Verify

Request to verify the cardholder's account before processing the financial transaction. The card is verified using the verification method supported by the acquirer and the data provided in the request.

PUT https://na.gateway.mastercard.com/api/rest/version/53 / merchant / {merchantId} / order / {orderid} / transaction / {transactionid}

Authentication Copied to clipboard

This operation requires authentication via one of the following methods:


  • Certificate authentication.
  • Basic HTTP authentication as described at w3.org. Provide 'merchant.<your gateway merchant ID>' in the userid portion and your Reporting API password in the password portion.

Request Copied to clipboard

URL Parameters Copied to clipboard

{merchantId} Copied to clipboard Alphanumeric + additional characters REQUIRED

The unique identifier issued to you by your payment provider.


Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40
{orderid} Copied to clipboard String REQUIRED

A unique identifier for this order to distinguish it from any other order you create.


Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order created by your merchant profile.


Data can consist of any characters

Min length: 1 Max length: 40
{transactionid} Copied to clipboard String REQUIRED

Unique identifier for this transaction to distinguish it from any other transaction on the order.


An order can have transactions representing:

  • Movement of money. For example, payments and refunds.
  • Validations. For example, account verification or 3-D Secure authentication of the payer.
  • Undoing other transactions. For example, voiding a payment transaction.
  • Chargebacks.
  • Fees from your payment service provider.
Each transaction on the order must have a unique id that identifies that transaction. Some transactions also hold the transaction identifier of other transactions on the order. For example a void payment transaction references the original payment transaction that is being voided.

If you attempt an operation and it fails (eg you try to PAY on a card with no funds), then you need a new id for each retry.


Data can consist of any characters

Min length: 1 Max length: 40

Fields Copied to clipboard

agreement Copied to clipboard

A series of related orders that execute one commercial agreement.

For example, linking the orders for a series of recurring payments (a mobile phone subscription), split tenders (one payment using two cards), or when the merchant offers to take payments by a series of installments (hire purchase).

You must provide this data for some types of payments (such as recurring), but you can provide it for any cases where you want to link orders together.

agreement.id Copied to clipboard String REQUIRED

Your identifier for the agreement you have with the payer to process payments.

When you collect cards from your payers and store them for later use, you must provide an agreement ID when you use the stored values for:

  • Recurring payments: you have an agreement with the payer that authorizes you to automatically debit their account at agreed intervals for fixed or variable amounts. For example, gym membership, phone bills, or magazine subscriptions.
  • Installment payments: you have an agreement with the payer that authorizes you to process multiple payments over an agreed period of time for a single purchase. For example, the payer purchases an item for $1000 and pays for it in four monthly installments.
  • Unscheduled: you have an agreement with the payer that authorizes you to process future payments when required. For example, the payer authorizes you to process an account top-up transaction for a transit card when the account balance drops below a certain threshold.

Data can consist of any characters

Min length: 1 Max length: 100
apiOperation Copied to clipboard String = VERIFY FIXED

Any sequence of zero or more unicode characters.

billing Copied to clipboard

Information on the billing address including the contact details of the payer.

billing.address Copied to clipboard

The payer's billing address.

This data may be used to qualify for better interchange rates on corporate purchase card transactions.

billing.address.city Copied to clipboard String

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.company Copied to clipboard String

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.country Copied to clipboard Upper case alphabetic text

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
billing.address.postcodeZip Copied to clipboard Alphanumeric + additional characters

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
billing.address.stateProvince Copied to clipboard String

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
billing.address.stateProvinceCode Copied to clipboard String

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
billing.address.street Copied to clipboard String

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.street2 Copied to clipboard String

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
correlationId Copied to clipboard String

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
customer Copied to clipboard

Information about the customer, including their contact details.

customer.email Copied to clipboard Email

The email address of the customer.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

customer.firstName Copied to clipboard String

The payer's first name.

Data can consist of any characters

Min length: 1 Max length: 50
customer.lastName Copied to clipboard String

The payer's last or surname.

Data can consist of any characters

Min length: 1 Max length: 50
customer.mobilePhone Copied to clipboard Telephone Number

The payer's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • ‘+’
  • country code (1, 2 or 3 digits)
  • ‘space’
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
customer.phone Copied to clipboard Telephone Number

The payer's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • ‘+’
  • country code (1, 2 or 3 digits)
  • ‘space’
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
customer.taxRegistrationId Copied to clipboard String

The tax registration identifier of the customer.

Data can consist of any characters

Min length: 1 Max length: 30
device Copied to clipboard

Information about the device used by the payer for this transaction.

device.ani Copied to clipboard String

The telephone number captured by ANI (Automatic Number Identification) when the customer calls to place the order.

Data can consist of any characters

Min length: 1 Max length: 10
device.aniCallType Copied to clipboard String

The 2 digit ANI information identifier provided by the telephone company to indicate the call type, for example, cellular (61-63), toll free (24,25), etc.

Data can consist of any characters

Min length: 1 Max length: 2
device.browser Copied to clipboard String

The User-Agent header of the browser the customer used to place the order.

For example, MOZILLA/4.0 (COMPATIBLE; MSIE 5.0; WINDOWS 95)

Data can consist of any characters

Min length: 1 Max length: 255
device.fingerprint Copied to clipboard String

Information collected about a remote computing device for the purpose of providing a unique identifier for the device.

For example, session ID, blackbox ID.

Data can consist of any characters

Min length: 1 Max length: 4000
device.hostname Copied to clipboard String

The name of the server to which the customer is connected.

Data can consist of any characters

Min length: 1 Max length: 60
device.ipAddress Copied to clipboard String

The IP address of the device used by the payer, in nnn.nnn.nnn.nnn format.

Data can consist of any characters

Min length: 7 Max length: 15
order Copied to clipboard REQUIRED

Information about the order associated with this transaction.

order.amount Copied to clipboard Decimal

The total amount for the order. This is the net amount plus any surcharge.

If you provide any sub-total amounts, then the sum of these amounts (order.itemAmount, order.taxAmount, order.shippingAndHandlingAmount, order.cashbackAmount, order.gratuityAmount), minus the order.discountAmount must equal the net amount.

The value of this field in the response is zero if payer funds are not transferred.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.currency Copied to clipboard Upper case alphabetic text REQUIRED

The currency of the order expressed as an ISO 4217 alpha code, e.g. USD.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.custom Copied to clipboard String

Information about this order that is of interest to you.

For example order.custom.X, where 'X' is defined by you and must be less than 100 characters from the set A-Z, a-z, 0-9. For example, order.custom.salesRegion. You can specify up to 50 such fields. They are not sent to acquirers.

Data can consist of any characters

Min length: 1 Max length: 250
order.customerNote Copied to clipboard String

A note from the payer about this order.

Data can consist of any characters

Min length: 1 Max length: 250
order.customerOrderDate Copied to clipboard Date

The date the payer placed the order.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd.

order.customerReference Copied to clipboard ASCII Text

The payer's own reference for the order.

This reference may assist the payer to identify the order in their system. For example, a purchase order number, project identifier, or cost center.

Data consists of ASCII characters

Min length: 0 Max length: 25
order.description Copied to clipboard String

Short textual description of the contents of the order for display to the payer on the payment provider's website.

Data can consist of any characters

Min length: 1 Max length: 127
order.discount Copied to clipboard

Information about a price reduction you have applied to the order.

For example, you may apply discounts for trade, employees, bulk purchase, or a sales promotion.

order.discount.amount Copied to clipboard Decimal

The total amount of the discount you have applied to the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.discount.code Copied to clipboard String

The code you use to identify the reason for the discount.

Data can consist of any characters

Min length: 1 Max length: 40
order.discount.description Copied to clipboard String

A description of your reason for the discount.

Data can consist of any characters

Min length: 1 Max length: 127
order.invoiceNumber Copied to clipboard String

The invoice number you issued for this order.

Data can consist of any characters

Min length: 1 Max length: 25
order.localTaxRegistrationId Copied to clipboard String

Your tax registration identifier provided by the Local/State/Province tax authority.

If you are a Canadian merchant, use this field to provide your Tax Registration ID for paying Provincial Sales Tax (PST).

Data can consist of any characters

Min length: 1 Max length: 25
order.merchantCategoryCode Copied to clipboard Digits

A 4-digit code used to classify your business by the type of goods or services it offers.This is also known as the Merchant Category Code (MCC).

You only need to provide the MCC if you want to override the default value configured for your acquirer link.The value you provide must match one of those configured by your payment service provider.

Data is a string that consists of the characters 0-9.

Min length: 4 Max length: 4
order.notificationUrl Copied to clipboard Url

The URL to which the gateway will send Webhook notifications when an order is created or updated.

To receive notifications at this URL, you must enable Webhook notifications in Merchant Administration. Ensure the URL is HTTPS

Ensure that the URL begins with 'https' and is longer than 11 characters.

order.owningEntity Copied to clipboard String

Your identifier for the part of your organization that is responsible for the order.

You might provide this data when you want to track the accountability for the order. For example, store number, sales region, branch, or profit center

Data can consist of any characters

Min length: 1 Max length: 40
order.owningEntity Copied to clipboard String

Your identifier for the part of your organization that is responsible for the order.

You might provide this data when you want to track the accountability for the order. For example, store number, sales region, branch, or profit center

Data can consist of any characters

Min length: 1 Max length: 40
order.recurringPaymentAgreement Copied to clipboard Alphanumeric

Your reference to the contract or agreement you have with the payer to process recurring payments.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 30
order.reference Copied to clipboard String

The identifier of the order.

For example, a shopping cart number, an order number, or an invoice number.

Data can consist of any characters

Min length: 1 Max length: 40
order.requestorName Copied to clipboard String

The name of the person who requested the goods or services.

Data can consist of any characters

Min length: 1 Max length: 100
order.shippingAndHandlingAmount Copied to clipboard Decimal

The total shipping and handling amount for the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.subMerchant Copied to clipboard

Provide these parameters if you are a payment aggregator or facilitator and process payments on behalf of other merchants.

These merchants are referred to as your sub-merchants. The sub-merchant's details you provide may be displayed on the payer's cardholder statement. Note that your acquirer may require you to register with the card scheme(s) before allowing you to submit sub-merchant details with a transaction. This data must be on the initial transaction of an order, subsequent transactions with sub-merchant will be rejected.

order.subMerchant.address Copied to clipboard

The sub-merchant's address.

order.subMerchant.address.city Copied to clipboard String

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.address.company Copied to clipboard String

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.address.country Copied to clipboard Upper case alphabetic text

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.subMerchant.address.postcodeZip Copied to clipboard Alphanumeric + additional characters

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
order.subMerchant.address.stateProvince Copied to clipboard String

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
order.subMerchant.address.street Copied to clipboard String

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.address.street2 Copied to clipboard String

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.bankIndustryCode Copied to clipboard Digits

Code used by acquirer to describe the business or industry the sub-merchant operates in.

Data is a string that consists of the characters 0-9.

Min length: 4 Max length: 4
order.subMerchant.email Copied to clipboard Email

The sub-merchant's email address.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

order.subMerchant.identifier Copied to clipboard String

Your identifier for the sub-merchant.

You can use this identifier in searches and reports in the gateway.

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.phone Copied to clipboard String

The sub-merchant's phone number

Data can consist of any characters

Min length: 1 Max length: 20
order.subMerchant.registeredName Copied to clipboard String

The legal name of the sub-merchant.

Data can consist of any characters

Min length: 1 Max length: 100
order.subMerchant.tradingName Copied to clipboard String

The trading name of the sub merchant, also known as doing business as (DBA), operating as or trading as.

For MasterCard transactions the name must not exceed 21 characters. For American Express transactions the name must not exceed 27 characters (or 36 characters including the aggregator name). The trading name may be displayed on the payer's cardholder statement. Therefore if you need to shorten it, use an abbreviation that will be meaningful to the payer when displayed on their statement.

Data can consist of any characters

Min length: 1 Max length: 100
order.tax[n] Copied to clipboard

Use this parameter group to provide a breakdown of tax types, amount per tax type, and rate per tax type included in order.taxAmount.

order.tax[n].amount Copied to clipboard Decimal

The tax amount included in this order for the tax type.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.tax[n].rate Copied to clipboard Decimal

The tax rate (percentage) used to determine the tax amount included in this order for the tax type.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 6
order.tax[n].type Copied to clipboard String

The type of tax included in the order amount.

The correct value as used by your acquirer may have to be provided. Contact your payment service provider for details.

Data can consist of any characters

Min length: 1 Max length: 50
order.taxAmount Copied to clipboard Decimal

The total amount of tax included in this order.

This value will be used for all pay orders and full capture transactions unless you provide us with a different amount in the transaction.taxAmount.
This amount is the sum of the tax amount for all the items contained in the order. If you supply both this value and any line item details, then this amount MUST equal the sum of the item.quantity times the item.unitTaxAmount for all the line items.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.taxRegistrationId Copied to clipboard String

Your tax registration identifier provided by the Federal/National tax authority (for example, federal tax identification number, ABN).

If you are a Canadian merchant, use this field to provide your Tax Registration ID for paying Harmonized Sales Tax (HST) or Goods and Services Tax (GST) collected by the Canada Revenue Agency.

Data can consist of any characters

Min length: 1 Max length: 30
order.taxStatus Copied to clipboard Enumeration

Indicates your tax status for this order.

Value must be a member of the following list. The values are case sensitive.

EXEMPT

Indicates that you are exempt from tax.

NOT_EXEMPT

Indicates that you are not exempt from tax.

NOT_PROVIDED

Indicates that you are not providing information about being exempt from tax.

order.walletIndicator Copied to clipboard String

The wallet indicator as returned by the wallet provider.

Data can consist of any characters

Min length: 3 Max length: 3
order.walletProvider Copied to clipboard Enumeration

The wallet provider used to collect the customer's payment details used for this transaction.

Value must be a member of the following list. The values are case sensitive.

AMEX_EXPRESS_CHECKOUT

Amex Express Checkout wallet provider.

APPLE_PAY

Apple Pay mobile wallet provider.

CHASE_PAY

Chase Pay wallet provider.

GOOGLE_PAY

Google Pay mobile wallet provider.

MASTERPASS_ONLINE

MasterPass Online wallet provider.

SAMSUNG_PAY

Samsung Pay mobile wallet provider.

VISA_CHECKOUT

Visa Checkout wallet provider.

partnerSolutionId Copied to clipboard String

If, when integrating with the gateway, you are using a solution (e.g. a shopping cart or e-commerce solution) provided, supported or certified by your payment service provider, enter the solution ID issued by your payment service provider here.

If your payment service provider has not provided you with a solution ID, you should ignore this field.

Data can consist of any characters

Min length: 1 Max length: 40
posTerminal Copied to clipboard

Information about the device used to initiate the transaction at the Point-of-Sale (POS).

posTerminal.attended Copied to clipboard Enumeration

Specifies whether the terminal is attended by the merchant.

You only need to provide this field for card present transactions.

You must provide a value for this field for chip transactions with UK acquirers.

This field corresponds to EMV tag 9F35

Value must be a member of the following list. The values are case sensitive.

ATTENDED

Attended terminal.

SEMI_ATTENDED

Where a card or proximity payment device is present; and the cardholder is present; and the cardholder completes the transaction and, if required, an individual representing the merchant or acquirer assist the cardholder to complete the transaction.

UNATTENDED

Unattended terminal.

UNKNOWN_OR_UNSPECIFIED

Unknown or unspecified.

posTerminal.lane Copied to clipboard String

The name that you use to uniquely identify the location of the Point Of Sale instance used to initiate the transaction.

Examples could be S43_L12 (Lane 12 in Shop 43) or Kiosk_76. This field can be used for your search or reporting needs, and might be used by fraud management systems.

This field corresponds to EMV tag 9F1C

Data can consist of any characters

Min length: 1 Max length: 8
posTerminal.location Copied to clipboard Enumeration

Indicates the physical location of the terminal in relation to your business premises.

If you do not provide a value for this field for a mobile wallet payment the gateway defaults the value to PAYER_TERMINAL_OFF_PREMISES.

Value must be a member of the following list. The values are case sensitive.

MERCHANT_TERMINAL_OFF_PREMISES

A terminal under the merchant's control but not on the merchant's premises was used.

MERCHANT_TERMINAL_ON_PREMISES

A terminal under the merchant's control on the merchant's premises was used.

NO_TERMINAL_VOICE_OR_AUDIO_RESPONSE

A voice or an audio response system was used, not a physical terminal.

PAYER_TERMINAL_OFF_PREMISES

A terminal under the payer's control and off the merchant's premises was used. For example, a mobile device or personal computer.

PAYER_TERMINAL_ON_PREMISES

A terminal under the payer's control on the merchant's premises was used. For example, a mobile device or personal computer.

posTerminal.panEntryMode Copied to clipboard Enumeration

Indicates how you or the Payer entered the Primary Account Number (PAN) of the card at the terminal.

Value must be a member of the following list. The values are case sensitive.

BARCODE_READER

The PAN was entered via a barcode reader.

CHIP

The PAN was entered by reading data from the chip on the card.

CHIP_FALLBACK

A chip-capable terminal failed to process the transaction using data on the card's chip. Therefore, the PAN was read using a fallback mode.

CONTACTLESS

The PAN was entered by a contactless interaction with a chip.

ECOMMERCE

The PAN was entered via an electronic commerce interaction, including chip.

KEYED

The PAN was manually entered.

MOBILE_COMMERCE
OPTICAL_CHARACTER_READER

The PAN was entered via an an optical character reader.

RFID_CHIP

An RFID device was used. Chip data is provided.

RFID_STRIPE

An RFID device was used. Stripe data is provided.

SWIPE

The PAN was read from the magnetic stripe, and the full, unaltered contents of the stripe are provided.

SWIPE_WITH_SIGNATURE

The PAN was read from the magnetic stripe and a signature was provided.

UNKNOWN

The mode of PAN entry is unknown.

VOICE_AUTHORIZATION
VOICE_RESPONSE

The PAN was collected using a Voice Response Unit.

posTerminal.pinEntryCapability Copied to clipboard Enumeration

Indicates the capability of the terminal to accept entry of the Payer's PIN.

This field corresponds to EMV tag 9F33

Value must be a member of the following list. The values are case sensitive.

OFFLINE_PIN_ONLY

Only offline PIN is supported.

PIN_NOT_SUPPORTED

Neither offline nor online PIN is supported.

PIN_PAD_INOPERATIVE

PIN is supported but the POS or Payment Client has determined that it is not operational.

PIN_SUPPORTED

Both offline & online PIN supported.

UNKNOWN

The PIN entry capability is not known.

posTerminal.pinLengthCapability Copied to clipboard Integer

The maximum number of PIN characters that can be entered at the terminal

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 4 Max value: 12
responseControls Copied to clipboard

Container for fields that control the response returned for the request.

responseControls.sensitiveData Copied to clipboard String

Indicates how sensitive data is returned in the response.

Data can consist of any characters

Min length: 1 Max length: 50
risk Copied to clipboard

Information relevant to risk assessment.

risk.bypassMerchantRiskRules Copied to clipboard Enumeration

The risk rules you wish to bypass when performing risk assessment for an order.

Value must be a member of the following list. The values are case sensitive.

ALL
risk.custom Copied to clipboard String

Additional data passed to third-party risk assessment providers.

This field is only relevant if you use a third-party risk assessment provider, and you have agreed with them the values to provide (maximum 100 characters in a field name from the set A-Z, a-z, 0-9, maximum 4kB in length of values across all custom risk fields). An example might be:
Field: risk.custom.headOfficeLocation
Value: London UK

Data can consist of any characters

Min length: 1 Max length: 4000
session.id Copied to clipboard ASCII Text

Identifier of the payment session containing values for any of the request fields to be used in this operation.

Values provided in the request will override values contained in the session.

Data consists of ASCII characters

Min length: 31 Max length: 35
session.version Copied to clipboard ASCII Text

Use this field to implement optimistic locking of the session content.

Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.

To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.

If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.

See Making Business Decisions Based on Session Content.

Data consists of ASCII characters

Min length: 10 Max length: 10
shipping Copied to clipboard

Shipping information for this order.

shipping.address Copied to clipboard

The address to which this order will be shipped.

shipping.address.city Copied to clipboard String

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.company Copied to clipboard String

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.country Copied to clipboard Upper case alphabetic text

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
shipping.address.postcodeZip Copied to clipboard Alphanumeric + additional characters

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
shipping.address.source Copied to clipboard Enumeration

How you obtained the shipping address.

Value must be a member of the following list. The values are case sensitive.

ADDRESS_ON_FILE

Order shipped to an address that you have on file.

NEW_ADDRESS

Order shipped to an address provided by the payer for this transaction.

shipping.address.stateProvince Copied to clipboard String

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
shipping.address.stateProvinceCode Copied to clipboard String

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
shipping.address.street Copied to clipboard String

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.street2 Copied to clipboard String

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.sameAsBilling Copied to clipboard Enumeration

Indicates whether the shipping address provided is the same as the payer's billing address.

Provide this value if you are not providing the full shipping and billing addresses, but you can affirm that they are the same or different.

The default value for this field is:

SAME - if the shipping and billing address are supplied, and all fields are the same (ignoring non-alphanumerics).
DIFFERENT - if the shipping and billing address are supplied, and at least one field is different (ignoring non-alphanumerics).
UNKNOWN - either shipping address or billing address is absent.

Value must be a member of the following list. The values are case sensitive.

DIFFERENT

The shipping and billing addresses are different.

SAME

The shipping and billing addresses are the same.

UNKNOWN

It is not known if the shipping and billing addresses are the same.

shipping.contact Copied to clipboard

Details of the contact person at the address the goods will be shipped to.

shipping.contact.email Copied to clipboard Email

The contact person's email address.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

shipping.contact.firstName Copied to clipboard String

The first name of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.lastName Copied to clipboard String

The last name or surname of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.mobilePhone Copied to clipboard Telephone Number

The contact person's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • ‘+’
  • country code (1, 2 or 3 digits)
  • ‘space’
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.contact.phone Copied to clipboard Telephone Number

The contact person's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • ‘+’
  • country code (1, 2 or 3 digits)
  • ‘space’
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.method Copied to clipboard Enumeration

The shipping method used for delivery of this order.

Value must be a member of the following list. The values are case sensitive.

ELECTRONIC

Electronic delivery.

GROUND

Ground (4 or more days).

NOT_SHIPPED

Order for goods that are not shipped (for example, travel and event tickets)

OVERNIGHT

Overnight (next day).

PICKUP

Shipped to a local store for pick up.

PRIORITY

Priority (2-3 days).

SAME_DAY

Same day.

shipping.origin.postcodeZip Copied to clipboard Alphanumeric + additional characters

The post code or zip code of the address the order is shipped from.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
sourceOfFunds Copied to clipboard REQUIRED

The details describing the source of the funds to be used.

For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.

sourceOfFunds.provided Copied to clipboard

Information about the source of funds when it is directly provided (as opposed to via a token or session).

For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.

sourceOfFunds.provided.ach Copied to clipboard

For ACH (sourceOfFunds.type=ACH) you must provide values for all fields within this parameter group, including details about the payers bank account as well as the type of ACH payment.

sourceOfFunds.provided.ach.accountType Copied to clipboard Enumeration

An indicator identifying the type of bank account.

  • Consumer (checking or savings), or
  • Business

For pre-arranged payments (sourceOfFunds.provided.ach.secCode=PPD) retrieve this information from the payer.

If payments were telephone-initiated (sourceOfFunds.provided.ach.secCode=TEL) or internet-initiated (sourceOfFunds.provided.ach.secCode=WEB) you may choose to limit the payer's options (e.g. only support consumer checking accounts), depending on your type of business (e.g. B2C online webshop).

Value must be a member of the following list. The values are case sensitive.

CONSUMER_CHECKING

Consumer Checking Account

CONSUMER_SAVINGS

Consumer Savings Account

CORPORATE_CHECKING

Business Checking Account

sourceOfFunds.provided.ach.bankAccountHolder Copied to clipboard String

The name of the bank account holder, as it appears on the account at the receiving financial institution.

Retrieve this information from the payer.

Data can consist of any characters

Min length: 1 Max length: 28
sourceOfFunds.provided.ach.bankAccountNumber Copied to clipboard Alphanumeric + additional characters

The identifier of the bank account at the receiving financial institution.

Retrieve this information from the payer.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-', '/'

Min length: 1 Max length: 17
sourceOfFunds.provided.ach.routingNumber Copied to clipboard Digits

The identifier of the receiving financial institution.

Also known as:

  • Routing number,
  • Transit number, or
  • ABA number

Retrieve this information from the payer.

See also http://en.wikipedia.org/wiki/Routing_transit_number.

Data is a string that consists of the characters 0-9.

Min length: 9 Max length: 9
sourceOfFunds.provided.ach.secCode Copied to clipboard Enumeration

Identifies the Standard Entry Class (SEC) code to be sent to the issuer.

The SEC is defined by NACHA and describes the origin and intent of the payment. For details please refer to https://www.nacha.org/.

Value must be a member of the following list. The values are case sensitive.

PPD

An ACH debit or credit payment (B2C) that has been authorized by an authenticated customer in written form (signed or similarly authenticated). PPD is used for pre-arranged payments (e.g. employee payroll, mortgage payments, expense reimbursement).

TEL

An ACH debit payment (B2C) that has been authorized by an authenticated customer via phone. TEL may only be used if a relationship already exists between you and the consumer, or, the consumer initiates the contact with you.

WEB

An ACH debit payment (B2C) that has been authorized by an authenticated customer via the internet or a wireless network.

sourceOfFunds.provided.card Copied to clipboard

Details about the card.

Use this parameter group when you have sourced payment details using:
Cards: the card details entered directly or collected using a Point of Sale (POS) terminal.
Device payment methods such as Apple Pay, Android Pay, Samsung Pay or Google Pay.
Digital wallets such as Masterpass, Visa Checkout or Amex Express Checkout.
Card scheme tokens where the card was tokenized using a card scheme tokenization service such as Mastercard Digital Enablement Service (MDES).

sourceOfFunds.provided.card.devicePayment Copied to clipboard

Details about the card that you have sourced using digital payment methods.

Use this parameter group when you have sourced payment details using:

  • • Device payment methods such as Apple Pay, Android Pay, Samsung Pay, or Google Pay.
  • • Digital wallets such as Masterpass, Visa Checkout or Amex Express Checkout.
  • • Card scheme tokens. This applies when you have tokenized the payer's card number using a card scheme tokenization service such as Mastercard Digital Enablement Service (MDES).

sourceOfFunds.provided.card.devicePayment.3DSecure Copied to clipboard

Details used to process a digital payment where the payment data keys for the online payment cryptogram are provided using the 3-D Secure format.

Use this parameter group for:

  • • Device payments: if you decrypt the payment token yourself. In this case, you source these fields directly from the decrypted payment token.
    You do not need to use this parameter group if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken.
  • • Card scheme tokens: if you decrypt the transaction credentials yourself.

sourceOfFunds.provided.card.devicePayment.3DSecure.eciIndicator Copied to clipboard Digits

The Electronic Commerce Indicator generated for payments made using a device payment method.

You source this field directly from the decrypted payment token.

This field is not applicable for payments using digital wallets or card scheme tokens.

Data is a string that consists of the characters 0-9.

Min length: 1 Max length: 2
sourceOfFunds.provided.card.devicePayment.3DSecure.onlinePaymentCryptogram Copied to clipboard Base64 REQUIRED

A cryptogram used to authenticate the transaction.Use this field for:

  • • Device payments: source this field directly from the decrypted payment token.
  • • Card scheme tokens: source this field directly from the decrypted transaction credentials.

Data is Base64 encoded

Min length: 1 Max length: 128
sourceOfFunds.provided.card.expiry Copied to clipboard

Expiry date, as shown on the card.

This field corresponds to EMV tag 5F24

sourceOfFunds.provided.card.expiry.month Copied to clipboard Digits REQUIRED

Month, as shown on the card.

Months are numbered January=1, through to December=12.

Data is a number between 1 and 12 represented as a string.

sourceOfFunds.provided.card.expiry.year Copied to clipboard Digits REQUIRED

Year, as shown on the card.

The Common Era year is 2000 plus this value.

Data is a string that consists of the characters 0-9.

Min length: 2 Max length: 2
sourceOfFunds.provided.card.nameOnCard Copied to clipboard String

The cardholder's name as printed on the card.

Data can consist of any characters

Min length: 1 Max length: 256
sourceOfFunds.provided.card.number Copied to clipboard Digits

The account number of the payer's account used for the payment.

On requests, provide the number in the form that you receive it (as explained below). On responses, the gateway populates it with a form that the payer would recognize (also explained in more detail below).

  • Request

    On request, populate this field based on the payment method you are using for the payment:
    • • Card: the account number embossed onto the card. This field corresponds to EMV tag 5A.
    • • Device payment methods such as Apple Pay, Android Pay, Samsung Pay, or Google Pay. Normally for device payments, you would populate sourceOfFunds.provided.card.devicePayment.paymentToken and the gateway will decrypt and extract this field. However, you can populate this field if you decrypt the payment token yourself. In this case use the Device PAN (DPAN) provided in the payment token.
    • • Digital wallets such as Masterpass, Visa Checkout or Amex Express Checkout. In this case, provide the PAN retrieved from the wallet.
    • • Scheme tokens such as MDES (Mastercard Digital Enablement Service). Supply the value called the "Token PAN".
  • Response

    On return, the card number will be populated in 6.4 masking format, for example, 000000xxxxxx0000. If you wish to return unmasked card numbers, you must have the requisite permission, set responseControls.sensitiveData field to UNMASK, and authenticate your call to the API using certificate authentication.

    When a DPAN or scheme token was provided in the transaction request, then this field will represent the PAN of the associated payer's account (when supported by the acquirer). This is also referred to as the Funding PAN (FPAN).

Data is a string that consists of the characters 0-9.

Min length: 9 Max length: 19
sourceOfFunds.provided.card.p2pe Copied to clipboard

This holds the PAN in the case where it is encrypted by the terminal using DUKPT key exchange.

sourceOfFunds.provided.card.p2pe.cardBin Copied to clipboard Digits

The BIN of the card.

If you provide this, the gateway will check that the decrypted PAN has these leading six digits. If the check fails, the gateway will reject the transaction.

If you do not provided this, the gateway will not perform this check.

Data is a string that consists of the characters 0-9.

Min length: 1 Max length: 6
sourceOfFunds.provided.card.p2pe.encryptionState Copied to clipboard String

The P2PE encryption state as determined by the terminal.

INVALID means the terminal detected some form of error in the encryption process. The gateway will decline transactions with INVALID encryption state. This field may be omitted when the value is VALID.

Data can consist of any characters

Min length: 5 Max length: 7
sourceOfFunds.provided.card.p2pe.initializationVector Copied to clipboard Hex

The initialization vector supplied by the terminal to seed the encryption of this payload.

Omit this value if the terminal is not using an initialization vector to seed encryption.

Data is hexadecimal encoded

Min length: 16 Max length: 16
sourceOfFunds.provided.card.p2pe.keySerialNumber Copied to clipboard Hex REQUIRED

The DUKPT key serial number supplied by the terminal.

Data is hexadecimal encoded

Min length: 20 Max length: 20
sourceOfFunds.provided.card.p2pe.payload Copied to clipboard Hex REQUIRED

The DUKPT encrypted payload supplied by the terminal.

Data is hexadecimal encoded

Min length: 32 Max length: 1024
sourceOfFunds.provided.card.pin Copied to clipboard

The PIN (Personal Identification Number) entered by a payer at the point of sale that is used to authenticate their identity as the cardholder with the issuer.

Provide this data in the case where you want the PIN verified online by the issuer. The gateway can support PINs encoded in ISO 9564-1 formats 0, 1, 3 and 4, but the supported format will depend on integration.

sourceOfFunds.provided.card.pin.encryptionState Copied to clipboard Enumeration

The PIN encryption state as determined by the terminal.

INVALID means the terminal detected some form of error in the encryption process. The gateway will decline transactions with INVALID encryption state. This field may be omitted when the value is VALID.

Value must be a member of the following list. The values are case sensitive.

INVALID

The encryption state is invalid.

VALID

The encryption state is valid.

sourceOfFunds.provided.card.pin.keySerialNumber Copied to clipboard Hex REQUIRED

The DUKPT key serial number supplied by the terminal.

Data is hexadecimal encoded

Min length: 20 Max length: 20
sourceOfFunds.provided.card.pin.payload Copied to clipboard Hex REQUIRED

The DUKPT encrypted payload supplied by the terminal.

Data is hexadecimal encoded

Min length: 16 Max length: 16
sourceOfFunds.provided.card.securityCode Copied to clipboard Digits

Card verification code, as printed on the back or front of the card or as provided for a card scheme token.

Data is a string that consists of the characters 0-9.

Min length: 3 Max length: 4
sourceOfFunds.provided.card.storedOnFile Copied to clipboard Enumeration

This field only applies if you collect cards from your payers, store them, and either you or your payers use the stored value for subsequent payments.

If you store using gateway tokenization then you can ignore this field, unless you do payments with both stored and non-stored cards. If you do both, then you must supply the NOT_STORED value for the non-stored case.

If you use Scheme Tokenization services like MDES and store the tokens provided, you have to provide the value STORED and if you pass the token value with out storing them, provide the value NOT_STORED.

If you store yourself, you have to provide the TO_BE_STORED or STORED values for all payments.

Value must be a member of the following list. The values are case sensitive.

NOT_STORED

Set this value if the card or token details provided will not be stored. This is the default value for merchants without tokenization.

STORED

Set this value if the card or token details provided have been stored previously. This is the default value when paying with a gateway token.

TO_BE_STORED

Set this value if this is the first transaction using the card and you intend to store the card or token details on success. This is the default value for tokenization merchants who present a payment with a PAN.

sourceOfFunds.provided.giftCard Copied to clipboard

If the payer chose to pay using a gift card, you must submit sourceOfFunds.type=GIFT_CARD and provide the payer's gift card details in this parameter group.

sourceOfFunds.provided.giftCard.expectedLocalBrand Copied to clipboard String

Do not provide this field in your request unless instructed to do so by your payment service provider.

The field is required, if your gift card numbers do not use ISO BIN rules and therefore not allowing the gateway to identify the local brand.

Data can consist of any characters

Min length: 4 Max length: 50
sourceOfFunds.provided.giftCard.number Copied to clipboard Digits

Card number as printed or embossed on the gift card.

Data is a string that consists of the characters 0-9.

Min length: 9 Max length: 19
sourceOfFunds.provided.giftCard.pin Copied to clipboard Digits

PIN number for the gift card.

Data is a string that consists of the characters 0-9.

Min length: 4 Max length: 8
sourceOfFunds.token Copied to clipboard Alphanumeric

The token you supply that you wish to create or update.

You can only supply this value when creating a token if your token repository is configured to support merchant-supplied tokens.

On response, the format of the token depends on the token generation strategy configured for your repository. See Tokenization for more details.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 40
sourceOfFunds.tokenRequestorID Copied to clipboard Alphanumeric

The unique identifier assigned to you by the Token Service Provider that you requested a token from for this payment.

This field is mandatory for payments where the Chase Pay wallet was used.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 11 Max length: 11
sourceOfFunds.type Copied to clipboard Enumeration

The payment method used for this payment.

If you are passing card data (in any form) on the API, then you need to set this value, and also provide the card details in the sourceOfFunds.provided.card group. In the case of digital wallets or device payment methods, you must also populate the order.walletProvider field.

If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFunds.token field. However you can set this to CARD if you want to overwrite or augment the token data with a card security code, expiry date, or cardholder name.

Value must be a member of the following list. The values are case sensitive.

ACH

The payer chose to pay using an electronic fund transfer, to be processed via the Automated Clearing House (ACH) Network. You must provide the payer's bank account details and information about the type of ACH payment under the sourceOfFunds.provided.ach parameter group.

CARD

Use this value for payments that obtained the card details either directly from the card, or from a POS terminal, or from a wallet, or through a device payment method.

GIFT_CARD

Use this value for gift cards.

SCHEME_TOKEN

Use this value for payments using scheme tokens provided by Mastercard Digital Enablement Service (MDES) or Visa Token Service (VTS).

transaction Copied to clipboard

Information about this transaction.

transaction.acquirer Copied to clipboard

Additional information to be passed to acquirer.

transaction.acquirer.customData Copied to clipboard String

Additional information requested by the acquirer which cannot be passed using other available data fields.

This field must not contain sensitive data.

Data can consist of any characters, but sensitive data will be rejected

Min length: 1 Max length: 2048
transaction.acquirer.traceId Copied to clipboard String

The unique identifier that allows the issuer to link related transactions (for example, Merchant Initiated Transactions).

It is only applicable if you want to link transactions across multiple payment gateways.If you want to do this, then its usage is described in Visa documentation for 'transaction identifier' or the Mastercard documentation for 'trace identifier' field.
If you provide this value in the request, gateway will use this value in preference to the gateway's selected value.

Data can consist of any characters, but sensitive data will be rejected

Min length: 1 Max length: 15
transaction.frequency Copied to clipboard Enumeration

Indicates the frequency of the transaction offered to the payer.

Value must be a member of the following list. The values are case sensitive.

INSTALLMENT

Indicates an installment transaction where the payer authorizes you to deduct multiple payments over an agreed period of time for a single purchase.

RECURRING

Indicates a recurring transaction where the payer authorizes you to automatically debit their accounts for bill or invoice payments.

SINGLE

Indicates a single transaction where a single payment is used to complete the order.

transaction.merchantNote Copied to clipboard String

Your note about this transaction.

Data can consist of any characters

Min length: 1 Max length: 250
transaction.reference Copied to clipboard String

The identifier of the transaction, to distinguish it from all transactions you ever issue on any order.

For example, a shopping cart number or an invoice number.

Data can consist of any characters

Min length: 1 Max length: 40
transaction.source Copied to clipboard Enumeration

Indicates the channel through which you received authorization for the payment for this order from the payer.

For example, set this value to INTERNET if the payer initiated the payment online.

If you have an existing agreement with the payer that authorizes you to process this payment (for example, a recurring payment) then set this value to MERCHANT.You only need to provide transaction.source if you want to override the default value configured for your acquirer link.

Note:

  • You can only override the default value if you have the requisite permission.
  • The value you provide must match one of those configured by your payment service provider.
  • You can only set the transaction source on the initial transaction on an order. It cannot be changed on subsequent transactions.

Value must be a member of the following list. The values are case sensitive.

CALL_CENTRE

Transaction conducted via a call centre.

CARD_PRESENT

Transaction where the card is presented to the merchant.

INTERNET

Transaction conducted over the Internet.

MAIL_ORDER

Transaction received by mail.

MERCHANT

Transaction initiated by you based on an agreement with the payer. For example, a recurring payment, installment payment, or account top-up.

MOTO

Transaction received by mail or telephone.

TELEPHONE_ORDER

Transaction received by telephone.

VOICE_RESPONSE

Transaction conducted by a voice/DTMF recognition system.

userId Copied to clipboard String

The person who initiated this transaction.

For Merchant Administration, the person is identified by their logon name.

Data can consist of any characters

Min length: 1 Max length: 256

Response Copied to clipboard

Fields Copied to clipboard

3DSecure Copied to clipboard

Information about the results of payer authentication using 3-D Secure authentication.

You only need to provide these fields if you authenticated the payer using a different service provider.

3DSecure.acsEci Copied to clipboard Digits

Indicates the security level of the transaction.

This is the value returned in the Electronic Commerce Indicator (ECI) field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, 0,1, or 2. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data is a string that consists of the characters 0-9.

Min length: 1 Max length: 2
3DSecure.authenticationToken Copied to clipboard Base64

Used to verify that the 3D-Secure authentication occurred and the 3-D Secure data provided is valid.

The authentication token is generated and returned by the card issuer's Access Control Server (ACS) or the scheme's Attempts Server. It is a Base64 encoded value and must be submitted unaltered on a transaction. This field is referred to as Accountholder Authentication Value (AAV) for Mastercard SecureCode™ and JCB J/Secure™, Cardholder Authentication Verification Value (CAVV) for Verified by Visa™, American Express Verification Value (AEVV) for American Express SafeKey™, or Cardmember Authentication Verification Value (CAVV) for Diners Club ProtectBuy™.

Data is Base64 encoded

allowable lengths 28 or 32
3DSecure.custom Copied to clipboard String

Additional data about the 3-D Secure Authentication.

Please contact your payment service provider for additional information.

Data can consist of any characters

Min length: 1 Max length: 200
3DSecure.paResStatus Copied to clipboard Alpha

Indicates the result of payer authentication with the issuer.

This is the value returned in the transaction status field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, Y, N, A, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
3DSecure.veResEnrolled Copied to clipboard Alpha

Indicates whether or not payer authentication is available for the card number you provided.

This is the value returned in the 'enrolled' field of the Verify Enrollment Response (VERes) message from the card scheme's Directory Server. For example, Y, N, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
3DSecure.xid Copied to clipboard Base64

A unique transaction identifier generated by the Payment Gateway on behalf of the merchant to identify the 3DS transaction.

This field is mandatory for Verified By Visa transactions if authentication was available. The XID should be used in operation requests unaltered.

Data is Base64 encoded

allowable length 28
3DSecureId Copied to clipboard ASCII Text

A unique identifier supplied by the merchant for the authentication.

It is first defined in the check3DSEnrollment operation, and then included in subsequent operations.
It is not used when the authentication is performed externally.

Data consists of ASCII characters

Min length: 1 Max length: 64
agreement Copied to clipboard

A series of related orders that execute one commercial agreement.

For example, linking the orders for a series of recurring payments (a mobile phone subscription), split tenders (one payment using two cards), or when the merchant offers to take payments by a series of installments (hire purchase).

You must provide this data for some types of payments (such as recurring), but you can provide it for any cases where you want to link orders together.

agreement.id Copied to clipboard String ALWAYS PROVIDED

Your identifier for the agreement you have with the payer to process payments.

When you collect cards from your payers and store them for later use, you must provide an agreement ID when you use the stored values for:

  • Recurring payments: you have an agreement with the payer that authorizes you to automatically debit their account at agreed intervals for fixed or variable amounts. For example, gym membership, phone bills, or magazine subscriptions.
  • Installment payments: you have an agreement with the payer that authorizes you to process multiple payments over an agreed period of time for a single purchase. For example, the payer purchases an item for $1000 and pays for it in four monthly installments.
  • Unscheduled: you have an agreement with the payer that authorizes you to process future payments when required. For example, the payer authorizes you to process an account top-up transaction for a transit card when the account balance drops below a certain threshold.

Data can consist of any characters

Min length: 1 Max length: 100
airline Copied to clipboard

Airline industry specific data

airline.bookingReference Copied to clipboard Alphanumeric

The record locator used to access a specific Passenger Name Record (PNR).

PNR is a record in the database of a booking system that contains the itinerary for a passenger, or a group of passengers traveling together.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 6 Max length: 15
airline.documentType Copied to clipboard Enumeration

The type of charge associated with the transaction.

Document Type Code

Value must be a member of the following list. The values are case sensitive.

ADDITIONAL_COLLECTION

Additional Collection

AGENCY_EXCHANGE_ORDER

Agency Exchange Order

AGENCY_GROUP_TICKET

Agency Group Ticket

AGENCY_MISCELLANEOUS_CHARGE_ORDER

Agency Misc. Charge Order (MCO)

AGENCY_PASSENGER_TICKET

Agency Passenger Ticket

AGENCY_TOUR_ORDER_OR_VOUCHER

Agency Tour Order/Voucher

AIR_FREIGHT

SPD/Air Freight

ANIMAL_TRANSPORTATION_CHARGE

Animal Transportation Charge

CATALOGUE_MERCHANDISE_ORDERED

Catalogue Merchandise Ordered

CLUB_MEMBERSHIP_FEE

Club Membership Fee

COUPON_BOOK

Coupon Book

CREDIT_CLASS_SERVICE_ADJUSTMENT

Credit Class of Service Adjustment

CREDIT_DENIED_BOARDING

Credit Denied Boarding

CREDIT_EXCHANGE_REFUND

Credit Exchange Refund

CREDIT_LOST_TICKET_REFUND

Credit Lost Ticket Refund

CREDIT_MISCELLANEOUS_REFUND

Credit Misc. Refund

CREDIT_MULTIPLE_UNUSED_TICKETS

Credit Multiple Unused Tickets

CREDIT_OVERCHARGE_ADJUSTMENT

Credit Overcharge Adjustment

CREDIT_UNUSED_TRANSPORTATION

Credit Unused Transportation

DEBT_ADJUSTMENT_DUPLICATE_REFUND_OR_USE

Debt Adjustment Duplicate Refund/Use

DUTY_FREE_SALE

Duty Free Sale

EXCESS_BAGGAGE

Excess Baggage

EXCHANGE_ADJUSTMENT

Exchange Adjustment

EXCHANGE_ORDER

Exchange Order

FIREARMS_CASE

Firearms Case

FREQUENT_FLYER_FEE_OR_PURCHASE

Frequent Flyer Fee/Purchase

FREQUENT_FLYER_FULFILLMENT

Frequent Flyer Fulfillment

FREQUENT_FLYER_OVERNIGHT_DELIVERY_CHARGE

Frequent Flyer Overnight Delivery Charge

GROUP_TICKET

Group Ticket

IN_FLIGHT_ADJUSTMENT

In-flight Adjustment

IN_FLIGHT_CHARGES

In-flight Charges

IN_FLIGHT_DUTY_FREE_PURCHASE

In-flight Duty Free Purchase

IN_FLIGHT_MERCHANDISE_ORDERED

In-flight Merchandise Ordered

IN_FLIGHT_PHONE_CHARGES

In-flight Phone Charges

KENNEL_CHARGE

Kennel Charge

LOST_TICKET_APPLICATION

Lost Ticket Application

MISCELLANEOUS_CHARGE_ORDER_OR_PREPAID_TICKET_ADVICE

Misc. Charge Order (MCO) / Prepaid Ticket Auth.

MISCELLANEOUS_TAXES_FEES

Miscellaneous Tax(es) Fee(s)

PASSENGER_TICKET

Passenger Ticket

SELF_SERVICE_TICKETS

Self-Service Ticket(s)

SENIOR_CITIZEN_DISCOUNT_BOOKLETS

Senior Citizen Discount Booklets

SMALL_PACKAGE_DELIVERY

Small Package Delivery

SPECIAL_SERVICE_TICKET

Special Service Ticket

SUPPORTED_REFUND

Supported Refund

TICKET_BY_MAIL

Ticket by Mail

TOUR_DEPOSIT

Tour Deposit

TOUR_ORDER_VOUCHER

Tour Order Voucher

UNDERCHARGE_ADJUSTMENT

Undercharge Adjustment

UNSUPPORTED_REFUND

Unsupported Refund

UPGRADE_CHARGE

Upgrade Charge

VENDOR_REFUND_CREDIT

Vendor Refund Credit

VENDOR_SALE

Vendor Sale

airline.itinerary Copied to clipboard

Itinerary details

airline.itinerary.leg[n] Copied to clipboard

Travel leg details.

airline.itinerary.leg[n].carrierCode Copied to clipboard Regex

The 2-character IATA airline code or 3 digit accounting code or both of the airline carrier for the trip leg.

Data must match regex

regex \w{2}|\d{3}|\w{2}/\d{3} message Carrier code must be 2 characters, 3 digits or a combination of both in the format: ZZ/999
airline.itinerary.leg[n].conjunctionTicketNumber Copied to clipboard Alphanumeric

The ticket containing the coupon for this leg for an itinerary with more than four trip legs.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 11 Max length: 16
airline.itinerary.leg[n].couponNumber Copied to clipboard Alphanumeric

The coupon number on the ticket for the trip leg.

Each trip leg requires a separate coupon. The coupon within the series is identified by the coupon number.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 1
airline.itinerary.leg[n].departureAirport Copied to clipboard Upper case alphabetic text

The 3 character IATA airport code of the departure airport for the trip leg.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
airline.itinerary.leg[n].departureDate Copied to clipboard Date

Date of departure for the trip leg.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

airline.itinerary.leg[n].departureTax Copied to clipboard Decimal

Tax payable on departure for the trip leg.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.itinerary.leg[n].departureTime Copied to clipboard Time

Departure time in local time for the departure airport for this trip leg.

Data must comply with ISO 8601 extended time formats, hh:mm[:ss]Z or hh:mm[:ss](+/-)hh[:mm]

airline.itinerary.leg[n].destinationAirport Copied to clipboard Upper case alphabetic text

The 3 character IATA airport code for the destination airport for the trip leg.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
airline.itinerary.leg[n].destinationArrivalDate Copied to clipboard Date

Arrival date in local time for the destination airport for this trip leg.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

airline.itinerary.leg[n].destinationArrivalTime Copied to clipboard Time

Arrival time in local time for the destination airport for this trip leg.

Data must comply with ISO 8601 extended time formats, hh:mm[:ss]Z or hh:mm[:ss](+/-)hh[:mm]

airline.itinerary.leg[n].endorsementsRestrictions Copied to clipboard Alphanumeric

Restrictions (e.g. non-refundable) or endorsements applicable to the trip leg.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 20
airline.itinerary.leg[n].exchangeTicketNumber Copied to clipboard Alphanumeric

New ticket number issued when a ticket is exchanged for the trip leg.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 11 Max length: 16
airline.itinerary.leg[n].fare Copied to clipboard Decimal

Total fare payable for the trip leg.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.itinerary.leg[n].fareBasis Copied to clipboard Alphanumeric

Code defining the rules forming the basis of the fare (type of fare, class entitlement, etc.)

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 24
airline.itinerary.leg[n].fees Copied to clipboard Decimal

Total fees payable for the trip leg.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.itinerary.leg[n].flightNumber Copied to clipboard Alphanumeric

The flight number for the trip leg.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 4 Max length: 6
airline.itinerary.leg[n].stopoverPermitted Copied to clipboard Boolean

Indicates if a stopover is permitted for the trip leg.

JSON boolean values 'true' or 'false'.

airline.itinerary.leg[n].taxes Copied to clipboard Decimal

Total taxes payable for the trip leg.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.itinerary.leg[n].travelClass Copied to clipboard Alphanumeric

The industry code indicating the class of service (e.g. Business, Coach) for the leg.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 3
airline.itinerary.numberInParty Copied to clipboard Digits

Number of passengers associated with this booking.

Data is a string that consists of the characters 0-9.

Min length: 1 Max length: 3
airline.itinerary.originCountry Copied to clipboard Upper case alphabetic text

The 3 character ISO 3166-1 alpha-3 country code of the country of origin for the itinerary.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
airline.passenger[n] Copied to clipboard

Passenger details

airline.passenger[n].firstName Copied to clipboard String

First name of the passenger to whom the ticket is being issued.

Data can consist of any characters

Min length: 1 Max length: 50
airline.passenger[n].frequentFlyerNumber Copied to clipboard String

Frequent Flyer or Loyalty Program number for this passenger.

Data can consist of any characters

Min length: 1 Max length: 20
airline.passenger[n].lastName Copied to clipboard String

Last name of the passenger to whom the ticket is being issued.

Data can consist of any characters

Min length: 1 Max length: 20
airline.passenger[n].middleName Copied to clipboard String

Middle name of the passenger to whom the ticket is being issued.

Data can consist of any characters

Min length: 1 Max length: 50
airline.passenger[n].specificInformation Copied to clipboard Alphanumeric

Passenger specific information recorded on the ticket.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 59
airline.passenger[n].title Copied to clipboard String

Title of the passenger to whom the ticket is being issued.

Data can consist of any characters

Min length: 1 Max length: 20
airline.planNumber Copied to clipboard Alphanumeric

Plan number supplied by the airline for this booking.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 2 Max length: 2
airline.ticket Copied to clipboard

Ticket details

airline.ticket.conjunctionTicketIndicator Copied to clipboard Boolean

Indicates if a conjunction ticket with additional coupons was issued.

Conjunction ticket refers to two or more tickets concurrently issued to a passenger and which together constitute a single contract of carriage.

JSON boolean values 'true' or 'false'.

airline.ticket.eTicket Copied to clipboard Boolean

Indicates if an electronic ticket was issued.

JSON boolean values 'true' or 'false'.

airline.ticket.exchangedTicketNumber Copied to clipboard Alphanumeric

The original ticket number when this is a transaction for an exchanged ticket.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 11 Max length: 16
airline.ticket.issue Copied to clipboard

Ticket issue information.

airline.ticket.issue.address Copied to clipboard String

The address where the ticket was issued.

Data can consist of any characters

Min length: 1 Max length: 16
airline.ticket.issue.carrierCode Copied to clipboard Regex

The 2-character IATA airline code or 3 digit accounting code or both of the airline carrier issuing the ticket.

Data must match regex

regex \w{2}|\d{3}|\w{2}/\d{3} message Carrier code must be 2 characters, 3 digits or a combination of both in the format: ZZ/999
airline.ticket.issue.carrierName Copied to clipboard Alphanumeric

Name of airline carrier issuing the ticket.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 25
airline.ticket.issue.city Copied to clipboard Alphanumeric

The city/town where the ticket was issued.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 18
airline.ticket.issue.country Copied to clipboard Upper case alphabetic text

The 3 character ISO 3166-1 alpha-3 country code of the country where the ticket was issued.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
airline.ticket.issue.date Copied to clipboard Date

The date the ticket was issued.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

airline.ticket.issue.travelAgentCode Copied to clipboard Alphanumeric

Industry code of the travel agent issuing the ticket.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 8 Max length: 9
airline.ticket.issue.travelAgentName Copied to clipboard Alphanumeric

Name of the travel agent issuing the ticket.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 30
airline.ticket.restricted Copied to clipboard Boolean

Indicates if the issued ticket is refundable.

JSON boolean values 'true' or 'false'.

airline.ticket.taxOrFee[n] Copied to clipboard

Breakdown of the ticket taxes, airport taxes, charges and fees for an airline ticket purchase.The total of the amounts in this group should equal the sum of the airline.ticket.totalFees and airline.ticket.totalTaxes fields.

airline.ticket.taxOrFee[n].amount Copied to clipboard Decimal

The tax, charge or fee amount payable.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.ticket.taxOrFee[n].type Copied to clipboard Alphanumeric

The tax, charge or fee type code as assigned by IATA.

For example, the IATA tax/ charge/ fee type for Passenger Movement Charge (PMC) in Australia is TT1.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 3 Max length: 3
airline.ticket.ticketNumber Copied to clipboard Alphanumeric

The airline ticket number associated with the transaction.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 11 Max length: 16
airline.ticket.totalFare Copied to clipboard Decimal

Total fare for all trip legs on the ticket.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.ticket.totalFees Copied to clipboard Decimal

Total fee for all trip legs on the ticket.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.ticket.totalTaxes Copied to clipboard Decimal

Total taxes for all trip legs on the ticket.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
airline.transactionType Copied to clipboard Enumeration

The type of transaction performed against this airline booking.

Transaction Type

Value must be a member of the following list. The values are case sensitive.

EXCHANGE_TICKET

Exchange Ticket

MISCELLANEOUS_CHARGE

Miscellaneous Charge

REFUND

Refund

REVERSAL

Reversal

TICKET_PURCHASE

Ticket Purchase

TOUR_ORDER

Tour Order

authentication Copied to clipboard

Information about how the payer's identity is verified.

For example, using 3-D Secure authentication.
This parameter group include payer authentication options available to you, parameters you need to perform payer authentication for an available method, and the results of payer authentication.

authentication.3ds2 Copied to clipboard

Information about payer authentication using 3-D Secure authentication version 2.

authentication.3ds2.acsTransactionId Copied to clipboard String

A unique transaction identifier assigned by the Access Control Server to identify the 3DS transaction.

The ACS transaction id should be used in subsequent operation requests unaltered.

Data can consist of any characters

Min length: 36 Max length: 36
authentication.3ds2.dsTransactionId Copied to clipboard String

A unique transaction identifier assigned by the scheme Directory Server to identify the 3DS transaction.

The DS transaction id should be used in subsequent operation requests unaltered.

Data can consist of any characters

Min length: 1 Max length: 50
authentication.3ds2.methodCompleted Copied to clipboard Boolean ALWAYS PROVIDED

Indicates if the issuer's Access Control Server (ACS) completed the method call to obtain additional information about the payer's browser.

JSON boolean values 'true' or 'false'.

authentication.3ds2.methodSupported Copied to clipboard Enumeration ALWAYS PROVIDED

Indicates if the issuer's Access Control Server (ACS) support the method call.

Value must be a member of the following list. The values are case sensitive.

NOT_SUPPORTED

The ACS does not support the method call protocol.

SUPPORTED

The ACS supports the method call protocol.

authentication.3ds2.requestorId Copied to clipboard String ALWAYS PROVIDED

The unique identifier assigned to the merchant by the card scheme directory server when the merchant registered to use 3-D Secure authentication version 2 with their acquirer.

Do not provide this value for Mastercard SecureCode or Verified by Visa, For these authentication schemes, it will be generated by the gateway.

Data can consist of any characters

Min length: 1 Max length: 35
authentication.3ds2.requestorName Copied to clipboard String ALWAYS PROVIDED

The unique name assigned to the merchant by the card scheme directory server when the merchant registered to use 3-D Secure authentication version 2 with their acquirer.

Do not provide this value for Mastercard SecureCode or Verified by Visa, For these authentication schemes, it will be generated by the gateway.

Data can consist of any characters

Min length: 1 Max length: 40
authentication.3ds2.sdk Copied to clipboard

Information provided by the 3-D Secure Software Development Kit (SDK) that is used by an app on the payer's device to enable 3-D Secure authentication of the payer to be performed in-app.

You must populate the fields in this parameter group when you authenticate the payer in-app using 3-D Secure authentication version 2.

authentication.3ds2.sdk.interface Copied to clipboard Enumeration

The User Interface (UI) formats that the payer's device supports.

These are the formats that can be used to render the screens presented to the payer during an authentication challenge.

You only need to provide this value if you only support one of these formats.

This field corresponds to EMVCo data element sdkInterface in the field deviceRenderOptions.

Value must be a member of the following list. The values are case sensitive.

HTML

The device supports HTML format.

NATIVE

The device supports the UI format native to the payer's device.

authentication.3ds2.sdk.timeout Copied to clipboard Integer

The duration (in seconds) available to the payer to authenticate.

Will default to 900 if not provided. Note: The value will be rounded up to the nearest minute.

This field corresponds to EMVCo field sdkMaxTimeout

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 300 Max value: 900
authentication.3ds2.sdk.uiType Copied to clipboard Comma separated enumeration

Indicates the UI types which the SDK supports for displaying authentication challenges within the app.

A comma separated list of the payer authentication methods that you will accept for this payment.

You only need to provide this value if all of these values are not supported.

Note: OTHER_HTML is only supported when authentication.3ds2.sdk.interface allows a HTML UI format.

This field corresponds to EMVCo data element sdkUiType in the field deviceRenderOptions.

Value must be one or more comma separated members of the following list. The values are case sensitive.

TEXT

The payer is asked to enter text into a field displayed on the UI. For example, ask the payer to enter a One Time Password sent to their registered mobile phone number.

SINGLE_SELECT

The payer is asked to select a single option from a number of presented options. For example, ask the payer if they want a One Time Password to be sent to either their email address or mobile phone number registered with their issuer.

MULTI_SELECT

The payer is asked to select multiple options from a number of presented options. For example, ask the payer to select valid responses to a question.

OUT_OF_BAND

The payer is presented with screens rendered by an out-of-band service during an authentication challenge, For example, the payer is asked to confirm the payment from their banking app.

OTHER_HTML

The payer is presented with an authentication challenge using other mechanisms supported in HTML but not in the native UI format. For example, the payer is asked to confirm an image presented on the screen.

authentication.3ds2.statusReasonCode Copied to clipboard String

A code indicating the reason for the transaction status returned in authentication.3ds2.transactionStatus.

Refer to the EMVCo specification for 3-D Secure.

Data can consist of any characters

Min length: 2 Max length: 2
authentication.3ds2.transactionStatus Copied to clipboard Alpha

Indicates the result of payer authentication with the issuer.

This is the value returned in the transaction status field from the issuer's Access Control Server (ACS). For example, Y, N, U, A, R

Refer to the EMVCo specification for 3-D Secure.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.method Copied to clipboard Enumeration

The method that the issuer will use to authenticate the payer.

Value must be a member of the following list. The values are case sensitive.

DYNAMIC

The payer is authenticated using dynamic data. For example, a code sent to the payer's phone.

OUT_OF_BAND

The payer is authenticated by the issuer using another method. For example, by using a bank app on the payer's mobile device.

STATIC

The payer is authenticated using static data. For example, by providing responses to security questions for the payer's account.

authentication.payerInteraction Copied to clipboard Enumeration

Indicates if payer interaction was used to complete the authentication process.

Value must be a member of the following list. The values are case sensitive.

NOT_POSSIBLE

Payer interaction was either not possible or not applicable to completing the authentication process. For example, there was a technical problem, or the authentication method is not supported for this payment method.

NOT_REQUIRED

No payer interaction was required to complete the authentication process. The issuer was able to make a decision based on the data provided.

REQUIRED

Payer interaction was required to complete the authentication process. For example, the payer was presented with a challenge to verify their identity.

authentication.psd2 Copied to clipboard

This parameter group is only applicable if you are subject to the Regulatory Technical Standards (RTS) requirements for Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2) regulations in the European Economic Area.

It provides details about SCA exemptions under PSD2.

authentication.psd2.exemption Copied to clipboard Enumeration

Indicates why this payment qualifies for exemption from Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2).

Note:

  • For recurring payments provide the RECURRING_PAYMENT value only if the amount is the same. If the amount varies, provide MERCHANT_INITIATED_TRANSACTION instead.

Value must be a member of the following list. The values are case sensitive.

LOW_RISK

Exemption is claimed because the acquirer has a low fraud rate.

LOW_VALUE_PAYMENT

Exemption is claimed as the amount is below 30 Euro.

MERCHANT_INITIATED_TRANSACTION

The transaction is excluded as it was initiated by the merchant based on an agreement with the payer. For example, a recurring payment (for a varied or fixed amount), installment payment, or account top-up. In these cases, the payer is not present and cannot participate in an authentication interaction. Merchant initiated transactions are only applicable to subsequent transactions on the order and are out of scope of the PSD2 RTS on Strong Customer Authentication (SCA). The payer must be authenticated during the first transaction that established the agreement.

NONE

An exemption is not claimed for this transaction. The merchant requires Strong Customer Authentication (SCA) be performed.

RECURRING_PAYMENT

The transaction is exempt as it was initiated by the merchant based on an agreement with the payer for a recurring payment for a fixed amount. This value is only applicable to subsequent transactions on the order. In this case, the payer is not present and cannot participate in an authentication interaction. The payer must be authenticated during the first transaction that established the agreement.

SECURE_CORPORATE_PAYMENT

The transaction is exempt as it is a corporate or Business-to-Business (B2B) payment performed using dedicated payment processes and protocols that are not available to consumers and offer at least equivalent security levels.

authentication.psd2.whitelistStatus Copied to clipboard Enumeration

Indicates if the payer has whitelisted you with the issuer and has opted-out of Strong Customer Authentication (SCA).

Value must be a member of the following list. The values are case sensitive.

NOT_WHITELISTED

The payer has not whitelisted the merchant with the issuer or the merchant's whitelist status is unknown.

WHITELISTED

The payer has whitelisted the merchant with the issuer.

authentication.redirect.domainName Copied to clipboard String

The domain name of the site where payer authentication was performed.

For example, the domain-name of the issuer's Access Control Server (ACS) used for payer authentication using 3-D Secure authentication.

Data can consist of any characters

Min length: 1 Max length: 253
authentication.transactionId Copied to clipboard String

The transactionId you used for the Initiate Authentication operation.

Data can consist of any characters

Min length: 1 Max length: 40
authentication.version Copied to clipboard Enumeration

If online authentication of the payer is available, then this field shows the type.

If no such authentication is available, the value is NONE.

Value must be a member of the following list. The values are case sensitive.

3DS1

3-D Secure Version 1 authentication is available.

3DS2

3-D Secure Version 2 authentication is available.

RUPAY

RuPay authentication is available.

NONE

No authentication is available.

authorizationResponse Copied to clipboard

Information about the authorization received from the acquirer.

You can use this data if you want to understand the authorization in more detail, or with less interpretation by the gateway.

One usage is if you are capturing (typically with the same acquirer), but via a different path.

authorizationResponse.autoExpiry Copied to clipboard DateTime

The date and time when the gateway considers the authorization obtained for the order to have expired.

After this time, the gateway will reject your attempts to capture funds against this order. It will also void any authorized amount that has not been captured, to release the payer's funds.

This capability is to assist you in scheme compliance, and must be enabled by your payment provider. The gateway only populates this field if it is expiring the authorization.

An instant in time expressed in ISO8601 date + time format - "YYYY-MM-DDThh:mm:ss.SSSZ"

authorizationResponse.avsCode Copied to clipboard ASCII Text

The acquirer AVS response code generated by the card issuing institution.

Data consists of ASCII characters

Min length: 1 Max length: 100
authorizationResponse.cardLevelIndicator Copied to clipboard String

Indicates the card level result returned by the issuer.

Data can consist of any characters

Min length: 1 Max length: 2
authorizationResponse.cardSecurityCodeError Copied to clipboard String

CSC Incorrect Indicator.

An indicator, pro