Auth.net (AIM) emulation API **DEPRECATED**

Owned by Jed Danner
Last updated: Feb 14, 2024 by Sarah Geren
25 min read

Auth.net has deprecated the AIM implementation part of their service, and as such we have deprecated this API as well.  However, there are no plans to discontinue this API service for any integrated applications.  We do not have any plans at this time to provide an emulated environment based on Auth.net's newer expanded API end-points.  For any new integrations we suggest using our HTTP API, REST API, and SOAP Web Service

AIM Implementation

To implement AIM, a developer would design a script that does the following:

  1. Securely obtains all of the information needed to process a transaction.
  2. Initiates a secure HTTPS post from their server to:
    https://secure.gotobilling.com/gateway/transact.php
  3. Receives the response from the gateway and processes the response to display the appropriate result to the end user.

Minimum Requirements for AIM

The following is the minimum set of NAME/VALUE pairs that should be submitted to the gateway when using AIM for a credit card transaction

Field NameField Value
x_version3.1
x_delim_dataTrue
x_relay_responseFalse
x_loginAPI login ID (Merchant ID) for the payment gateway account
x_tran_keyTransaction key or Gateway Pin
x_amountAmount of purchase inclusive of tax
x_card_numCard number
x_exp_dateCard expiration date
x_typeType of transaction (AUTH_CAPTURE, AUTH_ONLY, CAPTURE_ONLY, CREDIT, VOID, PRIOR_AUTH_CAPTURE)

The following is the minimum set of NAME/VALUE pairs that should be submitted to the gateway when using AIM for an eCheck transaction.

Field NameField Value
x_version3.1
x_delim_dataTrue
x_relay_responseFalse
x_loginAPI login ID (Merchant ID) for the payment gateway account
x_tran_keyTransaction key or Gateway Pin
x_amountAmount of purchase inclusive of tax
x_bank_aba_codeABA routing number
x_bank_acct_numBank Account Number
x_bank_acct_typeType of Account – Checking, Business Checking or Savings
x_bank_nameName of bank at which account is maintained
x_bank_acct_nameName under which the account is maintained at the bank
x_typeType of transaction (AUTH_CAPTURE, CREDIT)
x_echeck_typeType of eCheck transaction (ARC, PPD, TEL, WEB)
x_bank_check_numberThe check number (required only for ARC eCheck transaction types)

Standard Transaction Submission API for AIM

The Standard Transaction Submission API defines the information that can be submitted to the gateway for real-time transaction processing. The API consists of a set of fields that are required for each transaction, and a set of fields that are optional. Under the API, the gateway accepts a NAME/ VALUE pair. The NAME is the field name and indicates to the gateway what information is being submitted. VALUE contains the content of the field.

The following tables contain the data fields that may be submitted to the system with any transaction. The fields are grouped logically in the tables, based on the information submitted. Each table contains the following information:

  • Field – Name of the parameter that may be submitted on a transaction.
  • Required – Indicates whether the field is required on a transaction. If Conditional, indicates that the field is required based on the existence or value of another field. In cases where a dependency exists, an explanation is provided.
  • Value – Lists the possible values that may be submitted for the field. In cases where a format is validated, an explanation is provided.
  • Max Length – Indicates the maximum number of characters that may be supplied for each field.
  • Description – Provides additional details on how the field is used.

Merchant Account Information

Merchant ID and PIN **DEPRECATED**

For more information on obtaining your PIN, see: Generating a Merchant Gateway Pin

FieldRequiredDescription
x_loginRequiredMerchant ID assigned by gotoBilling
x_tran_keyRequiredMerchant Pin associated with the Merchant ID. Assigned by gotoBilling

API Access Key Pair

For more information on obtaining an API access key, see: Managing API Access Keys

FieldRequiredDescription
x_access_keyRequiredGenerated API access key
x_access_key_secretRequiredKey secret associated with the given access_key


The following fields are optional.

Field NameRequiredValueMax LengthDescription
x_test_requestOptionalTRUE, FALSE5Indicates whether the transaction should be processed as a test transaction. Please refer to Appendix G for further information on this field.
source_descriptionOptionalVaries by merchant50Used in issue tracking, this is the name and version of the application that is using the service.
module_descriptionOptionalVaries by merchant10Used in issue tracking, this is auxiliary information pertaining to the merchant such as OS, mobile phone number, device ID, etc .


Gateway Response Configuration

The following fields determine how a transaction response will be returned once a transaction is submitted to the system.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_delim_dataRequiredTRUE5In order to receive a delimited response from the gateway, this field has to be submitted with a value of TRUE or the merchant has to configure a delimited response through the Merchant Interface.
x_relay_responseRequiredFALSEN/AIndicates whether a relay response is desired. As all AIM transactions are direct response, a value of FALSE is required.

Customer Name and Billing Address

The customer billing address fields listed below contain information on the customer billing address associated with each transaction.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_first_nameOptionalAny string50Contains the first name of the customer associated with the billing address for the transaction.
x_last_nameOptionalAny string50Contains the last name of the customer associated with the billing address for the transaction.
x_companyOptionalAny string50Contains the company name associated with the billing address for the transaction.
x_addressOptionalAny string60Contains the address of the customer associated with the billing address for the transaction.
x_cityOptionalAny string40Contains the city of the customer associated with the billing address for the transaction.
x_stateOptionalIf passed, the value will be verified. Any valid two- digit state code or full state name40Contains the state of the customer associated with the billing address for the transaction.
x_zipOptionalAny string20Contains the zip of the customer associated with the billing address for the transaction.
x_countryOptionalIf passed, the value will be verified. Any valid two- digit country code or full country name (spelled in English)60Contains the country of the customer associated with the billing address for the transaction.
x_phoneOptionalAny string. Recommended format is 333444555525Contains the phone number of the customer associated with the billing address for the transaction.
x_faxOptionalAny string. Recommended format is 333444555525Contains the fax number of the customer associated with the billing address for the transaction.
x_display_asOptionalcompany, contact10Contains a value for how the customer account name should be displayed. The default is contact which displays first name and last name. Change to company and include a value in company name to display the customer account name as the company name rather than first name and last name.

Additional Customer Data

Merchants may provide additional customer information with a transaction, based on their respective requirements.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_cust_idOptionalAny string20Unique identifier to represent the customer associated with the transaction.
x_customer_ipOptionalRequired format is 255.255.255.255. If this value is not passed, it will default to 255.255.255.25515IP address of the customer initiating the transaction.
x_customer_tax_idOptionaldigits/numbersonly9Tax ID or SSN of the customer initiating the transaction.

Email Settings

The following fields describe how and when emails will be sent when transactions are processed by the system.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_emailOptionalAny valid email address255Email address to which the customer’s copy of the confirmation email is sent. No email will be sent to the customer if the email address does not meet standard email format checks.
x_email_customerOptionalTRUE, FALSE5Indicates whether a confirmation email should be sent to the customer. If no value is submitted, system will default to the value configured in the Merchant Interface.
x_merchant_emailOptionalAny valid address255Email address to which the merchant’s copy of the customer confirmation email should be sent. If a value is submitted, an email will be sent to this address as well as the address(es) configured in the Merchant Interface.

Invoice Information

Based on their respective requirements, merchants may submit invoice information with a transaction. Two invoice fields are provided in the gateway API.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_invoice_numOptionalAny string20Merchant-assigned invoice number.
x_descriptionOptionalAny string255Description of the transaction.

Transaction Data

The following fields contain transaction-specific information such as amount, payment method, and transaction type.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_amountRequiredAny amount15Total value to be charged or credited inclusive of tax.
x_process_dateOptionalNumeric8Date on which the transaction is to be processed. If no date is given, the transaction will default to the date it is submitted on. Format:YYYYMMDD
x_occurrence_typeOptionalsingle, week, biweek, month, bimonth, quarter, semiannual, annual10Selects the type of occurrence the transaction should have. Defaults to single if none is specified.
x_allow_recurringOptionalTRUE,FALSE5Offers options to the paying customer to select if the payment should be recurring, what schedule to charge recurring payments on, and the maximum number of payments to collect.
x_occurrence_numberOptionalNumeric3Selects the amount of occurrences a recurring transaction should have. Defaults to indefinite if none is specified.
x_currency_codeOptionalValid code3Currency of the transaction amount. If left blank, this value will default to the value specified in the Merchant Interface. See Appendix I for other values.
x_methodRequiredCC, ECHECKN/AIndicates the method of payment for the transaction being sent to the system. If left blank, this value will default to CC.
x_typeRequiredAUTH_CAPTURE, AUTH_ONLY, CAPTURE_ONLY, CREDIT, VOID, PRIOR_AUTH_CAPTURE, AVSONLYN/AIndicates the type of transaction. If the value in the field does not match any of the values stated, the transaction will be rejected. If no value is submitted in this field, the gateway will process the transaction as an AUTH_CAPTURE
x_bank_aba_codeConditional. Required if x_method = ECHECK.Valid routing number9Routing number of a bank for eCheck transactions.
x_bank_acct_numConditional. Required if x_method = ECHECKValid account number20Checking or savings account number.
x_bank_acct_typeConditional. Required if x_method = ECHECKCHECKING, BUSINESSCHECKING, SAVINGS16Describes the type of bank account; if no value is provided, default is set to CHECKING.
x_bank_nameConditional. Required if x_method = ECHECKValid bank name50Contains the name of the customer’s financial institution.
x_bank_acct_nameConditional. Required if x_method = ECHECKAlphanumeric50Is the customer’s name as it appears on their bank account.
x_echeck_typeConditional. Required if x_method = ECHECKARC, PPD, TEL, WEB3Indicates the type of eCheck payment request.
x_bank_check_numberConditional; Required if x_echeck_type = ARC or BOC.Alpha-numeric15The check number on the customer’s paper check. See Appendix B for details on eCheck types.
x_card_nameOptionalValid Name22Cardholder Name.
x_card_numConditional; Required if x_method = CC;Numeric credit card number22Credit card number.
x_exp_dateConditional; Required if x_method = CCMMYY4Contains the date on which the credit card expires.
x_card_codeOptionalValid CVV2, CVC2 or CID value4The three or four-digit number on the back of a credit card (on front for American Express).
x_trans_idConditional; Required if x_type = CREDIT, VOID, or PRIOR_AUTH_CAPTUREValid transaction ID10ID of a transaction previously authorized by the gateway.
x_auth_codeConditional; Required if x_type = CAPTURE_ONLYValid authorization code6Authorization code for a previous transaction not authorized on the gateway that is being submitted for capture.
x_authentication_indicatorOptional; Conditional; Required only for AUTH_ONLY and AUTH_CAPTURE transactions processed through cardholder authentication programs. When submitted with other transaction types, this value is ignored.Valid ECI or UCAF indicator value (obtained by the merchant after the authentication process).N/AThe commerce indicator (ECI) value for a Visa transaction; or the universal cardholder authentication field indicator (UCAF for a MasterCard transaction. This field is currently supported through FDC Nashville and Vital. This field is also supported by Wells Fargo SecureSource for Visa transactions only.
x_cardholder_authentication_valueOptional; Required only for AUTH_ONLY and AUTH_CAPTURE transactions processed through cardholder authentication programs. When submitted with other transaction types, this value is ignored.Valid CAVV, AVV, or UCAF value (obtained by the merchant after the authentication process).N/AThe cardholder authentication verification value (CAVV) for a Visa transaction; or account holder authentication value (AVV)/ universal cardholder authentication field (UCAF) for a MasterCard transaction. This field is currently supported through FDC Nashville and Vital. This field is also supported by Wells Fargo SecureSource for Visa transactions only.
x_track_dataOptional

For swiped cards this is the track1 and track2 data. Used in providing proof of a swiped card present transaction, which can allow for lower rates when processing.

May be track1, track2, or a combined track1/track2 read. Typically recommended to pass the data to GoToBilling exactly as received (track1/track2 combined).

Should not be specified if referencing a ticket id.

GoToBilling strictly validates the formatting of trackdata. If sending a combined track1/track2, you must use standardized framing characters. Track 1 must begin with % and end with ? Track 2 must begin with ; and end with ? Track 1 must always begin with a capital B (after the start sentinel if provided). The framing characters are optional if only sending track1 or track2. GoToBilling does not allow leading, trailing or separating whitespace or LRC characters in the trackdata format.

x_reference_idOptionalAlphanumeric32Unique reference number for the transaction. Will be passed back in the response once the transaction has processed.
x_ach_verificationOptional'true','false'5Flag indicating whether or not to pass the ACH account information through the verification network. If verification is enabled and the verification fails, the transaction will be declined. Defaults to 'false'.
x_tokenOptionalAlphanumeric, Valid 3DS Payment TokenN/AA valid 3DS (3D Secure) payment token, issued by a trusted provider offering payment tokenization, must be presented in this field. The x_token field value must be included along with the other conditionally required fields for x_method = CC (x_card_num and x_exp_date).

Level 2 Data

The system supports Level 2 transaction data by providing the following fields as part of the transaction submission API. The tax, freight, and duty fields allow a delimited string for submitting extended information.

FIELDREQUIREDVALUEMAX LENGTHDESCRIPTION
x_po_numOptionalAny string25Contains the purchase order number.
x_taxOptionalAny valid tax amountN/AContains the sales tax amount OR delimited tax information including the sales tax name, description, and amount. The dollar sign ($) is not allowed when submitting delimited information.

Gateway Response API

This section describes the response returned by the gateway when a merchant server submits a transaction for processing. The response is a set of fields that give merchants information about the status of a transaction. The fields will be comma delimited by default or delimited by the character specified by the merchant. The merchant server can parse this data and determine the message to display to the customer.

Fields in the Gateway Response

The following table indicates the order of the fields returned in the AIM response from the gateway to the merchant server.

POSITION IN RESPONSEFIELD NAME OF VALUE IN RESPONSEDESCRIPTION
1Response CodeIndicates the result of the transaction:
  • 1 = Approved
  • 2 = Declined
  • 3 = Error
2Response SubcodeA code used by the system for internal transaction tracking.
3Response Reason CodeA code representing more details about the result of the transaction.
4Response Reason TextBrief description of the result, which corresponds with the Response Reason Code.
5Approval CodeFor credit cards this will be the six-digit alphanumeric authorization or approval code.

For ECHECK verification transactions this will be the AUTH NUM of the verification request, if approved.

6AVS Result CodeIndicates the result of Address Verification System (AVS) checks:
  • A = Address (Street) matches, ZIP does not
  • B = Address information not provided for AVS check
  • E = AVS error
  • G = Non-U.S. Card Issuing Bank
  • N = No Match on Address (Street) or ZIP
  • P = AVS not applicable for this transaction
  • R = Retry – System unavailable or timed out
  • S = Service not supported by issuer
  • U = Address information is unavailable
  • W = 9 digit ZIP matches, Address (Street) does not
  • X = Address (Street) and 9 digit ZIP match
  • Y = Address (Street) and 5 digit ZIP match
  • Z = 5 digit ZIP matches, Address (Street) does not
7Transaction IDThis number identifies the transaction in the system and can be used

to submit a modification of this transaction at a later time, such as voiding, crediting or capturing the transaction.

8Invoice NumberEchoed from input value for x_invoice_num.
9DescriptionEchoed from input value for x_description.
10AmountEchoed from input value for x_amount.
11MethodEchoed from input value for x_method.
12Transaction TypeEchoed from input value for x_type.
13Customer IDEchoed from input value for x_cust_id.
14Cardholder First NameEchoed from input value for x_first_name.
15Cardholder Last NameEchoed from input value for x_last_name.
16CompanyEchoed from input value for x_company.
17Billing AddressEchoed from input value for x_address.
18CityEchoed from input value for x_city.
19StateEchoed from input value for x_state.
20ZipEchoed from input value for x_zip.
21CountryEchoed from input value for x_country.
22PhoneEchoed from input value for x_phone.
23FaxEchoed from input value for x_fax.
24EmailEchoed from input value for x_email.
25Ship to First NameEchoed from input value for x_ship_to_first_name.
26Ship to Last NameEchoed from input value for x_ship_to_last_name.
27Ship to CompanyEchoed from input value for x_ship_to_company.
28Ship to AddressEchoed from input value for x_ship_to_address.
29Ship to CityEchoed from input value for x_ship_to_city.
30Ship to StateEchoed from input value for x_ship_to_state.
31Ship to ZipEchoed from input value for x_ship_to_zip.
32Ship to CountryEchoed from input value for x_ship_to_country.
33Tax AmountEchoed from input value for x_tax.
34Duty AmountEchoed from input value for x_duty.
35Freight AmountEchoed from input value for x_freight.
36Tax Exempt FlagEchoed from input value for x_tax_exempt.
37PO NumberEchoed from input value for x_po_num.
38MD5 HashSystem-generated hash that may be validated by the merchant to

authenticate a transaction response received from the gateway.

39Card Code (CVV2/CVC2/CID)Indicates the results of Card Code verification:
  • M = Match
  • N = No Match
  • P = Not Processed
  • S = Should have been present
  • U = Issuer unable to process request
40Cardholder Authentication Verification Value - (CAVV) Response CodeIndicates the results of cardholder authentication verification:
  • Blank or not present = CAVV not validated
  • 0 = CAVV not validated because erroneous data was submitted
  • 1 = CAVV failed validation
  • 2 = CAVV passed validation
  • 3 = CAVV validation could not be performed; issuer attempt

incomplete

  • 4 = CAVV validation could not be performed; issuer system

error

  • 5 = Reserved for future use
  • 6 = Reserved for future use
  • 7 = CAVV attempt – failed validation – issuer available (U.S.-

issued card/non-U.S acquirer)

  • 8 = CAVV attempt – passed validation – issuer available (U.S.-

issued card/non-U.S. acquirer)

  • 9 = CAVV attempt – failed validation – issuer unavailable

(U.S.-issued card/non-U.S. acquirer)

  • A = CAVV attempt – passed validation – issuer unavailable

(U.S.-issued card/non-U.S. acquirer)

  • B = CAVV passed validation, information only, no liability

shift

41Card NumberIf transaction is credit card based this field contains the masked version of the submitted credit card number
42Card TypeIf transaction is credit card based this field contains the credit card type
43Split Tender IdEchoed from input value for x_split_tender_id.
44x_requested_amountOriginally requested transaction amount
45x_balance_on_cardEchoed from input value for x_balance_on_card.
46x_exp_dateEchoed from input value for x_exp_date.
47x_reference_idEchoed from input value for x_reference_id.

Response Reason Codes & Response Reason Text

RESPONSE CODERESPONSE REASON CODERESPONSE REASON TEXTNOTES
11This transaction has been approved.
22This transaction has been declined.
23This transaction has been declined.
24This transaction has been declined.The code returned from the processor indicating that the card used needs to be picked up.
35A valid amount is required.The value submitted in the amount field did not pass validation for a number.
36The credit card number is invalid.
37The credit card expiration date is invalid.The format of the date submitted was incorrect.
38The credit card has expired.
39The ABA code is invalid.The value submitted in the x_bank_aba_code field did not pass validation or was not for a valid financial institution.
310The account number is invalid.The value submitted in the x_bank_acct_num field did not pass validation.
311A duplicate transaction has been submitted.A transaction with identical amount and credit card information was submitted two minutes prior.
312An authorization code is required but not present.A transaction that required x_auth_code to be present was submitted without a value.
313The merchant API login ID is invalid or the account is inactive.
314The Referrer or Relay Response URL is invalid.The Relay Response or Referrer URL does not match the merchant’s configured value(s) or is absent. Applicable only to SIM and WebLink APIs.
315The transaction ID is invalid.The transaction ID value is non-numeric or was not present for a transaction that requires it (i.e., VOID, PRIOR_AUTH_CAPTURE, and CREDIT).
316The transaction was not found.The transaction ID sent in was properly formatted but the gateway had no record of the transaction.
317The merchant does not accept this type of credit card.The merchant was not configured to accept the credit card submitted in the transaction.
318ACH transactions are not accepted by this merchant.The merchant does not accept electronic checks.
319An error occurred during processing. Please try again in 5 minutes.
320An error occurred during processing. Please try again in 5 minutes.
321An error occurred during processing. Please try again in 5 minutes.
322An error occurred during processing. Please try again in 5 minutes.
323An error occurred during processing. Please try again in 5 minutes.
324The Nova Bank Number or Terminal ID is incorrect. Call Merchant Service Provider.
325An error occurred during processing. Please try again in 5 minutes.
326An error occurred during processing. Please try again in 5 minutes.
227The transaction resulted in an AVS mismatch. The address provided does not match billing address of cardholder.
328The merchant does not accept this type of credit card. The Merchant ID at the processor was not configured to accept this card type.
329The PaymentTech identification

numbers are incorrect. Call Merchant Service Provider.

330The configuration with the

processor is invalid. Call Merchant Service Provider.


331The FDC Merchant ID or Terminal ID is incorrect. Call Merchant Service Provider.The merchant was incorrectly set up at the processor.
332This reason code is reserved or not applicable to this API.
333FIELD cannot be left blank.The word FIELD will be replaced by an actual field name. This error indicates that a field the merchant specified as required was not filled in.
334The VITAL identification numbers are incorrect. Call Merchant Service Provider.The merchant was incorrectly set up at the processor.
335An error occurred during processing. Call Merchant Service Provider.The merchant was incorrectly set up at the processor.
336The authorization was approved, but settlement failed.
337The credit card number is invalid.
338The Global Payment System identification numbers are incorrect. Call Merchant Service Provider.The merchant was incorrectly set up at the processor.
339The supplied currency code is either invalid, not supported, not allowed for this merchant or doesn’t have an exchange rate.
340This transaction must be encrypted.
241This transaction has been declined.Only merchants set up for the FraudScreen service would receive this decline. This code will be returned if a given transaction’s fraud score is higher than the threshold set by the merchant.
342There is missing or invalid information in a required field.This is applicable only to merchants processing through the Wells Fargo SecureSource product who have requirements for transaction submission that are different from merchants not processing through Wells Fargo.
343The merchant was incorrectly set up at the processor. Call your Merchant Service Provider.The merchant was incorrectly set up at the processor.
244This transaction has been declined.The merchant would receive this error if the Card Code filter has been set in the Merchant Interface and the transaction received an error code from the processor that matched the rejection criteria set by the merchant.
245This transaction has been declined.This error would be returned if the transaction received a code from the processor that matched the rejection criteria set by the merchant for both the AVS and Card Code filters.
346Your session has expired or does not exist. You must log in to continue working.
347The amount requested for settlement may not be greater than the original amount authorized.This occurs if the merchant tries to capture funds greater than the amount of the original authorization-only transaction.
348This processor does not accept partial reversals.The merchant attempted to settle for less than the originally authorized amount.
349A transaction amount greater than $[amount] will not be accepted.The transaction amount submitted was greater than the maximum amount allowed.
350This transaction is awaiting settlement and cannot be refunded.Credits or refunds may only be performed against settled transactions. The transaction against which the credit/refund was submitted has not been settled, so a credit cannot be issued.
351The sum of all credits against this transaction is greater than the original transaction amount.
352The transaction was authorized, but the client could not be notified; the transaction will not be settled.
353The transaction type was invalid for ACH transactions.If x_method = ECHECK, x_type cannot be set to CAPTURE_ONLY.
354The referenced transaction does not meet the criteria for issuing a credit.
355The sum of credits against the referenced transaction would exceed the original debit amount.The transaction is rejected if the sum of this credit and prior credits exceeds the original debit amount.
356This merchant accepts ACH transactions only; no credit card transactions are accepted.The merchant processes eCheck transactions only and does not accept credit cards.
357An error occurred in processing. Please try again in 5 minutes.
358An error occurred in processing. Please try again in 5 minutes.
359An error occurred in processing. Please try again in 5 minutes.
360An error occurred in processing. Please try again in 5 minutes.
361An error occurred in processing. Please try again in 5 minutes.
362An error occurred in processing. Please try again in 5 minutes.
363An error occurred in processing. Please try again in 5 minutes.
364The referenced transaction was not approved.This error is applicable to Wells Fargo SecureSource merchants only. Credits or refunds cannot be issued against transactions that were not authorized.
265This transaction has been declined.The transaction was declined because the merchant configured their account through the Merchant Interface to reject transactions with certain values for a Card Code mismatch.
366This transaction cannot be accepted for processing.The transaction did not meet gateway security guidelines.
367The given transaction type is not supported for this merchant.This error code is applicable to merchants using the Wells Fargo SecureSource product only. This product does not allow transactions of type

CAPTURE_ONLY.

368The version parameter is invalid.The value submitted in x_version was invalid.
369The transaction type is invalid.The value submitted in x_type was invalid.
370The transaction method is invalid.The value submitted in x_method was invalid.
371The bank account type is invalid.The value submitted in x_bank_acct_type was

invalid.

372The authorization code is invalid.The value submitted in x_auth_code was more than six characters in length.
373The driver’s license date of birth is invalid.The format of the value submitted in x_drivers_license_num was invalid.
374The duty amount is invalid.The value submitted in x_duty failed format

validation.

375The freight amount is invalid.The value submitted in x_freight failed format

validation.

376The tax amount is invalid.The value submitted in x_tax failed format

validation.

377The SSN or tax ID is invalid.The value submitted in x_customer_tax_id

failed validation.

378The Card Code (CVV2/CVC2/CID) is invalid.The value submitted in x_card_code failed

format validation.

379The driver’s license number is

invalid.

The value submitted in x_drivers_license_num

failed format validation.

380The driver’s license state is

invalid.

The value submitted in x_drivers_license_state

failed format validation.

381The requested form type is invalid.The merchant requested an integration method not compatible with the AIM API.
382Scripts are only supported in version 2.5.The system no longer supports version 2.5; requests cannot be posted to scripts.
383The requested script is either invalid or no longer supported.The system no longer supports version 2.5; requests cannot be posted to scripts.
384This reason code is reserved or not applicable to this API.
385This reason code is reserved or not applicable to this API.
386This reason code is reserved or not applicable to this API.
387This reason code is reserved or not applicable to this API.
388This reason code is reserved or not applicable to this API.
389This reason code is reserved or not applicable to this API.
390This reason code is reserved or not applicable to this API.
391Version 2.5 is no longer supported.
392The gateway no longer supports the requested method of integration.
393A valid country is required.This code is applicable to Wells Fargo

SecureSource merchants only. Country is a required field and must contain the value of a supported country.

394The shipping state or country is

invalid.

This code is applicable to Wells Fargo

SecureSource merchants only.

395A valid state is required.This code is applicable to Wells Fargo

SecureSource merchants only.

396This country is not authorized for

buyers.

This code is applicable to Wells Fargo

SecureSource merchants only. Country is a required field and must contain the value of a supported country.

397This transaction cannot be

accepted.

Applicable only to SIM API. Fingerprints are

only valid for a short period of time. This code indicates that the transaction fingerprint has expired.

398This transaction cannot be

accepted.

Applicable only to SIM API. The transaction

fingerprint has already been used.

399This transaction cannot be

accepted.

Applicable only to SIM API. The server-

generated fingerprint does not match the merchant-specified fingerprint in the x_fp_hash field.

3100The eCheck type is invalid.Applicable only to eCheck. The value specified

in the x_echeck_type field is invalid.

3101The given name on the account

and/or the account type does not match the actual account.

Applicable only to eCheck. The specified name

on the account and/or the account type do not match the NOC record for this account.

3102This request cannot be accepted.A password or transaction key was submitted

with this WebLink request. This is a high security risk.

3103This transaction cannot be

accepted.

A valid fingerprint, transaction key, or password

is required for this transaction.

3104This transaction is currently

under review.

Applicable only to eCheck. The value submitted

for country failed validation.

3105This transaction is currently

under review.

Applicable only to eCheck. The values

submitted for city and country failed validation.

3106This transaction is currently

under review.

Applicable only to eCheck. The value submitted

for company failed validation.

3107This transaction is currently

under review.

Applicable only to eCheck. The value submitted

for bank account name failed validation.

3108This transaction is currently

under review.

Applicable only to eCheck. The values

submitted for first name and last name failed validation.

3109This transaction is currently

under review.

Applicable only to eCheck. The values

submitted for first name and last name failed validation.

3110This transaction is currentlyApplicable only to eCheck. The value submitted under review. Reason: bank account name does not contain valid characters.
3111A valid billing country is required.This code is applicable to Wells Fargo SecureSource merchants only.
3112A valid billing state/province is

required.

This code is applicable to Wells Fargo

SecureSource merchants only.

3116The authentication indicator is

invalid.

This code is applicable only to merchants that

include the x_authentication_indicator in the transaction request. The ECI value for a Visa transaction; or the UCAF indicator for a MasterCard transaction submitted in the x_authentication_indicator field is invalid.

3117The cardholder authentication

value is invalid.

This code is applicable only to merchants that

include the x_cardholder_authentication_value in the transaction request. The CAVV for a Visa transaction; or the AVV/UCAF for a MasterCard transaction is invalid.

3118The combination of

authentication indicator and cardholder authentication value is invalid.

This code is applicable only to merchants that

include the x_authentication_indicator and x_authentication_value in the transaction request. The combination of authentication indicator and cardholder authentication value for a Visa or MasterCard transaction is invalid.

3119Transactions having cardholder

authentication values cannot be marked as recurring.

This code is applicable only to merchants that

include the x_authentication_indicator and x_recurring_billing in the transaction request. Transactions submitted with a value in x_authentication_indicator AND x_recurring_billing =YES will be rejected.

3120An error occurred during

processing. Please try again.

The system-generated void for the original

timed-out transaction failed. (The original transaction timed out while waiting for a response from the authorizer.)

3121An error occurred during

processing. Please try again.

The system-generated void for the original errored transaction failed. (The original transaction experienced a database error.)
3122An error occurred during

processing. Please try again.

The system-generated void for the original errored transaction failed. (The original transaction experienced a processing error.)
3123This account has not been given the permission(s) required for this request.The transaction request must include the API login ID associated with the payment gateway account.
2127The transaction resulted in an

AVS mismatch. The address provided does not match billing address of cardholder.

The system-generated void for the original AVS-

rejected transaction failed.

3128This transaction cannot be processed.The customer's financial institution does not currently allow transactions for this account.
3130This payment gateway account has been closed.IFT: The payment gateway account status is Blacklisted.
3131This transaction cannot be accepted at this time.IFT: The payment gateway account status is Suspended-STA.
3132This transaction cannot be accepted at this time.IFT: The payment gateway account status is Suspended-Blacklist.
2141This transaction has been

declined.

The system-generated void for the original

FraudScreen-rejected transaction failed.

2145This transaction has been

declined.

The system-generated void for the original card

code-rejected and AVS-rejected transaction failed.

2152The transaction was authorized,

but the client could not be notified; the transaction will not be settled.

The system-generated void for the original

transaction failed. The response for the original transaction could not be communicated to the client.

2165This transaction has been

declined.

The system-generated void for the original card

code-rejected transaction failed.

3170An error occurred during

processing. Please contact the merchant.

Concord EFS – Provisioning at the processor has

not been completed.

3171An error occurred during

processing. Please contact the merchant.

Concord EFS – This request is invalid.
3172An error occurred during

processing. Please contact the merchant.

Concord EFS – The store ID is invalid.
3173An error occurred during

processing. Please contact the merchant.

Concord EFS – The store key is invalid.
3174The transaction type is invalid.

Please contact the merchant.

Concord EFS – This transaction type is not

accepted by the processor.

3175The processor does not allow

voiding of credits.

Concord EFS – This transaction is not allowed.

The Concord EFS processing platform does not support voiding credit transactions. Please debit the credit card instead of voiding the credit.

3180An error occurred during

processing. Please try again.

The processor response format is invalid.
3181An error occurred during

processing. Please try again.

The system-generated void for the original

invalid transaction failed. (The original transaction included an invalid processor response format.)

3185This reason code is reserved or not applicable to this API.
4193The transaction is currently under

review.

The transaction was placed under review by the

risk management system.

2200This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The credit card number is invalid.

2201This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The expiration date is invalid.

2202This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The transaction type is invalid.

2203This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The value submitted in the amount field is invalid.

2204This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The department code is invalid.

2205This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The value submitted in the merchant number field is invalid.

2206This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The merchant is not on file.

2207This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The merchant account is closed.

2208This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The merchant is not on file.

2209This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. Communication with the processor could not be established.

2210This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The merchant type is incorrect.

2211This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The cardholder is not on file.

2212This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The bank configuration is not on file

2213This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The merchant assessment code is incorrect.

2214This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. This function is currently unavailable.

2215This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The encrypted PIN field format is invalid.

2216This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The ATM term ID is invalid.

2217This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. This transaction experienced a general message format problem.

2218This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The PIN block format or PIN availability value is invalid.

2219This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The ETC void is unmatched.

2220This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The primary CPU is not available.

2221This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. The SE number is invalid.

2222This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. Duplicate auth request (from INAS).

2223This transaction has been declined.This error code applies only to merchants on
FDC Omaha. This transaction experienced an

unspecified error.

2224This transaction has been

declined.

This error code applies only to merchants on

FDC Omaha. Please re-enter the transaction.

3243Recurring billing is not allowed

for this eCheck type.

The combination of values submitted for

x_recurring_billing and x_echeck_type is not allowed.

3244This eCheck type is not

allowed for this Bank Account Type.

The combination of values submitted for

x_bank_acct_type and x_echeck_type is not allowed.

3245This eCheck type is not

allowed when using the payment gateway hosted payment form.

The value submitted for x_echeck_type is not

allowed when using the payment gateway hosted payment form.

3246This eCheck type is not

allowed.

The merchant’s payment gateway account is not

enabled to submit the eCheck type.

3247This eCheck type is not

allowed.

The combination of values submitted for x_type

and x_echeck_type is not allowed.

3248The check number is invalid.Invalid check number. Check number can only

consist of letters and numbers and not more than 15 characters.

2250This transaction has been

declined.

This transaction was submitted from a blocked

IP address.

2251This transaction has been

declined.

The transaction was declined as a result of

triggering a Fraud Detection Suite filter.

4252Your order has been received.Thank you for your business!

The transaction was accepted, but is being held for merchant review. The merchant may customize the customer response in the Merchant Interface.

4253Your order has been received.Thank you for your business!

The transaction was accepted and was authorized, but is being held for merchant review. The merchant may customize the customer response in the Merchant Interface.

2254Your transaction has been

declined.

The transaction was declined after manual

review.

3261An error occurred during

processing. Please try again.

The transaction experienced an error during

sensitive data encryption and was not processed. Please try again.

3270The line item [item number] is

invalid.

A value submitted in x_line_item for the item

referenced is invalid.

3271The number of line items

submitted is not allowed. A maximum of 30 line items can be submitted.

The number of line items submitted in

x_line_item exceeds the allowed maximum of 30.

Note: Response code reasons that are not included in numerical order are reserved, or may not be applicable to this API.

HTTP Error Codes & Reason Text

HTTP CODERESPONSE REASON TEXTNOTES
503Our servers are currently too busy to handle your request. Please wait a minute and resubmit. Thank you.The payment gateway has momentarily reached transaction queuing capacity.

MD5 Hash Feature

The MD5 Hash feature enables you to authenticate that a transaction response is securely received from GoToBilling. The payment gateway creates the MD5 hash using the following pieces of account and transaction information as input:

  • MD5 Hash value
  • API Login ID (x_login)
  • Transaction ID (x_trans_id)
  • Amount (x_amount)


The MD5 Hash value is a random value configured by the merchant in the Merchant Interface. It should be stored securely separately from the merchant's Web server. To configure the MD5 Hash value: access the GoToBilling system (https://secure.gotobilling.com), go to Profile > Settings > Preferences Tab. For example, if the MD5 Hash value configured by the merchant is "myhashvalue," the API Login ID is "123456", the Transaction ID is 987654321, and the amount is $1.00, then the field order used by the payment gateway to generate the MD5 Hash would be as follows.

Sample of MD5 Hash input field order

myhashvalue1234569876543211.00

Note: The value passed back for x_amount is formatted with the correct number of decimal places used in the transaction. For transaction types that do not include a transaction amount, mainly Voids, the amount used by the payment gateway to calculate the MD5 Hash is 0.00. To authenticate the MD5 Hash returned by the payment gateway in the transaction response, you need to create a script that can receive and parse the transaction response, call the merchant's MD5 Hash value, and run the MD5 algorithm on the same fields listed above. If the result matches the MD5 hash returned by the payment gateway, the transaction response is successfully authenticated. Note: The MD5 Hash will be passed in transaction responses even if you do not set an MD5 Hash Value. 

Card Present Submission & Response

For Card Present transactions, the merchant and shopper are in the same physical location. The merchant will have a card reader (or “swipe terminal”) and receipt printer at the point of purchase. The card reader device reads the magnetic stripe on the back of the card and transmits the encoded information to the gateway. Once a transaction is approved, the merchant can print a receipt for obtaining the cardholder’s signature.

Minimum Requirements

FieldValueDescription
x_cpversion1.0
x_login Your login IDSee: Merchant Account Information
x_tran_keyYour transaction keySee: Merchant Account Information
x_market_type Your market type
x_device_typeYour device type
x_amountAmount of purchase inclusive of tax
x_track1 ORTrack 1 data from credit cardMust be supplied if neither x_track2 nor x_card_num and x_exp_date data is submitted.
x_track2 ORTrack 2 data from credit cardMust be supplied if neither x_track1 nor x_card_num and x_exp_date data is submitted.
x_card_num ANDCustomer's card numberMust be supplied if neither x_track1 nor x_track2 data is submitted.
x_exp_date Customer's card expiration dateMust be supplied if neither x_track1 nor x_track2 data is submitted.

Gateway Response API

This section describes the response returned by the gateway when a merchant server submits a transaction for processing. The response is a set of fields that give merchants information about the status of a transaction. The fields will be bar (‘|’) delimited by default or delimited by the character specified by the merchant. The merchant server can parse this data and determine the message to display to the customer.

Fields in the Gateway Response

The following table indicates the order of the fields returned in the AIM response from the gateway to the merchant server.

The following table indicates the order of the fields returned in the AIM response from the gateway to the merchant server.

POSITION IN RESPONSEFIELD NAME OF VALUE IN RESPONSEDESCRIPTION
1VersionSystem version used to process the transaction
2Response CodeIndicates the result of the transaction:
  • 1 = Approved
  • 2 = Declined
  • 3 = Error
3Reason Code A code representing more details about the result of the transaction.
4Reason Text Brief description of a result, which corresponds with the Reason Code.
5Authorization CodeContains the six-digit alphanumeric approval code.
6AVS CodeIndicates the result of Address Verification System (AVS) checks
7Card Code ResponseIndicates the results of Card Code verification
8Transaction IDThis number identifies the transaction in the system and can be used to submit a modification of this transaction at a later time, such as voiding, crediting or capturing the transaction.
9MD5 HashSystem-generated hash that may be validated by the merchant to authenticate a transaction response received from the gateway.
10User ReferenceEchoed by the system from the form input field x_user_ref.