Create Card on File
This methods allows the storing of card details that have already been authenticated.
The returned storedPaymentOptionReference can be used e.g. in /payment/mit endpoint to authorize a merchant initiated payment without the need of additional 3DS challenges or submission of card details.
important
This endpoint contains PCI data and requires forwarding through /forwarding/tokenize.
Request
Path:
POST {baseUrl}/accounts/{customerAccountId}/paymentOptions
Header:
Content-Type: application/json
Accept-Language: en-US
Authorization: Basic M2lwN2Yx...OGU3Mg==
{
"customerAccountId": "Gscypec",
"payment": {
"description": "UCOF Registeration for further MIT*diiILks",
"amount": 0.01,
"currencyCode": "EUR"
},
"billingAddress": {
"addressLine1": "Leopoldstr.",
"number": "244",
"city": "Muenchen",
"postCode": "80807",
"countryCode": "DEU"
},
"consumer": {
"merchantCustomerId": "Gscypec",
"firstName": "John",
"lastName": "Doe",
"emailAddress": "Gscypec@mail.com",
"title": "Mr",
"culture": "en-EN",
"dateOfBirth": "1989-11-08",
"gender": "Mr",
"mobilePhone": "+49123456789",
"homePhone": "+49123456789",
"workPhone": "+49123456789"
},
"paymentOption": {
"card": {
"cardDetails": {
"cardHolder": "JOHN DOE",
"cardToken": "5123450000000008",
"cardExpiryMonth": "09",
"cardExpiryYear": "2029",
"cardBrand": "MSTRCRD",
"cvvToken": "123"
},
"3ds": {
"3ds2": {
"acsEci": "02",
"authenticationToken": "kHyn+7YFi1EUAREAAAAvNUe6Hv8=",
"transactionStatus": "Y",
"protocolVersion": "2.1.0",
"dsTransactionId": "ad6cfb86-2893-4196-a500-5c97ed798b74",
"acsTransactionId": "2b2079df-ab41-4e25-ac3a-8c4702ebd41f"
}
}
}
}
}
API Parameters:
| Name | Description | Type | Required |
|---|---|---|---|
| customerAccountId | Customer identifier. | String | Yes |
| Payment | Please refer to Data Model - Payment. | Object | Yes |
| billingAddress | Please refer to Data Model - Address. | Object | Yes |
| Consumer | Please refer to Data Model - Consumer. | Object | Yes |
| paymentOption | Payment option details object to be provided to SmartPay. | Object | Yes |
| - card | Object | Yes | |
| - - cardDetails | Object | Yes | |
| - - - cardHolder | Credit card holder name. | String | Yes |
| - - - cardToken | PAN token. | String | Yes |
| - - - cardExpiryMonth | Credit card expiration month in format "MM". | Numeric | Yes |
| - - - cardExpiryYear | Credit card expiration year in format "YYYY". | Numeric | Yes |
| - - - cardBrand | Card brand code. Please refer to Data Model - Payment Options. | String | Yes |
| - - - cvvToken | CVV token. | String | No |
| - - 3ds2 | Contains the 3DS details returned by the response in GET 3DS session details. | Object | Yes |
| - - - ascEci | Indicates the security level of the transaction. | String | Yes |
| - - - authenticationToken | The 3D secure CAVV or AAV. Must be Base64 encoded. | String | Yes |
| - - - transactionStatus | Indicates the result of payer authentication with the issuer. - N: Transaction did not qualify as an authenticated transaction or account verification. - Y: The transaction qualified as an authenticated transaction. - C: 3DS version 2.2.0 only. Transaction requires a challenge. - R: 3DS version 2.2.0 only. A challenge is recommended for the transaction. - U: 3DS version 2.2.0 only. The transaction is unavailable for authentication. - A: 3DS version 2.2.0 only. The transaction is authenticated with a frictionless flow. | String | Yes |
| - - - protocolVersion | The version of the EMV 3-D Secure protocol used to perform 3-D Secure authentication, in the format specified by EMVCo. | String | Yes |
| - - - dsTransactionId | A unique transaction identifier assigned by the scheme Directory Server to identify the 3DS transaction. | String | Yes |
| - - - acsTransactionId | A unique transaction identifier assigned by the Access Control Server to identify the 3DS transaction. | String | Yes |
Response
Status Code:
201 (Payment option successfully stored)
Header:
Content-Type: application/json
Accept-Language: en-US
{
"storedPaymentOptionReference": "Ky28Mgp5GLauHPmYxUnZO",
"cardDetails": {
"cardBrand": "MSTRCRD",
"cardHolder": "JOHN DOE",
"cardToken": "512345PFITLJFS0008",
"cvvToken": "WNZSWCUMAAHIDDVUDC",
"cardExpiryMonth": "09",
"cardExpiryYear": "2029"
}
}
API Parameters:
| Name | Description | Type |
|---|---|---|
| storedPaymentOptionReference | ID of the stored payment option that can be used for future payments. | String |
| cardDetails | Object | |
| - cardBrand | Card brand code. Please refer to Data Model - Payment Options. | String |
| - cardHolder | Credit card holder name. | String |
| - cardToken | PAN token. | String |
| - cvvToken | CVV token. | String |
| - cardExpiryMonth | Credit card expiration month in format "MM". | Numeric |
| - cardExpiryYear | Credit card expiration year in format "YYYY". | Numeric |