Card not present card payments

Card not present card payments are payments that are authorised from a customer device, where a physical card is not read by a card terminal. But instead, are manually entered by the customer (or automatically entered by a browser, Apple Pay, or Google Pay).

Create a payment request with the Payments endpoint.
Make sure the billing and shipping fields are present.
Redirect the user to the next.redirect page. This is an hosted payment page where the cardholder enters their card data and completes SCA checks.
The user is returned to your platform after successful, or failure authorisation of the payment. The authorisation can be accepted by the card issuer, or declined, the state field succeeded, or failed respectively.

Example request:

POST /v1/profiles/profile_c4f5e275fed234c98b38f90231/payments
Content-Type: application/json
Accept: application/json
Authorization: Bearer <your_access_token>

{
  "description": "Test description",
  "reference": "c75279b8-60f9-4a7d-a79a-3a231e967e24",
  "method": "creditcard",
  "currency": "EUR",
  "amount": 2283,
  "shipping": {
    "first_name": "Frances",
    "last_name": "Kuhic",
    "email": "[email protected]",
    "phone": "+19227394382",
    "address": {
      "premise": "1600",
      "thoroughfare": "Pennsylvania Avenue NW",
      "locality": "Washington DC",
      "state": "DC",
      "postal_code": "20500",
      "country": "US"
    }
  },
  "billing": {
    "first_name": "Frances",
    "last_name": "Kuhic",
    "email": "[email protected]",
    "phone": "+19227394382",
    "address": {
      "premise": "1600",
      "thoroughfare": "Pennsylvania Avenue NW",
      "locality": "Washington DC",
      "state": "DC",
      "postal_code": "20500",
      "country": "US"
    }
  },
  "session": {
    "redirect_url": "https://www.bankingservice.ai/payment-result"
  }
}

Example result after authorisation:

{
    "id": "payment_e16caed5d3f744a5b0f746b028fb9b4bcb8",
    "description": "Test description",
    "reference": "c75279b8-60f9-4a7d-a79a-3a231e967e24",
    "method": "creditcard",
    "currency": "EUR",
    "amount": 2283,
    "billing": {
        "first_name": "Frances",
        "last_name": "Kuhic",
        "email": "[email protected]",
        "phone": "+19227394382",
        "address": {
            "premise": "1600",
            "thoroughfare": "Pennsylvania Avenue NW",
            "locality": "Washington DC",
            "state": "DC",
            "postal_code": "20500",
            "country": "US"
        }
    },
    "shipping": {
        "first_name": "Frances",
        "last_name": "Kuhic",
        "email": "[email protected]",
        "phone": "+19227394382",
        "address": {
            "premise": "1600",
            "thoroughfare": "Pennsylvania Avenue NW",
            "locality": "Washington DC",
            "state": "DC",
            "postal_code": "20500",
            "country": "US"
        }
    },
    "creditcard": {
        "rrn": "943443",
        "fees": {
            "interchange": 234,
            "assesment": 22334
        },
        "card": {
            "scheme": "mastercard",
            "type": "commercial",
            "region": "inter",
            "last4": "1067",
            "bin": "511580",
            "expiration": "2027-12-011T00:00:00.000Z",
            "holder_name": "F KUHIC",
            "issuing_country": "US"
        }
    },
    "state": "succeeded",
    "created": "2024-11-16T13:05:35.639Z",
    "_links": {
        "self": {
            "href": "/v1/partners/partner_1375e3d3f7f746b68b06/profiles/profile_f2b0df91a1714fc58fe4e5c0d23d5769/payments/payment_e16caed5d3f744a5b0f746b028fb9b4bcb8",
            "type": "application/json"
        },
        "profile": {
            "href": "/v1/partners/partner_1375e3d3f7f746b68b06/profiles/profile_f2b0df91a1714fc58fe4e5c0d23d5769",
            "type": "application/json"
        }
    }
}

Note that in order to use this, you need to be registered as fully compliant with PCI DSS rules, this requires a significant investment in time to certify the certification requirements and capital to get certified. You need to be certified to process sensitive cardholder data such as card numbers, pin codes and CVC codes. Please first reach out to your account manager to use this. If you are not certified and still process sensitive card data, the schemes may oppose significant fines.

Create a payment request with the Payments endpoint.
Make sure the billing and shipping fields are present
Make sure the following user fields are present:
1. ip_address
2. user_agent
3. accept
4. accept_encoding
5. accept_language
6. language
7. screen_width
8. screen_height
9. java_enabled
10. javascript_enabled
11. color_depth
12. timezone_offset
3DS execution has the following three options:
1. No 3DS: No 3DS/ SCA is required, therefore the card can be authorised straight away.
2. Frictionless: 3DS is required, and: the issuer is not enrolled in frictionless 3DS.
  1. If the issuer deems the information provided not to mach the known information by the issuer. Then the fallback regular 3DS will be executed.
3. Regular 3DS: 3DS is required, and the issuer is enrolled in frictionless 3DS:
  1. The user must be redirected to the issuers authorisation page, where the cardholder can authorise the transaction using several methods.
  2. The redirect URL is present in the next.redirect field
  3. If the cardholder does not authorise the transaction, we will reject the payment and set the state to failed.
  4. If the cardholder does is never redirected to the 3DS page, or never rejected, or accepts the 3DS request, we will set the payment state to expired.
  5. If the user accepts the authorisation, they will be redirected back. From here we will set the state to processing; The user is always redirected back to the session.redirect_url url. This means that the payment state can still be processing even that the user has already returned.
If 3DS was successful, or not required, we will try to place an authorisation on the card. If the authorisation is successful the payment state is set to succeeded.
If the authorisation was not successful we will change the state to failed.

Example payment request

POST /v1/profiles/profile_c4f5e275fed234c98b38f90231/payments
Content-Type: application/json
Accept: application/json
Authorization: Bearer <your_access_token>

{
  "description": "Test description",
  "reference": "c75279b8-60f9-4a7d-a79a-3a231e967e24",
  "method": "creditcard",
  "currency": "EUR",
  "amount": 2283,
  "shipping": {
    "first_name": "Frances",
    "last_name": "Kuhic",
    "email": "[email protected]",
    "phone": "+19227394382",
    "address": {
      "premise": "1600",
      "thoroughfare": "Pennsylvania Avenue NW",
      "locality": "Washington DC",
      "state": "DC",
      "postal_code": "20500",
      "country": "US"
    }
  },
  "billing": {
    "first_name": "Frances",
    "last_name": "Kuhic",
    "email": "[email protected]",
    "phone": "+19227394382",
    "address": {
      "premise": "1600",
      "thoroughfare": "Pennsylvania Avenue NW",
      "locality": "Washington DC",
      "state": "DC",
      "postal_code": "20500",
      "country": "US"
    }
  },
  "creditcard": {
    "number": "5571050319405406",
    "cvc": "301",
    "expiration": "2024-09-01T00:00:00.000Z",
    "holder_name": "FRANCES KUHIC",
  },
  "user": {
    "ip_address": "188.89.247.90",
    "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/42.0",
    "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
    "accept_encoding": "gzip, deflate, br, zstd",
    "accept_language": "en-GB,en-US;q=0.9,en;q=0.8",
    "language": "en-US",
    "screen_width": 1512,
    "scree_height": 892,
    "java_enabled": false,
    "javascript_enabled": true,
    "color_depth": 30,
  },
  "session": {
    "redirect_url": "https://www.bankingservice.ai/payment-result"
  }
}

After successful authorisation:

{
    "id": "payment_e16caed5d3f744a5b0f746b028fb9b4bcb8",
    "description": "Test description",
    "reference": "c75279b8-60f9-4a7d-a79a-3a231e967e24",
    "method": "creditcard",
    "currency": "EUR",
    "amount": 2283,
    "billing": {
        "first_name": "Frances",
        "last_name": "Kuhic",
        "email": "[email protected]",
        "phone": "+19227394382",
        "address": {
            "premise": "1600",
            "thoroughfare": "Pennsylvania Avenue NW",
            "locality": "Washington DC",
            "state": "DC",
            "postal_code": "20500",
            "country": "US"
        }
    },
    "shipping": {
        "first_name": "Frances",
        "last_name": "Kuhic",
        "email": "[email protected]",
        "phone": "+19227394382",
        "address": {
            "premise": "1600",
            "thoroughfare": "Pennsylvania Avenue NW",
            "locality": "Washington DC",
            "state": "DC",
            "postal_code": "20500",
            "country": "US"
        }
    },
    "creditcard": {
        "rrn": "943443",
        "fees": {
            "interchange": 234,
            "assesment": 22334
        },
        "card": {
            "scheme": "mastercard",
            "type": "commercial",
            "region": "inter",
            "last4": "1067",
            "bin": "511580",
            "expiration": "2027-12-011T00:00:00.000Z",
            "holder_name": "F KUHIC",
            "issuing_country": "US"
        }
    },
    "state": "succeeded",
    "created": "2024-11-16T13:05:35.639Z",
    "_links": {
        "self": {
            "href": "/v1/partners/partner_1375e3d3f7f746b68b06/profiles/profile_f2b0df91a1714fc58fe4e5c0d23d5769/payments/payment_e16caed5d3f744a5b0f746b028fb9b4bcb8",
            "type": "application/json"
        },
        "profile": {
            "href": "/v1/partners/partner_1375e3d3f7f746b68b06/profiles/profile_f2b0df91a1714fc58fe4e5c0d23d5769",
            "type": "application/json"
        }
    }
}

PreviousOpenbanking payments NextAPI reference

Last updated 10 months ago

Was this helpful?