Data Intensity, LLC

Solution Documentation
Aramark
Option - CyberSource / FiServ SnapPay
pros:
• Supported out-of-the-box integration with CyberSource
• Still need API & development activity with CyberSource support team
• Oracle & CyberSource supports the integration
• No additional infrastructure platform required for integrations
• Integration only Supports Credit card & not ACH ( Per Oracle SR)
• Need to confirm PCI-Compliant Identity Management for Azure

Cons:
• Tacking of API calls are not available
• Detailed audit of orphan records/transactions not available ,need to rely on CyberSource logs
• Detailed audit of Calls made payment gateway not available ,need to rely on CyberSource logs
• Alerting on failure or any transaction need to rely on CyberSource logs
• Need to confirm the integration for ACH for customer facing ,which is not available
• Need to confirm PCI-Compliant Identity Management for Azure

Option - JPMC concourse / Other Gateway of Choice

pros:
• Integration framework (reusable) could be used for any payment system
• Tacking of API calls are available
• Detailed audit of orphan records/transactions are available
• Detailed audit of Calls made payment gateway are available
• Alerting on failure or any transaction could be configured in integrations
• Works for both ACH & credit cards
• Need to confirm PCI-Compliant Identity Management for Azure

Cons:
• Additional infrastructure platform ( Oracle PaaS) Integration required for integrations
• Need to take exception approval from oracle to use token data movement
• Need to confirm PCI-Compliant Identity Management for Azure
• Approval for using any other payment system may take more time.

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.
• Requirement
• DataCenter Environment (POD) should be hosted in one of the following PCI certified OCI regions
• us-phoenix-1
• us-ashburn-1

• Currently, CyberSource and FiServ SnapPay are supported payment gateways out-of-the-box.Reference(Doc ID 1949941.1)

• PCI-Compliant Identity Management (Azure Active Directory)

• Integrations Conditional planned integrations with Oracle PaaS or on-premise that involve credit card data or credit card processing.

• If you have integration from Fusion Application to Oracle PaaS, need approval for enabling gateway

• Above condition Open a SR

• Product: Oracle Fusion Payments Cloud Service
• Title/Description: Enable credit card payment processing in POD(s) <list the POD names here>
• Complete attached template and upload to the service request.
• Respond to each question in as much detail as possible.

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.
 (us-ashburn-1) Oracle Data Center
PCI certified OCI region
Cyber Source
HPP (hosted payment page)
Oracle (SaaS) (PAN, Expiry Date, Cardholder
First/Last Name, Brand,
Statement Billing Address,
Email ID,CVV)
(iFrame)
Azure IDP : for SSO Admin Users
Prod POD ( EKQP )
Multi factor authenticate payment administrator user https://ekqp.fa.us6.oraclecloud.com/

Tokenization

Test POD ( EKQP-TEST )

https://ekqp--test.fa.us6.oraclecloud.com/ Authorization

Enter CVV
(Cyber Source Flex Microform )

(SaaS)

Need Confirmation from Oracle on Exchange between oracle & payement

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.
 (us-ashburn-1) Oracle Data Center (us-ashburn-1) Oracle Data Center
PCI certified OCI region PaaS
HPP (hosted payment page)
(PAN, Expiry Date, Cardholder
Oracle (SaaS) First/Last Name, Brand,
Statement Billing Address,
Email ID,CVV)
(iFrame)
PRD IC/VB Instance PRD OKE instance
Azure IDP : for SSO Admin Users
Multi factor authenticate payment administrator user
Prod POD ( EKQP )
https://
ekqp.fa.us6.oraclecloud.com/
Tokenization

Test IC/VB Instance Test OKE instance

Test POD ( EKQP-TEST ) Authorization

https://ekqp--
test.fa.us6.oraclecloud.com/

Enter CVV
(Cyber Source Flex Microform )

(SaaS)

Need Confirmation from Oracle on Exchange between oracle & payement

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.
 (us-ashburn-1) Oracle Data
Center
PCI certified OCI region
HPP (hosted payment page)
(PAN, Expiry Date, Cardholder • During transaction creation flows in Oracle
New Card – Open iframe Fusion SaaS Applications, users get the options
Oracle (SaaS) First/Last Name, Brand,
to specify a creditcard.
Card Token Statement Billing Address,
• Users can choose a card that was created
(Token, Expiry Date ,Cardholder details) Email ID,CVV) earlier from a list of values. The credit cards
Sample JSON( (iFrame) are tokenized and displayed as masked in the
"Token": "93ec5645c0d6479cb450c72ac5f377aa",
list.
"card": { "cardholderName": "Chase Paytech 1",
• Alternatively, users can choose to specify a
"expirationDate": "0427", "postalCode": "78717",
new credit card which navigates them to
"cardType": "CREDIT_CARD" }
CyberSource’s SecureAcceptance Page.
Prod POD ( EKQP ) • CyberSource stores the specified credit card
https:// "Token": "d982714e93204ba3a5c97944a62cb8a9",
and sends the tokenized card number to Oracle
ekqp.fa.us6.oraclecloud.co "bankAccount": { "accountNumberLastFour": "5432",
FusionPayments. The tokenized number is
m/ "category": "Personal", "country": "US",
stored along with other cardholder data such
"nameOnAccount": "ACH Test Aramark 1",
as expiry date, cardholder name, brand, and
"routingNumber": "051000017","type": "Checking"}
billing address.
)
Tokenization • For credit card authorization, Oracle Fusion
Token stored in Oracle apps Payments passes the tokenized card number to
Test POD ( EKQP-TEST ) CyberSource
https://ekqp-- Authorization • which then returns the authorization response
test.fa.us6.oraclecloud.c Authorization API to Oracle Fusion Payments.
om/
(Token Data, Transaction Data)

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.
 (us-ashburn-1) Oracle Data Center
PCI certified OCI region

• The credit card security code (CVV) is securely passed to

CyberSource for transactions on a saved credit card.
Oracle (SaaS) • In addition to the UI flow described earlier, the
application renders the CyberSource CVV flex-
List of Saved Token
microform field using a JWT token when the user
selects a card (Card on file) from the drop-down list.
• When the user enters the CVV value to make a
Enter CVV payment, a transient CVV token is generated and
CVV Transient token ( Flex Microform ) stored in-memory for the session.
• CyberSource stores the specified credit card and
returns the tokenized card number to Oracle Fusion
Payments. The tokenized card number is stored along
Prod POD ( EKQP ) with other cardholder data such as expiry
https://ekqp.fa.us6.oraclecloud.com/
date,cardholder name, brand, and billing address.
• For credit card authorization, Oracle Fusion Payments
securely passes the tokenized card number and the
Authorization transient CVV token to CyberSource which then returns
the authorization response to Oracle Fusion Payments.
Authorization API • In this manner, the credit card security code (CVV) will
(Token Data, Transaction Data, be securely passed to CyberSource for saved credit card
CVV Transient token) transactions
Test POD ( EKQP-TEST )
https://ekqp--test.fa.us6.oraclecloud.com/

Data Intensity, the Data Intensity logo, and combinations thereof are trademarks of Data Intensity in the United States and/or other jurisdictions. Other names used in this presentation are for identification purposes only and may be trademarks of their respective owners. ©2013 Data Intensity, All rights reserved.