INTEGRATION
TRANSACTION ASSURANCE
CHARGES
DISPUTES & FRAUD
Card-Present
The Create POS Charge endpoint allows the clients to submit card-present charges completed with a physical payment terminal with a single API call. These charges require additional fields specific to card-present transactions, which are retrieved from the card-terminal interaction, such as the Track2 data, the EMV data, and an encrypted PIN block optionally. Additional information about the terminal and capabilities must also be submitted to properly format the messages submitted to the card networks.
Card-Present Fields
The additional fields needed in the Create POS Charge endpoint will be highlighted below, along with a further explanation to better map the fields received from the payment terminal to the correct fields in the API request.
Charge Type
An example POS charge type can be seen below:
intent
within thetype
object indicates what type of transaction is being performed. This is typically purchase for regular brick-and-mortar sales and reservation for Travel & Entertainment transaction types where the final amount is likely to change.cardEntry
andorder
are always terminal and counter for card-present transaction types.terminalEntryMode
indicates how the card was read by the terminal, such as chip or contactless.
Card Data
Other than the card,
some additional information is required from the card-terminal interaction for card-present transactions:
track2Data
: the Track2 data from the card's magnetic stripe should be submitted if available.emvData
: the EMV data from the card should be submitted unaltered when received from the terminal.cardSequenceNumber
: the card sequence number should also be included in the request if personalized on the card.
Online PIN
In specific scenarios, the terminal requests a PIN. While in some cases, this PIN request is handled offline between the card and the terminal, there are also cases where the PIN request needs to go online for PIN validation by the issuer. One such example is contactless transactions for high amounts.
In these cases, the pinBlock
should be submitted in the request:
block
should contain the encrypted PIN block received and encrypted from the terminal.format
indicates the encryption format (almost alwaysISO-0
).zoneId
is an additional tool for splitting the security zones between multiple (regional) instances of the connection between Silverflow and the client's platform, assigned by Silverflow.keyId
is the PIN encryption key identifier loaded in the Cloud HSM and assigned by Silverlow.
Terminal
The terminal object contains information about the capabilities and terminal type being used. Accurately setting these fields in each request is essential for the correct processing of card-present requests.
Type
indicates what kind of terminal is being used in the transaction. It could be a regular POS device (POS), a Mobile POS device (mPOS), which is typically a smaller external PIN pad or dongle connected to a mobile device, or a software-only terminal (SoftPOS) installed on a mobile device.id
is the terminal identifier, which is submitted in the message to the card network and needs to be unique within the domain of the acquirer.attended
indicates whether this is an attended or an unattended terminal.capabilities
is an array that should contain all the entry modes the terminal supports, including additional features such asoneTap
.
Terminal Actions
In card-present transactions, not every transaction is concluded with a single request, in which case more than a single request-response cycle is needed. Therefore, the client should be aware of the following fields in the POS charge response:
terminalAction
could also be returned in the response:requestPin
in combination withauthorizationIsoFields.responseCode
65 (for Mastercard single tap transaction) or 1A (for Visa SCA transaction) and when the issuer indicates that the transaction should be retried with an online PIN (pinBlock
).switchInterface
could be triggered during a contactless transaction withauthorizationIsoFields.responseCode
65 (for Mastercard) or 70 (for Visa) and when the issuer indicates that the transaction should be retried with the contact interface. The terminal should display a message similar to that of the cardholder.
Single Tap
When creating a POS charge, one of the terminal.capabilities
is oneTap, which indicates the support of single tap functionality on the contactless interface of the terminal for Mastercard and Visa. In case that PIN is required in the subsequent transaction, this will be indicated by the terminalAction
as described above.
It is essential to set the optional property type.sequence
to subsequent in the next transaction containing the PIN block. This will indicate to the issuer that this is the following transaction and a follow-up from the initially declined transaction.
Issuer scripts
For EMV chip cards, script processing provides the issuer with an option to update the data in the chip card as part of transaction processing.
newEmvData
can be present in chip transactions and contains the updated EMV data from the issuer. It is essential to propagate the contents of this field back to the terminal.
Partial Approval
Partial approval functionality allows businesses to handle transactions where the total amount exceeds the available balance on the cardholder's payment card. This is common, for example, with prepaid cards, where the total balance left on the card is used, and the remainder of the amount due is paid through an alternative payment method. To properly communicate to the issuer that this functionality is supported on the terminal, the allowPartialApproval
boolean should be set to true on the POS charge request.
Gratuity
Gratuity allows businesses to seamlessly incorporate tipping options into their point-of-sale system, providing customers with a convenient and flexible experience. When creating a charge, it is essential to accurately calculate the amount, including both the cost of goods/services and any applicable gratuity, providing the total amount in amount.value
. Supporting gratuity after authorization is allowed in certain regions for select MCCs. This can be achieved by:
Create a charge with the
clearingMode
set to manual. Theamount.value
should contain the amount of the goods/services. Provide the amount, including gratuity, as theamount.value
in the request to the Manually Clear Charge endpoint.Create a charge, providing the amount, including gratuity, as
amount.value
in the request when calling the Create POS Charge endpoint.
Merchandise Return
Referenced Refund
Usually, a refund is initiated using a reference to the original transaction details. This is referred to as a referenced refund and is initiated by refunding the original chargeKey
by calling the Refund endpoint.
Unreferenced Refund
When the original transaction identifier is unavailable, an unreferenced refund can be initiated by providing the details of the payment instrument by calling the Create POS Charge endpoint and indicating type.intent
is refund.
Reversals
Technical Reversal
A technical reversal should be triggered if the card declines an issuer-approved transaction.
Merchant Reversal
Merchants can reverse a previously approved transaction if clearing has not happened.
Both reversals can be achieved by calling the Cancel Charge endpoint (if clearingMode
is set to auto) or the Reverse Charge endpoint (if clearingMode
is set to manual) with the chargeKey
as a path parameter. This will always revert the charge if the clearing file has not yet been constructed, and an authorization reversal will be performed. If the clearing file has already been submitted, our platform can no longer cancel the record and will not perform a refund; the refund endpoint will need to be called at this point.
Hardware Security Module (HSM)
Our platform uses a cloud HSM service, which is a scalable solution for encrypting PIN blocks in card-present payment transactions. It utilizes HSMs that are certified to meet the Federal Information Processing Standards (FIPS) 140-2 level 3 security requirements. This ensures that the encryption and decryption of sensitive data, such as PIN blocks, is performed in a secure and tamper-proof manner and environment.
The cloud HSM generates and manages the encryption keys used to secure the data, adding an additional layer of security.
The cloud-based nature of this service allows for easy scalability, as additional HSMs can be added to the network as needed to support an increasing number of clients. This eliminates the need for our clients to invest in and maintain their HSMs, making the service more cost-effective and efficient.