Troubleshooting: Difference between revisions

From Barion Documentation
Jump to navigation Jump to search
No edit summary
Line 49: Line 49:


== Using deprecated or obosolete encryption methods ==
== Using deprecated or obosolete encryption methods ==
All communication with the Barion system must be done using TLS v1.1 / 1.2 - former encryption standards (SSLv3, TLS1.0 etc.) are not allowed!
All communication with the Barion system must be done using TLS v1.1 / 1.2 - former encryption standards (SSLv3, TLS1.0 etc.) are not allowed! You can test your solution in the Sandbox server, where TLS 1.0 has already been disabled.

Revision as of 11:46, 18 July 2018

CHANGE
TLS 1.0 will be no longer supported, switch to TLS 1.1 / 1.2 now, otherwise your Barion implementation will not work!

Troubleshooting - list of common pitfalls

Before contacting support, please run through the list of common pitfalls. This will save both you and us a lot of time. Here we go with the list.

Polling the server instead of using the callback

Many developers fail to implement the callback mechanism. Instead, they either rely on faulty strategies:

Calling GetPaymentState only when the customer is redirected to the shop This approach only works if the customer actually returns to the shop. If the user closes the browser after payment, but before returning to the shop, the merchant will not get notified about the successful payment. As a result, some developers choose to poll the server periodically. We strongly recommend using the callback.
Polling the server with GetPaymentState calls This approach floods the Barion servers with unnecessary API calls, slowing it down. It is also more complex to code and to test. We strongly recommend using the callback.

Always rely on the callback. The Barion server retries the callback 5 times, so the chances of losing a payment is very little.

IMPORTANT
Flooding the Barion servers with unnecessary API calls may lead to suspension of the shop

Mixing up sandbox and live accounts

It is very easy to mix up Live and Sandbox environments. Since the two systems are totally separated, you can have an account with the same e-mail address in both systems. Double check, if you can not log on.

Forgot to update POSKey to live

It is very easy to mix up Live and Sandbox environments. A very common mistake is to not update the POSKey to the Live server when going live. Same goes to URL-s.

Shop not approved

Log on to Barion Web App and check if your shop is approved and open. The Sandbox server does it automatically, but the Live requires human approval.

Paying in your own shop

If you try to pay as the owner of the shop that started the payment (meaning the payer and payee e-mail addresses are the same), you will get an error message. You cannot pay in your own shop.

Bank card payment with extreme low amounts

Bank card payments do not work with very small amounts such as 1 HUF or 0.02 EUR. Please use the following amounts for card transactions, even when testing!

  • HUF: 10 HUF or more
  • EUR: 0.10 EUR or more
  • USD: 0.10 USD or more

Authentication error upon request

If you have managed to avoid all problems mentioned above, yet you still receive an API response showing 'Authentication error', check your request JSON for errors. Broken multibyte strings or unescaped special characters can render the JSON unparseable, which prevents the Barion API from identifying your POSKey, resulting in an authentication error.

Firewall rejects GUID

Some firewalls produce a false positive when long GUID-s travel in https requests.

Wrong or missing API version

If you omit the version from the URL, the system assumes V1. In case of a V2 API, this will lead to an error. The correct way to call V2 API-s is https://api.test.barion.com/v2/Payment/Start on the sandbox.

Using deprecated or obosolete encryption methods

All communication with the Barion system must be done using TLS v1.1 / 1.2 - former encryption standards (SSLv3, TLS1.0 etc.) are not allowed! You can test your solution in the Sandbox server, where TLS 1.0 has already been disabled.