Once your file has been processed by Paysafe, you can download these types of file using SFTP:
- A detailed acknowledgement file. This file is not encrypted.
- An encrypted, detailed response file. Normally, there will be multiple response files available for each file you uploaded successfully (those files with the status of Completed). For details, see Response file contents.
This topic describes the following:
- Downloading acknowledgement files
- Downloading response files
- Decrypting response files
- Response file contents
If you uploaded your Account Updater file before the 5:30 a.m. EST deadline, the acknowledgement files are typically ready for download 30 minutes later (in other words, after 6.00 a.m.).
When you use WinSCP to communicate with Paysafe, you will see a folder labeled Outgoing, which contains the acknowledgement and response files.
Acknowledgement files have the following naming convention:
The order of the records in the acknowledgement file matches the order of the records in the Account Updater file you originally submitted. Each row in the acknowledgement file contains the following values for each record submitted.
Acknowledgement file contents
|Record Position||The position of the record in the original file you submitted (For example: 1 for record 1, 5 for record 5).|
The result of record processing; either:
|Return Code||If the decision for the record was RECORD REJECTED, the return code and its description.|
The following is an example of a valid acknowledgement file downloaded from Paysafe. This was in response to a file you uploaded that contained 3 records, all of which were processed since all were valid.
The following is an example of a valid acknowledgement file downloaded from Paysafe. The uploaded file was not processed, because it contained an invalid record.
If the file is rejected for some reason other than it contains an invalid record (for example, the file was empty, exceeded the maximum file size, or was a duplicate), the acknowledgement file will contain only one entry, with no record position field provided, and a response code indicating why the uploaded file was rejected. For example:
FILE REJECTED,Mon Jan 14 15:29:25 EST 2018,9052
Once Paysafe has processed your file (normally within 24 hours, but can take up to 4 days in rare circumstances), you can use WinSCP to access the SFTP site to retrieve the corresponding response files. Paysafe returns all responses as they are received from the card associations, and the Outgoing folder may contain any number of files, depending on the responsiveness of the card associations.
Paysafe posts response files each day at noon, and purges the the Outgoing folder daily at 2 a.m.
If you fail to retrieve your response files before they are deleted, contact Technical Support within two days to have them re-posted to the Outgoing folder..
Once you have retrieved a response file from the Paysafe SFTP site, you should delete it from the Outgoing folder.
Response files are GNUPG-OpenPGP encrypted with the merchant’s public key, and have the following naming convention:
When you have decrypted a response file, you will see that it contains the following fields from the records in the Account Updater file you uploaded.
- Original Card Number/Confirmation Number
- Original Expiry Date
You can use these fields to match response file records with ones in the Account Updater file.
If you do not receive a response for a record containing a Mastercard update, it means that the update was not required and, therefore, that Mastercard did not return any new information.
Paysafe returns all responses as they are received from the card associations. The Outgoing folder may contain any number of files, depending on the responsiveness of the card associations.
To decrypt your response files:
- Generate an RSA key pair. Paysafe recommends the following:
- Use GNUPG – an OpenPGP implementation.
- Ensure that the RSA public key is set as per the recommended standard (at least 2048-bits)
- Ensure that the symmetric algorithm used to encrypt the data using the PGP session key is set to AES 128/256, depending on the PGP tool support.
- If AES is not supported, use Triple DES with Keying option 1 (all three keys chosen independently).
- Block cipher in CBC/CFB/CTR/CCM-AES only mode.
- When configuring PGP, ensure the integrity check of the cipher is set to use SHA1/2.
- In the merchant back office, click the Settings tab.
- Click Manage Keys.
- Paste your public key into the PGP data field, and then click Save.
- Paysafe encrypts the Account Updater response file using your public key.
- Once you download the response file, you can decrypt it with the corresponding private key.
Each row in the response file contains the following values for each record you originally submitted, provided a match was found for that record.
|Record Position||The position of the record in the original file you submitted (for example, 1 for record 1, or 5 for record 5).|
|Record Type|| |
The type of record you inquired about; either:
|Card Brand|| |
The brand of the credit card; either:
|Decision||Whether the service could find a credit card/expirydate, confirmation number or NETBANX reference ID to match the record submitted. See Response file decision codes and descriptions for details.|
|Record Value||Original record value from the file you submitted.|
|Original Expiry Date|| |
Returned only for Card number records.
The expiry date of the credit card inthe record you uploaded.
|New Card Value|| |
|New Expiry Date|| |
The following is an example of a response file downloaded from Paysafe.
Fields contain values only if Paysafe obtains these values. For example, if the card details match the issuer's records and there is no change, the Decision field will indicate that this is the case, and the New Card Value field and the New Expiry Date field will be empty. If the record does not match any in the issuer's database, it will not appear in the response file.
In this example, records 1, 3, 5 and 9 have a new expiry date provided, record 7 has no new values returned, record 11 has new card number and expiry date provided.