Vend::Payment::Signio(3) Interchange support for Payflow Pro SDK versions 2 and 3


Please note that PayPal purchased the Payflow Pro business from Verisign, and this payment module is expected to stop functioning in September 2009, as it uses the v2/v3 pfpro SDK that will no longer be supported. Details are here:

It is strongly recommend that you switch to using Vend::Payment::PayflowPro as soon as possible, and stop using this module.


[charge mode=signio param1=value1 param2=value2]


Verisign/Signio Payflow Pro, Version 2.10 or higher


Verisign's interface requires a proprietary binary-only shared library; thus you must download the appropriate package for your platform from Verisign. On Linux, the archive you download is pfpro_linux.tar.gz. It includes documentation you should consult. Here's a brief installation guide for someone using Linux with root access:
Copy the payflowpro/linux/certs directory to VENDROOT, your Interchange root directory (perhaps /usr/lib/interchange or /usr/local/interchange). This contains a single file with the client SSL certificate required to authenticate with Verisign's https server.
Install payflowpro/linux/lib/ somewhere on your system fit for shared libraries, such as /usr/lib, or else in VENDROOT/lib.
Build the Perl module:
  • cd payflowpro/linux/perl
  • If you installed somewhere other than in a standard location for shared libraries on your system, edit line 6 of Makefile.PL, so that ``-L.'' instead reads ``-L/path/to/'' with the correct path.
  • perl Makefile.PL && make && make test
  • As root, make install

Using is the best way to interact with Payflow Pro. However, if you can't get it to work for whatever reason, you may also use either of two small wrapper binaries, pfpro and pfpro-file, designed to be called from the shell. Interchange must fork and execute the binary, then retrieve the Verisign response from a temporary file. This module will automatically fall back to using one of them if it can't find when Interchange is started.


The Vend::Payment::Signio module implements the signio() payment routine for use with Interchange. It is compatible on a call level with the other Interchange payment modules.

To enable this module, place this directive in interchange.cfg:

    Require module Vend::Payment::Signio

This must be in interchange.cfg or a file included from it.

NOTE: Make sure CreditCardAuto is off (default in Interchange demos).

The mode can be named anything, but the "gateway" parameter must be set to "signio". To make it the default payment gateway for all credit card transactions in a specific catalog, you can set in catalog.cfg:

    Variable   MV_PAYMENT_MODE  signio

It uses several of the standard settings from Interchange payment. Any time we speak of a setting, it is obtained either first from the tag/call options, then from an Interchange order Route named for the mode, then finally a default global payment variable. For example, the "id" parameter would be specified by:

    [charge mode=signio id=YourPayflowProID]


    Route signio id YourPayflowProID

or with only PayflowPro as a payment provider

    Variable MV_PAYMENT_ID      YourPayflowProID

The active settings are:

Your account ID, supplied by VeriSign when you sign up. Global parameter is MV_PAYMENT_ID.
Your account password, selected by you or provided by Verisign when you sign up. Global parameter is MV_PAYMENT_SECRET.
Your account partner, selected by you or provided by Verisign when you sign up. Global parameter is MV_PAYMENT_PARTNER.
Your account vendor, selected by you or provided by Verisign when you sign up. Global parameter is MV_PAYMENT_VENDOR.
The type of transaction to be run. Valid values are:

    Interchange         Payflow Pro
    ----------------    -----------------
        sale                S
        auth                A
        credit              C
        void                V
        settle              D (from previous A trans)

Default is "sale".

The following should rarely be used, as the supplied defaults are usually correct.

This remaps the form variable names to the ones needed by Verisign. See the "Payment Settings" heading in the Interchange documentation for use.
The payment gateway host to use. Default is "", and "" when in test mode.
Name of a Sub or GlobalSub to be called after the result hash has been received from Verisign. A reference to the modifiable result hash is passed into the subroutine, and it should return true (in the Perl truth sense) if its checks were successful, or false if not.

This can come in handy since, strangely, Verisign has no option to decline a charge when AVS or CSC data come back negative. See Verisign knowledge base articles vs2365, vs7779, vs12717, and vs22810 for more details.

If you want to fail based on a bad AVS check, make sure you're only doing an auth --- not a sale, or your customers would get charged on orders that fail the AVS check and never get logged in your system!

Add the parameters like this:

        Route  signio  check_sub  avs_check

This is a matching sample subroutine you could put in interchange.cfg:

        GlobalSub <<EOR
        sub avs_check {
                my ($result) = @_;
                my ($addr, $zip) = @{$result}{qw( AVSADDR AVSZIP )};
                return 1 if $addr eq 'Y' or $zip eq 'Y';
                return 1 if $addr eq 'X' and $zip eq 'X';
                return 1 if $addr !~ /\S/ and $zip !~ /\S/;
                $result->{RESULT} = 112;
                $result->{RESPMSG} = "The billing address you entered does not match the cardholder's billing address";
                return 0;

That would work equally well as a Sub in catalog.cfg. It will succeed if either the address or zip is 'Y', or if both are unknown. If it fails, it sets the result code and error message in the result hash using Verisign's own (otherwise unused) 112 result code, meaning ``Failed AVS check''.

Of course you can use this sub to do any other post-processing you want as well.


Try the instructions above, then enable test mode. A test order should complete.

Then move to live mode and try a sale with the card number "4111 1111 1111 1111" and a valid future expiration date. The sale should be denied, and the reason should be in [data session payment_error].

If it doesn't work:

  • Make sure you ``Require''d the module in interchange.cfg:

        Require module Vend::Payment::Signio
  • Make sure the Verisign "" shared library was available to PFProAPI.xs when you built and installed the module, and that you haven't moved "" since then.

    If you're not using the PFProAPI Perl interface, make sure the Verisign "pfpro" or "pfpro-file" executable is available either in your path or in /path_to_interchange/lib.

  • Check the error logs, both catalog and global.
  • Make sure you set your account ID and secret properly.
  • Try an order, then put this code in a page:

            my $string = $Tag->uneval( { ref => $Session->{payment_result} });
            $string =~ s/{/{\n/;
            $string =~ s/,/,\n/g;
            return $string;

    That should show what happened.

  • If all else fails, consultants are available to help with integration for a fee. You can find consultants by asking on the "[email protected]" mailing list.


Because this library may call an executable, you should ensure that no untrusted users have write permission on any of the system directories or Interchange software directories.


There is actually nothing *in* Vend::Payment::Signio. It changes packages to Vend::Payment and places things there.


        Cameron Prince <[email protected]>
        Mark Johnson <[email protected]>
        Mike Heins <[email protected]>
        Jon Jensen <[email protected]>