On This Page

{#jumplink-list}  
[Markdown](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-portfolio-reseller-mgmt.md)  
Filter  
FILTER BY TAG

Portfolio Management for Resellers {#sa-portfolio-reseller-mgmt}
================================================================

This section describes how to manage portfolios for your merchants.

Creating a `Checkout API` Profile {#sa-create-prod-profile}
===========================================================

Contact `Cybersource` Customer Support to enable your account for `Secure Acceptance`. You must activate a profile in order to use it. See [Reseller: Activating a Profile](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-portfolio-reseller-mgmt/sa-activate-profile-reseller.md "").

1. Log in to the Business Center:

   #### ADDITIONAL INFORMATION

   * **Production** : [businesscenter.cybersource.com](https://businesscenter.cybersource.com "")
   * **Production in India** : [businesscenter.in.cybersource.com](https://businesscenter.in.cybersource.com "")
   * **Test** : [businesscentertest.cybersource.com](https://businesscentertest.cybersource.com "")
2. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

3. Click New Profile.

4. Enter or verify these profile details:

   #### ADDITIONAL INFORMATION

   Profile Name
   :
   The `Secure Acceptance` profile name is required and cannot exceed 40 alphanumeric characters.

   Profile Description
   :
   The profile description cannot exceed 255 characters.

   Integration Method
   :
   Check `Checkout API`.

   Company Name
   :
   The company name is required and cannot exceed 40 alphanumeric characters.

   Company Contact Name
   :
   Enter company contact name.

   Company Contact Email
   :
   Enter company contact email.

   Company Phone Number
   :
   Enter company contact phone number.

   Payment Tokenization
   :
   Check Payment Tokenization. For more information, see [Payment Transactions](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-payment-txns.md "").

   `Decision Manager`
   :
   Check `Decision Manager`. For more information, see [Decision Manager](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-custom-fme-dm.md "").

   Verbose Data
   :
   Check Verbose Data. For more information, see [Decision Manager](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-custom-fme-dm.md "").

5. Click Submit.

Payment Method Configuration {#sa-payment-method-configuration-reseller}
========================================================================

You must configure at least one payment method before you can activate a profile.

Reseller: Adding Card Types and Currencies {#sa-add-card-types-curr-reseller}
=============================================================================

For each card type you choose, you can also manage currencies and payer authentication options. Choose only the types of payment cards and currencies that your merchant account provider authorizes.

> Secure Acceptance does not process transactions for cards that do not have a card verification number (CVN) and expiration date. Most China UnionPay debit and credit cards issued before 2016 do not have a CVN and expiration date. You must decide whether you will require the CVN.

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Payment Settings. The Payment Settings page appears.

4. Click Add Card Types. The list of card types appear.

5. Check each card type that you want to offer to the customer as a payment method. Your payment processor must support the card types.

6. Click Settings for each card type. The card settings and currencies lists appear.

7. Check the currencies for each card.

   #### ADDITIONAL INFORMATION

   > By default, all currencies are listed as disabled. You must select at least one currency. Contact your merchant account provider for a list of supported currencies. If you select the Elo or Hipercard card type, only the Brazilian Real currency is supported.

8. Click Submit. The card types are added as an accepted payment type.

9. Click Save.

Payer Authentication Configuration {#sa-payer-auth-configuration-reseller}
==========================================================================

Payer authentication is the `Cybersource` implementation of 3-D Secure. It deters unauthorized card use and provides added protection from fraudulent chargeback activity. `Secure Acceptance` supports 3-D Secure 1.0 and 2.0.  
Before you can use `Cybersource` Payer Authentication, you must contact `Cybersource` Customer Support so that `Cybersource` can configure your account. Your merchant ID must be enabled for payer authentication. For more information about payer authentication, see the [Payer Authentication Developer Guides](https://developer.cybersource.com/docs.md#PayerAuthentication "").  
For `Secure Acceptance`, `Cybersource` supports these kinds of payer authentication:

* American Express SafeKey
* China UnionPay (3-D Secure 2.0 only)
* Diners ProtectBuy
* J/Secure by JCB
* Mastercard Identity Check
* Visa Secure  
  For each transaction, you receive detailed information in the replies and in the transaction details page of the Business Center. You can store this information for 12 months. `Cybersource` recommends that you store the payer authentication data because you can be required to display this information as enrollment verification for any payer authentication transaction that you present again because of a chargeback.  
  Your merchant account provider can require that you provide all data in human-readable format.  
  The language used on each payer authentication page is determined by your issuing bank and overrides the locale that you specified. If you use the test card numbers, the default language used on the payer authentication page is English and overrides the locale you have specified. See [Test and View Transactions](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-test-view-txns.md "").

Reseller: Configuring Payer Authentication {#sa-configure-payer-authentication-reseller}
========================================================================================

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.
2. Choose a profile. The General Settings page appears.
3. Click Payment Settings. The Payment Settings page appears.
4. Choose the 3-D Secure version that you want to use. If you choose 3-D Secure 2.0 and the card issuer is not 3-D Secure 2.0 ready, some transactions might still authenticate over 3-D Secure 1.0. The payer_authentication_specification_version response field indicates which version was used.
5. Click Save. The card types that support payer authentication are:
   * American Express
   * Cartes Bancaires
   * China UnionPay
   * Diners Club
   * JCB
   * Mastercard
   * Maestro (UK Domestic or International)

* Visa

Reseller: Enabling Automatic Authorization Reversals {#sa-enable-automatic-auth-reversals-reseller}
===================================================================================================

For transactions that fail to return an address verification system (AVS) or a card verification number (CVN) match, you can enable `Secure Acceptance` to perform an automatic authorization reversal. An automatic reversal releases the reserved funds held against a customer's card.

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Payment Settings. The Payment Settings page appears.

4. Check Fails AVS check. Authorization is automatically reversed on a transaction that fails an AVS check.

5. Check Fails CVN check. Authorization is automatically reversed on a transaction that fails a CVN check.

6. Click Save.

   #### ADDITIONAL INFORMATION

When the AVS and CVN options are disabled and the transaction fails an AVS or CVN check, the customer is notified that the transaction was accepted. You are notified to review the transaction details. See [Types of Notifications](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-checkout-types-notifications.md "").

Reseller: Enabling ACH Payments {#sa-enable-echecks-reseller}
=============================================================

An ACH payment is a payment made directly from your customer's U.S. or Canadian bank account. As part of the checkout process, you must display a terms and conditions statement for ACH transactions.  
A customer must accept the terms and conditions before submitting an order. Within the terms and conditions statement it is recommended to include a link to the table of returned item fees. The table lists by state the amount that your customer has to pay when a check is returned.

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Payment Settings. The Payment Settings page appears.

4. Check Enable Echeck Payments. The list of account types appears.

5. Check the account type(s):

   #### ADDITIONAL INFORMATION

   * Checking
   * Savings
   * Corporate Checking
   * General Ledger
6. Click Add Currencies. The ACH settings page appears.

7. Check Select All or select a currency.

8. Click Save.

Reseller: Enabling PayPal Express Checkout {#sa-enable-paypal-express-checkout-reseller}
========================================================================================

PayPal Express Checkout is not supported on a `Secure Acceptance` iframe integration.  
Contact `Cybersource` Customer Support to have your `Cybersource` account configured for this feature. You must also create a PayPal business account; see [*PayPal Express Checkout Services Using Alternative Payment Services Simple Order API*](https://docs.cybersource.com/content/dam/new-documentation/documentation/en/altpay-paypal-express/developer/all/so/altpay-paypalexpress-so.pdf "").  
Add the PayPal Express Checkout payment method to your checkout page and redirect the customer to their PayPal account login. When logged in to their PayPal account they can review orders and edit shipping or payment details before completing transactions.

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.
2. Choose a profile. The General Settings page appears.
3. Click Payment Settings. The Payment Settings page appears.
4. Check Enable PayPal Express Checkout.
5. Click Save.

Service Fees {#sa-service-fees}
===============================

Contact `Cybersource` Customer Support to have your `Cybersource` account configured for this feature. Service fees are supported only if Wells Fargo is your acquiring bank and FDC Nashville Global is your payment processor.  
The service fee setting applies to the card and ACH payment methods. To apply the service fee to only one payment method, create two `Secure Acceptance` profiles with the appropriate payment methods enabled on each: one with the service fee feature enabled and one with the service fee feature disabled.  
As part of the checkout process, you must display a terms and conditions statement for the service fee. A customer must accept the terms and conditions before submitting an order.

Reseller: Enabling Service Fees {#sa-enable-service-fees}
=========================================================

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Payment Settings. The Payment Settings page appears.

4. Check Service Fee applies on transactions using this profile. The service fee terms and conditions URL and the service fee amount are added to the customer review page.

   #### ADDITIONAL INFORMATION

   > Transactions fail if you disable this feature. Do not disable this feature unless instructed to do so by your account manager.

5. Enter the Consent Page URL.

   #### ADDITIONAL INFORMATION

   `Cybersource` sends the order information and the service fee amount to the consent page URL by HTTPS POST. The customer is directed from your checkout page to the consent page URL to accept or decline the service fee amount. See the [`Secure Acceptance` `Checkout API` Service Fee Guide](http://apps.cybersource.com/library/documentation/dev_guides/Secure_Acceptance_SOP/Secure_Acceptance_SOP_SF.pdf "") for detailed information.

6. Click Save.

   #### ADDITIONAL INFORMATION

After you save the profile you cannot disable the service fee functionality for that profile. All transactions using the profile will include the service fee amount.

Security Keys {#sa-security-keys-reseller}
==========================================

Before you can activate a profile, you must create a security key to protect each transaction from data tampering. A security key expires in two years.  
You cannot use the same security key for both test and production transactions. You must download a security key for each versions of `Secure Acceptance` for test and production.

* **Test** : [businesscentertest.cybersource.com](https://businesscentertest.cybersource.com "")
* **Production** : [businesscenter.cybersource.com](https://businesscenter.cybersource.com "")
* **Production in India** : [businesscenter.in.cybersource.com](https://businesscenter.in.cybersource.com "")  
  On the Profile Settings page, click Security. The Security Keys page appears. The security script signs the request fields using the secret key and the HMAC SHA256 algorithm. To verify data, the security script generates a signature to compare with the signature returned from the `Secure Acceptance` server. You must have an active security key to activate a profile.

Reseller: Creating Security Keys {#sa-create-security-keys-reseller}
====================================================================

1. In the left navigation panel, choose Payment Configuration \&gt; Key Management.

2. Click Generate Key.

3. Select a key type.

4. Click Next Step.

5. Select the key subtype **`Secure Acceptance`**.

6. Click Next Step.

7. Enter a key name (required).

8. Choose signature version 1.

9. Choose signature method HMAC-SHA256.

10. Select a security profile.

11. Click Submit.

12. Click Generate Key. The Create New Key window expands and displays the new access key and secret key. This window closes after 30 seconds.

13. Copy and save the access key and secret key.

    #### ADDITIONAL INFORMATION

    * Access key: Secure Sockets Layer (SSL) authentication with `Secure Acceptance`. You can have many access keys per profile. See [Scripting Language Samples](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-samples-scripting-languages.md "").
    * Secret key: signs the transaction data and is required for each transaction. Copy and paste this secret key into your security script. See [Scripting Language Samples](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-samples-scripting-languages.md "").

    When done pasting the secret keys into your script, delete the copied keys from your clipboard or cached memory.  
    By default, the new security key is active. The other options for each security key are:

    * Deactivate: deactivates the security key. The security key is inactive.
    * Activate: activates an inactive security key.
    * View: displays the access key and security key.  
      When you create a security key, it is displayed in the security keys table. You can select a table row to display the access key and the secret key for that specific security key.
14. Click Key Management. The Key Management page appears.

Reseller: Configuring Merchant Notifications {#sa-configure-merchant-notifs-reseller}
=====================================================================================

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.
2. Choose a profile. The General Settings page appears.
3. Click Notifications. The Notifications page appears.
4. Choose a merchant notification in one of two ways:
   * Check Merchant POST URL. Enter the HTTPS URL. `Cybersource` sends transaction information to this URL. For more information, see [Response Fields](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-wm-api-fields/sa-response-fields.md "").  
     Only an HTTPS URL supporting TLS 1.2 or higher should be used for the merchant POST URL. If you encounter any problems, contact `Cybersource` Customer Support.
   * Check Merchant POST Email. Enter your email address.  
     `Cybersource` sends transaction response information to this email address including payment information, return codes, and all relevant order information. See [Response Fields](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-wm-api-fields/sa-response-fields.md "").
5. Choose the card number digits that you want displayed in the merchant or customer receipt:
   * Return payment card BIN: displays the card's Bank Identification Number (BIN), which is the first six digits of the card number. All other digits are masked: 123456xxxxxxxxxx
   * Return last four digits of payment card number: displays the last four digits of the card number. All other digits are masked: xxxxxxxxxxxx1234
   * Return BIN and last four digits of payment card number: displays the BIN and the last four digits of the card number. All other digits are masked: 123456xxxxxx1234
6. Click Save.

Customer Receipts {#sa-customer-receipts-reseller}
==================================================

You can send a purchase receipt email to your customer and a copy to your own email address. Both are optional. Customers can reply with questions regarding their purchases, so use an active email account. The email format is HTML unless your customer email is rich text format (RTF).

Reseller: Configuring Customer Notifications {#sa-config-customer-notifs-reseller}
==================================================================================

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Notifications. The Notifications page appears.

4. Check Email Receipt to Customer.

5. Enter the sender email address to be displayed on the customer receipt. The customer will reply to this email with any queries.

6. Enter the sender name of your business. It is displayed on the customer receipt.

7. Check Send a copy to. This setting is optional.

8. Enter your email address to receive a copy of the customer's receipt.

   #### ADDITIONAL INFORMATION

   Your copy of the customer receipt will contain additional transaction response information.

9. Check Display Notification Logo.

10. Click Upload Company Logo. Find and upload the image that you want to display on the customer receipt and email.

    #### ADDITIONAL INFORMATION

    The image file must not exceed 840 (width) x 60 (height) pixels and must be GIF, JPEG, or PNG. The logo filename must not contain any special characters, such as a hyphen (-).

11. Check Custom Email Receipt.

    #### ADDITIONAL INFORMATION

    `Cybersource` recommends that you implement a DNS configuration to enable `Cybersource` to send email receipts on your behalf.

12. Check the type of email receipt that you want to send to a customer:

    * Standard email receipt: this email is automatically translated based on the locale used for the transaction.
    * Custom email receipt: this email can be customized with text and data references. The email body section containing the transaction detail appears between the header and footer. Custom text is not translated when using different locales are used.
13. Check custom email subject and enter up to 998 characters. When the maximum number of characters is exceeded, the subject heading defaults to *Order Confirmation*.

    #### ADDITIONAL INFORMATION

    You can insert email smart tags in the email subject, header, and footer sections to include specific information. Select each smart tag from the drop-down list and click Insert.

14. Click Save.

Customer Response Page {#sa-customer-response-pg-reseller}
==========================================================

You must configure the customer response page before you can activate a profile.  
You must choose to display a response page to the customer at the end of the checkout process. Enter a URL for your own customer response page. This page is displayed to the customer after the transaction is processed. Review declined orders as soon as possible because you might be able to correct problems related to address or card verification, or you might be able to obtain a verbal authorization. You can also choose to display a web page to the customer after the checkout process is completed.

Reseller: Configuring a Transaction Response Page {#sa-checkout-config-trxn-resp-pg-pm}
=======================================================================================

1. In the left navigation panel, choose Portfolio Management \&gt; Secure Acceptance Profiles. The `Secure Acceptance` Profile page appears.

2. Choose a profile. The General Settings page appears.

3. Click Customer Response. The Customer Response page appears.

4. Enter the URL for your customer response page. Use port 80, 443, or 8080 in the URL.

   #### ADDITIONAL INFORMATION

   Only port 443 should be used with an HTTPS URL.  
   A POST request with the transaction data is provided to this URL after the customer completes checkout.  
   The POST request contains the reason code value of the transaction, which helps you determine possible actions to take on the transaction.  
   See [Reason Codes](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-reason-codes.md "").

5. Click Save.

Reseller: Activating a Profile {#sa-activate-profile-reseller}
==============================================================

> You must complete the required settings described in each of these sections before activating a profile:
>
> * [Payment Method Configuration](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-portfolio-reseller-mgmt/sa-payment-method-configuration-reseller.md "")
> * [Security Keys](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-portfolio-reseller-mgmt/sa-security-keys-reseller.md "")
> * [Customer Response Page](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-portfolio-reseller-mgmt/sa-customer-response-pg-reseller.md "")

1. In the left navigation panel, choose Portfolio Management \&gt; `Secure Acceptance` Profiles. The `Secure Acceptance` Profile page appears.
2. Perform one of these steps:
   * On the Active Profiles tab, choose a profile and click Publish Profile.
   * On the Edit Profile page, click Publish Profile.
3. Click Confirm.

Reseller: Additional Profile Options {#sa-additional-profile-options-reseller}
==============================================================================

* Copy---duplicates the active profile and creates an editable version. The editable version is listed in the inactive profile list. This option is available only for an active profile.
* Deactivate---deactivates the active profile. The profile is now listed in the inactive profile list. This option is available only for an active profile.
* Publish to Active---activates the inactive profile. This option is available only for an inactive profile.  
  RELATED TO THIS PAGE