Card-Present Authorizations

For card-present transactions, the presence of the payment card is established during the authorization service. These are the basic types of card-present authorizations:
  • EMV authorization: Authorization that is based on the EMV chip embedded in the cardholder's card.
  • Magnetic stripe authorization: Authorization that is based on the magnetic stripe on the back of the cardholder's card.
  • Hand-keyed authorization: Authorization that is based on you manually entering the card information into the payment terminal.
After you complete a card-present authorization, using these follow-on services enables you to complete the full payment workflow:
  • Capture
  • Contact EMV capture
  • Stand-alone credit
  • Authorization reversal
  • Void

Related Information

Payment Features

Debit and Prepaid Card Payments

Debit cards are linked to a cardholder's checking account. A merchant who accepts the debit card can deduct funds directly from the linked cardholder's account.
You can process debit cards using these services:
  • Credit card services
  • PIN debit services
  • Partial authorizations, which are a special feature available for debit cards
  • Balance inquiries, which are a special feature available for debit cards

Requirements

In Canada, to process domestic debit transactions on 
Visa Platform Connect
 with Mastercard, you must contact customer support to have your account configured for this feature.

Related Information

Payment Features

Airline Data

Airline data processing goes beyond basic payment transactions by allowing you to process specific travel data. This requires you to submit additional information, such as:
  • Carrier
  • Departure Date
  • Destination Airport
  • Purchase Date
  • Originating Airport
  • Ticket Class
  • Trip Legs

Supported Card Types

  • American Express
  • Discover
  • Mastercard
  • Visa

Supported Acquirers

These
Visa Platform Connect
acquirers are supported for airline data processing:
  • Agricultural Bank of China (ABC)
  • Ahli United Bank in Bahrain
  • Arab African International Bank (AAIB)
  • Asia Commercial Bank (ACB)
  • Auckland Savings Bank (ASB)
  • Axis Bank Ltd. of India
  • Bangkok Bank Ltd.
  • Bank Muscat of Oman
  • Bank of Ayudhya (BAY)
  • Bank of China (BOC)
  • Bank of Communications
  • Bank Sinarmas (Omise Ltd.)
  • Banque Pour Le Commerce Exterieur Lao (BCEL)
  • Barclays Bank Mauritius Ltd.
  • Barclays Bank Botswana
  • Barclays Bank of Ghana Ltd., Barclays Bank of Tanzania Ltd., and Barclays Bank of Uganda Ltd.
  • Barclays Bank of Kenya
  • Barclays Bank of Zambia
  • Barclays Bank Seychelles
  • BC Card Co., Ltd.
  • BLOM Bank
  • Cathay United Bank (CUB)
  • Citibank Hongkong and Macau
  • Citibank Singapore Ltd.
  • Commercial Bank of Qatar
  • CrediMax (Bahrain)
  • CTBC Bank Ltd.
  • FirstRand Bank
  • Global Payments Asia Pacific
  • Habib Bank Ltd. (HBL)
  • HDFC Bank Ltd. of India
  • I&M Bank
  • ICICI of India
  • Korea Exchange Bank (KEB)
  • Mashreq
  • National Bank of Abu Dhabi (NBAD)
  • National Bank of Kuwait (NBK)
  • National Commercial Bank
  • Network International
  • Overseas Chinese Banking Corp (OCBC)
  • Promerica in Honduras and Nicaragua
  • Qatar National Bank (QNB Group)
  • Raiffeisenbank
  • Rosbank
  • Taishin Bank Ltd.
  • United Overseas Bank (UOB) in Singapore and Vietnam
  • United Overseas Bank (UOB) in Thailand
  • Vietcombank
  • VTB24
  • Wing Lung Bank

Requirement

When you are ready to go live with airline data processing, contact
Cybersource
Customer Support to have your account configured to process airline data. If your account is not enabled, and you try to send airline transactions, you will receive an error for invalid data.

Related Information

Payment Features

Interchange Optimization

Interchange fees are per-transaction transfer fees charged by your acquirer. The fee amount is based in part on the transaction amount that the acquirer submits to the payment network for clearing and settlement. Interchange optimization can help to reduce these fees for card-present transactions.

Payment Cards Supported with Interchange Optimization

  • Mastercard
  • Visa

Automatic Authorizations

Interchange optimization works by automatically performing additional authorization transactions for two types of card-not-present scenarios.
Automatic Authorization Refresh
If a capture request occurs more than 6 days after the date of the original authorization, the processor automatically obtains a fresh authorization for the capture amount.
Automatic Partial Authorization Reversal
If the capture does not need a fresh authorization but the capture amount is less than the authorization amount, the processor automatically performs a partial authorization reversal. The reversal releases the hold on unused credit card funds and ensures that the settlement amount matches the authorization amount.

How Interchange Optimization Transactions are Tracked

To find out when the processor performed automatic authorizations, see the daily processor report.

Limitations

  • Interchange optimization does not apply to transactions in which the payment card is present at the merchant's physical place of business.
  • Interchange optimization is not supported with incremental authorizations.

Requirement

Contact customer support to enable interchange optimization for your account.
Payment Features

Japanese Payment Options

Japanese payment options (JPO) extend the
Cybersource
payment card processing features to support payment methods used only in Japan. Japanese issuers, cardholders, merchants, and acquirers recognize payment methods that clarify the nature of a payment. JPO provides for more fine-grained identification of one-time payments and installment payments. You can offer your customers JPO payment methods that they select at the time of purchase.
JPO supports these payment methods:
  • Single payment
  • Bonus payment
  • Installment payment
  • Revolving payment
  • Combination of bonus payment and installment payment
IMPORTANT
Requests with Japanese payment options are accepted independently of your agreements with acquirers. When you submit a request with one of these payment options but do not have the necessary contracts and agreements in place, an error might not occur until the acquirer processes the settlement file.
For more information about the Japanese payment options, contact Customer Support of
Cybersource
KK (Japan).

Payment Cards Supported with JPO

JPO is supported for the Sumitomo Mitsui Card Co. acquirer with transactions that use Visa payment cards issued in Japan.

Services Supported with JPO

Authorization service.

Requirements

  • You have signed a contract with your acquirer.
  • You have contacted your account provider for details about contracts and funding cycles. The funding cycle could differ when using JPO.
  • Card holders who want to use JPO have signed a contract with an issuing bank.
  • You have confirmed payment option availability with your account provider and card holder before implementing one of these payment options.

Related Information

Payment Features

Level II and Level III Data

For business to business customers, Level II and Level III processing can provide lower interchange rates in exchange for providing more information during a transaction.
Support for Level II and Level III data processing is processor and card specific.

Level II Data

Level II cards, which are also called
Type II cards
, provide customers with additional information on their credit card statements about their purchases. Level II cards enable customers to easily track the amount of sales tax they pay and to reconcile transactions with a unique customer code. There are two categories of Level II cards:
  • Business/corporate cards are given by businesses to employees for business-related expenses such as travel and entertainment or for corporate supplies and services.
  • Purchase/procurement cards are used by businesses for expenses such as supplies and services. These cards are often used as replacements for purchase orders.

Level III Data

You can provide Level III data for purchase/procurement cards, which are used by businesses for expenses such as supplies and services. These cards are often used as replacements for purchase orders. The Level III data is forwarded to the company that made the purchase. It enables the company to manage its purchasing activities.

Related Information

  • See Level II Processing for information that shows you how to process transactions that include Level II data.
  • See Level III Processing for information that shows how to process transactions that include Level III data.
Payment Features

Mastercard Bill Payments

In Brazil, you can participate in a Mastercard Bill Payment program. If your account is enrolled in the program, your customers can use their Mastercard payment cards to make payments on their outstanding bills.
IMPORTANT
A Mastercard card payment at the point of sale (POS) when goods or services are purchased is not part of the Mastercard Bill Payment program.
When you send an authorization request for a Mastercard Bill Payment, include the API field that specifies the bill payment type.

Limitation

The Mastercard Bill Payment program supports only bills paid in Brazil using Mastercard payments cards with
Visa Platform Connect
.

Requirements

Sign up with Mastercard to participate in their bill payment program.

Related Information

Payment Features

Mastercard Expert Monitoring Solutions

Mastercard Expert Monitoring Solutions provides a predictive, behavior-based fraud score in real time during authorizations for card-not-present transactions. The score indicates the likelihood that the requested transaction is fraudulent and the type of fraud that is suspected.
To assign the fraud score for a transaction, Mastercard compares the customer’s transaction data to their transaction behavior history and to a regional card-not-present fraud detection model. The resulting score is returned in the body of the response message.

Limitations

This feature is supported on Mastercard Payment cards issued in the US only.
This feature is supported with
Visa Platform Connect
only.

Requirement

Contact customer support to enable Mastercard Expert Monitoring Solutions for your account.
IMPORTANT
After this feature is enabled for your account, Mastercard returns a fraud score for all your card-not-present authorization requests for Mastercard payment cards issued in the US.

Related Information

Payment Features

Payer Authentication

Payer authentication is run before a transaction is submitted for authorization. Most of the time payer authentication is bundled with authorization so that after payer authentication happens, the transaction is automatically submitted for authorization. Payer authentication and authorization can be configured to occur as separate operations. This section shows you how to run payer authentication as a separate process and pass the payer authentication data when seeking authorization for a transaction.
Payer authentication consists of a two-step verification process that adds an extra layer of fraud protection during the payment process. During transactions, the transaction device, location, past purchasing habits, and other factors are analyzed for indications of fraud. This process collects customer data during the transaction from at least two of these three categories:
  • Something you have
    : A payment card or a payment card number
  • Something you know
    : A password or pin
  • Something you are
    : Facial recognition or fingerprint
Each of these payment card companies has its own payer authentication product:
  • American Express
    : SafeKey
  • Discover
    : ProtectBuy
  • JCB
    : J/Secure
  • Mastercard
    : Identity Check
  • Visa
    : Visa Secure
Payer authentication can be used to satisfy the Strong Customer Authentication (SCA) requirement of the Payment Services Directive (PSD2). SCA applies to the European Economic Area (EEA) and the United Kingdom. SCA requires banks to perform additional checks when customers make payments to confirm their identity.

Related Information

Payment Features

Relaxed Requirements for Address Data and Expiration Date in Payment Transactions

With relaxed requirements for address data and the expiration date, not all standard payment request fields are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required.

Related Information

Payment Features

Split Shipments

Split shipments enable you to split an order into multiple shipments with multiple captures. You can use this feature when a customer orders a product that is not yet available, or when one or some products are available but not all. You are able to request multiple partial captures for one authorization, multiple authorizations and one capture, or an authorization and a sale.
Cybersource
provides the split shipment services for authorizations and captures. There are three scenarios and actions you can take:
  • Multiple authorizations—Request more than one authorizations; when the order is placed for the unavailable product and after the product becomes available to ship.
  • Multiple partial captures—Request an authorization, and then request multiple partial captures for the amount of the products you ship. When the remaining product becomes available, ship it and request another capture.
  • Multiple authorizations with multiple partial captures—Request more than one authorizations and captures when all the products in the order are not available for immediate shipment. After the other products become available, request another authorization, and then a capture when you ship the remaining product.

How Split Shipments Transactions are Linked

All transactions for a split shipment are linked together in the
Business Center
and in reports. When you split an order into multiple shipments with multiple partial captures,
Cybersource
requests the additional authorizations for you.

Obtaining the Status of a System-Generated Authorization

IMPORTANT
A system-generated authorization is not performed in real time. The response message that you receive indicates that the request was received, not whether it was approved or declined.
A system-generated authorization can be declined for the same reasons that a regular authorization can be declined.
Cybersource
recommends you use one of following methods to obtain the status of the system-generated authorization request before shipping the product:
  • Business Center
    —Use the capture request ID to search for the follow-on capture. The details for all related transactions are displayed on the
    Transaction Details
    page. It can take a maximum of 6 hours for the status of the system-generated authorization request to be available.
  • Transaction Detail API—You must use version 1.3 or later of the report and include the parameter
    includeExtendedDetail
    in your query. It can take a maximum of 6 hours for the status of the system-generated authorization request to be available.
  • Transaction Exception Detail Report—
    Cybersource
    recommends you use this report on a daily basis to identify transactions that were declined.

Additional Authorizations

When you need an additional authorization for an order, you can use the
link-to-request
field to link follow-on authorizations to the original authorization in addition to the basic fields required for every authorization request. The follow-on authorization is linked to the original authorization in the
Business Center
and in reports. The captures for these authorizations are also linked to the original authorization in the
Business Center
and in reports.
For an additional authorization on a processor that supports merchant-initiated transactions, the authorization request must include the subsequent authorization fields that are required for merchant-initiated transactions.

Additional Captures

When you need an additional capture for an order,
Cybersource
performs a system-generated authorization for additional capture requests using the payment data from the original authorization. The system-generated authorization is linked to the original authorization in the
Business Center
and in reports. The captures are linked to the authorizations in the
Business Center
and in reports through the request IDs as with any capture.

Related Information

Payment Features

Introduction to Credentialed Transactions

Credentialed transactions are transactions that involve either storing a customer's payment credentials for future transactions or using a customer's already stored payment credentials. When processing a credentialed transaction, you must indicate the type of credentialed transaction and the reason for the transaction. Credentialed transactions are also known as
credential-on-file
(COF) transactions.
There are several types of credentialed transactions:
  • Customer-Initiated Transactions (CITs):
    Any transaction a customer is actively participating in such as making a card-present payment, completing an online checkout, or by using a stored credential. CIT transactions can store the customer's credentials in your system for future CITs or merchant-initiated transactions.
  • Merchant-Initiated Transactions (MITs):
    Any transaction a merchant initiates without the customer's participation such as an industry practice transaction or a standing instruction transaction.
    • Industry Practice Transactions:
      MITs that are performed as subsequent transactions to a CIT because the initial transaction could not be completed in one transaction. Not every industry practice transaction involves a stored credential. If a stored credential is used only for one transaction, that transaction is not considered a credentialed transaction.
    • Standing Instruction Transactions:
      MITs that are performed to follow agreed-upon instructions from the customer for the provision of goods and services.

Figure:

MIT Types

Supported Services

These are the supported merchant-initiated services:
  • Delayed Authorization
  • Incremental Transactions
  • Installment Transactions
  • Mastercard Standing Order Transactions
  • Mastercard Subscription Transactions
  • No-Show Transactions
  • Reauthorization
  • Recurring Transactions
  • Resubmission
  • Unscheduled Credentials-on-File Transactions
The service determines the reason for the credentialed transaction.
Payment Features

Token Management Service

The
Token Management Service
(
TMS
) enables you to replace personally identifiable information (PII), such as the primary account numbers (PANs), with unique tokens. These tokens do not include the PII data, but act as a placeholder for the personal information that would otherwise need to be shared. By using tokens, businesses can provide a secure payment experience, reduce the risk of fraud, and comply with industry consumer security regulations such as PCI-DSS.
TMS
links tokens across service providers, payment types, and channels for sellers, acquirers, and technology partners.
TMS
tokenizes, securely stores, and manages the primary account number (PAN), the payment card expiration date,
electronic check details,
and customer data.
TMS
also enables you to create a network token of a customer's payment card.
IMPORTANT
Due to mandates from the Reserve Bank of India, Indian merchants cannot store PANs. Use network tokenization instead.
You can manage sensitive data securely by creating, retrieving, updating, and deleting tokens through the TMS API.
TMS
simplifies your PCI DSS compliance.
TMS
passes tokens back to you that represent this data. You then store these tokens in your environment and databases instead of storing customer payment details.
TMS
protects sensitive payment information through tokenization and secures and manages customer data using these token types:
  • Customer tokens
  • Instrument identifier tokens
  • Payment instrument tokens
  • Shipping address tokens
These
TMS
tokens can be used individually, or they can be associated with one customer token:

Figure:

TMS
Token Types
Diagram of the unified token identifier.

Related Information

Payment Features