Skip to main content

Online card transaction

Online Authorisation - Description

An transaction is named "online" if an authorization exists.
Otherwise, we talk about offline transaction.



Online Authorisation - Sequence diagram

online transactionUserTPEBPCEXpollens SAEPartnerTransactionpar[User notification in the mobile app][Author validation]online card op1issuer auth requ.2issuer auth requ.3Author. validated4Callback CardOperationCreatedOrUpdated5notification6Author. validated7Transaction succeeded8UserTPEBPCEXpollens SAEPartneronline transaction


Online Authorisation - State diagram & balance

State diagram

Authorization request
Authorization created
Authorization failed
Partial recovery
Total recovery
After 10 days (or 21 for withdrawal)
Approved
Rejected
Reversed
Canceled
Expired


Authorisation context

The context of card usage is provided in field context .
Depending on this context, the method varies to provide even more details about the operation conducted.

The merchantName should be displayed in the cardholder's mobile application to provide them with details about their transaction history.

The tokenRequestorId is filled in only if the payment has been made with a tokenized card.

The merchantCategoryCode will always be set. It is based on ISO 18245 (https://www.iso.org/fr/standard/79450.html)

Payments made abroad are characterized by:

  • localAmount is not null and contains details about the currency and the value
  • conversionRate explains how the amount is calculated from the localAmount


Authorisation failed

An authorization can fail for various reasons stemming from the card, the account, the transaction conducted, etc.
In case of authorization refusal, use the rejectReason to provide information to your cardholder.

rejectReason
AccountLimitsExceeded
AccountStatus
ActivationDeclined
ActivationDeclinedCapture
BlockedCard
CardLocked
CryptoFailure
CVV2Blocked
CVV2Failed
ExpiredCard
ForeignOperationBlocked,
InsertCardNeeded
InsufficientAccountBalance
Limits exceeded relatives to the period
MerchantNotAuthorized
MonthlyPaymentLimitExceeded
PINBlocked
PINFailed
RemotePaymentBlocked
SuspiciousFraud
TechnicalError
TechnicalErrorCapture
Timeout
TransactionNotAllowed
WeeklyWithdrawalLimitExceeded


Card Authorization expiration

The card authorization -if not settled- will expire after 10 days in most cases.
Some card authorization for specific MCC (hotels, car rent, ..) can last up to 31 days before they expire if no capture is performed on operation. Withdrawals expire after 21 days.

online transactionUserTPEBPCEXpollens SAEPartnerTransactionbreak[Waitingfor theclearingoperation]online card op1issuer auth requ.2issuer auth requ.3Author. validated4Callback CardOperationCreatedOrUpdated {status=Approved}56Callback CardOperationCreatedOrUpdated {status=Expired}7UserTPEBPCEXpollens SAEPartneronline transaction

In some rather rare cases, settlements may occur belatedly, after the regulatory delay of 10 and 31 days. In these instances, the authorization expires, and the compensation will be created as an offline operation.



Authorisation partial or total reversal

Used in particular in fuel distributors.

online transactionUserTPEBPCEXpollens SAEPartnerTransactionbreak[Pending the final amount of the operation]alt[Partial reversal][Total reversal]online card op1issuer auth requ.2issuer auth requ.3Author. validated4CardOperationCreatedOrUpdated {status=Approved, localAmount.Value=X}56partial reversal7Callback CardOperationCreatedOrUpdated {status=Reversed, localAmount.Value=Y}8total reversal9Callback CardOperationCreatedOrUpdated {status=Canceled, localAmount.Value=0.00}10UserTPEBPCEXpollens SAEPartneronline transaction


ATM withdrawal

ATM withdrawal is an online transaction. It is define by the cardOperationType = AtmWithdrawal

Note: ATM withdrawal under 20€ are refused.



Internet payments

3DS_authentication
Xpollens_checks

Note: In any case, the Xpollens checks are performed after the 3DS check.

Sequence diagram

internet paymentsUserInternetWebsiteVISAACSEntrustBPCEXpollens SAEPartnerTransactionpar[User notification in the mobile app][Author validation]alt[Card Eligible]online card op1issuer auth requ.2check eligibility3strong authent needed.4strong authent needed5strong authent needed6strong authent accepted7OK8OK9issuer auth requ.10issuer auth requ.11Author. validated12Callback CardOperationCreatedOrUpdated13notification14Author. validated15Transaction succeeded16UserInternetWebsiteVISAACSEntrustBPCEXpollens SAEPartnerinternet payments


Xpay

An Xpay is an online transaction. In case of an Xpay, the tokenRequestorId is not null, and details the provider from which the card was tokenised.



FAQ about card authorisation

FAQ1 - Card information request

A card information request (wallet card tokenisation, card on file) will not trigger the callback #CardOperationCreatedOrUpdated, but a callback #25.

FAQ2 - merchantType

The merchantType will always be settled (can't be null) in the callback CardOperationCreatedOrUpdated response body.
It matches the MCC (Merchant Category Code) of the merchant based on ISO 18245 (https://usa.visa.com/content/dam/VCOM/download/merchants/visa-merchant-data-standards-manual.pdf)

FAQ3 - One payment but multiple settlement

On marketplaces, one authorisation can lead to several settlements.
For example
I am on marketplace A,
I have a basket of 3 items from 3 different merchants,
when I pay, I only receive one payment authorisation.
However, 3 transactions are carried out at the 3 merchants.
So 3 compensations will be issued by the 3 banks of my merchants.
In this case, the first clearing will match the authorisation. The other two clearing will created offline operations.