Netcetera Merchant Plug-In (MPI) - Release Notes - Version

Version is a major release of the Netcetera Merchant Plug-In.

For documentation about this release please refer to the documentation site.


This version adds compliance with American Express SafeKey and Diners ProtectBuy.

This version is not fully backwards compatible with previous versions of the Netcetera Merchant Plug-In:

  • There are changes in the MPI API (see upgrade notes below).
  • Session replication between MPI instances with version and MPI instances with lower version is not supported.

Upgrade notes

This release introduces extensions and changes in the MPI API with a focus on supporting external sessions.

IMPORTANT: Along with the changes for the external session support, the element names of the MPI messages were streamlined and inconsistencies were removed in order to align with the conventions used for 3-D Secure protocol messages. I.e.: names of elements with complex type start with an upper case letter, while names of elements with simple type start with a lower case letter. Note: PaRes and PaReq still use an upper case starting letter to match the official term used in the 3-D Secure protocol specification.

Note: Merchant.acqBIN in PaReqCreationRequest was renamed to Merchant.acquirerBin to be consistent with other non-abbreviated element names and the MPI Configuration.

IMPORTANT: Response elements containing 3-D Secure protocol messages are now prefixed with ThreeDSecure and return the full 3-D Secure protocol message (i.e. starting with the root element ThreeDSecure) as opposed to the message element only (e.g. VEReq). The full 3-D Secure protocol message is needed to support the external session feature.

All MPI responses now return all 3-D Secure protocol messages that were created/exchanged to provide full access to the raw 3-D Secure messages. I.e. the PaReqCreationResponse returns ThreeDSecureVEReq, ThreeDSecureVERes and ThreeDSecurePAReq, whereas the PaResValidationResponse returns ThreeDSecurePARes.

The following example for the PaResValidationRequest and PaResValidationResponse serves to illustrate the changes. Please refer to the MPI API schema and the request / response samples for a detailed overview of the changed message structure.


<mpi:PaResValidationRequest xmlns:mpi="">

<mpi:PaResValidationResponse xmlns:mpi="">


<mpi:PaResValidationRequest xmlns:mpi="">

<mpi:PaResValidationResponse xmlns:mpi="">
    <Message id="pa9d4eb548-db62-43b7-8cc8-8731ac202de2">
      <PARes id="123456789">


New Features

  • Compliant with American Express SafeKey.
  • Compliant with Diners ProtectBuy.
  • MPI API:
    • MPI now supports an external session. To use the external session feature proceed as follows:
      1. Disable the MPI internal session by setting sessionEnabled to false in the MPI Configuration Properties.
      2. Pass the session data (stored in the external session) to the MPI in the PaResValidationRequest. All necessary data to store in the external session and pass in PaResValidationRequest is returned in PaReqCreationResponse.
    • Support for ThreeDSecurePAReq in PaReqCreationResponse and ThreeDSecurePARes in PaResValidationResponse.
    • Added new convenience top level element acsUrl in PaReqCreationResponse.
  • MPI Dashboard improvements: The 'Certificates' section was changed to 'Configuration'. It now shows information about all configuration entities (not only the ones with certificates associated).


  • Allows using both certificate and password when contacting a Directory Server. In case of a recoverable error in the ThreeDSecure protocol, MPI will give priority to endpoints configured with certificate authentication, when it retries to contact the Directory Server.