HSBC Payment CLASS with payer authentication service (Version 0.2.0)

6 Sep

Friends! We already suffered enough with HSBC payment and also for PASS implementation.

Finally I have made the total implementation in a single class. Before going with the source code let me explain how the PASS and API works together. We have two separate processes to complete the payment.
1. Send Credit Card information to HSBC PASS server for validation. It will return some PASS parameters.
2. Construct API XML based on PASS response and send back to HSBC to complete the payment.

But no worries! I have made the process very easy with my HSBC class.

Step – 1: Execute PASS
First create object of the class and assign following parameters and execute PASS.

// Credit Card Number

// Exipre Date with the format mm-yy

// HSBC Cardholderpan

// Currency Exponent

// Amount with Pound symbol.
// For Test payment it must not grater then 1

// Keep it same

// Currency Code for Pound

// Return URL to API Section

// Execute PASS

Step – 2: Execute API
Assign the following variables and execute API payment section. If the payment process returns “A” as a response then considers it as a successful payment.
// Set Payment mode
// For test payment set 'Y'
$hsbc->payment_mode = 'P';

// Set true to see the return XML
$hsbc->debug = false;

// Set CcpaResultsCode from PASS responds
$hsbc->ccparesultscode = $_POST['CcpaResultsCode'];

// CAVV from PASS responds
$hsbc->cavv = $_POST['CAVV'];

// XID from PASS responds
$hsbc->xid = $_POST['XID'];

// Payment information for API XML
$hsbc->xmldata = array(
// HSBC Username
"name" =>"XXXXX",
// HSBC Password
// HSBC Client ID
// HSBC Cardholderpan
// Credit Card No
// CVV code for Credit Card
// Expire Date with format mm-yy
// Issue number only for SOLO and Debit Cards
// Start date only for SOLO and Debit Cards
// Amount For test tranjection it must be 1
// Customer Information
"email" =>"[]",
"street1"=>"[Street 1]",
"street2"=>"[Street 2]",
"postalcode"=>"[POST Code]",
"country"=>"[Country Code]"

// Execute Payment
$result = $hsbc->execute_api();

if( $result == "A")
echo "Pyment success";
echo "Payment failed";

Test Payment:
To execute test payment set payment_mode to Y in API section. For each test transaction the payment amount can not grater then 1.

Set $hsbc->debug = true to see the response XML to debug your integration

Download HSBC Payment Class


61 Responses to “HSBC Payment CLASS with payer authentication service (Version 0.2.0)”

  1. Invitra October 22, 2009 at 2:41 pm #

    Thanks for making the HSBC Process payments (using the HSBC Web services API) .
    I have tried with your code in test mode.
    Please help me.

  2. Rubel October 22, 2009 at 4:42 pm #

    First of all you need a valid HSBC account to test the payment method. 😦

    Then set the parameters carefully

  3. Joe October 24, 2009 at 1:18 am #


    I am hoping to use your code, thank you SO much for posting it here!

    I have copied everything exactly and carefully, and used our own HSBC log in credentials, however I receive the following error:

    Fatal error: Call to undefined method stdClass::execute_api() in /var/www/vhosts/[site]/[directory]/new_payment.php online 146

    Do you know why this might be? Many thanks for any help you can provide!

    Thank you, your website is great,

    Joe 🙂

  4. Joe October 24, 2009 at 1:21 am #


    I am so sorry to have troubled you, I was missing the following line:

    $hsbc = new hsbc();

    It is working now! Brilliant! I will recommend this page to anyone I can. In fact I will recommend it to HSBC so that they might give it to their customers.

    Thank you

    Joe 🙂 🙂

  5. Rubel October 24, 2009 at 1:33 am #

    Well! Check the code if you added the HSBC class correctly.

    You can re-download the codes and try to run Example.php first.

  6. Invitra October 26, 2009 at 11:06 am #

    Thanks for the reply. Your code works properly when I set a valid HSBC account details.
    I have one more query regarding sending Credit Card information to HSBC PASS server. As the Credit Card information is crucial and confidential,
    can’t we send the data in encrypted form to HSBC PASS server (
    I tried with curl option to send the data to HSBC PASS server, but it doesn’t return any PASS parameters.
    Please suggest any solution for this.

  7. Rubel October 26, 2009 at 11:19 am #

    Well, for your security certainly you have to use SSL. In our second step we are using CURL here.

  8. Sajid Ali Mudassar November 11, 2009 at 12:13 pm #

    Well Done, simply awesome work.

    Your previous post about HSBC saved me a lot of time, and now with your class, you have now added great extra features.

    You have made damn good work, MANY CONGRATS

    Some points i want to mention.

    in your class, on line 244, you have set $price variable to 100, within execute_api() class method, but its not needed and not used anywhere in class, please check it.

    in your example.php file, it seems you have missed the Pound symbol for the amount.
    // Amount with Pound symbol.
    // For Test payment it must not grater then 1

  9. Rubel November 11, 2009 at 1:41 pm #

    Thnx Mate..
    I was expecting comments like you..
    Every day I am getting 2o to 50 download notification but nobody try to improve it like you.
    [Download] -> [Install] -> [Use]

    I will update it when I get some time.

  10. james December 15, 2009 at 11:51 am #

    i keep reciving CcpaResultsCode 10 and payment failed, any suggestions?

    plz help

  11. james December 15, 2009 at 3:00 pm #

    another qustion I have is, I do i send it the name of the person whos making the payment, i have tried this : “name” => “James”,

    but i get this:
    Insufficient permissions to perform requested operation.

  12. Rubel December 15, 2009 at 3:09 pm #

    1. You have to use a valid user account for payment.
    2. Use exactly same name, password, Name, cardholderpan

    See the example

  13. james December 15, 2009 at 4:23 pm #

    hey Rubel,

    I have cheked out the latest version of this HSBC from you server,

    There is only 1 name field and thats:
    // HSBC Username
    “name” => “bankUserNameHere”,

    but there is no place for clients full name?

  14. Rubel December 15, 2009 at 4:31 pm #

    @ James
    You have lot’s of other parameter like Client Name, Order Id, Comments etc.

    Check the API documentations

  15. james December 15, 2009 at 4:40 pm #

    please tell me where I can get the API documentations from

  16. Rubel December 17, 2009 at 5:57 pm #

    Download the document form here:

    HSBC Payment Document


  17. Invitra January 11, 2010 at 10:21 am #

    Hi Rubel,
    I have one query,
    Does HSBC sends an e-mail to the merchant’s address after each payment process done as like paypal sends? If no, how could we implement that?

  18. Rubel January 11, 2010 at 12:14 pm #

    The best practices is to send a mail after you have captured the payment result in your site.

  19. Invitra January 11, 2010 at 1:03 pm #

    I have already send mail to admin and user after payment result captures from my site.
    My question is => Is HSBC sends any mail to the merchant for payment confirmation?

  20. Invitra January 11, 2010 at 1:07 pm #

    My client says “I am not receiving any billing information from our website to hsbc terminal, so i dont know where the payments come from, I have spoke to them (HSBC support) and they have said you have to integrate that info and, the HSBC support have emailed me the API guide to fix this issue” Please suggest me the solution

  21. Rubel January 11, 2010 at 1:59 pm #

    HSBC Does not sent any official mail for payment.
    But to be sure about payment you can track it from HSBC control panel.

    FYI: Set Order Id during integrations so you can track your payment by Orders otherwise you will be lost.

  22. alemma February 10, 2010 at 4:54 pm #

    Hi Rubel,

    I already have the HSBC API XML for the payment process. From there how can I integrate the PAS? The class you gave is useful but I am confused when I have to put it in my HSBC API XML.

    Please help me. Thanks.

  23. FRO February 15, 2010 at 5:48 pm #

    Hi Rubel,

    I have tested your class with my card details and it doesn’t prompt me to do 3dsecure auth, however I know I am enrolled.

    What could be the problem?



  24. The Site Company February 18, 2010 at 5:27 pm #

    Thanks very much for your trouble putting this together, I’m adding a few changes to suit oscommerce users, if it is still easily usable then i shall post an update here. HSBC are a joke, I wasted over a month getting this working!

  25. char February 19, 2010 at 4:32 pm #


    Can we change the layout of

    Its layout is not that good.. And we want to change some sort of things.


  26. Rubel February 19, 2010 at 4:45 pm #


    We don’t have control on those pages.

  27. Gurps March 10, 2010 at 5:30 pm #

    Do you kow if this code will work with the prestshop e-commerce solution?

  28. Nishad April 19, 2010 at 12:46 pm #

    Could you please give me a brief regarding the following variables, which are the values I need to give to them.
    // HSBC Client ID
    // HSBC Cardholderpan

  29. Rubel April 19, 2010 at 1:17 pm #

    HSBC will provide you these values and then simply apply those in your code.

  30. Nishad April 24, 2010 at 6:03 am #

    This class is working fine in our server

    I need one help to complete this.
    What is the currency code used for Euro as we used 826 for Sterling.

    Nishad Aliyar

  31. Paul K June 2, 2010 at 10:49 am #

    Hi Rubel

    I have installed and added all the required details however when I process the example all that is returned is a blank screen and nothing is processed at the bank, I do not get any error messages? I have debug set to true.

    Can you help?

    • Rubel June 5, 2010 at 8:11 am #

      Hey Paul,
      Please check your code correctly if there is any error. HSBC will return you an XML response with Success/Error message.

  32. Sajid Ali Mudassar June 5, 2010 at 4:55 am #

    The example require some update that will cause “CcpaResultsCode 10” as james talked about.

    The CurrencyExponent is set to “1”, that means “there is one digit after decimal point of PurchaseAmount”.
    so for PurchaseAmount “£1”, it will be considered as “£1.o” hence the PurchaseAmountRaw should be set to “10” not the 100, if its set to 100, it will always return the “CcpaResultsCode 10”.

    so if you want to use PurchaseAmountRaw to be 100, you have to set CurrencyExponent to 2, that means “there are two digits after decimal point of PurchaseAmount”.

    I hope you do get my point here.

    A simple fix is set
    // Currency Exponent

    This will solve the “CcpaResultsCode 10”.

    Now moving to other errors, that James mentioned, is setting the customers “name” in xml data array.

    In Example file, line number 82, you set the name as HSBC username, but in the hsbc class, you are fetching this same veriable as customer’s name, see line 114.

    A simple solution would be to take custmer name in a separate variable to use.

    And in the last, a final issue of “Invitra” “not receiving any billing information from website to hsbc terminal”.
    This is due to improper XML format in the HSBC class file.
    The BillTO node should be under Consumer Node. this Node ( from line 110 to 123 )should be moved under Consumer Node(between line 79 and 80). i recommend that you first fix the BillTo.Adress.Name issue before moving this node.

    These 3 changes will solve, lots of issues users are having.

    Again, Thank you for your class, it is really a great contribution for developers.

    • Rubel June 5, 2010 at 8:16 am #

      Hi Sajid,
      Thanks, for your clarification and we need to adjust it according to our needs. Here i have shown a guide line for you..

  33. Sajid Ali Mudassar June 5, 2010 at 5:27 am #

    Also, the CcpaClientId, The PAS document states
    A string that uniquely identifies the merchant within the PAS. Typically of the format UK12345678CUR01
    (15 characters)

    So the format is 15 characters, not 13 characters, so in example, on line 38, the UKXXXXXXXXGBP value should append “01”
    so it looks like, “UKXXXXXXXXGBP01”, without this, the PAS does not work.

    Without this change, the PAS was not working , so i contacted HSBC Support, and they told me to append 01 to this value.

    I am wondering how the other users are able to work it out, as documentation clearly said, its 15 character string.

    In the api part, in xmldata array you are sending the cardholderpan, that is sent to hsbc, in the position of

    I am unable to see in documentation, that this variable is mentioned for User node.
    Only, the Name, Password and Clientid work just fine.


    Also for return code 5, and 6 of CcpaResultsCode.
    Documentation clearly said, “Do not submit the transaction – it will be rejected.” the CcpaResultsCode will be 5 if user clicks cancel on the 3-d secure page. so the transaction must be stopped for these 5 or 6 CcpaResultsCode

    class property debug = true will return the $result_xml, but in the example file, this xml will not be shown to browser as expected. you can see the code, what i am talking about.

    Waiting for your response. 🙂

  34. Sajid Ali Mudassar June 5, 2010 at 5:39 am #


    Congratulations, VERY thankful to Mr. Rubel. without his class, i would be nowhere near the solution.

    The currency code for euro is 978, info can be found in HSBC Reference Document.

    Rubel posted the document link above, search for “HSBC Payment Document”

  35. Nitin June 28, 2010 at 9:13 am #

    First of all i am very vary thankful to Rubel for this class.

    Im stuck here:
    “Country code value ‘BD’ specified for the ‘BillTo’ address is not a valid country code”

    even if i use UK or US or any other country code i am getting same response.

    and yes i followed all instruction by Sajid Ali Mudassar

  36. Nitin June 29, 2010 at 10:57 am #

    Thanks Mr. Rubel,

    Result is A

  37. Nitin June 29, 2010 at 11:03 am #

    ISO country code number are to be used

    <option value="" >Select Country</option>
    <option Value="004">Afghanistan</option>
    <option Value="008">Albania</option>
    <option Value="012">Algeria</option>
    <option Value="016">American Samoa</option>
    <option Value="020">Andorra</option>
    <option Value="024">Angola</option>
    <option Value="660">Anguilla</option>
    <option Value="010">Antarctica</option>
    <option Value="028">Antigua And Barbuda</option>
    <option Value="032">Argentina</option>
    <option Value="051">Armenia</option>
    <option Value="533">Aruba</option>
    <option Value="036">Australia</option>
    <option Value="040">Austria</option>
    <option Value="031">Azerbaijan</option>
    <option Value="044">Bahamas</option>
    <option Value="048">Bahrain</option>
    <option Value="050">Bangladesh</option>
    <option Value="052">Barbados</option>
    <option Value="112">Belarus</option>
    <option Value="056">Belgium</option>
    <option Value="084">Belize</option>
    <option Value="204">Benin</option>
    <option Value="060">Bermuda</option>
    <option Value="064">Bhutan</option>
    <option Value="068">Bolivia</option>
    <option Value="070">Bosnia And Herzegowina</option>
    <option Value="072">Botswana</option>
    <option Value="074">Bouvet Island</option>
    <option Value="076">Brazil</option>
    <option Value="086">British Indian Ocean Territory</option>
    <option Value="096">Brunei Darussalam</option>
    <option Value="100">Bulgaria</option>
    <option Value="854">Burkina Faso</option>
    <option Value="108">Burundi</option>
    <option Value="116">Cambodia</option>
    <option Value="120">Cameroon</option>
    <option Value="124">Canada</option>
    <option Value="132">Cape Verde</option>
    <option Value="136">Cayman Islands</option>
    <option Value="140">Central African Republic</option>
    <option Value="148">Chad</option>
    <option Value="152">Chile</option>
    <option Value="156">China</option>
    <option Value="162">Christmas Island</option>
    <option Value="166">Cocos (Keeling) Islands</option>
    <option Value="170">Colombia</option>
    <option Value="174">Comoros</option>
    <option Value="178">Congo</option>
    <option Value="180">Congo, The Drc</option>
    <option Value="184">Cook Islands</option>
    <option Value="188">Costa Rica</option>
    <option Value="384">Cote D’ivoire</option>
    <option Value="191">Croatia</option>
    <option Value="192">Cuba</option>
    <option Value="196">Cyprus</option>
    <option Value="203">Czech Republic</option>
    <option Value="208">Denmark</option>
    <option Value="262">Djibouti</option>
    <option Value="212">Dominica</option>
    <option Value="214">Dominican Republic</option>
    <option Value="626">East Timor</option>
    <option Value="218">Ecuador</option>
    <option Value="818">Egypt</option>
    <option Value="222">El Salvador</option>
    <option Value="226">Equatorial Guinea</option>
    <option Value="232">Eritrea</option>
    <option Value="233">Estonia</option>
    <option Value="231">Ethiopia</option>
    <option Value="238">Falkland Islands</option>
    <option Value="234">Faroe Islands</option>
    <option Value="242">Fiji</option>
    <option Value="246">Finland</option>
    <option Value="250">France</option>
    <option Value="249">France, Metropolitan</option>
    <option Value="254">French Guiana</option>
    <option Value="258">French Polynesia</option>
    <option Value="260">French Southern Territories</option>
    <option Value="266">Gabon</option>
    <option Value="270">Gambia</option>
    <option Value="268">Georgia</option>
    <option Value="276">Germany</option>
    <option Value="288">Ghana</option>
    <option Value="292">Gibraltar</option>
    <option Value="300">Greece</option>
    <option Value="304">Greenland</option>
    <option Value="308">Grenada</option>
    <option Value="312">Guadeloupe</option>
    <option Value="316">Guam</option>
    <option Value="320">Guatemala</option>
    <option Value="324">Guinea</option>
    <option Value="624">Guinea-bissau</option>
    <option Value="328">Guyana</option>
    <option Value="332">Haiti</option>
    <option Value="334">Heard And Mc Donald Islands</option>
    <option Value="340">Honduras</option>
    <option Value="344">Hong Kong</option>
    <option Value="348">Hungary</option>
    <option Value="352">Iceland</option>
    <option Value="356">India</option>
    <option Value="360">Indonesia</option>
    <option Value="364">Iran (Islamic Republic Of)</option>
    <option Value="368">Iraq</option>
    <option Value="372">Ireland</option>
    <option Value="380">Italy</option>
    <option Value="388">Jamaica</option>
    <option Value="392">Japan</option>
    <option Value="400">Jordan</option>
    <option Value="398">Kazakhstan</option>
    <option Value="404">Kenya</option>
    <option Value="296">Kiribati</option>
    <option Value="408">Korea, D.P.R.O.</option>
    <option Value="410">Korea, Republic Of</option>
    <option Value="414">Kuwait</option>
    <option Value="417">Kyrgyzstan</option>
    <option Value="418">Laos </option>
    <option Value="428">Latvia</option>
    <option Value="422">Lebanon</option>
    <option Value="426">Lesotho</option>
    <option Value="430">Liberia</option>
    <option Value="434">Libyan Arab Jamahiriya</option>
    <option Value="438">Liechtenstein</option>
    <option Value="440">Lithuania</option>
    <option Value="442">Luxembourg</option>
    <option Value="446">Macau</option>
    <option Value="807">Macedonia</option>
    <option Value="450">Madagascar</option>
    <option Value="454">Malawi</option>
    <option Value="458">Malaysia</option>
    <option Value="462">Maldives</option>
    <option Value="466">Mali</option>
    <option Value="470">Malta</option>
    <option Value="584">Marshall Islands</option>
    <option Value="474">Martinique</option>
    <option Value="478">Mauritania</option>
    <option Value="480">Mauritius</option>
    <option Value="175">Mayotte</option>
    <option Value="484">Mexico</option>
    <option Value="583">Micronesia, Federated States Of</option>
    <option Value="498">Moldova, Republic Of</option>
    <option Value="492">Monaco</option>
    <option Value="496">Mongolia</option>
    <option Value="500">Montserrat</option>
    <option Value="504">Morocco</option>
    <option Value="508">Mozambique</option>
    <option Value="104">Myanmar (Burma) </option>
    <option Value="516">Namibia</option>
    <option Value="520">Nauru</option>
    <option Value="524">Nepal</option>
    <option Value="528">Netherlands</option>
    <option Value="530">Netherlands Antilles</option>
    <option Value="540">New Caledonia</option>
    <option Value="554">New Zealand</option>
    <option Value="558">Nicaragua</option>
    <option Value="562">Niger</option>
    <option Value="566">Nigeria</option>
    <option Value="570">Niue</option>
    <option Value="574">Norfolk Island</option>
    <option Value="580">Northern Mariana Islands</option>
    <option Value="578">Norway</option>
    <option Value="512">Oman</option>
    <option Value="586">Pakistan</option>
    <option Value="585">Palau</option>
    <option Value="591">Panama</option>
    <option Value="598">Papua New Guinea</option>
    <option Value="600">Paraguay</option>
    <option Value="604">Peru</option>
    <option Value="608">Philippines</option>
    <option Value="612">Pitcairn</option>
    <option Value="616">Poland</option>
    <option Value="620">Portugal</option>
    <option Value="630">Puerto Rico</option>
    <option Value="634">Qatar</option>
    <option Value="638">Reunion</option>
    <option Value="642">Romania</option>
    <option Value="643">Russian Federation</option>
    <option Value="646">Rwanda</option>
    <option Value="659">Saint Kitts And Nevis</option>
    <option Value="662">Saint Lucia</option>
    <option Value="670">Saint Vincent And The Grenadines</option>
    <option Value="882">Samoa</option>
    <option Value="674">San Marino</option>
    <option Value="678">Sao Tome And Principe</option>
    <option Value="682">Saudi Arabia</option>
    <option Value="686">Senegal</option>
    <option Value="690">Seychelles</option>
    <option Value="694">Sierra Leone</option>
    <option Value="702">Singapore</option>
    <option Value="703">Slovakia (Slovak Republic)</option>
    <option Value="705">Slovenia</option>
    <option Value="090">Solomon Islands</option>
    <option Value="706">Somalia</option>
    <option Value="710">South Africa</option>
    <option Value="239">South Georgia And South S.S.</option>
    <option Value="724">Spain</option>
    <option Value="144">Sri Lanka</option>
    <option Value="654">St. Helena</option>
    <option Value="666">St. Pierre And Miquelon</option>
    <option Value="736">Sudan</option>
    <option Value="740">Suriname</option>
    <option Value="744">Svalbard And Jan Mayen Islands</option>
    <option Value="748">Swaziland</option>
    <option Value="752">Sweden</option>
    <option Value="756">Switzerland</option>
    <option Value="760">Syrian Arab Republic</option>
    <option Value="158">Taiwan, Province Of China</option>
    <option Value="762">Tajikistan</option>
    <option Value="834">Tanzania, United Republic Of</option>
    <option Value="764">Thailand</option>
    <option Value="768">Togo</option>
    <option Value="772">Tokelau</option>
    <option Value="776">Tonga</option>
    <option Value="780">Trinidad And Tobago</option>
    <option Value="788">Tunisia</option>
    <option Value="792">Turkey</option>
    <option Value="795">Turkmenistan</option>
    <option Value="796">Turks And Caicos Islands</option>
    <option Value="798">Tuvalu</option>
    <option Value="800">Uganda</option>
    <option Value="804">Ukraine</option>
    <option Value="784">United Arab Emirates</option>
    <option Value="826" selected="selected">United Kingdom</option>
    <option Value="840">United States</option>
    <option Value="581">U.S. Minor Islands</option>
    <option Value="858">Uruguay</option>
    <option Value="860">Uzbekistan</option>
    <option Value="548">Vanuatu</option>
    <option Value="862">Venezuela</option>
    <option Value="704">Viet Nam</option>
    <option Value="092">Virgin Islands (British)</option>
    <option Value="850">Virgin Islands (U.S.)</option>
    <option Value="876">Wallis And Futuna Islands</option>
    <option Value="732">Western Sahara</option>
    <option Value="887">Yemen</option>
    <option Value="891">Yugoslavia (Serbia And Montenegro)</option>
    <option Value="894">Zambia</option>
    <option Value="716">Zimbabwe</option>

    • Rubel June 29, 2010 at 11:30 am #

      Thank you for the list.
      I will update my example.

  38. Speedster July 12, 2010 at 9:42 am #

    Great class,

    We were having so much trouble implementing the hsbc payment solution untill we found this :).

    I do think i have something interesting to add to the hsbc payment solution that people inplementing this class / hsbc payment solution api should know about.

    We noticed that in the implementation guide (if you can it a guide at all) when adding multiple product values tot the total var and wanting to submit the total you are not done by converting for example “€ 10.93” to the “1093” format.

    If you add multiple productprices to the total value make sure you use the function Round and give it ,2). That way you’ll make sure that the hsbc doesn’t see the 1093 to be for example: 1093.1
    if you dont use the round function you’ll notice that it will return a Payment Failed on all orders with more then 1 product.

    Hope this helps for those that have the same problem :).

    • Rubel July 12, 2010 at 1:43 pm #

      That’s a good point and I will update, Once i get sometime for that.

  39. nitin July 13, 2010 at 7:16 am #


    actual code i used

    $rapoundamt = sprintf(“%01.2f”,$rapoundamt);
    $poundamt = str_replace(“.”,””,$rapoundamt);

    this will convert 1093 to 109300 or 1993.33 to 109333

    also set

    // Currency Exponent

    hope it helps

  40. Kye Etherton August 3, 2010 at 4:31 pm #

    It’s a fantastic piece of work.

    Thank you very much. I was about to headbutt my desk at work before i found this.

    I really wish they would write half decent documentation in an actual web language.

    • Rubel August 3, 2010 at 4:46 pm #

      Thnx for your complements. I will gather some time to update my class specially the number precision and Order Id etc.

  41. Speedster September 3, 2010 at 12:55 pm #

    @Sajid Ali Mudassar
    I’ve had to call hsbc also to find out about the 01 for the ccpaclientid. If you don’t append the 01 you get mixed results. It does allow you to submit payments but its not consistant in the results. it wil result in a useless error system.

    when we started working with the api we had received a document that’s way different then those available now. Even though the available documents may beeasy to read for some it may not be that self explanory for most.

    @Rubel; i suggest that you add a little comment where you define the long card number the, card security number and card issue number (solo/maestro). If people forget to add a restriction like below for the fields they will receive payments errors because it will go into the else statement when executing the payment.

    Fields and restrictions that should be applied:
    Card number: restrict to 0-9 only, min 13 chars and max 19 chars. Also use str_replace for the spaces and the – that people will enter.
    Card verification number: restrict to 0-9 only. min 3 and max 4 digits.Also use str_replace for the spaces and the – that people will enter.
    Card Issue number: restrict to 0-9 only.Also use str_replace for the spaces and the – that people will enter.

    Ty 🙂

    I think i have some more interesting info for the people that try to implement this class and have difficulty understanding what’s happening with the $result.

    All i see in your class is the A for payment succesful and the else where it states go here if the payment fails. To give people a better understanding of what’s happening and because it’s needed by everybody that wants to implement your class you should give them a little more then just the A.

    A: Payment succesful
    D: Missing or incorrect cvv2val
    E: Wrong expiration date / long card number.
    F: Fraud detected. (3 times and it will block users) <– tell them to call you if you have a business number. by just taking them to else it will frustrate your customers.
    Else: Something seriously wrong.

    I know there is a C as well but i haven’t used that 1 before and hsbc told me i really didn’t need that 1 when using the Auth method.

    @ Invitra
    Getting the invoicenumber to show up in the secure-epayments gateway you only have to add invoiceID to the xmldata array like so:

    $hsbc->xmldata = array(
    // HSBC Payment Details Invoice Number
    “invoiceID” => “your invoice number”,

    And of course add it like below to the class just below the Transaction.

    ‘ .$this->xmldata’invoiceID’] . ‘

    Note* I like the 3D checkout but haven’t bothered getting it implemented as well because with the Auth it works fine with these small changes. We currently have a checkout convertion of 92% on the checkout page and adding the extra 3d security gives another field that they need to define : credit card type. and they have to enter their pin. which will lower the conv rate. (of course this doesn’t apply to all business).

    If i made any mistakes please dont blame me im not a programmer. I just did it by trying and checking the results.

    Hope this helps for those who need it.


  42. Speedster September 3, 2010 at 1:01 pm #

    Sorry made a mistake, here’s the correction:

    This needs to go under the in the class.
    ‘ .$this->xmldata[‘invoiceID’] . ‘

    instead of
    ‘ .$this->xmldata’invoiceID’] . ‘

  43. Rajendra October 18, 2010 at 8:09 am #

    thanks for such post. I am using hsbc class provided by you. but I wan it without 3ds. How I can achieve that using PHP code with curl. Please reply to this email asap.

  44. Speedster October 18, 2010 at 10:28 am #

    Hi Rajendra,

    i was talking about leaving the 3d out but after checking with hsbc we were forced to set it live. With rubel’s integration it works fine we just had a var set incorrectly that caused it to skip the 3ds. Works fine now.

    I suggest you use the 3ds. in our case hsbc asked us to use it as they noticed we were not using it. 🙂 They require you to use it or they will ask you to stop taking payments untill this is fixed.


    • amit January 12, 2012 at 7:51 am #

      I appreciate if you can guide me which variable to set to enable the 3ds ?? My gateway is working fine but it skips the 3ds.

  45. ali November 23, 2010 at 4:48 pm #

    Hi Rubel,
    Thanks to make this use ful code library.

    i am trying to use your code but i am getting transaction decliened error [CcpaResultsCode] => 11 please help me that how i can i resolve this error. Thanks

  46. Tom December 8, 2010 at 1:37 pm #

    Hi Rubel – thanks for such a great post but i’m having a few problems..

    I’m trying to use your example files but keep getting ‘payment failed’. I’ve tried echoing $result but it appears to be empty.

    As far as i’m aware i’ve updated the credentials correctly and entered a valid card number.

    Any idea why i wouldn’t get any response at all?

    • Rubel December 8, 2010 at 4:07 pm #

      First you need a real account for implement/test HSBC payment processor. Then please check the parameters correctly… Enable Dubug mode if needed.

      • Tom December 9, 2010 at 11:15 am #

        thanks for your response. We have an active account but i’ve just tried creating the xml without sending it anywhere and i think i may have found the problem. Our userid is hill&dale – will the & mess up the xml?

  47. Tom December 10, 2010 at 2:27 pm #

    Apologies for all the posts but i’m pulling my hair out here and suspect my problem is a lack of PHP knowledge.

    One of your first lines of code in the example file is:

    if (empty($_POST))
    // set session variable if i get past the if
    // why is this code not being executed??
    $progress = ” got past if empty post “;
    /* — PROCESS PASS — */
    // Credit Card Number
    hsbc->add_pass_field(‘CardholderPan’, “4500123412341234”);

    My issue is that the code to send the PASS values is not being executed and the first line of code that runs is after the else statement.

    I’ve set the example file and hsbc files in their own folder on our web server – i’ve populated our user id, password, client id, valid card details and set the result url for the api to example.php and am trying to load example.php

    I’m so sorry for posting such a trivial comment that is no doubt down to my lack of php skills but if anybody can help it would be much appreciated.

  48. Arin July 12, 2011 at 7:34 am #

    Hello Rubel,

    Thanks for your excellent post. I am a beginner in PHP and have a very little knowledge in PHP. Just one thing would like to know,

    Where to set the information about the customer, who is paying, and where to set the information about the account in which he is paying.

    Suppose, X is paying to Y account. Then where to set the details of X and where to set the details of Y.

    Please let me know

    Thanks – Arin

  49. Parthi July 15, 2011 at 1:04 pm #

    i use this steps using API but i have error on “Insufficient permissions to perform requested operation” & username,password,clientid are correct …. Hepl me wt issue?

    i got a error on

    curl handle initialized 1.0 OrderFormDoc 4e1c1943-db2c-3001-002c-0003bac00fc9 Payment 6 16 Merchant Director Director 3 977 CcxInput.cpp 13:04:24Jul 14 2009 7 6 Insufficient permissions to perform requested operation. 1 05/13 1 4111111111111111 CreditCard P 0 0 3590 0 PreAuth clientid user pass 1310734498725 1310734498733

  50. kabanek July 21, 2011 at 12:21 pm #

    hello 🙂
    I’m trying to integrate my shop with hsbc, but i steel get error: “Insufficient permissions to perform requested operation”

    I’m using live user and real credit cart.

    Here is my XML response from HSBC

  51. Dss January 17, 2012 at 6:12 pm #

    Great class! Finally someone who has decrypted HSBC’s cryptic documentation.

    Found a small bug in this where you have:

    ‘ . $this->xmldata[‘name’] . ‘

    You also use the same name in:

    ‘ . $this->xmldata[‘name’] . ‘

    So the customer name shows as the user name. Just need to create and reference a new element like:

    $hsbc->xmldata[‘cust_name’] in the Address block.

  52. Dss January 17, 2012 at 6:24 pm #

    Another bug..

    Your example shows:

    But the cardholderpan should be the credit card number. You are showing the ClientAlias as the example. Where does the ClientAlias actually go? under “name”?


  1. HSBC Payment CLASS with payer authentication service « It's My Story! - September 6, 2009

    […] More:  HSBC Payment CLASS with payer authentication service « It's My Story! […]

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: