On This Page

Card Present Connect | Retail Integration Guide

This section describes how to use this guide and where to find further information.

Audience and Purpose

This guide is written for merchants who want to process card-present retail payments through
Cybersource
 and provides information about the
REST API
 guide for
eftpos
. For information about additional requirements and options for card-present transactions, see the
Payments Developer Guide
 in the Technical Documentation Portal.

Conventions

The following special statement is used in this document:
IMPORTANT
An
Important
 statement contains information essential to successfully completing a task or learning a concept.

Customer Support

For support information about any service, visit the Support Center:

Pilot Release

This document provides information about the pilot release of Card Present Connect | Retail for the
eftpos
 processor.

Recent Revisions to This Document

25.09.01

Initial pilot release for
eftpos
.

Introduction to Card Present Connect | Retail

Card Present Connect | Retail is part of a unified commerce solution for payment technology providers. This solution supports card-present transactions at the point of sale (POS) and on mobile POS devices. It also enables you to integrate with multiple processors and acquirers.
The platform uses end-to-end encryption to enable secure and innovative payment solutions. Retail integration and value-added services are available through a single integration on the Card Present Connect payment management platform.
eftpos is Australia’s domestic debit card payments network, which primarily offers co-badged, dual-network debit cards (DNDCs). These debit cards can be used for transactions processed through eftpos, Visa, or Mastercard networks. eftpos also offers single-network, eftpos-only debit cards that can be used for card-present transactions only.

Enabling the Card Present Connect Platform

Before you can use the Card Present Connect platform, you must enable it.
Follow these steps to enable the Card Present Connect platform:
  1. Set up a
    Cybersource
     merchant account. To get started, contact your sales engineer, alliance partner, or technical account manager.
  2. Integrate the
    Cybersource
     APIs for use on the Card Present Connect platform.
  3. Integrate your terminal’s key management encryption and decryption with the Card Present Connect platform.
  4. Complete message-level validation (MLV) and Level 3 (L3) device certification. To get started, contact your sales engineer, alliance partner, or technical account manager.

Card-Present Transaction Risk Control Requirements

Card-present transactions carry lower risk than card-not-present transactions because the customer and payment card are physically present, which can result in lower transaction fees. However, acquirers must still apply standard risk-control measures. Acquirers must monitor transaction activity and manage fraud and disputes in accordance with payment network rules, including the Global Acquirer Risk Standards. They also must comply with these Visa risk compliance programs:
  • Visa Fraud Monitoring Program
  • Visa Dispute Monitoring Program
To meet risk control requirements, acquirers can use one of these options:
  • Enable
    Cybersource
     transaction and fraud monitoring tools.
  • Ensure that their payment technology partners (PTPs) implement transaction and fraud monitoring tools.
  • Deploy their own transaction and fraud monitoring tools.
Each option provides necessary fraud and risk controls for direct merchant relationships and for PTPs that do not operate their own monitoring solutions.
For more information, see Fraud and Risk Management Solutions.

Supported Transactions Types and Integrations

eftpos supports various card-present retail transaction types and integrations for point-of-sale (POS), mobile POS, and unattended devices.
For information about required and supported EMV tags, see EMV Tags Required for a Sale or Credit Request and EMV Tags Supported for a Sale or Credit Response.
Supported Transaction Types and Integrations
Transaction Type
Entry Mode
PIN Capability
Device Type
Sale
  • Contact (PIN required)
  • Contactless
  • Keyed
  • Swiped (PIN required)
  • Offline PIN (contact only)
  • Online PIN (contact, contactless, keyed, swiped)
  • PINless (contactless, keyed; below CVM limit)
  • Required:
     All devices
Sale with Cash Out
  • Contact (PIN required)
  • Contactless (PIN required)
  • Swiped (PIN required)
  • Offline PIN (contact only)
  • Online PIN
  • Required:
     POS
  • Optional:
     Mobile POS, Unattended
Cash Out
  • Contact (PIN required)
  • Contactless (PIN required)
  • Swiped (PIN required)
  • Offline PIN (contact only)
  • Online PIN
  • Required:
     POS
  • Optional:
     Mobile POS, Unattended
Refund
  • Does not apply.
  • Does not apply.
  • Required:
     All devices
Credit
  • Contact
  • Contactless
  • Keyed
  • Swiped
  • Not supported.
  • Required:
     All devices
Void
  • Linked to original transaction.
  • Not supported for refund.
  • Does not apply.
  • Required:
     All devices
Time-Out Void
  • Linked to original transaction.
  • Not supported for refund.
  • Does not apply.
  • Required:
     All devices

Card-Present Retail Payment Services

This section describes various card-present retail payment services and describes how to use them.

EMV Tags Required for a Sale or Credit Request

The EMV tags listed in the table are required for
eftpos
 sale or credit requests that include the
pointOfSaleInformation.emv.tags
 REST API field. A tag requirement can be mandatory (
M
) or conditional (
C
). A conditional tag must be sent in the request when it is present in the card and terminal.
For information about supported EMV tags for responses, see EMV Tags Supported for a Sale or Credit Response. For an overview of supported payment services, see Supported Transactions Types and Integrations.
Required
eftpos
 EMV Tags for a Sale or Credit Request
Tag ID
Tag Name
Tag Length (Characters)
Tag Requirement
Comment
82
Application Interchange Profile
2
M
84
Dedicated File Name
5-16
M
95
Terminal Verification Results
5
M
TVR might have changed in 0420. For example, issuer authentication failure.
9A
Transaction Date
3
M
9C
Transaction Type
1
M
5F2A
Transaction Currency Code
2
M
9F02
Amount, Authorized
6
M
  • Authorized amount of the transaction (excluding adjustments).
  • Used when calculating the cryptogram.
  • Value might not be the same value as shown in Field 4. For example, when the merchant or terminal applies a discount or surcharge before the online authorization request.
9F03
Amount, Cash Out
6
M
  • Must contain the cash component for sale (purchase) with cash-out and cash-out-only transactions at POS.
  • Contains zeros for sale transactions.
9F19
Token Requestor Id
6
C
Must be included, when present.
9F10
Issuer Application Data
Variable, up to 32
M
  • Contains proprietary application data for transmission to the issuer in an online transaction.
  • Examples of data included: key index value, cryptogram version.
9F1A
Terminal Country Code
2
M
9F26
Application Cryptogram
8
M
Cryptogram returned by the ICC in response of the
GENERATE AC
 command.
9F27
Cryptogram Information Data
1
M
Indicates the type of cryptogram and the actions to be performed by the terminal.
9F33
Terminal Capabilities
3
C
Not present for in-app payments, otherwise mandatory.
9F34
CVM Results
3
C
Not present for in-app payments, otherwise mandatory.
9F35
Terminal Type
1
M
9F36
Application Transaction Counter
2
M
For multi-network cards, this information cannot not be shared by both scheme applets.
9F37
Unpredictable Number
4
M
  • Provides variability and uniqueness to the cryptogram.
  • Required for full transactions and contactless, magnetic-stripe transactions.
9F6E
Third Party Data
Variable, up to 32
C
Must be included, when present.
9F66
Terminal Transaction Qualifier
4
C
Must be included, when present. Used for consumer-device CVM processing.

EMV Tags Supported for a Sale or Credit Response

The EMV tags listed in the first table are supported for
eftpos
 sale or credit responses that include the
pointOfSaleInformation.emv.tags
 REST API field.
The second table describes the components of Card Status Update (CSU) data. This data is transmitted to the ICC as part of the Issuer Authentication data and includes these details:
  • Indicates whether the issuer approved or declined a transaction.
  • Triggers actions defined by the issuer.
For information about required EMV tags for requests, see EMV Tags Required for a Sale or Credit Request.
For an overview of supported payment services, see Supported Transactions Types and Integrations.
Supported
eftpos
 EMV Tags for a Sale or Credit Response
Tag ID
Tag Name
Tag Length (Characters)
Comment
71
Issuer Script Template 1
Variable, up to 127
Present when received from the issuer (optional).
72
Issuer Script Template 2
Variable, up to 127
Present when received from the issuer (optional).
9F36
Application Transaction Counter
2
Present when received from the issuer (optional).
8A
Authorization Response Code
2
Present when received from the issuer (optional).
91
Issuer Authentication Data
Variable, up to 16
  • Present when received from the issuer.
  • Required for chip transactions when online issuer authentication is performed.
  • Does not apply to contactless transactions.
Bytes 1–4
4
ARPC cryptogram.
Bytes 5–8
4
See the Card Status Update Data Elements table for more information.
Bytes 9–16
Variable, up to 8
  • Contains proprietary authentication data, when present.
  • Data is not used by the card.
  • Can be used by the issuer to communicate data to the terminal.
  • When the Card Status Update (CSU) bit Proprietary Authentication Data Included is set to
    1
    , these 0 to 8 bytes (when present) are authenticated by the ARPC cryptogram.
  • See the Card Status Update Data Elements table for more information.
Card Status Update Data Elements
Byte
Bits
Description
1
8
1
: Proprietary Authentication Data included.
7–5
Reserved for Future Use (RFU).
4–1
PIN Tries Counter.
2
8
1
: Issuer approves online transaction.
7
1
: Card block.
6
1
: Application block.
5
1
: Update PIN Tries Counter.
4
1
: Set Go Online on next transaction.
3
1
: CSU created by proxy for the issuer.
2-1
Update counters:
  • 00
    : Do not update counters.
  • 01
    : Set counters to Upper Offline Limits.
  • 10
    : Reset Offline Counters to zero.
  • 11
    : Add transaction to Offline Counters.
3
All
RFU.
4
8-5
ID of the first additional transaction profile in which Offline Counters may be reset to zero. Value of
0000
 means that the issuer did not request the option.
4-1
ID of the second additional transaction profile in which Offline Counters may be reset to zero. Value of
0000
 means that the issuer did not request the option.

Sale

Use this information to process a sale transaction, which combines an authorization and capture into a single transaction. A sale transaction is also called a
purchase
 in some regions.
For information about required and supported EMV tags, see EMV Tags Required for a Sale or Credit Request and EMV Tags Supported for a Sale or Credit Response.
For an overview of supported payment services, see Supported Transactions Types and Integrations.
eftpos supports these additional sale payment services:
Sale with cash out
The customer requests a cash amount in addition to their purchase. The total amount of the sale (purchase amount plus cash amount) is debited from their bank account and the customer receives the cash amount at the point of sale (POS). A cash out transaction is also called a
cash back transaction
.
Cash out
The customer uses their payment card to make a cash withdrawal (cash out) from their bank account at the POS without making a purchase.

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/payments
Test:
POST
https://apitest.cybersource.com
/pts/v2/payments

Required Fields for a Sale

Set the value to
eftpos purchase
,
eftpos purchase cashout
, or
eftpos cashout
.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
A value is required for sale (purchase) with cash out and cash-out only transactions.
A value is required for keyed transactions.
A value is required for keyed transactions.
A value is required for keyed transactions.
A value is required for keyed transactions.
Set the value to
CH
 or
SA
.
Set the value to
070
.
A value is required when EMV tag 9F24 is configured on the ICC/Chip.
A value is required for unattended transactions.
A value is required when EMV tag 5F34 is configured on the ICC/Chip.
A value is required for EMV fallback transactions when the payment device is unable to communicate with the ICC. Include all swiped entry mode required field.
A value is required for full EMV on contact and contactless entry modes. Tag 5F34 is prohibited.
A value is required for PIN transactions.
A value is required for PIN transactions.
Set the value to
contact
,
contactless
,
swiped
, or
keyed
.
Set the value to
0
 for PIN transactions.
A value is required when configuring POS terminal capability.
A value is required for all sale (purchase) transactions.
A value is required for contact, contactless, and swiped entry modes.
Set the value to
true
 for cash out transactions only.
Set the value to
true
.
Set the value to
retail
.

REST Example: Sale for Contact with PIN

Request
{
  "clientReferenceInformation": {
    "code": "test123",
    "comments": "eftpos purchase",
    "transactionId": "uniqueValue221",
    "partner": {
      "thirdPartyCertificationNumber": "testTPCN",
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    }
  },
  "processingInformation": {
    "commerceIndicator": "retail",
    "capture": "true"
  },
  "pointOfSaleInformation": {
    "terminalCapability": "9",
    "terminalPinCapability": "4",
    "trackData": ";4687383222403232=33122201135520000F?",
    "emv": {
      "tags": "9F3303E0F0D0950500000000009F37045AB3314A9F10200FA501000000000000000000000000000
F0E21C106100000002F0000000000009F260879B5FCD1DAE1BA299F360201FA82025C009C01009F1A0200369A031708235
F2A0200369F03060000000000009F2701809F34030200009F3501229F02060000000007009F6E0A0121C106100000002F829F660400004000"
    },
    "pinBlockEncodingFormat": 0,
    "encryptedPin": "B2042C7F4175632F",
    "encryptedKeySerialNumber": "23288800990000000006",
    "entryMode": "contact"
  },
  "paymentInformation": {
    "card": {
      "type": "070",
      "sourceAccountType": "SA"
    },
    "paymentAccountReference": {
      "id": "TX3WNNNNNNNNNNNNNNNNNNNNNNNNN"
    }
  },
  "orderInformation": {
    "amountDetails": {
      "totalAmount": "1002.12",
      "currency": "AUD"
    }
  }
}
Response to a Successful Request
{
  "_links": {
    "void": {
      "method": "POST",
      "href": "/pts/v2/payments/7580450311816257603092/voids"
    },
    "self": {
      "method": "GET",
      "href": "/pts/v2/payments/7580450311816257603092"
    }
  },
  "clientReferenceInformation": {
    "code": "test123",
    "comments": "eftpos purchase",
    "partner": {
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    },
    "transactionId": "uniqueValue221"
  },
  "id": "7580450311816257603092",
  "orderInformation": {
    "amountDetails": {
      "totalAmount": "1002.12",
      "authorizedAmount": "1002.12",
      "currency": "AUD"
    }
  },
  "paymentAccountInformation": {
    "card": {
      "type": "070"
    }
  },
  "paymentInformation": {
    "tokenizedCard": {
      "type": "070"
    },
    "card": {
      "type": "070"
    }
  },
  "pointOfSaleInformation": {
    "emv": {
      "tags": "91084B4E9D760080000071189F180400000002860F8C1800000A8E0855D9DDEF76515D2C8A023936"
    }
  },
  "processorInformation": {
    "systemTraceAuditNumber": "274061",
    "settlementDate": "0917",
    "retrievalReferenceNumber": "274061503117",
    "responseCode": "00",
    "avs": {
      "code": "2"
    }
  },
  "reconciliationId": "7580450311816257603092",
  "status": "AUTHORIZED",
  "submitTimeUtc": "2025-09-16T17:50:31Z"
}

Refund

Use this information to process a refund. This transaction is also called a
follow-on refund
 or
linked refund
. To link a refund to a specific sale transaction, include the original transaction ID in the request. A refund with online PIN is not supported currently. For an overview of supported payment services, see Supported Transactions Types and Integrations.

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/payments/
{id}
/refunds
Test:
POST
https://apitest.cybersource.com
/pts/v2/payments/
{id}
/refunds
The
{id}
 is the transaction ID returned in the capture or sale response.

REST Example: Refund

Request
{
    "clientReferenceInformation": {
      "code": "RTSFOCredit",
      "comments": "eftpos refund",
      "transactionId": "uniqueValue11",
      "partner": {
        "thirdPartyCertificationNumber": "testTPCN",
        "developerId": "eftpos12",
        "solutionId": "eftpos123"
      }
    },
    "orderInformation": {
      "amountDetails": {
        "totalAmount": "100.00",
        "currency": "AUD"
      }
    }
  }
Response to a Successful Request
{
  "_links": {
    "void": {
      "method": "POST",
      "href": "/pts/v2/refunds/7580524608596456303813/voids"
    },
    "self": {
      "method": "GET",
      "href": "/pts/v2/refunds/7580524608596456303813"
    }
  },
  "clientReferenceInformation": {
    "code": "RTSFOCredit",
    "comments": "eftpos refund",
    "partner": {
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    },
    "transactionId": "uniqueValue11"
  },
  "id": "7580524608596456303813",
  "orderInformation": {
    "amountDetails": {
      "currency": "AUD"
    }
  },
  "processorInformation": {
    "systemTraceAuditNumber": "522395",
    "retrievalReferenceNumber": "522395542119",
    "settlementDate": "0917",
    "responseCode": "00"
  },
  "reconciliationId": "7580524608596456303813",
  "refundAmountDetails": {
    "currency": "AUD",
    "refundAmount": "100.00"
  },
  "status": "PENDING",
  "submitTimeUtc": "2025-09-16T19:54:21Z"
}

Credit

Use this information to process a credit, which is not linked to a previous sale transaction. A credit with online PIN is not supported currently.
For information about required and supported EMV tags, see EMV Tags Required for a Sale or Credit Request and EMV Tags Supported for a Sale or Credit Response.
For an overview of supported payment services, see Supported Transactions Types and Integrations.

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/credits/
Test:
POST
https://apitest.cybersource.com
/pts/v2/credits/

Required Fields for a Credit

A value is required for a payment aggregator or facilitator.
Set the value to
eftpos credit
.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
A value is required for keyed transactions.
A value is required for keyed transactions.
A value is required for keyed transactions.
A value is required for keyed transactions.
Set the value to
CH
 or
SA
.
Set the value to
070
.
A value is required when EMV tag 9F24 is configured on the ICC/Chip.
A value is required for unattended transactions.
A value is required when EMV tag 5F34 is configured on the ICC/Chip.
A value is required for EMV fallback transactions when the payment device is unable to communicate with the ICC. Include all swiped entry mode required field.
A value is required for full EMV on contact and contactless entry modes. Tag 5F34 is prohibited.
Set the value to
contact
,
contactless
,
swiped
, or
keyed
.
A value is required when configuring POS terminal capability.
A value is required for contact, contactless, and swiped entry modes.
Set the value to
retail
.

REST Example: Credit

Request
{
  "clientReferenceInformation": {
    "code": "test123",
    "comments": "eftpos credit",
    "transactionId": "uniqueValue1",
    "partner": {
      "thirdPartyCertificationNumber": "testTPCN",
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    }
  },
  "processingInformation": {
    "commerceIndicator": "retail"
  },
  "orderInformation": {
    "amountDetails": {
      "totalAmount": "100.00",
      "currency": "aud"
    }
  },
  "pointOfSaleInformation": {
    "trackData": ";4687383%%%222403232=33122201135520000F?",
    "terminalCapability": "4",
    "entryMode": "swiped"
  },
  "paymentInformation": {
    "card": {
      "type": "070",
      "sourceAccountType": "SA"
    }
  }
}
Response to a Successful Request
{
  "_links": {
    "void": {
      "method": "POST",
      "href": "/pts/v2/credits/7580673765346082503814/voids"
    },
    "self": {
      "method": "GET",
      "href": "/pts/v2/credits/7580673765346082503814"
    }
  },
  "clientReferenceInformation": {
    "code": "test123",
    "comments": "eftpos credit",
    "partner": {
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    },
    "transactionId": "uniqueValue1"
  },
  "creditAmountDetails": {
    "currency": "aud",
    "creditAmount": "100.00"
  },
  "id": "7580673765346082503814",
  "orderInformation": {
    "amountDetails": {
      "currency": "aud"
    }
  },
  "paymentAccountInformation": {
    "card": {
      "type": "070"
    }
  },
  "paymentInformation": {
    "tokenizedCard": {
      "type": "070"
    },
    "card": {
      "type": "070"
    }
  },
  "processorInformation": {
    "systemTraceAuditNumber": "522495",
    "retrievalReferenceNumber": "522495025600",
    "settlementDate": "0917",
    "responseCode": "00"
  },
  "reconciliationId": "7580673765346082503814",
  "status": "PENDING",
  "submitTimeUtc": "2025-09-17T00:02:56Z"
}

Void for a Sale or Credit

Use this information to void a sale or credit transaction that was submitted but not yet processed by the processor. A void for a refund is not supported currently.
For an overview of supported payment services, see Supported Transactions Types and Integrations.

Void a Sale Transaction

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/payments/
{id}
/voids
Test:
POST
https://apitest.cybersource.com
/pts/v2/payments/
{id}
/voids
The
{id}
 is the transaction ID returned in the sale response.

Void a Credit Transaction

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/credits/
{id}
/voids
Test:
POST
https://apitest.cybersource.com
/pts/v2/credits/
{id}
/voids
The
{id}
 is the transaction ID returned during the capture or credit response.

Required Fields for a Void for a Sale or Credit

Set the value to
eftpos void
.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.

REST Example: Void for a Sale or Credit

Request
{
  "clientReferenceInformation": {
    "code": "RTS-Void",
    "comments": "eftpos void",
    "partner": {
      "thirdPartyCertificationNumber": "testTPCN",
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    }
  }
}
Response to a Successful Request
{
  "_links": {
    "self": {
      "method": "GET",
      "href": "/pts/v2/voids/7580633387756828103814"
    }
  },
  "clientReferenceInformation": {
    "code": "RTS-Void",
    "comments": "eftpos void",
    "partner": {
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    }
  },
  "id": "7580633387756828103814",
  "orderInformation": {
    "amountDetails": {
      "currency": "AUD"
    }
  },
  "processorInformation": {
    "retrievalReferenceNumber": "522493541022",
    "settlementDate": "0917",
    "responseCode": "00"
  },
  "reconciliationId": "7580632501046798503812",
  "status": "VOIDED",
  "submitTimeUtc": "2025-09-16T22:55:39Z",
  "voidAmountDetails": {
    "currency": "aud",
    "voidAmount": "100.00"
  }
}

Time-Out Void for a Sale or Credit

Use this information to process a time-out void for a sale or credit. This service enables you to cancel a transaction for which you did not receive a response. A time-out void for a refund is not supported currently.
For an overview of supported payment services, see Supported Transactions Types and Integrations.

Endpoint

Production:
POST
https://api.cybersource.com
/pts/v2/voids/
Test:
POST
https://apitest.cybersource.com
/pts/v2/voids/

Required Fields for a Time-Out Void for a Sale or Credit

Set the value to
eftpos timeout void
.
Set the value to the
transaction ID
 for the original transaction.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.
Cybersource
 provides the value for this field.

REST Example: Time-Out Void for a Sale or Credit

Request
{
  "clientReferenceInformation": {
    "code": "RTS-TimeOutVoid",
    "comments": "eftpos timeout void",
    "transactionId": "uniqueValue1",
    "partner": {
      "thirdPartyCertificationNumber": "testTPCN",
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    }
  }
}
Response to a Successful Request
{
  "_links": {
    "self": {
      "method": "GET",
      "href": "/pts/v2/voids/7580640991306189703814"
    }
  },
  "clientReferenceInformation": {
    "code": "RTS-TimeOutVoid",
    "comments": "eftpos timeout void",
    "partner": {
      "developerId": "eftpos12",
      "solutionId": "eftpos123"
    },
    "transactionId": "uniqueValue1"
  },
  "id": "7580640991306189703814",
  "orderInformation": {
    "amountDetails": {
      "currency": "AUD"
    }
  },
  "processorInformation": {
    "retrievalReferenceNumber": "522492514022",
    "settlementDate": "0917",
    "responseCode": "00"
  },
  "reconciliationId": "7580631006866928703813",
  "status": "VOIDED",
  "submitTimeUtc": "2025-09-16T23:08:19Z",
  "voidAmountDetails": {
    "currency": "aud",
    "voidAmount": "100.00"
  }
}