Implementing HSBC API with PAS

[pps_dev]

Hi folks,

 

Has anybody had any experience of implementing HSBC's API with PAS? I've done the API which works fine, posting an XML script to HSBC's server, however I am having trouble with the PAS which covers MasterCard SecureCode and Verified by Visa.

 

Their documentation says I have to send a HTTPS POST to their URL, then the user enters their "secret information" or enrols in the service and I will receive a HTTPS POST as a reply.

 

This is all well and good but I am really struggling with the logic of it. It's possible I'm being stupid but here's my problem:

 

At the minute my flow of events is this:

 

User enters their credit card and address details, then clicks Submit. I check the details using PHP and post an XML string using cURL. I receive a reply immediately with the success of the request. I tell the user the outcome.

 

Now though, I'm having trouble fitting the new section in. If I direct the user in the first place to the HSBC URL, I will either have to store their credit card details in $_SESSION variables or in a DB - which I don't really want to do - or I will lose them as they are not returned in the HTTPS POST from HSBC.

 

I am having trouble POSTing this data using cURL - however, this still leaves me without the user's credit card details when the HTTPS POST comes back.

 

It's probable I'm missing something simple but have been on it a couple of days and made no progress whatsoever.

 

Any help would be greatly appreciated!

 

Thanks

 

pps_dev