Sagepay Related Security Key Missing

Question

I have found issues similar to this. But I wanted to explain my case as I haven't found a suitable answer.

I have my Ticketing System in which I have implemented Sage Pay. When I make a transaction it will get redirected to SagePay and the Transaction will be completed. Now If I want to refund the Payment I need to go to SagePay, login there, select the Order which has to refunded and then refund it. So instead I thought of implementing it in my Ticketing System. When the transaction is completed through SagePay a response code is generated which looks similar to this .

Array ( [VendorTxCode] => 14-11-04-16-19-30-8989049 [VPSTxId] => {8D7FC333-9979-DA1C-32E0-AAA2CC1A31FB} [Status] => OK [StatusDetail] => 0000 : The Authorisation was Successful. [TxAuthNo] => 164996 [AVSCV2] => SECURITY CODE MATCH ONLY [AddressResult] => NOTMATCHED [PostCodeResult] => NOTMATCHED [CV2Result] => MATCHED [GiftAid] => 0 [3DSecureStatus] => NOTCHECKED [CardType] => VISA [Last4Digits] => 0006 [DeclineCode] => 00 [Amount] => 10.00 [BankAuthCode] => 999777 )

Now in order to refund the transaction I need to have RelatedSecurityKey which is not being sent by SagePay. When I go to Sage Pay, get the Security Key and Hard code the value in my Refund API I am able to refund the Transaction. Is there any way to get the Security Key in my Ticketing System. If so how?

Answer 1

If you are using Server, you will get a security key as part of the response to the initial transaction registration post. You can then pass this back with the Refund posts as RelatedSecurityKey.

If you are using Form, you won't get this value sent back. In this instance, you could use the Reporting API to get the Security key (getTransactionDetail command) instead of logging into My Sage Pay.