017538: Integrate with new PSP - Pay360

Integrate with new PSP - Pay360 is not enabled by default.

Please email Development for more information.
Note: there will be additional costs involved if this option is enabled.


Khaos Control have implemented an integration with Pay360.


This integration allows:

  1. Full authorising of pre-authorised payments passed from the web. The mandatory fields will be provided in the usage instructions to help guide the web developer on how to communicate the appropriate information through to Khaos Control.
  2. Pre-authorisation (and full authorisation when the time is appropriate) for telephone orders placed by Khaos Control users.

The authorisation process makes use of the 3D Secure functionality, and other appropriate functionality, offered by Pay360 to ensure transactions are not fraudulent. Khaos Control will need to handle fraud checking and provide any information the PSP provides when processing the order through the Sales Invoice Manager.


A Changelog and an update will be applied as a part of this development, other steps for configuration are as follows:

DLL Deployment

DLL's for this integration must be placed in a subfolder titled PSP in the applications directory; i.e. if your KhaosControl.exe is in c:\bin\khaoscontrol\ then the DLL folder will be c:\bin\khaoscontrol\PSP\. KCSL will undertake the setup of these DLL files.

System Data Configuration

The settings for this card integration can be found in the [ System Data | Card Integration Accounts ] screen. The recommended System Data Configuration for this integration are as follows:

  • Integration Type: Pay360.
  • Token Swap: Unticked.
  • Copy PreAuth to following payments: Unticked.
  • PreAuth full order value: Ticked.

Right click on the card integration and select Configure to open the Integration Options Dialog and set the following configuration options:

  • Testing: this denotes whether to connect to the testing endpoint when ticked, this can be used for training purposes, and will connect to the production / live endpoint when unticked.
  • Installation ID: This is the details for the API, Username and password that are supplied by the provider.
  • Allow Repeat: Unticked (Recommended). If ticked this option will make use of Continuous Payment Authority (Recurring payments).
  • Check Address: Validate Card holder address
  • Check CV2: Validate CSC / CV2 code.

System Values Configuration

Recommended System Values Configuration for this integration is as follows:


Steps for usage are as follows:

For Normal orders

Pay360 Payments can be authorised as normal in the following areas:

Pay360 Payments can be refunded as normal in the following areas:

For Order Imports

The following tags must be present within the <PAYMENT_DETAIL> tags of the XML import file:

<SECURITY_TOKEN Last4Digits="5159">


SECURITY_COMMENT is the Address (Postcode and address line 1) / CV2 check result combined:

  • ALL_MATCH = all the above matched
  • otherwise 3-section string, semicolon separated in the format:
    • "Address: AddrCheckResult; Postcode: AddrCheckResult; CSC: CV2CheckResult"
    and the values of AddrCheckResult [ NOT_CHECKED, FULL_MATCH, NOT_MATCHED, NOT_PROVIDED ] and CV2CheckResult [ NOT_CHECKED, MATCHED, NOT_MATCHED ] are returned by the PSP.
  • TRANSACTION_ID is the transaction ID returned from the PSP. It is required for refunds and post-auth.
  • SECURTY_TOKEN is used for repeat transaction, to allow follow up payments, it is a new line separated sting in the format of:
    • ID=TokenID
    • TransID=TransactionID of the original repeat transaction

Note: The TokenID should be a unique number; it can be the transaction number.

Caveat: When a Pre-Auth is processed it is only valid for 7 days , after that it is automatically cancelled.

See Also

Did you find this article helpful?