activemerchant 1.62.0 → 1.79.2

data/lib/active_merchant/billing/gateways/payu_latam.rb

@@ -29,7 +29,7 @@ module ActiveMerchant #:nodoc:
       }
 
       def initialize(options={})
-        requires!(options, :merchant_id, :account_id, :api_login, :api_key)
+        requires!(options, :merchant_id, :account_id, :api_login, :api_key, :payment_country)
         super
       end
 
@@ -45,11 +45,11 @@ module ActiveMerchant #:nodoc:
         commit('auth', post)
       end
 
-      def capture(authorization, options={})
+      def capture(amount, authorization, options={})
         post = {}
 
-        add_credentials(post, 'SUBMIT_TRANSACTION')
-        add_transaction_type(post, 'CAPTURE')
+        add_credentials(post, 'SUBMIT_TRANSACTION', options)
+        add_transaction_elements(post, 'CAPTURE', options)
         add_reference(post, authorization)
 
         commit('capture', post)
@@ -58,18 +58,18 @@ module ActiveMerchant #:nodoc:
       def void(authorization, options={})
         post = {}
 
-        add_credentials(post, 'SUBMIT_TRANSACTION')
-        add_transaction_type(post, 'VOID')
+        add_credentials(post, 'SUBMIT_TRANSACTION', options)
+        add_transaction_elements(post, 'VOID', options)
         add_reference(post, authorization)
 
         commit('void', post)
       end
 
-      def refund(authorization, options={})
+      def refund(amount, authorization, options={})
         post = {}
 
-        add_credentials(post, 'SUBMIT_TRANSACTION')
-        add_transaction_type(post, 'REFUND')
+        add_credentials(post, 'SUBMIT_TRANSACTION', options)
+        add_transaction_elements(post, 'REFUND', options)
         add_reference(post, authorization)
 
         commit('refund', post)
@@ -77,7 +77,7 @@ module ActiveMerchant #:nodoc:
 
       def verify(credit_card, options={})
         minimum = MINIMUMS[options[:currency].upcase] if options[:currency]
-        amount = minimum || 100
+        amount = options[:verify_amount] || minimum || 100
 
         MultiResponse.run(:use_first_response) do |r|
           r.process { authorize(amount, credit_card, options) }
@@ -115,20 +115,20 @@ module ActiveMerchant #:nodoc:
       private
 
       def auth_or_sale(post, transaction_type, amount, payment_method, options)
-        add_credentials(post, 'SUBMIT_TRANSACTION')
-        add_transaction_type(post, transaction_type)
+        add_credentials(post, 'SUBMIT_TRANSACTION', options)
+        add_transaction_elements(post, transaction_type, options)
         add_order(post, options)
-        add_buyer(post, options)
+        add_buyer(post, payment_method, options)
         add_invoice(post, amount, options)
         add_signature(post)
         add_payment_method(post, payment_method, options)
-        add_payer(post, options)
+        add_payer(post, payment_method, options)
         add_extra_parameters(post, options)
       end
 
-      def add_credentials(post, command)
+      def add_credentials(post, command, options={})
         post[:test] = test? unless command == 'CREATE_TOKEN'
-        post[:language] = 'en'
+        post[:language] = options[:language] || 'en'
         post[:command] = command
         merchant = {}
         merchant[:apiLogin] = @options[:api_login]
@@ -136,36 +136,87 @@ module ActiveMerchant #:nodoc:
         post[:merchant] = merchant
       end
 
-      def add_transaction_type(post, type)
+      def add_transaction_elements(post, type, options)
         transaction = {}
+        transaction[:paymentCountry] = @options[:payment_country]
         transaction[:type] = type
+        transaction[:ipAddress] = options[:ip] || ''
+        transaction[:userAgent] = options[:user_agent] if options[:user_agent]
+        transaction[:cookie] = options[:cookie] if options[:cookie]
+        transaction[:deviceSessionId] = options[:device_session_id] if options[:device_session_id]
         post[:transaction] = transaction
       end
 
       def add_order(post, options)
         order = {}
         order[:accountId] = @options[:account_id]
+        order[:partnerId] = options[:partner_id] if options[:partner_id]
         order[:referenceCode] = options[:order_id] || generate_unique_id
-        order[:description] = options[:description] || 'unspecified'
-        order[:language] = 'en'
+        order[:description] = options[:description] || 'Compra en ' + @options[:merchant_id]
+        order[:language] = options[:language] || 'en'
+        order[:shippingAddress] = shipping_address_fields(options) if options[:shipping_address]
         post[:transaction][:order] = order
       end
 
-      def add_buyer(post, options)
-        if address = options[:shipping_address]
-          buyer = {}
-          buyer[:fullName] = address[:name]
-          shipping_address = {}
-          shipping_address[:street1] = address[:address1]
-          shipping_address[:street2] = address[:address2]
-          shipping_address[:city] = address[:city]
-          shipping_address[:state] = address[:state]
-          shipping_address[:country] = address[:country]
-          shipping_address[:postalCode] = address[:zip]
-          shipping_address[:phone] = address[:phone]
-          buyer[:shippingAddress] = shipping_address
-          post[:transaction][:order][:buyer] = buyer
+      def add_payer(post, payment_method, options)
+        address = options[:billing_address]
+        payer = {}
+        payer[:fullName] = payment_method.name.strip
+        payer[:contactPhone] = address[:phone] if (address && address[:phone])
+        payer[:dniNumber] = options[:dni_number] if options[:dni_number]
+        payer[:dniType] = options[:dni_type] if options[:dni_type]
+        payer[:emailAddress] = options[:email] if options[:email]
+        payer[:birthdate] = options[:birth_date] if options[:birth_date] && @options[:payment_country] == 'MX'
+        payer[:billingAddress] = billing_address_fields(options)
+        post[:transaction][:payer] = payer
+      end
+
+      def billing_address_fields(options)
+        return unless address = options[:billing_address]
+        billing_address = {}
+        billing_address[:street1] = address[:address1]
+        billing_address[:street2] = address[:address2]
+        billing_address[:city] = address[:city]
+        billing_address[:state] = address[:state]
+        billing_address[:country] = address[:country]
+        billing_address[:postalCode] = address[:zip] if @options[:payment_country] == 'MX'
+        billing_address[:phone] = address[:phone]
+        billing_address
+      end
+
+      def add_buyer(post, payment_method, options)
+        buyer = {}
+        if buyer_hash = options[:buyer]
+          buyer[:fullName] = buyer_hash[:name]
+          buyer[:dniNumber] = buyer_hash[:dni_number]
+          buyer[:dniType] = buyer_hash[:dni_type]
+          buyer[:cnpj] = buyer_hash[:cnpj] if @options[:payment_country] == 'BR'
+          buyer[:emailAddress] = buyer_hash[:email]
+          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone] if options[:shipping_address]) || ''
+          buyer[:shippingAddress] = shipping_address_fields(options) if options[:shipping_address]
+        else
+          buyer[:fullName] = payment_method.name.strip
+          buyer[:dniNumber] = options[:dni_number]
+          buyer[:dniType] = options[:dni_type]
+          buyer[:cnpj] = options[:cnpj] if @options[:payment_country] == 'BR'
+          buyer[:emailAddress] = options[:email]
+          buyer[:contactPhone] = (options[:billing_address][:phone] if options[:billing_address]) || (options[:shipping_address][:phone] if options[:shipping_address]) || ''
+          buyer[:shippingAddress] = shipping_address_fields(options) if options[:shipping_address]
         end
+        post[:transaction][:order][:buyer] = buyer
+      end
+
+      def shipping_address_fields(options)
+        return unless address = options[:shipping_address]
+        shipping_address = {}
+        shipping_address[:street1] = address[:address1]
+        shipping_address[:street2] = address[:address2]
+        shipping_address[:city] = address[:city]
+        shipping_address[:state] = address[:state]
+        shipping_address[:country] = address[:country]
+        shipping_address[:postalCode] = address[:zip]
+        shipping_address[:phone] = address[:phone]
+        shipping_address
       end
 
       def add_invoice(post, money, options)
@@ -173,8 +224,18 @@ module ActiveMerchant #:nodoc:
         tx_value[:value] = amount(money)
         tx_value[:currency] = options[:currency] || currency(money)
 
+        tx_tax = {}
+        tx_tax[:value] = options[:tax] || '0'
+        tx_tax[:currency] = options[:currency] || currency(money)
+
+        tx_tax_return_base = {}
+        tx_tax_return_base[:value] = options[:tax_return_base] || '0'
+        tx_tax_return_base[:currency] = options[:currency] || currency(money)
+
         additional_values = {}
         additional_values[:TX_VALUE] = tx_value
+        additional_values[:TX_TAX] = tx_tax if @options[:payment_country] == 'CO'
+        additional_values[:TX_TAX_RETURN_BASE] = tx_tax_return_base if @options[:payment_country] == 'CO'
 
         post[:transaction][:order][:additionalValues] = additional_values
       end
@@ -207,7 +268,7 @@ module ActiveMerchant #:nodoc:
         else
           credit_card = {}
           credit_card[:number] = payment_method.number
-          credit_card[:securityCode] = add_security_code(payment_method, options)
+          credit_card[:securityCode] = payment_method.verification_value || options[:cvv]
           credit_card[:expirationDate] = format(payment_method.year, :four_digits).to_s + '/' + format(payment_method.month, :two_digits).to_s
           credit_card[:name] = payment_method.name.strip
           credit_card[:processWithoutCvv2] = true if add_process_without_cvv2(payment_method, options)
@@ -216,37 +277,11 @@ module ActiveMerchant #:nodoc:
         end
       end
 
-      def add_security_code(payment_method, options)
-        return payment_method.verification_value unless payment_method.verification_value.blank?
-        return options[:cvv] unless options[:cvv].blank?
-        return "0000" if BRAND_MAP[payment_method.brand.to_s] == "AMEX"
-        "000"
-      end
-
       def add_process_without_cvv2(payment_method, options)
         return true if payment_method.verification_value.blank? && options[:cvv].blank?
         false
       end
 
-      def add_payer(post, options)
-        if address = options[:billing_address]
-          payer = {}
-          post[:transaction][:paymentCountry] = address[:country]
-          payer[:fullName] = address[:name]
-          payer[:contactPhone] = address[:phone]
-          billing_address = {}
-          billing_address[:street1] = address[:address1]
-          billing_address[:street2] = address[:address2]
-          billing_address[:city] = address[:city]
-          billing_address[:state] = address[:state]
-          billing_address[:country] = address[:country]
-          billing_address[:postalCode] = address[:zip]
-          billing_address[:phone] = address[:phone]
-          payer[:billingAddress] = billing_address
-          post[:transaction][:payer] = payer
-        end
-      end
-
       def add_extra_parameters(post, options)
         extra_parameters = {}
         extra_parameters[:INSTALLMENTS_NUMBER] = options[:installments_number] || 1
@@ -304,6 +339,7 @@ module ActiveMerchant #:nodoc:
       end
 
       def post_data(params)
+        params.merge(test: test?)
         params.to_json
       end
 
@@ -321,6 +357,8 @@ module ActiveMerchant #:nodoc:
           response["code"] == "SUCCESS" && response["creditCardToken"] && response["creditCardToken"]["creditCardTokenId"].present?
         when 'verify_credentials'
           response["code"] == "SUCCESS"
+        when 'refund', 'void'
+        response["code"] == "SUCCESS" && response["transactionResponse"] && (response["transactionResponse"]["state"] == "PENDING" || response["transactionResponse"]["state"] == "APPROVED")
         else
           response["code"] == "SUCCESS" && response["transactionResponse"] && (response["transactionResponse"]["state"] == "APPROVED")
         end
@@ -336,8 +374,10 @@ module ActiveMerchant #:nodoc:
           return "VERIFIED" if success
           "FAILED"
         else
-          response_message = response["transactionResponse"]["responseMessage"] if response["transactionResponse"]
-          response_code = response["transactionResponse"]["responseCode"] if response["transactionResponse"]
+          if response["transactionResponse"]
+            response_message = response["transactionResponse"]["responseMessage"]
+            response_code = response["transactionResponse"]["responseCode"] || response["transactionResponse"]["pendingReason"]
+          end
           return response_code if success
           response["error"] || response_message || response_code || "FAILED"
         end

data/lib/active_merchant/billing/gateways/pin.rb

@@ -29,6 +29,7 @@ module ActiveMerchant #:nodoc:
         add_creditcard(post, creditcard)
         add_address(post, creditcard, options)
         add_capture(post, options)
+        add_metadata(post, options)
 
         commit(:post, 'charges', post, options)
       end
@@ -141,6 +142,10 @@ module ActiveMerchant #:nodoc:
         end
       end
 
+      def add_metadata(post, options)
+        post[:metadata] = options[:metadata] if options[:metadata]
+      end
+
       def headers(params = {})
         result = {
           "Content-Type" => "application/json",

data/lib/active_merchant/billing/gateways/pro_pay.rb

@@ -0,0 +1,326 @@
+require 'nokogiri'
+
+module ActiveMerchant #:nodoc:
+  module Billing #:nodoc:
+    class ProPayGateway < Gateway
+      self.test_url = 'https://xmltest.propay.com/API/PropayAPI.aspx'
+      self.live_url = 'https://epay.propay.com/api/propayapi.aspx'
+
+      self.supported_countries = ['US', 'CA']
+      self.default_currency = 'USD'
+      self.money_format = :cents
+      self.supported_cardtypes = [:visa, :master, :american_express, :discover]
+
+      self.homepage_url = 'https://www.propay.com/'
+      self.display_name = 'ProPay'
+
+      STATUS_RESPONSE_CODES = {
+        "00" => "Success",
+        "20" => "Invalid username",
+        "21" => "Invalid transType",
+        "22" => "Invalid Currency Code",
+        "23" => "Invalid accountType",
+        "24" => "Invalid sourceEmail",
+        "25" => "Invalid firstName",
+        "26" => "Invalid mInitial",
+        "27" => "Invalid lastName",
+        "28" => "Invalid billAddr",
+        "29" => "Invalid aptNum",
+        "30" => "Invalid city",
+        "31" => "Invalid state",
+        "32" => "Invalid billZip",
+        "33" => "Invalid mailAddr",
+        "34" => "Invalid mailApt",
+        "35" => "Invalid mailCity",
+        "36" => "Invalid mailState",
+        "37" => "Invalid mailZip",
+        "38" => "Invalid dayPhone",
+        "39" => "Invalid evenPhone",
+        "40" => "Invalid ssn",
+        "41" => "Invalid dob",
+        "42" => "Invalid recEmail",
+        "43" => "Invalid knownAccount",
+        "44" => "Invalid amount",
+        "45" => "Invalid invNum",
+        "46" => "Invalid rtNum",
+        "47" => "Invalid accntNum",
+        "48" => "Invalid ccNum",
+        "49" => "Invalid expDate",
+        "50" => "Invalid cvv2",
+        "51" => "Invalid transNum and/or Unable to act perform actions on transNum due to funding",
+        "52" => "Invalid splitNum",
+        "53" => "A ProPay account with this email address already exists AND/OR User has no account number",
+        "54" => "A ProPay account with this social security number already exists",
+        "55" => "The email address provided does not correspond to a ProPay account.",
+        "56" => "Recipient’s email address shouldn’t have a ProPay account and does",
+        "57" => "Cannot settle transaction because it already expired",
+        "58" => "Credit card declined",
+        "59" => "Invalid Credential or IP address not allowed",
+        "60" => "Credit card authorization timed out; retry at a later time",
+        "61" => "Amount exceeds single transaction limit",
+        "62" => "Amount exceeds monthly volume limit",
+        "63" => "Insufficient funds in account",
+        "64" => "Over credit card use limit",
+        "65" => "Miscellaneous error",
+        "66" => "Denied a ProPay account",
+        "67" => "Unauthorized service requested",
+        "68" => "Account not affiliated",
+        "69" => "Duplicate invoice number (The same card was charged for the same amount with the same invoice number (including blank invoices) in a 1 minute period. Details about the original transaction are included whenever a 69 response is returned. These details include a repeat of the auth code, the original AVS response, and the original CVV response.)",
+        "70" => "Duplicate external ID",
+        "71" => "Account previously set up, but problem affiliating it with partner",
+        "72" => "The ProPay Account has already been upgraded to a Premium Account",
+        "73" => "Invalid Destination Account",
+        "74" => "Account or Trans Error",
+        "75" => "Money already pulled",
+        "76" => "Not Premium (used only for push/pull transactions)",
+        "77" => "Empty results",
+        "78" => "Invalid Authentication",
+        "79" => "Generic account status error",
+        "80" => "Invalid Password",
+        "81" => "Account Expired",
+        "82" => "InvalidUserID",
+        "83" => "BatchTransCountError",
+        "84" => "InvalidBeginDate",
+        "85" => "InvalidEndDate",
+        "86" => "InvalidExternalID",
+        "87" => "DuplicateUserID",
+        "88" => "Invalid track 1",
+        "89" => "Invalid track 2",
+        "90" => "Transaction already refunded",
+        "91" => "Duplicate Batch ID"
+      }
+
+      TRANSACTION_RESPONSE_CODES = {
+        "00" => "Success",
+        "1" => "Transaction blocked by issuer",
+        "4" => "Pick up card and deny transaction",
+        "5" => "Problem with the account",
+        "6" => "Customer requested stop to recurring payment",
+        "7" => "Customer requested stop to all recurring payments",
+        "8" => "Honor with ID only",
+        "9" => "Unpaid items on customer account",
+        "12" => "Invalid transaction",
+        "13" => "Amount Error",
+        "14" => "Invalid card number",
+        "15" => "No such issuer. Could not route transaction",
+        "16" => "Refund error",
+        "17" => "Over limit",
+        "19" => "Reenter transaction or the merchant account may be boarded incorrectly",
+        "25" => "Invalid terminal 41 Lost card",
+        "43" => "Stolen card",
+        "51" => "Insufficient funds",
+        "52" => "No such account",
+        "54" => "Expired card",
+        "55" => "Incorrect PIN",
+        "57" => "Bank does not allow this type of purchase",
+        "58" => "Credit card network does not allow this type of purchase for your merchant account.",
+        "61" => "Exceeds issuer withdrawal limit",
+        "62" => "Issuer does not allow this card to be charged for your business.",
+        "63" => "Security Violation",
+        "65" => "Activity limit exceeded",
+        "75" => "PIN tries exceeded",
+        "76" => "Unable to locate account",
+        "78" => "Account not recognized",
+        "80" => "Invalid Date",
+        "82" => "Invalid CVV2",
+        "83" => "Cannot verify the PIN",
+        "85" => "Service not supported for this card",
+        "93" => "Cannot complete transaction. Customer should call 800 number.",
+        "95" => "Misc Error Transaction failure",
+        "96" => "Issuer system malfunction or timeout.",
+        "97" => "Approved for a lesser amount. ProPay will not settle and consider this a decline.",
+        "98" => "Failure HV",
+        "99" => "Generic decline or unable to parse issuer response code"
+      }
+
+      def initialize(options={})
+        requires!(options, :cert_str)
+        super
+      end
+
+      def purchase(money, payment, options={})
+        request = build_xml_request do |xml|
+          add_invoice(xml, money, options)
+          add_payment(xml, payment, options)
+          add_address(xml, options)
+          add_account(xml, options)
+          add_recurring(xml, options)
+          xml.transType "04"
+        end
+
+        commit(request)
+      end
+
+      def authorize(money, payment, options={})
+        request = build_xml_request do |xml|
+          add_invoice(xml, money, options)
+          add_payment(xml, payment, options)
+          add_address(xml, options)
+          add_account(xml, options)
+          add_recurring(xml, options)
+          xml.transType "05"
+        end
+
+        commit(request)
+      end
+
+      def capture(money, authorization, options={})
+        request = build_xml_request do |xml|
+          add_invoice(xml, money, options)
+          add_account(xml, options)
+          xml.transNum authorization
+          xml.transType "06"
+        end
+
+        commit(request)
+      end
+
+      def refund(money, authorization, options={})
+        request = build_xml_request do |xml|
+          add_invoice(xml, money, options)
+          add_account(xml, options)
+          xml.transNum authorization
+          xml.transType "07"
+        end
+
+        commit(request)
+      end
+
+      def void(authorization, options={})
+        refund(nil, authorization, options)
+      end
+
+      def credit(money, payment, options={})
+        request = build_xml_request do |xml|
+          add_invoice(xml, money, options)
+          add_payment(xml, payment, options)
+          add_account(xml, options)
+          xml.transType "35"
+        end
+
+        commit(request)
+      end
+
+      def verify(credit_card, options={})
+        MultiResponse.run(:use_first_response) do |r|
+          r.process { authorize(100, credit_card, options) }
+          r.process(:ignore_result) { void(r.authorization, options) }
+        end
+      end
+
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<certStr>).+(</certStr>)), '\1[FILTERED]\2').
+          gsub(%r((<ccNum>).+(</ccNum>)), '\1[FILTERED]\2').
+          gsub(%r((<CVV2>).+(</CVV2>)), '\1[FILTERED]\2')
+      end
+
+      private
+
+      def add_payment(xml, payment, options)
+        xml.ccNum payment.number
+        xml.expDate "#{format(payment.month, :two_digits)}#{format(payment.year, :two_digits)}"
+        xml.CVV2 payment.verification_value
+        xml.cardholderName payment.name
+      end
+
+      def add_address(xml, options)
+        if address = options[:billing_address] || options[:address]
+          xml.addr address[:address1]
+          xml.aptNum address[:address2]
+          xml.city address[:city]
+          xml.state address[:state]
+          xml.zip address[:zip]
+        end
+      end
+
+      def add_account(xml, options)
+        xml.accountNum options[:account_num]
+      end
+
+      def add_invoice(xml, money, options)
+        xml.amount amount(money)
+        xml.currencyCode options[:currency] || currency(money)
+        xml.invNum options[:order_id] || SecureRandom.hex(25)
+      end
+
+      def add_recurring(xml, options)
+        xml.recurringPayment options[:recurring_payment]
+      end
+
+      def parse(body)
+        results  = {}
+        xml = Nokogiri::XML(body)
+        resp = xml.xpath("//XMLResponse/XMLTrans")
+        resp.children.each do |element|
+          results[element.name.underscore.downcase.to_sym] = element.text
+        end
+        results
+      end
+
+      def commit(parameters)
+        url = (test? ? test_url : live_url)
+        response = parse(ssl_post(url, parameters))
+
+        Response.new(
+          success_from(response),
+          message_from(response),
+          response,
+          authorization: authorization_from(response),
+          avs_result: AVSResult.new(code: response[:avs]),
+          cvv_result: CVVResult.new(response[:cvv2_resp]),
+          test: test?,
+          error_code: error_code_from(response)
+        )
+      end
+
+      def success_from(response)
+        response[:status] == "00"
+      end
+
+      def message_from(response)
+        return "Success" if success_from(response)
+        message = STATUS_RESPONSE_CODES[response[:status]]
+        message += " - #{TRANSACTION_RESPONSE_CODES[response[:response_code]]}" if response[:response_code]
+
+        message
+      end
+
+      def authorization_from(response)
+        response[:trans_num]
+      end
+
+      def error_code_from(response)
+        unless success_from(response)
+          response[:status]
+        end
+      end
+
+      def build_xml_request
+        builder = Nokogiri::XML::Builder.new do |xml|
+          xml.XMLRequest do
+            xml.certStr @options[:cert_str]
+            xml.class_ "partner"
+            xml.XMLTrans do
+              yield(xml)
+            end
+          end
+        end
+
+        builder.to_xml
+      end
+    end
+
+    def underscore(camel_cased_word)
+      camel_cased_word.to_s.gsub(/::/, '/').
+        gsub(/([A-Z]+)([A-Z][a-z])/,'\1_\2').
+        gsub(/([a-z\d])([A-Z])/,'\1_\2').
+        tr("-", "_").
+        downcase
+    end
+  end
+end

data/lib/active_merchant/billing/gateways/psigate.rb

@@ -35,7 +35,7 @@ module ActiveMerchant #:nodoc:
     #   :email => 'jack@yahoo.com'
     # )
     class PsigateGateway < Gateway
-      self.test_url  = 'https://dev.psigate.com:7989/Messenger/XMLMessenger'
+      self.test_url  = 'https://staging.psigate.com:17989/Messenger/XMLMessenger'
       self.live_url  = 'https://secure.psigate.com:17934/Messenger/XMLMessenger'
 
       self.supported_cardtypes = [:visa, :master, :american_express]
@@ -86,6 +86,17 @@ module ActiveMerchant #:nodoc:
         commit(nil, nil, options)
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<Passphrase>)[^<]*(</Passphrase>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardNumber>)[^<]*(</CardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardIDNumber>)[^<]*(</CardIDNumber>))i, '\1[FILTERED]\2')
+      end
+
       private
 
       def commit(money, creditcard, options = {})

data/lib/active_merchant/billing/gateways/qbms.rb

@@ -113,6 +113,17 @@ module ActiveMerchant #:nodoc:
         commit(:query, nil, {})
       end
 
+      def supports_scrubbing?
+        true
+      end
+
+      def scrub(transcript)
+        transcript.
+          gsub(%r((<ConnectionTicket>)[^<]*(</ConnectionTicket>))i, '\1[FILTERED]\2').
+          gsub(%r((<CreditCardNumber>)[^<]*(</CreditCardNumber>))i, '\1[FILTERED]\2').
+          gsub(%r((<CardSecurityCode>)[^<]*(</CardSecurityCode>))i, '\1[FILTERED]\2')
+      end
+
       private
 
       def hosted?