JavaScript is disabled. Some features may not work. You can also read the static version: View text version

Card Transaction Flow

The card transaction flow enables customers to make secure payments using their credit or debit cards, providing a convenient and widely accepted method for transactions. The two different types of card transaction flow are:

New Card Transaction Flow: This flow allows customers to enter their card details during checkout for processing a payment. It is suitable for first-time users or customers who prefer to provide card information manually.
Saved Card Transaction Flow: With this flow, customers can conveniently complete transactions using their previously saved card details. It offers a streamlined checkout experience for returning customers, eliminating the need to re-enter card information.

Both flows prioritize security and aim to provide a seamless payment experience for customers using card-based payments.

Integration Architecture

New Card Transaction Flow

This flow handles a user entering card details manually for the first time.

Step 1: Call the Create Order API - To register the transaction amount and generate a unique order_id before any sensitive data is collected. Ensure that the return_url passed here is able to handle poll/display of order status.

Step 2: Call the Transaction API - Pass the Raw Card Details (Number, Expiry, Name) provided by the user. The transaction will reach a terminal state or expect a 3DS redirect URL.

Step 3: Parse the response from the Transaction API.
1. Look for a Pending/Authentication status (e.g., PENDING_VBV).
2. If found, extract the Bank URL<payment.authentication.url> provided in the response.
3. Redirect the user's browser to this URL to complete the OTP step. Except the callback to the return_url sent in Create Order API).

Saved Card Transaction Flow

This flow handles a returning user selecting a card they have previously stored or tokenized.
Step 1: Call the List Cards API - To fetch the card_token and masked numbers (e.g., "XXXX-1234") to display to the user on your checkout UI. <or in cases where multiple saved instruments need to be displayed Call Get SPM API>
Step 2: Call the Create Order API (Same as New Card flow) - Generates the order_id for this specific payment attempt.
Step 3: Call the Transaction API - Ensure the API knows this is a "Tokenized" transaction so it doesn't look for a full card number. Instead of raw numbers, pass the Card Token (from Step 1) and the CVV (collected from the user).
Step 4: Handle the 3DS Challenge - Same as Step 3 in the New Card flow (Check for Pending status -> Redirect to Bank URL).
Note: If your system has a card management module, integrate the Add Card API, Update Card API, Delete Card API, List Stored Cards API

Compliance Check: Merchants who are not PCI DSS compliant should refrain from using this API and consume our PayV3.js for cards.

Have questions?
Need help? Contact support
LLM? Read llms.txt