Card not present card payments are payments that are authorised from a customer device, where a physical card is not read by a card terminal. But instead, are manually entered by the customer (or automatically entered by a browser, Apple Pay, or Google Pay).
Create a payment request with the endpoint.
Make sure the billing and shipping fields are present.
Redirect the user to the next.redirect page. This is an hosted payment page where the cardholder enters their card data and completes SCA checks.
The user is returned to your platform after successful, or failure authorisation of the payment. The authorisation can be accepted by the card issuer, or declined, the state field succeeded, or failedrespectively.
Make sure the billing and shipping fields are present
Make sure the following user fields are present:
ip_address
user_agent
accept
accept_encoding
accept_language
language
screen_width
screen_height
java_enabled
javascript_enabled
color_depth
timezone_offset
3DS execution has the following three options:
No 3DS: No 3DS/ SCA is required, therefore the card can be authorised straight away.
Frictionless: 3DS is required, and: the issuer is not enrolled in frictionless 3DS.
If the issuer deems the information provided not to mach the known information by the issuer. Then the fallback regular 3DS will be executed.
Regular 3DS: 3DS is required, and the issuer is enrolled in frictionless 3DS:
The user must be redirected to the issuers authorisation page, where the cardholder can authorise the transaction using several methods.
The redirect URL is present in the next.redirect field
If the cardholder does not authorise the transaction, we will reject the payment and set the state to failed.
If the cardholder does is never redirected to the 3DS page, or never rejected, or accepts the 3DS request, we will set the payment state to expired.
If the user accepts the authorisation, they will be redirected back. From here we will set the state to processing;
The user is always redirected back to the session.redirect_url url. This means that the payment state can still be processing even that the user has already returned.
If 3DS was successful, or not required, we will try to place an authorisation on the card. If the authorisation is successful the payment state is set to succeeded.
If the authorisation was not successful we will change the state to failed.
At the moment, our Javascript Elements API is in a alpha phase, please contact your account manager to use this.
Note that in order to use this, you need to be registered as fully compliant with , this requires a significant investment in time to certify the and capital to get certified. You need to be certified to process sensitive cardholder data such as card numbers, pin codes and CVC codes. Please first reach out to your account manager to use this. If you are not certified and still process sensitive card data, the schemes may oppose significant fines.
