• Virtual POS

Virtual POS Transactions General Concepts

Garanti Virtual POS is a secure payment solution created to receive credit card payments for online sales.

Merchants can open an online branch in their stores and turn it into a sales platform that never closes with Garanti Virtual POS. This contributes to increasing both the number of customers and turnover.

The following transactions are generally performed under Garanti Virtual POS:

  • Sales Transactions
  • Common Payment Page Operations
  • Cancellation Procedures
  • Refund Procedures
  • Closing Operations
  • Inquiry Procedures

This document describes the steps required for merchants to provide non 3Ds Additional Field transactions under Garanti Virtual POS, the operations that must be performed within each step, and the structures of the transaction requests sent and response messages received.

Virtual POS Additional Area Transactions

Within the Virtual POS request structure, the request structure can be modified with different additional fields in accordance with different needs. These additional fields and their purposes are briefly explained below.

1. Address Sending:

Address information can be sent to VirtualPoS during the transaction. The information sent is displayed on the order detail pages for information purposes.

2. Product Information Submission:

Information about the product sold during the purchase can be sent to the Virtual POS with the transaction. In this case, product information is displayed in transaction details and product report pages.Information about the product sold during the purchase can be sent to the Virtual POS with the transaction. In this case, product information is displayed in transaction details and product report pages.

3. Custom Field Submission:

It is a structure that allows some special information to be received during the transaction to appear on virtual pos screens and documents received from virtual mail.

The 1st special field among the special fields is sent to Garanti Bank. This field is shown in the reports received by the bank.

With the change made in the workplace definitions, it can be ensured that the values sent in this field appear in the card in-period transactions and card statements in the workplace name field.

For the use of custom fields, the workplace admin user must activate the custom fields to be used from the custom field definitions. Custom fields sent without being activated will cause an error. If you want the special field number 1 to go to the bank side, the phrase "appear on the bank side" should be checked.

In order for the custom fields to appear on the listing screens, they must be selected by the user from the custom field selection page. The selected custom fields appear as a column on the right side of the listing pages.

3D Concept

3D Secure is a version of the application on VirtualPoS where cardholders are verified with a password on PoS. The cardholder is directed to the verification screens of the card bank to use a password in the transaction. The cardholder enters the information requested by his/her bank on these screens and shows that the card actually used is his/her own card.

After verification, the verification status is returned to the merchant bank (merchant). Then, depending on the status of the 3D information, the authorization process is carried out or the transaction is terminated.

3D Secure is supported by Master, Visa and American Express (Amex) cards. Merchants using 3D model (information about merchant models is given below) are required to come directly to provisioning without performing 3D verification for cards other than Mastercard, Visa and Amex. Since 3D secure is not supported, the responsibility for Fraud in such transactions belongs to the merchant. The merchant must take measures to protect itself.

Virtual POS Transactions Non 3ds

This is when the transaction is concluded without touching any 3D secure stage during the authorization flow. In this type of transaction, the customer's "I didn't do it" objections turn into a chargeback request. The chargeback process is evaluated by requesting evidence from the merchant that the transaction was made by the customer. In 3D transactions with successful verification, "I did not do it" claims are terminated by the bank.

Request Structure

The request structure required for Virtual POS non 3Ds address addition is specified in the table below. The information and explanations required for each tag under the main tag in the first column in the table should be examined and the request message should be provided according to the rules specified in this table:

<?xml version=\"1.0\" encoding=\"iso-8859-9\"?>\n<GVPSRequest>\n\t<Mode>TEST</Mode>\n\t<Version>512</Version>\n\t<Terminal>\n\t\t<ProvUserID>PROVAUT</ProvUserID>\n\t\t<HashData>433D139E67790F6CF7EDE2B568CD9019BA9F86E7673DC9CE7D83DFB1A72CE58F35A3A3B156EADCC95858D2DD25A02EA689924C68D0A4DDDC90D2E015A0F336D2</HashData>\n\t\t<UserID>PROVAUT</UserID>\n\t\t<ID>30691297</ID>\n\t\t<MerchantID>7000679</MerchantID>\n\t</Terminal>\n\t<Customer>\n\t\t<IPAddress>192.168.0.1</IPAddress>\n\t\t<EmailAddress>eticaret@garanti.com.tr</EmailAddress>\n\t</Customer>\n\t<Card>\n\t\t<Number>5406697543211173</Number>\n\t\t<ExpireDate>0323</ExpireDate>\n\t\t<CVV2>465</CVV2>\n\t</Card>\n\t<Order>\n\t\t<OrderID>d5cee702d181424b86b667685a9e2f32</OrderID>\n\t\t<GroupID />\n\t\t<AddressList>\n\t\t\t<Address>\n\t\t\t\t<Type>S</Type>\n\t\t\t\t<Name>Oğuzhan</Name>\n\t\t\t\t<LastName>Okur</LastName>\n\t\t\t\t<Text>Çamçeşme Mah. Tersane Cad. No:15 Üst Kaynarca</Text>\n\t\t\t\t<District>Pendik</District>\n\t\t\t\t<City>İstanbul</City>\n\t\t\t\t<PhoneNumber>05555555555</PhoneNumber>\n\t\t\t</Address>\n\t\t</AddressList>\n\t</Order>\n\t<Transaction>\n\t\t<Type>sales</Type>\n\t\t<Amount>10000</Amount>\n\t\t<CurrencyCode>949</CurrencyCode>\n\t\t<CardholderPresentCode>0</CardholderPresentCode>\n\t\t<MotoInd>N</MotoInd>\n\t</Transaction>\n</GVPSRequest>

Within this structure, many tags contain sub-tags within themselves. Under the relevant heading where each tag is described, the usage rules of tags without subtags and the details of tags with subtags are presented in a separate heading.

Bottom Label  Max Size Data Writing Format Description and notes
<Mode> PROD This is the field where the process mode is written
<Version> 16 byte No format requirement This is the field where the Api version used is written. Within the scope of hash calculation as Sha512, 512 value must be sent in this field.
<Terminal>  This tag contains sub tags. The tags it contains and their rules are given in the following headings.
<Customer>  This tag contains sub tags. The tags it contains and their rules are given in the following headings.
<Order>  This tag contains sub tags. The tags it contains and their rules are given in the following headings.
<Transaction>  This tag contains sub tags. The tags it contains and their rules are given in the following headings. 

<Terminal> Tag and the Tag to be placed under it and its Details

Virtual such as virtual pos number user information to ensure pos verification parameters are sent.

<Terminal>\n\t<ProvUserID></ProvUserID>\n\t<HashData></HashData>\n\t<UserID></UserID>\n\t<ID></ID>\n\t<MerchantID></MerchantID>\n</Terminal>

The sub-tags within this tag and their details are given below:

Bottom Label Max Size Data Writing Format Description and notes
<ProvUserID> 32 byte No format requirement This is the field where the provision user code of the terminal is sent. Prov user, Cancel refund user or OOS user can be found here
<HashData>  32 byte Hash algorithm SHA512 format. After hash conversion, lower case letters must be converted to upper case. Details are given below. This is the field where the user's password verification is performed. Hash creation details are explained separately in this document.
<UserID> No format requirement This is the field where the user who made the transaction (Agent - Sales Representative) is sent.
<ID>  9 byte Nümerik The field where the terminal number is sent
<MerchatID>  9 byte Nümerik This is the field where the workplace number is sent.

<Customer> Tag and Rules for the <Customer> Tag and Tags Below it

This is the field where Customer Information is sent. It is mandatory to send the information in the tag.

<Customer>\n <IPAddress></IPAddress>\n <EmailAddress></EmailAddress>\n</Customer>
Bottom Label Max Size Data Writing Format Description and notes
<IPAdress> 20 byte No format requirement This is the field where the IP address of the customer who made the transaction is sent. It must be sent compulsorily in order to ensure fraud controls.
<EmailAddress> 64 byte This is the field where the E-Mail address of the customer who made the transaction is sent.

<Card> Label and Rules for the <Card> Label and the Label to be placed under it

This is the field where card information is sent. Credit card information is a mandatory field except for some transaction types.

Note: Unlike other credit cards, American Express cards consist of 15 digit numbers instead of 16, so your card information entry screens must be arranged to accept 15 digits. Unlike other credit cards, the CVV, i.e. security codes of American Express cards have 4 digits instead of 3 and are located on the front of the card. Your security code entry screens must be configured to accept 4-digit codes.

<Card>\n\t<Number></Number>\n\t<ExpireDate></ExpireDate>\n\t<CVV2></CVV2>\n</Card>
Bottom Label Max Size  Data Writing Format Data Writing Format Description and notes
<Number> Min: 15 - Max : 19 Nümeric This is the field where the card number is sent.
<ExpireDate> 4 byte MMYY (Last 2 digits of Month and Year) This is the field where the expiration date of the card is sent.
<CVV2> Min : 3 Max : 4 (Amex) Nümeric This is the field where CVV information of the card is sent.

<Order> Label and Rules for the <Order> Label

This is the field where the information and details of the order are sent. 

\t<Order>\n\t\t<OrderID>d5cee702d181424b86b667685a9e2f32</OrderID>\n\t\t<GroupID />\n\t\t<AddressList>\n\t\t\t<Address>\n\t\t\t\t<Type>S</Type>\n\t\t\t\t<Name>Oğuzhan</Name>\n\t\t\t\t<LastName>Okur</LastName>\n\t\t\t\t<Text>Çamçeşme Mah. Tersane Cad. No:15 Üst Kaynarca</Text>\n\t\t\t\t<District>Pendik</District>\n\t\t\t\t<City>İstanbul</City>\n\t\t\t\t<PhoneNumber>05555555555</PhoneNumber>\n\t\t\t</Address>\n\t\t</AddressList>\n\t</Order>
Bottom Label Max Size Data Writing Format Description and notes
<OrderID> 36 byte No format requirement This is the field where the Order Number is sent. Order based must be unique. It must be generated by companies.
<GroupID> 36 byte No format requirement It is the field used to categorize (group) orders. For example: Orders sent with campaigns can be separated with an information written to GroupID.
<AddressList> It is the field where address information is sent. Two different addresses, delivery address and billing address, can be sent once. 

<AddressList> Tag and Details

This is the field where address information is sent. Two different addresses, delivery address and billing address, can be sent once.

Bottom Tag Description and notes
<Address> This tag contains sub tags. The tags it contains and their rules are given in the following headings.

<Address> Tag and Details

Used for sending invoice and delivery address details.

Bottom Tag Max Size Data Writing Format Description and notes
<Type> 1 It can take the values B (Billing) or S (Shipping). Enter the address type in this field. B : Billing (Billing address) S : Shipping (Delivery address)
<Name> 65 byte Alfanümerik This is the field where the name information of the address information is entered.
<LastName> 32 byte Alfanümerik It is the field where the surname information of the address information is entered.
<Company> 40 byte Alfanümerik This is the field where the company name is entered, if any.
<Text> 180 byte Alfanümerik Field where the address information is entered.
<District> 25 byte Alfanümerik Field where the neighborhood information is entered.
<City> 25 byte Alfanümerik Field where city information is entered.
<Country> 32 byte Alfanümerik Field where country information is entered.
<PostalCode> 20 byte Alfanümerik Enter the postal code.
<PhoneNumber> 30 byte Alfanümerik It is the field where phone
<GSMNumber> 30 byte Alfanümerik It is the field where the phone information is entered.
<FaxNumber> 30 byte Alfanümerik It is the field where fax information is entered.

<Transaction> Tag and its Rules

This is the field where transaction information and financial information are sent.

<Transaction>\n\t<Type>sales</Type>\n\t<Amount>10000</Amount>\n\t<CurrencyCode>949</CurrencyCode>\n\t<CardholderPresentCode>0</CardholderPresentCode>\n\t<MotoInd>N</MotoInd>\n</Transaction>
Bottom Label Maks Size Data Writing Format Description and notes 
<Type> 32 byte Alfanümerik This is the field where the Transaction Type is sent. Details about transaction types will be given separately in the document. Attention should be paid to the use of other fields according to the transaction type
<Amount> 17,2 number Nümerik LLLLKK şeklinde yollanır. Son 2 hane kuruşu ifade eder. 1,00 TL -> 100 11,22 TL->1122 0,01TL -> 1 şeklinde This is the field where the amount information is entered. If the transaction is a "Partial Refund" transaction, the amount entered in this field is refunded.
<CurrencyCode>  3 byte Nümerik This is the field where exchange rate information is sent. 949 -> TL will be informed for other exchange rates according to your authorization.
<CardholderPresentCode>  2 byte Nümerik Enter 0 for normal transactions and 13 for 3D transactions.
<MotoInd> 1 byte Alfanümerik It takes Y and N values. N is sent for Ecommerce transactions. Y is sent for transactions with Moto transaction status.

Cevap (Response) Yapısı  

Sanal POS 3D’siz Adres Ekleme işlemi için, önceki başlıklarda gönderilen istek sonrası, servisten dönen cevap (response) yapısı aşağıdaki tabloda belirtilmiştir. Tablo içerisinde ilk kolonda yer alan ana tag altında yer alanabilecek her tag için gerekli olan bilgi ve açıklamalar incelenmeli ve istek mesajı bu tabloda belirtilen kurallara göre sağlanmalıdır: 

Sanal POS adres ekleme işleminde cevap yapısı genel biçimde aşağıdaki şekildedir: 

<GVPSResponse>\n\t<Mode></Mode>\n\t<Terminal>\n\t\t<ProvUserID>PROVAUT</ProvUserID>\n\t\t<UserID>PROVAUT</UserID>\n\t\t<ID>30691297</ID>\n\t\t<MerchantID>7000679</MerchantID>\n\t</Terminal>\n\t<Customer>\n\t\t<IPAddress>192.168.0.1</IPAddress>\n\t\t<EmailAddress>eticaret@garanti.com.tr</EmailAddress>\n\t</Customer>\n\t<Order>\n\t\t<OrderID>d2b402fc3cd1443baa781891a3dff0db</OrderID>\n\t\t<GroupID></GroupID>\n\t</Order>\n\t<Transaction>\n\t\t<Response>\n\t\t\t<Source>HOST</Source>\n\t\t\t<Code>00</Code>\n\t\t\t<ReasonCode>00</ReasonCode>\n\t\t\t<Message>Approved</Message>\n\t\t\t<ErrorMsg></ErrorMsg>\n\t\t\t<SysErrMsg></SysErrMsg>\n\t\t</Response>\n\t\t<RetrefNum>210707283420</RetrefNum>\n\t\t<AuthCode>686724</AuthCode>\n\t\t<BatchNum>004568</BatchNum>\n\t\t<SequenceNum>005650</SequenceNum>\n\t\t<ProvDate>20220417 19:24:46</ProvDate>\n\t\t<CardNumberMasked>540669****1173</CardNumberMasked>\n\t\t<CardHolderName>4517*** 4517****</CardHolderName>\n\t\t<CardType>BONUS</CardType>\n\t\t<HashData>A01864228AEBCBCBC4F6A6AF492A32DB3A11B9C68D28B284DDE9DB701EC60C710A540B3F37BB94A64F329C2EE06AD795AD39C2556B39D70451E8680365D8E8C8</HashData>\n\t\t<HostMsgList></HostMsgList>\n\t\t<RewardInqResult>\n\t\t\t<RewardList></RewardList>\n\t\t\t<ChequeList></ChequeList>\n\t\t</RewardInqResult>\n\t\t<GarantiCardInd>Y</GarantiCardInd>\n\t</Transaction>\n</GVPSResponse>

Yukarıda verilen cevap yapısı içerisinde yer alan etiketler ve bu etiketlerin altında yer alan alt etiketler aşağıdaki başlıkta verilmiştir: 

Alt Etiket Veri Yazım Formatı Açıklama ve notlar
<Mode> PROD - TEST İşlem modunun yazıldığı alandır
<Customer> İstek yapısı içerisinde gönderilen müşteriye ait bilgilerin doğrulama amaçlı geri gönderildiği alandır.
<Order> Bu etiket kendi içerisinde alt etikeler barındırır. İçerdiği alt etiketler aşağıdaki başlıklarda verilmiştir.
<Transaction>  Bu etiket kendi içerisinde alt etikeler barındırır. İçerdiği alt etiketler aşağıdaki başlıklarda verilmiştir.

<Transaction> Tag Label and Rules of the <Transaction> Tag

Bottom Tags Data Writing Format Description and notes
<Response>  This tag contains sub tags. Details about the sub-tags are given in the headings below.
<RetrefNum> Nümerik Returns the transaction number generated by Sanalpos
<AuthCode>  Nümerik This is the field where the approval code is returned.
<BatchNum>  It is the field where the batche in which the transactions will be entered is returned.
 <SequenceNum>  Transaction sequence number
<ProvDate>  YYYYMMDD Field where provision date is returned.
<CardNumberMasked> It is the field where the first 6 and last 4 digits of the card number and the fields in between are returned with *.
<CardHolderName> It is the field where the name of the cardholder is returned.
<CardType>  It is the field where the card type of the transaction is returned.
<HashData> It is the field where the HashData information of the transaction is returned.
<HostMsgList>  This tag contains sub tags. Details about the sub tags are given in the headings below.
<RewardInqResult>  This tag contains sub tags. Details about the sub tags are given in the headings below.r.
<GarantiCardInd> Description and notes

<Response> Subtags and Descriptions

Bottom Tags Description and notes
<Source> This is the field where the source information is returned.
<Code> This is the field where Approved - declined information is returned.
<ReasonCode> The field where the response code is returned.
<Message>  Field where message information is returned.
<ErrorMsg>  The field where the error message is returned.
<SysErrMsg> This is the field where the system error message is returned.

<RewardInqResult> Tag, Subtags and Descriptions

Bottom Tags Data Writing Format Description and notes
<RewardList> This tag contains sub tags. Details about the sub-tags are given in the headings below.
<ChequeList> This tag contains sub tags. Details about the sub-tags are given in the headings below.

<RewardList> Tag and Descriptions

Bottom Tags Data Writing Format Description and notes
<Reward>   This tag contains sub tags. Details about the sub-tags are given in the headings below.

<Reward> Tag and Descriptions

Bottom Label Data Writing Format Description and notes
<Type> Alphanumeric This is the field where the reward type is returned. The values that can come in this field and their meanings are as follows:BNS: Bonus PointsFBB: Company Based Bonus Points
<TotalAmount> The numeric is sent as LLLLLLKK. The last 2 digits represent cents. 1,00 TL -> 100 11,22 TL->1122 0,01TL -> 1 This is the field where the award amount is returned.
<LastTxnGainAmount> The numeric is sent as LLLLLLKK. The last 2 digits represent cents. 1,00 TL -> 100 11,22 TL->1122 0,01TL -> 1 This is the field where the last won prize amount is returned.

<ChequeList> Tag and Explanations

Bottom Tags  Data Writing Format Description and notes
<Cheque> This tag contains sub tags. Details about the sub-tags are given in the headings below.

<Cheque>Tag and Descriptions

Bottom Tags Data Writing Format Description and notes
<Type> Alfanümerik The field where the check type is returned.
<Count> The field where the number of checks is returned.
<ExpireDate> Check expiration date is returned.
<Amount> The numeric is sent as LLLLLLKK. The last 2 digits represent cents. 1,00 TL -> 100 11,22 TL->1122 0,01TL -> 1 Check amount is returned.
<UsageRate>  Check utilization rate is returned.
<MinTxnAmount> Nümerik LLLLKK şeklinde yollanır. Son 2 hane kuruşu ifade eder. 1,00 TL -> 100 11,22 TL->1122 0,01TL -> 1 şeklinde  It is the field where the minimum transaction amount required for check usage is returned.
<ID>  It is the field where the Campaign ID information is returned.
<Bitmap> It is the field where the Bitmap ID produced by the bank is returned.

Code Examples

Below are the github repo links for custom code examples written in different programming languages, including this transaction type. You can examine the codes written with predefined values through the link of your preferred programming language.

Error Codes

Error codes from this page you can reach.

Test Cards

List of test cards from this page you can reach.

We would love to hear from you. Do you have problems/questions about services ? Send us detailed email about it ?

Send Us a Question Send Us a Question