- Disabling verification 3D-Secure v1 by Visa and MasterCard, stay EMVCo 3D-Secure v2. On the side of Merchant there is no need to make any changes to the integration.
- Changes in behavior of test cards in “Sandbox” - all cards required 3DS verification in one time payment and with
4242 4242 4242 4242)
- In the API query response with incorrect content (e.g. missing mandatory parameter value or bad format), the
codeparameter was added to the
errorsobject. It includes a field name and a validation result.
- API v2 is removed.
- changes in the Espago Subscriptions behaviour - in the case of an unsuccessful card authorization attempt during the subscription: if the received
issuer_response_codemessage belongs to “do not repeat” category, the subscription stops. To start a new subscription with the same Client Profile, updating with a new card and strong customer authentication are necessary. Alternatevely, please create a new Client Profile, perform strong customer authentication and start new subscription.
- In the card charge request (
skip_3dsparameter due to non-compliance with PSD2 regulations
link May 2021
- Disactivation Aktualizacji danych karty klienta tylko gdy karta jest zautoryzowana, because of incompatibility with PSD2.
- Disactivation Instantly authorize client feature, because of incompatibility with PSD2.
link April 2021
- Supplementing the documentation and SQL file with rejection codes
65(related to the lack of SCA / 3D-Secure), and
B ##codes (Espago rejection of payments that are known to be unsuccessful)
link January 2021
- Disabling protocol TLSv1.1 in production Espago gateway (currently supported: TLSv1.2 and TLSv1.3).
link November 2020
- Enabling 3-D Secure version 2 (EMV 3-D Secure) on some Merchant’s accounts.
Using in payment status
state=tds_redirectedduring whole 3-D Secure (both v2 or v1) authentication. Until now, such state was presented only in transaction object in this time.
sca_paymentto client profile properties (exists when there was used parameter
cof=storingin initiated payment or payment using client profile or updating client).
Adding a payment for the amount of “0” PLN/EUR/etc, used to authenticate the client with SCA and save the card details, without charging him (or withdrawing this payment). ** NOTE ** Amount of 0 is available only with Elavon acquirer.
link January 2020
- Integration with SIX/SaferPay - adding new payment channel to Espago gateway (according to Merchant agreement:
link October 2019
Changes in issuer response codes related to 3D-Secure:
E3 - 3D-Secure error in bank.
E4 (new) - 3D-Secure authentication failed.
E5 (new) - Other 3D-Secure error.
Creating new documentation https://start.espago.com
Old documentation (https://developers.espago.com) remains available.
link August 2019
Adding Card on file parameter (cof = storing, recurring, instalment, unscheduled and other) for payments related to saving card data or made payment using card data saved in client profile:
- Parameter “cof=storing” added to payment enables creating of client profile (no need to additional request for client create).
- For backward compability, from August 2019 by default all payments with parameter “recurring=true” have automatically set “cof=recurring” in Espago (Merchant can overwrite this parameter with other cof values).
Change of guidelines related to 3D-Secure verification (changes related to PSD2 and preparation for 3D-Secure v2.0.0)
- each single payment should be made with 3D-Secure,
- each subscription should be started or preceded by a payment with 3D-Secure,
- each payment made using client profile (in subscription, one-click or on-demand payment) should have COF parameter.
link May 2019
22 may 2019: Adding in production env (secure) changes in lenght of ID parameters. Changes are applied only to newly created objects.
- Changing the initial characters in the parameter transaction ID from “tn_” to “tr_”. The transaction ID will be still 12 characters long (tr_xxxxxxxxx). https://developers.espago.com/v3#320
- Increasing of lenght from 18 to 20 characters of every (without transactions) new ID parameters:
- Payment ID (pay_xxxxxxxxxxxxxxxx)
- Client ID (cli_xxxxxxxxxxxxxxxx)
- Token ID and Token-cvv ID
- Plan ID and subscription ID
- Invoice ID and invoice item ID (elements of subscriptions)
- Increasing from 12 to 14 lenght of parameter Service ID.
link April 2019
Adding in test env (sandbox) changes, which will be applied in production gateway in 21 may 2019 (described in “May 2019” section). Changes will be applied only to newly created objects.
Adding issuer_response_code=15 (in language PL and EN) to SQL file in “Download” section.
link October 2018
Adding two-factor authentication in the Seller’s panel.
Adding back-requests during the refund of payment.
link August 2018
Implementation of Safekey AMEX (3D-Secure on American Express cards).
Adding a payment refund option to the web panel.
Adding functions in payment request:
- language per transactions (parameter locale)
- email addres to sent email notifications (parameter email)
- forcing to not send email, even if customer profile has email address (parameter skip_email)
link July 2018
Adding possibility to accepting using China Union Pay cards (UP/CUP).
link February 2018
Disabling protocol TLSv1.0 in production Espago gateway.
link August 2017
Adding Espago Secure Page for creating/updating client profile.
link May 2017
Updating descriptions of issuer response codes: adding R0, R1, 68, and updating most comments in languages PL, EN and FR. New format of SQL file.
link January 2017
Introducing Espago iFrame - new, improved soluton for creating token/getting credit card data/creating payments on Seller’s website.
link December 2016
Adding options skip 3D-Secure function.
Espago iframe added.
link November 2016
Double card authorization added.
link September 2016
Adding API function, to get information about customer’s card: country and bank.
Improvements in web panel.
Update footer in mail notifications: adding link to FAQ and seller contact data (this data can be set in web panel).
link August 2016
Added the fields’ separator “|” in the method of calculating the checksum. The update applies to MasterPass and payment page. The old way of calculating the checksum will be valid until the first quarter of 2017.
link July 2016
Release Espago JS in version 1.2: https://js.espago.com/espago-1.2.js The use of new script (in place of old 1.1) doesn’t requiere additional changes on Seller website. New script contain several improvements, and add function to create CVV tokens.
link May 2016
Adding parameter payment_id in back requests when payment is done according to subscription.
Adding new states of rejected payments according to 3D-Secure rejections and errors. Parameter reject_reason “3ds_not_authorized”, parameter issuer_response_code “E3”.
Minor updates in description of codes 12 and 62.
link April 2016
Adding possibility for creating subscription with delayed start.
link March 2016
Adding protection: escaping six special charactes with accordance with recommendation of OWASP. in all text parameters (description, first_name, last_name, etc.).
link February 2016
Added the possibility to set the redirect URL for the payment - parameter positive_url and negative_url
link November 2015
Adding possibility to redirect customer to secure payment website on Espago gateway.
Updating description of “issuer_response_code”: 00, 05, 57 in documentation and in sql/xml files.
Adding new possible payment states: “tds_redirected”, “resigned”.
Changes in SSL/HTTPS requirements
Raising the requirements for connection to the test gateway https://sandbox.espago.com: limiting accepted protocols to TLSv1.2 and TLSv1.1 (excluding TLSv1.0) and raising the requirements for used ssl ciphers (disabling few ciphers which use CBC).
HTTPS configuration currently available in a test environment will be implemented gradually in production gateway, starting from February 2016.
link September 2015
Adding posssibility to make multiple, partial refund.
Implementation function for adding CVV to payment made on demand/repeated.
link June 2015
Further expansion of functions related to payments Espago in module Przelewy24.
link May 2015
Launch of DCC (Dynamic Currency Conversion) service.
Changes in allowed payment status in APIv3.0, adding: dcc_decision, tds_status.
Adding description of new “issuer_response_code”: 91, 92, 95, 98 in documentation.
Changes in SSL/HTTPS configration, disable supporting weak ciphers.
link April 2015
Enabling MasterPass service.
link March 2015
Adding to documentation description of two new error codes “issuer_response_code”: 62 and 75.
link February 2015
Publishing API v3.0. Old version APIv2.0 can still be used, but most of new functions (described abowe) will be implemented only in APIv3.0.
Enabling 3D-Secure options.
link December 2014
Publishing new version of Espago API documentation and moving it to new subdomain.
link November 2014
Disabling support of SSLv3 for incoming request (API) and outgoing (back_requests).