Overview

Cards are the most popular payment method globally, offering convenience and widespread acceptance. The Solidgate API allows developers to easily integrate card payments and cater to this preference, providing a robust, secure, and flexible solution.

The Solidgate API offers developers secure transactions with 3D Secure, tokenization for easier future payments and seamless recurring transactions.

Please note that only PCI-DSS certified merchants are eligible for full API as the merchant collects sensitive card data and hosts payment form. Using the Guide
Understand how to integrate the payment form into your product. payment form or Guide
Easily build a safe and simple payment page with our straightforward, step-by-step guide. payment page , the merchant without PCI DSS certification can process payments.

• Charge API
  The charge request, a primary operation, withdraws funds from cardholder accounts and can utilize 3D Secure for verification. Successfully completed operations result in funds withdrawal or hold (in case type auth is sent).

• Recurring API
  Recurring payment operations differ from charges as they use a previously obtained token instead of cardholder data. Some recurring transactions, such as one-click payments, may require 3D Secure verification. To facilitate this verification process, the merchant needs to display a bank page (ACS URL) to the user. This bank page can be obtained through notifications or check order status API from the merchant side.

  Technical recommendations for 1-click customer-initiated payment flow

  1. User action: The user initiates a 1-click payment.
  2. Token payment: The merchant initiates payment using the secure token tied to the user’s payment information.
  3. Intermediate status: Immediately handle the intermediate status received from Solidgate to prepare for the next step.
  4. Pre-loader display: Show a pre-loader on the user interface to indicate that the payment process is ongoing.
  5. Webhook and status polling: Set up a secure webhook to receive the final status of the order. Optionally, implement background polling to periodically check the order status as a backup.

  By following these points, the merchant can effectively handle a 1-click, customer-initiated payment process.

• Resign API
  Resign 1-click enables token-based transactions (1-click payments) with additional CVV verification, exclusive to PCI-DSS certified merchants. Resign 3DS involves a resign request and a 3D Secure verification URL redirect.

• Void API
  The void request serves to nullify pre-existing auth transactions by revoking the initial authorization. Be advised that the void method can only be executed for auth transactions.

• Settle API
  The settle method facilitates the settlement of previously auth transactions. Be advised that if the subsequent settle amount is less than the initial auth transaction amount , the difference will be refunded to the cardholder’s account.

• Refund API
  A refund constitutes a transactional request to revert funds to the cardholder’s account, and it can only be executed for successfully completed transactions.

• Check order status API
  The check order status request retrieves the present status of a given order. If a transaction is undergoing 3DS verification, the response will indicate an order status of 3ds_verify .

• Get ARN codes API
  The get ARN codes request obtains ARN codes for specific orders, providing essential information about refunds, currencies, and transaction statuses.

Auto-settle

Auto-settle is a feature that automatically settles orders if you provide a settle_interval value in your charge requests with the type auth. If you enable this feature, we will automatically send transactions for clearing after a specified delay in hours. In the event that the first settlement transaction is unsuccessful, we will attempt to settle six more times to prevent financial losses.

Auto-settle will not be created if the client sends a settle_interval request with null. In this case, it is necessary to manually initiate the settlement process. Additionally, auto settle won’t be performed if there’s at least one void transaction within a payment.

settle_interval parameter has a limit of 7 days, which is equivalent to 168 hours.

3DS verification

Solidgate provides 3D Secure support for payments, enhancing security measures for both merchants and customers.

To Guide
This process ensures secure, reliable payment processing using 3D Secure authentication to prevent fraud. process a payment as a 3D Secure payment , pass the force3ds parameter as a boolean with a default value of true. Be aware that 3DS may be triggered by either our side or the processor’s side.

When implementing 3DS payments, be prepared to display the 3DS bank page (ACS URL) to the user after initiating a recurring request with a verify_url. The request process for recurring 3DS transactions is identical to the standard recurring methods, ensuring a seamless integration experience.

Additionally, to handle 3DS transactions, make sure to set up success and fail URLs for browser redirects after a 3D Secure payment, either successful or unsuccessful. Provide necessary information for the frictionless flow of 3D Secure 2.0, such as browser details, time zone offset, and user-agent.

The 3DS may be triggered either from our side or from the processor's side.

Charge without CVV

Processing payments without a CVV simplifies customer interactions, leading to higher conversion rates and satisfaction. Allowing transactions without CVV for specific use cases minimizes declines and improves payment success rates. Merchants offering Guide
Create and maintain a stable and healthy business subscription model. subscription services or recurring billing benefit from reduced failed payments, ensuring consistent revenue and enhanced customer retention.

If you store card details and want to transfer payments from another provider to Solidgate, performing a сharge without CVV is possible. This can be done under the following conditions when card details (PAN, expiration date) are stored in your database and the first payment with a CVV-card was processed by another provider.

Our payment method is used to pay with not the full card data (card number and expiration date) for different payment types (please always provide payment_type for charge payments without CVV):

• 1-click
  Customer-initiated payment.
• recurring
  Merchant-initiated subscription payment.
• rebill
  Retry of the merchant-initiated payment.
• installment
  Merchant-initiated debit for credit/installment (financial institutions).
• retry
  Not regular cash withdrawals (depending on the trigger, the frequency, and amount of write-offs, in this case, is determined by the point of sale itself).

Retrying declined charges

If a card payment transaction (charge transaction) fails, it can be attributed to various reasons, such as insufficient funds. However, if the payment is unsuccessful, it is not always necessary to cancel the order and lose the payment. Instead, a retry payment attempt can be made using a payment token.

A payment token is a unique identifier generated during a charge operation and used to identify data (such as credit card information) for future transactions.

If the payment fails due to a network error or a decline from the issuing bank, a recurring request must be made using the token from the unsuccessful first attempt. This allows for a seamless experience for the customer and can increase the chances of a successful transaction, avoiding the loss of payment.

• Retry logic:
  • Retry only card payments: Retry logic should exclude Guide
    Improve your checkout conversion by accepting payments via Apple Pay. Apple Pay and Guide
    Improve your checkout conversion by accepting payments via Google Pay. Google Pay transactions (those with the CRYPTOGRAM_3DS data type). A payment token is issued exclusively for successful Apple Pay and Google Pay payments, eliminating the need to retry these payment types.
  • Limit on the number of retries: Retry logic should be configured with a limit on the number of retries to prevent infinite retries and unnecessary charges to the customer’s payment method. That is, the system must stop retrying the payment after a certain number of retries.
  • The interval between retry attempts: To avoid overloading the issuing bank with too many requests over a short period (which may be perceived as fraud), retry logic should include a back-off time between retries, such as waiting a few minutes before trying again or increasing the time between retries as the number of failed attempts increases.
• Handling of decline reasons: Retry logic should be able to handle decline reasons for rejection and respond appropriately. For example, repeating attempts when receiving a permissible decline code (incorrect card number) and, at the same time, analyzing/counting and setting limits on identical decline codes.
• Customizable retry rules: Retry logic can allow for customizable retry rules, such as retrying only on specific decline codes.
  • Cancellation or refund: If the payment fails after several retries, it is desirable to have a way to cancel or refund the payment to avoid multiple deductions from the customer’s payment method.
• Handling of declined transactions: Retry logic must handle declined transactions in a specific way, such as by prompting the customer to update their payment information or offering alternative payment methods.
• Notification: On the merchant side, it is necessary to additionally notify the customer of the result of the transaction, successful or unsuccessful.
• Retry history tracking: This information can be used to analyze transaction patterns and improve retry logic. The merchant should have a system that can track the history of retry attempts for transactions, including the number of retry attempts, the time of each one, and the result.

Handling of decline reason

The system can include error handling mechanisms to handle errors during the retry process and ensure that the customer is informed of the issue and provided with an appropriate resolution. You should identify the reason for the payment decline when it occurs. There could be several reasons, such as insufficient funds, expired cards, or invalid card details.

Here is an example of certain reasons for a declined transaction when there is still a chance of a successful payment:

• Guide
  The general group of declines. The card issuing bank did not complete the transaction successfully. 0.01 General decline
• Guide
  The user’s card balance has insufficient funds. 3.02 Insufficient funds
• Guide
  The transaction has been declined by the card issuer. Reasons for decline can vary, including limits on online payments, daily payment amounts, or daily transaction counts. 3.04 Transaction is declined by the issuer
• Guide
  The issuing bank blocked the transaction due to possible fraud. 3.10 Suspected fraud
• Guide
  The card cannot be used to make this payment (it is possible it has been reported lost or stolen). 4.03 Restricted card
• Guide
  The acquiring bank blocked the transaction due to possible fraud. 4.05 PSP antifraud
• Guide
  An antifraud rule was triggered. 4.07 Trusted antifraud system
• etc.

Based on the reviewed statistics, we can recommend not retrying transactions for the following reasons:

• Guide
  The user entered an incorrect card number. 2.08 Invalid card number
• Guide
  Card is expired. 2.09 Invalid expiration date
• Guide
  This transaction should only go through 3D. 3.09 3D-Secure authentication required
  Recommend retrying payment with 3DS flow.
• Guide
  The card in use is stolen, all transactions are restricted. 4.02 Stolen card
• Guide
  We received an invalid/nonexistent card token. 5.02 Invalid card token
• Guide
  Processing error. 5.08 Invalid transaction

Related articles FAQ