The Opayo Payment Suite is closed to new subscriptions and will be retired by the end of the year. The developer continues to provide support for active subscribers, but we recommend starting the transition to the new Elavon Payments for WooCommerce extension.
If you have an active subscription to Opayo Payment Suite and require support, please submit a support request here.
Our Opayo Payment Suite plugin is three payment gateways in one, allowing you to use one or more to take payments with WooCommerce via Opayo.
You need to sign up for a Opayo UK account to use this plugin:Â www.opayo.co.uk
Option 1: Opayo Form
- Customer is redirected to Opayo to complete payment – simplifies PCI Compliance
- SSL Certificate recommended but not required
- Supports refunds and voids in WooCommerce admin (requires Opayo Reporting to be setup)
Option 2: Opayo Direct
- Customer stays onsite for entire transaction
- SSL Certificate required
- Supports WooCommerce Pre-Orders
- Supports recurring payments for WooCommerce Subscriptions
- Supports refunds in WooCommerce admin
- Supports Tokens with WooCommerce 2.6 and higher
- Capture Authorised transactions from within WooCommerce
Option 3: Opayo Pi
- Customer stays onsite for entire transaction
- SSL Certificate required
- Supports refunds in WooCommerce admin
Opayo Fraud Scoring information available in WooCommerce (see here for more information on Opayo Reporting)
Installation and Updating
↑ Back to topFor a new installation please review our extension installation guide
If you need to update the extension you can do this from your WordPress admin if you have connected the site to WooCommerce.com, you can read more about that here
You can also update manually by downloading the latest version from your WooCommerce account
Once you have the zip file downloaded you should deactivate and delete the existing version from your WordPress plugins page and then install the new version using the upload option. You will not lose any settings or data by updating this way.
Setup and Configuration
↑ Back to topGo to the Opayo Form or Opayo Direct Settings page(s).
Configure the Settings – SagePay Form
↑ Back to topConfigure the settings page to suit your business. At a minimum, you must:
- Tick the Enable SagePay Form box
- Enter your Vendor Name (supplied by Opayo)
- Enter your Encryption Password (supplied by Opayo)
- Save.
- Complete the Opayo Reporting setup to enable refunds.
Configure the Settings – Opayo Direct
↑ Back to topConfigure the settings page to suit your business. At a minimum, you must:
- Tick the Enable Opayo Direct box
- Enter your Vendor Name (supplied by Opayo)
- Save.
Configure the Settings – Opayo Pi
↑ Back to topPlease review the Opayo Pi setup guide HERE
How to setup PayPal for Opayo Direct
↑ Back to topCreating a PayPal test account
Enabling Opayo on your PayPal test account
Linking PayPal to your Live account
Once Opayo have enabled PayPal on your account you will need to add PayPal as a card type in your WooCommerce Opayo settings.
Now your customers will see the PayPal option in the card type dropdown
IMPORTANT : PayPal will not show if there is a subscription product in the cart.
Configure the Settings – Opayo Reporting
↑ Back to topThere is separate documentation for Opayo Reporting HERE
Read about the benefits of Opayo Reporting here
Testing
↑ Back to topPlace several test transactions to confirm that everything is working correctly. Once you have completed testing, contact Opayo about making your account live. Opayo will notify you when ready, and then you can set the status to Live.
Opayo has a list of test cards you can use to carry out test transactions at: Test Card Details for Test Transactions.
Frequently Asked Questions
↑ Back to topI’m getting a message of: MALFORMED 3045 : The Currency field is missing.
↑ Back to topThis is because you are using the wrong password in the Encryption Password field. Opayo sends you at least two passwords, one for your account and one encryption password. You need to use the second one.
I’m seeing a 5080 error when I get to Sage.
↑ Back to topNormally this is a password issue, make sure you have the encryption passwords set correctly – the live and testing passwords should be different. If it’s not a password issue then check the PHP error logs.
My customers are returned to a blank screen after paying with Opayo Form
↑ Back to topAre you using iThemes Security? Make sure to uncheck the “Long URL Strings” option.
Why do transactions that fail 3D Secure still show as approved?
↑ Back to topLog into MySagePay (https://live.sagepay.com/mysagepay/login.msp) and check your 3D Secure rules. For example:
4020 : Information received from an Invalid IP address
↑ Back to topYou must add the IP address of your hosting to MySagePay.
If you don’t know the IP address, you can obtain it from WooCommerce -> Status -> Tools -> “Get IP Address for MySagePay settings”
Surcharges and Opayo Form
↑ Back to topThe surcharge settings have been removed from the Opayo Form settings. To bring them back you will need add the following function in your custom functions :
There are two filters available to allow for conditional application of the surcharges and conditional modification of the surcharges.
To set when the surcharges should be applied use :
apply_filters( 'woocommerce_sagepayform_apply_surcharges', true, $order, $sage_pay_args_array );
To modify the surcharge XML use :
apply_filters( 'woocommerce_sagepayform_modify_surcharges', $surchargexml, $order, $sage_pay_args_array, $cardtypes );
Card Type Drop Down
↑ Back to topWith Version 3.2.1 the Opayo Direct checkout form was changed to include a drop down for card type. Opayo requires that the card type is included in the transaction information. Previously this was done by checking the first 6 digits of the card number using a 3rd party service BIN List (https://en.wikipedia.org/wiki/Bank_card_number) Unfortunately this service has proved to be occasionally unreliable and so has been replaced by the drop down.
Tokens
↑ Back to topAs of version 3.3.0 tokens are supported with Opayo Direct. Your site will need to be running WooCommerce 2.6.0 or higher.
Tokens must be enabled on your Opayo account before your site will be able to use them.
The card details are not stored on your site, only the token from Opayo, the last four digits of the card number and the expiry date. You will not be able to store the CV2 number so this is not used during transactions that use a token, it will be checked when the token is created.
3D Secure will only be checked when the token is created, not for subsequent transactions using the token.
Tokens can also be used for Subscription payments making it easier for your customers to change their card details on your site.
Fraud Screening
↑ Back to topOpayo provide some fraud screening during the payment process. If they flag a transaction then the order status will be changed during the checkout process to alert you. You will need to login to MySagePay to confirm that you are prepared to ship the order or that you need to cancel it. Once you have reviewed the reasons for the fraud notification you can go back to WooCommerce and update the order as necessary.
You can read about the way transactions are scored by Opayo here
“Checks” column
↑ Back to topThis section displays the status of checks done by Sage, previously this information was only included in the order notes. You will see
which will allow you to quickly check that the address, postcode, CV2 and 3D Secure information where all provided correctly. Green indicates correct, yellow indicates not checked and red indicates the information provided by the customer was incorrect. It is up to you to decide how to proceed if the icons are not green. Please note, renewal orders for subscription payments may not be all green as the checks are not re-done.
Note: This information may not be available or may be incomplete for orders placed before version 3.4.0 was installed. It has always been included in the transaction information in the order notes.
3D Secure 2 setup and testing
↑ Back to topSetup
↑ Back to topOpayo has enabled 3D Secure 2 on their live servers.
- In the WooCommerce Opayo Direct settings, make sure you have the VPS Protocol option set to “4.00”
- Make sure you have set up 3D Secure rules in the LIVE and TEST MySagePay. You can read more about setting up the rules on the SagePay website
Testing
↑ Back to topTo place test orders using 3D Secure 2.0 you will need to be in “testing”
Then you can choose the “Magic Value” in the drop down
Each value in the drop down will give a different result for a test transaction.
Magic Value | 3DSecureStatus | Description |
---|---|---|
SUCCESSFUL | OK | This is returned for a frictionless flow where authentication is successful |
NOTAUTH | NOTAUTHED | This is returned for a frictionless flow where authentication is NOT successful |
CHALLENGE | Status=3DAUTH 3DSecureStatus=OK | This is returned for a challenge flow, where the cardholder will be re-directed to the ACS to enter two-factor authentication. A CReq, VPSTxId, ACSURL and StatusDetail will also be returned. Once you re-direct to the ACSURL, entering the correct password displayed on the site will simulate a successful authentication, entering any other password will simulate an un-successful authentication. |
PROOFATTEMPT | ATTEMPTONLY | The cardholder attempted to authenticate themselves, but the process did not complete. A CAVV is returned and this is treated as being successfully authenticated. |
NOTENROLLED | NOAUTH | This means the card is not enrolled in the 3D-Secure scheme. |
TECHNICALDIFFICULTIES | INCOMPLETE | 3D-Secure authentication was unable to complete. No authentication occurred. |
STATUS201DS | Fallback to 3DSv1 | Simulates fallback to 3DSv1. You will receive a PAReq, MD, ACSURL and StatusDetail |
ERROR | ERROR | Simulates an error condition where 3D-Authentication cannot be performed due to data errors or service unavailability in one of the parties involved in the check |
Test Cards
↑ Back to topYou will always receive an OK response and an Authorisation Code from the test server if you are using one of the test cards listed below. All other valid card numbers will be declined, allowing you to test your failure pages.
If you do not use the Address, Postcode and Security Code listed below, the transaction will still authorise, but you will receive NOTMATCHED messages in the AVS/CV2 checks, allowing you to test your rulebases and fraud specific code.
There are different cards for Visa and MasterCard to simulate the possible 3D-Secure responses.
Billing Address 1: 88 The Street
Billing Post Code: ST41 2PQ
Security Code: 123
Valid From: Any date in the past
Expiry Date: Any date in the future
Payment Method | Card Number | CardType Response | 3D-Secure Response (VERes) |
---|---|---|---|
Visa | 4929 0000 0000 6 | VISA | Y |
Visa | 4929 0000 0555 9 | VISA | N |
Visa | 4929 0000 0001 4 | VISA | U |
Visa | 4929 0000 0002 2 | VISA | E |
Visa Corporate | 4484 0000 0000 2 | VISA | N |
Visa Debit | 4462 0000 0000 0003 | DELTA | Y |
Visa Electron | 4917 3000 0000 0008 | UKE | Y |
MasterCard | 5404 0000 0000 0001 | MC | Y |
MasterCard | 5404 0000 0000 0043 | MC | N |
MasterCard | 5404 0000 0000 0084 | MC | U |
MasterCard | 5404 0000 0000 0068 | MC | E |
Debit MasterCard | 5573 4700 0000 0001 | MCDEBIT | Y |
Maestro (UK Issued) | 6759 0000 0000 5 | MAESTRO | Y |
Maestro (German Issued) | 6705 0000 0000 8 | MAESTRO | Y |
Maestro (Irish Issued) | 6777 0000 0000 7 | MAESTRO | Y |
Maestro (Spanish Issued) | 6766 0000 0000 0 | MAESTRO | Y |
American Express | 3742 0000 0000 004 | AMEX | N/A |
Diners Club / Discover | 3600 0000 0000 08 | DC | N/A |
JCB | 3569 9900 0000 0009 | JCB | N/A |
PayPal | Use your own PayPal Sandbox | PAYPAL | N/A |
Feedback and feature requests
↑ Back to topFor feedback on the SagePay Form/Direct gateway, this documentation or for feature requests please email support@chromeorange.co.uk
Questions &Â Support
Have a question before you buy? Please fill out this pre-sales form.
Already purchased and need some assistance? Get in touch the developer via the Help Desk.