alt

Important information

Please be advised that there will be a scheduled downtime across our API network on November 05 and November 07, 2024. For more information, visit our platform status portal.:
- Scheduled maintenance on November 5, 2024
- Scheduled maintenance on November 7, 2024

Unzer

Accept Unzer Installment with server-side-only integration

Build your own payment form to add Unzer Installment to your checkout page

icon info

If you are using payment type installment-secured, note that this method is now deprecated. It’s currently supported but there are no further developments planned for it.

If you want to access the relevant documentation, see Installment Secured.

Overview

For Unzer Installment, you need to provide information about the customer using the customer resource and the purchased products using the basket resource. This is required by Unzer for risk assessment and transaction approval. You are responsible for gathering this data before you authorize the payment. furthermore you’re responsible to show the available installment plans and conditions to the customers.

Before you begin

Step 1: Retrieve available installment plans
server side

To create payment type Unzer Installment you first need to fetch all available installment plans, visualize them to the customer so the customer can select one of them. You must send an inquiry GET request for the specific amount of the customers purchase.

ParameterTypeDescription
amount (required)stringTotal amount of the purchase
country (required)stringThe customer’s country in ISO country code ISO 3166 ALPHA-2
customerTypestringB2C (B2B is currently not available)
currency (required)stringThe currency code of the transaction is a 3-letter code (CHF or EUR) according to ISO_4217.

The response includes the total amount, all available installment plans with the corresponding amount payable, due dates and the interest rates.

GET https://api.unzer.com/v1/types/paylater-installment/plans?country=DE&amount=190.00&currency=EUR&orderId=my_order_id_10032023

{
}
$unzer = new Unzer('s-priv-xxxxxxxxxx');

$installmentPlansQuery = new InstallmentPlansQuery(190.00, 'EUR', 'DE');
$installmentPlans = $unzer->fetchPaylaterInstallmentPlans($installmentPlansQuery);
Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");

InstallmentPlansRequest request = new InstallmentPlansRequest(
    new BigDecimal("190.00"),
    "EUR",
    "DE",
    CustomerType.B2C
);

PaylaterInstallmentPlans installmentPlans = unzer.fetchPaylaterInstallmentPlans(request);

The response looks similar to the following example:

{
    "id": "Tx-vyexxxzzy8p",
    "amount": "190.00",
    "currency": "EUR",
    "plans": [
        {
            "numberOfRates": 3,
            "totalAmount": "193.35",
            "nominalInterestRate": 9.95,
            "effectiveInterestRate": 10.38,
            "secciUrl": "https://payment-app.paylater.unzer.com/payolution-payment/infoport/creditagreementdraft/Tx-vyexxxzzy8p=3",
            "installmentRates": [
                {
                    "date": "2023-08-20",
                    "rate": "64.45"
                },
                {
                    "date": "2023-09-20",
                    "rate": "64.45"
                },
                {
                    "date": "2023-10-20",
                    "rate": "64.45"
                }
            ]
        },
        ...
    ]
}

The response contains an id, this is later referred to as inquiryId. You need it in the next step when you create the Unzer Installment payment type resource.

Step 2: Create the payment type resource
server side

When a customer selected an installment plan and wants to place the order you must create the payment type paylater-installment by sending a request to the Unzer API.

ParameterTypeDescription
holderstringThe bank account holders first & last name
ibanstringThe customers IBAN
country (required)stringThe customer’s country in ISO country code ISO 3166 ALPHA-2
inquiryId (required)stringProvide the inquiryId of the first request (such as Tx-vyexxxzzy8p)
numberOfRates (required)stringSpecify the duration in months which the customer selected

We highly recommend to collect iban and holder. If you don’t provide IBAN and the bank account holder name, the customer would have to transfer the monthly funds manually which is a poor customer experience and might lead to reminder letters.

The response contains an id, this is later referred to as typeId. You will need this typeId to perform the transaction.

POST https://api.unzer.com/v1/types/paylater-installment

{    
    "holder": "Max Mustermann",
    "iban": "DE89370400440532013000",
    "country": "DE",
    "inquiryId": "Tx-vyexxxzzy8p",
    "numberOfRates": "3"
}
$unzer = new Unzer('s-priv-xxxxxxxxxx');

$paylaterInstallment = new PaylaterInstallment(
    'Tx-abc123',
    3,
    'DE89370400440532013000',
    'DE',
    'Peter Mustermann'
);

$unzer->createPaymentType($paylaterInstallment);
Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");

PaylaterInstallment paylaterInstallment = unzer.createPaymentType(
    new PaylaterInstallment()
        .setHolder("Max Mustermann")
        .setIban("DE89370400440532013000")
        .setCountry("DE")
        .setInquiryId("Tx-vyexxxzzy8p")
        .setNumberOfRates(3)
);

The response looks similar to the following example:

{
    "id": "s-pit-0n86y5sdbahc",
    "method": "paylater-installment",
    "recurring": false,
    "geoLocation": {
        "clientIp": "10.31.0.54",
        "countryIsoA2": "DE"
    }
}

Step 3: Make a payment
server side

Besides an always mandatory step of creating the inquiry and paymentType resource, Unzer Installment also requires a customer and a basket resource.

Create a customer resource (only B2C)

This step is applicable only if you didn’t create a customer resource yet, on the client side.

To process transactions for b2c customers, the following customer fields are available:

ParameterTypeDescription
languagestringThe language for customer correspondence. Must be in ISO 639 alpha-2 code format.
salutationstringSpecify the customer’s Salutation. Available values are mr, mrs, unknown.
firstname (required)stringThe customer’s first name.
lastname (required)stringThe customer’s last name.
email(required)stringThe customer’s email address.
birthDate(required)stringThe birth date of the customer in ‘YYYY-MM-DD’ format.
billingAddress(required)objectThe customer’s billing address.
billingAddress.name(required)stringThe customer’s first- & last name for the billing address.
billingAddress.street(required)stringThe customer’s street including house number.
billingAddress.zip (required)stringThe customer’s postal code.
billingAddress.city (required)stringThe customer’s city.
billingAddress.country (required)stringThe customer’s country in ISO country code ISO 3166 ALPHA-2 (only for billing address).
POST https://api.unzer.com/v1/customers

{
"language": "de",
"salutation": "mr",
"firstname": "Peter",
"lastname": "Paylater",
"birthDate": "1987-12-20",
"email": "peter.paylater@example.com",
"billingAddress" : {
      "name" : "Peter Paylater",
      "street" : "Hugo-Junkers-Str. 5",
      "zip" : "60386",
      "city" : "Frankfurt am Main",
      "country" : "DE"
    }
}
$unzer = new Unzer('s-priv-xxxxxxxxxx');

$address = (new Address())
            ->setName('Max Mustermann')
            ->setStreet('Schöneberger Str. 21a')
            ->setZip('10963')
            ->setCity('Berlin')
            ->setCountry('DE');

$customer = (new Customer())
            ->setFirstname('Max')
            ->setLastname('Mustermann')
            ->setSalutation(Salutations::MR)
            ->setCompany('Unzer GmbH')
            ->setBirthDate('1972-12-24')
            ->setEmail('Max.Mustermann@unzer.com')
            ->setMobile('+49 123456789')
            ->setPhone('+49 123456789')
            ->setBillingAddress($address)
            ->setShippingAddress($address);

$unzer->createCustomer($customer);
Address address = new Address();
address
  .setName("Max Mustermann")
  .setStreet("Schöneberger Str. 21a")
  .setCity("Berlin")
  .setZip("10963")
  .setCountry("DE");
      
Customer customer = new Customer("Max", "Mustermann");
customer
  .setCustomerId(customerId)
  .setSalutation(Salutation.mr)
  .setEmail("max.mustermann@unzer.com")
  .setMobile("+49123456789")
  .setBirthDate(getDate("12.12.2000"))
  .setBillingAddress(address)
  .setShippingAddress(address);

Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");
customer = unzer.createCustomer(customer);

The response looks similar to the following example:

{
  "id":"s-cst-c552940bca23"
}

For a full description of customer resource, refer to the relevant server-side integration documentation page: Manage customer (direct API calls).

Create a basket resource

The basket resource stores information about the purchased products, used vouchers, and the shipment costs.

icon info
Note that you must send the basket resource within the payment request.
icon
You must use basket v2 for Unzer Installment payment method.
POST https://api.unzer.com/v2/baskets

{
  "totalValueGross": 190.0,
  "currencyCode": "EUR",
  "note": "Test Basket",
  "orderId": "Order-12345",
  "basketItems": [
    {
      "amountDiscountPerUnitGross": 1.0,
      "amountPerUnitGross": 20.0,
      "basketItemReferenceId": "Item-d030efbd4963",
      "imageUrl": "https://a.storyblok.com/f/91629/x/1ba8deb8cc/unzer_primarylogo__white_rgb.svg",
      "quantity": 10,
      "subTitle": "This is brand new Mid 2019 version",
      "title": "SDM 6 CABLE",
      "type": "goods",
      "unit": "m",
      "vat": 19.0
    }
  ]
}
$unzer = new Unzer('s-priv-xxxxxxxxxx');

$basketItem = (new BasketItem())
    ->setBasketItemReferenceId('Item-d030efbd4963')
    ->setQuantity(10)
    ->setUnit('m')
    ->setAmountPerUnitGross(20.00)
    ->setAmountDiscountPerUnitGross(1.00)
    ->setVat(19.0)
    ->setTitle('SDM 6 CABLE')
    ->setSubTitle('This is brand new Mid 2019 version')
    ->setImageUrl('https://a.storyblok.com/f/91629/x/1ba8deb8cc/unzer_primarylogo__white_rgb.svg')
    ->setType(BasketItemTypes::GOODS);

$basket = (new Basket())
    ->setTotalValueGross(190.00)
    ->setCurrencyCode('EUR')
    ->setOrderId('Order-12345')
    ->setNote('Test Basket')
    ->addBasketItem($basketItem);

$unzer->createBasket($basket);
BasketItem basketItem = new BasketItem()
        .setBasketItemReferenceId("Item-d030efbd4963")
        .setQuantity(BigDecimal.valueOf(10))
        .setUnit("m")
        .setAmountPerUnitGross(BigDecimal.valueOf(20.00))
        .setAmountDiscountPerUnitGross(BigDecimal.valueOf(1.00))
        .setVat(BigDecimal.valueOf(19.0))
        .setTitle("SDM 6 CABLE")
        .setSubTitle("This is brand new Mid 2019 version")
        .setImageUrl(new URL("https://a.storyblok.com/f/91629/x/1ba8deb8cc/unzer_primarylogo__white_rgb.svg"))
        .setType(BasketItem.Type.GOODS);

Basket basket  = new Basket()
        .setTotalValueGross(BigDecimal.valueOf(190.00))
        .setCurrencyCode(Currency.getInstance("EUR"))
        .setOrderId("Order-12345")
        .setNote("Test Basket")
        .addBasketItem(basketItem);

Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");
unzer.createBasket(basket);

The response looks similar to the following example:

{
    "id": "s-bsk-17387257b8fa"
}

For a full description of basket resource, refer to the relevant server-side-integration documentation page: Manage basket (direct API calls).

Add the ThreatMetrix script

We use ThreatMetrix for fraud prevention to protect your business from potential fraudsters. For this, insert a code snippet with a unique(!) parameter on your payments page and later, send this parameter as threatMetrixId in the authorize request to us. The next steps are managed by us and no additional steps are required from you.

  1. Define a 128 byte long and unique variable as identifier for this transaction. Make sure it only consists of the following characters:
    • upper and lowercase English letters ([a-z], [A-Z])
    • digits (0-9)
    • underscore (_)
    • hyphen (-)
  2. Use this variable in the ThreatMetrix script (next step) in the GET parameter session_id and store it temporarily so that you can also send it in the authorize request later on.
  3. Add the ThreatMetrix script to your payment page. To get full fraud protection, use both the JavaScript part in thesection and the iFrame version in the body section of your page.
<html>
<head>
    <script type="text/javascript" async
         src="https://h.online-metrix.net/fp/tags.js?org_id=363t8kgq&session_id=[SessionID]">
    </script>
</head>
<body>
<noscript>
<iframe 
    style="width: 100px; height: 100px; border: 0; position: absolute; top: -5000px;" 
    src="https://h.online-metrix.net/fp/tags?org_id=363t8kgq&session_id=[SessionID]">
</iframe>
</noscript>
</body>
icon info
Recommendations for creation of session ID
  • Use a merchant identifier (URL without domain additions), append an existing session identifier from a cookie, append the date and time in milliseconds to the end of the identifier, and then applying a hexadecimal hash to the concatenated value to produce a completely unique Session ID.
  • Use the org_id=363t8kgq as a static value that does not change for each ThreatMetrix script or for an individual merchant.
  • Use a merchant identifier (URL without domain additions), append an existing session identifier from the web application, and apply a hexadecimal hash to the value to obfuscate the identifier.
    Example: merchantshop_cd-695a7565-979b-4af9
  • The session_id must be stored temporarily for later/subsequent request.

Do a risk check for the customer
server side

Customer risk check is an optional step after the payment method is selected. It is used for the risk evaluation of the end customer data. When sending the request, you must also add the x-CLIENTIP=<YOUR Client's IP> attribute in the header.

This operation is not part of the payment process. Like credit card check, it is used to pre-check customer data immediately after the payment method selection step in the checkout. This way customer receives direct feedback before finishing the order, avoiding irritation. The riskCheck request contains customer resource’s reference and transactional details.customer receives direct feedback before finishing the order, avoiding irritation. The riskCheck request contains customer resource’s reference and transactional details.

POST: https://api.unzer.com/v1/types/paylater-installment/risk-check
{
    "amount": "190",
    "currency": "EUR",
    "orderId": "ORD-123456",
    "invoiceId" : "INS-123456",
    "resources": {
        "customerId": "s-cst-472f919218b5", 
        "typeId": "s-pit-0n86y5sdbahc",
        "basketId": "s-bsk-17387257b8fa"
    },
    "additionalTransactionData": {
      "riskData": {
        "threatMetrixId": "merchantshop_cd-695a7565-979b-4af9",
        "customerGroup":"TOP",
        "confirmedAmount":"2569",
        "confirmedOrders":"14",
        "registrationLevel":"1",
        "registrationDate":"20160412"
      }
    }
}
{
    "id": "GHZC-PQVK-RLGP",
    "timestamp": "2024-04-09 12:46:00",
    "isSuccess": true,
    "isPending": false,
    "isResume": false,
    "isError": false
}
{
    "id": "s-err-70a411aa69854880a727eb27e6f",
    "isSuccess": false,
    "isPending": false,
    "isResumed": false,
    "isError": true,
    "url": "https://api.unzer.com/v1/types/paylater-installment/risk-check",
    "timestamp": "2024-04-09 12:47:09",
    "traceId": "dd34bcd31b347817559ac4d780a7db30",
    "errors": [
        {
            "code": "API.901.100.300",
            "merchantMessage": "Invalid amount.invalid amount (probably too large) [details: Amount 1000000.00 outside transaction limits: [1.00, 5000.00]]",
            "customerMessage": "An error occurred. Please contact us for more information."
        }
    ]
}

Make an authorize transaction

Now, make an authorize transaction with the paylater-installment resource that you created earlier. You must also add the x-CLIENTIP=<YOUR Client's IP> attribute in the header. With a successful authorize transaction, the amount is authorized and a payment resource is created. At this point no money has been transferred but the amount is reserved.

ParameterTypeDescription
amount
(required)
floatThe authorization amount.
currency
(required)
stringThe authorization currency, in the ISO 4217 alpha-3 format (for example, EUR)
orderIdstringYour customer facing order number (if available at that point)
customerId (required)stringThe ID of the customers resource to be used (for example, s-cst-e692f3892497)
basketId (required)stringThe basket ID for the payment (such as s-bsk-17387257b8fa)
typeId (required)stringThe ID of the payment type resource to be used (such as s-pit-0n86y5sdbahc)

Provide the customer risk information

To increase the acceptance rate of your invoice payments, we strongly recommend that you provide additional information about your customer. The following fields can be provided to allow us to apply a detailed risk check:

ParameterTypeDescription
threatMetrixIdstringThe ThreatMetrix session ID
customerGroupstringCustomer classification for the customer if known valid values:
TOP: Customers with more than 3 paid* transactions
GOOD: Customers with more than 1 paid* transactions
BAD: Customers with defaulted/fraudulent orders
NEUTRAL: Customers without paid* transactions
confirmedAmountstringThe amount/value of the successful transactions paid by the end customer
confirmedOrdersstringThe number of successful transactions paid* by the end customer
registrationLevelstringCustomer registration level
0=guest, 1=registered
registrationDatestringCustomer registration date in your shop
(YYYYMMDD)

*paid: A paid transaction is a transaction where you have the payment status of the customer for previous transactions (external factoring invoice, installment or direct debit transactions must be excluded because you might have no information about the actual payment status of the customer).

Authorize request

POST https://api.unzer.com/v1/payments/authorize

Body
{
    "amount": "190.00",
    "currency": "EUR",
    "orderId": "BE-123456",
    "resources": {
        "customerId": "s-cst-e692f3892497", 
        "typeId": "s-pit-0n86y5sdbahc",
        "basketId": "s-bsk-17387257b8fa"
    },
    "additionalTransactionData": {
      "riskData": {
        "threatMetrixId": "merchantshop_cd-695a7565-979b-4af9",
        "customerGroup":"TOP",
        "customerId":"C-122345",
        "confirmedAmount":"2569",
        "confirmedOrders":"4",
        "registrationLevel":"1",
        "registrationDate":"20160412"
      }
    }
}
$unzer     = new UnzerSDK\Unzer('s-priv-xxxxxxxxxx');

$riskData = (new RiskData())
    ->setThreatMetrixId('merchantshop_cd-695a7565-979b-4af9')
    ->setCustomerGroup('TOP')
    ->setCustomerId('C-122345')
    ->setConfirmedAmount('2569')
    ->setConfirmedOrders('4')
    ->setRegistrationLevel('1')
    ->setRegistrationDate('20160412');

$authorization = (new Authorization(190.00, 'EUR', $returnUrl))
    ->setOrderId('BE-123456')
    ->setRiskData($riskData);

$unzer->performAuthorization(
    $authorization,
    's-pit-xxxxxxxxxxx',
    's-cst-xxxxxxxxxx',
    null,
    's-bsk-xxxxxxxxxx'
);
Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");

RiskData riskData = (new RiskData())
    .setThreatMetrixId("merchantshop_cd-695a7565-979b-4af9")
    .setCustomerGroup("TOP")
    .setCustomerId("C-122345")
    .setConfirmedAmount("2569")
    .setConfirmedOrders("14")
    .setRegistrationLevel("1")
    .setRegistrationDate(new Date());
    
Authorization authorizationInstance = (new Authorization())
        .setAmount(BigDecimal.valueOf(190.00))
        .setCurrency(Currency.getInstance("EUR"))
        .setRiskData(riskData)
        .setTypeId("s-piv-zex7c9iibpek")
        .setCustomerId("s-cst-e692f3892497")
        .setBasketId("s-bsk-49277b9f7ee0");

Authorization transaction = unzer.authorize(authorizationInstance);

The response looks similar to the following example:

{
    "id": "s-aut-1",
    "isSuccess": true,
    "isPending": false,
    "isResumed": false,
    "isError": false,
    "message": {
        "code": "COR.000.000.000",
        "merchant": "Transaction succeeded",
        "customer": "Your payments have been successfully processed."
    },
    "amount": "190.00",
    "currency": "EUR",
    "returnUrl": "",
    "date": "2023-04-13 14:20:07",
    "resources": {
        "customerId": "s-cst-e692f3892497",
        "paymentId": "s-pay-8",
        "basketId": "s-bsk-17387257b8fa",
        "traceId": "",
        "typeId": "s-pit-0n86y5sdbahc"
    },
    "additionalTransactionData": {
        "riskData": {
            "threatMetrixId": "merchantshop_cd-695a7565-979b-4af9",
            "customerGroup": "TOP",
            "customerId": "C-122345",
            "confirmedAmount": "2569",
            "confirmedOrders": "4",
            "registrationLevel": "1",
            "registrationDate": "20160412"
        }
    },
    "orderId": "BE-123456",
    "paymentReference": "",
    "processing": {
        "uniqueId": "Tx-e5wkw4kt7mj",
        "shortId": "Tx-e5wkw4kt7mj",
        "descriptor": "TBGW-LGKS-WKZV",
        "traceId": ""
    }
}

For a full description of the authorize transaction please refer to relevant server-side-integration documentation page: authorize a payment (direct API calls).

Step 4: Check status of the payment
server side

Once the transaction is made, you can fetch the payment details from the API, by using the resources.paymentId from the authorize response above to handle the payment according to its status, such as s-pay-124. Check all possible payment states here.

GET: https://api.unzer.com/v1/payments/s-pay-xxxxxxx
$unzer = new Unzer('s-priv-xxxxxxxxxx');
$payment = $unzer->fetchPayment('s-pay-1');
Unzer unzer = new Unzer("s-priv-xxxxxxxxxx");
Payment payment = unzer.fetchPayment("s-pay-1");

Step 5: Display the payment result
client side

Use the information from the Check status of the payment step to display the payment result to your customer.
This can be the success or error page of your shop. If something went wrong, you can use the client message from the API response and show it to the customer.

icon info
Go to manage payment page to do the charge transaction. The charge transaction is crucial because it starts the installment plan for the consumers and they payout for the merchants.

Manage payment
server side

For more details on managing Unzer Installment payments, such as refunding them, see Manage Unzer Installment payments.

Notifications

We recommend subscribing to the payment event to receive notifications about any changes to the payment resource. As soon as the event is triggered you should fetch the payment and update the order status in your shop according to its status.

  {
    "event":"payment.pending",
    "publicKey":"s-pub-xxxxxxxxxx",
    "retrieveUrl":"https://api.unzer.com/v1/payments/s-pay-774",
    "paymentId":"s-pay-774"
  }

For more details on implementing webhooks to receive notifications, see Notifications page.

Error handling

All requests to the API can result in an error that should be handled. Refer to the Error handling guide to learn more about Unzer API (and other) errors and handling them.

Test & go live

You should always test your integration before going live. First perform test transactions using test data. Next, check against Integration checklist and Go-live checklist to make sure the integration is complete and you’re ready to go live.

See also