One-step purchase

Overview

When performing an one-time one-step purchase, you can use one of the following options to transfer payment details:

  • Transfer of complete payment details This is a basic option in which you collect all payment details from the customer, and then submit the data inside a payment request.
  • Transfer of payment details identifier To enable this option, you need to perform an initial COF payment. Once you do this, the payment platform creates a payment instrument record and returns a callback with the ID of the record in the account_id or card_id parameter. You need to specify this ID each time you submit to the payment platform a request for payment using stored credentials, see Saving payment data
  • Transfer of payment token To enable this option, you need to perform an initial payment. Once you do this, the payment platform creates a payment token and returns a callback with the token in the token parameter. You need to specify this ID each time you submit to the payment platform a request for payment using stored credentials. For more information about using tokens, see Tokens.

Workflow

When ordinary processing a one-step purchase by using Gate, the merchant web service is required to do the following:

  1. Send the one-step purchase request with payment details to one of the relevant endpoints in the following group: /v2/payment/{payment method}/sale[/specifying payment details].
  2. If necessary, complete the additional procedures:
    • 3‑D Secure 1 authentication. This authentication is intended to provide security to online payments by payment cards. For more information on the authentication workflow, as well as request and callback formats, see Customer authentication by using the 3‑D Secure 1.
    • Customer authentication on merchant's request. This authentication is intended to make purchases with payment cards more secure. For more information on the authentication workflow, as well as request and callback formats, see Authentication on merchant's request.
    • Additional payment information submission. This procedure is intended for cases in which the initial request did not contain the information needed by one of the payment process stakeholders (including authenticating customers). For more information on this procedure, see Submission of additional payment information.
  3. Receive a callback with the payment result from the payment platform.
  4. If needed, after completing a one-time one-step purchase you can return your customers their money, if the payment method supports refunds. For more information on this procedure, see Purchase refund.

The following diagram provides the detailed picture of an ordinary one-step purchase processing procedure without additional requests.

Figure 1. Processing of a one-step purchase
  1. Customer initiates a purchase on the merchant web service.
  2. The web service sends the request for processing a one-step purchase by using Gate to the specified Monetix URL.
  3. The payment platform receives the request for processing a one-step purchase by using Gate.
  4. The payment platform performs the request acceptance that includes validation of the required parameters and signature.
  5. The payment platform sends to the web service response with request receipt confirmation and correctness check result.
  6. The payment platform performs the internal request processing and sends it to the card organisation.
  7. The card organisation performs the internal request processing and sends it to the issuer.
  8. The issuer performs the internal request processing and debiting customer account.
  9. The issuer sends the callback with a one-step purchase result to the card organisation.
  10. The card organisation sends the callback with a one-step purchase result to the Monetix payment platform.
  11. The payment platform sends the callback to the web service.
  12. The customer receives the payment result from the web service.

The sections that follow discuss in more details the request format and the required parameters and the information about the format of callbacks with payment results. For the general information on how to use the API, see Integration procedure.

Request structure

The request structure described in this section is applicable to one-step purchases with payment cards. Listed below are the requirements to payment request structure:

  1. The request is sent by using POST (HTTP) method to one of the following endpoints:
  2. The following objects and parameters must be specified in the request:
    • Object general—general request identification information:
      • project_id—project ID you obtained from Monetix
      • payment_id—payment ID unique within the project
      • signature—signature created after you specify all the required parameters. For more information about signature generation, see Signature generation and verification
    • Object customer—customer information:
      • ip_address—IP address
      • id—the ID of the customer within the merchant project
    • Object payment—payment information:
      • amount—payment amount in minor units
      • currency—payment currency in the ISO-4217 alpha-3 format
  3. The request should contain the following customer payment card information:
    • when specifying complete card details—the following information is required in the card object:
      • pan—card number
      • year—year of expiration date
      • month—month of expiration date
      • card_holder—cardholder's first and last name (as indicated on the card)
      • cvv—card verification code (CVV), as indicated on the card

        The cvv parameter is not required and not passed in payment requests for cards with no CVV. For more information whether the cvv parameter is optional, contact your key account manager.

    • when indicating the identifier—the following information is required: the identifier which is associated with the card details in the payment platform in the saved_account_id parameter and the card verification code in the cvv parameter provided the card has a verification code (CVV).

      The cvv parameter is not required and not passed in payment requests for cards with no CVV. For more information whether the cvv parameter is optional, refer to your key account manager.

    • when indicating the token—the following information is required: token in the token parameter and the card verification code in the cvv parameter—provided the cvv parameter is supported for the card.

      The cvv parameter is not required and not passed in payment requests for cards with no CVV. For more information whether the cvv parameter is optional, refer to your key account manager.

  4. The request must contain the return_url object with the addresses for redirecting the customer to your system:
    • success—the URL for redirecting the customer after the payment is completed;
    • decline—the URL for redirecting the customer after the payment is declined.
    • return—the URL to redirect the customer to when they prematurely terminate the payment. This URL is also used if the success and decline parameters are not specified in the request.
  5. Depending on specific regional requirements and requirements of providers and payment systems, you may be required to add the following additional user information:
    • first_name—first name
    • last_name—last name
    • middle_name—middle name (or patronymic)
    • day_of_birth—birth date
    • phone—phone number
    • email—email address
    • zip—post code of residence location
    • address—address (street, house number)
    • city—city of residence (town, village, etc.)
    • district—district of residence
    • state—region of residence (state, county, canton, etc.)
    • avs_post_code—post code registered with issuer as customer's actual post code
    • avs_street_address—street and house number registered with issuer as customer's actual address

    If some parameters are missing from your request, the payment platform may require you to submit additional payment information. For more information about submitting additional payment information, see Submission of additional payment information. For details what parameters are required in your case, refer to your account manager at Monetix.

  6. If required, you can also add any other additional parameters Gate supports.

Here is an example of a payment request:

{
  "general": {
      "project_id": 42,
      "payment_id": "456789",
      "signature": "v7KNMpfogAxwRIL9tVftZ1ZZ5D/aZAeb0VMdeR+CqGrNxYyilUwSm...=="
  },
  "customer": {
      "ip_address": "248.121.176.220",
      "id": "customer_12"
  },
  "payment": {
      "amount": 400000,
      "currency": "USD"
  },
  "return_url": {
        "success": "http://example.com/return",
        "decline": "http://example.com/decline"
  },
//when indicating complete card details:
  "card": {
      "pan": "4242424242424243",
      "year": 2025,
      "month": 8,
      "card_holder": "JOHN SMITH",
      "cvv": "123"
  }

//when indicating the identifier of a stored payment card:
    "saved_account_id": 2345678,
    "cvv": "123"

//when indicating the token of a stored payment card:
    "token": "f365bb1729f9b72fd9c09703a751c979f3becc679f29c3e35c91d18070d15654",
    "cvv": "123"   
}

Customer redirection data format

Some payment systems require that you redirect the customer from your web service to the payment system. To do so, you need to accept the callback from the payment platform with the redirection information in the redirect_data object with the following parameters:
  • url—URL to redirect the customer
  • body—additional data required in the request to payment system (may be empty)
  • method—method to use to submit the request

The payment platform sends callbacks with redirection data to the URL specified in your project settings. The payment remains in the awaiting redirect result status until the customer completes the payment.

If the body parameter contains no data, it is added to the callback as an empty array, otherwise it is added to the callback as a JSON object. Shown below are examples of using the body parameter in the callbacks with redirection data.

Figure 2. Callback snippet with redirection data: empty body parameter
"redirect_data": {
              "body": [],
              "method": "POST",
              "url": "https://example.com/redirect/absd1234"
}
Figure 3. Callback snippet with redirection data: non-empty body parameter
"redirect_data": {
            "body": {
                 "Reference": "2000016"                 
              },
              "method": "POST",
              "url": "https://example.com/redirect/absd1234"
}

Callback structure

A one-step purchase uses the standard format for callbacks to submit purchase results. For more information, see Callbacks in Gate.

The following is the example of a callback with an information about successful 4,000.00 USD purchase the customer_12 made by using the payment card № 424242******4243 in the 42 project.

Figure 4. Example of a successful one-step purchase callback
{
    "account": {
        "number": "424242******4243",
        "token": "f365bb1729f9b72fd9c09703a751c979f3becc679f29c3e35c91d18070d15654",
        "type": "visa",
        "card_holder": "JOHN SMITH",
        "id": 45678,
        "expiry_month": "08",
        "expiry_year": "2025"
    },
    "customer": {
        "id": "customer_12",
        "phone": "44991234567"
    },
    "payment": {
        "date": "2019-01-11T13:02:42+0000",
        "id": "456789",
        "method": "card",
        "status": "success",
        "sum": {
            "amount": 400000,
            "currency": "USD"
        },
        "type": "purchase",
        "description": ""
    },
    "project_id": 42,
    "operation": {
        "id": 969000002636,
        "type": "sale",
        "status": "success",
        "date": "2019-01-11T13:02:42+0000",
        "created_date": "2019-01-11T13:01:45+0000",
        "request_id": "c6eed1eb14c629b4ef20b3b8086d...d04132c34b0088cbc0be4667c",
        "sum_initial": {
            "amount": 400000,
            "currency": "USD"
        },
        "sum_converted": {
            "amount": 400000,
            "currency": "USD"
        },
        "provider": {
            "id": 408,
            "payment_id": "330157196",
            "date": "2019-01-11T13:02:32+0000",
            "auth_code": "",
            "endpoint_id": "612266625"
        },
        "code": "0",
        "message": "Success",
        "eci": "07"
    },
    "signature": "v7KNMpfogAxwRIL9tVftZ1ZZ5D/aZAeb0VMdeR+CqGrNxYyilUwSm...=="
}

The following is the example of a callback for a one-step purchase declined due to incorrect card data entered.

Figure 5. Example of a declined one-step purchase callback
{
    "project_id": 42,
    "payment": {
        "id": "456789",
        "type": "purchase",
        "status": "decline",
        "date": "2019-01-11T14:11:33+0000",
        "method": "card",
        "sum": {
            "amount": 400000,
            "currency": "USD"
        },
        "description": ""
    },
    "account": {
        "number": "424242******4243",
        "type": "visa",
        "card_holder": "JOHN SMITH",
        "expiry_month": "08",
        "expiry_year": "2025"
    },
    "customer": {
        "id": "customer_12",
        "phone": "44991234567"
    },
    "operation": {
        "id": 13300000004505,
        "type": "sale",
        "status": "decline",
        "date": "2019-01-11T14:11:33+0000",
        "created_date": "2019-01-11T14:11:00+0000",
        "request_id": "c6eed1eb14c629b4ef20b3b8086d...d04132c34b0088cbc0be4667c",
        "sum_initial": {
            "amount": 400000,
            "currency": "USD"
        },
        "sum_converted": {
            "amount": 400000,
            "currency": "USD"
        },
        "provider": {
            "id": 12,
            "payment_id": "48219213050",
            "auth_code": "",
            "endpoint_id": 12
        },
        "code": "10102",
        "message": "Incorrect data entered",
        "eci": "05"
    },
    "signature": "v7KNMpfogAxwRIL9tVftZ1ZZ5D/aZAeb0VMdeR+CqGrNxYyilUwSm...=="
}