• 10.0.0 - 10.0.24
    541 201 9965 Email Website
  • Contents

    Home > Setup & Configuration > Payment Gateways > Cybersource HOSTED

    Cybersource HOSTED


    The CyberSource HOSTED payment gateway simplifies the checkout process. During checkout, the shopper is redirected to a Hosted Order Page where Cybersource handles the details of payments. This makes it easier to ensure payments to your store are secure without making life harder for the shopper.


    In Cybersource HOSTED, there are specific settings for the test and production environments. Test settings typically end with ".Test", while production settings will not have that suffix.

    In the Configuration - Site Setup Wizard - Payment Processing Solutions area there are two options to setup the Cybersource HOSTED gateway: "configure test mode" for test environment setup, or "configure" for live account setup.

    Configurable Settings

    These settings must be configured correctly for Cybersource HOSTED to function.

    • CyberSourceHosted.IgnoreAvs(.Test) - When true, this setting causes credit card Address Verification System (AVS) errors to be ignored on the Hosted Order Page. It is recommended that you leave this false in order to take advantage of Cybersource HOSTED payment address verification.

    • CyberSourceHosted.MerchantID(.Test) - Also known as your Vendor ID, Account ID or Organization ID, this is the ID tied to your Cybersource Business Center account.
      NOTE: Found through Cybersource Business Center, listed at the top of the page when logged in. For the TEST center, login here.

    • CyberSourceHosted.SecureAcceptance.ProfileID(.Test) - This ID is generated by Cybersource on creation of a Secure Acceptance profile (Payment Configuration - Secure Acceptance Settings - NEW PROFILE) . It is a series of letters and numbers separated by dashes which represents the profile.
      NOTE: This can be found in the profile in Cybersource's Business Center through Payment Configuration ->Secure Acceptance Settings ->(Your Active Profile)

    • CyberSourceHosted.SecureAcceptance.AccessKey(.Test) - The Access Key allows for communication between your store and the Cybersource Secure Acceptance profile used to accept payments. The Access Key can be generated from your CyberSource Business Center account from the "Security" tab within the Secure Acceptance Settings - Profile - Security settings.
      NOTE: Generated from the Security tab within Secure Acceptance Settings ->(Your Active Profile) ->(+) Create Key or View (eyeball) selected existing key

    • CyberSourceHosted.SecureAcceptance.SecretKey(.Test) - This key is generated at the same time as the Secure Acceptance Access Key (CyberSourceHosted.SecureAcceptance.AccessKey). Both keys must be set to enable Cybersource HOSTED.
      NOTE: Generated from the Security tab within Secure Acceptance Settings ->(Your Active Profile) ->(+) Create Key or View (eyeball) selected existing key

    • CyberSourceHosted.UsePit.Test - Configures the Pit URL (CyberSourceHosted.PitUrl.Test) to be used for test requests. This should remain false unless actively testing Cybersource HOSTED in conjunction with CyberSource Support.

    Reference Settings

    Although these URL settings can be viewed, they are automatically configured and should not be changed.

    • CyberSourceHosted.SecureAcceptance.FullAuthUrl(.Test) - The URL used to process Secure Acceptance transactions (Full Authorization payments).
    • CyberSourceHosted.LiveUrl - The live server.
    • CyberSourceHosted.PitUrl.Test - Used when CyberSource Support is assisting with your CyberSource HOSTED setup. For testing only.
    • CyberSourceHosted.TestUrl - The test server.

    Frequently Asked Questions

    Q: When I try to void a transaction, it always fails with the following error even if the capture has not been done: "The capture or credit is not voidable because the capture or credit information has already been submitted to your processor. Or, you requested a void for a type of transaction that cannot be voided."

    A: A transaction can only be voided if CyberSource has not yet submitted the debit or credit information to your processor. Usually CyberSource submits that type of information to your processor once a day, so your window for successfully performing a void is relatively small. CyberSource will decline your void request if the debit or credit information has already been sent to the processor. CyberSource supports the void service for the following processors: Chase Paymentech Solutions TeleCheck When you void a transaction, the transaction is at the end of its life. You cannot undo a void, and you cannot perform a follow-on credit for a debit that has been voided.

    Q: Can I use my Bank of America account through CyberSource?

    A: Yes, CyberSource supports Bank of America accounts. See here for more information. For more information about CyberSource error messages, go to the CyberSource page where they have a list of reason codes for the errors and contact CyberSource support directly if you are experiencing these, they should be able to assist you further.

    Q: I'm testing Cybersource HOSTED and when the Hosted Order Page tries to return to my site it spins and then my site crashes. What's going on?

    A: Cybersource HOSTED requires a valid HTTPS certificate is set up for your site both in production and when testing. If your site is using HTTP then Cybersource HOSTED will run into issues when returning to your site after collecting payment.

    Print This Article
    Email This Article
    Previous Article
    Next Article