Skip to main content

Passback

The passback is a method for providing information back to your website from a QuickStream hosted solution. The passback is sent as a HTTPS POST (or HTTPS GET if required) from the following hosted solutions once the end-user completes the process:

The passback is sent to the returnUrl parameter provided in a Secure token request.

Example passback

POST /thankyou HTTP/1.1
Host: yoursite.com.au

communityCode=<YOUR_COMMUNITY_CODE>
&supplierBusinessCode=<YOUR_SUPPLIER_CODE>
&surchargeAmount=24.00
&paymentAmount=624.00
&paymentReference=INVOICE1
&customerReferenceNumber=CUSTOMER1
&receiptNumber=1003548481
&responseCode=00
&responseDescription=Approved+or+completed+successfully
&summaryCode=0
&createdDateTime=10+Jan+2017+01%3A11%3A31
&settlementDate=20170110
&cardholderName=John Smith
&maskedCardNumber=456471...004
&cardScheme=VISA
&expiryDateMonth=04
&expiryDateYear=2020
&hmac=13c747bb128c69cca9697c7d63ad5161ccce3c658951ea85ffe239e0a908fa16

Common parameters

These parameters can be provided back for:

Parameter name Format Description
communityCode string Your community code. This is the same value provided in a Secure token request. See View your connection details.
supplierBusinessCode string Your supplier business code. This is the same value provided in a Secure token request. See View your connection details.
customerReferenceNumber string A reference for the customer if provided in a Secure token request or entered by the end-customer.
cardholderName string The card holder name for card payments.
maskedCardNumber string The masked card number showing the first 6-digits and the last-3 digits for card payments. For example 456471xxxxxxx004.
cardScheme string The type of card for card payments. One of VISA, MASTERCARD, AMEX, DINERS, UPOP, JCB.
expiryDateMonth string The 2-digit expiry date month for card payments. For example 03 for March.
expiryDateYear string The 4-digit expiry date year for card payments. For example 2031.
accountName string The account name for bank account payments.
accountNumber string The masked account number for bank account payments. For example xxxxxx789.
bsb string The masked BSB for bank account payments. For example xxx-000.
custom<Custom name> string Custom parameters provided in a Secure token request.
hmac string A HMAC_SHA256 signed string of the parameters in the passback. Use this to validate that the parameters in the passback were not tampered. See Validating the HMAC.

Web payment parameters

These parameters can be provided back for:

Parameter name Format Description
paymentAmount string The total transaction amount including any surcharge calculated. The amount is in dollars and cents. For example: 1015.00.
surchargeAmount string The surcharge amount that was included in the transaction. The amount is in dollars and cents. For example: 15.00.
receiptNumber string The unique receipt number generated by QuickWeb. This value can be used later to locate this payment in QuickStream.
paymentReference string A reference for the payment if provided in a Secure token request or entered by the end-customer.
responseCode string A Transaction response code.
responseDescription string A description of a Transaction response code.
summaryCode string The summary code of a Transaction response code.
createdDateTime Date dd MMM yyyy hh:mm The created date and time of the payment on the server in Sydney Australia. For example 20 Jun 2012 15:04.
settlementDate Date yyyyMMdd Transaction settlement date of the payment. For example 20120620.
preregistrationCode string The QuickVault account token for the registered payment account.

Web invoice payment

These parameters can be provided back for:

Parameter name Format Description
secondaryIdentifier string The value of the secondary identifier.
comment string The value of the dispute/comment box.
invoiceNumberX string For example invoiceNumber1, invoiceNumber2. The invoice numbers allocated to this payment. Pair invoiceNumber1 with paymentAmount1 and so on.
paymentAmountX string For example paymentAmount1, paymentAmount2. The invoice amount allocated to this payment. Pair paymentAmount1 with invoiceNumber1 and so on.

Web tokenisation

These parameters can be provided back for QuickVault Web registration.

Parameter name Format Description
preregistrationCode string The QuickVault account token for the registered payment account.
action string One of the following values will be returned:
Registered (if the account was successfully registered) or Cancelled (if the customer clicked the 'Cancel' button during the registration process)
Westpac Privacy Statement

Privacy Statement (for individuals whose personal information may be collected - in this clause referred to as "you"). All personal information we collect about you is collected, used and disclosed by us in accordance with our Privacy Statement which is available at Privacy Statement or by calling us through your relationship manager or Westpac representative. Our Privacy Statement also provides information about how you can access and correct your personal information and make a complaint. You do not have to provide us with any personal information but, if you don't, we may not be able to process an application or a request for a product or service.