GIDX Platform

Integration Guide, Preparation, Workflow, and API Reference.

Preparing for a Merchant Integration

Preparing for your merchant integration will include the following prerequisite items be implemented within your merchant environment. Regardless of your implementation type, services, or integration plan these items will be critical to the success of your integration with the GIDX Platform.

Merchant: Data Storage

The merchants system needs to have a solution for data management (Database, Tables, Stored Procedures, Views, etc.) so that you can store, track, and manage the information and interaction between the merchants environment and the GIDX Platform.

We have a "best practice" schema designed for this data store environment which can viewed below. This design model can be modified based on any existing data store design that may already be in place within your environment.

Merchant: Environment & Server Side Set-Up

Please review the information below regarding the set-up and configuration of your server environment as well as your account within the GIDX Portal.

Access to the most common code base for integration can be found within the GitHub and NuGet repositories following the links below.

GitHub: https://github.com/TSEVOLLC
NuGet: https://www.nuget.org/packages/GIDX.SDK/

GIDX / Merchant Environment Set-Up & Configuration

The following steps will help you with accessing your system credentials and setting up your account for use of the GIDX Environment.

Request a login to the GIDX Portal
Account access to the GIDX Portal cannot be shared across multiple devices or people at the same time. Doing so will void the account and continuous attempts to violate this policy will result of suspension of the entire account for all users within that company. Meaning: Do not share your account with someone else.
Login and Update your Password
Once you login to the GIDX Portal you will need to update your password to something only you will know; then you will need to login again to the account in order to access the different systems within the Portal.
Integration Set-Up
On the left side of the portal menu is a section labeled "Integration" / "Platform Sandbox", within this section you will need to do the following PRIOR to beginning your API integation.
Collect your API Access Integration Credentials
You will need your Sandbox API Key, Merchant ID, Product (Type) ID, Activity (Type) ID, and Device (Type) ID.
Manage your IP Address Restrictions
You will need to add your OUTWARD FACING Static IP Address for your development environment to our listing service. You can do this within the portal under the IP Addr. Restrictions section of the system.
If your development environment (or later your production environment) is not hosted behind a static IP address, like in the case of load-balancers etc. you can use the following instructions to set your system up securly for restricted IP access.
AWS: Amazon Web Services Hosting
- Basic: Assign an Elastic IP to an EC2 instance https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html
- Advanced: Scaling with either AWS Lambda or dynamically scaling EC2 instances, you should create a NAT Gateway and assign an Elastic IP address https://dev.to/alexanderdamiani/aws-lambda-with-a-static-ip-2g3l
Microsoft Azure: Cloud Web Services / Hosting
- Network Outbound for Azure — Ways to Get Static Outbound IP Address https://medium.com/marcus-tee-anytime/network-outbound-for-azure-ways-to-get-static-outbound-ip-address-304cec44d910
Google: Cloud Web Services / Hosting
- Connecting a Static outbound IP address via VPC egress to route all outbound traffic through a VPC network / Cloud NAT gateway https://cloud.google.com/run/docs/configuring/static-outbound-ip

Merchant: Client Side Code

The merchants client side interface has several HTML, META TAG, and JavaScript related requirements that must be in place in order for the GIDX Service to operate properly.

To view a completed sample HTML file click the button below. This example has all of the HTML, META TAG, and JavaScript items within a single file format to use as a guide when building your own client side interface.

JavaScript Client Side Code Details

Device & System Level Data Access

In order to properly integrate GIDX services you will need to collect data from the customers device. The two primary pieces of data that need to be collected from the customer for each visit that they make to your site/app are their current IP Address and their Device GPS data.

Customer Access Approval

The first thing you must do is get approval from the customer that you may access data from their device. You can do this by calling the getCurrentPosition() method using javascript and the browsers embeded Geo-Location API. Learn more about this process by going to this page https://www.w3schools.com/html/html5_geolocation.asp.

Note: If the customer "Blocks" your access to collecting location information that you should not let them participate in the paid services of your site/app.

Device Data: IP Address

The customers' device IP Address should be collected using server side code and accessing the information found in the browsers hearder-request to your server. The header value you should be accessing is the "X-Forwarded-For" value.

Device Data: Device GPS

The customers' Device GPS data should be collected using client side JavaScript Geo-Location API, you can learn more about this by going to https://w3c.github.io/geolocation-api/.

Note: The customer's IP Address AND Device GPS data should be accessed every time that they visit your site/app.

Function: gidxServiceStatus

The function gidxServiceStatus(service, action, json) provides real-time updates to the client interface regarding the customers activity during a Web Session. An example of this function is in the HTML Code Example and the values passed into the function variables are listed below.

ALERT! Please Read!

The gidxServiceStatus javascript function below is for !EXAMPLE ONLY! and contain variables specific to this example which may not be applicable to your specific code/implementation and may cause errors if you have not edited the information to match your specific scenario.

window.gidxServiceStatus = function (service, action, json) { 
    if (json && json.length) { 
        for (var i = 0; i < json.length; i++) { 
            for (var key in json[i]) { 
                if (json[i].hasOwnProperty(key)) { 
                    //Here you can look at the key and value to make decisions on what you would 
                    //like to do with the client side interface. 
                    var sItem = key; 
                    var sValue = json[i][key];
                    //Example 
                    if(sItem == "TransactionAmount"){ 
                        document.getElementById("DepositAmountDisplay").innerText(sValue);
                    } 
                } 
            } 
        } 
    } 
};

The variables to work with in this function are the "service", "action", and "json" values.

The service value tells you which "step" in the process that a customer is currently within.
The action value tells you what the activity is for this notification.
The json value provides you details about the action. In many cases the json value is empty/null.

Cashier Service: WebCashier

Below is a list of the service, action, and corresponding json values that you could encounter during the Payment process of the WebCashier Service.

Service	Action	JSON	Example Data
cashierPaymentAmount-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:20 GMT
	select	TransactionAmount	50
		TransactionBonus	10
cashierPaymentMethod-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	select	PaymentMethod	eCheck (ACH)
		SelectAction	ExistingPaymentMethod
			AddNewPaymentMethod
cashierAddMethod-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	select	SelectAction	AddAddress
cashierAddMethodAddress-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
cashierFinalize-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
cashierComplete-plate	start	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT
	end	UTCDateTime	Wed, 12 Nov 2016 00:01:19 GMT

WebReg Service: WebReg

Below is a list of the service, action, and corresponding json values that you could encounter during the Payment process of the WebReg Service.

Service	Action	JSON	Example Data
idInitiate-plate	start	UTCDateTime	Mon, 24 Jul 2017 22:48:27 GMT
	end	UTCDateTime	Mon, 24 Jul 2017 22:48:52 GMT
idValidation-plate	start	UTCDateTime	Mon, 24 Jul 2017 22:48:52 GMT
	end	UTCDateTime	Mon, 24 Jul 2017 22:49:25 GMT
idDocumentVerify-plate	start	UTCDateTime	Mon, 24 Jul 2017 22:49:25 GMT
	end	UTCDateTime	Mon, 24 Jul 2017 22:51:26 GMT
idAcctComplete-plate	start	UTCDateTime	Mon, 24 Jul 2017 22:48:27 GMT

Function: gidxServiceSettings

The function gidxServiceSettings() is required so that you can control parts of the UX/UI of the WebSession service. An example of this function is in the HTML Code Example and the variables set in this function are listed below.

window.gidxServiceSettings = function () {
    window.gidxContainer = "#GIDX_Service_Container";
    window.gidxBuildTimer = false;
    window.gidxBuildSteps = false;
};

The variables to work with in this function are "gidxContainer", "gidxBuildTimer", and "gidxBuildSteps".

The gidxContainer variable allows you to set the identifier of the DOM HTML element that the WebSession service will render. This should be the value of an ID and contain "#" at the beginning. Technically a "class" value will work but doing so may lead to errors if there is more than one element using that class name.
The gidxBuildTimer variable can be set to true or false, setting the value to true will add a timer to the UI that counts down from 20 minutes. This is the length of time that the customer has to complete the session service.
The gidxBuildSteps this has been deprecated. To accomplish this same functionality you should use the gidxServiceStatus function if you would like to display a heading for the customers current "step" in the session.

Function: gidxErrorReport

The function gidxErrorReport() alerts you to any Errors/Issues stemming from UX/UI of the WebSession service. An example of this function is in the HTML Code Example and the variables set in this function are listed below.

window.gidxErrorReport = function (error, errorMsg) {
    //error is the ID of the Error that is being fired.
    //errorMsg is the text description of the Error.
};

The variables to work with in this function are "error" and "errorMsg". Below is the library of ErrorID and ErrorMsg you will receive from the service for both the WebCashier service and the WebReg (Customer Identity Verification) service. NOTE: On non-verified customers you may experience both of these services within the WebCashier CreateSession API call.

WebReg Service: WebReg - gidxErrorReport(error, errorMsg)

Service Case:: Registration/IDInitiate
Error ID error:: 0
Error Msg Text errorMsg:: Initiate registration process failed.
Service Case:: Registration/IDValidation
Error ID error:: 1
Error Msg Text errorMsg:: ID Validation process failed.
Service Case:: Registration/IDLocation
Error ID error:: 2
Error Msg Text errorMsg:: ID Location Process failed.
Service Case:: Registration/IDLocationVerify
Error ID error:: 2
Error Msg Text errorMsg:: ID Location Process failed.
Service Case:: Registration/IDQuestion
Error ID error:: 3
Error Msg Text errorMsg:: ID Questions Process failed.
Service Case:: Registration/IDDocumentVerify
Error ID error:: 4
Error Msg Text errorMsg:: ID Document Verify Process failed.
Service Case:: Registration/Timeout
Error ID error:: 598-A
Error Msg Text errorMsg:: The Registration Session timed out.
Service Case:: Default / Generic
Error ID error:: -1
Error Msg Text errorMsg:: Unknown Registration Error

Cashier Service: WebCashier - gidxErrorReport(error, errorMsg)

Service Case:: Cashier/Initiate
Error ID error:: 0
Error Msg Text errorMsg:: Initiate cashier process failed.
Service Case:: Cashier/PaymentAmount
Error ID error:: 1
Error Msg Text errorMsg:: Loading cashier options for the merchant failed.
Service Case:: Cashier/PaymentMethodOptions
Error ID error:: 2
Error Msg Text errorMsg:: Loading cashier payment method options for this Profile failed.
Service Case:: Cashier/AddPaymentMethod
Error ID error:: 3
Error Msg Text errorMsg:: Adding a cashier payment method failed.
Service Case:: Cashier/ModifyPaymentMethod
Error ID error:: 4
Error Msg Text errorMsg:: Modifying a cashier payment method failed.
Service Case:: Cashier/VerifyPayment
Error ID error:: 5
Error Msg Text errorMsg:: Verifying the payment failed.
Service Case:: Cashier/Timeout
Error ID error:: 598-A
Error Msg Text errorMsg:: The Cashier Session timed out.
Service Case:: Default / Generic
Error ID error:: -1
Error Msg Text errorMsg:: Unknown Cashier Error

Merchant: System Rules

When using GIDX Platform Services the merchant will need to make decisions on how to assess Customers, Transactions, and Operations based on the Response, Callback, and Notification data provided; we refer to these decisions/actions as the "Merchant Rules".

An example of one of these Merchant Rules would be as follows...

Scenario: Customer Identify Verification

The ReasonCode value of the Response contains the following items ID-VERIFIED, LL-GEO-US-AL, ID-UA-19, DFP-HR, ID-EX

These ReasonCodes indicate that the customer...

Has passed the Identity Verification Service. ID-VERIFIED
Is currently located in the state of Alabama within the United States. LL-GEO-US-AL
Their age is under the age of 19. ID-UA-19
The device (PC, Mobile Phone, Tablet) has been flagged as being associated with High Risk activity. DFP-HR
The Identity Profile matches a previously verified customer for this merchants account. ID-EX

Based on these ReasonCodes the merchant will now need to decide how they would like proceed with this customer...

The customer's identity is Verified ID-VERIFIED, but their age indicates that they are under the age of 19 ID-UA-19, when the customer is considered "under age" based on their current location then the appropriate action needs to be taken during this Session. Other indicators such as ID-EX will tell you that this customer account already exist, you can get a list of the other Customers that match this customer account by doing another API call using this current customer's ID. The DFP-HR ReasonCode should also be noted on the customers account within the merchant's system, this means that the device that the customer is currently using has been involved in some high-risk behavior.

Recommended Data Store structure

The following table structure should be used as a guide for the merchants internal system. Based on the services utilized by the merchant you may be able to disregard portions of this structure.

Standard Fields for all tables
Note: It is suggested that all tables contain the following fields as best-practice.

Field Name	Data Type	Notes
RowID	number (bigint)	Incremental Index
DateCreated	DateTime2(7)	Set a default of `GetUTCDate()`

Open: Service Usage

These tables are designed to store the usage logs of GIDX Platform services.

Session
The Session table will store/log each call to a GIDX Platform service and can be used for tracking usage, reviewing possible errors, and as a reference to data sent or received from the GIDX Platform.

Field Name	Data Type	Notes
Standardized Fields
SessionID	uniqueidentifier	`Guid()`
ServiceType	string	This will be the name of the service that is called.
CustomerID	string	The unique Customer Identifier in the merchants local database.
DeviceLocation	string	Store the IP Address or Device GPS of the customer for this session.
SessionRequestRaw	string	Store the QueryString or JSON of the request that is being made to a GIDX Service.

SessionResponse
The SessionResponse table will store/log each response from the GIDX Platform for a previous service call. Keeping this data in a separate table from the "Session Request" will allow you to utilize it in other working scenarios other than the standard Request / Response of a Method. All Sessions (Method Request) will provide a "Response" in some form; and they may also generate one (or multiple) Callbacks from the GIDX Platform that are associated with a specific Session. Another scenario involves the Notification service which (if active on the Merchant Account) will provide real-time updates to data changes on a specific customer profile. These notifications can be stored within this table as well.

Field Name	Data Type	Notes
Standardized Fields
SessionID	uniqueidentifier	`Guid()` stored in the Session table. (Or generated when no previous SessionID is provided ie: Notification)
ServiceType	string	This will be the name of the service associated with the "Response".
CustomerID	string	The unique Customer Identifier in the merchants local database. This field is important when logging any Notifications associated with a customers profile.
ReasonCodes	string	The set of ReasonCodes associated with the Session. ReasonCodes returned in a Session Response should be monitored an trigger events and updates to the Customer Status.
SessionResponseRaw	string	Store the JSON response that is returned by the GIDX Service.

Open: Customer Data

These tables are designed to store customer data provided back from GIDX Services. Some of these tables may not be necessary if the equivalent is already present within the Merchant System. It is recommended that you evaluate the structure and overall methodology indicated below in this section regarding available customer data, encryption, and the security of private/sensitive data regarding storage compliance.

Customer
The Customer table will store the data associated with a customers profile. Please note that multiple data sets may be provided for a customer profile with the "Primary" data set marked as such when received from the CustomerProfile service.

Important Design Notations
The table below is design to store only a single set of data for the customer - it is recommended that the "Primary" data from each set is stored under this configuration. Alternatively, you can expand this table into multiple relational tables in order to store all data that is provided for a customer identity profile. IE: A single customer identity profile may contain multiple names, addresses, phone numbers, email addresses, etc.

Field Name	Data Type	Notes
Standardized Fields
CustomerID	string	The unique Customer Identifier in the merchants local database.
FirstName	string
LastName	string
DateOfBirth	Date	Stored in MM/DD/YYYY format
Citizenship	string	Stored as 2 digit ISO Alpha-2 Code
EmailAddress	string
PhoneNumber	string	Recommended to strip any formating of a phone number. IE: convert +1 (982) 555-1212 to 19825551212
Address1	string
Address2	string
AddressCity	string
AddressStateRegion	string
AddressPostalCode	string
AddressCountryCode	string	Stored as 2 digit ISO Alpha-2 Code
IdentityAccuracyScore	double	Score indicating the accuracy level of the identity data. (High number is good, Low number is bad)
FraudScore	double	Score indicating the confidence AGAINST fraud for the customer. (High number means they are trust worthy, Low number means they may have some issues)

CustomerStatus
The CustomerStatus table is recommend as a way to track the progress/changes to a customers Identity Verification. In most cases a customers Identity Verification status will not changes once they have been marked as "ID-VERIFIED" but there are instances when a customer may have their verification status updated based on new identity information, changes to compliance laws, etc.

Field Name	Data Type	Notes
Standardized Fields
SessionID	uniqueidentifier	`Guid()` stored in the Session table. (Or generated when no previous SessionID is provided ie: Notification)
CustomerID	string	The unique Customer Identifier in the merchants local database. This field is important when logging any Notifications associated with a customers profile.
IdentityStauts	bool	True / False

CustomerFlag
The CustomerFlag table is recommend as a way to track any important ReasonCodes or WatchCheck codes returned by a GIDX Service. These ReasonCodes & WatchCheck codes will most likely be in the SessionResponse table in their raw format but having a table specific to the Codes that you have determined are most important to a customers account will allow you to generate reports more easily and filter customers based on the assigned Codes.

Field Name	Data Type	Notes
Standardized Fields
Flag	string	ReasonCode provided in a Response.
CustomerID	string	The unique Customer Identifier in the merchants local database.

CustomerMonitor
The CustomerStatus table is recommend as a way to track the progress/changes to a customers Identity Verification. In most cases a customers Identity Verification status will not changes once they have been marked as "ID-VERIFIED" but there are instances when a customer may have their verification status updated based on new identity information, changes to compliance laws, etc.

Field Name	Data Type	Notes
Standardized Fields
SessionID	uniqueidentifier	`Guid()` stored in the Session table. (Or generated when no previous SessionID is provided ie: Notification)
CustomerID	string	The unique Customer Identifier in the merchants local database. This field is important when logging any Notifications associated with a customers profile.
ReasonCodes	string	List of ReasonCodes associated with this Customer and the CustomerMonitorSession
WatchChecks	string	List of WatchChecks associated with this Customer and the CustomerMonitorSession
LocationDetail	string	Details fo the Location
IdentityConfidenceScore	decimal	Score indicating the accuracy level of the identity data. (High number is good, Low number is bad)
FraudConfidenceScore	decimal	Score indicating the confidence AGAINST fraud for the customer. (High number means they are trust worthy, Low number means they may have some issues)

Open: Location Data

These tables are designed to store Location data provided back from GIDX Services. These tables may not be necessary of your implementation of GIDX Location Services will always be associated with an existing customer within your platform.

Location
The Location table is recommend as a way to monitor the location of users and customers of your system. If you are only using Location services on existing customers and not on "Visitors" you may not need this table in your environment since Location Data associated with a customer would be stored in the CustomerMonitor table.

Field Name	Data Type	Notes
Standardized Fields
SessionID	uniqueidentifier	`Guid()` stored in the Session table. (Or generated when no previous SessionID is provided ie: Notification)
CustomerID	string	The unique Customer Identifier in the merchants local database. Not required when storing data from "visitors" to your system.
LocationDetail	string	Details fo the Location

Open: Payment Data

These tables are designed to store payment transaction data provided back from GIDX Services. Some of these tables may not be necessary if the equivalent is already present within the Merchant System. It is recommended that you evaluate the structure and overall methodology indicated below in this section regarding available customer data, encryption, and the security of private/sensitive data regarding storage compliance.

Transaction
The Session table will store/log each call to a GIDX Platform service and can be used for tracking usage, reviewing possible errors, and as a reference to data sent or received from the GIDX Platform.

Field Name	Data Type	Notes
Standardized Fields
TransactionID	string	The local Transaction ID from the merchants internal system.
ActionType	string	PAY (Deposit by a customer into the merchants system) or PAYOUT (payment out to a customer from the merchants system)
SessionID	uniqueidentifier	`Guid()` stored in the Session table. (Or generated when no previous SessionID is provided ie: Notification)
CustomerID	string	The unique Customer Identifier in the merchants local database.
AmountProcess	decimal	The amount of the transaction that is processed by the bank/processing service.
AmountBonus	decimal	The amount of the transaction that is applied as a bonus / non-processed amount.
TransactionCurrency	string	USD or other ISO 4217 Currency Codes

TransactionStatus
The TransactionStatus table is recommend as a way to track the progress/changes of transactions during the Cashier, Deposit, Payout, and Processing process. A transaction may go through multiple stages during the deposit/payout process - storing each step in that process is helpful and can provide valuable information when tracking customer activity, bank settlements, and other non-realtime events in the payment process.

Note: The Transaction Status is a many to one relationship with the Transaction table. A transaction may have its status updated over time based on the nature of the process and payment method. Example: An ACH or PayPal transaction may first return a "Pending" status while the bank/service confirms that the funds are available and then later the status will be updated to "Complete".

Field Name	Data Type	Notes
Standardized Fields
TransactionID	string	From the original transaction table and corresponding merchant local system table.
StatusType	string	Pending, Complete, Failed, Processing, etc. (See API Response Codes)
TransactionScore	decimal	Score indicating the financial security level of the transaction. (High number is good, Low number is bad)
TransactionType	string	Credit / Debit - this should correspond with the original Action of the transaction.
TransactionMethod	string	Text description of the payment method used by the customer.
TransactionMethodType	string	Type of payment method used: CC, ACH, EWALLET, etc.
TransactionMethodAccount	string	Account of the payment method used: VISA, MC, AMEX, PAYPAL, etc.
ApprovalDateTime	DateTime2(7)	DateTime that the transaction was approved `UTC Date Time`
StatusDateTime	DateTime2(7)	DateTime that the status was applied `UTC Date Time`
StatusDateTime	DateTime2(7)	DateTime that the bank/service provided the processing `UTC Date Time`
AmountProcess	decimal	The amount of the transaction that is processed by the bank/processing service.
AmountBonus	decimal	The amount of the transaction that is applied as a bonus / non-processed amount.

Merchant Preparation

Additional Resources