SagePay Magento 2 Extension: Installation & Setup
Looking to revamp your store with a global payment gateway? The Sagepay Magento 2 extension integrates with your Magento 2 store to accept payments from all over the world.
In this tutorial, we will explain how to integrate and use the Sagepay (currently Opayo) Magento 2 extension and its best practices.
Key Takeaways
-
Discover how to install and configure the SagePay Magento 2 Extension using Composer.
-
Learn about the variety of payment methods supported by the Sage Pay payment gateway.
-
Understand the security measures like PCI compliance and encryption to protect payment data.
-
Gain insight into ensuring transaction safety with features such as 3D Secure and AVS/CVC checks.
-
Explore best practices for maintaining a secure and efficient payment system.
Features of SagePay Payment Gateway
Feature Category | Details |
---|---|
Multiple Payment Methods | Accepts various credit and debit cards like Visa, MasterCard, and American Express. It supports alternative payment methods, including PayPal, Apple Pay, and Google Pay. |
Fraud Prevention and Risk Management | Advanced fraud screening tools to reduce fraudulent transactions and chargebacks. It supports 3D secure authentication to verify cardholder identity. |
Flexible Integration Options | Control over the checkout process with background payment processing. Redirects customers to a payment form hosted by SagePay. A combination of direct and form integrations with secure SagePay-hosted payment pages. |
Recurring Payments and Subscription Management | Supports recurring payments and manages automatic billing cycles for subscription-based services. |
Transaction Management | Detailed transaction reporting is available directly from the SagePay account. Magento refunds and void transactions are processed easily through the interface. |
High-Level Security | It is PCI DSS Level 1 compliant, adhering to the highest security standards. Uses encryption methods for securing sensitive information and data protection. |
Customizability and Scalability | Customizable payment pages for brand aesthetics. Scalable to accommodate businesses of all sizes. Capable of handling varying transaction volumes. |
Support and Customer Service | Offers 24/7 customer support for resolving issues. Provides dedicated account management for larger store owners. |
Steps to Install & Configure SagePay Magento 2 Extension
Step 1: Install the SagePay extension via Composer
-
Check if the extension is compatible with Magento 2.
-
Use SSH to connect to your server where Magento 2 is hosted.
-
Change to the directory where Magento is installed, usually located under
/var/www/html/
-
Replace
<package-name>
with the actual package name of the extension:composer require <package-name>
-
After installing the extension, update the database schema. Use the following command in the CLI:
php bin/magento setup:upgrade
-
Clear the Magento cache to ensure that your new extension loads properly:
php bin/magento cache:clean
Step 2: Configure the SagePay Extension
-
Log in to the Magento Admin Panel with your credentials.
-
Navigate to Stores > Settings > Configuration > Sage Pay extension.
-
Expand the SagePay global settings section.
-
Enter details like:
-
Vendor name: Enter the vendor name registered with the business.
-
Test Mode: Select 'Yes' to test the payment method after configuring.
-
Username: Enter the merchant's username.
-
Password: Provide a strong password combination of characters and strings.
-
Enable 3D: Choose among the settings and enable 3D payment on Sage Pay.
-
Apply AVS CVC Check: Choose an option to protect your 3D transactions.
-
-
Expand the SagePay PI integration section and enter the following details:
-
Select 'Yes' to enable the payment gateway.
-
Vault Enabled: Select Yes to save the card for the particular merchant.
-
Title: Enter the title of how the payment option should be displayed on the front end.
-
PI Integration Key: Enter the SagePay integration key from your merchant account.
-
PI Integration Password: Enter the corresponding password from your SagePay merchant account.
-
Enable CVV for Saved Card: Pick Yes to allow cards to ask for the CVV number.
-
Drop-in Interface: Select Yes to enable the interface.
-
Drop-in Display: Select 'Modal UI' to display the payment processing interface as a popup or 'Inline UI' for native Magento display.
-
Payment Action: Choose from the options that fit your store's requirements.
-
-
Scroll down and select your customers' credit card options.
-
Choose Yes to enable CVV verification for your customers.
-
Pick your preferred countries to allow customers to use the Sage Pay method.
-
Enable the Debug option for transactions.
-
Select the order in which the SagePay method should appear from Sort Order.
-
Enter the minimum and maximum order total to use the payment method.
-
View the transaction details from the Order section in the Magento sidebar.
-
You can also view the order and account information from Order View > Information.
-
Test the front-end functionality by making online payments after the checkout page.
Best Practices for Magento 2 Sage Pay Extension
1. SSL Certificates
-
Implement an SSL (Secure Sockets Layer) certificate on your Magento 2 store.
-
SSL encrypts the data transmitted between the customer's browser and your server. It prevents unauthorized access.
-
Obtain an SSL certificate from a trusted Certificate Authority (CA) and ensure it is properly installed and configured.
-
The CA validates the information provided in the Certificate Signing Request (CSR) submitted by the Magento store owner. It is done before issuing the SSL certificate.
-
Use a strong SSL/TLS protocol version (e.g., TLS 1.2 or higher) and disable older protocols.
-
Regularly monitor and renew your SSL certificate before it expires to maintain a secure connection.
2. PCI Compliance
-
Ensure that your Magento 2 store and the payment service provider are PCI DSS compliant.
-
PCI DSS is a set of security standards designed to protect credit card data and prevent fraud.
-
Implement strong passwords, regularly update software, and restrict access to sensitive data.
-
Conduct regular PCI compliance scans and promptly address any vulnerabilities or non-compliant issues.
3. Data Encryption
-
Use strong encryption methods to protect sensitive customer information. It includes credit card numbers and personal details.
-
Implement encryption both in transit (when data is being transmitted) and at rest (when data is stored).
-
Use industry-standard encryption algorithms. Advanced Encryption Standard, or AES-256, is an industry-standard symmetric encryption algorithm that is considered highly secure.
-
AES has a minimum key length of 128 bits. It uses a 256-bit key to encrypt and decrypt data.
-
Store only the necessary customer data and securely delete any data that is no longer needed.
-
Regularly review and update your encryption methods to ensure they remain robust and secure.
4. Secure Payment Form
-
Use SagePay's hosted payment pages or iFrames to collect sensitive payment information.
-
By using hosted payment pages, the customer's payment details are entered on SagePay's secure servers. It reduces the risk of data breaches on your end.
-
Ensure that the payment form is served over HTTPS to encrypt the data. It is transmitted between the customer's browser and SagePay's servers.
-
Install proper validation techniques on the payment form to prevent web-based attacks.
5. Access Control and Monitoring
-
Implement strict access controls to limit who can access sensitive customer data.
-
Use strong, unique passwords and enable two-factor authentication (2FA) for admin accounts.
-
Regularly monitor and audit access logs to detect any suspicious activities.
-
Use an intrusion detection system (IDS) or intrusion prevention system (IPS). It is to monitor and respond to potential security threats.
6. Regular Updates and Patches
-
Make sure your store and the SagePay extension support the latest Magento security patches and updates.
-
Regularly check for and install any available security patches released by Magento and SagePay.
-
Subscribe to security bulletins and notifications from Magento and SagePay. It is to stay informed about any vulnerabilities or security issues.
7. Segment and Analyze Data
-
Use the segmentation features provided by the extension to analyze data. It can be based on different criteria, such as customer groups, product categories, or payment methods.
-
Identify high-performing segments and focus your efforts on optimizing and targeting those segments.
-
Analyze the behavior and preferences of different customer segments. Use it to tailor your marketing strategies and improve customer experience.
8. Use Visual Representations
-
Leverage the charts and graphs provided by the SagePay extension to gain a quick understanding of your store.
-
Use visual aids to communicate insights and trends to stakeholders and team members effectively.
-
Customize the visual representations to focus on the metrics and data points that are most relevant to your business goals.
FAQs
1. What is the SagePay Magento 2 Extension, and how does it integrate?
The SagePay Magento 2 Extension is now branded as the Opayo integration extension. It connects Magento stores to accept global payments securely, leveraging trusted payment brands.
2. How do I install the Sage Pay Magento 2 extension for my store?
Install the Sage Pay integration extension via Composer. Connect to your Magento server via SSH and navigate to your Magento directory. Run composer require
3. What payment methods does the Sage Pay payment gateway for Magento 2 support?
The Sage Pay payment gateway module supports payment methods like Visa, MasterCard, PayPal, Apple Pay, and Google Pay. It enables merchants to accept payments widely.
4. How can I ensure payment security using Sage Pay for Magento 2 extension?
The Sage Pay payment provider ensures payment security by complying with PCI DSS Level 1. It also uses encryption for payment data and provides secure features. It includes 3D Secure and AVS/CVC checks via the Sage Pay server.
5. What are some best practices for using Magento 2 Sage Pay integration?
Applying an SSL certificate, maintaining PCI compliance, and secure payment processing. Regular updates and collaboration with the extension team are also important.
Summary
The SagePay Magento 2 extension offers flexible payment gateways and advanced security features for stores. In this tutorial, we explained how to install and configure SagePay for Magento 2 and its best practices. Here is a short recap:
-
Integrate a variety of payment options, including Visa, MasterCard, PayPal, Apple Pay, and Google Pay.
-
Use the extension's fraud prevention tools, 3D Secure authentication, and PCI DSS Level 1 compliance.
-
Choose between direct server integration or redirecting customers to SagePay's hosted payment forms.
-
Install the extension via Composer, update your database schema, and configure the settings in the Magento Admin Panel.
-
Secure your payment data with SSL certification, maintain PCI compliance, and update your system.
Choose managed Magento hosting for smooth Sagepay transactions and rapid scalability features.