Authenticate Payer

Request to authenticate a payer, i.e. verify the identity of a cardholder. You can subsequently use the resulting authentication data when submitting a financial transaction request to prove that you have performed payer authentication.

You must first invoke the Initiate Authentication operation and where the response indicates that payer authentication is available, you must then invoke the Authenticate Payer operation with the same orderId and transactionId submitted on the Initiate Authentication operation.

To increase the likelihood of the authentication being successful, provide as much information about the payer and the transaction as possible.

If the information in the request is sufficient to allow the authentication scheme to confirm the payer's identity the response will include the authentication data (frictionless flow). Alternatively (challenge flow), it may be necessary for the payer to interact with the authentication scheme to confirm their identity (e.g. by providing a one-time password sent to them by their card issuer). In this case the response will contain an HTML excerpt that you must inject into your page. This will establish the interaction between the payer and the authentication scheme. After authentication has been completed the payer will be redirected back to your website using the URL provided by you in field authentication.redirectResponseUrl in the Authenticate Payer request.

If you are authenticating the payer when establishing a payment agreement with your payer for a series of recurring, installment or unscheduled payments you must provide details about the agreement in the agreement parameter group.

Usage Note

Using the Initiate Authenticate and Authenticate Payer operations for 3-D Secure authentication requires you to manage a variety of authentication flows and understand the 3-D Secure version 2 data flows as published by EMVCo.

A more simple alternatively is to use the gateway's threeDS.js library.

PUT https://eu-gateway.mastercard.com/api/rest/version/69 / merchant / {merchantId} / order / {orderid} / transaction / {transactionid}

Authentication Copied to clipboard

This operation requires authentication via one of the following methods:


  • Certificate authentication.
  • Basic HTTP authentication as described at w3.org. Provide 'merchant.<your gateway merchant ID>' in the userid portion and your API password in the password portion.

Request Copied to clipboard

URL Parameters Copied to clipboard

{merchantId} Copied to clipboard Alphanumeric + additional characters REQUIRED

The unique identifier issued to you by your payment provider.


This identifier can be up to 12 characters in length.


Data may consist of the characters 0-9, a-z, A-Z, '-', '_'

Min length: 1 Max length: 40
{orderid} Copied to clipboard String REQUIRED

A unique identifier for this order to distinguish it from any other order you create.


Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order created by your merchant profile.


Data can consist of any characters

Min length: 1 Max length: 40
{transactionid} Copied to clipboard String REQUIRED

Unique identifier for this transaction to distinguish it from any other transaction on the order.


An order can have transactions representing:

  • Movement of money. For example, payments and refunds.
  • Validations. For example, account verification or 3-D Secure authentication of the payer.
  • Undoing other transactions. For example, voiding a payment transaction.
  • Chargebacks.
  • Fees from your payment service provider.
Each transaction on the order must have a unique id that identifies that transaction. Some transactions also hold the transaction identifier of other transactions on the order. For example a void payment transaction references the original payment transaction that is being voided.

If you attempt an operation and it fails (eg you try to PAY on a card with no funds), then you need a new id for each retry.


Data can consist of any characters

Min length: 1 Max length: 40

Fields Copied to clipboard

accountFunding Copied to clipboard OPTIONAL

Additional details for account funding transactions (order.purchaseType=ACCOUNT_FUNDING).

Account funding transactions are transactions that pull money from the sender's card account for the purpose of funding another account, the recipient's account. Depending on the type of account funding transaction you may be required to provide some or all the details in this parameter group.

accountFunding.purpose Copied to clipboard Enumeration OPTIONAL

Defines the purpose of the account funding payment.If not provided the value is defaulted to OTHER.

Value must be a member of the following list. The values are case sensitive.

CRYPTOCURRENCY_PURCHASE

The funds from this account funding transaction will be used to purchase cryptocurrency.

MERCHANT_SETTLEMENT

The funds from this account funding transaction will be used to settle the proceeds of processing card transactions.

OTHER

The funds from this account funding transaction will be used for any other purpose, e.g. transferring funds from a person to a person or transferring funds into a staged wallet. This is the default value.

PAYROLL

The funds from this account funding transaction will be used to pay salaries.

accountFunding.recipient Copied to clipboard OPTIONAL

Details about the recipient who will subsequently receive the funds that you are debiting from the sender in this transaction.

accountFunding.recipient.country Copied to clipboard Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the recipient.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
accountFunding.recipient.dateOfBirth Copied to clipboard Date OPTIONAL

The date of birth of the recipient in yyyy-mm-dd format.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

accountFunding.recipient.firstName Copied to clipboard String OPTIONAL

First name of the recipient.

Data can consist of any characters

Min length: 1 Max length: 50
accountFunding.recipient.lastName Copied to clipboard String OPTIONAL

Last name of the recipient.

Data can consist of any characters

Min length: 1 Max length: 50
accountFunding.recipient.postCodeZip Copied to clipboard String OPTIONAL

The post code or zip code of the recipient.

Data can consist of any characters

Min length: 1 Max length: 10
accountFunding.recipient.stateProvinceCode Copied to clipboard String OPTIONAL

The state or province code of the recipient.

The value must match the second part of the ISO 3166-2 code. For an address in the United States provide the 2-letter ISO 3166-2 state code. For US military bases provide one of AE, AA, AP. For an address in Canada provide the 2-letter ISO 3166-2 province code.

Data can consist of any characters

Min length: 1 Max length: 3
accountFunding.senderIsRecipient Copied to clipboard Boolean OPTIONAL

Defines if the sender and recipient of the account funding payment are the same or not.

If not provided the value is defaulted to FALSE.

JSON boolean values 'true' or 'false'.

accountFunding.senderType Copied to clipboard Enumeration OPTIONAL

Defines if the sender is a person, a commercial organization, a non-profit organization or a government

Value must be a member of the following list. The values are case sensitive.

COMMERCIAL_ORGANIZATION

The sender is a commercial organization. Examples include account to account transfers initiated by a commercial organization for the purpose of transferring funds to one of their accounts, business to business payments, and disbursements for insurance claims, payroll, investment dividends, merchant rebates.

GOVERNMENT

The sender is a government or government agency. Examples include government agencies paying salaries, pensions, social benefits or tax credits.

NON_PROFIT_ORGANIZATION

The sender is a non-profit organization. Examples include non-profit organizations delivering emergency aid payments.

PERSON

The sender is a person. Examples include account to account transfers initiated by a person to their own account or a different person's account and adding funds to a staged wallet.

agreement Copied to clipboard OPTIONAL

A commercial agreement you have with the payer that allows you to store and use their payment details for later payments.

For example, an agreement to a series of recurring payments (a mobile phone subscription), an agreement to take payment for a purchase by a series of installments (hire purchase), an agreement to make additional payments when required (account top up), or to fulfil a standard industry practice (no show penalty charge).

Do not provide this parameter group if you are storing the payment details for subsequent payer-initiated payments only.

See Credential on File, Cardholder, and Merchant Initiated Transactions for details.

agreement.amountVariability Copied to clipboard Enumeration OPTIONAL

Indicates if all the payments within the agreement use the same amount or if the amount differs between the payments.

The field must be provided for recurring payment agreements.

Value must be a member of the following list. The values are case sensitive.

FIXED

All payments in the recurring payment agreement have the same amount. Examples include magazine subscriptions or gym memberships.

VARIABLE

The amount for the payments within the recurring payment agreement differs between payments. Examples include usage-based charges like utility or phone bills.

agreement.expiryDate Copied to clipboard Date OPTIONAL

Date at which your agreement with the payer to process payments expires.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

agreement.id Copied to clipboard String OPTIONAL

Your identifier for the agreement you have with the payer to process payments.

When you collect cards from your payers and store them for later use, you must provide an agreement ID when you use the stored values for:

  • Recurring payments: you have an agreement with the payer that authorizes you to automatically debit their account at agreed intervals for fixed or variable amounts. For example, gym membership, phone bills, or magazine subscriptions.
  • Installment payments: you have an agreement with the payer that authorizes you to process multiple payments over an agreed period of time for a single purchase. For example, the payer purchases an item for $1000 and pays for it in four monthly installments.
  • Unscheduled: you have an agreement with the payer that authorizes you to process future payments when required. For example, the payer authorizes you to process an account top-up transaction for a transit card when the account balance drops below a certain threshold.
  • Industry Practice: you have an agreement with the payer that authorizes you to initiate additional transactions to fulfil a standard business practice related to an original payment initiated by the payer. For example, a delayed charge for use of the hotel mini bar after the payer has checked out or a no show penalty charge when the payer fails to show for a booking.
When you first establish an agreement with the payer you should also specify the type of agreement in agreement.type.

Data can consist of any characters

Min length: 1 Max length: 100
agreement.maximumAmountPerPayment Copied to clipboard Decimal OPTIONAL

The maximum amount for a single payment in the series as agreed with the payer under your agreement with them.

The amount must be provided in the currency of the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
agreement.minimumDaysBetweenPayments Copied to clipboard Integer OPTIONAL

The minimum number of days between payments agreed with the payer under your agreement with them.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 9999
agreement.numberOfPayments Copied to clipboard Integer OPTIONAL

The number of merchant-initiated payments within the recurring payment agreement.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 999
agreement.paymentFrequency Copied to clipboard Enumeration OPTIONAL

The frequency of the payments within the series as agreed with the payer under your agreement with them.

Value must be a member of the following list. The values are case sensitive.

AD_HOC

The agreement if for payments on an ah-hoc basis.

DAILY

The agreement if for a daily payment.

FORTNIGHTLY

The agreement if for a fortnightly payment.

MONTHLY

The agreement if for a monthly payment.

OTHER

The agreement is for payments according to a schedule other than the ones listed in the other enumeration values for this field.

QUARTERLY

The agreement if for a quarterly payment.

TWICE_YEARLY

The agreement if for a payment twice a year.

WEEKLY

The agreement if for a weekly payment.

YEARLY

The agreement if for a yearly payment.

agreement.type Copied to clipboard Enumeration OPTIONAL

The type of commercial agreement that the payer has with you.

Specify the agreement type when you have provided a value for agreement.id and this payment is the first in a series of payments. The default value is OTHER.

The gateway will use the value you specify for subsequent payments in the series.

Value must be a member of the following list. The values are case sensitive.

INDUSTRY_PRACTICE

An agreement where the payer authorizes you to initiate additional transactions to fulfil a standard business practice related to an original payment initiated by the payer. These additional payments are triggered by an event not known at the time of the payer's initial agreement. For example, a delayed charge for use of the hotel mini bar after the payer has checked out or a no show charge when the payer fails to show for a booking.

INSTALLMENT

An agreement where the payer authorizes the payment for a single purchase to be split into a number of payments processed at agreed intervals. For example, pay for a purchase in six monthly installments.

OTHER

An agreement where you want to link related payments for any purpose other than processing recurring, installment, or unscheduled payments. For example, split tender payments.

RECURRING

An agreement where the payer authorizes you to process repeat payments for bills or invoices at agreed intervals (for example, weekly, monthly). The amount might be fixed or variable.

UNSCHEDULED

An agreement where the payer authorizes you to automatically deduct funds for a payment for an agreed purchase when required (unscheduled). For example, auto top-ups when the account value falls below a threshold.

apiOperation Copied to clipboard String = AUTHENTICATE_PAYER FIXED

Any sequence of zero or more unicode characters.

authentication Copied to clipboard OPTIONAL

Information about how the payer's identity is verified.

For example, using 3-D Secure authentication.

This parameter group include payer authentication options available to you, parameters you need to perform payer authentication for an available method, and the results of payer authentication.

authentication.3ds2 Copied to clipboard OPTIONAL

Information about payer authentication using 3-D Secure authentication version 2.

authentication.3ds2.sdk Copied to clipboard OPTIONAL

Information provided by the 3-D Secure Software Development Kit (SDK) that is used by an app on the payer's device to enable 3-D Secure authentication of the payer to be performed in-app.

You must populate the fields in this parameter group when you authenticate the payer in-app using 3-D Secure authentication version 2.

authentication.3ds2.sdk.appId Copied to clipboard String REQUIRED

A unique identifier for the app on the payer's device.

The 3-D Secure SDK generates this identifier each time the app is installed or updated.

This field corresponds to EMVCo field sdkAppID

Data can consist of any characters

Min length: 36 Max length: 36
authentication.3ds2.sdk.encryptedData Copied to clipboard String REQUIRED

Information about the payer's device collected and encrypted by the 3-D Secure SDK.

The data is a JSON Web Encryption (JWE) object in JSON format. When using the REST/JSON gateway API, express this as a JSON string (i.e. the embedded quotes will be escaped).

This field corresponds to EMVCo field sdkEncData

Data can consist of any characters

Min length: 0 Max length: 64000
authentication.3ds2.sdk.ephemeralPublicKey Copied to clipboard JSON Text REQUIRED

A public key generated by the 3-D Secure SDK.

This key is used to establish a secure session between the 3DS SDK and the issuer's Access Control Server (ACS) when the payer is required to be presented with an authentication challenge.

The key is a JSON Web Key (JWK) object in JSON format. When using the REST/JSON gateway API, express this as a JSON string (i.e the embedded quotes will be escaped).

This field corresponds to EMVCo field sdkEphemPubKey

Data is valid Json Format

Min length: 0 Max length: 256
authentication.3ds2.sdk.interface Copied to clipboard Enumeration OPTIONAL

The User Interface (UI) formats that the payer's device supports.

These are the formats that can be used to render the screens presented to the payer during an authentication challenge.

You only need to provide this value if you only support one of these formats.

This field corresponds to EMVCo data element sdkInterface in the field deviceRenderOptions.

Value must be a member of the following list. The values are case sensitive.

HTML

The device supports HTML format.

NATIVE

The device supports the UI format native to the payer's device.

authentication.3ds2.sdk.referenceNumber Copied to clipboard String REQUIRED

An identifier of the vendor and version of the 3-D Secure SDK assigned by EMVCo.

This field corresponds to EMVCo field sdkReferenceNumber

Data can consist of any characters

Min length: 1 Max length: 32
authentication.3ds2.sdk.timeout Copied to clipboard Integer OPTIONAL

The duration (in seconds) available to the payer to authenticate.

Will default to 900 if not provided. Note: The value will be rounded up to the nearest minute.

This field corresponds to EMVCo field sdkMaxTimeout

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 300 Max value: 900
authentication.3ds2.sdk.transactionId Copied to clipboard String REQUIRED

A unique identifier assigned by the 3-D Secure SDK for the transaction.

This field corresponds to EMVCo field sdkTransID

Data can consist of any characters

Min length: 36 Max length: 36
authentication.3ds2.sdk.uiType Copied to clipboard Comma separated enumeration OPTIONAL

Indicates the UI types which the SDK supports for displaying authentication challenges within the app.

A comma separated list of the payer authentication methods that you will accept for this payment.

You only need to provide this value if all of these values are not supported.

Note: OTHER_HTML is only supported when authentication.3ds2.sdk.interface allows a HTML UI format.

This field corresponds to EMVCo data element sdkUiType in the field deviceRenderOptions.

Value must be one or more comma separated members of the following list. The values are case sensitive.

TEXT

The payer is asked to enter text into a field displayed on the UI. For example, ask the payer to enter a One Time Password sent to their registered mobile phone number.

SINGLE_SELECT

The payer is asked to select a single option from a number of presented options. For example, ask the payer if they want a One Time Password to be sent to either their email address or mobile phone number registered with their issuer.

MULTI_SELECT

The payer is asked to select multiple options from a number of presented options. For example, ask the payer to select valid responses to a question.

OUT_OF_BAND

The payer is presented with screens rendered by an out-of-band service during an authentication challenge, For example, the payer is asked to confirm the payment from their banking app.

OTHER_HTML

The payer is presented with an authentication challenge using other mechanisms supported in HTML but not in the native UI format. For example, the payer is asked to confirm an image presented on the screen.

authentication.challengePreference Copied to clipboard Enumeration OPTIONAL

Indicates if you want the payer to be presented with an authentication challenge for this transaction.

You can use this to support local mandates or your risk tolerance. For example, you may prefer that a challenge is always performed when you store card details on file.

If you do not provide a value, the gateway will use NO_PREFERENCE. If there is no payer present (for example, recurring payments), then the gateway will ignore this field and use NO_CHALLENGE.

Note: 'challenge' means requiring the payer to take action to identify themselves, for example, entering a password.

Value must be a member of the following list. The values are case sensitive.

CHALLENGE_MANDATED

The merchant requires that the payer is presented with an authentication challenge.

CHALLENGE_PREFERRED

The merchant prefers that the payer is presented with an authentication challenge.

NO_CHALLENGE

The merchant prefers that the payer is not presented with an authentication challenge.

NO_PREFERENCE

The issuer determines whether or not the payer should be presented with an authentication challenge. The merchant does not have a preference.

REQUEST_WHITELISTING

Tells the issuer that you prefer them to present the payer with a challenge and that you want them to invite the payer to add you to their list of trusted merchants. If the payer whitelists you, they can skip authentication for any future payments. You will be able to tell whether the payer has added you to their list of trusted merchants by looking at authentication.psd2.whitelistStatus in the authentication response following the completion of the challenge.

authentication.goodsDescription Copied to clipboard String OPTIONAL

Description of the goods being purchased.

If supported, this description will be displayed on the authentication UI presented to the payer.

Data can consist of any characters

Min length: 0 Max length: 30
authentication.psd2 Copied to clipboard OPTIONAL

This parameter group is only applicable if you are subject to the Regulatory Technical Standards (RTS) requirements for Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2) regulations in the European Economic Area.

It provides details about SCA exemptions under PSD2.

authentication.psd2.exemption Copied to clipboard Enumeration OPTIONAL

Indicates why this payment qualifies for exemption from Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2).

Note:

  • For recurring payments provide the RECURRING_PAYMENT value only if the amount is the same. If the amount varies, provide MERCHANT_INITIATED_TRANSACTION instead.

Value must be a member of the following list. The values are case sensitive.

AUTO

If either a LOW_RISK or LOW_VALUE_PAYMENT exemption applies to the transaction, it is automatically claimed by the gateway on behalf of the merchant.

LOW_RISK

Exemption is claimed because the acquirer has a low fraud rate.

LOW_VALUE_PAYMENT

Exemption is claimed as the amount is below 30 Euro.

MERCHANT_INITIATED_TRANSACTION

The transaction is excluded as it was initiated by the merchant based on an agreement with the payer. For example, a recurring payment (for a varied or fixed amount), installment payment, or account top-up. In these cases, the payer is not present and cannot participate in an authentication interaction. Merchant initiated transactions are only applicable to subsequent transactions on the order and are out of scope of the PSD2 RTS on Strong Customer Authentication (SCA). The payer must be authenticated during the first transaction that established the agreement.

NONE

An exemption is not claimed for this transaction. The merchant requires Strong Customer Authentication (SCA) be performed.

RECURRING_PAYMENT

The transaction is exempt as it was initiated by the merchant based on an agreement with the payer for a recurring payment for a fixed amount. This value is only applicable to subsequent transactions on the order. In this case, the payer is not present and cannot participate in an authentication interaction. The payer must be authenticated during the first transaction that established the agreement.

SECURE_CORPORATE_PAYMENT

The transaction is exempt as it is a corporate or Business-to-Business (B2B) payment performed using dedicated payment processes and protocols that are not available to consumers and offer at least equivalent security levels.

WHITELISTED_MERCHANT

The transaction is exempt because the payer has added you to the list of their trusted merchants (as maintained by the issuer).

authentication.redirectResponseUrl Copied to clipboard Url OPTIONAL

The URL to which you want to redirect the payer after completing the payer authentication process.

This will be a URL on your website, with the URL encoded as defined in RFC3986. This means special characters such spaces, hyphens, etc must be encoded.

You must provide this URL, unless you are certain that there will be no interaction with the payer.

Ensure that the URL begins with 'https' and is longer than 11 characters.

billing Copied to clipboard OPTIONAL

Details of the payer's billing address.

billing.address Copied to clipboard OPTIONAL

The payer's billing address.

This data may be used to qualify for better interchange rates on corporate purchase card transactions.

billing.address.city Copied to clipboard String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.company Copied to clipboard String OPTIONAL

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.country Copied to clipboard Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
billing.address.postcodeZip Copied to clipboard Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
billing.address.stateProvince Copied to clipboard String OPTIONAL

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
billing.address.stateProvinceCode Copied to clipboard String OPTIONAL

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
billing.address.street Copied to clipboard String OPTIONAL

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
billing.address.street2 Copied to clipboard String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
correlationId Copied to clipboard String OPTIONAL

A transient identifier for the request, that can be used to match the response to the request.

The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.

Data can consist of any characters

Min length: 1 Max length: 100
customer Copied to clipboard OPTIONAL

Information associated with the customer's account.

customer.email Copied to clipboard Email OPTIONAL

The email address of the customer.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

customer.firstName Copied to clipboard String OPTIONAL

The payer's first name.

Data can consist of any characters

Min length: 1 Max length: 50
customer.lastName Copied to clipboard String OPTIONAL

The payer's last or surname.

Data can consist of any characters

Min length: 1 Max length: 50
customer.mobilePhone Copied to clipboard Telephone Number OPTIONAL

The payer's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
customer.phone Copied to clipboard Telephone Number OPTIONAL

The payer's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
customer.taxRegistrationId Copied to clipboard String OPTIONAL

The tax registration identifier of the customer.

Data can consist of any characters

Min length: 1 Max length: 30
device Copied to clipboard OPTIONAL

Information about the device used by the payer for this transaction.

device.ani Copied to clipboard String OPTIONAL

The telephone number captured by ANI (Automatic Number Identification) when the customer calls to place the order.

Data can consist of any characters

Min length: 1 Max length: 10
device.aniCallType Copied to clipboard String OPTIONAL

The 2 digit ANI information identifier provided by the telephone company to indicate the call type, for example, cellular (61-63), toll free (24,25), etc.

Data can consist of any characters

Min length: 1 Max length: 2
device.browser Copied to clipboard String OPTIONAL

The User-Agent header of the browser the customer used to place the order.For example, MOZILLA/4.0 (COMPATIBLE; MSIE 5.0; WINDOWS 95)

You must provide a value in this field if you are performing 3-D Secure authentication of the payer and set authentication.channel = PAYER_BROWSER.

Data can consist of any characters

Min length: 1 Max length: 255
device.browserDetails Copied to clipboard OPTIONAL

Detailed information about the payer's browser.

If you are using 3-D Secure authentication to authenticate the payer, then this information is used by the issuer's Access Control Server (ACS) to identify the capabilities of the payers browser so that it can render content appropriately when authenticating the payer.

You must provide values for fields in this parameter group if you are performing 3-D Secure authentication of the payer and set authentication.channel = PAYER_BROWSER.

device.browserDetails.3DSecureChallengeWindowSize Copied to clipboard Enumeration OPTIONAL

Dimensions of the challenge window (in width x height in pixels) displayed to the payer during 3D-Secure authentication.

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

Value must be a member of the following list. The values are case sensitive.

250_X_400
390_X_400
500_X_600
600_X_400
FULL_SCREEN
device.browserDetails.acceptHeaders Copied to clipboard String OPTIONAL

The content of the Accept request-header field as sent from the payer's browser.

This is used to determine which content types are supported by the browser.

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

Data can consist of any characters

Min length: 1 Max length: 2048
device.browserDetails.colorDepth Copied to clipboard Integer OPTIONAL

The bit depth (in bits per pixel) of the color palette for displaying images.

You obtain this value from the screen.colorDepth property of the payer's browser.

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 48
device.browserDetails.javaEnabled Copied to clipboard Boolean OPTIONAL

Indicates whether or not the payer's browser supports Java.

You obtain this value from the navigator.javaEnabled property of the payer's browser

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

JSON boolean values 'true' or 'false'.

device.browserDetails.javaScriptEnabled Copied to clipboard Boolean OPTIONAL

Indicates whether or not the payer's browser supports JavaScript.

You can determine this by setting the relevant value in a form to false, and then attempting to update it to true using JavaScript.

JSON boolean values 'true' or 'false'.

device.browserDetails.language Copied to clipboard String OPTIONAL

The language supported for the payer's browser as defined in IETF BCP47.

You obtain this value from the navigator.language property of the payer's browser.

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

Data can consist of any characters

Min length: 1 Max length: 8
device.browserDetails.screenHeight Copied to clipboard Integer OPTIONAL

The total height of the payer's browser screen in pixels.

You obtain this value from the screen.height property of the payer's browser

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 999999
device.browserDetails.screenWidth Copied to clipboard Integer OPTIONAL

The total width of the payer's browser screen in pixels.

You obtain this value from the screen.width property of the payer's browser

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 999999
device.browserDetails.timeZone Copied to clipboard Browser Time Zone Offset OPTIONAL

Time difference between UTC time and the Cardholder browser local time, in minutes.

The time zone offset is the difference, in minutes, between UTC and local time. Note that this means that the offset is positive if the local time zone is behind UTC and negative if it is ahead. For example, for time zone UTC+10:00 (Australian Eastern Standard Time, Vladivostok Time, Chamorro Standard Time), -600 would be presented.

This must be provided for authentication operations where authentication.channel is PAYER_BROWSER.

Browser time zone offset between -840 to +840.

device.fingerprint Copied to clipboard String OPTIONAL

Information collected about a remote computing device for the purpose of providing a unique identifier for the device.

For example, session ID, blackbox ID.

Data can consist of any characters

Min length: 1 Max length: 4000
device.hostname Copied to clipboard String OPTIONAL

The name of the server to which the customer is connected.

Data can consist of any characters

Min length: 1 Max length: 60
device.ipAddress Copied to clipboard String OPTIONAL

The IP address of the device used by the payer, in nnn.nnn.nnn.nnn format.

Data can consist of any characters

Min length: 7 Max length: 15
device.mobilePhoneModel Copied to clipboard String OPTIONAL

The mobile phone manufacturer's identifier for the model of the mobile device used to initiate the payment.

Data can consist of any characters

Min length: 1 Max length: 255
order Copied to clipboard REQUIRED

Information about the order associated with this transaction.

order.acceptPartialAmount Copied to clipboard Boolean OPTIONAL

Indicates whether you will accept a payment less than order.amount, e.g. when using a gift card.

If not set or set to FALSE, and the full amount is not available, the transaction will be rejected.
Unless you have been advised by your payment service provider that the gateway supports partial approvals for your acquirer, you can ignore this field.
If the gateway supports partial approvals for your acquirer you must set this field to TRUE else the transaction is rejected by the gateway.

JSON boolean values 'true' or 'false'.

order.amount Copied to clipboard Decimal OPTIONAL

The total amount for the order.  This is the net amount plus any merchant charge amounts.If you provide any sub-total amounts, then the sum of these amounts (order.itemAmount, order.taxAmount, order.shippingAndHandlingAmount, order.cashbackAmount, order.gratuityAmount, order.merchantCharge.amount and order.dutyAmount), minus the order.discountAmount must equal the net amount.

The value of this field in the response is zero if payer funds are not transferred.

Either Amount or netAmount must be provided

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.certainty Copied to clipboard Enumeration OPTIONAL

Indicates if you expect to capture the full order amount for which you are requesting authorization.

If you do not provide a value for order.certainty the default configured for you by your payment service provider will be used. The value provided in the response shows the value the gateway sent to the acquirer

Value must be a member of the following list. The values are case sensitive.

ESTIMATED

The amount authorized is an estimate of the amount that will be captured. It is possible that the amount captured will be less, or might not be captured at all.

FINAL

The full authorized amount is expected to be captured within the mandated time. The order will only be cancelled in exceptional circumstances (for example, the payer cancelled their purchase).

order.currency Copied to clipboard Upper case alphabetic text REQUIRED

The currency of the order expressed as an ISO 4217 alpha code, e.g. USD.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.custom Copied to clipboard String OPTIONAL

Information about this order that is of interest to you.

For example order.custom.X, where 'X' is defined by you and must be less than 100 characters from the set A-Z, a-z, 0-9. For example, order.custom.salesRegion. You can specify up to 50 such fields. They are not sent to acquirers.

Data can consist of any characters

Min length: 1 Max length: 250
order.customerNote Copied to clipboard String OPTIONAL

A note from the payer about this order.

Data can consist of any characters

Min length: 1 Max length: 250
order.customerOrderDate Copied to clipboard Date OPTIONAL

The date the payer placed the order.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd.

order.customerReference Copied to clipboard ASCII Text OPTIONAL

The payer's own reference for the order.

This reference may assist the payer to identify the order in their system. For example, a purchase order number, project identifier, or cost center.

Data consists of ASCII characters

Min length: 0 Max length: 25
order.description Copied to clipboard String OPTIONAL

Short textual description of the contents of the order.

Data can consist of any characters

Min length: 1 Max length: 127
order.discount Copied to clipboard OPTIONAL

Information about a price reduction you have applied to the order.

For example, you may apply discounts for trade, employees, bulk purchase, or a sales promotion.

order.discount.amount Copied to clipboard Decimal OPTIONAL

The total amount of the discount you have applied to the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.discount.code Copied to clipboard String OPTIONAL

The code you use to identify the reason for the discount.

Data can consist of any characters

Min length: 1 Max length: 40
order.discount.description Copied to clipboard String OPTIONAL

A description of your reason for the discount.

Data can consist of any characters

Min length: 1 Max length: 127
order.dutyAmount Copied to clipboard Decimal OPTIONAL

The duty amount (also known as customs tax, tariff or dues) for the order.

Data is a decimal number.

Max value: 1000000000000 Min value: 0 Max post-decimal digits: 3
order.invoiceNumber Copied to clipboard String OPTIONAL

The invoice number you issued for this order.

Data can consist of any characters

Min length: 1 Max length: 25
order.localTaxRegistrationId Copied to clipboard String OPTIONAL

Your tax registration identifier provided by the Local/State/Province tax authority.

If you are a Canadian merchant, use this field to provide your Tax Registration ID for paying Provincial Sales Tax (PST).

Data can consist of any characters

Min length: 1 Max length: 25
order.marketplace Copied to clipboard OPTIONAL

Use this parameter group to provide additional information if you are a marketplace.You are considered a marketplace if you operate an electronic commerce website or mobile application that brings together payers and retailers and you are selling the goods or services on behalf of the retailer.In this case, the card schemes may require you to register with them as a marketplace and assign you a Marketplace ID.

You should provide this identifier to your payment service provider so that the gateway can automatically include it in all transaction messages to your acquirer.

order.marketplace.retailerLocation Copied to clipboard Enumeration OPTIONAL

Provide information about the location of the retailers for goods or services included in this order.Where a retailer is located in a country different from your country, they are considered a foreign retailer, otherwise they are considered a domestic retailer.

Value must be a member of the following list. The values are case sensitive.

DOMESTIC_ONLY

The order only contains items from domestic retailers.

FOREIGN_AND_DOMESTIC

The order contains items from both foreign and domestic retailers.

FOREIGN_ONLY

The order only contains items from foreign retailers.

order.merchantCharge Copied to clipboard OPTIONAL

Information about additional fees that you are charging the payer for processing the payment for this order, for example, a surcharge.

order.merchantCharge.amount Copied to clipboard Decimal OPTIONAL

The amount of the additional fee that you are charging the payer.

If you provide a charge amount, you must include it in the total amount for the order.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.merchantCharge.type Copied to clipboard Enumeration REQUIRED

The type of the additional fee that you are charging the payer.

Value must be a member of the following list. The values are case sensitive.

SURCHARGE

A fee that covers your cost of accepting accepting a payment method.

order.netAmount Copied to clipboard Decimal OPTIONAL

The amount payable for the order before merchant charge amount is applied.

If you specify a net amount the gateway will calculate the merchant charge amount for you based on the charge type (order.merchantCharge.type) provided in the request. Alternatively, you can specify the merchant charge amount (order.merchantCharge.amount) yourself.

Either Amount or netAmount must be provided

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.owningEntity Copied to clipboard String OPTIONAL

Your identifier for the part of your organization that is responsible for the order.

You might provide this data when you want to track the accountability for the order. For example, store number, sales region, branch, or profit center

Data can consist of any characters

Min length: 1 Max length: 40
order.purchaseType Copied to clipboard Enumeration OPTIONAL

Indicates the purchase of specific types of goods or services.

You must provide a value if your Merchant Category Code (MCC) is one of the following:

6051 (Quasi Cash – Merchant or Non-Financial Institutions – Foreign Currency, Non-Fiat Currency) and this transaction is for the purchase of cryptocurrency. Set the value to CRYPTOCURRENCY.

6211 (Securities – Brokers/Dealers) and this transaction is for the purchase of high-risk securities. Set the value to HIGH_RISK_SECURITIES.

6012 (Merchandise and Services—Customer Financial Institutions) or 6051 (Non-Financial Institutions – Foreign Currency, Non-Fiat Currency) and this transaction is for debt repayment. Set the value to DEBT_REPAYMENT.

If the transaction pulls money from an account for the purpose of crediting another account you must set purchase type to ACCOUNT_FUNDING.

You may set purchase type to OTHER for any other type of payment.

Value must be a member of the following list. The values are case sensitive.

CRYPTOCURRENCY

The transaction is for the purchase of a cryptocurrency.

DEBT_REPAYMENT

You may be required to provide additional details about the debt repayment in the debtRepayment parameter group.

HIGH_RISK_SECURITIES

The transaction is for the purchase of high-risk securities.

OTHER

Use this value if the purchase type for the transaction does not fit in any of the other categories.

order.requestorName Copied to clipboard String OPTIONAL

The name of the person who requested the goods or services.

Data can consist of any characters

Min length: 1 Max length: 100
order.shippingAndHandlingAmount Copied to clipboard Decimal OPTIONAL

The total shipping and handling amount for the order, including taxes on the shipping and/or handling.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.shippingAndHandlingTaxAmount Copied to clipboard Decimal OPTIONAL

The tax amount levied on the shipping and handling amount for the order.

This amount is included in the shipping and handling amount provided in field order.shippingAndHandlingAmount.

Data is a decimal number.

Max value: 1000000000000 Min value: 0 Max post-decimal digits: 3
order.shippingAndHandlingTaxRate Copied to clipboard Decimal OPTIONAL

The tax rate applied to the shipping and handling amount for the order to determine the shipping and handling tax amount.

For a tax rate of 2.5% provide 0.025.

Data is a decimal number.

Max value: 1000000000000000000 Min value: 0 Max post-decimal digits: 4
order.statementDescriptor Copied to clipboard OPTIONAL

Contact information provided by you for printing on payer's account statements.

order.statementDescriptor.address Copied to clipboard OPTIONAL

Descriptor address of the merchant.

order.statementDescriptor.address.city Copied to clipboard String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
order.statementDescriptor.address.company Copied to clipboard String OPTIONAL

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
order.statementDescriptor.address.country Copied to clipboard Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.statementDescriptor.address.postcodeZip Copied to clipboard Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
order.statementDescriptor.address.stateProvince Copied to clipboard String OPTIONAL

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
order.statementDescriptor.address.street Copied to clipboard String OPTIONAL

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
order.statementDescriptor.address.street2 Copied to clipboard String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
order.statementDescriptor.name Copied to clipboard String OPTIONAL

Descriptor name of the merchant.

Data can consist of any characters

Min length: 1 Max length: 100
order.statementDescriptor.phone Copied to clipboard String OPTIONAL

Descriptor phone number of the merchant's business.

Data can consist of any characters

Min length: 1 Max length: 20
order.supply Copied to clipboard OPTIONAL

Information about orders for items not yet available (pre-order) or for items previously purchased (reorder).

order.supply.preorder Copied to clipboard Boolean OPTIONAL

Indicates that the purchase includes merchandise with a future availability or release date.

JSON boolean values 'true' or 'false'.

order.supply.preorderAvailabilityDate Copied to clipboard Date OPTIONAL

The date that preordered items are expected to be available.

Provide this field if the payer is ordering items before you have them available for purchase.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

order.supply.reorder Copied to clipboard Boolean OPTIONAL

Indicates that the purchase includes merchandise that the payer has previously ordered.

JSON boolean values 'true' or 'false'.

order.tax[n] Copied to clipboard OPTIONAL

Use this parameter group to provide a breakdown of tax types, amount per tax type, and rate per tax type included in order.taxAmount.

order.tax[n].amount Copied to clipboard Decimal OPTIONAL

The tax amount included in this order for the tax type.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.tax[n].rate Copied to clipboard Decimal OPTIONAL

The tax rate (percentage) used to determine the tax amount included in this order for the tax type.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 6
order.tax[n].type Copied to clipboard String OPTIONAL

The type of tax included in the order amount.

The correct value as used by your acquirer may have to be provided. Contact your payment service provider for details.

Data can consist of any characters

Min length: 1 Max length: 50
order.taxAmount Copied to clipboard Decimal OPTIONAL

The total tax amount for the order.

If you do not provide this value but provide line item data, then this amount is calculated as the sum of the item.quantity times the item.unitTaxAmount for all the line items (total tax amount).
If you provide both this value and line item data, then the order.taxAmount MUST equal the total tax amount.

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.taxRegistrationId Copied to clipboard String OPTIONAL

Your tax registration identifier provided by the Federal/National tax authority (for example, federal tax identification number, ABN).

If you are a Canadian merchant, use this field to provide your Tax Registration ID for paying Harmonized Sales Tax (HST) or Goods and Services Tax (GST) collected by the Canada Revenue Agency.

Data can consist of any characters

Min length: 1 Max length: 30
order.taxStatus Copied to clipboard Enumeration OPTIONAL

Indicates your tax status for this order.

Value must be a member of the following list. The values are case sensitive.

EXEMPT

Indicates that you are exempt from tax.

NOT_EXEMPT

Indicates that you are not exempt from tax.

NOT_PROVIDED

Indicates that you are not providing information about being exempt from tax.

order.transactionFiltering Copied to clipboard OPTIONAL

Information relevant for Transaction Filtering.

order.transactionFiltering.avsResponseCodeRules[n] Copied to clipboard OPTIONAL

Allows you to provide the Address Verification Service (AVS) Response Code Transaction Filtering rules to be applied to the transactions for this order.

If provided, these rules override the AVS Response Code Transaction Filtering rules you have configured in Merchant Administration.

order.transactionFiltering.avsResponseCodeRules[n].action Copied to clipboard Enumeration REQUIRED

The action to be performed for the Address Verification Service (AVS) Response Code.

Value must be a member of the following list. The values are case sensitive.

NO_ACTION

No action should be taken by the gateway.

REJECT

The gateway must reject the transaction.

REVIEW

The gateway must mark this transaction as requiring a review.

order.transactionFiltering.avsResponseCodeRules[n].avsResponseCode Copied to clipboard Enumeration REQUIRED

The Address Verification Service (AVS) Response Code for which you are defining the rule.

Value must be a member of the following list. The values are case sensitive.

ADDRESS_MATCH

Street address matched

ADDRESS_ZIP_MATCH

Street address and zip/postcode were matched

NAME_ADDRESS_MATCH

Card holder name and street address matched

NAME_MATCH

Card holder name matched

NAME_ZIP_MATCH

Card holder name and zip/postcode matched

NOT_AVAILABLE

No data available from issuer or AVS data not supported for transaction

NOT_REQUESTED

AVS not requested

NOT_VERIFIED

AVS could not be verified for an international transaction

NO_MATCH

No match

SERVICE_NOT_AVAILABLE_RETRY

Issuer system is unavailable. Retry can be attempted

SERVICE_NOT_SUPPORTED

Service currently not supported by acquirer or merchant

ZIP_MATCH

Zip/postcode matched. Street address not matched

order.valueTransfer Copied to clipboard OPTIONAL

Information about payments that transfer money to another store of value, such as a gift card or gaming chips.

order.valueTransfer.accountType Copied to clipboard Enumeration OPTIONAL

The type of value store to which money is being transferred.

The default value is NOT_A_TRANSFER.

Value must be a member of the following list. The values are case sensitive.

NOT_A_TRANSFER

This payment is not for the purpose of transferring money to another store of value. It is a payment for goods or services.

PREPAID_LOAD

Payment to add funds to a prepaid card or gift card.

QUASI_CASH_TRANSACTION

Payment for items that are directly convertible to cash. For example, money orders, casino gaming chips, or traveller's checks.

order.valueTransfer.amount Copied to clipboard Decimal OPTIONAL

The amount of money being transferred, in units of order.valueTransfer.currency.

The default value is order.amount

Data is a string that consists of the characters 0-9 and '.' and represents a valid decimal number.

Min length: 1 Max length: 14
order.valueTransfer.currency Copied to clipboard Upper case alphabetic text OPTIONAL

The currency of the store.

If the money is being transferred to multiple currencies, then use the currency of the highest transferred value.

The default value is order.currency.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
order.valueTransfer.numberOfCards Copied to clipboard Integer OPTIONAL

The number of prepaid or gift card being purchased.

The default value is one when you set order.valueTransfer.accountType = PREPAID_LOAD. For all other values of order.valueTransfer.accountType the default is zero.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 0 Max value: 999
order.walletIndicator Copied to clipboard String OPTIONAL

The wallet indicator as returned by the wallet provider.

Data can consist of any characters

Min length: 3 Max length: 3
order.walletProvider Copied to clipboard Enumeration OPTIONAL

The wallet provider used to collect the customer's payment details used for this transaction.

Value must be a member of the following list. The values are case sensitive.

AMEX_EXPRESS_CHECKOUT

Amex Express Checkout wallet provider.

APPLE_PAY

Apple Pay mobile wallet provider.

CHASE_PAY

Chase Pay wallet provider.

GOOGLE_PAY

Google Pay mobile wallet provider.

MASTERPASS_ONLINE

MasterPass Online wallet provider.

SAMSUNG_PAY

Samsung Pay mobile wallet provider.

SECURE_REMOTE_COMMERCE

Secure Remote Commerce (SRC) wallet provider.

VISA_CHECKOUT

Visa Checkout wallet provider.

session.id Copied to clipboard ASCII Text OPTIONAL

Identifier of the payment session containing values for any of the request fields to be used in this operation.

Values provided in the request will override values contained in the session.

Data consists of ASCII characters

Min length: 31 Max length: 35
session.version Copied to clipboard ASCII Text OPTIONAL

Use this field to implement optimistic locking of the session content.

Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.

To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.

If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.

See Making Business Decisions Based on Session Content.

Data consists of ASCII characters

Min length: 10 Max length: 10
shipping Copied to clipboard OPTIONAL

Shipping information for this order.

shipping.address Copied to clipboard OPTIONAL

The address to which this order will be shipped.

shipping.address.city Copied to clipboard String OPTIONAL

The city portion of the address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.company Copied to clipboard String OPTIONAL

The name of the company associated with this address.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.country Copied to clipboard Upper case alphabetic text OPTIONAL

The 3 letter ISO standard alpha country code of the address.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
shipping.address.postcodeZip Copied to clipboard Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
shipping.address.sameAsBilling Copied to clipboard Enumeration OPTIONAL

Indicates whether the shipping address provided is the same as the payer's billing address.

Provide this value if you are not providing the full shipping and billing addresses, but you can affirm that they are the same or different.

The default value for this field is:

SAME - if the shipping and billing address are supplied, and all fields are the same (ignoring non-alphanumerics).
DIFFERENT - if the shipping and billing address are supplied, and at least one field is different (ignoring non-alphanumerics).
UNKNOWN - either shipping address or billing address is absent.

Value must be a member of the following list. The values are case sensitive.

DIFFERENT

The shipping and billing addresses are different.

SAME

The shipping and billing addresses are the same.

UNKNOWN

It is not known if the shipping and billing addresses are the same.

shipping.address.source Copied to clipboard Enumeration OPTIONAL

How you obtained the shipping address.

Value must be a member of the following list. The values are case sensitive.

ADDRESS_ON_FILE

Order shipped to an address that you have on file.

NEW_ADDRESS

Order shipped to an address provided by the payer for this transaction.

shipping.address.stateProvince Copied to clipboard String OPTIONAL

The state or province of the address.

Data can consist of any characters

Min length: 1 Max length: 20
shipping.address.stateProvinceCode Copied to clipboard String OPTIONAL

The three character ISO 3166-2 country subdivision code for the state or province of the address.

Providing this field might improve your payer experience for 3-D Secure payer authentication.

Data can consist of any characters

Min length: 1 Max length: 3
shipping.address.street Copied to clipboard String OPTIONAL

The first line of the address.

For example, this may be the street name and number, or the Post Office Box details.

Data can consist of any characters

Min length: 1 Max length: 100
shipping.address.street2 Copied to clipboard String OPTIONAL

The second line of the address (if provided).

Data can consist of any characters

Min length: 1 Max length: 100
shipping.contact Copied to clipboard OPTIONAL

Details of the contact person at the address the goods will be shipped to.

shipping.contact.email Copied to clipboard Email OPTIONAL

The contact person's email address.

The field format restriction ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses.

Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses

shipping.contact.firstName Copied to clipboard String OPTIONAL

The first name of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.lastName Copied to clipboard String OPTIONAL

The last name or surname of the person to whom the order is being shipped.

Data can consist of any characters

Min length: 1 Max length: 50
shipping.contact.mobilePhone Copied to clipboard Telephone Number OPTIONAL

The contact person's mobile phone or cell phone number in ITU-T E123 format, for example +1 607 1234 5678

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.contact.phone Copied to clipboard Telephone Number OPTIONAL

The contact person's phone number in ITU-T E123 format, for example +1 607 1234 456

The number consists of:

  • '+'
  • country code (1, 2 or 3 digits)
  • 'space'
  • national number ( which may embed single spaces characters for readability).

Data consists of '+', country code (1, 2 or 3 digits), 'space', and national number (which may embed single space characters for readability)

Mandatory country code: true Max total digits: 15
shipping.contact.sameAsBilling Copied to clipboard Enumeration OPTIONAL

Indicates whether the supplied name for the recipient of shipping matches the cardholder name.

Provide this value if you are not providing the full name or cardholder name, but you can affirm that they are the same or different.

Default value is UNKNOWN

Value must be a member of the following list. The values are case sensitive.

DIFFERENT

The shipping and billing addresses are different.

SAME

The shipping and billing addresses are the same.

UNKNOWN

It is not known if the shipping and billing addresses are the same.

shipping.method Copied to clipboard Enumeration OPTIONAL

The shipping method used for delivery of this order.

Value must be a member of the following list. The values are case sensitive.

ELECTRONIC

Electronic delivery.

GROUND

Ground (4 or more days).

NOT_SHIPPED

Order for goods that are not shipped (for example, travel and event tickets)

OVERNIGHT

Overnight (next day).

PICKUP

Shipped to a local store for pick up.

PRIORITY

Priority (2-3 days).

SAME_DAY

Same day.

shipping.origin.postcodeZip Copied to clipboard Alphanumeric + additional characters OPTIONAL

The post code or zip code of the address the order is shipped from.

Data may consist of the characters 0-9, a-z, A-Z, ' ', '-'

Min length: 1 Max length: 10
sourceOfFunds Copied to clipboard OPTIONAL

The details describing the source of the funds to be used.

For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.

sourceOfFunds.provided Copied to clipboard OPTIONAL

Information about the source of funds when it is directly provided (as opposed to via a token or session).

For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.

sourceOfFunds.provided.card Copied to clipboard OPTIONAL

Details about the card.

Use this parameter group when you have sourced payment details using:
Cards: the card details entered directly or collected using a Point of Sale (POS) terminal.
Device payment methods such as Apple Pay, Android Pay, Samsung Pay or Google Pay.
Digital wallets such as Masterpass, Visa Checkout or Amex Express Checkout.
Card scheme tokens where the card was tokenized using a card scheme tokenization service such as Mastercard Digital Enablement Service (MDES).

sourceOfFunds.provided.card.devicePayment Copied to clipboard OPTIONAL

If the payer chose to pay using a device you must provide payment details in this parameter group.

Use this parameter group when accepting payments using device payment methods such as Apple Pay, Android Pay or Samsung Pay.

sourceOfFunds.provided.card.devicePayment.3DSecure Copied to clipboard OPTIONAL

Details used to process a digital payment where the payment data keys for the online payment cryptogram are provided using the 3-D Secure format.

Use this parameter group for:

  • • Device payments: if you decrypt the payment token yourself. In this case, you source these fields directly from the decrypted payment token.
    You do not need to use this parameter group if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken.
  • • Card scheme tokens: if you decrypt the transaction credentials yourself.

sourceOfFunds.provided.card.devicePayment.3DSecure.eciIndicator Copied to clipboard Digits OPTIONAL

The Electronic Commerce Indicator generated for payments made using a device payment method.

You source this field directly from the decrypted payment token.

This field is not applicable for payments using digital wallets or card scheme tokens.

Data is a string that consists of the characters 0-9.

Min length: 1 Max length: 2
sourceOfFunds.provided.card.devicePayment.3DSecure.onlinePaymentCryptogram Copied to clipboard Base64 OPTIONAL

A cryptogram used to authenticate the transaction.Use this field for:

  • • Device payments: source this field directly from the decrypted payment token.
  • • Card scheme tokens: source this field directly from the decrypted transaction credentials.

Data is Base64 encoded

Min length: 1 Max length: 128
sourceOfFunds.provided.card.devicePayment.cryptogramFormat Copied to clipboard Enumeration OPTIONAL

The format of the cryptogram provided for the digital payment.Use this field for:

  • • Device payments: provide the cryptogram format when you decrypt the payment token and provide the payment details (including the online payment cryptogram) in the transaction request.

This field does not apply to Card Scheme token payments.

Value must be a member of the following list. The values are case sensitive.

3DSECURE

The payment data keys for the online payment cryptogram are provided using the 3-D Secure format.

EMV

The payment data keys for the online payment cryptogram are provided using the EMV format.

sourceOfFunds.provided.card.devicePayment.paymentToken Copied to clipboard String OPTIONAL

This is the payment token that you received from the device's payment SDK.

For example:

For Apple Pay - this is the PKPaymentToken.paymentData value.

For Google - this is PaymentMethodToken.getToken().

Note 1: The gateway API considers this value to be a string, NOT JSON itself. Therefore when using the JSON gateway API, this field will typically look like:

"sourceOfFunds": {
"provided": {
"card": {
"devicePayment": {
"paymentToken": "{\"data\":\"869ss19ew ....

Note 2: The gateway will ignore the currency and amount information in the payment token, and will instead use the values passed on the amount and currency fields. For normal usage, you should populate those fields with the exact same values as you got from the SDK.

Data can consist of any characters

Min length: 1 Max length: 16384
sourceOfFunds.provided.card.expiry Copied to clipboard OPTIONAL

Expiry date, as shown on the card.

sourceOfFunds.provided.card.expiry.month Copied to clipboard Digits REQUIRED

Month, as shown on the card.

If using a scheme token this is the token expiry month.
Months are numbered January=1, through to December=12.

Data is a number between 1 and 12 represented as a string.

sourceOfFunds.provided.card.expiry.year Copied to clipboard Digits REQUIRED

Year, as shown on the card.

If using a scheme token this is the token expiry year.
The Common Era year is 2000 plus this value.

Data is a string that consists of the characters 0-9.

Min length: 2 Max length: 2
sourceOfFunds.provided.card.nameOnCard Copied to clipboard String OPTIONAL

The cardholder's name as printed on the card.

Data can consist of any characters

Min length: 1 Max length: 256
sourceOfFunds.provided.card.number Copied to clipboard Digits OPTIONAL

Credit card number as printed on the card.

Data is a string that consists of the characters 0-9.

Min length: 9 Max length: 19
sourceOfFunds.provided.card.securityCode Copied to clipboard Digits OPTIONAL

Card verification code, as printed on the back or front of the card or as provided for a card scheme token.

Data is a string that consists of the characters 0-9.

Min length: 3 Max length: 4
sourceOfFunds.token Copied to clipboard Alphanumeric OPTIONAL

Gateway token that uniquely identifies a card and associated details.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 40

Response Copied to clipboard

Fields Copied to clipboard

accountFunding Copied to clipboard CONDITIONAL

Additional details for account funding transactions (order.purchaseType=ACCOUNT_FUNDING).

Account funding transactions are transactions that pull money from the sender's card account for the purpose of funding another account, the recipient's account. Depending on the type of account funding transaction you may be required to provide some or all the details in this parameter group.

accountFunding.purpose Copied to clipboard Enumeration CONDITIONAL

Defines the purpose of the account funding payment.If not provided the value is defaulted to OTHER.

Value must be a member of the following list. The values are case sensitive.

CRYPTOCURRENCY_PURCHASE

The funds from this account funding transaction will be used to purchase cryptocurrency.

MERCHANT_SETTLEMENT

The funds from this account funding transaction will be used to settle the proceeds of processing card transactions.

OTHER

The funds from this account funding transaction will be used for any other purpose, e.g. transferring funds from a person to a person or transferring funds into a staged wallet. This is the default value.

PAYROLL

The funds from this account funding transaction will be used to pay salaries.

accountFunding.recipient Copied to clipboard CONDITIONAL

Details about the recipient who will subsequently receive the funds that you are debiting from the sender in this transaction.

accountFunding.recipient.country Copied to clipboard Upper case alphabetic text CONDITIONAL

The 3 letter ISO standard alpha country code of the recipient.

Data must consist of the characters A-Z

Min length: 3 Max length: 3
accountFunding.recipient.dateOfBirth Copied to clipboard Date CONDITIONAL

The date of birth of the recipient in yyyy-mm-dd format.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

accountFunding.recipient.firstName Copied to clipboard String CONDITIONAL

First name of the recipient.

Data can consist of any characters

Min length: 1 Max length: 50
accountFunding.recipient.lastName Copied to clipboard String CONDITIONAL

Last name of the recipient.

Data can consist of any characters

Min length: 1 Max length: 50
accountFunding.recipient.postCodeZip Copied to clipboard String CONDITIONAL

The post code or zip code of the recipient.

Data can consist of any characters

Min length: 1 Max length: 10
accountFunding.recipient.stateProvinceCode Copied to clipboard String CONDITIONAL

The state or province code of the recipient.

The value must match the second part of the ISO 3166-2 code. For an address in the United States provide the 2-letter ISO 3166-2 state code. For US military bases provide one of AE, AA, AP. For an address in Canada provide the 2-letter ISO 3166-2 province code.

Data can consist of any characters

Min length: 1 Max length: 3
accountFunding.senderIsRecipient Copied to clipboard Boolean CONDITIONAL

Defines if the sender and recipient of the account funding payment are the same or not.

If not provided the value is defaulted to FALSE.

JSON boolean values 'true' or 'false'.

accountFunding.senderType Copied to clipboard Enumeration CONDITIONAL

Defines if the sender is a person, a commercial organization, a non-profit organization or a government

Value must be a member of the following list. The values are case sensitive.

COMMERCIAL_ORGANIZATION

The sender is a commercial organization. Examples include account to account transfers initiated by a commercial organization for the purpose of transferring funds to one of their accounts, business to business payments, and disbursements for insurance claims, payroll, investment dividends, merchant rebates.

GOVERNMENT

The sender is a government or government agency. Examples include government agencies paying salaries, pensions, social benefits or tax credits.

NON_PROFIT_ORGANIZATION

The sender is a non-profit organization. Examples include non-profit organizations delivering emergency aid payments.

PERSON

The sender is a person. Examples include account to account transfers initiated by a person to their own account or a different person's account and adding funds to a staged wallet.

agreement Copied to clipboard CONDITIONAL

A series of related orders that execute one commercial agreement.

For example, linking the orders for a series of recurring payments (a mobile phone subscription), split tenders (one payment using two cards), or when the merchant offers to take payments by a series of installments (hire purchase).

agreement.amountVariability Copied to clipboard Enumeration CONDITIONAL

Indicates if all the payments within the agreement use the same amount or if the amount differs between the payments.

The field must be provided for recurring payment agreements.

Value must be a member of the following list. The values are case sensitive.

FIXED

All payments in the recurring payment agreement have the same amount. Examples include magazine subscriptions or gym memberships.

VARIABLE

The amount for the payments within the recurring payment agreement differs between payments. Examples include usage-based charges like utility or phone bills.

agreement.expiryDate Copied to clipboard Date CONDITIONAL

Date at which your agreement with the payer to process payments expires.

Data must comply with ISO 8601 extended date format, yyyy-mm-dd

agreement.id Copied to clipboard String CONDITIONAL

Your identifier for the agreement you have with the payer to process payments.

When you collect cards from your payers and store them for later use, you must provide an agreement ID when you use the stored values for:

  • Recurring payments: you have an agreement with the payer that authorizes you to automatically debit their account at agreed intervals for fixed or variable amounts. For example, gym membership, phone bills, or magazine subscriptions.
  • Installment payments: you have an agreement with the payer that authorizes you to process multiple payments over an agreed period of time for a single purchase. For example, the payer purchases an item for $1000 and pays for it in four monthly installments.
  • Unscheduled: you have an agreement with the payer that authorizes you to process future payments when required. For example, the payer authorizes you to process an account top-up transaction for a transit card when the account balance drops below a certain threshold.
  • Industry Practice: you have an agreement with the payer that authorizes you to initiate additional transactions to fulfil a standard business practice related to an original payment initiated by the payer. For example, a delayed charge for use of the hotel mini bar after the payer has checked out or a no show penalty charge when the payer fails to show for a booking.
When you first establish an agreement with the payer you should also specify the type of agreement in agreement.type.

Data can consist of any characters

Min length: 1 Max length: 100
agreement.maximumAmountPerPayment Copied to clipboard Decimal CONDITIONAL

The maximum amount for a single payment in the series as agreed with the payer under your agreement with them.

The amount must be provided in the currency of the order.

Data is a decimal number.

Max value: 99999999999999 Min value: 0 Max post-decimal digits: 3
agreement.minimumDaysBetweenPayments Copied to clipboard Integer CONDITIONAL

The minimum number of days between payments agreed with the payer under your agreement with them.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 9999
agreement.numberOfPayments Copied to clipboard Integer CONDITIONAL

The number of merchant-initiated payments within the recurring payment agreement.

JSON number data type, restricted to being positive or zero. In addition, the represented number may have no fractional part.

Min value: 1 Max value: 999
agreement.paymentFrequency Copied to clipboard Enumeration CONDITIONAL

The frequency of the payments within the series as agreed with the payer under your agreement with them.

Value must be a member of the following list. The values are case sensitive.

AD_HOC

The agreement if for payments on an ah-hoc basis.

DAILY

The agreement if for a daily payment.

FORTNIGHTLY

The agreement if for a fortnightly payment.

MONTHLY

The agreement if for a monthly payment.

OTHER

The agreement is for payments according to a schedule other than the ones listed in the other enumeration values for this field.

QUARTERLY

The agreement if for a quarterly payment.

TWICE_YEARLY

The agreement if for a payment twice a year.

WEEKLY

The agreement if for a weekly payment.

YEARLY

The agreement if for a yearly payment.

agreement.type Copied to clipboard Enumeration CONDITIONAL

The type of commercial agreement that the payer has with you.

Specify the agreement type when you have provided a value for agreement.id and this payment is the first in a series of payments. The default value is OTHER.

The gateway will use the value you specify for subsequent payments in the series.

Value must be a member of the following list. The values are case sensitive.

INDUSTRY_PRACTICE

An agreement where the payer authorizes you to initiate additional transactions to fulfil a standard business practice related to an original payment initiated by the payer. These additional payments are triggered by an event not known at the time of the payer's initial agreement. For example, a delayed charge for use of the hotel mini bar after the payer has checked out or a no show charge when the payer fails to show for a booking.

INSTALLMENT

An agreement where the payer authorizes the payment for a single purchase to be split into a number of payments processed at agreed intervals. For example, pay for a purchase in six monthly installments.

OTHER

An agreement where you want to link related payments for any purpose other than processing recurring, installment, or unscheduled payments. For example, split tender payments.

RECURRING

An agreement where the payer authorizes you to process repeat payments for bills or invoices at agreed intervals (for example, weekly, monthly). The amount might be fixed or variable.

UNSCHEDULED

An agreement where the payer authorizes you to automatically deduct funds for a payment for an agreed purchase when required (unscheduled). For example, auto top-ups when the account value falls below a threshold.

authentication Copied to clipboard CONDITIONAL

Information about how the payer's identity is verified.

For example, using 3-D Secure authentication.
This parameter group include payer authentication options available to you, parameters you need to perform payer authentication for an available method, and the results of payer authentication.

authentication.3ds Copied to clipboard CONDITIONAL

Information about payer authentication using 3-D Secure authentication.

Parameters in this group apply to both 3-D Secure authentication version 1 and 3-D Secure Authentication version 2.

Depending on the 3-D Secure authentication version applicable you will also need additional parameters:

  • 3-D Secure authentication version 1: see the authentication.3ds1 parameter group.
  • 3-D Secure authentication version 2: see the authentication.3ds2 parameter group.

authentication.3ds.acsEci Copied to clipboard Alphanumeric CONDITIONAL

Indicates the security level of the transaction.

This is the Electronic Commerce Indicator (ECI) value provided by the issuer's Access Control Server (ACS) to indicate the results of the attempt to authenticate the payer.

Data may consist of the characters 0-9, a-z, A-Z

Min length: 1 Max length: 2
authentication.3ds.authenticationToken Copied to clipboard Base64 CONDITIONAL

The base64 encoded value generated by the issuer.

The authentication token Included in subsequent transaction request messages and used by the card scheme to verify that the authentication occurred and the values provided are valid. The token should be used unaltered. For 3DS version 1, this field corresponds to the Cardholder Authentication Verification Value (CAVV) for Visa, the Accountholder Authentication Value (AAV) for MasterCard and JCB, or the American Express Verification Value (AEVV) for American Express.

For 3DS version 2, this field corresponds to the Authentication Value.

Data is Base64 encoded

allowable lengths 28 or 32
authentication.3ds.transactionId Copied to clipboard String CONDITIONAL

A unique identifier for the 3-D Secure authentication transaction.

For 3DS version 1, this field corresponds to the XID. The XID is an identifier generated by the gateway on behalf of the merchant.

For 3DS version 2, this field corresponds to the identifier assigned by the scheme directory server.


This identifier should be used in subsequent operation requests unaltered.

An XID submitted in this field must be in base64 format.

Data can consist of any characters

Min length: 1 Max length: 50
authentication.3ds1 Copied to clipboard CONDITIONAL

Information about payer authentication using 3-D Secure authentication version 1.

authentication.3ds1.paResStatus Copied to clipboard Alpha CONDITIONAL

Indicates the result of payer authentication with the issuer.

This is the value returned in the transaction status field of the Payer Authentication Response (PARes) message from the card Issuer's Access Control Server (ACS). For example, Y, N, A, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.3ds1.veResEnrolled Copied to clipboard Alpha ALWAYS PROVIDED

Indicates whether or not payer authentication is available for the card number you provided.

This is for experts only - most users should use the response.gatewayRecommendation field.

This is the value returned in the 'enrolled' field of the Verify Enrollment Response (VERes) message from the card scheme's Directory Server. For example, Y, N, or U. Refer to the relevant documentation for Mastercard SecureCode™, Verified by Visa™, JCB J/Secure™, American Express SafeKey™, or Diners Club ProtectBuy™.

Data may consist of the characters a-z, A-Z

Min length: 1 Max length: 1
authentication.3ds2 Copied to clipboard CONDITIONAL

Information about payer authentication using 3-D Secure authentication version 2.

authentication.3ds2.3dsServerTransactionId