SPF stands for Sender Policy Framework. In an SPF record you can define which servers can send emails on behalf of your domain name. A receiving server can, among other things, decide on the basis of the SPF record to let an email pass, mark it as unsafe or refuse it altogether.
We do use an SPF record to prevent our emails from being marked as spam.
The following TXT record can be added to the DNS of the customers:
v = spf1 ip4: 22.214.171.124/23 mx
v = spf1 ip4: 126.96.36.199/22 mx
We are currently looking for Magento merchants willing to test Option 2 (please see below), the utm_nooverride=1 parameter method. Please get in touch with our Integration Team at [email protected] if this is something interesting for you and we will further assist you in setting it up.
Analytics have opened up a new universe about users’ needs and wants, about how you can deliver better experiences and about how you can be closer to your customers. For many, Google Analytics is a household name and sometimes the only tool available to better understand your customers.
In most customers’ online shopping journey, a payment gateway or another third-party is almost always involved to facilitate successfully paying online. In implementing a payment gateway’s services, it is sometimes the case that some traffic needs to be sent to the third-party’s website and then back to your merchant website. This results in visits to your website that are not correctly tracked and that for example, have the gateway as source and referral as medium instead of your own website as source and direct as medium.
Google Analytics reports will be this way unreliable and will not capture the right picture of where you convert as a merchant. This happens because Google Analytics will start a new session whenever a user comes to the site from a traffic source different the previous one (and when it’s not a direct visit), even though the previous session has not expired.
e.g. A customer chooses to pay through iDEAL (redirect) and is prompted with the bank selection in the checkout phase. The customer will now land on the bank’s payment page and will “exit” the session momentarily, only to come back to your success page. The customer is now counted as a new visitor, even though a new session has not been initiated.
Fortunately, there are two ways to mitigate this issue.
In Google Analytics, it is possible to exclude referral domains. As explained above, this is a common fix to prevent third-party shopping carts from starting second sessions. When the third-party shopping cart is in the exclusion list, a user will no longer initiate a new session, and won’t be counted as a referral when they return to your order-confirmation page, after checking out on the third-party site. This way, the customer is not counted as a new visitor to the landing page after a payment is done.
Instructions about this can be found on the dedicated Google Analytics page.
This feature is only available for websites using gtag.js or analytics.js. Using ga.js (Classic Analytics) will stop Referral Exclusions from working.
To add the domains for exclusion, in your Google Analytics interface, go to Admin -> Tracking Info -> Referral Exclusion List and type in:
*.wlp-acs.com *.securecode.com *.arcot.com 3dsecure.icscards.nl paypal.com tpeweb.paybox.com acs.netcetera.ch 3dsecure.paylife.at 3d-secure-code.de clicksafe.lloydstsb.com mastercardsecurecode.sparkassen-kreditkarten.de 3ds.e-cartebleue.com acs-3dsecure.cm-cic.com *.multisafepay.com www.abnamro.nl *.asnbank.nl ideal.bunq.com ideal.ing.nl ideal.knab.nl betalen.rabobank.nl *.snsbank.nl *.regiobank.nl ideal.triodos.nl ideal.vanlanschot.com ideal.moneyou.nl *.kbc.be *.belfius.be *.ing.be *.paysafecard.com *.alipay.com *.trustly.com verified-by-visa.ing-diba.de 3d-secure.pluscard.de 3dsecure-cardprocess.de 3dsecure.bw-bank.de 3dsecure.deutsche-bank.de geschuetzteinkaufen.commerzbank.de giropay.postbank.de ideal.ing.nl ps4acs.netcetera-payment.ch sofort.com verifiedbyvisa.comdirect.de
This method dates back to the times when Google Analytics would not start a new session unless an old one has expired.
utm_nooverride=1 is a parameter that needs to be added to your payment gateway return pages. For example, if the page looks like
checkout/payment/success, you will need to provide your gateway with the following URL:
/checkout/payment/success?utm_nooverride=1. This way, Google will know that the customer’s initial session is still in progress and will ignore the referrer information for the “new” session.
In your code, the parameter should look like this:
$this->_redirect('checkout/onepage/success', ['utm_nooverride' => '1']) .
Make sure that you do this for all the links from the payment gateway to your website!
For any further information, please refer to the Integration Team at [email protected]
MultiSafepay processes the following currencies as standard and available with all payment methods:
Those are all the currencies available for Visa, MasterCard and Maestro:
MultiSafepay can accept on request new currencies for Visa, MasterCard and Maestro not leasted in the previous list.
When multiple currencies are enabled within your MultiSafepay Control, all currencies will be shown under Finance -> Balance.
In order to enable more currencies in your MultiSafepay Control, please submit your request with our Support department via [email protected]
Although MultiSafepay provides all currencies, all incoming and outgoing transactions are processed in Euros (EUR) as standard currency. To process a payout, you must provide us with a business bank account that is able to receive funds in the requested currency.
When you request an extra currency to be added to your MultiSafepay Control, you need to follow a few steps in order to ensure transactions can be processed in that particular currency and that no currency conversion is needed:
Add a business bank account in your MultiSafepay Control that is able to receive the currency. This can be done through Finance -> Balance -> Add bank account
Process a bank transfer in the requested currency to confirm the business bank account
Once the above has been processed, you can inform the Support department [email protected] to complete the verification procedure. The Risk Team will finalize your request.
Within your MultiSafepay Control, you will have the possibility to convert the currency to Euros (EUR). This can be done through Finance -> Currency Conversion. Take into account the exchange rate and/or costs involved
If a business bank account that can receive the currency as is has been added to your MultiSafepay Control (and approved by our Risk Team), a payout can be processed without currency conversion.
For example, the currency dollar (USD) is paid out in dollar (USD) and received on your business bank account in the dollars (USD) as well.
For any inquiries on currencies and the full functionality of your MultiSafepay Control, our Support team is happy to asisst you via [email protected]
You can edit the email address listed under “Financial email”, by following these steps:
Reverse-charging VAT is possible in the event that you use our payment services, but are registered as a non-Dutch company. Please check the dedicate FAQ page on VAT reverse-charging for more information.
MultiSafepay Payment pages support the following languages:
MultiSafepay continuously works hard to ensure a secure payment infrastructure. We regularly carry out updates and maintenance as it is necessary to maintain a high level of security. The TSL/SSL certificate is issued by a CA (Certification Authority) and requires periodic renewals and updates to be performed by MultiSafepay.
On January 22nd at 09:00 (GMT+1) MultiSafepay will update its SSL certificate to guarantee the safety of our infrastructure and communication. This renewal ensures that the communication uses the latest security standards to protect both you and us.
In general, this update will not affect your systems or payment processing of transactions. As we take all the measures to ensure that the updates and maintenance will not disrupt server communication, we expect web shops integrating our payment platform not to be affected.
If the certificate is being stored and validated on an outdated platform, you may run into issues. If this occurs, please contact us at [email protected]
The affected systems are the following:
The new certificates are already loaded to our merchant test platform. If you want to validate whether your infrastructure can handle the renewed certificates, you can submit a transaction request to one of the following test addresses:
Commonly speaking, a domain is considered secure when the URL presents the wording “https”. It also indicates that the domain possesses a TSL/SSL certificate. More information on the certificate can be found clicking on the lock symbol appearing before the URL in the browser bar.
The purpose of a style guide is to ensure consistency in any documentation or website. It may vary from how we spell the name of our company to the color codes we use for our logo.
Below you will find all kinds of style conventions we apply.
We spell our name with a capitalized M and S in MultiSafepay. Commonly mistaken with a capitalized P.
MultiSafepay is the correct convention.
We have various logos for different types of backgrounds:
We keep our colors clean, clear and simple. Just like our products and services.
Our tagline is Smart Payment Services.
We can use our tagline individually or combined with the logo. Header font size: 30pt.
We use sub headers to help engage our message. The sub header states ‘MultiSafepay technology is awesome’. Font size: 16pt.
For a complete list of the logos of all payment methods MultiSafepay offers, as well as MultiSafepay’s own logos, please refer to our dedicated GitHub repository
If you are unable to find the logo you are looking for, please contact us at [email protected] and we will be glad to assist you further.
In order to prevent a failed offline action for a status update (for instance by a HTTP 403 response), it is sometimes necessary to authorize our servers’ ip address on your notification URL.
To do so, please add the following IP ranges to your whitelist: