{"title":"API only with encrypted card data","category":"default","creationDate":1776961628,"content":"

To ensure PCI compliance when you build your own cards payment form, use our client-side solutions to help encrypt card details.<\/p>\n\n

\n
\n \n <\/tabs>\n <\/div>\n<\/div>\n\n
\n

If you prefer not to build your own card payment form, use Drop-in or Card Component for web<\/a>, iOS<\/a>, Android<\/a>, React Native<\/a>, or Flutter<\/a> instead.<\/p>\n<\/div>\n

Requirements<\/h2>\n\n\n\n\n\n\n
Requirement<\/th>\nDescription<\/th>\n<\/tr>\n<\/thead>\n
Integration type<\/strong><\/td>\nMake sure that you have built an API-only integration<\/a>. <\/td>\n<\/tr>\n
Setup steps<\/strong><\/td>\nBefore you begin, add the cards that you want to support in your test Customer Area<\/a>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Show the available cards in your payment form<\/h2>\n
\n

For information about the supported locations and currencies for each card, refer to Payment methods<\/a>.<\/p><\/div><\/div>\n\n

Specify in your \/paymentMethods<\/a> request a combination of countryCode<\/a> and amount.currency<\/a>, and use the \/paymentMethods<\/a> response to determine which cards are available to the shopper. For more information, refer to our API-only integration guide<\/a>.<\/p>\n

Next, use our client-side solutions to validate and encrypt your shopper's card details. Select the platform below:<\/p>\n\n

\n
\n \n <\/tabs>\n <\/div>\n<\/div>\n\n

Make a payment<\/h2>\n

From your server, make a POST \/payments<\/a> request, specifying:<\/p>\n\n\n\n\n\n\n\n\n\n\n
Parameter<\/th>\nDescription<\/th>\n<\/tr>\n<\/thead>\n
amount<\/code><\/td>\nThe currency<\/code> of the payment and its value<\/code> in minor units<\/a>.<\/td>\n<\/tr>\n
reference<\/code><\/td>\nYour unique reference for this payment.<\/td>\n<\/tr>\n
paymentMethod<\/code><\/td>\nObject that contains the encrypted card details from the client side<\/a>, the card holder's name (if you collected it), and a type<\/code> parameter set to scheme<\/strong><\/span>.<\/td>\n<\/tr>\n
returnUrl<\/code><\/td>\nURL to where the shopper should be taken back to after a redirection. The URL can contain a maximum of 1024 characters and should include the protocol: http:\/\/<\/code> or https:\/\/<\/code>. You can also include your own additional query parameters, for example, shopper ID or order reference number.
If the URL to return to includes non-ASCII characters, like spaces or special letters, URL encode the value.
The URL must not include personally identifiable information (PII), for example name or email address. <\/div><\/div><\/td>\n<\/tr>\n
merchantAccount<\/code><\/td>\nYour merchant account name.<\/td>\n<\/tr>\n
riskData<\/code><\/td>\nDevice characteristics and other data<\/a> that we use to detect fraudulent payment activity, and mitigate fraud. If you collect additional data<\/a> from other pages on your website, that data is also included in this object.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n <\/code-sample>\n<\/div>\n

The \/payments<\/a> response contains:<\/p>\n