CardPayment
Applicable To: Pre-authorization and Direct Purchase of Credit Cards
This API is applicable when users enter card information on the merchant's page, rather than being redirected to YabandPay's hosted page to input card information. Special notes:
1 If the merchant has obtained PCI DSS certification and has the capability to securely process cardholder information, they can create a form for collecting card information independently and submit the data via the cardinfo parameter.
2 If the merchant uses the front-end plugin provided by YabandPay to collect users' card information (you may contact YabandPay to obtain the integration method), the plugin will return a one-time encrypted payment_token_object, which can be used to initiate subsequent payment requests.
[!TIP|style:flat]
The pre-authorization is valid for 30 days. After 30 days, the pre-authorization order will automatically expire.
API URL:https://mapi.yabandpay.com/Payments
Method:POST
POST data type:Json
| Parameter | Type | Description | Required |
|---|---|---|---|
| user | String | the UID of cashier account | Required |
| sign | String | signature | Required |
| method | String | v3.CreateCardPayments | Required |
| time | Long | timestamp | Required |
- Parameter
| Parameter | Type | Description | Required |
|---|---|---|---|
| pay_method | String | online | Required |
| sub_pay_method | String | Cards HPP | Required |
| operation | String | 1.Sales 2.Authorisation; | Required |
| order_id | String | order id from Merchant | Required |
| 3ds_initiate | String | 01. Enable 3D Secure ; 02.Disable 3D Secure(Activate after approval);03. SCA exemption(Activate after approval); | Required |
| sca_exemption | String | LowValue | Required when 3ds_initiate=03 |
| payment_token_object | String | The string obtained from the YabandPay payment plugin | Choose either cardinfo or payment_token_object |
| cardinfo | String | cardinfo | Either cardinfo or payment_token_object is required. The value of cardinfo should be processed as a string (the fields within cardinfo do not need to be sorted). |
| cardinfo.card_holder | string | card_holder name | Required |
| cardinfo.card_number | string | card number | Required |
| cardinfo.expiration_month | string | Card Expiration Month (MM) | Required |
| cardinfo.expiration_year | string | Card Expiration Year (YYYY) | Required |
| cardinfo.cvc | string | CVC (Storing CVC in any form violates PCI DSS regulations) | Required |
| amount | String | format in cents: € 24.99 should be 24.99 | Required |
| currency | String | ISO 4217, For example EUR, CHF | Required |
| description | String | order description | Required |
| demo | String | custom field | Optional |
| timeout | String | Timeout (minutes) value 0-1440 | Required |
| redirect_url | String | the redirect URL after payment is completed | Required |
| notify_url | String | asynchronous notification url | Required |
| request_id | String | The request ID must be unique. It is recommended to use a combination of at least 24 digits and letters. | Required |
Signature:
Lexicographical sequence and URL key-value format new string
”3ds_initiate=01&amount=0.1&cardinfo={"card_holder":"John Smith","card_number":"4356789012345670","expiration_month":"01","expiration_year":"2023","cvc":"123"}¤cy=EUR&description=test&method=v3.CreateCardPayments¬ify_url=https://www.yabandpay.com/notify&operation=11&order_id=1756878556&pay_method=online&redirect_url=https://www.yabandpay.com/redirect_url&request_id=a7z1lox4l6z6mdx1udgn5gtezasze1x0&sca_exemption=LowValue&sub_pay_method=Card&time=1756878556&timeout=0&user=016683“
Example Request:cardinfo:
{
"user": "016683",
"sign": "63a5616e1d02f60f8e3155b783f428040467690dcb75aa6daee8118b5225332f",
"method": "v3.CreateCardPayments",
"time": 1756878556,
"data": {
"description": "test",
"3ds_initiate": "01",
"timeout": "0",
"pay_method": "online",
"sub_pay_method": "Card",
"operation": "11",
"order_id": 1756878556,
"cardinfo": "{\"card_holder\":\"John Smith\",\"card_number\":\"4356789012345670\",\"expiration_month\":\"01\",\"expiration_year\":\"2023\",\"cvc\":\"123\"}",
"sca_exemption": "LowValue",
"amount": "0.1",
"currency": "EUR",
"redirect_url": "https://www.yabandpay.com/redirect_url",
"notify_url": "https://www.yabandpay.com/notify",
"request_id": "a7z1lox4l6z6mdx1udgn5gtezasze1x0"
}
}
Example Request:payment_token_object:
{
"user": "016683",
"sign": "dde28b1765b4629ef1a7a0047e0ae9e7084b91eb1dd2d1e59c578c8badca4c5b",
"method": "v3.CreateCardPayments",
"time": 1720680417,
"data": {
"payment_token_object": "4564sf65as4f5awe4ft65awe4gt65ewaa4t65ew4t65ew4t65rew4t",
"description": "test",
"3ds_initiate": "01",
"timeout": "0",
"pay_method": "online",
"sub_pay_method": "Card",
"operation": "1",
"order_id": "203040950640690239603690",
"amount": "1",
"currency": "EUR",
"redirect_url": "https://www.yabandpay.com/redirect_url",
"notify_url": "https://www.yabandpay.com/notify",
"request_id": "tscqf7ki76o7aem4z1yl1xs72f89fptl"
}
}
Example Response:
{
"status": true,
"code": "200",
"data": {
"order_id": "203040950640690239603690",
"trade_id": "160899f3-f6d9-a8d8-ab5b-82eacdab9c5b",
"amount": "1.00",
"currency": "EUR",
"url": "https://pay.yabandpay.com/payments/callback/order/MTYwODk5ZjMtZjZkOS1hOGQ4LWFiNWItODJlYWNkYWI5YzVi",
"state": "processing"
},
"message": "",
"response_id": "202407111544200649155078"
}
More Information:
Return results:
On a successful API call, the response will be
"status": true.On a failed API call, the response will be
"status": false.
You need to redirect to the returned url. After the user completes the 3DS at this url, they will be redirected back to the redirect_url.
We strongly recommend using both Order Query and Asynchronous Notification simultaneously to synchronize and update payment status, ensuring real-time accuracy of payment information.
If the order status state is paid, the payment is successful. If the order status state is authorized, the authorisation is successful.
Result/Error codes:
| Status | Code | Message |
|---|---|---|
| true | 200 | |
| false | -1000 | Internal error |
| false | -403 | The signature Error |
| false | -2001 | The user not exist |
| false | -3001 | Required field is missing |
| false | -4118 | Incorrect request ID |