. The CardConnect ports that need to be allowed are:
a. Development/Test Port: 6443
b. Production Port: 8443
P R O XY A U T H E NT I C A T I O N R UL E C O NF I G U R A T I O N
Some CardConnect customers further require proxy authentication when communicating out
from their network. For users or personal computers, this is done via a prompt to the end-user
during the time of their request. For server-to-server communication, this is handled
differently.
Please work with your network team to ensure that real-time or upon-request authentication
through the proxy is not required. This is normally done by defining a rule to allow server-to-
server authentication to bypass the proxy.

This concludes the work required from the DBA team.
O RACLE EBS F UNCTIONAL C ONFIGURATION

This section of the document covers configuration steps to be performed by Oracle Applications
functional administrator who will require the following responsibilities or levels of access:
 Payments Setup Administrator

 System Administrator
G ATEWAY M ODEL S ETUP
This section of the Oracle EBS Functional Configuration covers the configuration steps that are
to be performed if your implementation requires use of a Gateway Model Payment System. If
you are unsure of the Payment System model that you will be using, please contact your
CardConnect project manager for guidance.
O R A CL E P AY M E NT S P RO F IL E O PT I O NS
The are 3 profile options that need to configured before we proceed with the functional setup.
These profile options, their usage and sample values are shown below:
Profile Option
Name Description Guidance
A value is required if your Enter the value for your proxy address and be
IBY: HTTP Proxy network requires proxy to sure to review the “Proxy Authentication Rule
access the Internet Configuration” section of this document.
Applications Used to indicate domains that You may want to update this value to your
Proxy Bypass are excluded from proxy “local” domain since the profile option above
Domains authentication. will direct all other traffic accordingly.
Used to determine how long

IBY: Network Oracle Payments will wait for a This value is in milliseconds. The suggested
Timeout response from the payment setting is 300000.
system
V E R IF Y P AY M E NT S Y S T E M S E T U P
This section of the document is to verify the functional setup of the payment system that was
created through the MD120’s section titled “XXPPS Installation”.
Let’s start by verifying the new payment system that points to the CardConnect gateway. Start
by clicking on the “Payments Payment Administrator”, then selecting “Oracle Payments Setup”.

Click on the icon in the “Go To Task” column on the row next to “Payment Systems”.
Enter in ‘ppg’ as the code and click ‘Go’.

Click “Update Payment System” to continue with verifying the payment system.
Please check that the “Transmission Servlet Base URL” is pointing to the correct site and using
the appropriate port (6443 for non-production environments and 8443 for production
environments), the status is “Active” and the supported funds capture abilities are checked for
credit and debit cards.

V E R I F Y I N G P A Y M E NT S Y S T E M A C C O U NT N U M B E R
Continued from previous section, you may optionally return to this page by clicking on the
“Update Accounts” icon corresponding to the payment system.
Please check that your Merchant ID (aka MID) is listed.

If additional Merchant IDs are required, they may be entered here at this time.
Finally, click on the “Oracle Payments Setup” breadcrumb to return the “Oracle Payments
Setup” page.
Please continue with the Payee definition below.
V E R I F Y I N G P A Y E E D E F I NI T I O N
The Payee definition essentially defines a relationship between an Operating Unit and a
Payment System. To begin the process, click on the “Go To Task” icon next to Payees row.

Use the Search facility to find and modify an existing payee with the code of “ppg”. Click on the
“Update” pencil to drill down into the payee.

At this screen, verify that the MID in the payment system is the default payment system for
credit card and pinless debit card. Click the “Add” button under “Assign Operating Units” and
select all operating units in your organization that will be accepting credit cards via this payee.

P ROCESSOR M ODEL S ETUP
This section of the Oracle EBS Functional Configuration covers the configuration steps that are
to be performed if your implementation requires use of a Processor Model Payment System. If
you are unsure of the Payment System model that you will be using, please contact your
CardConnect project manager for guidance.
XML P U BL I S H E R F O R M A T T E M P L A T E S E T U P
Start by clicking on the “Funds Capture Setup Administrator”, then selecting “Oracle Payments
Setup”.
Select the XML Publisher Format Tempates task.
Create a new XML Publisher Template by clicking the “Create Template” button.
Complete the setup by populating the fields as shown below and click Apply.
Field Value
Code XXPPS_SETTLE
Name CardConnect Settlement Ack Template
Application Payments
Data Definition iPayment Funds Capture Instruction Extract 1.0
Type eText - Outbound
****Upload the XXPPS_SETTLE_END.rtf file in the

Template File
Templates.zip file attached below****

Language English
Create a new XML Publisher Template by clicking the “Create Template” button.
Field Value
Code PPS_FD_BATCH_SEND
Name CardConnect Batch Send Template
Application Payments
Data Definition iPayment Funds Capture Instruction Extract 1.0
Type XSL-XML
****Upload the XXPPS_FD_BATCH_SEND_en.xsl file in the

Template File
Templates.zip file attached below****
Language English
Template Files
F OR M A T S E T U P
Return to the Oracle Payments Setup form and select the Formats task.
First we will create a Funds Capture Acknowledgment format. From the dropdown box,
select Funds Capture Acknowlegment and click Create.

Field Value
Code PPS_SETTLEMENT_ENDPOINT
Name CardConnect Settlement Ack Format
Extract for credit card, purchase card, debit card, and

Data Extract
bank account funds capture instructions
XML Publisher
CardConnect Settlement Ack Template
Template
Next we will create a Funds Capture Settlement Batch format. From the dropdown box,
select Funds Capture Settlement Batch and click Create.
Field Value
Code ppr
Name CardConnect Auth and Batch Format
Data Extract Extract for credit card, purchase card, debit card, and
bank account funds capture instructions
XML Publisher CardConnect Batch Send Template

Template
T R A N S M I S S IO N C O NF I G U R A T I O N S E T U P
After the Format setup, Transmission Configurations should be set up.
Return to the Oracle Payments Setup form and select the Transmission Configurations task.
First we will create a Http(s) POST Request configuration. From the dropdown box, select
Http(s) POST Request and click Create Configuration.
Field Value Note
Name CardConnect HTTP POST
Protocol Http(s) POST Request
Tunneling <blank>
Configuration

Status Active
Destination https://XXX.cardconnect.com:6443/ Enter the URL provided by

URL cardconnect/oramipp_ppr your CardConnect project
Send Body Text/html manager.
Content Type
Receive Body Text/html
Content Type
Repeat the above to create another Http(s) POST Request transmission configuration with
the values below.
Field Value Note
Name CardConnect HTTPS Settlement Ack Get
Protocol Http(s) POST Request
Tunneling <blank>
Configuration
Status Active
https://XXX.cardconnect.com:6443/ Enter the URL provided by

Destination URL cardconnect/rest/ your CardConnect project
settlestatByBatchsource manager.
HTTP
Authentication To be provided by CardConnect
Username
HTTP
Authentication To be provided by CardConnect
Password
Send Body Content application/json
Type
Receive Body application/json
Content Type
Next, we will create a Secure File Transfer Protocol for Static File Names configuration.
From the dropdown box, select “Secure File Transfer Protocol for Static File Names” and
click Create Configuration.
Field Value Note

Name CardConnect FundsCaptureSend
Protocol Secure File Transfer Protocol for

Static File Names
Tunneling <blank>
Configuration
Status Active
FTP Server Host To be provided by CardConnect

Name/IP
Populate with the value
corresponding to environment to
FTP Server Port which you wish to communicate
Number (Test port = 2233
Production port = 2244).
FTP Account To be provided by CardConnect

Username
FTP Account
To be provided by CardConnect
Password
Remote File Directory To be provided by CardConnect
P A Y M E N T S YS T E M S E T U P
After the Transaction Configurations, the Payment System setup should be performed.
Return to the Oracle Payments Setup form and select the Payment Systems task.
Click on “Create” to define a new payment system.
Enter the value for each field as specified below:
Field Prompt Value Notes
Be sure to enter lowercase

Code ppr
“ppr”.
Name CardConnect Processor Value may be customized.
https:// Enter the URL provided by

Transmission
xxx.cardconnect.com:6443/ your CardConnect project
Servlet Base URL
cardconnect manager.
Processing
Processor
Model

Status Active
Credit Card – checked, Debit

Funds Capture
Card – checked
Credit Card
Authorization Full and Partial
Reversal
In the Formats section, add the following values.
Name Type
CardConnect Settlement Ack Format Funds Capture Acknowledgement
CardConnect Auth and Batch Format Funds Capture Settlement Batch
In the Transmission Protocols section, add the following values.
Name
Http(s) POST Request
Secure File Transfer Protocol for Static

File Names
Click “Save And Add Accounts” to continue with the next section of this document.
A D DI N G P AY M E NT S Y S T E M A C C O U NT N U M B E R S
Continued from previous section, you may optionally return to this page by clicking on the
“Update Accounts” icon corresponding to the payment system.
Click on the “Add Another Row” icon.
Enter your merchant id (MID) as the payment system account number. Oracle references this
field/column as “Name”.
Then click on the “Apply” button to save your changes and return to the Payment Systems
Search page.

Finally, click on the “Oracle Payments Setup” breadcrumb to return the “Oracle Payments
Setup” page.
Please continue with the Funds Capture Process Profiles definition below.
F U N DS C A P T UR E P R O C E SS P RO F IL E S S E T U P
Prior to setting up the Funds Capture Process Profile, the following insert statements must be
executed by the APPS user.
INSERT INTO iby_ack_readers( ack_reader_code, reader_code_language,
reader_code_package, reader_code_entry_point, created_by, creation_date,
last_updated_by, last_update_date, last_update_login, object_version_number,
zd_edition_name)
VALUES( 'PPS_AUTH_ACK_PARSER_1_0', 'JAVA',
'com.cardconnect.ebs.processor.CCOnlineACKParser', 'parse', 1, SYSDATE, 1,
SYSDATE, -1, 1, 'ORA$BASE');

zd_edition_name)
VALUES( 'PPS_BATCH_ACK_PARSER_1_0', 'JAVA',
'com.cardconnect.ebs.processor.CCBatchACKParser', 'parse', 1, SYSDATE, 1,
SYSDATE, -1, 1, 'ORA$BASE');

zd_edition_name)
VALUES( 'PPS_BATCH_RESP_PARSER_1_0', 'JAVA',
'com.cardconnect.ebs.processor.CCBatchRespParser', 'parse', 1, SYSDATE, 1,
SYSDATE, -1, 1, 'ORA$BASE';
Return to the Oracle Payments Setup form and select the Funds Capture Process Profiles task.
From the dropdown box, select your payment system and click Create.
Any appropriate value that describes the

Code
relationship, e.g., “EUROPS/GBP”
Will be automatically set to

Payment System <your payment system> the payment system you
selected above
Name Any appropriate value

Description Any appropriate value
Processing Type Credit Card
Status Active
In the Online Authorization section, enter the values as specified below.
Outbound Format CardConnect Auth and Batch Format
Transmission
Protocol
Inbound Response
PPS_AUTH_ACK_PARSER_1_0
Format
In the Settlement section, enter the values as specified below.
Outbound Format CardConnect Auth and Batch Format
Transmission Secure File Transfer Protocol for Static File

Protocol Names
Inbound Response
PPS_BATCH_RESP_PARSER_1_0
Format
In the Acknowledgement section, enter the values as specified below.
Outbound Format CardConnect Settlement Ack Format
Transmission
Protocol
Inbound Response
PPS_BATCH_ACK_PARSER_1_0
Format
In the Payment System Accounts section, enter the values as specified below for each of your
merchant ids.

Enter the desired merchant
Name <your merchant id>
id
Unique name should default

Account Funds based upon the MID and
Capture Profile <default> Funds Capture Process
Name Profile Name when setup
complete.
Online
CardConnect HTTP POST
Authorization
Transmission
CardConnect FundsCaptureSend
Configuration
Acknowledgement CardConnect HTTPS Settlement Ack Get
Enabled Checked
Click “Apply” to save your Funds Capture Process Profile definition.
Please continue with the Payee definition below.
PAYEE DEFINITION
The Payee definition essentially defines a relationship between an Operating Unit and a
Payment System. To begin the process, click on the “Go To Task” icon next to Payees row.
At this point, you have the option of creating a new Payee or modifying an existing one. Use
the Search facility to find and modify an existing or click Create to define a new payee as
appropriate.

Any appropriate value that describes the

Code
relationship, e.g., “EUROPS/GBP”
Name Any appropriate value
Please contact your

Merchant This value is typically assigned to your
processor representative
Category Code Merchant Id by your processing provider.
or review your VAR sheet.
Select your processor model payment i.e. “CardConnect

Payment System
system Processor Model”
Payment System
Select your merchant id (MID)
Account
Assign Operating
Add Operating Units as required.
Units
Supported It is not required to select

Debit Card & Credit Card - checked
Processing Types any Detail options.
Select your merchant id (MID) as the

Default Payment
default for PINless Debit Card & Credit
Systems
Card
Routing Rules Do not specify any routing rules at this time.
In the Default Payment Systems section, enter the values below for Pinless Debit Card and
Credit Card as required.
Payment System Enter your desired default

<desired merchant ID>
Account merchant ID
Enter the funds capture

Funds Capture process profile
<funds capture process profile for MID>
Process Profile corresponding to the
selected merchant id
Click “Apply” to save your Payee definition.
L E V E L 2/L E V E L 3 I NF O R M A T I O N
If your business requires Level 2 and Level 3 information to be sent to the processor, please
run the insert statement below to all tokens as needing L2/L3.

insert into iby_pcard_bin_range values('930000000','999999999','P',1,sysdate +
3650,1,sysdate + 3650,1,-1,null);
R OUTING R ULES
Routing rules can be a very useful feature for routing your transactions to a wide range of
processing options.
Please do not define any routing rules at this time. You can add them after connectivity and
basic functionality has been established.
The next section of this document will guide you through testing and debugging your
configuration.

O RACLE P AYMENTS T RANSACTION T ESTING
This section of the document covers the test steps to be performed by Oracle Applications
functional administrator who will require the following responsibilities or levels of access:
 Funds Capture Process Manager
F U N DS C A P T UR E P R O C E SS M A NAG E R
Testing can be performed to ensure that the setup to this point has been effective. To perform
this testing, the user is encouraged to login to EBS and navigate to the “Home” menu option
under the “Funds Capture Process Manager” responsibility as shown below:
This will display the Funds Capture Process Home page. You can submit 1 or more test
transactions from your EBS environment to the CardConnect gateway. This is done via the
“Transaction Testing” tab show in the following screen shot:

The Transaction Testing page is similar to many other EBS pages in that it allows you to search
for previous items and it allows you to create a new item, in this case a new Authorization. Click
“Create Authorization” to start the process as illustrated below:
The Create Authorization process is composed of 3 links in a workflow chain:

1. Authorization Basics
2. Authorization Details
3. Review and Submit
On the first link (displayed below), specify the following:
This should match the payee name you

Payee specified in the “Payee Definition” section of
this document.
Payment Any reference you would like to affix to this

I like to use my initials followed
System transaction. It should be unique from test to
by date and time:
Order test and ideally, it should not overlap with
DK201311041415
Number any “real” order number from your system.
Amount The amount of your test transaction. 1000.00
Currency The currency of your test transaction. USD
Payment
Instrument Select Credit Card.
Type
Click “Next” to proceed.
On the next page (link), you only need to specify the following information:

Card Use a test card value like

Number 4111111111111111.
Security Specify any value that corresponds to card

Try using 235 for Visa
Code type. Visa/MC = 3 digits, AMEX = 4
Enter the expiration date of any date in the

Expiration Please make sure it is a future
future and enter in the format specified by
Date date!
the example under the field.
Card Holder Search and select any user from your system.
In general, card numbers

correspond to these brands:
Set the brand to Visa for the card number
Card Brand 3 = AMEX
example above.
4 = Visa
5 = MasterCard
6 = Diners / Discover
Enter the values as required. Your screen should look similar to the following:
Click “Next” to proceed. You are now at the last link in the Create Authorization workflow. Click
“Submit” to place your transaction.

Congratulations! If your test transaction was not successful, please review the next section to
enable debug logging.

L OG G I N G A ND D E B U G G I NG
Quite often, your initial attempts to connect to the CardConnect gateway will meet with failure.
This can be related to a wide variety of underlying setup, proxy or firewall issues. To get a
better idea with where and what the issue is, Oracle EBS provides the ability to turn on low-level
logging and display that activity to the screen.
The idea location to invoke the logging to the screen is from the Transaction Testing tab in the
Funds Capture Process Manager -> Home page. Note the “Diagnostics” option available in the
upper-right portion of your page in the screen shot below:
Note: the Diagnostics link is only displayed if you have enable FND: Diagnostics within your
Profile Options. If diagnostics is not displayed, please switch to the System Administrator
responsibility and set accordingly.
After you have enabled and clicked on Diagnostics, the following page offers options for
reviewing the log activity. Please select “Show Log on Screen”.

The page will redisplay and offer options for the logging level. Select “Statement” and leave the
Module value at %. Then click “Go”.
Low-level logging is now active:
Now proceed directly to the testing outlined in the previous chapter of this document.

C AR D C O N N E C T UI -> A U T H OR I Z A T I O NS
Once you are able to put through a successful authorization, you will want to login to the
CardConnect gateway to review transaction details and compare what you sent to what we
received. The URL to access your server in the CardConnect hosted environment is typically in
the form of:
https://xyz.cardconnect.com:6443/cardconnect
Your CardConnect project manager will supply the username and password to access your site.
The login screen is shown below followed by the secure homepage:

Your secure homepage may differ slightly from the image below, however the “Search Auths”
option should be listed as it is access that we typically grant to aid in debugging and
investigating transaction details.
Please enter any relevant search criteria, then click “Search”. Some items that are most useful
include:

 From/To date range entered as MMDD
 Last 4 digits from token (which are also the last 4 digits of the card)
The following is an example of the output for the “Search Auth” utility:

A PPENDIX A – S AMPLE PSON C USTOMIZER C ODE
/* ---[ Program Statement ]------------------------------------------------- *\
Name : iby_pson_boling.sql
Created On: 19-MAR-2014
Created By: David A. Kilgallon
Purpose: This script creates the PSON customizer package

in the XXPPS schema.
---[ Modification History ]----------------------------------------------
Date Programmer / Reason for change

----------- ------------------------------------------------------------
19-MAR-2014 David A. Kilgallon
Initial code delivery
\* ------------------------------------------------------------------------- */
CREATE OR REPLACE PACKAGE iby_pson_customizer_pkg AS
g_cust_pson_yes CONSTANT VARCHAR2(10) := 'YES';

g_cust_pson_no CONSTANT VARCHAR2(30) := 'NO';
PROCEDURE get_custom_tangible_id( p_app_short_name IN fnd_application.application_short_name%TYPE,

p_trxn_extn_id IN iby_fndcpt_tx_extensions.trxn_extension_id%TYPE,
x_cust_pson OUT NOCOPY VARCHAR2,
x_msg OUT NOCOPY VARCHAR2 );
END;
/
SHOW ERRORS
CREATE OR REPLACE PACKAGE BODY iby_pson_customizer_pkg AS
PROCEDURE get_custom_tangible_id( p_app_short_name IN fnd_application.application_short_name%TYPE,

p_trxn_extn_id IN iby_fndcpt_tx_extensions.trxn_extension_id%TYPE,
x_cust_pson OUT NOCOPY VARCHAR2,
x_msg OUT NOCOPY VARCHAR2 ) IS
v_code NUMBER;
V_ERRM varchar2(64);
BEGIN
x_msg := g_cust_pson_yes;
SELECT o.order_number
INTO x_cust_pson
FROM oe_order_headers_all o, iby_fndcpt_tx_extensions e, fnd_application a
WHERE TO_CHAR(o.header_id) = e.order_id
AND e.origin_application_id = a.application_id
AND a.application_short_name = p_app_short_name
AND e.trxn_extension_id = p_trxn_extn_id;
EXCEPTION
WHEN OTHERS THEN
v_code := SQLCODE;
V_ERRM := SUBSTR(SQLERRM, 1 , 64);
x_cust_pson:= p_app_short_name || '_' || p_trxn_extn_id || ':' || v_code;
x_msg := G_CUST_PSON_NO;
END;
END;
/
SHOW ERRORS
EXIT

A PPENDIX B – O RACLE P AYMENTS F IELD M APPING
Oracle Payments Element CardConnect Element

OapfAddr1 AVSStreet
OapfAddr2 *
OapfAddr3 *
OapfCity AVSCity
OapfCntry AVSCountry
OapfCnty *
OapfCommCard Commcard
OapfCurr Currency
OapfCustName AVSName
OapfCVV2 CVVValue
OapfEcommerce_Ind MotoEci
OapfEmail *
OapfOrderId SalesDoc
OapfPhone *
OapfPmtInstrExp Expiry
OapfPmtInstrId CardMasked
OapfPmtinstrType CardType
OapfPONum PONumber
OapfPostalCode AVSPostal
OapfPrice Amount
OapfShipFromZip ShipFromZip
OapfShipToZip ShipToZip
OapfState AVSRegion
OapfStoreId MerchantId
OapfTaxAmount TaxAmount
* Tthese data elements have no CardConnect equivalent so they are ignored.
Additional Response Elements
Oracle Payments Element CardConnect Element

OapfAuthcode Authcode
OapfAuxMsg Text corresponding to Response Code
OapfErrLocation <either 0 or 4>
OapfRefcode Retrieval Reference
OapfStatus <One of 0000, 0001, or 0005>
OapfTrxnDate Current Date/Time
OapfVendErrCode ResponseCode
OapfVendErrMsg Text corresponding to Response Code

A PPENDIX C – C ARD C ONNECT R ESPONSE C ODES
T R A N S A C T IO N R E SP O NS E C O D ES
For the latest API specification including web service endpoints and response codes, please visit
the following link:
http://www.cardconnect.com/developer/docs/
Here is more information about specific CardConnect response codes and how they map to
Oracle transaction statuses. Each Payment Processor has hundreds of proprietary response
codes. CardConnect provides a mapping file to translate each response code for each
supported processor to one of three values. They are as follows:
 A indicates approval and returns a OapfStatus of 0000

 B indicates temporary issue and returns OapfStatus = 0001
 C indicates a decline and returns OapfStatus = 0005
In all cases, the OapfAuxMsg, OapfVendErrMsf and OapfCendErrCode are returned with a
description of the response code in the 2 msg fileds and the actual processor response code in
the ErrCode field.
A D DR E S S V E R IF I C A T I O N R E SP O NS E C O D ES
Authorization requests also return an OapfAVSCode field containing the result from the Address
Verification System. It is a one-character code that is separate and distinct from the credit
authorization response code. The meaning of the SVS response codes vary by card type. In
most cases, the AVS response comes from the issue bank.
A summary of the AVS response codes is available at the link above.

C HANGE H ISTORY
Revision Date Summary of Changes Related Build
February 2014 Initial version All
Updated for EBS 12.2

October 2014 All
Added networking section
Link to API doc
December 2014 Added SSLv3 vulnerability All
remediation details
Added Paypal issuer ranges insert
August 2016 and IBY: Network Timeout profile All
option setting, replaced corrupted
templates with zipped templates
Updated the Gateway model setup
December 2016 to verify installation instead of Gateway model
manual setups now that the setup is
taken care of by the MD120


Original Oracle EBS R12 Connector Document For Venkati SR

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Original Oracle EBS R12 Connector Document For Venkati SR

Uploaded by

Copyright:

Available Formats

CardConnect

Oracle Payments R12 Connector Document

Technical Database Configuration 4

Technical Networking Configuration 17

Oracle EBS Functional Configuration 18

Oracle Payments Profile Options........................................................................18

XML Publisher Format Template Setup...............................................................25

Oracle Payments Transaction Testing 36

R12 Oracle Payments Connector Document 1

Appendix A – Sample PSON Customizer Code 46

Appendix B – Oracle Payments Field Mapping 47

Appendix C – CardConnect Response Codes 48

 R12 Oracle Payments Connector document (this document)

R12 Oracle Payments Connector Document 2

R12 Oracle Payments Connector Document 3

 Username/password for the UNIX owner id of the Oracle database (oracle)

LOCATE THE CERTIFICATE

STARTING THE XSERVER

New 'orlin.prinpay.com:1 (oracle)' desktop is orlin.prinpay.com:1

[oracle@orlin ~]$ vncserver

R12 Oracle Payments Connector Document 4

New 'orlin.prinpay.com:1 (oracle)' desktop is orlin.prinpay.com:1

Creating default startup script /home/oracle/.vnc/xstartup

STARTING THE XCLIENT

R12 Oracle Payments Connector Document 5

1. Start the Oracle Wallet Manager using command “owm”

R12 Oracle Payments Connector Document 6

4. Supply the wallet password when prompted.

Here is a screenshot of the open wallet:

R12 Oracle Payments Connector Document 7

R12 Oracle Payments Connector Document 8

7. If no errors occur, the certificate was imported successfully.

R12 Oracle Payments Connector Document 9

CREATE THE ACL

R12 Oracle Payments Connector Document 10

ASSOCIATE CARDCONNECT.COM DOMAIN

VERIFY ACL DEFINITION

GRANTEE TABLE_NAME PRIVILEGE

R12 Oracle Payments Connector Document 11

R12 Oracle Payments Connector Document 12

Furthermore, it is the recommendation of CardConnect that you do not enable encryption.

1. To allow SSL communication to the IBY ECAPP servlet

R12 Oracle Payments Connector Document 13

Profile Option Name Description Value

Path to the directory where the Oracle

Password to opening the Oracle Wallet –

Database Wallet Path to the directory where the Oracle

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

R12 Oracle Payments Connector Document 14

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

INSERT INTO apps.iby_cc_issuer_ranges(cc_issuer_range_id, card_issuer_code, card_number_prefix,

BEPKEY P A T C H F OR M UL T I P L E MID S PER BEP (R12.1 O NL Y )

Patch 13789657: 1OFF:13609836:N/A:12.1.3:PAYPAL: NEED DATAFIX FOR FAILED TRANSACTIONS

R12 Oracle Payments Connector Document 15

This concludes the work required from the DBA team.

R12 Oracle Payments Connector Document 16

 Administrative access to firewall rules

The general approach for this modification is outlined below:

1. Determine the IP address of your EBS middle-tier server.