FAQs

This section of the website contains links to all the technical documentation and guides you need to set up your website to accept online payments, as well as answers to the most frequently asked support questions.

Information here is divided according to the platform you are using – payment pages, Secure Trading API (STAPI), or web services. The most popular documentation and FAQs are listed below.

If you need to speak to a member of the team directly, please call 01248 672050 or email [email protected].

General FAQs

Can I re-authorise transactions in STPP?

There is a fully integrated Re-Auth button that is available at the bottom of every transaction you have processed in MyST, allowing you to re-attempt another payment against that card.

Please note:  re-authorisations will not include the Security Code. You may be charged extra fees from your acquiring bank, please check with them before re-authorising!

Payment Pages

Secure Trading Payment Pages are for merchants who want a simple and easily implemented way of adding e-payment capability to their online commerce systems. SecureTrading Payment Pages work with custom-designed ecommerce systems as well as with many commercially available shopping cart applications.

Using SecureTrading Payment Pages you can:

  • Process payments on our own dedicated HTTPS servers (that use the SSL protocol) that allow you to process secure and reliable transactions.
  • Process payments without storing credit card details on your server.
  • Customise the Payment Pages with custom CSS to maintain the look and feel of your online store.
  • Accept a large variety of currencies.
  • Track all transactions using our online transaction management system, MyST.

For integration information please contact our support team on 01248 672050.

Where is the File Manager?

This will be available only to users that have a qualifying User Role, 2-Step Authentication and a valid IP address listed on their username.

I am looking at additional payment methods. What do you support?

We support many Additional Payment Methods (APMs) such as ApplePay, PayPal, AliPay, Sofort and PaySafe.  A comprehensive list of supported APM’s is available from our website

What additional fraud services do you offer?
We integrate with ACI ReD Shield which anticipates and responds to changing patterns of fraud ensuring Secure Trading’s merchants remain protected in all environments. You can find documents for Payment PagesXML, and JSON on our website. Please contact your account manager for further details regarding this additional service.
How do I setup PayPal with SecureTrading?
Please refer to the Enabling PayPal document.
I’ve sent you my PayPal Username, but how do I setup PayPal itself?

If you are using Payment Pages, it’s automatically done for you.  If using Webservices or STAPI however you will need to check the relevant XML instructions. For the JSON integration, please refer to the online documentation.

Can I re-authorise transactions in STPP?
There is a fully integrated Re-Auth button that is available at the bottom of every transaction you have processed in MyST, allowing you to re-attempt another payment against that card.

Please note: re-authorisations will not include the Security Code. You may be charged extra fees from your acquiring bank, please check with them before re-authorising!

Are refunds, authorisations, settlements and fraud/risk checks supported?

Yes, these features are fully supported.

How long does it take to receive the platform credentials?
These will be sent out by the support team once they’ve been set up after your contract has been signed with your account manager.  Account Credentials are usually supplied within a 48-hour period.
Do I have to request to go live?
Yes, you must send an email to [email protected] requesting for your account to be switched into live mode.

Please note:  this is only possible after you have received the email informing you that your merchant number has been successfully tested!

What is 3-D Secure?
3-D Secure is an additional layer of security that authenticates a customer during a transaction. It also affords you more protection against potential chargebacks.
What is the liability shift for 3-D Secure?
Provided you are utilising the 3-D Secure system, you will be covered for the majority of fraudulent transactions that are processed and the liability for payment will shift back to the card issuer.

Secure Trading believes the liability shift to be as follows:

Brand Enrolled Status Liability
Visa U Merchant*
Visa N Card Issuer**
Visa Y Y Card Issuer**
Visa Y N Merchant***
Visa Y A Card Issuer**
Visa Y U Merchant*
MasterCard U Merchant*
MasterCard N Card Issuer**
MasterCard Y Y Card Issuer**
MasterCard Y N Merchant***
MasterCard Y A Card Issuer**
MasterCard Y U Merchant*

Y= Yes
A= an attempt on something did not work with the communication
N= No
U= Unknown

* Important note: If the brand is Visa and enrolled or status is returned as a “U” (Unknown), it means that the merchant is not covered by the 3-D Secure scheme. In this case the merchant is still liable for any fraudulent transactions.
** Important note: There are some cases where the liability is not covered by the card issuer; for example some commercial cards under both brands. For more information please contact your acquirer.
*** Important note: In this case it is strongly recommended that the transaction does not proceed. This means the password entered did not match.

This is a high level overview of the liability shift. Please bear in mind we facilitate the process; we do not create or enforce the rules. If you are unsure of any transaction status that you may see, we would recommend that you contact your acquirer.

Are commercial cards covered by 3-D Secure?

The majority of Visa / Mastercard branded cards are covered by 3-D Secure, which does include some Commercial Cards. More information can be provided by your acquiring bank.

How do I activate 3-D Secure on my account?
If you are using Payment Pages, 3-D Secure will be enabled automatically by ourselves. If you are using an API system and require 3-D Secure, you have to include the relevant XML for performing 3-D Secure requests or if you are using the JSON integration, please refer to the Online 3-D Secure documentation.
Is 3-D Secure mandatory?
In most cases 3-D Secure is not mandatory, but is highly recommended.  It is however compulsory when processing Maestro cards. Some acquiring banks require that you use 3-D Secure. Please check with your acquiring bank before making any decisions on this.
What is my Payment Page’s URL?
There is no specific URL to your payment page as such; it exists as part of the POST to our main URL, which is:  https://payments.securetrading.net/process/payments/choice
Can I update my own system when an order is placed through Secure Trading?
Yes; you can setup a Notification (POST) to send data back to your system at the end of the transaction.  More information can be found in the Rule Manager documentation.
Can I setup a Redirect?
Yes; you can setup a Redirect (GET) so the customer (and fields) are sent back to your platform at the end of the transaction. More information can be found in section 1.4 of the Payment Pages setup guide. More information can be found in the Rule Manager documentation.
How do I set up email confirmations of an order?
This is done within MyST. Please refer to the Rule Manager documentation for more information.
When I pass a payment for a particular currency, no card types are displayed on my payment page.

This simply means you are not setup for this currency; please contact Support for more information.

My payment page is not displaying any card types.

This means that you either have no Merchant Number configured yet, or you are passing through a currency or type (ECOM / MOTO) that your account isn’t configured to process.

Am I able to have multiple Payment Pages on one account?
Yes, you can; more information can be found in the Payment Pages guide HERE.
Am I able to customise the appearance of my pages?
Absolutely; version 2 of payment pages allows for full HTML customisation.  More information can be found HERE.
Can I accept multiple currencies on my site?
Yes, but this depends entirely on your acquirer. Please speak to support for more information.
I am seeing AUTH CODE: TEST when processing payments.
You are currently processing on a test account; you will need to ensure you request for your main account to be switched live and that your code is pointing to the correct site reference.

EG:  mycompany67890 instead of test_mycompany67891

I’m getting the following error “No account found” what might cause this?
You are trying to process a card type / currency / account type (ECOM / MOTO etc) that your account isn’t setup to process.
Which shopping carts can I use with Secure Trading?

We support many shopping carts such as Magento, PrestaShop, WooCommerce and OpenCart. A list of supported shopping carts is available from our website.

Why is no money being paid into my bank account? I put my website “Live” a week ago.
If your account is live, and your transactions are settling as expected, please speak to your acquiring bank.  If you are unsure of this, please call Support and we’ll point you in the right direction.  You would need to speak to your acquiring bank to find out where they are paying the money into.

Secure Trading API

The Secure Trading API is our service for merchants who want to use their own secure servers, but wish to use Secure Trading’s payment network as part of their own e-commerce application. It has all the capabilities of SecureTrading STPP Payment Pages, but in addition you can use our service in a more sophisticated way.

Using SecureTrading API you can:

  • Automate refunds and authorisation reversals, and control the settlement schedule for each transaction.
  • Have development capability and write applications that can process payments.
  • Integrate a payment solution into back-office or legacy systems.

For more information please contact our support team on 01248 672050.

I am looking at additional payment methods. What do you support?

We support many Additional Payment Methods (APMs) such as ApplePay, PayPal, AliPay, Sofort and PaySafe.  A comprehensive list of supported APM’s is available from our website

What additional fraud services do you offer?
We integrate with ACI ReD Shield which anticipates and responds to changing patterns of fraud ensuring Secure Trading’s merchants remain protected in all environments. You can find documents for Payment PagesXML, and JSON on our website. Please contact your account manager for further details regarding this additional service.
How do I setup PayPal with SecureTrading?
Please refer to the Enabling PayPal document.
I’ve sent you my PayPal Username, but how do I setup PayPal itself?

If you are using Payment Pages, it’s automatically done for you.  If using Webservices or STAPI however you will need to check the relevant XML instructions. For the JSON integration, please refer to the online documentation.

Can I re-authorise transactions in STPP?
There is a fully integrated Re-Auth button that is available at the bottom of every transaction you have processed in MyST, allowing you to re-attempt another payment against that card.

Please note: re-authorisations will not include the Security Code. You may be charged extra fees from your acquiring bank, please check with them before re-authorising!

Are refunds, authorisations, settlements and fraud/risk checks supported?

Yes, these features are fully supported.

How long does it take to receive the platform credentials?
These will be sent out by the support team once they’ve been set up after your contract has been signed with your account manager.  Account Credentials are usually supplied within a 48-hour period.
Do I have to request to go live?
Yes, you must send an email to [email protected] requesting for your account to be switched into live mode.

Please note:  this is only possible after you have received the email informing you that your merchant number has been successfully tested!

What is 3-D Secure?
3-D Secure is an additional layer of security that authenticates a customer during a transaction. It also affords you more protection against potential chargebacks.
What is the liability shift for 3-D Secure?
Provided you are utilising the 3-D Secure system, you will be covered for the majority of fraudulent transactions that are processed and the liability for payment will shift back to the card issuer.

Secure Trading believes the liability shift to be as follows:

Brand Enrolled Status Liability
Visa U Merchant*
Visa N Card Issuer**
Visa Y Y Card Issuer**
Visa Y N Merchant***
Visa Y A Card Issuer**
Visa Y U Merchant*
MasterCard U Merchant*
MasterCard N Card Issuer**
MasterCard Y Y Card Issuer**
MasterCard Y N Merchant***
MasterCard Y A Card Issuer**
MasterCard Y U Merchant*

Y= Yes
A= an attempt on something did not work with the communication
N= No
U= Unknown

* Important note: If the brand is Visa and enrolled or status is returned as a “U” (Unknown), it means that the merchant is not covered by the 3-D Secure scheme. In this case the merchant is still liable for any fraudulent transactions.
** Important note: There are some cases where the liability is not covered by the card issuer; for example some commercial cards under both brands. For more information please contact your acquirer.
*** Important note: In this case it is strongly recommended that the transaction does not proceed. This means the password entered did not match.

This is a high level overview of the liability shift. Please bear in mind we facilitate the process; we do not create or enforce the rules. If you are unsure of any transaction status that you may see, we would recommend that you contact your acquirer.

Are commercial cards covered by 3-D Secure?

The majority of Visa / Mastercard branded cards are covered by 3-D Secure, which does include some Commercial Cards. More information can be provided by your acquiring bank.

How do I activate 3-D Secure on my account?
If you are using Payment Pages, 3-D Secure will be enabled automatically by ourselves. If you are using an API system and require 3-D Secure, you have to include the relevant XML for performing 3-D Secure requests or if you are using the JSON integration, please refer to the Online 3-D Secure documentation.
Is 3-D Secure mandatory?
In most cases 3-D Secure is not mandatory, but is highly recommended.  It is however compulsory when processing Maestro cards. Some acquiring banks require that you use 3-D Secure. Please check with your acquiring bank before making any decisions on this.
Error Message: Request aborted: Unable to send to gateway javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure.
This is usually caused by your STAPI client not running when you attempt to send the request through.
Error Message: XML: org.xml.sax.SAXParseException: Premature end of file.
The most likely cause of this error is when a carriage return does not exist at the very end of the XML file, or the XML file is truncated before the end.
Is it possible to run concurrent versions of Secure Trading API at the same time on the same server?
Provided you keep them separate on your server (and separate the versions of Java if relevant), then yes; this is possible.
How do I set up email confirmations of an order?
This is done within MyST. Please refer to the Rule Manager documentation for more information.
Can I accept multiple currencies on my site?
Yes, but this depends entirely on your acquirer. Please speak to support for more information.
I am seeing AUTH CODE: TEST when processing payments.
You are currently processing on a test account; you will need to ensure you request for your main account to be switched live and that your code is pointing to the correct site reference.

EG:  mycompany67890 instead of test_mycompany67891

I’m getting the following error “No account found” what might cause this?
You are trying to process a card type / currency / account type (ECOM / MOTO etc) that your account isn’t setup to process.
Why is no money being paid into my bank account? I put my website “Live” a week ago.
If your account is live, and your transactions are settling as expected, please speak to your acquiring bank.  If you are unsure of this, please call Support and we’ll point you in the right direction.  You would need to speak to your acquiring bank to find out where they are paying the money into.

Web Services

Secure Trading Web Services is for merchants who want to use their own secure servers, but wish to use Secure Trading’s payment network as part of their own ecommerce application. The Web Services interface allows merchants to submit a request to Secure Trading using a client program, providing a username and password for authentication. Unlike STAPI, no client needs to be installed on your own server to use Web Services.

Using Secure Trading Web Services you can:

  • Automate refunds and authorisation reversals, and control the settlement schedule for each transaction.
  • Have development capability and write applications that can process payments.
  • Integrate a payment solution into back-office or legacy systems.

For more information please contact our support team on 01248 672050.

I am looking at additional payment methods. What do you support?

We support many Additional Payment Methods (APMs) such as ApplePay, PayPal, AliPay, Sofort and PaySafe.  A comprehensive list of supported APM’s is available from our website

What additional fraud services do you offer?
We integrate with ACI ReD Shield which anticipates and responds to changing patterns of fraud ensuring Secure Trading’s merchants remain protected in all environments. You can find documents for Payment PagesXML, and JSON on our website. Please contact your account manager for further details regarding this additional service.
How do I setup PayPal with SecureTrading?
Please refer to the Enabling PayPal document.
I’ve sent you my PayPal Username, but how do I setup PayPal itself?

If you are using Payment Pages, it’s automatically done for you.  If using Webservices or STAPI however you will need to check the relevant XML instructions. For the JSON integration, please refer to the online documentation.

Can I re-authorise transactions in STPP?
There is a fully integrated Re-Auth button that is available at the bottom of every transaction you have processed in MyST, allowing you to re-attempt another payment against that card.

Please note: re-authorisations will not include the Security Code. You may be charged extra fees from your acquiring bank, please check with them before re-authorising!

Are refunds, authorisations, settlements and fraud/risk checks supported?

Yes, these features are fully supported.

How long does it take to receive the platform credentials?
These will be sent out by the support team once they’ve been set up after your contract has been signed with your account manager.  Account Credentials are usually supplied within a 48-hour period.
Do I have to request to go live?
Yes, you must send an email to [email protected] requesting for your account to be switched into live mode.

Please note:  this is only possible after you have received the email informing you that your merchant number has been successfully tested!

What is 3-D Secure?
3-D Secure is an additional layer of security that authenticates a customer during a transaction. It also affords you more protection against potential chargebacks.
What is the liability shift for 3-D Secure?
Provided you are utilising the 3-D Secure system, you will be covered for the majority of fraudulent transactions that are processed and the liability for payment will shift back to the card issuer.

Secure Trading believes the liability shift to be as follows:

Brand Enrolled Status Liability
Visa U Merchant*
Visa N Card Issuer**
Visa Y Y Card Issuer**
Visa Y N Merchant***
Visa Y A Card Issuer**
Visa Y U Merchant*
MasterCard U Merchant*
MasterCard N Card Issuer**
MasterCard Y Y Card Issuer**
MasterCard Y N Merchant***
MasterCard Y A Card Issuer**
MasterCard Y U Merchant*

Y= Yes
A= an attempt on something did not work with the communication
N= No
U= Unknown

* Important note: If the brand is Visa and enrolled or status is returned as a “U” (Unknown), it means that the merchant is not covered by the 3-D Secure scheme. In this case the merchant is still liable for any fraudulent transactions.
** Important note: There are some cases where the liability is not covered by the card issuer; for example some commercial cards under both brands. For more information please contact your acquirer.
*** Important note: In this case it is strongly recommended that the transaction does not proceed. This means the password entered did not match.

This is a high level overview of the liability shift. Please bear in mind we facilitate the process; we do not create or enforce the rules. If you are unsure of any transaction status that you may see, we would recommend that you contact your acquirer.

Are commercial cards covered by 3-D Secure?

The majority of Visa / Mastercard branded cards are covered by 3-D Secure, which does include some Commercial Cards. More information can be provided by your acquiring bank.

How do I activate 3-D Secure on my account?
If you are using Payment Pages, 3-D Secure will be enabled automatically by ourselves. If you are using an API system and require 3-D Secure, you have to include the relevant XML for performing 3-D Secure requests or if you are using the JSON integration, please refer to the Online 3-D Secure documentation.
Is 3-D Secure mandatory?
In most cases 3-D Secure is not mandatory, but is highly recommended.  It is however compulsory when processing Maestro cards. Some acquiring banks require that you use 3-D Secure. Please check with your acquiring bank before making any decisions on this.
I get “Invalid Site Reference for Alias” when sending a Web Services request. What is the issue?
It is likely that the Site Reference quoted in your XML is not linked to your Web Services username, or the value you are passing for ALIAS in the XML is invalid (it must be the Web Services username)
I get “401 Authorization Required” when sending a Web Services request. What is the issue?
The most likely cause of this would be incorrect credentials in your Web Services header, or you are using a username that is not setup as the Web Services role.
How do I set up email confirmations of an order?
This is done within MyST. Please refer to the Rule Manager documentation for more information.
Can I accept multiple currencies on my site?
Yes, but this depends entirely on your acquirer. Please speak to support for more information.
I am seeing AUTH CODE: TEST when processing payments.
You are currently processing on a test account; you will need to ensure you request for your main account to be switched live and that your code is pointing to the correct site reference.

EG:  mycompany67890 instead of test_mycompany67891

I’m getting the following error “No account found” what might cause this?
You are trying to process a card type / currency / account type (ECOM / MOTO etc) that your account isn’t setup to process.
Which shopping carts can I use with Secure Trading?

We support many shopping carts such as Magento, PrestaShop, WooCommerce and OpenCart. A list of supported shopping carts is available from our website.

Why is no money being paid into my bank account? I put my website “Live” a week ago.
If your account is live, and your transactions are settling as expected, please speak to your acquiring bank.  If you are unsure of this, please call Support and we’ll point you in the right direction.  You would need to speak to your acquiring bank to find out where they are paying the money into.
How do I setup PayPal with SecureTrading?
Please refer to the Enabling PayPal document.
Can I setup a Redirect?
Yes; you can setup a Redirect (GET) so the customer (and fields) are sent back to your platform at the end of the transaction. More information can be found in section 1.4 of the Payment Pages setup guide. More information can be found in the Rule Manager documentation.

MyST

MyST is a secure interface providing online real-time access to your payment history. The status of every transaction can be tracked, allowing your Secure Trading account to be managed more effectively.

Using MyST you can:

  • View, refund, repeat or reverse your credit and debit card transactions in one place
  • Set permission levels for different types of users
  • Specify the settlement date of your card transactions
  • Change the amount of the transaction
  • Download transaction details and export into your accounting software
  • Upload and manage payment pages and email templates to our secure servers
  • Pay your Secure Trading invoices easily via credit or debit card
  • Authorise payments that cannot be processed online – for example, telephone orders and orders by post via your Virtual Terminal for MOTO transactions
  • Access and view your PayPal transactions
  • Access Secure Trading Identity Check and Secure Trading Card Check

For more information please contact our support team on 01248 672050.

Where is the File Manager?

This will be available only to users that have a qualifying User Role, 2-Step Authentication and a valid IP address listed on their username.

Can I re-authorise transactions in STPP?
There is a fully integrated Re-Auth button that is available at the bottom of every transaction you have processed in MyST, allowing you to re-attempt another payment against that card.

Please note: re-authorisations will not include the Security Code. You may be charged extra fees from your acquiring bank, please check with them before re-authorising!

Are refunds, authorisations, settlements and fraud/risk checks supported?

Yes, these features are fully supported.

How long does it take to receive the platform credentials?
These will be sent out by the support team once they’ve been set up after your contract has been signed with your account manager.  Account Credentials are usually supplied within a 48-hour period.
Do I have to request to go live?
Yes, you must send an email to [email protected] requesting for your account to be switched into live mode.

Please note:  this is only possible after you have received the email informing you that your merchant number has been successfully tested!

Is 3-D Secure mandatory?
In most cases 3-D Secure is not mandatory, but is highly recommended.  It is however compulsory when processing Maestro cards. Some acquiring banks require that you use 3-D Secure. Please check with your acquiring bank before making any decisions on this.
I’ve forgotten my administrator password, what do I do?
Send an email to [email protected] from an authorised contact, provide your MyST username and request a password reset.
Can I allow individual access to the MyST area i.e. provide each user with their own login details?
Yes, the Site Admin (main user) can create other users and provide them with their own access levels. We strongly advise that you use individual logins as you may require this for PCI accreditation, and this will also log which username has performed an action.
How do I set up email confirmations of an order?
This is done within MyST. Please refer to the Rule Manager documentation for more information.
Can I accept multiple currencies on my site?
Yes, but this depends entirely on your acquirer. Please speak to support for more information.
I am seeing AUTH CODE: TEST when processing payments.
You are currently processing on a test account; you will need to ensure you request for your main account to be switched live and that your code is pointing to the correct site reference.

EG:  mycompany67890 instead of test_mycompany67891

I’m getting the following error “No account found” what might cause this?
You are trying to process a card type / currency / account type (ECOM / MOTO etc) that your account isn’t setup to process.
Why is no money being paid into my bank account? I put my website “Live” a week ago.
If your account is live, and your transactions are settling as expected, please speak to your acquiring bank.  If you are unsure of this, please call Support and we’ll point you in the right direction.  You would need to speak to your acquiring bank to find out where they are paying the money into.