Each Dalenys platform’s operation return a couple EXECCODE MESSAGE to describe the result of the operation.

In case of a valid request, a TRANSACTIONID is returned.


Make sure to store in your system the TRANSACTIONID for later usage (refund, capture, support requests, matching … ).


Keep in mind that it is not allowed to launch multiple editing transactions at the same moment (concurrent accesses), (such as refunds or captures…) on the same initial transaction. This would result in a refusal to process these operations and an EXECCODE = 2017

Please note that not all of the operations listed below are available on all payment methods and integration modes.

Card information request

To simply get information about the user’s card, you can proceed an authorization operation by setting the AMOUNT parameter to 0.

This operation makes it possible to check the card information (PAN, expiry, cryptogram) without any impact on the end user payment limits.


In case the amount of the request is zero, the AUTHORIZATIONTYPE parameter is useless and would be ignored.


Card information requests cannot be captured or voided.


For card registration, please refer to the recurring payment section.

The transaction return will contain some useful information as :

  • CARDTYPE string

    The payment method type.


    The cardholder’s bank card network.

  • CARDCOUNTRY string(2)

    The country code (format ISO_3166-1_alpha-2).

  • CARDCODE string(12-19)

    A truncated version of the card number.


    Card expiry date.

  • CARDFULLNAME string(1-255)

    The holder’s full name (as described on the payment method).


The payment operation is the simplest action available on the Dalenys platform.

It simply consists in requesting to debit a user of the amount you specify.


This operation makes it possible to hold the transaction’s amount on the cardholder bank account, for later collection triggerable with a capture operation.


An authorization can only be captured once.


Some payment methods require you to capture an authorization within a limited timeframe. The expiration delay of an authorization depends on the payment method and its regulations. The standard timeframe is 7 calendar days.


The capture operation requires a valid TRANSACTIONID from a previous, succeeded and still not captured transaction. A single authorization does not affect the user account until you decide to capture it. The authorization / capture workflow is well suited for delayed payment scenario.


Some payment methods authorize a partial capture of an authorization. To do so, just add the optional AMOUNT parameter to your capture request.
When not specified, 100% of the authorization amount is captured.
AMOUNT cannot be higher than the initial authorization amount.


An authorization can only be captured once.


Some payment methods require you to capture an authorization within a limited timeframe. The expiration delay of an authorization depends on the payment method, its regulations and AUTHORIZATIONTYPE.

  • finalauthorization can be captured within 7 calendar days.
  • preauthorization can be captured within 30 calendar days.

Scheduled capture

A capture can be planned ahead by adding the parameter CAPTUREDATE to your initial authorization request.


A manual capture, (triggered by the merchant with a server to server request or via the Dalenys Extranet), cancels the configured CAPTUREDATE


The CAPTUREDATE parameter must at least refer to the next day.


The schedule is configured on the Paris-Madrid timezone.


A refund operation enables you to credit funds back to a end-user following a previous debit.

A refund transaction is always linked to a successsful payment or capture transaction which it requires the original TRANSACTIONID.

The amount of a refund transaction can be different from the original debit transaction but can not be higher.

You can refund several times a same debit transaction, but the sum of all the refund operations can’t be higher that the original debit amount.

A refund transaction has an impact on the user’s bank account since he will see the funds being credited on his bank statement.


A credit transaction is a special transaction type allowing to give money to the user.

This transaction type should be used in some very special cases (custom refund situations …).


credit transaction are not allowed to all customers by default. You have to contact your account manager to validate the usage conditions and to activate this feature.


This operation can be used to cancel the very last operation of any transaction. (Except the void operation itself, of course)

For example, once captured, an authorization cannot be voided, only the capture could be.

All transactions except authorizations can only be voided on the same day they are processed, that is to say before the funds are sent for compensation to the user’s bank.

An authorization can be voided for the duration of its lifetime as long as it has not been captured.

N-times payment

It is possible to easily split a payment in several installments. The Dalenys platform will process the first installment immediately and in case of acceptation of the first installment, the platform will process the following installments at the given dates. All these installments will result in different transactions sharing the same ORDERID field as the one in the first installment.

To initiate a split payment, you have to replace the AMOUNT parameter by:

  • AMOUNTS hash

    A hash of keys / values where keys are dates and values are the amounts to process:
    Dates have to be in format YYYY-MM-DD;
    Amounts in the smallest money decimal (e.g. cents for euro);
    See the dedicated section.

For example, an AMOUNTS for a 3 installments split:

  • 200€ on 2019-03-14
  • 100€ on 2019-04-14
  • 100€ on 2019-05-15

A n-times transaction must follow these conditions:

  • The time-zone you must use for any n-times transaction is UTC.
  • The first installment must be on the day of the request and will be executed immediately.
  • The interval between the first and last installment must not exceed 90 days.
  • The last installment must occur before the card’s expiry date.
  • Only payment transactions can be split with n-times mode.
  • If the first transaction is refused, the other scheduled transactions won’t be processed, the whole request is considered as refused
  • Schedule dates should be supplied in UTC format.

AMOUNT and AMOUNTS can not be used at the same time.

The first TRANSACTIONID of a n-times schedule will be the schedule reference: SCHEDULEID.

We can configure automatic retries for each installments. To enable and configure this feature, please contact your payment manager.

N-times schedule can be canceled by using the stopntimes operation.

Stop n-times

This operation is used to abort forthcoming installments of an n-times transaction, by providing its SCHEDULEID:


Please note that the past installments won’t be refunded with this operation, you must use classic refund operation to refund each installment.

Recurring payment

Basic usage

It is possible to implement tailor-made recurring payment workflows without storing any sensitive card data by simply using our aliasing features.

You have to add 2 parameters in your payment, authorization or credit initial request.

  • CREATEALIAS boolean

    Ask for a payment method ALIAS creation. Caution: this parameter is mutually exclusive with DISPLAYCREATEALIAS. See the dedicated section.

  • ALIASMODE oneclick, subscription

    Indicates the ALIAS usage mode:
    oneclick indicates a one click or an online transaction;
    subscription indicates an offline transaction.

In the request’s direct response, as well as redirection and notification, you will retrieve the parameter ALIAS:

  • ALIAS string(1-40)

    Identifier of a previously processed payment method.

This parameter is a non-sensible reference for the used payment method in our platform. You have to store and keep this reference in your database for later use.

For each recurring transaction processed on the same ALIAS for the same user on the same payment method, you don’t need to provide the usual payment method details (ie: CARDCODE, CARDVALIDITYDATE, CARDCVV, CARDFULLNAME):

  • ALIAS string(1-40)

    Identifier of a previously processed payment method.

  • ALIASMODE oneclick, subscription

    Indicates the ALIAS usage mode:
    oneclick indicates a one click or an online transaction;
    subscription indicates an offline transaction.


In case of execcode 4018, fees could be applied for each new transaction attempt.


Here is a server to server request example:

$> curl --request POST --url "https://secure-test.be2bill.com/front/service/rest/process" \
--data "method=payment" \
--data "params[OPERATIONTYPE]=payment" \
--data "params[ORDERID]=1234" \
--data "params[ALIAS]=A1-fc5bafe3-8c12-4314-95c7-2e15ec3220e0" \
--data "params[ALIASMODE]=oneclick" \
--data "params[AMOUNT]=1000" \
--data "params[CLIENTIDENT]=john.snow" \
--data "params[CLIENTEMAIL]=john.snow@example.com" \
--data "params[CLIENTUSERAGENT]=Mozilla/5.0 (Windows NT 6.1; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0" \
--data "params[CLIENTIP]=" \
--data "params[CARDFULLNAME]=JOHN SNOW" \
--data "params[DESCRIPTION]=Knows nothing" \
--data "params[HASH]=15477dcb8687adf90fa51e418f3c1a2d025f40b177a978c2734514734633b3c4" \
--data "params[VERSION]=3.0" \

Oneclick with CVV

With ALIASMODE valued to oneclick you can optionally ask the user for the cryptogram and supply it in the recurring request (parameter CARDCVV). The cryptogram will be verified by the user’s bank to grant or deny the transaction.

The hosted-fields integration way of Oneclick transaction with CVV, allows you to implement a single CVV hosted-field.


Keep in mind that storing the cryptogram is forbidden.

Hosted-form option

In a hosted form integration, you can allow the user to choose to register to a recurring workflow or not by providing the parameter:


    Display a checkbox on the hosted form to ask the user to save his card data for future usage. Caution: this parameter is mutually exclusive with CREATEALIAS. See the dedicated section.

When this parameter is valued to true, the hosted form will display a check-box asking for granting Dalenys the permission to store payment method data for easier later re-use.

Authentication (3-D Secure / Secure Code / Safekey)

Almost every card scheme implements an authentication system : 3-D Secure for Visa, Secure Code for Mastercard, Safekey for American Express (…) 3-D Secure is an authentication protocol designed to be an additional security layer for online transactions. The 3-D Secure protocol helps you to mitigate fraud and provide a liability shift to your transactions in case of chargebacks.


Auto trigger rules can be set with the Payment Manager.


The 3-D Secure process concerns payment and authorization transactions.

There is actually 2 versions of the 3-D Secure protocol: 3-D Secure 1.0 and 3-D Secure 2.0 which enforces security with strong customer authentication.

3-D Secure 1.0

The 3-D Secure V1 is the legacy authentication mode for bank card transactions.


To trigger a 3-D Secure authentication you should add the following parameters to your authorization or payment request:

  • 3DSECURE boolean

    Ask for a 3-D Secure V1 authentication.

  • 3DSECUREDISPLAYMODE main,popup,top,raw

    Define the 3-D Secure authentication page display mode:
    main: in the current frame;
    popup: in a browser popup;
    top: in the parent frame (useful in case of iframe integration);
    raw: to handle the redirection by yourself.


On the Sandbox environment, you must use a specific PAN dedicated to trigger execcode 0001. Please consult the section “Sandbox test card numbers” of compatible payment methods.

Server to server integration

In case of server to server integration, you should redirect the user to the authentication page.

Once submitted and accepted by the Dalenys platform, the request will result in an EXECCODE 0001. This EXECCODE means that the transaction is waiting for the authentication process.

In case of EXECCODE 0001, you will receive a new parameter in the response: REDIRECTHTML. This parameter is a html redirection code encoded with base64, so you have to base64_decode it and display it to the end user.

Because of the redirection, you have to wait for the user to come back to your platform to retrieve the transaction’s final result.

When you choose 3DSECUREDISPLAYMODE=raw you will receive these two parameters instead of REDIRECTHTML:

  • REDIRECTURL string(no length limit)

    The url to redirect the user to continue the processing.

  • REDIRECTPOSTPARAMS string(no length limit)

    The POST parameters to send when 3DSECUREDISPLAYMODE is valued to “raw”. The redirection should send the user to the url pointed by REDIRECTURL.

Therefore, you have to redirect the user by yourself by making him submit a POST request with REDIRECTPOSTPARAMS as POST parameters to REDIRECTURL as destination.

3-D Secure 2.0

First of all, you have nothing to change to your implementation workflow regarding a classical 3-D Secure 1.0 implementation. The Dalenys 3-D Secure 2.0 integration is similar to the former version.

Our gateway will automatically handle the confusing and complicated part of the 3-D Secure 2.0 protocol and transition:

  • Strong Customer Authentication exemption handling. This clearly allows you to benefit from optimal conversion rate.

  • Fallback to 3-D Secure 1.0 in case of the 2.0 version is not applicable to the payer card. In the first months we can easily suppose that all issuers won’t be ready to support 2.0 version. The fallback to former version will be automatically handled by our gateway.

You will have to use the parameter 3DSECUREREQUESTCHALLENGE which must be set to:

  • yes You suggest a Strong Customer Authentication to the issuer
  • no You suggest a frictionless authentication to the issuer
  • absent You have no preference in term of authentication and you prefer to defer the authentication method decision.

Keep in mind that the last decision in term of authentication workflow will remain to the issuer.

3-D Secure 2.0 requires new input parameters in your payment and authorization requests. These parameters allow a better tracking of the card holder by the bank network. Some of these parameters are mandatory and some are optionals.


In order to benefit of the best conversion rate, you have to supply as much information as possible. It will lead in an increase of frictionless rate.

Standard parameters

You have to include these parameters regardless of your integration mode.

  • BILLINGCITY string(1-255)

    The billing city.

  • BILLINGCOUNTRY string(2)

    The country code (ISO_3166-1_alpha-2).

  • BILLINGADDRESS string(1-50)

    The billing address. Be careful not to integrate any line breaks.


    The billing postal code.

  • SHIPTOCITY string(1-255)

    The shipping city.

  • SHIPTOCOUNTRY string(2)

    The country code (ISO_3166-1_alpha-2 format)

  • SHIPTOADDRESS string(1-50)

    The shipping address.

  • SHIPTOPOSTALCODE string(1-9)

    The shipping postal code.


    yes ask for a strong authentication;
    no ask for a frictionless authentication;
    if absent, the decision will be made by Dalenys;

  • CLIENTAUTHMETHOD guest, credentials, federated, issuer, thirdparty, fido

    Mechanism used by the Cardholder to authenticate.

    Accepted values:

    guest: No merchant authentication occurred (i.e. cardholder “logged in” as guest);
    credentials: Login to the cardholder account at the merchant system using merchant’s own credentials;
    federated: Login to the cardholder account at the merchant system using federated ID;
    issuer: Login to the cardholder account at the merchant system using issuer credentials;
    thirdparty: Login to the cardholder account at the merchant system using third-party authentication;
    fido: Login to the cardholder account at the merchant system using FIDO Authenticator;


    Date that the cardholder’s account with the 3DS Requestor was last changed, including Billing or Shipping address, new payment account, or new user(s) added.


    Date that the cardholder opened the account with the 3DS Requestor.

  • DEVICECHANNEL app, browser

    Indicates the type of channel interface being used to initiate the transaction. Mandatory for server to server requests.


    Date that cardholder’s account with the 3DS Requestor had a password change or account reset.


    Number of purchases with this cardholder account during the previous six months.


    Number of “Add Card” attempts in the last 24 hours.


    Number of transactions (successful and abandoned) for this cardholder account with the 3DS Requestor across all payment accounts in the previous 24 hours.


    Number of transactions (successful and abandoned) for this cardholder account with the 3DS Requestor across all payment accounts in the previous year.


    Date that the payment account was enrolled in the cardholder’s account with the 3DS Requestor.


    Date when the shipping address used for this transaction was first used with the 3DS Requestor.


    Indicates whether the 3DS Requestor has experienced suspicious activity (including previous fraud) on the cardholder account.


    The state or province of the Cardholder billing address associated with the card used for this purchase. Should be the country subdivision code defined in ISO 3166-2

  • HOMEPHONE string(max 32)

    The home phone number provided by the Cardholder.

  • MOBILEPHONE string(max 32)

    The mobile phone number provided by the Cardholder.

  • SHIPTOSTATE string

    The state or province of the Cardholder shipping address associated with the card used for this purchase. Should be the country subdivision code defined in ISO 3166-2

  • WORKPHONE string(max 32)

    The work phone number provided by the Cardholder.

  • DELIVERYEMAIL email(5-255)

    For Electronic delivery, the email address to which the merchandise was delivered.

  • DELIVERYTIMEFRAME electronic,sameday,overnight,longer,

    Indicates the merchandise delivery timeframe.


    For prepaid or gift card purchase, the purchase amount total of prepaid or gift card(s) in minor units (cents).


    For prepaid or gift card purchase, total count of individual prepaid or gift cards/codes purchased.


    For prepaid or gift card purchase, the currency code of the card as defined in ISO 4217.


    For a pre-ordered purchase, the expected date that the merchandise will be available.


    Indicates whether Cardholder is placing an order for merchandise with a future availability or release date.


    Indicates whether the cardholder is reordering previously purchased merchandise.


    Date after which no further authorisations shall be performed in a recurring payment workwlow.


    Indicates the minimum number of days between authorisations.

Browser parameters

You have to include these parameters in a client browser integration (web).

  • CLIENTACCEPTHEADER string(max 2048)

    Browser HTTP accept header. Mandatory for server to server requests.


    Boolean that represents the ability of the cardholder browser to execute Java. Value is returned from the navigator.javaEnabled property.


    Value representing the bit depth of the colour palette for displaying images, in bits per pixel. Obtained from Cardholder browser using the screen.colorDepth property.


    Total height of the Cardholder’s screen in pixels. Value is returned from the screen.height property.


    Total width of the cardholder’s screen in pixels. Value is returned from the screen.width property.

  • LANGUAGE fr, en, de, es, it, nl, zh, ru, pt, cs

    Configure the hosted form display language.

  • TIMEZONE string(1-128)

    Timezone / default value : UTC. Please see the Data sheet dedicated list of available timezones.

Mobile / SDK parameters

You have to include these parameters for mobile in-app integration:


    Universally unique ID created upon all installations and updates of the 3DS Requestor App on a Consumer Device. This will be newly generated and stored by the 3DS SDK for each installation or update. Canonical format as defined in IETF RFC 4122.


    JWE Object as defined in Section containing data encrypted by the SDK for the DS to decrypt. Note: This element is the only field encrypted in this version of the EMV 3-D Secure specification.


    Public key component of the ephemeral key pair generated by the 3DS SDK and used to establish session keys between the 3DS SDK and ACS. In AReq, this data element is present as its own object.

  • 3DSECURESDKMAXTIMEOUT integer(min 5)

    Indicates maximum amount of time (in minutes) for all exchanges.


    Identifies the vendor and version for the 3DS SDK that is integrated in a 3DS Requestor App, assigned by EMVCo when the 3DS SDK is approved.


    Universally unique transaction identifier assigned by the 3DS SDK to identify a single transaction.

External MPI

It’s possible to use your own 3-D Secure MPI, you have to ask the activation of this option to your payment manager and then add the following fields to your 3-D Secure transactions :

  • 3DSECURE_XID hexadecimal string(max 40)

    3-D Secure X id.

  • 3DSECURE_CAVV hexadecimal string(max 40)

    3-D Secure “Cardholder Authentication Verification Value”.


    3-D Secure “Cardholder Authentication Verification Value” algorithm(0-9).

  • 3DSECURE_RESULT u, a, n, y, Blank (space)

    PARes result convert in ASCII hexadecimal. « status » in the MPI response:
    u: ACS call carried out;
    n: ACS completed;
    a: Authentication failed;
    y: Authentication success;
    Blank (space): ACS Timeout.

  • 3DSECURE_ECI string (1)

    Electronic Commerce Indicator.


    Card’s enrollment status.

  • 3DSECURE_STATUS u, n, a, y

    3-D Secure status.

Redirection result

In both server to server and hosted form modes, you will only receive the transaction’s final result once the user is redirected to your platform.

You can then display a confirmation message to the user and process the transaction in your application.


You have to check the received HASH against the one you generate, to confirm the request’s origin and integrity before redirecting the user. See this section for more information. Other parameters relating to the original request as AMOUNT and ORDERID must be verified.

Additional notification parameters

3-D Secure transactions can be configured to receive some additional parameters:


    Authentication status (Y = yes ; N = no ; U = unavailable; A = attempted).


    Signature status.

  • 3DSGLOBALSTATUS ok, not_enrolled, unavailable, not_required

    Global status.


    Card 3-D Secure enrollment status.

For more information about these parameters or the activation of this feature please contact your payment manager.