Adding a Cybersource connection to your BR-DGE retail channel requires you to collect some information for us to add to your BR-DGE retail channels. This article details the information BR-DGE requires, and how you can locate it.
Cybersource Account
If you don't already have a Cybersource Account, you can create a Sandbox account with Cybersource. For a Cybersource Production account, you must contact their Sales Team.
BR-DGE requires the following information to allow you to route payments to Cybersource through our platform:
- Merchant Id
- Rest API Key
- Rest API Shared secret
Cybersource Payout
When performing payouts with Cybersource, you need to use a different MID (merchant ID) depending on the card scheme (VISA or Mastercard). To allow you to route payouts to Cybersource, we will require the following information:
- Visa Merchant Id
- Visa Rest API Key
- Visa Rest API Shared secret
- Mastercard Merchant Id
- Mastercard Rest API Key
- Mastercard Rest API Shared secret
It is likely that the "default" Merchant ID (MID) in your Cybersource account is going to be the same as VISA or Mastercard MID. If so, please confirm which scheme the "default MID" is for.
Please note that some of these details are sensitive. We ask you to handle these with care.
- How to locate your Merchant Id?
- Login to the Cybersource Portal.
- On the portal main page, there is a banner at the top with configuration details.
- The value for Merchant Id is the value in this banner for Transacting ID.
- How to create your Rest API Key and Shared secret?
- Login to the Cybersource Portal.
- Select Payment Configuration > Key Management.
- Click on Generate Key button.
- In the Create Key window, select REST - Shared Secret and click Generate key.
- In the next window copy or download the Rest API Key and Shared Secret.
Cybersource Account 3-D Secure Prerequisites
Your Cybersource Merchant ID must be configured specifically for 3-D Secure 2.x.
Your Cybersource Merchant ID must be setup with three credentials, provided by Cardinal Commerce. These will be visible in the Enterprise Business Center when set up.
These credentials must be present in your Cybersource account for 3DS Direct to work correctly. These are NOT required to be sent on to BR-DGE but must be configured;
- API Identifier - A non-secure value that should be passed within the JWT under the iss claim.
- Org Unit ID - A non-secure value that should be passed within the JWT under the OrgUnitId claim.
- API Key - A secure value that should never be rendered or displayed anywhere within a browser/mobile app. This value must only ever be stored on the merchant server. The API Key is used to sign the JWT initialize the connection to Cardinal Commerce, and to verify the JWT signature received back from Cardinal.
- Please review this Cybersource article to see how to verify if you have 3-D secure configured.
Contact the Cybersource Support team to ensure that the Merchant ID is configured for 3DS2 and the above credentials are in place correctly.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article