The release notes provided in V1 of this document serve as an initial preview of the changes expected in the upcoming production release scheduled for August 2025, on the Hosted Gateway.
iVeri Gateway Release Version 5.10* **
Section 1: All Customers * This section will provide release notes relevant to All iVeri Customers, categorized into compliance, optimization, and feature enhancements.:
Compliance*
Subject: Updated Procedure for Removal of Blacklisted Cards
Product/Platform: Gateway - Core
Release Description:
The stored procedure that handles the removal of blocked cards has been updated to extend the blocking period from 3 months to up to 1 year. This enhancement supports new merchant advice codes that mandate a longer blocking duration of one year.
Subject: Implementation of PCI-D
* Enterprise Introduction ***
The iVeri range of payment solutions, developed by iVeri Payment Technologies (Pty) Ltd provides proven credit card payment solutions for businesses that have online or physical presence. The use of Enterprise API's is ideal for merchants that want complete control & flexibility of the payment page and transaction mechanisms supported.
Enterprise API’s currently support the following Webservices
REST
SOAP
*/Merchant Requirements/*
Merchants are required to enter into a “Agreement” with an authorised Acquiring Institution. Once there is a merchant agreement in place, a merchant profile can be created With Enterprise calls to the Gateway, the presence of a certificate ID is required, with the actual physical certificate available as optional means to authentica
Developer Guides *
**
These Guides are for developers and will be specific to each of the iVeri products
BackOffice User Guide *
**
This document details the functionality available in Backoffice for merchants. The merchant interface (URL) to be accessed depends on the acquirer in which the merchant has an agreement with.
Merchants are required to enter into a “Agreement” with an authorized Acquiring Institution. Once there is a merchant agreement in place, a merchant profile can be created. With Enterprise calls to the Gateway, the presence of a certificate ID is required, with the actual physical certificate available as optional means to authenticate merchant requests. Test Mode should be used during integration, testing, and validation. Test application ID must be used with Mode Test
This document uses certain iVeri specific terminology which can be referenced in Parameter Description [1]
[1] /docs/enterprise-developer-guide-58#parameter-description-1330-0
Transaction Sequence **
Authorisation Flow *
The possible transaction sequence flow with an initial Authorization is the following:
Image [1]
Debit/Sale * *
The possible transaction sequence flow with an initial Debit is the following Image [2]
Refund/Credit * *
The possible transaction sequence flow with an initial Credit is the following: Image [3]
Transaction Commands *** The following transaction types encompasses the payment mechanism which the iVeri Gateway supports and may cause the transfer of funds from cardholder to merchant or vise-versa.
Transaction
Commands*
Description*
Authorisation (also known as
“Preauthorisation”)
Causes a reservation of funds on the cardholder’s account.
Authorisation Reversal
Unreserve the funds previously reserved on the cardholder’s account.
De
An action corresponds to the combination of a payment mechanism and a command. The concept of an action is used within the documentation and examples as a means of describing functionality. The Enterprise API and iVeri Gateway use the concepts payment mechanism and command instead of Action.
The iVeri Gateway allows for the following actions:
Authorisation with PAN
Reserve
funds when a card is not present.
This
action is commonly known as a "Pre-Auth/Pre-Authorisation"
Authorisation with Track2
Reserve
funds when a card is present. Funds reservation is not applicable for cards requiring
a PIN.
This action is commonly known
as a "Pre-Auth/Pre-Authorisation"
Authorisation with
VisaCheckoutCallID
Reserve
funds when a card is present. Funds reservation is not applicable for cards
requiring a P
Updating Cipher Suites for Web Application Firewall (WAF) Security
**
Release Description:* Updating Cipher Suites for Web Application Firewall (WAF) Security
Category: *Compliance
Target Audience: *
Implementation date: 20/01/2025*
Ciphers: *
The primary purpose of ciphers is to ensure confidentiality, integrity, and authenticity of data during transmission. Using strong ciphers as outlined by PCI DSS is crucial for protecting sensitive cardholder data and ensuring compliance with industry standards, ultimately helping to safeguard against data breaches and cyber-attacks.
Strong Ciphers: *
Strong ciphers provide high levels of security, making it extremely difficult for unauthorized parties to decipher the encrypted data without the correct decryption key.
Importance of Strong Ciphers:*