It is likely that you would opt to perform a custom integration with the VSP Form service in the following circumstances:

• You are unable to find a shopping cart that meets your website requirements.



• You have basic knowledge and experience in server side scripting.



• You use shared web servers that do not offer database services.

N.B: Please be aware that performing a bespoke integration does require you to write the majority of the scripting required and therefore an intermediate knowledge of web development is required.

VSP (Veri Secure Payment) is a method of passing details, in this case credit card and transaction related details, from your website to Protx, in order to obtain authorisation on those details.

VSP Form is likely to be the best VSP payment system for you when:

•   You are unable, or do not wish, to maintain your own secure web servers and choose   instead to have them managed by a third party hosting company.



•   Your website is run from a shared system with the same web server delivering many   different web sites. In these circumstances, an individual company has very limited   abilities to install anything more than simple HTML pages and script files, and cannot   normally install items outside their own user area (especially if this involves components   that affect the entire server).

To keep their lives simple, many web management companies do not wish to install specific components on their servers because of disruption of standard building procedures, so the specific scripts and the dependent components required by VSP Server and VSP Direct sometimes cannot be installed.

•   You do not wish for any sensitive information to be taken or stored on your site   (removing the need for you to maintain highly secure encrypted databases, or obtain   digital certificates). The shopper is redirected to Protx to enter their card details

The VSP Form integration can be handled using standard scripting languages like ASP, ASP.net, PERL, PHP JSP etc.

With VSP Form, all transaction information is held at Protx, including the full shopping basket contents and e-mails can be sent from the Protx servers to you and your shoppers to confirm the success or failure of the transaction.

Whilst this system is easier and quicker to integrate with than VSP Server or VSP Direct, you should only consider it if you are prevented from working with the server product, because server-to-server communication gives you greater control over the redirection of your shopper and a full end-to-end audit trail that cannot be guaranteed using information sent via the shopper's browser.

Due to the simplicity of the VSP Form payment solution, there is little scope to automate any of the transaction functions such as refunding, repeating, releasing, voiding and aborting. All these function will need to be performed manually within the VSP admin area.

Custom integration means that you will not be using a 'shopping cart' solution and that the link between your website and Protx will be built either from scratch or using the Protx provided script kits, or a combination of the above.

A Custom integration allows you the power to create a flexible and bespoke cart solution which would not apply the restrictions that a shopping cart may have. This means that you can chose which values you collect on your website, the way in which you collect those values and also the way in which you pass them to Protx. Importantly, as with all Protx products, you must meet and adhere to the latest Protx Protocol, in this case 2.22.

Protx are able to supply packages referred to as 'kits'. These kits vary depending on the language and the Protx product you are downloading the kit for, be it VSP Form, VSP Direct or VSP Server.

The kits contain a number of script pages, in various programming languages that allow you to connect your website with Protx and are written by Protx developers to correctly format and send the information Protx require for registering a transaction. It is not recommended to use one of our kits or to perform a custom integration if you do not have some level of web development experience.

Please refer the readme file within the kit for definitions and explanations of the files within the kit, and their purpose.

VSP Form operates in a similar manner to the other Payment Service Providers, sending transaction registration information in hidden HTML fields through the shopper's browser, but unlike many such systems, VSP Form encrypts the important information first, so the shopper cannot tamper with it.

Step 1: Capturing information and formatting it ready to send to Protx

The final "Pay Now" button on your website is your link to the Protx VSP System. Once the shopper has selected their purchases, entered delivery details, billing address and so forth, all on your own site, and pressed the final 'proceed' button; a small script on your server generates an order summary page, listing the shopper's contact details, their purchases and the total order amount. Potentially, at the bottom of that page is a "Pay Now" button which submits the information on that page to the VSP Form gateway.

What the shopper doesn't see is that whilst generating that order summary page, a simple and easy to modify piece of server-side scripting builds an encrypted hidden field that it places on the form. This field contains all the transaction information in a format that VSP Form can understand.

Step 2: Encrypting and posting data to Protx

When the user clicks the "Pay Now" button, the encrypted contents of that field get Posted to VSP Form server and the shopper is re-directed and presented with the Protx payment pages.

Step 3: Shopper redirected to Protx Payment Page and Authorisation

Once the shopper reaches the Protx payment page, they then enter their credit/debit card details, security codes and billing address.

The shopper is now on the payment page and they are given the opportunity to enter their credit card details. Firstly, after the details are entered, VSP Server will parse the values to ensure that they have been entered correctly and that they are valid. If they are valid, the shopper is passed to a confirmation screen where they are given one last chance to abort the transaction.

When the payment details have been submitted, the VSP authorisation services then format the transaction and send this request to your merchant acquirer over the X25 banking network, which is a secure direct channel separate from the internet.

Whilst communicating with the merchant acquirer, the shopper is shown a page containing the text, "Authorising please wait…"

The shopper is now on the payment page and they are given the opportunity to enter their credit card details. Firstly, after the details are entered, VSP Server will parse the values to ensure that they have been entered correctly and that they are valid. If they are valid, the shopper is passed to a screen where they are given one last chance to abort the transaction.

Step 4: Vendor handling the Protx encrypted response (decoding/storing and display)

Depending on the result of the authorisation from the bank, your shopper is then either returned to your SuccessURL or your FailureURL which you provide with the transaction. This then completes the transaction process.