PCI Deposit Creation Endpoint
Learn how to use the PCI Deposit endpoint to create One Shot payments with credit cards
Last updated
Learn how to use the PCI Deposit endpoint to create One Shot payments with credit cards
Last updated
POST https://cc-api-stg.directa24.com/v3/deposits
This endpoint allows you to generate credit cards transactions by sending the Credit Card details.
| Name | Type | Description |
|---|---|---|
| Name | Type | Description |
|---|---|---|
The usage of this endpoint is restricted to PCI Compliant merchants who have shared their PCI AOC certificate with their Account Manager.
A request made through the PCI Deposit Creation endpoint works almost in the same way than the non-PCI Deposits endpoint does, with the difference being on the credit_card object you need to send.
The transactions created using the V3 PCI endpoint will receive:
Synchronic answer confirming the result of the transaction (in case that no 3DS authentication is required), hence no notifications will be sent by default.
In case of requiring a 3DS Authentication of the payer, then the result of the transaction will be PENDING_AUTHENTICATION in order to trigger the corresponding flow. In this case a webhook notification will be sent to check the final status of the Deposit.
Please visit Deposits with 3DS Authentication for more details.
For more information about Pending Authentication results, please visit Deposits with 3DS Authentication.
Along with every REJECTED transaction, we will provide you with a reason and a reason_code you can use to map the error codes on your end.
In the following table you will find card numbers from specific brands to test different payment flows and our systems' responses.
For all Results:
Expiration date has to be in the future (expiration_month + expiration_year)
cvv: any three numeric digits.
holder_name : any name.
For Success Results in STG: any card number not listed below, will simulate a success scenario. (For example, Card Number: 4111111111111111)
Content-Type
string
application/json
X-Date
string
ISO8601 Datetime with Timezone:
yyyy-MM-dd'T'HH:mm:ssZ
X-Login
string
Merchant X-Login API Key
Authorization
string
Authorization control hash
X-Idempotency-Key
string
Unique idempotency key
country*
string
Country of the transaction
amount*
number
Amount of the transaction
currency*
string
Currency of the amount specified
invoice_id*
string
Unique deposit ID on the merchant end
payer*
object
Object containing details about the customer. See "Payer object" section for details
credit_card
object
Object containing the credit card details
card_token
string
Card Token obtained from our Cards SDK
description
string
Descriptor for the transaction
client_ip*
string
Valid IPv4/v6 Address of the customer
device_id
string
Unique customer's device ID created using our JS library
fee_on_payer
boolean
Used to specify if you want to let the customer assume the deposit fee
Field name
Format
Description
deposit_id
Integer
ID of the deposit generated on our end. Store this ID for future reference
user_id
String
ID of the user. If you didn't send it, it is generated by us
merchant_invoice_id
String
ID of the deposit on your end. If you didn't send it, it is generated by us
payment_info
Object
Object containing the information about the payment
payment_info.type
String
Type of transaction (Always CREDIT_CARD)
payment_info.result
String
Status of the transaction: SUCCESS or REJECTED
payment_info.reason
String
Transaction result. Only shown in case of rejection
payment_info.reason_code
String
Code of the result. Only shown in case of rejection
payment_info.payment_method
String
Payment method code. See the list here.
payment_info.payment_method_name
String
Payment method name. See the list here.
payment_info.amount
number
Amount sent to the card acquirer
payment_info.currency
string
Currency of the amount sent to the card acquirer
payment_info.created_at
string
Transaction date
authentication_url
URL
URL to display to the end-user in order to complete the 3DS Authentication.
Field name
Format
Description
code
Number
Error code. See the list of error codes
description
String
Description of the error
details[]
String
Details about the errors. It is shown in case of invalid details
type
String
Error code name. It is not always shown. See the list of error codes
Transaction status
Reason code
Reason
REJECTED
EXTERNAL_HIGH_RISK
The card issuer rejected the payment because of their anti-fraud rules
REJECTED
TRX_NOT_SUPPORTED
Transaction type is not supported for acquirer
REJECTED
INVALID_CARD_NUMBER
Invalid credit card number
REJECTED
INVALID_CARD_HOLDER
Invalid card holder
REJECTED
INVALID_CARD_EXPIRATION
Invalid expiration date
REJECTED
INVALID_SECURITY_CODE
Invalid CVV/CVV2
REJECTED
INVALID_ISSUER
Invalid card issuer
REJECTED
INVALID_PIN
Invalid card pin
REJECTED
DUPLICATE_PAYMENT
Payment duplicated
REJECTED
MAX_ATTEMPTS_REACHED
Max attempts reached for this user and card
REJECTED
INSUFFICIENT_FUNDS
Insufficient funds
REJECTED
AUTHORIZATION_CALL_REQUIRED
The transaction was rejected because the user needs to call their bank to activate the card
REJECTED
CARD_BIN_NOT_FOUND
Credit card bin number not found
REJECTED
CARD_EXPIRED
Credit card expired
REJECTED
CARD_DECLINED
Card declined by issuer
REJECTED
CARD_REPORTED_STOLEN
Card reported as stolen
REJECTED
CARD_REPORTED_LOST
Card reported as lost
REJECTED
CARD_RESTRICTED_BY_BANK
The card was blocked by the bank
REJECTED
CARD_REQUESTED_BY_BANK
The card is requested by the bank
REJECTED
CARD_BLACKLISTED
Card blacklisted
REJECTED
CARD_DISABLED
Card disabled
REJECTED
OTHER_REASON
Generic rejection reason
Field name
Format
Description
Default
Validations
Required
country
string (length: 2)
Country code of the deposit in ISO 3166-1 alpha-2 code format
Yes
amount
decimal (max decimals: 2)
Deposit amount in the currency specified
Number of up to 18 integers and 2 decimals places
Yes
currency
string (length: 3)
Currency code of the amount in ISO 4217 format
USD
See Currencies
Yes
installments
integer (max length: 2)
Number of installments in which the deposit will take place. *Check eligibility with your commercial contact.
Integer number between 1 and 12.
No
invoice_id
string (max length: 128)
Unique deposit ID on the merchant end
random
^[A-Za-z0-9-_]*$
Yes
payer
object[]
Yes
credit_card
object[]
No
description
string (max length: 100)
Transaction description. It could be shown on the customers credit card extract
String of up to 100 characters
No
client_ip
string
Valid IPv4 or IPv6 Address
IPv4/v6 Address
Yes
device_id
string (max length: 100)
Unique customer's device ID. Used to identify and prevent fraud.
String of up to 100 characters
No
card_token
string (max length: 50)
Card Token generated with Cards SDK Without User Interface.
String of up to 50 characters
No
fee_on_payer
boolean
Choose if the deposit's fee will be paid by the customer or debited from your balance
false
[true, false]
No
sub_merchant_id
integer
Used to specify for which SubMerchant ID the deposit will be created.
Field name
Format
Description
Validations
Required
cvv
String (max length: 4 digits)
Credit card CVV/CVV2 code
^\d{3,4}$
size must be between 3 and 4
Yes
card_number
String (max length: 16 digits)
The credit card number consisting of up to 16 digits
Yes
expiration_month
String(length: 2)
Credit card expiration month
^(1[0-2]|0[1-9]|[1-9])$
Yes
expiration_year
String(length: 2)
Credit card expiration year last two digits
^\d{2}$
Valid year: 25
Yes
holder_name
String (max length: 256)
The name of the credit card owner
Valid name
Yes
Field name
Format
Description
Default
Validations
Required
id
string (max length: 128)
Customer's ID generated on your end. Used to locate user's transaction on our Merchant Panel
If none is sent, we will autogenerate it
^[A-Za-z0-9]*$
Recommended
document
string (max length: 30)
Customer's document ID. Ensure it is correct and the user can't change it every time he/she deposits
Yes
document_type
string (max length: 10)
Customer's document type. Optional, if sent must be a valid document type
Yes
email
string (max length: 255)
Valid customer's email address
Valid email address
Yes
first_name
string (max length: 128)
Customer's first name
String of up to 128 characters
Yes
last_name
string (max length: 128)
Customer's last name
String of up to 128 characters
Yes
address
object[]
No
phone
string (max length: 32)
Valid customer's phone number
No
birth_date
string (max length: 8)
Customer's birthdate in format yyyyMMdd. E.g.: 19801027
Numeric format expected: yyyyMMdd
No
Field name
Format
Description
Validations
Required
street
string (max length: 255)
Customer's street
String of up to 255 characters
No
city
string (max length: 128)
Customer's city
String of up to 128 characters
No
state
string (max length: 3)
Customer's state code in ISO 3166-2 code format
Valid state code in ISO 3166-2 format. Check our States endpoint here
No
zip_code
string (max length: 16)
Customer's zip code
No
Card Number
Result
4222222222222220
Card Rejected.
4000000000000060
Card Expired.
4444444444444440
Insufficient funds.
4000000000000110
Card reported as stolen.
4000000000000040
The card issuer rejected the payment because of their anti-fraud rules.
Card Number
Result
5454545454545450
Card Rejected.
5555555555554440
Card Expired.
5105105105105100
Insufficient funds.
5451951574925480
Card reported as stolen.
5406251139676600
The card issuer rejected the payment because of their anti-fraud rules.
Card Number
Result
340000000000009
Card Rejected.
373737373737374
Card Expired.
370000000000002
Insufficient funds.
343434343434343
Card reported as stolen.
341111111111111
The card issuer rejected the payment because of their anti-fraud rules.
Card Number
Result
3530185156387080
Card Rejected.
3566002020360500
Card Expired.
3555555555555552
Insufficient funds.
3539189698635270
Card reported as stolen.
3588430314874690
The card issuer rejected the payment because of their anti-fraud rules.