SolidTrust Pay Integration Guide - Credit Card API For Single Item Selling

An Intro | The Wizard | A Quick Start | Parameters List | Result Parameters | Examples | Button Images

An Intro - What is this documentation for

You can use your SolidTrust Pay account to receive payments via your own Credit Card interface. This page gives an explanation on how to create a Transparent Credit Card Payment and the parameters that the API system supplies back to your script.

A Quick Start

* NOTE: To use the Transparent Credit Card API System, your STP Account must have Corporate Status.

All the payments should go to the following url:

For the credit card payment to work, you must create a script that captures your buyer's credit card and personal details and sends to our CC API handle URL using the CURL POST method. Please note that MD5 Encryption with a given SALT must be used for your STP Merchant's API password entry.

Here is an example:

//build url
$urladdress = ""
$transaction_type = "sale";
//optional - if not set will default to 'sale' transaction
$api_pwd = md5($api_pwd.'s+E_a*');

$data = "&notify_url=".$notify_url."&currency=".$currency."&testmode=".$testmode."&MerchantName=".$MerchantName."&Merchant_IP=".$Merchant_IP."&password=".$password."&card=".$card."&exp=".$exp."&amount=".$amount."&first_name=".$first_name."&last_name=".$last_name."&address=".$address."&city=".$city."&state=".$state."&zip=".$zip."&country=".$country."&cardip=".$cardip."&email=".$email."&cvv=".$cvv."&phone=".$phone."&item_id=".$item_id."&memo=".$memo."&user1=".$user1."&user2=".$user2."&user3=".$user3."&user4=".$user4."&user5=".$user5."&user6=".$user6."&user7=".$user7."&user8=".$user8."&user9=".$user9."&user10=".$user10."&return_url=".$return_url."&transaction_type=".$transaction_type;

> //send messages
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"$urladdress");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //use this to suppress output
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);// tell cURL to graciously accept an SSL certificate
$result = curl_exec ($ch);
curl_close ($ch);

//results separator is a "|", so here we create an array of vars as per result parameters below

$result = explode("|", $result);

The paramters are delivered as follows:

$status = $result[0];
$gateway_result = $result[1];
$stp_transact_status = $result[2];
$transaction_status = $result[3];
$today = $result[4];
$tr_id = $result[5];
$amount = $result[6];
$member = $result[7];
$item_id = $result[8];
$addr = $result[9];
$city = $result[10];
$state = $result[11];
$zip = $result[12];
$country = $result[13];
$email = $result[14];
$phone = $result[15];
$memo = $result[16];
$user1 = $result[17];
$user2 = $result[18];
$user3 = $result[19];
$user4 = $result[20];
$user5 = $result[21];
$user6 = $result[22];
$user7 = $result[23];
$user8 = $result[24];
$user9 = $result[25];
$user10 = $result[26];
$currency = $result[27];
$paid_by = $result[28];
$hash = $result[29];
$merchantAccount = $result[30];

//** here is some code for checking purposes - this will display the results to your screen **

$j = count($result);
for($i = 0; $i < $j ; $i++) {
echo "Result String Part ".$i." = ".$result[$i]."<br>";

In the example above, the $result captures the result fields that are returned from the API.

Parameters List

Below you can see an explanation of all the parameters that can be used for payments:


Parameter Name Required Details
MerchantName YES The receiver of the payment. Your SolidTrust Pay username or email.
password YES Your API password
Merchant_IP YES Your Server's IP where the script request is being made from
amount YES The price of the item in USD. Do not add any currency signs - use only a number.
Example 1: 9.99
Example 2: 4
currency NO Currency of the transaction. Standard 3-letter ISO currency. If this is not set, it will default to your merchant account currency.
Example : USD
card YES The buyer's card number (16 digits). ONLY VISA and MASTERCARD numbers are accepted.
exp YES

Card expiry date. Set in format "MMYY".eg: 0612

cvv YES

Card CVV number. Last 3 digits on back of card

first_name YES Cardholder's first name. First name
last_name YES Cardholder's last name. Last name
addr YES Cardholder's street address (no PO Box numbers)
city YES Cardholder's city
state YES Cardholder's state. If not available put "NA"
zip YES Cardholder's zip
country YES Cardholder's country
cardip YES Cardholder's IP address. Collect IP from cardholder's requesting computer
email YES Cardholder's email address.
phone YES Cardholder's phone number. Include country code if not USA or Canada
item_id YES Item ID of the product being purchased. ie: your reference
memo YES Cardholder's memo to you. (Have a memo field on your capture form)
testmode NO Add this parameter and set it to "1" if you need the payment button to work in test mode. The button works like the live one, but no actual transactions will be made. You can use this test mode to check your IPN script and see what parameters are sent back to your site when payment is made. NOTE: If you do not send this parameter then the button will be live and real transactions will be made.
Example: 1
user1 .. user10 NO You can add up to 10 custom parameters to the form. These parameters will be sent back in the result to your purchase url unchanged. You can use these parameters to track your site members, for example.
notify_url YES Notify URL where all the result parameters are sent back to, using POST variables.
confirm_url YES Confirm URL - an update url for the Credit Card transaction status - all the result parameters are sent back, using POST variables.
transaction_type YES

Used to set the transaction type.

authorize - authorize the purchase. Our Staff will perform the Capture

transaction_id NO SolidTrustPay Transaction ID received back - tr_id

Result Parameters Sent Back

The result parameters are sent back immediately to your requesting URL via your CURL result. In addition, if you have specified a notify_url, then these parameters will be posted to that address using POST method. If you require an updated credit card transaction status (stp_transact_status), as per below, to be sent back to you, then you must use a confirm_url.

In the case of a DECLINED transaction, you will get an error message in your 'gateway result' field.

* In the case of a Card being enrolled in Visa/Mastercard 3-D Secure please follow the intructions below.

Below are all the parameters explained:

Parameter Name Sent Back Details
card_transact_status Always

The status of the payment request from the CC Gateway. Valid field values are;

ACCEPTED - successful transaction

DECLINED - transaction declined - reason shown in ERROR field


This will display the gateway result.

If card_transact_status is ACCEPTED, then this should show SUCCESSFUL.

If card_transact_status is DECLINED or it is an error, it will be preceded by !ERROR!

* NOTE: in the case an ERROR status resulting in any of the errors listed here, NOT including the Gateway Error Messages below, then further result parameters are suppressed.


Error message description : (always preceded by "!ERROR! ")

IP not on allowed list - you must supply us your server IP address where your purchase script will address our server from before using the API, and we will add it to our allowed IP list.

Server IP does not match posted IP - you have to define your Merchant_IP field above, which must be the same as your requesting server IP.

Incorrect Merchant Password supplied - you have to define your STP password field above, which must be sent MD5-encrypted as explained above.

Your STP account must have Corporate status - please contact our Helpdesk - you have to apply to us for Corporate Status

Application to become Credit Card Merchant not yet done - you have to apply to us for to become a CC Merchant

Your STP account must be set to accept this interface - please contact our Helpdesk - we will set this up for you on your successful application to become a CC Merchant

Only 3 transaction attempts from the same IP address are permitted per day! - This is the cardholder's IP address - fraud protection and VISA/MC gateway requirements

Only 3 transaction attempts are allowed from the same card per day! You are welcome to use a different card if you require further transactions during this time period - fraud protection and VISA/MC gateway requirements

and other Gateway Error messages as below


** Note: Status will always come back as PENDING on initial accepted completion of the transaction. Once the transaction has been confirmed then you will get a further POST result to your NOTIFY url.


The status of the payment request in your Solidtrustpay Account.
Valid field values are;

PENDING - transaction still has to be cleared

COMPLETE - transaction cleared and funds available in your account (this status is only sent to notify url once transaction is cleared by our fraud department)

FAILED - card payment was declined

date Always Date and time of transaction
tr_id Always SolidTrustPay Transaction ID
This needs to be sent back if requesting a 'refund' transaction
amount Always The price of the item. This is actually the amount transferred to your account when the payment is successful, less charges.
member Always Full name of Cardholder
item_id Always Your item id of the product purchased
addr Always Cardholder's street address
city Always Cardholder's city
state Always Cardholder's state.
zip Always Cardholder's zip
country Always Cardholder's country
card Always Card number used .
email Always Cardholder's email address
phone Always Cardholder's phone number
memo Always A note from the purchaser. This can be empty if the user didn't fill it.
user1 .. user10 Always If you have sent any custom parameters in the purchase code they will be sent back unchanged.
currency Always Transaction currency


3-D Secure

* In the case of a Card being enrolled in Visa/Mastercard 3-D Secure, we will handle the redirection - all you need to do is pick up the end results as above.