1.          CHANGE LOG

v1.0                 initial version
v1.1                  additional use case and action periodic-status documentation for result and status codes
v1.2                 parameter order for action identify is optional now parameters url_callback and url_return are mandatory, unless a default configuration is requested
v1.3                 description of digest computation enhanced token renamed to merchant password for clarification
v1.4                 clarification of parameters method vs. operator new feature status with return
v1.5                 introduction of parameter service_category for the feature one subscription per category introduction of parameter service_name
v1.6                 additions for new payment method CALL2PAY
v1.7                 new prompt parameter prompt_image_args separation of parameters method and operator against ambiguity description of additional xml result elements new action result codes added
v1.8                 new parameter manage_subscription_url_callback introduction of parameter redirect
v1.9                 new action prompt with parameter subject added
v1.10               explanation for server to server callback handling with retry behaviour
v1.11                chapters tightened and reorganized for easier comprehensibility
v1.12                added new action result codes 522, 523 and parameter signifier
v1.13                new chapter notifications for managed resources added
v1.14                parameter service_name now mandatory for action start and start-subscription
v1.15                obsolete staging environment for setup tasks removed
v1.16                new parameter close_notification_url_callback
v1.17                subscriptions without an immediate first payment are no longer indicated via subscription-status but an explicit flag within additional-results
v1.18                explanation of possible additional-results
v1.19                parameters and result codes for novel functionality age-verification added clarified that action periodic-status is only available via GET currently enhanced description for correct callback handling and digest calculation
v1.20              updated values of action result status for the indication of unbilled subscription signups
v1.21               description for notification receive-sms-info added explanation for unbilled subscription signups introduced
v1.22              meaning of status codes clarified
v1.23              description for action refund added deprecation of parameter periodic
v1.24              added parameter landing_page
v1.25              chapters reorganized and streamlined introduction of advanced flows for fine-grained enduser interaction
v1.26              clarified description of all relevant action parameters that are subject to be ignored under certain flow variants
v1.27              WAP push functionality for content delivery via parameter prompt_content_args added
v1.28             added new advanced flows called on-demand content provisioning and content acknowledgement added parameter subscription_type
v1.29              introduced feature data with return for optimized identify performance
v1.30              added action status and customer_id-lookup
v1.31               advanced flow proportional capture of reserved amount added new action result codes 504, 525 and 526
v1.32              added parameter shopper new subject fraudDetection for action prompt introduced
v1.33              Oct 2020 – graphical redesign of document action result code 404 added
v1.34              Nov 2020- clarified decryption procedure for feature data with return

2         INTRODUCTION

pay:smart is DIMOCO’s product providing a highly customizable and easy to use interface for performing payment transactions through DIMOCO’s payment hub with all the attached mobile network operators as well as alternative payment methods. pay:smart is designed to require only a minimum number of interactions between the merchant’s and DIMOCO’s system and to automatically remediate all flow decisions based on customizable configuration properties. Charging itself may be performed by means of gateway billing with operators providing this technology or by premium SMS, respectively. Legal regulations and restrictions specified in MNO contracts are enforced by DIMOCO’s platform.

2.1 Terminology

2.2 Service setup

The merchant must contact DIMOCO for the purpose of contracting and service setup. A service description and in case of subscriptions the definition of the subscription model including period, billing count, amount may be necessary. The merchant (if not already registered within the DIMOCO service infrastructure) will be assigned a merchant id and will receive a password needed for digest calculation. For every service a dedicated order (unique service identifier) is assigned. It is possible to set up default values for many of the optional parameters described in section 5

3         USE CASES

This section describes the use cases covered by pay:smart and implemented by means of different actions (see 6.1).

3.1 End-user identification

An end-user surfing the web using the mobile+ internet connection of his/her mobile phone usually can be identified by the operators as the IP traffic is routed through their gateway systems. Some of the operators provide a stable unique identifier for an end-user named alias others provide the MSISDN.

Figure 1: Flow for end-user identification

3.2 Operator lookup

Given an MSISDN and the fact that in many countries mobile phone numbers can be ported between different mobile networks the number itself does not provide a reliable way of guessing the corresponding MNO. In cases this is needed (e.g. in WEB opt-in flows) there is the possibility to query HLR databases to obtain the corresponding MNO of an MSISDN. pay:smart provides an API for retrieving this information. This is an additional feature and has to be configured explicitly.

Figure 2: Flow for operator lookup

3.3 One-off payment

Whenever a single payment is requested by an end-user (for example to purchase a virtual good within an online game) the merchant must start a transaction by calling pay:smart. Depending on the provided information and corresponding configuration either a redirect URL is returned where the end-user must be redirected to, a pending status is reported, or a detailed error description is returned. pay:smart performs all steps required to gather all information needed for performing the requested charging and runs the authorization procedure if one is needed. It reports the outcome of the payment (collection of transaction data, authorization and charging) by means of a callback to the merchant’s server. In case the end-user has been redirected to pay:smart at the beginning, he is redirected back to the merchant’s portal after the callback was successfully delivered.

Figure 3: Flow for one-off payment

3.4 Opening a subscription

Whenever an end-user decides to sign up for a service with a subscription model on a merchant’s portal the merchant has to start a subscription by calling pay:smart. The definition of the subscription model may be either provided with the initial request or can be configured on DIMOCO’s side alternatively. The flow for starting the subscription is identical to the flow for performing a single one-off charging. Redirecting the end-user may be involved, various methods for retrieving subscription information and for identifying the end-user may be applied, the authorization procedure may be run, and the initial charging may be performed. Again, the outcome of the procedure is reported by means of a callback to the merchant’s server and if required, the end-user is then redirected to the merchant’s portal.

Figure 4: Flow for subscription opt-in

3.5 Renewing a subscription

Given a subscription that has been successfully opened (see the previous use case) the renewal can be performed by the merchant. Alternatively, a DIMOCO system for renewing subscriptions may be used that is called pay:periodic. In case the merchant prefers to trigger the renewal a call to the pay:smart service must be made. The result is reported by a callback to the merchant’s server.

Figure 5: Flow for rebilling a subscription

3.6 Retrieving status of a subscription

A subscription that has been established via DIMOCO’s platform may be queried regarding its status by means of action status.

Figure 6: Flow for subscription status retrieval

3.7 Closing a subscription

A previously opened subscription may be closed in different ways. Sometimes there is a SMS channel providing the possibility to send a STOP command to the subscription service. In other cases, there are portals where end-users can view and close their subscriptions and of course a merchant usually provides the unsubscribe option on the service portal. To have the subscription closed in DIMOCO’s and the PSP’s systems action close-subscription must be invoked at pay:smart. In rare cases a redirect URL is returned – there are markets where an opt-out needs to be confirmed by the subscriber. As usually the result of the action is posted to the merchant’s server in a callback.

Figure 7: Flow for subscription opt-out

4        INFORMATION EXCHANGE

4.1 Communication pattern

In general, the communication pattern between the merchant’s system and pay:smart is the following:

1. the merchant’s system calls pay:smart to initiate an action
2. pay:smart synchronously accepts the call and optionally returns a redirect URL
   • if given, the end-user must be redirected to this URL (for cases that require identification or involve other forms of interaction like data entry, confirmation, …)
3. callbacks are issued by pay:smart to the merchant’s server to report
   • necessary interim activities (only for advanced flows – see 8)
   • the final outcome of the action
4. if the end-user has been redirected to pay:smart he is redirected back to the merchant’s portal after the first callback has been successfully posted to the merchant’s server

4.2 Transport variants

4.2.1 Server to server

With server to server communication the exact pattern described above applies. It is the most general, reliable, secure and thus recommended way of conveying information between the merchant’s system and pay:smart. As an additional benefit the end-user will experience the minimal number of redirects and will have no way of seeing possibly confidential payment details.

4.2.2 End-user transport

The initial server to server API call can be omitted when the end-user himself transports all the necessary information. To get this working an html form or similar must be presented on the merchant’s portal that contains all relevant API parameters. On submit the end-user’s browser is posted directly to pay:smart where the action takes place.

Also, for returning the outcome of any action pay:smart can be configured to omit the server to server callback and let the end-user himself transport the information. This time an html form is presented by pay:smart that posts the end-user’s browser on submit with all the relevant data directly back to the merchant’s portal.

Both directions of end-user transport are independent of each other and can be used individually or together – thus eliminating server to server communication entirely.

Even though enduser transport is slightly simpler to implement and can save some network latency it comes with major drawbacks:

• not usable for all use cases or advanced flows – see 8
• end-user session gets lost on a failed request that the merchant’s system cannot even detect
• less reliable data transport (e.g. no retry)
• end-user redirect must happen via POST instead of simple GET
• action parameters/results visible to end-user

4.3 API URLs

pay:smart has no restrictions on source IP addresses for incoming connections.

For callbacks the merchant’s server must allow incoming connections coming from the following IP range:                                                           91.198.93.0/24

Callbacks contain sensitive information and can only be delivered via properly secured https URLs. An officially signed certificate needs to be in place on the merchant’s server.

Server to server API URL:              https://services.dimoco.at/smart/payment

Enduser transport API URL:          https://services.dimoco.at/smart/userpayment

4.4 Call details

These sections deal with passing of information to/from pay:smart and the security measures involved. For a detailed description of the parameters see 5.

4.4.1 Towards pay:smart

Calls made towards pay:smart must be POST requests to one of the API URLs of section 4.3 providing the parameters in url-encoded form with content-type application/x-www-form-urlencoded and any contained strings must have charset UTF-8

This is actually the default behaviour if an html form is submitted via browser.

Example for a complete url-encoded request towards pay:smart:
merchant=678678&order=4711&action=start&request_id=98c6dec3-c5f0-4810-9490-e2b9f2e2d34a&amount=1.99&url_callback=https%3A%2F%2Fmerch.at%2Fcb%3Fx%3Dy&digest=ff98e66379b8474be66aad871230eba19245f21ac7b2c6908faf3bf7aafa98b4

The parameter digest is mandatory in all pay:smart requests and provides the necessary authentication primitive. It has to be calculated from the request’s parameter values using the secret merchant password which was provided to you by DIMOCO during service setup.

Digest calculation formula: hex(hmac_sha256_digest(password, payload))

The payload is constructed by concatenation of all unencoded request parameter values (only the values!) in alphabetical order of the parameter names.

If we take the example request from above with a merchant password of:
top-secret

The digest calculation would look like:
digest = hex(hmac_sha256_digest(utf8_bytes(“top-secret“), utf8_bytes(“start1.99678678471198c6dec3-c5f0-4810-9490-e2b9f2e2d34ahttps://merch.at/cb?x=y“)))

Notice that the parameter values are unencoded and were reordered to resemble alphabetical order of their corresponding parameter names!

Python code

PHP code

Perl code

Java code

4.4.2 Towards merchant’s server

Calls towards the merchant’s server are done in a way analogous to the requests towards pay:smart. They are sent via POST with a content-type of application/x-www-form-urlencoded and any contained strings have charset UTF-8.

Following parameters are transmitted:

• data … holds the XML result document
• digest … holds the authentication primitive

The digest is again calculated via: hex(hmac_sha256_digest(password, payload))

This time the payload consists of the whole url-decoded XML result document.

With an example XML result document (stripped for brevity) the calculation of the digest would look like:

digest = hex(hmac_sha256_digest(utf8_bytes(“top-secret“),
utf8_bytes(<?xml version=”1.0″ encoding=”UTF-8″ standalone=”yes”?>
<result sync=”false” version=”2″>
    <action>start</action>
    <action_result>
        <status>0</status>
    </action_result>
    <payment_parameters>
        <order>4711</order>
    </payment_parameters>
    <transactions>
        <transaction>
            <id>999999999</id>
            <amount>1.99</amount>
            <billed_amount>1.99</billed_amount>
            <currency>EUR</currency>
            <status>5</status>
        </transaction>
    </transactions>
    <request_id>98c6dec3-c5f0-4810-9490-e2b9f2e2d34a</request_id>
    <reference>88888888-7777-6666-5555-abcdefgh1234</reference>
</result>
‘)))

Be cautious that any possible trailing line-feed symbols must not be stripped for the calculation.

If your calculated digest matches the value of the parameter digest you can be sure that the callback was sent by DIMOCO and was not forged by a man-in-the-middle.

Server to server callbacks and notifications are accounted as successfully delivered only if the merchant’s server answers them synchronously with http status 200. If it cannot be delivered on the first try (http status not 200, connection problems, etc.) it will be automatically retried for delivery until it succeeds.

4.5 End-user return to merchant’s portal

Commonly the enduser is send back to the merchant’s portal either (as configured):

• via simple GET redirect after the XML result document was transported successfully as server to server callback (see 2.1) or
• via http POST request together with the XML result document and digest a.k.a. callback with return (see 2.2)

Parameter url_return given on the initiating API call (or default configured) is used as return address as is – i.e. it is normally not changed or enriched with any information. However, for specific cases some level of enrichment can be done as described in the following sections.

4.5.1 status with return

This feature can be configured for enriching url_return with the following core status values that reflect the final outcome. This is useful if the merchant’s system cannot easily correlate the server to server callback with the following return of the end-user:

4.5.2 data with return

To gain the highest level of performance for action identify the final XML result document can be transported together with the return of the end-user as encrypted query parameter. The end-user is redirected back to the merchant’s portal immediately after identification via simple GET while no server to server callback is send. Following parameters are added to url_return:

Decryption procedure

1. repeat/cut your password to 16 characters – this is the decryption-key
   a. if a conversion to a byte array is necessary: use charset UTF-8 and limit the length to exactly 16 bytes (i.e. cut excess bytes)
2. base64-decode the values you received in sph-e (payload) and sph-n (nonce)
   a. please ensure that these values are url-decoded beforehand (usually done by your web framework behind the scenes)
3. decrypt payload via nonce and decryption-key with the following cipher: AES/GCM without padding
4. gunzip the decrypted value
5. convert the decompressed value into a string with UTF-8 charset to retrieve the original XML result document

Below you find some examples how this decryption procedure can be implemented in various programming languages.

Java code

String secret = <merchant password>;
String payload = Base64.getDecoder().decode(request.getParameter(“sph-e”));
String nonce = Base64.getDecoder().decode(request.getParameter(“sph-n”));

byte[] key = Arrays.copyOf((secret + secret + secret).getBytes(“UTF-8”), 16);

Cipher ci = Cipher.getInstance(“AES/GCM/NoPadding”);
SecretKeySpec sc = new SecretKeySpec(key, “AES”);
GCMParameterSpec gcm = new GCMParameterSpec(128, nonce);
ci.init(Cipher.DECRYPT_MODE, sc, gcm);
byte[] decrypt = ci.doFinal(payload);

GZIPInputStream gz = new GZIPInputStream(new ByteArrayInputStream(decrypt));
ByteArrayOutputStream bos = new ByteArrayOutputStream();
byte[] buffer = new byte[1024];
for (int len = 0; (len = gz.read(buffer)) >= 0;) {
bos.write(buffer, 0, len);
}

String xmlResult = new String(bos.toByteArray(), “UTF-8”);

PHP code

$secret = <merchant password>;
$payload = base64_decode($_GET[‘sph-e’]);
$nonce = base64_decode($_GET[‘sph-n’]);

$secret = substr($secret . $secret . $secret, 0, 16);

$ci = ‘aes-128-gcm’;
$encrypt = substr($payload, 0, -16);
$tag = substr($payload, -16);

$decrypt = openssl_decrypt($encrypt, $ci, $secret, OPENSSL_RAW_DATA, $nonce, $tag);

$xmlresult = gzdecode($decrypt);

5        ACTION PARAMETERS

The table below shows all available parameters for pay:smart API calls. The actions described in the following sections will reference their relevant parameters from this list. Many of these can have pre configured values within the pay:smart configuration (in merchant context as well as in order context).

6        API FOR TRIGGERING ACTIONS

The following actions represent the main API of pay:smart and must explicitly be triggered by the merchant’s system when demand arises. For every action the relevant request parameters are given and the contents of the synchronous response and final callback are described

6.1 Actions

6.1.1 identify

Action identify is used to determine the MSISDN or abstract alias and/or the operator of an end-user.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.2 operator-lookup

Action operator-lookup is used to determine an enduser’s MNO from his MSISDN.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.3 start

Action start is used to initiate a one-off payment.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.4 start-subscription

Action start-subscription is used for signing up an enduser to a subscription service.

Typically, a successful signup implies that the end-user was billed once initially – on a failing initial payment the signup would also fail.

Nevertheless, with feature unbilled subscription signups it is also possible to successfully open a subscription – if configured for your order and supported by the PSP – even in case there is no initial payment involved or the end-user has not enough balance to fulfil it. These kinds of signups will be indicated in the XML document of the final callback via:

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.5 renew-subscription

Action renew-subscription is used for explicitly rebilling a previously successfully opened subscription in accordance with the underlying subscription’s definition (subscription period, number of charging events during the period and amount charged).

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.6 close-subscription

Action close-subscription is used whenever a previously opened subscription within pay:smart needs to be closed.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.7 status

Action status is used for retrieving the current status of a transaction or subscription. This action also works for subscriptions under pay:periodic management (was formerly called periodic-status).

There is usually no callback for this action as the synchronous answer contains all information.

Request parameters (see 5):

The response XML document contains the following elements:

6.1.8 prompt

Action prompt is used to exchange information with the enduser. Most often this means that a simple free SMS is delivered. A typically use-case is the decoupled delivery of content that was billed before via renew-subscription or an automatically managed subscription, but in general this action can be used for whatever reason.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.9 refund

Action refund is used to pay back the billed amount of a successful payment initiated e.g. via action start or renew-subscription.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.1.10 customer_id-lookup

Action customer_id-lookup is used to determine an end-user’s abstract alias from his MSISDN.

Request parameters (see 5):

The response XML document contains the following elements:

The XML document contained in the data form field of the callback POST has the following elements:

6.2 Primary additional results

6.2.1 subscription_terminated

This additional result can be returned with value true for any action which is related to a subscription. It indicates that the subscription is closed now and is no longer usable for billing the end-user.

6.2.2 trial_subscription

Indicates with a value of true, that the subscription at hand has a special type. These subscriptions have their first payment attempt not during signup but deferred after some trial period has passed. The first payment attempt will happen during a usual renewal if the subscription was not closed meanwhile.

6.2.3 low_money

This flag is true for subscriptions that could not be billed initially during signup (e.g. because of insufficient balance) but can still be kept for renewal attempts.

6.2.4 avs_registered

When this entry is returned with value true it means that there was a successfully executed age-verification registration for the current enduser. Note that this activity was maybe subject to charge.

6.2.5 notification

This additional result is added to event responses with value true to clearly distinguish notifications from usual callbacks. See 7 for a detailed explanation of notifications and their accompanying secondary additional results.

6.2.6 activity_required

This entry will be present with value true to indicate the necessity of further activities to fulfil the transaction. Section 8 gives details about all possible activities and their corresponding secondary additional results.

6.2.7 proportional_capture

Indicates with a value of true that not the whole reserved amount was billed but only a requested proportional part of it. The corresponding values will be given in the transaction’s section with amount (reserved amount) and billed_amount (actual billed amount).

7        NOTIFICATIONS FOR MANAGED RESOURCES

For some PSPs resp. use cases the management of a subscription, payment, SMS, etc. is handled directly by the PSP or DIMOCO. This is unlike to the case where the merchant manages those resources via explicitly triggering required actions like start-subscription, renew-subscription and close-subscription.

All automatically happening events for a managed resource like opt-in, renew and opt-out are reported to the merchant via so-called notifications that have no prior merchant request. This is in contrast to the manually triggered use cases where every callback from pay:smart always has a corresponding request from the merchant (correlated via unique identifier reference – see 2.1).

The following notifications are delivered to statically defined URLs that can be configured for a specific order on service setup. Renewal- and close-notification URLs can also be provided dynamically with action start-subscription via parameters manage_subscription_url_callback and close_notification_url_callback (see 5).

All notifications are commonly indicated via:

7.1 start-subscription

This notification indicates that an end-user has been signed in to a subscription service externally – without a preceding explicit start-subscription request from the merchant. E.g. SMS opt-in for a service that was announced via advertisement.

7.2  renew-subscription

The outcome of every automatically performed billing event within a subscription service is announced to the merchant’s system via this notification. Note that this can also happen for subscriptions that have been opened explicitly via action start-subscription.

7.3 close-subscription

This notification is triggered when an enduser was unsubscribed from a subscription service externally – without a preceding explicit close-subscription request from the merchant.

7.4 start

The outcome of every one-off payment that has been initiated externally is announced to the merchant’s system via this kind of notification.

7.5 receive-sms-info

For every free SMS received from an enduser that can be correlated to a specifically configured order this notification will be generated.

In the response XML document, the following values are available:

8        ADVANCED FLOWS

For some use cases a more fine-grained integration of pay:smart to the merchant’s portal is desirable. The additional flexibility gained comes at the cost of increased complexity and should be taken into account.

Advanced flows require the merchant’s system to perform additional activities usually involving the end-user while a payment is still in progress. The type of activity that must take place is reported via an interim callback to the merchant’s server. If the end-user was initially redirected to pay:smart, he is returned to the merchant’s portal after the successful delivery of the callback.

Interim callbacks commonly indicate a necessary activity via:

Flow-specific additional values in the result are explained individually below.

8.1 Early end-user return

In very rare cases payment flows may take a significant amount of time at the PSP until the final outcome becomes available. Potentially there is a meaningful activity that the end-user can do during this delay on the merchant’s portal. This advanced flow enables the early return of the end-user to the merchant’s portal even though the final callback was not delivered yet.

Additional values within interim callback:

8.2 SMS from end-user

Some use cases have the requirement that the end-user must manually send an SMS with a predefined text to a given service number. This advanced flow enables the merchant’s system itself to ask the enduser for this SMS as pay:smart would normally do. Thus, no redirect of the enduser to pay:smart is necessary.

Additional values within interim callback:

After the SMS was submitted a follow-up callback will inform about the final outcome of the payment.

8.3 TAN entry on merchant’s portal

For confirming a payment via TAN pay:smart usually displays a page to the end-user where he must submit the TAN previously sent to his mobile. With this advanced flow the merchant’s system itself can ask for the TAN and submit it on behalf of the enduser to pay:smart. Thus, no redirect of the enduser to pay:smart is necessary.

Additional values within interim callback:

After the end-user entered the TAN on the merchant’s portal it must then be submitted via server to server call to pay:smart as explained in 4.4.1 but to the URL specified in the interim callback. The following parameters apply:

The synchronous response to this call contains a flat JSON document delivered with content-type application/json and the following elements:

The asynchronous callback delivered afterwards is either a final callback about the outcome of the payment or again a request-tan interim callback demanding another TAN entry attempt.

8.4 On-demand content provisioning

When the content to deliver cannot be given upfront with the initiation of a payment (e.g. because it is expensive to create) then this flow can help. It will ask the merchant for the content via interim callback at the latest moment possible during the payment.

Additional values within interim callback:

The content must be submitted via server to server call to pay:smart as explained in 4.4.1 but to the URL specified in the interim callback. The following parameters apply:

The synchronous response to this call contains a flat JSON document delivered with content-type application/json and the following elements:

The asynchronous callback delivered afterwards will indicate the final outcome of the payment.

8.5 Content acknowledgement

This flow allows the merchant to fulfil content delivery by his own means while the payment process itself is still handled by pay:smart. To enable this functionality an interim callback will be issued at the correct time during the payment indicating to the merchant that the content shall now be shipped. An acknowledging server to server call from the merchant afterwards will tell pay:smart to finalize or cancel the payment.

Additional values within interim callback:

The acknowledgement must be submitted via server to server call to pay:smart as explained in 4.4.1 but to the URL specified in the interim callback. The following parameters apply:

The synchronous response to this call contains a flat JSON document delivered with content-type application/json and the following elements:

The asynchronous callback delivered afterwards will indicate the final outcome of the payment.

8.6 Proportional capture of reserved amount

If the amount for a payment depends on the actual volume of content consumed by the end-user, this is the appropriate flow. It works for PSPs where a maximum amount can be reserved upfront, and later, when the volume of consumption is known, the proportional amount can be captured.

After the end-user confirmed the payment and the maximum amount was successfully reserved an interim callback will be issued to the merchant that the content can now safely be consumed by the end-user. A server to server call from the merchant afterwards will tell pay:smart to finalize the payment with a proportional amount or to cancel it, e.g. if no consumption happened at all.

This flow is only available for one-off payments via action start. Parameter amount of action start specifies the maximum amount that shall be reserved.

Additional values within interim callback:

The proportional amount must be submitted via server to server call to pay:smart as explained in 4.4.1 but to the URL specified in the interim callback. The following parameters apply:

The synchronous response to this call contains a flat JSON document delivered with content-type application/json and the following elements:

The asynchronous callback delivered afterwards will indicate the final outcome of the payment. In case an amount smaller than the maximum amount was captured, the following elements will apply:

9        ACTION RESULT CODES

Following result codes are used for indicating the reason of a failed action.

Important: Additional codes can be added with future versions of pay:smart.

10        STATUS CODES

10.1 Transaction status

10.2 Subscription status