Initiate Authentication
Operation to initiate an authentication request.
Authentication
This operation requires authentication via one of the following methods:
- Certificate authentication.
- 
                            
                                            To authenticate to the API two additional NVP parameters must be supplied in the request.
                                            Provide 'merchant.<your gateway merchant ID>' in the apiUsername field and your API password in the apiPassword field.
Request
Fields
String
                        = INITIATE_AUTHENTICATION
                                    FIXED
                                
                Any sequence of zero or more unicode characters.
String
                        
                                            OPTIONAL
                                
                A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
String
                        
                                            OPTIONAL
                                
                Your payment service provider might have configured your merchant profile to support several lines of business.
Each line of business can have different payment parameters, such as bank account, supported cards or such.
For example, lineOfBusiness = TICKET_SALES can have a different bank account from lineOfBusiness = MERCHANDISING. One line of business on your profile might be "null". To use that, do not provide the lineOfBusiness field.
Data can consist of any characters except space
Alphanumeric + additional characters
                        REQUIRED
                                        
                The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
Information about the order associated with this transaction.
String
                        
                                            OPTIONAL
                                
                The identifier of the order.
For example, a shopping cart number, an order number, or an invoice number.
Data can consist of any characters
Upper case alphabetic text
                        REQUIRED
                                        
                The currency of the transaction expressed as an ISO 4217 alpha code, e.g. USD.
Data must consist of the characters A-Z
String
                        REQUIRED
                                        
                A unique identifier for this order to distinguish it from any other order you create.
Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order you create using your merchant profile.
Data can consist of any characters
Digits
                        
                                            OPTIONAL
                                
                A 4-digit code used to classify your business by the type of goods or services it offers.
This is also known as the Merchant Category Code (MCC).
You only need to provide the MCC if you want to override the default value configured for your acquirer link.The value you provide must match one of those configured by your payment service provider.
Data is a string that consists of the characters 0-9.
Url
                        
                                            OPTIONAL
                                
                The URL to which the gateway will send Webhook notifications when an order is created or updated.
To receive notifications at this URL, you must enable Webhook notifications in Merchant Administration. Ensure the URL is HTTPS
Ensure that the URL begins with 'https' and is longer than 11 characters.
String
                        
                                            OPTIONAL
                                
                If, when integrating with the gateway, you are using a solution (e.g. a shopping cart or e-commerce solution) provided, supported or certified by your payment service provider, enter the solution ID issued by your payment service provider here.
If your payment service provider has not provided you with a solution ID, you should ignore this field.
Data can consist of any characters
ASCII Text
                        
                                            OPTIONAL
                                
                Identifier of the payment session containing values for any of the request fields to be used in this operation.
Values provided in the request will override values contained in the session.
Data consists of ASCII characters
ASCII Text
                        
                                            OPTIONAL
                                
                Use this field to implement optimistic locking of the session content.
Do this if you make business decisions based on data from the session and wish to ensure that the same data is being used for the request operation.
To use optimistic locking, record session.version when you make your decisions, and then pass that value in session.version when you submit your request operation to the gateway.
If session.version provided by you does not match that stored against the session, the gateway will reject the operation with error.cause=INVALID_REQUEST.
See Making Business Decisions Based on Session Content.
Data consists of ASCII characters
The details describing the source of the funds to be used.
For card payments these may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.
Information about the source of funds when it is directly provided (as opposed to via a token or session).
For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.
Details as shown on the card.
If the payer chose to pay using a device you must provide payment details in this parameter group.
Use this parameter group when accepting payments using device payment methods such as Apple Pay, Android Pay or Samsung Pay.
Details used to process a digital payment where the payment data keys for the online payment cryptogram are provided using the 3-D Secure format.
Use this parameter group for:
-  • Device payments: if you decrypt the payment token yourself. In this case, you source these fields directly from the decrypted payment token.
 You do not need to use this parameter group if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken.
- • Card scheme tokens: if you decrypt the transaction credentials yourself.
Digits
                        
                                            OPTIONAL
                                
                The Electronic Commerce Indicator generated for payments made using a device payment method.
You source this field directly from the decrypted payment token.
You must provide this field if you have it. This field is not applicable for payments using digital wallets.
Data is a string that consists of the characters 0-9.
Base64
                        
                                            OPTIONAL
                                
                A cryptogram used to authenticate the transaction.
Use this field for:
- • Device payments: source this field directly from the decrypted payment token.
- • Card scheme tokens: source this field directly from the decrypted transaction credentials. For MDES (Mastercard Digital Enablement Service) tokens this is the UCAF cryptogram (de48se43Data). For VTS (Visa Token Service) tokens this is the TAVV cryptogram.
Data is Base64 encoded
Enumeration
                        
                                            OPTIONAL
                                
                The format of the cryptogram provided for the digital payment.Use this field for:
- • Device payments: provide the cryptogram format when you decrypt the payment token and provide the payment details (including the online payment cryptogram) in the transaction request.
This field does not apply to Card Scheme token payments.
Value must be a member of the following list. The values are case sensitive.
3DSECURE
                                        The payment data keys for the online payment cryptogram are provided using the 3-D Secure format.
EMV
                                        The payment data keys for the online payment cryptogram are provided using the EMV format.
String
                        
                                            OPTIONAL
                                
                This is the payment token that you received from the device's payment SDK.
For example:
For Apple Pay - this is the PKPaymentToken.paymentData value.
For Google - this is PaymentMethodToken.getToken().
Note 1: The gateway API considers this value to be a string, NOT JSON itself. Therefore when using the JSON gateway API, this field will typically look like:
"sourceOfFunds": {
"provided": {
"card": {
"devicePayment": {
"paymentToken": "{\"data\":\"869ss19ew ....
Note 2: The gateway will ignore the currency and amount information in the payment token, and will instead use the values passed on the amount and currency fields. For normal usage, you should populate those fields with the exact same values as you got from the SDK.
Data can consist of any characters
Digits
                        
                                            OPTIONAL
                                
                The account number of the payer's account used for this authentication.
On requests, provide the number in the form that you receive it (as explained below). On responses, the gateway populates it with a form that the payer would recognize (also explained in more detail below).
- Request 
 On request, populate this field based on the payment method you are using for the payment:- • Card: the account number embossed onto the card.
- • Scheme tokens such as MDES (Mastercard Digital Enablement Service) - supply the value called the "Token PAN" or VTS (Visa Token Service) - supply the value called "token".
 
- Response 
 On return, the card number will be populated in 6.4 masking format, for example, 000000xxxxxx0000.
Data is a string that consists of the characters 0-9.
Alphanumeric
                        
                                            OPTIONAL
                                
                Gateway token that uniquely identifies a card and associated details.
Data may consist of the characters 0-9, a-z, A-Z
Enumeration
                        
                                            OPTIONAL
                                
                The payment method used for this authentication.
If you are passing card or scheme token data on the API, then you need to set this value, and also provide the card or token details in the sourceOfFunds.provided.card group.
If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFund.token field.
Value must be a member of the following list. The values are case sensitive.
CARD
                                        Use this value for authentications using the card number.
Information about this transaction.
String
                        
                                            OPTIONAL
                                
                An optional identifier for this transaction.
Data can consist of any characters
String
                        REQUIRED
                                        
                Unique identifier for this transaction to distinguish it from any other transaction on the order.
An order can have transactions representing:
- Movement of money. For example, payments and refunds.
- Validations. For example, account verification or 3-D Secure authentication of the payer.
- Undoing other transactions. For example, voiding a payment transaction.
- Chargebacks.
- Fees from your payment service provider.
If you attempt an operation and it fails (eg you try to PAY on a card with no funds), then you need a new id for each retry.
Data can consist of any characters
Response
Fields
String
                        
                                            CONDITIONAL
                                
                A transient identifier for the request, that can be used to match the response to the request.
The value provided is not validated, does not persist in the gateway, and is returned as provided in the response to the request.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                Your payment service provider might have configured your merchant profile to support several lines of business.
Each line of business can have different payment parameters, such as bank account, supported cards or such.
For example, lineOfBusiness = TICKET_SALES can have a different bank account from lineOfBusiness = MERCHANDISING. One line of business on your profile might be "null". To use that, do not provide the lineOfBusiness field.
Data can consist of any characters except space
Alphanumeric + additional characters
                        ALWAYS PROVIDED
                                        
                The unique identifier issued to you by your payment provider.
This identifier can be up to 12 characters in length.
Data may consist of the characters 0-9, a-z, A-Z, '-', '_'
Information about the order associated with this transaction.
Enumeration
                        
                                            CONDITIONAL
                                
                Indicates the result of payer authentication.
Value must be a member of the following list. The values are case sensitive.
AUTHENTICATION_ATTEMPTED
                                        Payer authentication was attempted and a proof of authentication attempt was obtained.
AUTHENTICATION_AVAILABLE
                                        Payer authentication is available for the payment method provided.
AUTHENTICATION_EXEMPT
                                        Exemption from the Regulatory Technical Standards (RTS) requirements for Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2) regulations in the European Economic Area has been claimed or granted.
AUTHENTICATION_FAILED
                                        The payer was not authenticated. You should not proceed with this transaction.
AUTHENTICATION_NOT_IN_EFFECT
                                        There is no authentication information associated with this transaction.
AUTHENTICATION_NOT_SUPPORTED
                                        The requested authentication method is not supported for this payment method.
AUTHENTICATION_PENDING
                                        Payer authentication is pending completion of a challenge process.
AUTHENTICATION_REJECTED
                                        The issuer rejected the authentication request and requested that you do not attempt authorization of a payment.
AUTHENTICATION_REQUIRED
                                        Payer authentication is required for this payment, but was not provided.
AUTHENTICATION_SUCCESSFUL
                                        The payer was successfully authenticated.
AUTHENTICATION_UNAVAILABLE
                                        The payer was not able to be authenticated due to a technical or other issue.
DateTime
                        ALWAYS PROVIDED
                                        
                The timestamp indicating the time the gateway considers the order to have been created.
An instant in time expressed in ISO8601 date + time format - "YYYY-MM-DDThh:mm:ss.SSSZ"
Upper case alphabetic text
                        ALWAYS PROVIDED
                                        
                The currency of the order expressed as an ISO 4217 alpha code, e.g. USD.
Data must consist of the characters A-Z
String
                        ALWAYS PROVIDED
                                        
                A unique identifier for this order to distinguish it from any other order you create.
Use this identifier when referring to this order in subsequent transactions and in retrieval operations. This value must be unique for every order created by your merchant profile.
Data can consist of any characters
Digits
                        
                                            CONDITIONAL
                                
                A 4-digit code used to classify your business by the type of goods or services it offers.This is also known as the Merchant Category Code (MCC).
You only need to provide the MCC if you want to override the default value configured for your acquirer link.The value you provide must match one of those configured by your payment service provider.
Data is a string that consists of the characters 0-9.
Url
                        
                                            CONDITIONAL
                                
                The URL to which the gateway will send Webhook notifications when an order is created or updated.
To receive notifications at this URL, you must enable Webhook notifications in Merchant Administration. Ensure the URL is HTTPS
Ensure that the URL begins with 'https' and is longer than 11 characters.
String
                        
                                            CONDITIONAL
                                
                An optional identifier for the order.
For example, a shopping cart number, an order number, or an invoice number.
Data can consist of any characters
Enumeration
                        
                                            CONDITIONAL
                                
                The current progression of this order through the payment process.
Value must be a member of the following list. The values are case sensitive.
AUTHENTICATED
                                        The payer was successfully authenticated.
AUTHENTICATION_INITIATED
                                        Payer authentication has been initiated but not completed.
AUTHENTICATION_NOT_NEEDED
                                        Payer authentication was not performed as it was not needed.
AUTHENTICATION_UNSUCCESSFUL
                                        Payer authentication was not able to be successfully completed.
AUTHORIZED
                                        The payment has been authorized successfully but the authorized amount has not yet been captured, in part, full, or excess.
CANCELLED
                                        The initial transaction for this order has been voided successfully.
CAPTURED
                                        The authorized amount for this order, in full or excess, has been captured successfully.
CHARGEBACK_PROCESSED
                                        A Chargeback has been processed against this order.
DISPUTED
                                        The payment has been disputed and is under investigation. A request for information has been received or a chargeback is pending.
EXCESSIVELY_REFUNDED
                                        The payment has been captured in part, full, or excess, but the captured amount in excess has been refunded successfully.
FAILED
                                        The payment has not been successful.
FUNDING
                                        The order transfers money to or from the merchant, without the involvement of a payer. For example, recording monthly merchant service fees from your payment service provider.
INITIATED
                                        A browser payment that has successfully been initiated for this order. No payment has yet been made.
PARTIALLY_CAPTURED
                                        The authorized amount for this order, in part, has been captured successfully.
PARTIALLY_REFUNDED
                                        The payment has been captured in part, full, or excess, but the captured amount in part has been refunded successfully.
REFUNDED
                                        The payment has been captured in part, full, or excess, but the captured amount in full has been refunded successfully.
REFUND_REQUESTED
                                        A refund against captured amounts on this order has been requested but not executed. Requires further action to approve the refund.
VERIFIED
                                        The card details for this order have successfully been verified. No payment has yet been initiated or made.
Decimal
                        ALWAYS PROVIDED
                                        
                The amount that has been successfully authorized for this order.
A sequence of digits 0-9 separated by a '.' as a decimal indicator. Leading and trailing zeroes are optional. If the fractional part is zero, the '.' and following zero(es) can be omitted. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#decimal.)
Decimal
                        ALWAYS PROVIDED
                                        
                The amount that has been successfully captured for this order.
A sequence of digits 0-9 separated by a '.' as a decimal indicator. Leading and trailing zeroes are optional. If the fractional part is zero, the '.' and following zero(es) can be omitted. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#decimal.)
Decimal
                        ALWAYS PROVIDED
                                        
                The amount that has been successfully refunded for this order.
A sequence of digits 0-9 separated by a '.' as a decimal indicator. Leading and trailing zeroes are optional. If the fractional part is zero, the '.' and following zero(es) can be omitted. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#decimal.)
String
                        
                                            CONDITIONAL
                                
                If, when integrating with the gateway, you are using a solution (e.g. a shopping cart or e-commerce solution) provided, supported or certified by your payment service provider, enter the solution ID issued by your payment service provider here.
If your payment service provider has not provided you with a solution ID, you should ignore this field.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The container for additional information about a transaction.
Only returned for some errors and is dependent on the merchant's configuration. Returned in error, declined and approved scenarios, but would only be used to trouble shoot issues.
Data can consist of any characters
Enumeration
                        ALWAYS PROVIDED
                                        
                Summary of the success or otherwise of the operation.
Value must be a member of the following list. The values are case sensitive.
ABORTED
                                        Transaction aborted by payer
ACQUIRER_SYSTEM_ERROR
                                        Acquirer system error occurred processing the transaction
APPROVED
                                        Transaction Approved
APPROVED_AUTO
                                        The transaction was automatically approved by the gateway. it was not submitted to the acquirer.
APPROVED_PENDING_SETTLEMENT
                                        Transaction Approved - pending batch settlement
AUTHENTICATION_FAILED
                                        Payer authentication failed
AUTHENTICATION_IN_PROGRESS
                                        The operation determined that payer authentication is possible for the given card, but this has not been completed, and requires further action by the merchant to proceed.
BALANCE_AVAILABLE
                                        A balance amount is available for the card, and the payer can redeem points.
BALANCE_UNKNOWN
                                        A balance amount might be available for the card. Points redemption should be offered to the payer.
BLOCKED
                                        Transaction blocked due to Risk or 3D Secure blocking rules
CANCELLED
                                        Transaction cancelled by payer
DECLINED
                                        The requested operation was not successful. For example, a payment was declined by issuer or payer authentication was not able to be successfully completed.
DECLINED_AVS
                                        Transaction declined due to address verification
DECLINED_AVS_CSC
                                        Transaction declined due to address verification and card security code
DECLINED_CSC
                                        Transaction declined due to card security code
DECLINED_DO_NOT_CONTACT
                                        Transaction declined - do not contact issuer
DECLINED_INVALID_PIN
                                        Transaction declined due to invalid PIN
DECLINED_PAYMENT_PLAN
                                        Transaction declined due to payment plan
DECLINED_PIN_REQUIRED
                                        Transaction declined due to PIN required
DEFERRED_TRANSACTION_RECEIVED
                                        Deferred transaction received and awaiting processing
DUPLICATE_BATCH
                                        Transaction declined due to duplicate batch
EXCEEDED_RETRY_LIMIT
                                        Transaction retry limit exceeded
EXPIRED_CARD
                                        Transaction declined due to expired card
INSUFFICIENT_FUNDS
                                        Transaction declined due to insufficient funds
INVALID_CSC
                                        Invalid card security code
LOCK_FAILURE
                                        Order locked - another transaction is in progress for this order
NOT_ENROLLED_3D_SECURE
                                        Card holder is not enrolled in 3D Secure
NOT_SUPPORTED
                                        Transaction type not supported
NO_BALANCE
                                        A balance amount is not available for the card. The payer cannot redeem points.
PARTIALLY_APPROVED
                                        The transaction was approved for a lesser amount than requested. The approved amount is returned in order.totalAuthorizedAmount.
PENDING
                                        Transaction is pending
REFERRED
                                        Transaction declined - refer to issuer
SUBMITTED
                                        The transaction has successfully been created in the gateway. It is either awaiting submission to the acquirer or has been submitted to the acquirer but the gateway has not yet received a response about the success or otherwise of the payment.
SYSTEM_ERROR
                                        Internal system error occurred processing the transaction
TIMED_OUT
                                        The gateway has timed out the request to the acquirer because it did not receive a response. Points redemption should not be offered to the payer.
UNKNOWN
                                        The transaction has been submitted to the acquirer but the gateway was not able to find out about the success or otherwise of the payment. If the gateway subsequently finds out about the success of the payment it will update the response code.
UNSPECIFIED_FAILURE
                                        Transaction could not be processed
Enumeration
                        
                                            CONDITIONAL
                                
                If a payment fails, this indicates how you could change the request to bring about success.
This field is only present if your gateway configuration supports optional payment features.
Value must be a member of the following list. The values are case sensitive.
ATTEMPT_WITH_AUTHENTICATION
                                        This response will be presented if the gateway fails the request, but you might achieve a different result if you provide payer authentication data.
DO_NOT_PROCEED
                                        Do not proceed using this card. This will be presented if the gateway fails the request, but there is no apparent way for this transaction to succeed.
PROCEED
                                        Proceed with the next step in processing this payment by either: Authenticating the payer using the Authenticate Payer operation or Submitting the payment request as the payer is sufficiently authenticated, or updating card details.
Enumeration
                        ALWAYS PROVIDED
                                        
                A system-generated high level overall result of the operation.
Value must be a member of the following list. The values are case sensitive.
FAILURE
                                        The operation was declined or rejected by the gateway, acquirer or issuer
PENDING
                                        The operation is currently in progress or pending processing
SUCCESS
                                        The operation was successfully processed
UNKNOWN
                                        The result of the operation is unknown
Information about the payment type selected by the payer for this payment and the source of the funds.
Depending on the payment type the source of the funds can be a debit or credit card, bank account, or account with a browser payment provider (such as PayPal).
For card payments the source of funds information may be represented by combining one or more of the following: explicitly provided card details, a session identifier which the gateway will use to look up the card details and/or a card token. Precedence rules will be applied in that explicitly provided card details will override session card details which will override card token details. Each of these may represent partial card details, however the combination must result in a full and complete set of card details. See Using Multiple Sources of Card Details for examples.
Information about the source of funds when it is directly provided (as opposed to via a token or session).
For browser payments, the source of funds details are usually collected from the payer on the payment provider's website and provided to you when you retrieve the transaction details (for a successful transaction). However, for some payment types (such as giropay), you must collect the information from the payer and supply it here.
For ACH payments, the details about the payers bank account used for the payment as well as the type of ACH payment are provided in this parameter group.
Enumeration
                        
                                            CONDITIONAL
                                
                An indicator identifying the type of bank account.
- Consumer (checking or savings), or
- Business
For pre-arranged payments (sourceOfFunds.provided.ach.secCode=PPD) retrieve this information from the payer.
If payments were telephone-initiated (sourceOfFunds.provided.ach.secCode=TEL) or internet-initiated (sourceOfFunds.provided.ach.secCode=WEB) you may choose to limit the payer's options (e.g. only support consumer checking accounts), depending on your type of business (e.g. B2C online webshop).
Value must be a member of the following list. The values are case sensitive.
CONSUMER_CHECKING
                                        Consumer Checking Account
CONSUMER_SAVINGS
                                        Consumer Savings Account
CORPORATE_CHECKING
                                        Business Checking Account
String
                        
                                            CONDITIONAL
                                
                The name of the bank account holder, as it appears on the account at the receiving financial institution.
Retrieve this information from the payer.
Data can consist of any characters
Alphanumeric + additional characters
                        
                                            CONDITIONAL
                                
                The identifier of the bank account at the receiving financial institution.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data may consist of the characters 0-9, a-z, A-Z, ' ', '-', '/'
Digits
                        
                                            CONDITIONAL
                                
                The identifier of the receiving financial institution.
Also known as:
- Routing number,
- Transit number, or
- ABA number
Retrieve this information from the payer.
See also http://en.wikipedia.org/wiki/Routing_transit_number.
Data is a string that consists of the characters 0-9.
Enumeration
                        
                                            CONDITIONAL
                                
                Identifies the Standard Entry Class (SEC) code to be sent to the issuer.
The SEC is defined by NACHA and describes the origin and intent of the payment. For details please refer to https://www.nacha.org/.
Value must be a member of the following list. The values are case sensitive.
PPD
                                        An ACH debit or credit payment (B2C) that has been authorized by an authenticated customer in written form (signed or similarly authenticated). PPD is used for pre-arranged payments (e.g. employee payroll, mortgage payments, expense reimbursement).
TEL
                                        An ACH debit payment (B2C) that has been authorized by an authenticated customer via phone. TEL may only be used if a relationship already exists between you and the consumer, or, the consumer initiates the contact with you.
WEB
                                        An ACH debit payment (B2C) that has been authorized by an authenticated customer via the internet or a wireless network.
Additional details related to a Boleto Bancario browser payment.
When processing a Boleto Bancario payment you must also provide the payer's national identifier (customer.nationalId), your reference to the payer (customer.id) and the payer's date of birth (customer.dateOfBirth)
String
                        ALWAYS PROVIDED
                                        
                The name of the bank account holder for the payer's bank account.
Data can consist of any characters
Details about the card.
Use this parameter group when you have sourced payment details using:
Cards: the card details entered directly or collected using a Point of Sale (POS) terminal.
Device payment methods such as Apple Pay, Android Pay, Samsung Pay or Google Pay.
Digital wallets such as Masterpass, Visa Checkout or Amex Express Checkout.
Card scheme tokens where the card was tokenized using a card scheme tokenization service such as Mastercard Digital Enablement Service (MDES).
Enumeration
                        
                                            CONDITIONAL
                                
                You can provide this field for card types that have a savings/checking option, such as Maestro cards.
If you do not provide a value, we will use the acquirer's default. You can use paymentTypes.card.cardTypes in the 'Retrieve Payment Options' operation response to determine the card type.
Value must be a member of the following list. The values are case sensitive.
CHECKING
                                        SAVINGS
                                        Enumeration
                        ALWAYS PROVIDED
                                        
                The brand name used to describe the card that is recognized and accepted globally.
For many major card types this will match the scheme name. In some markets, a card may also be co-branded with a local brand that is recognized and accepted within its country/region of origin (see card.localBrand).
You may use this information to support surcharging decisions. This information is gathered from 3rd party sources and may not be accurate in all circumstances.
Value must be a member of the following list. The values are case sensitive.
AMEX
                                        American Express
CHINA_UNIONPAY
                                        China UnionPay
DINERS_CLUB
                                        Diners Club
DISCOVER
                                        Discover
JCB
                                        JCB (Japan Credit Bureau)
LOCAL_BRAND_ONLY
                                        The card does not have a global brand.
MAESTRO
                                        Maestro
MASTERCARD
                                        MasterCard
RUPAY
                                        RuPay
UATP
                                        UATP (Universal Air Travel Plan)
UNKNOWN
                                        The brand of the card used in the transaction could not be identified
VISA
                                        Visa
Use this parameter group if the payer used a device payment technology (eg ApplePay).
You can either just present the device's payment token in the paymentToken subfield, or decrypt the payment token yourself and pass the components in the 3dSecure subfields.
Enumeration
                        
                                            CONDITIONAL
                                
                The format of the cryptogram provided for the device payment.
You must provide the cryptogram format when you decrypt the payment token and provide the payment details (including the online payment cryptogram) in the transaction request.
You do not need to provide the cryptogram format if you provide the payment token in sourceOfFunds.provided.card.devicePayment.paymentToken
Value must be a member of the following list. The values are case sensitive.
3DSECURE
                                        The payment data keys for the online payment cryptogram are provided using the 3-D Secure format.
EMV
                                        The payment data keys for the online payment cryptogram are provided using the EMV format.
The expiry date of the account number associated with a digital payment method.
The associated account number is returned in sourceOfFunds.provided.card.deviceSpecificNumber. This field is returned for:
- • Device payments: the expiry date for the Device Primary Account Number (DPAN).
- • Digital wallets: the expiry date for the Token PAN.
- • Card scheme tokens: the expiry date for the Token PAN.
Digits
                        ALWAYS PROVIDED
                                        
                Month from the expiry date of the device specific account number.
Months are numbered January=1, through to December=12.
Data is a number between 1 and 12 represented as a string.
Digits
                        ALWAYS PROVIDED
                                        
                Year from the expiry date of the device specific account number.
The Common Era year is 2000 plus this value.
Data is a string that consists of the characters 0-9.
Masked digits
                        ALWAYS PROVIDED
                                        
                The payer's account number associated with a digital payment method.
Use this field for:
- • Device payments: the payers's account number associated with the mobile device used for the payment. This is also known as the Device Primary Account Number (DPAN).
- • Digital wallets: the Token PAN returned by a digital wallet. The gateway only returns this value for Amex Express Checkout.
- • Card scheme tokens: the token generated by a card scheme tokenization service such as Mastercard Digital Enablement Service (MDES). The token is used as an identifier of the payer's Primary Account Number (PAN) securely stored by the service. For MDES, this token is referred to as the Token PAN. For VTS, this is the Token
Data is a string that consists of the characters 0-9, plus 'x' for masking
String
                        
                                            CONDITIONAL
                                
                This field only applies to transactions that originate from an EMV capable terminal.
It contains the EMV fields returned from the issuer in response to an authorization request for the chip transaction when the transaction was sent online.
The card/terminal uses data returned from the issuer to make the final decision to accept or decline the transaction.
Data can consist of any characters
Enumeration
                        
                                            CONDITIONAL
                                
                The encryption framework used for the payment details received by the gateway.
Value must be a member of the following list. The values are case sensitive.
DEVICE
                                        Encrypted by a payer's device (such as a mobile phone).
DIGITAL_WALLET
                                        Encrypted by a payer's digital wallet.
DUKPT
                                        Encrypted by a payment terminal using Derived Unique Key Per Transaction (DUKPT).
Expiry date, as shown on the card.
This field corresponds to EMV tag 5F24
Digits
                        ALWAYS PROVIDED
                                        
                Month, as shown on the card.
Months are numbered January=1, through to December=12.
Data is a number between 1 and 12 represented as a string.
Digits
                        ALWAYS PROVIDED
                                        
                Year, as shown on the card.
The Common Era year is 2000 plus this value.
Data is a string that consists of the characters 0-9.
Enumeration
                        ALWAYS PROVIDED
                                        
                The method used by the payer to provide the funds for the payment.
You may use this information to support surcharging decisions. This information is gathered from 3rd party sources and may not be accurate in all circumstances.
Value must be a member of the following list. The values are case sensitive.
CHARGE
                                        The payer has a line of credit with the issuer which must be paid off monthly.
CREDIT
                                        The payer has a revolving line of credit with the issuer.
DEBIT
                                        Funds are immediately debited from the payer's account with the issuer.
UNKNOWN
                                        The account funding method could not be determined.
String
                        
                                            CONDITIONAL
                                
                The issuer of the card, if known.
WARNING: This information may be incorrect or incomplete – use at your own risk.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The brand name used to describe a card that is recognized and accepted within its country/region of origin.
The card may also be co-branded with a brand name that is recognized and accepted globally (see card.brand).
You may use this information to support surcharging decisions. This information is gathered from 3rd party sources and may not be accurate in all circumstances.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The cardholder's name as printed on the card.
Data can consist of any characters
Masked digits
                        ALWAYS PROVIDED
                                        
                The account number of the payer's account used for this authentication.
On requests, provide the number in the form that you receive it (as explained below). On responses, the gateway populates it with a form that the payer would recognize (also explained in more detail below).
- Request 
 On request, populate this field based on the payment method you are using for the payment:- • Card: the account number embossed onto the card.
- • Scheme tokens such as MDES (Mastercard Digital Enablement Service) - supply the value called the "Token PAN" or VTS (Visa Token Service) - supply the value called "token".
 
- Response 
 On return, the card number will be populated in 6.4 masking format, for example, 000000xxxxxx0000.
Data is a string that consists of the characters 0-9, plus 'x' for masking
Enumeration
                        ALWAYS PROVIDED
                                        
                The organization that owns a card brand and defines operating regulations for its use.
The card scheme also controls authorization and settlement of card transactions among issuers and acquirers.
Value must be a member of the following list. The values are case sensitive.
AMEX
                                        American Express
CHINA_UNIONPAY
                                        China UnionPay
DINERS_CLUB
                                        Diners Club
DISCOVER
                                        Discover
JCB
                                        JCB (Japan Credit Bureau)
MASTERCARD
                                        MasterCard
OTHER
                                        The scheme of the card used in the transaction could not be identified.
RUPAY
                                        RuPay
UATP
                                        UATP (Universal Air Travel Plan)
VISA
                                        Visa
Digits
                        
                                            CONDITIONAL
                                
                A number used to differentiate between cards with the same Primary Account Number (PAN).
This field corresponds to EMV tag 5F34
Data is a string that consists of the characters 0-9.
Enumeration
                        
                                            CONDITIONAL
                                
                This field only applies if you collect cards from your payers, store them, and either you or your payers use the stored value for subsequent payments.
If you store using gateway tokenization then you can ignore this field, unless you do payments with both stored and non-stored cards. If you do both, then you must supply the NOT_STORED value for the non-stored case. 
If you use Scheme Tokenization services like MDES and store the tokens provided, you have to provide the value STORED and if you pass the token value with out storing them, provide the value NOT_STORED. 
If you store yourself, you have to provide the TO_BE_STORED or STORED values for all payments.
Value must be a member of the following list. The values are case sensitive.
NOT_STORED
                                        Set this value if the card or token details provided will not be stored. This is the default value for merchants without tokenization.
STORED
                                        Set this value if the card or token details provided have been stored previously. This is the default value when paying with a gateway token.
TO_BE_STORED
                                        Set this value if this is the first transaction using the card and you intend to store the card or token details on success. This is the default value for tokenization merchants who present a payment with a PAN.
String
                        
                                            CONDITIONAL
                                
                Tags provide you with additional information about the card.
For example, identifying if it is an EBT (Electronic Benefits Transfer) or Health Benefit Card. You can use this information to support your decisions about accepting payments with this card. The data is encoded in JSON as an object map indexed on the tag name. Some standard tag names are EBT and HEALTH_BENEFIT_CARD_IIAS. If these tags apply to the card, the tag will have value true, otherwise it will be absent. Other tag names with other values might also exist, depending on which acquirer processed the transaction. For example, an EBT card might return value: {"ACME_CARD_IDENTIFIER":"23", "EBT":true} Contact your payment provider if you wish to understand all tags available for your acquirers.
Data can consist of any characters
Boolean
                        
                                            CONDITIONAL
                                
                Indicates whether card track data is provided.
The values 'true' or 'false'. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#boolean.)
The additional details required to initiate a giropay browser payment.
Digits
                        
                                            CONDITIONAL
                                
                German bank identifier (Bankleitzahl) for the payer's bank account.
Data is a string that consists of the characters 0-9.
Alphanumeric
                        
                                            CONDITIONAL
                                
                The international Business Identifier Code (BIC) for the payer's bank account.
Data may consist of the characters 0-9, a-z, A-Z
String
                        
                                            CONDITIONAL
                                
                The International Bank Account Number (IBAN) for the payer's bank account.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data can consist of any characters
Information about the payer's iDEAL account provided to you when the payer successfully makes a payment.
String
                        
                                            CONDITIONAL
                                
                The name of the bank account holder for the payer's bank account.
Data can consist of any characters
Alphanumeric
                        
                                            CONDITIONAL
                                
                The international Business Identifier Code (BIC) for the payer's bank account.
Data may consist of the characters 0-9, a-z, A-Z
String
                        
                                            CONDITIONAL
                                
                The International Bank Account Number (IBAN) for the payer's bank account.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data can consist of any characters
Information about the payer's PayPal account.
It is provided to you when the payer successfully makes a payment using PayPal or when you have established a billing agreement with the payer.
Email
                        
                                            CONDITIONAL
                                
                The email address of the payer's PayPal account.
Ensures that the email address is longer than 3 characters and adheres to a generous subset of valid RFC 2822 email addresses
String
                        
                                            CONDITIONAL
                                
                The name of the account holder of the payer's PayPal account.
Data can consist of any characters
Details about the agreement you have established with the payer that allows you to bill the payer's PayPal account for goods or services.
Enumeration
                        
                                            CONDITIONAL
                                
                Indicates the number of billing agreements between you and this payer.
Value must be a member of the following list. The values are case sensitive.
MULTIPLE
                                        Indicates that you have multiple billing agreements with this payer. This means that a new agreement ID will be returned in response to each request.
SINGLE
                                        Indicates that you have a single billing agreement with this payer. This means that the same agreement ID will be returned in response to each request.
String
                        
                                            CONDITIONAL
                                
                Your description for the PayPal billing agreement.
This description is displayed to the payer when they are asked to approve the billing agreement.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                An identifier provided by PayPal for the billing agreement.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                Your name for the PayPal billing agreement.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The unique identifier for the payer assigned by PayPal.
Data can consist of any characters
Details about the payer's bank account used for a payment made using SEPA
String
                        ALWAYS PROVIDED
                                        
                The name of the bank account holder for the payer's bank account.
Data can consist of any characters
Alphanumeric
                        
                                            CONDITIONAL
                                
                The international Business Identifier Code (BIC) for the payer's bank account.
Data may consist of the characters 0-9, a-z, A-Z
String
                        ALWAYS PROVIDED
                                        
                The International Bank Account Number (IBAN) for the payer's bank account.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data can consist of any characters
Details about the payer's bank account used for a payment made using Sofortbanking.
The format of the bank account details differs per country.
String
                        
                                            CONDITIONAL
                                
                The name of the bank account holder for the payer's bank account.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The country-specific bank account number for the payer's bank account.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The country-specific bank identifier for the payer's bank account.
Data can consist of any characters
String
                        
                                            CONDITIONAL
                                
                The international Business Identifier Code (BIC) for the payer's bank account.
Data can consist of any characters
Upper case alphabetic text
                        
                                            CONDITIONAL
                                
                The 3 letter ISO standard alpha country code of the payer's bank account.
Data must consist of the characters A-Z
String
                        
                                            CONDITIONAL
                                
                The International Bank Account Number (IBAN) for the payer's bank account.
By default, the bank account number will be returned in a masked format, for example, xxxxxx0000. If you wish to return unmasked bank account numbers, you must have the requisite permission, set responseControls.sensitiveData, and authenticate your call to the API using certificate authentication. Contact your payment service provider for further information.
Data can consist of any characters
Additional details related to a WeChat Pay browser payment.
String
                        ALWAYS PROVIDED
                                        
                The name of the account holder for the payer's WeChat Pay account.
Data can consist of any characters
Alphanumeric
                        
                                            CONDITIONAL
                                
                Gateway token that uniquely identifies a card and associated details.
Data may consist of the characters 0-9, a-z, A-Z
Enumeration
                        
                                            CONDITIONAL
                                
                The payment method used for this authentication.
If you are passing card or scheme token data on the API, then you need to set this value, and also provide the card or token details in the sourceOfFunds.provided.card group.
If you are making a payment with a gateway token, then you can leave this field unset, and only populate the sourceOfFund.token field.
Value must be a member of the following list. The values are case sensitive.
ACH
                                        The payer chose to pay using an electronic fund transfer, to be processed via the Automated Clearing House (ACH) Network. You must provide the payer's bank account details and information about the type of ACH payment under the sourceOfFunds.provided.ach parameter group.
ALIPAY
                                        The payer selected the payment method Alipay.
BOLETO_BANCARIO
                                        The payer selected the payment method Boleto Bancario.
CARD
                                        Use this value for authentications using the card number.
GIROPAY
                                        The payer selected the payment method giropay.
IDEAL
                                        The payer selected the payment method iDEAL.
KLARNA
                                        The payer selected the payment method Klarna.
NONE
                                        The transaction transfers money to or from the merchant, without the involvement of a payer. For example, recording monthly merchant service fees from your payment service provider.
PAYPAL
                                        The payer selected the payment method PayPal.
SEPA
                                        The payer selected the payment method SEPA.
SOFORT
                                        The payer selected the payment method Sofortbanking.
WECHAT_PAY
                                        The payer selected the payment method WeChatPay.
DateTime
                        
                                            CONDITIONAL
                                
                Transaction Date.
The date when the transaction happened.The time the gateway considers the operation to have occurred. The gateway uses timeOfRecord as a point-in-time value for operations such as sorting, billing, and reporting.
An instant in time expressed in ISO8601 date + time format - "YYYY-MM-DDThh:mm:ss.SSSZ"
Information about this transaction.
Decimal
                        ALWAYS PROVIDED
                                        
                The total amount for the transaction.
A sequence of digits 0-9 separated by a '.' as a decimal indicator. Leading and trailing zeroes are optional. If the fractional part is zero, the '.' and following zero(es) can be omitted. (For a complete description, see http://www.w3.org/TR/xmlschema-2/#decimal.)
Enumeration
                        
                                            CONDITIONAL
                                
                Indicates the result of payer authentication.
Value must be a member of the following list. The values are case sensitive.
AUTHENTICATION_ATTEMPTED
                                        Payer authentication was attempted and a proof of authentication attempt was obtained.
AUTHENTICATION_AVAILABLE
                                        Payer authentication is available for the payment method provided.
AUTHENTICATION_EXEMPT
                                        Exemption from the Regulatory Technical Standards (RTS) requirements for Strong Customer Authentication (SCA) under the Payment Services Directive 2 (PSD2) regulations in the European Economic Area has been claimed or granted.
AUTHENTICATION_FAILED
                                        The payer was not authenticated. You should not proceed with this transaction.
AUTHENTICATION_NOT_IN_EFFECT
                                        There is no authentication information associated with this transaction.
AUTHENTICATION_NOT_SUPPORTED
                                        The requested authentication method is not supported for this payment method.
AUTHENTICATION_PENDING
                                        Payer authentication is pending completion of a challenge process.
AUTHENTICATION_REJECTED
                                        The issuer rejected the authentication request and requested that you do not attempt authorization of a payment.
AUTHENTICATION_REQUIRED
                                        Payer authentication is required for this payment, but was not provided.
AUTHENTICATION_SUCCESSFUL
                                        The payer was successfully authenticated.
AUTHENTICATION_UNAVAILABLE
                                        The payer was not able to be authenticated due to a technical or other issue.
Upper case alphabetic text
                        ALWAYS PROVIDED
                                        
                The currency of the transaction expressed as an ISO 4217 alpha code, e.g. USD.
Data must consist of the characters A-Z
String
                        ALWAYS PROVIDED
                                        
                Unique identifier for this transaction to distinguish it from any other transaction on the order.
An order can have transactions representing:
- Movement of money. For example, payments and refunds.
- Validations. For example, account verification or 3-D Secure authentication of the payer.
- Undoing other transactions. For example, voiding a payment transaction.
- Chargebacks.
- Fees from your payment service provider.
If you attempt an operation and it fails (eg you try to PAY on a card with no funds), then you need a new id for each retry.
Data can consist of any characters
Enumeration
                        ALWAYS PROVIDED
                                        
                Indicates the type of action performed on the order.
Value must be a member of the following list. The values are case sensitive.
AUTHENTICATION
                                        Authentication
AUTHORIZATION
                                        Authorization
AUTHORIZATION_UPDATE
                                        Authorization Update
CAPTURE
                                        Capture
CHARGEBACK
                                        Chargeback
FUNDING
                                        The transaction transfers money to or from the merchant, without the involvement of a payer. For example, recording monthly merchant service fees from your payment service provider.
PAYMENT
                                        Payment (Purchase)
REFUND
                                        Refund
REFUND_REQUEST
                                        Refund Request
VERIFICATION
                                        Verification
VOID_AUTHORIZATION
                                        Void Authorization
VOID_CAPTURE
                                        Void Capture
VOID_PAYMENT
                                        Void Payment
VOID_REFUND
                                        Void Refund
String
                        
                                            CONDITIONAL
                                
                The Web Services API version that you submitted the request in.
Data can consist of any characters
Errors
Information on possible error conditions that may occur while processing an operation using the API.
Enumeration
                        
                Broadly categorizes the cause of the error.
For example, errors may occur due to invalid requests or internal system failures.
Value must be a member of the following list. The values are case sensitive.
INVALID_REQUEST
                                        The request was rejected because it did not conform to the API protocol.
REQUEST_REJECTED
                                        The request was rejected due to security reasons such as firewall rules, expired certificate, etc.
SERVER_BUSY
                                        The server did not have enough resources to process the request at the moment.
SERVER_FAILED
                                        There was an internal system failure.
String
                        
                Textual description of the error based on the cause.
This field is returned only if the cause is INVALID_REQUEST or SERVER_BUSY.
Data can consist of any characters
String
                        
                Indicates the name of the field that failed validation.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Data can consist of any characters
String
                        
                Indicates the code that helps the support team to quickly identify the exact cause of the error.
This field is returned only if the cause is SERVER_FAILED or REQUEST_REJECTED.
Data can consist of any characters
Enumeration
                        
                Indicates the type of field validation error.
This field is returned only if the cause is INVALID_REQUEST and a field level validation error was encountered.
Value must be a member of the following list. The values are case sensitive.
INVALID
                                        The request contained a field with a value that did not pass validation.
MISSING
                                        The request was missing a mandatory field.
UNSUPPORTED
                                        The request contained a field that is unsupported.
Enumeration
                        
                A system-generated high level overall result of the operation.
Value must be a member of the following list. The values are case sensitive.
ERROR
                                        The operation resulted in an error and hence cannot be processed.