On This Page

Credentialed Transactions Developer Guide

This section describes how to use this developer guide and where to find further information.
Audience and Purpose
This guide is written for application developers who want to use the
Simple Order API
 to integrate payment card processing using credentials into an order management system.
Implementing the
Cybersource
 payment services requires software development skills. You must write code that uses the API request and response fields to integrate the credit card services into your existing order management system.
Visit the
Cybersource
 documentation hub to find additional processor-specific versions of this guide and additional technical documentation.
Convention
This statement appears in this document:
An
Important
 statement contains information essential to successfully completing a task or learning a concept.
Customer Support
For support information about any service, visit the Support Center:

Recent Revisions to This Document

24.02

Added the
subsequentAuth
 field to the required fields lists for Mastercard Initial CIT Standing Order Payments and Mastercard CIT Initial Subscription Payments. See Mastercard Initial CIT Standing Order Payment and Mastercard CIT Initial Subscription Payment.

24.01

Added the supported card types for each credentialed service throughout the guide.

VISA Platform Connect: Specifications and Conditions for Resellers/Partners

The following are specifications and conditions that apply to a Reseller/Partner enabling its merchants through
Cybersource for Visa Platform Connect (“VPC”) processing
. Failure to meet any of the specifications and conditions below is subject to the liability provisions and indemnification obligations under Reseller/Partner’s contract with Visa/Cybersource.
  1. Before boarding merchants for payment processing on a VPC acquirer’s connection, Reseller/Partner and the VPC acquirer must have a contract or other legal agreement that permits Reseller/Partner to enable its merchants to process payments with the acquirer through the dedicated VPC connection and/or traditional connection with such VPC acquirer.
  2. Reseller/Partner is responsible for boarding and enabling its merchants in accordance with the terms of the contract or other legal agreement with the relevant VPC acquirer.
  3. Reseller/Partner acknowledges and agrees that all considerations and fees associated with chargebacks, interchange downgrades, settlement issues, funding delays, and other processing related activities are strictly between Reseller and the relevant VPC acquirer.
  4. Reseller/Partner acknowledges and agrees that the relevant VPC acquirer is responsible for payment processing issues, including but not limited to, transaction declines by network/issuer, decline rates, and interchange qualification, as may be agreed to or outlined in the contract or other legal agreement between Reseller/Partner and such VPC acquirer.
DISCLAIMER: NEITHER VISA NOR CYBERSOURCE WILL BE RESPONSIBLE OR LIABLE FOR ANY ERRORS OR OMISSIONS BY THE VISA PLATFORM CONNECT ACQUIRER IN PROCESSING TRANSACTIONS. NEITHER VISA NOR CYBERSOURCE WILL BE RESPONSIBLE OR LIABLE FOR RESELLER/PARTNER BOARDING MERCHANTS OR ENABLING MERCHANT PROCESSING IN VIOLATION OF THE TERMS AND CONDITIONS IMPOSED BY THE RELEVANT VISA PLATFORM CONNECT ACQUIRER.

Introduction to Credentialed Transactions

Credentialed transactions are transactions that involve either storing a customer's payment credentials for future transactions or using a customer's already stored payment credentials. When processing a credentialed transaction, you must indicate the type of credentialed transaction and the reason for the transaction. Credentialed transactions are also known as
credential-on-file
 (COF) transactions.
There are several types of credentialed transactions:
  • Customer-Initiated Transactions (CITs):
     Any transaction a customer is actively participating in such as making a card-present payment, completing an online checkout, or by using a stored credential. CIT transactions can store the customer's credentials in your system for future CITs or merchant-initiated transactions.
  • Merchant-Initiated Transactions (MITs):
     Any transaction a merchant initiates without the customer's participation such as an industry practice transaction or a standing instruction transaction.
    • Industry Practice Transactions:
       MITs that are performed as subsequent transactions to a CIT because the initial transaction could not be completed in one transaction. Not every industry practice transaction involves a stored credential. If a stored credential is used only for one transaction, that transaction is not considered a credentialed transaction.
    • Standing Instruction Transactions:
       MITs that are performed to follow agreed-upon instructions from the customer for the provision of goods and services.

Figure:

MIT Types

Supported Services

These are the supported merchant-initiated services:
  • Delayed Authorization
  • Incremental Transactions
  • Installment Transactions
  • Mastercard Standing Order Transactions
  • Mastercard Subscription Transactions
  • No-Show Transactions
  • Reauthorization
  • Recurring Transactions
  • Resubmission
  • Unscheduled Credentials-on-File Transactions
The service determines the reason for the credentialed transaction.

Industry Practice Transactions

Industry practice transactions are follow-on transactions to a previous customer-initiated transaction. There are six types of industry practice transactions:

Business Center

You can create an industry practice transaction while using the
Business Center
 by requesting a new authorization in the Transaction Management section. You will need to confirm the new authorization is a MIT and provide one of these reason types for the authorization:
  • Account Top Up
  • Delayed Charges
  • No Show
  • Reauthorization
  • Resubmission
This process requires you to have already stored the customer's credentials from a previous customer-initiated transaction. For more information on storing a customer's credentials in the
Business Center
, see Customer-Initiated Transactions with Credentials on File.
To create an incremental transaction using the
Business Center
, choose one of these options:
  • Account Top Up
  • No Show

Standing Instructions Transactions

Standing instructions require stored credentials. The stored credentials framework sets standards for the storage and subsequent use of stored customer credentials by merchants. Transactions that use stored customer credentials are called credentials-on-file (COF) transactions.
By following the stored credentials framework, merchants are expected to:
  • Gain greater visibility of transaction risk levels.
  • Achieve higher authorization approval rates and completed sales.
  • Improve the customer experience.
  • Reduce customer complaints.
  • Participate in the Real Time Visa Account Updater service.
For more information on the stored credentials framework, see Improving Authorization Management for Transactions with Stored Credentials.
Standing instructions include these types of transactions:
  • Merchant-initiated unscheduled transactions (UCOF)
  • Installment transactions
  • Recurring transactions
  • Subscription transactions (Mastercard only)
  • Standing order transactions (Mastercard only)
All COF transactions start with customer-initiated transactions during which customers elect to store their credentials for future use.

Requirements for Standing Instruction Transactions

Merchants who offer stored credentials must:
  • Disclose to cardholders how those credentials will be used.
  • Obtain the customer's consent to store credentials.
  • Notify cardholders when changes are made to stored credential terms of use.
  • Inform the card issuer during an authorization that the payment credentials are now stored on file.
  • Identify transactions that use stored credentials.

Requirements for Standing Instruction Transactions

Merchants who offer stored credentials must:
  • Disclose to cardholders how those credentials will be used.
  • Obtain the customer's consent to store credentials.
  • Notify cardholders when changes are made to stored credential terms of use.
  • Inform the card issuer during an authorization that the payment credentials are now stored on file.
  • Identify transactions that use stored credentials.

Recurring Billing for Recurring Payments

If you are using the Recurring Billing service, do not use this document.
Cybersource
 saves and stores payment credentials for recurring transactions, ensuring compliance with COF best practices.
For more information on Recurring Billing, see .

Transaction Matrix

To make an authorization request a credentialed transaction, you must include additional fields that inform
Cybersource
 to either store the customer's payment information for future use, or to use an already stored card-on-file for the payment. This section describes the additional required fields that create an initial and subsequent credentialed transaction.

Initial Transactions

For an initial transaction, include these fields with a standard authorization request:
Set to one of these possible values:
  • internet
    : online transaction.
  • MOTO
    : mail order/telephone order transaction.
  • A payer authentication value.
Set to
false
.
Set to
true
.
Some processors and card types require a reason code when storing payment credentials.
If required, set to one of these possible values:
  • 1
    : Resubmission transaction.
  • 2
    : Delayed transaction.
  • 3
    : Reauthorization transaction.
  • 4
    : No-show transaction.
  • 5
    : Incremental transaction.
  • 7
    : Recurring transaction.
  • 8
    : Standing order transaction.
  • 9
    : Installment transaction.
  • 10
    : Unscheduled transaction.
<ccAuthService run="true">
    <commerceIndicator>internet</commerceIndicator>
</ccAuthService>
<subsequentAuth>false</subsequentAuth>
<subsequentAuthFirst>true</subsequentAuthFirst>
<subsequentAuthReason>7</subsequentAuthReason>
When you receive the initial transaction response, save the transaction identifier, which is located in the
request_id
 field. You need the transaction identifier for subsequent transactions. If you are using the
Token Management Service
 (
TMS
), the transaction identifier is stored on your behalf.

Subsequent Transactions

For a subsequent transaction, include these fields with a standard authorization request:
Set to one of these possible values:
  • internet
    : online transaction.
  • MOTO
    : mail order/telephone order transaction.
  • A payer authentication value.
Set to
false
.
Set to
true
.
Some processors and card types require a reason code when storing payment credentials.
If required, set to one of these possible values:
  • 1
    : Resubmission transaction.
  • 2
    : Delayed transaction.
  • 3
    : Reauthorization transaction.
  • 4
    : No-show transaction.
  • 5
    : Incremental transaction.
  • 7
    : Recurring transaction.
  • 8
    : Standing order transaction.
  • 9
    : Installment transaction.
  • 10
    : Unscheduled transaction.
  • American Express: set to the transaction ID from the original transaction.
  • Discover: set to the transaction ID from the original transaction.
  • Visa: set to the last successful transaction ID.
<ccAuthService run="true">
    <commerceIndicator></commerceIndicator>
</ccAuthService>
<subsequentAuth>true</subsequentAuth>
<subsequentAuthReason>7</subsequentAuthReason>
<subsequentAuthTransactionID>123456789123</subsequentAuthTransactionID>
<subsequentAuthStoredCredential>true</subsequentAuthStoredCredential>

Customer-Initiated Transactions with Credentials on File

A customer-initiated transaction (CIT) is a transaction initiated by the customer. There are two types of CITs:
  • Customer transactions during which the credentials are stored for future
    customer
    -initiated transactions.
  • Customer transactions during which the credentials are stored for future
    merchant
    -initiated transactions.
Customers can initiate a CIT at a merchant payment terminal, through an online purchase transaction, or by making a purchase using a previously stored credential.

Business Center

You can create a new customer-initiated transaction in the
Business Center
 by going to the One-Time Payments section and requesting a new authorization. When you have entered the customer's information, you can store the customer's credentials with the customer's permission in the Payment Information section. By doing so, you can perform merchant-initiated transactions for payments that the customer has pre-approved.
For more information on how to perform a MIT in the
Business Center
, see Merchant-Initiated No-Show Transactions with PAN.

Storing Customer Credentials with a CIT and PAN

Before you can perform a merchant-initiated transaction (MIT) or a customer-initiated transaction (CIT) with credentials-on-file (COF), you must store the customer's credentials for later use. Further, before you can store the user's credentials, you must get the customer's consent to store their private information. This is also known as establishing a relationship with the customer.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Storing Customer Credentials During a CIT

Use these required fields for storing customer credentials during a customer-initiated transaction.
When relaxed requirements for address data and the expiration date are being used, not all fields in this list are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required. For details about relaxed requirements, see Relaxed Requirements for Address Data and Expiration Date in Payment Transactions.

Simple Order Example: Storing Customer Credentials During a CIT

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuthFirst=True
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Using Stored Customer Credentials During a CIT

After customers store their credentials on file, they can recall these credentials to use with subsequent transactions.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Retrieving Customer Credentials During a Customer-Initiated Transaction

Use these required fields to retrieve customer credentials during a customer-initiated transaction.
When relaxed requirements for address data and the expiration date are being used, not all fields in this list are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required. For details about relaxed requirements, see Relaxed Requirements for Address Data and Expiration Date in Payment Transactions.

Card-Specific Required Field for Retrieving Customer Credentials During a CIT

Discover

Discover requires the authorization amount from the original transaction in addition to the above required fields.
subsequentAuthOriginalAmount

Mastercard

Mastercard requires a reason code in addition to the above required fields.
subsequentAuthReason
Set to
9
.

Simple Order Example: Retrieving Customer Credentials During a CIT

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuthStoredCredential=True
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Delayed Transaction

Delayed charge transaction is performed to process a supplemental account charge after original services have been rendered and respective payment has been processed.
This section describes how to process a merchant-initiated delayed transaction, also known as a delayed charge, using these payment types:

Merchant-Initiated Delayed Transaction with PAN

Delayed charge transaction is performed to process a supplemental account charge after original services have been rendered and respective payment has been processed.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Processing a Merchant-Initiated Delayed Transaction

Use these required fields to process a merchant-initiated delayed transaction.
When relaxed requirements for address data and the expiration date are being used, not all fields in this list are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required. For details about relaxed requirements, see Relaxed Requirements for Address Data and Expiration Date in Payment Transactions.
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_cardReferenceData
 field that was in the response message when you obtained the customer's credentials.
Set to
true
.
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_paymentNetworkTransactionID
 field that was in the response message when you obtained the customer's credentials.
Set to
true
.
Set to
2
.
Required only for Discover, Mastercard, and Visa.
  • American Express: set to the transaction ID from the original transaction.
  • Discover: set to the transaction ID from the original transaction.
  • Visa: set to the last successful transaction ID.

Card-Specific Required Field for Processing a Merchant-Initiated Transactions

Discover

The listed card requires an additional field:
subsequentAuthOriginalAmount
Provide the original transaction amount.

Simple Order Example: Processing a Merchant-Initiated Delayed Authorization Transaction

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=install
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthReason=2
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Incremental Transaction

An incremental authorization is used to increase the total amount authorized for a payment if the initial authorization does not cover the total cost of goods and services. An incremental transaction is an additional amount to the original authorization. The final authorized total includes amounts for both the initial and the incremental authorizations. Incremental transactions are limited to certain merchant categories, such as rental, lodging, transit, amusement parks, restaurants, and bars.
This section describes how to process an incremental transaction using these payment types:

Merchant-Initiated Incremental Transaction with PAN

An incremental authorization is used to increase the total amount authorized for a payment if the initial authorization does not cover the total cost of goods and services. An incremental transaction is an additional amount to the original authorization. The final authorized total includes amounts for both the initial and the incremental authorizations. Incremental transactions are limited to certain merchant categories, such as rental, lodging, transit, amusement parks, restaurants, and bars.
To create an incremental transaction using the
Business Center
, choose one of these options:
  • Account Top Up
  • No Show

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Processing Merchant-Initiated Incremental Transactions

Use these required fields to process merchant-initiated incremental transactions.
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_cardReferenceData
 field that was in the response message when you obtained the customer's credentials.
Set to
true
.
merchantId
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_paymentNetworkTransactionID
 field that was in the response message when you obtained the customer's credentials.
Set to
5
.
Required only for Discover and Visa.
Set to
true
.

Simple Order Example: Processing Merchant-Initiated Incremental Transactions

Request
billTo_street1=201 S. Division St.
billTo_city=Foster City
billTo_country=US
billTo_state=CA
billTo_postalCode=94404
purchaseTotals_currency=USD
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111

billTo_email=null@cybersource.com

billTo_firstName=John
billTo_lastName=Smith
purchaseTotals_grandTotalAmount=100.00
ccIncrementalAuthService_run=true
merchantID=pa_ctv_sg101
merchantReferenceCode=33557799
subsequentAuth=Y
subsequentAuthTransactionID=016153570198200
ccIncrementalAuthService_authRequestID=6541079409780593413176
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Reauthorization Transaction

A reauthorization occurs when the completion or fulfillment of the original order or service extends beyond the authorized amount time limit. There are two common reauthorization scenarios:
  • Split or delayed shipments by a retailer
  • Extended car rentals, hotel stays, or cruise line bookings
This section describes how to process a reauthorization transaction using these payment methods:

Merchant-Initiated Reauthorization Transactions with PAN

A reauthorization occurs when the completion or fulfillment of the original order or service extends beyond the authorized amount time limit. There are two common reauthorization scenarios:
  • Split or delayed shipments by a retailer
  • Extended car rentals, hotel stays, or cruise line bookings

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Required Fields for Processing Merchant-Initiated Reauthorized Transactions

Use these required fields to process a merchant-initiated reauthorization transaction.
When relaxed requirements for address data and the expiration date are being used, not all fields in this list are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required. For details about relaxed requirements, see Relaxed Requirements for Address Data and Expiration Date in Payment Transactions.
Set to
true
.
Set to
3
.
Required only for Discover and Visa.
Set to
true
.
  • American Express: set to the transaction ID from the original transaction.
  • Discover: set to the transaction ID from the original transaction.
  • Visa: set to the last successful transaction ID.

Simple Order Example: Processing a Merchant-Initiated Reauthorized Transaction

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=install
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthReason=3
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Resubmission Transaction

A resubmission transaction is an authorization that you resubmit to recover an outstanding debt from the customer. A common scenario is when a card was initially declined due to insufficient funds, but the goods or services were already delivered to the customer.
You can request the resubmission transaction with a PAN or a TMS token.

Merchant-Initiated Resubmission Transaction with PAN

A resubmission transaction is an authorization that you resubmit to recover an outstanding debt from the customer. A common scenario is when a card was initially declined due to insufficient funds, but the goods or services were already delivered to the customer.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Processing a Merchant-Initiated Resubmitted Transaction

Use these required fields to process a merchant-initiated resubmitted transaction.
Set to
true
.
Set to
1
.
Required only for Discover, Mastercard, and Visa.
Set to
true
.
  • American Express: set to the transaction ID from the original transaction.
  • Discover: set to the transaction ID from the original transaction.
  • Visa: set to the last successful transaction ID.

Simple Order Example: Processing a Merchant-Initiated Resubmitted Transaction

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=install
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthReason=1
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

No-Show Transactions

A no-show authorization occurs when a merchant charges a customer after the customer makes a reservation, and does not show up to claim the reservation. In this situation, the customer is charged an agreed upon fee for not showing up as expected.
This section describes how to process a merchant-initiated no-show transaction using these payment types:

Merchant-Initiated No-Show Transactions with PAN

A no-show authorization occurs when a merchant charges a customer after the customer makes a reservation, and does not show up to claim the reservation. In this situation, the customer is charged an agreed upon fee for not showing up as expected.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Processing Merchant-Initiated No-Show Charges

Use these required fields to process a merchant-initiated no-show charges transaction.
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_cardReferenceData
 field that was in the response message when you obtained the customer's credentials.
Set to
true
.
Required only for token transactions with Discover or Diners Club. Set this field to the
ccAuthReply_paymentNetworkTransactionID
 field that was in the response message when you obtained the customer's credentials.
Set to
4
.
Required only for Discover, Mastercard, and Visa.
Set to
true
.
  • American Express: set to the transaction ID from the original transaction.
  • Discover: set to the transaction ID from the original transaction.
  • Visa: set to the last successful transaction ID.

Optional Field for Processing Merchant-Initiated No-Show Charges

You can use these optional fields to include additional information when authorizing a request for an MIT no-show charge:
subsequentAuthStoredCredential
If the payment information is COF information, Set to
true
.

Simple Order Example: Processing Merchant-Initiated No-Show Transactions

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=install
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthReason=4
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Installment Payments

An installment payment is a single purchase of goods or services billed to a customer in multiple transactions over a period of time agreed to by you and the customer. The agreement enables you to charge a specific amount at specified intervals.

Installments Service for Installment Payments

Do not use this document if you are using the Installments service. When using the Installments service,
Cybersource
 saves and stores payment credentials for installment transactions, ensuring compliance with COF best practices.

Customer-Initiated Installment Payments with PAN

An installment payment is a single purchase of goods or services billed to a customer in multiple transactions over a period of time agreed to by you and the customer, and sometimes, the issuing bank. The agreement enables you to charge a specific amount at specified intervals. For customers, installment payments provide greater purchasing power and lower impact on their monthly budget. For you, offering installment payments at checkout can help increase the number of successfully completed purchases.
Before you can accept installment payments, you and your acquirer must agree on the maximum number of installments you can accept, which can be different for each card type.
In Brazil, installment payments are also known as
parcelados
 and
parcelas
.
Do not use this document if you are using the Installments service. When using the Installments service,
Cybersource
 saves and stores payment credentials for installment transactions, ensuring compliance with COF best practices.

Installment Payment Types

Visa Platform Connect
 enables you to process installment payments but does not have a role in setting the terms for the installment plan.
Visa Platform Connect
 enables you to process these types of installments payments:
Issuer-Funded Installment Payments
The customer pays for goods or services using an installment plan agreed upon by the customer and their issuing bank. The issuer controls how the customer's account is debited. Your account is credited for the entire amount in a single transaction. The issuer assumes the risk and establishes credit rates and fees that are charged to the customer. The customer pays the funding cost, which is a fee for paying in installments. In Brazil, a
Crediario
 is a special type of issuer-funded installment payment plan that enables the customer to request information about the terms of the installment plan before approving the installment payments.
Merchant-Funded Installment Payments
The customer pays for goods or services using an installment plan agreed upon by you and the customer. The issuer controls how the customer's account is debited. Your account is credited periodically for partial amounts as the customer's account is debited. You assume the risk and establish the credit rate and fees that are charged to the customer.
Co-Branded Merchant Financed Installment Payments—Brazil Only
You and the issuer determine the terms for this kind of installment plan. The funding varies depending on the agreement between you, the issuer, and the customer. This funding method is available only for Mastercard installment payments in Brazil.
Issuer Merchant Co-Financed Installment Payments—Brazil Only
The issuer creates the installment plan. You and the issuer determine the service fees that the customer pays to you and the issuer. The acquirer is paid in full while the issuer is paid in installments by the customer. You or the customer pay the funding cost, which is a fee for paying in installments. This funding method is available only for Mastercard installment payments in Brazil.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Successful Response

You must store the
network transaction ID
 from the successful response message to include in subsequent MIT authorization requests in order to associate the CIT to the MIT. The network transaction ID is the
ccAuthReply_paymentNetworkTransactionID
 field value.
Store the
network transaction ID
, which is the
ccAuthReply_paymentNetworkTransactionID
 field value, from the successful response message. You must include the network transaction ID in subsequent MIT authorization requests in order to associate the CIT to the MIT.

Required Fields for Initial Customer-Initiated Installment Payments with a PAN

Include these required fields to authorize an initial customer-initiated installment payment using a PAN.

Card-Specific Fields for Authorizing Initial Installment Payments

Use this required field if you are authorizing an initial installment payment using the card type referenced below.
Mastercard
subsequentAuthReason
Set to
9
.

Simple Order Example: Authorizing Initial Customer-Initiated Installment Payments with a PAN

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=false
subsequentAuthFirst=true
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Merchant-Initiated Installment Payments with PAN

After the initial CIT installment payment, subsequent installment payments are merchant-initiated transactions (MITs).

Prerequisites

The first transaction in an installment payment is a
customer-initiated transaction
 (CIT). Before you can perform a subsequent
merchant-initiated transaction
 (MIT), you must store the customer's credentials for later use. Before you can store the user's credentials, you must get the customer's consent to store their private information. This process is also known as establishing a relationship with the customer.

Installment Payment Types

Visa Platform Connect
 enables you to process installment payments but does not have a role in setting the terms for the installment plan.
Visa Platform Connect
 enables you to process these types of installments payments:
Issuer-Funded Installment Payments
The customer pays for goods or services using an installment plan agreed upon by the customer and their issuing bank. The issuer controls how the customer's account is debited. Your account is credited for the entire amount in a single transaction. The issuer assumes the risk and establishes credit rates and fees that are charged to the customer. The customer pays the funding cost, which is a fee for paying in installments. In Brazil, a
Crediario
 is a special type of issuer-funded installment payment plan that enables the customer to request information about the terms of the installment plan before approving the installment payments.
Merchant-Funded Installment Payments
The customer pays for goods or services using an installment plan agreed upon by you and the customer. The issuer controls how the customer's account is debited. Your account is credited periodically for partial amounts as the customer's account is debited. You assume the risk and establish the credit rate and fees that are charged to the customer.
Co-Branded Merchant Financed Installment Payments—Brazil Only
You and the issuer determine the terms for this kind of installment plan. The funding varies depending on the agreement between you, the issuer, and the customer. This funding method is available only for Mastercard installment payments in Brazil.
Issuer Merchant Co-Financed Installment Payments—Brazil Only
The issuer creates the installment plan. You and the issuer determine the service fees that the customer pays to you and the issuer. The acquirer is paid in full while the issuer is paid in installments by the customer. You or the customer pay the funding cost, which is a fee for paying in installments. This funding method is available only for Mastercard installment payments in Brazil.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Authorizing Merchant-Initiated Subsequent Installment Payments

Use these required fields to authorize merchant-initiated subsequent installment payments.

India-Specific Required Fields for Installment Payments

This section shows the required fields for Diners Club, Mastercard, and Visa in India.

Diners Club and Mastercard

Use these fields for authorizing an MIT installment payment when processing payments through
Visa Platform Connect
.
Required only for the first MIT installment payment.
Required only with Diners Club and Mastercard in India or with an India-issued card. Required only for the first MIT installment payment, not for subsequent MIT installment payments.

Visa

Use this field for authorizing a MIT installment payment when processing payments through
Visa Platform Connect
.

Simple Order Example: Authorizing Merchant-Initiated Subsequent Installment Payments

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_commerceIndicator=install
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthOriginalAmount=100.00   //This field is for Discover only.
subsequentAuthReason=9
subsequentAuthStoredCredential=true
subsequentAuthTransactionID=23976974322
Response to a Successful Response
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Recurring Payments

A recurring payment is a credentials-on-file (COF) transaction in a series of payments that you bill to a customer for a fixed amount at regular intervals that do not exceed one year between transactions. The series of recurring payments is the result of an agreement between you and the customer for the purchase of goods or services that are provided at regular intervals. Recurring payments are also known as
subscriptions
.
Mastercard uses standing order and subscription payments instead of recurring payments. See Mastercard Standing Order Payments and Mastercard Subscription Payments.

Recurring Billing Service for Recurring Payments

Do not use this document for the Recurring Billing service.
Use the
Recurring Billing Developer Guide
. When you use the Recurring Billing service,
Cybersource
 saves and stores payment credentials for recurring transactions, ensuring compliance with COF best practices.

Customer-Initiated Recurring Payment with PAN

A recurring payment is a credentials-on-file (COF) transaction in a series of payments that you bill to a customer at a fixed amount, at regular intervals that do not exceed one year between transactions. The series of recurring payments is the result of an agreement between you and the customer for the purchase of goods or services that are provided at regular intervals.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Visa
Mastercard uses standing order and subscription payments instead of recurring payments. See Mastercard Standing Order Payments and Mastercard Subscription Payments.

Recurring Billing Service for Recurring Payments

Do not use this document for the Recurring Billing service.
Use the
Recurring Billing Developer Guide
. When you use the Recurring Billing service,
Cybersource
 saves and stores payment credentials for recurring transactions, ensuring compliance with COF best practices.

Address Verification Service for Recurring Payments

If your processor supports the Address Verification Service (AVS), then the AVS should verify every authorization request.
Cybersource
 recommends checking the AVS's results for the first recurring payment to ensure that the payment information is accurate and to reduce the risk of fraud.
You must determine how to handle the AVS results for any subsequent recurring payments that are not the same as the already-verified billing address information from the first recurring payment.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Successful Response

You must store the
network transaction ID
 from the successful response message to include in subsequent MIT authorization requests in order to associate the CIT to the MIT. The network transaction ID is the
ccAuthReply_paymentNetworkTransactionID
 field value.
Store the
network transaction ID
, which is the
ccAuthReply_paymentNetworkTransactionID
 field value, from the successful response message. You must include the network transaction ID in subsequent MIT authorization requests in order to associate the CIT to the MIT.

Required Fields for Authorizing a Customer-Initiated Recurring Payment with PAN Using
Simple Order
 API

Simple Order Example: Authorizing a Customer-Initiated Recurring Payment with a PAN

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=false
subsequentAuthFirst=true
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Merchant-Initiated Recurring Payments with PAN

After the initial recurring payment (CIT), subsequent recurring payments are merchant-initiated transactions (MITs).

Prerequisites

The first transaction in a recurring payment is a customer-initiated transaction (CIT). Before you can perform a subsequent merchant-initiated transaction (MIT), you must store the customer's credentials for later use. Before you can store the customer's credentials, you must get their consent to store their private information. This is also known as establishing a relationship with the customer.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Visa
Mastercard uses standing order and subscription payments instead of recurring payments. See Mastercard Standing Order Payments and Mastercard Subscription Payments.

Address Verification Service for Recurring Payments

If your processor supports the Address Verification Service (AVS), then the AVS should verify every authorization request.
Cybersource
 recommends checking the AVS's results for the first recurring payment to ensure that the payment information is accurate and to reduce the risk of fraud.
You must determine how to handle the AVS results for any subsequent recurring payments that are not the same as the already-verified billing address information from the first recurring payment.

Replacing Expiration Dates

If the customer's card-on-file is going to expire before a scheduled subsequent recurring payment, your processor may allow you to replace the expiration date with the date 12/2099.
Do not replace a card's expiration date if the card is not expired.
Using this replacement expiration date does not guarantee a successful authorization request. It is your responsibility to know if your processor supports this feature. Not all issuing banks support the 12/2099 expiration date and may decline the authorization request.
To include this date in the authorization request, use these fields and values.
card_expirationMonth
Set to
12
.
card_expirationYear
Set to
99
.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Card-Specific Required Fields for Authorizing Subsequent Recurring Payments

Some card companies require additional information when making authorizations with stored credentials.

Discover

Include the authorization amount from the original transaction in this field:
subsequentAuthOriginalAmount

Mastercard

Mastercard supports subscription and standing order payments instead of recurring payments.

Country-Specific Required Fields for Authorizing Subsequent Recurring Payments

Include these country-specific required fields for a successful merchant-initiated authorization.

India

These fields are required only with Diners Club in India or with an India-issued card, and you are processing payments through
Visa Platform Connect
.
Required only with Diners Club in India or with an India-issued card.
Required only with Diners Club in India or with an India-issued card.
Required only with Diners Club in India or with an India-issued card.
Required only with Diners Club in India or with an India-issued card.
Required only with Diners Club in India or with an India-issued card.
Required only with Diners Club in India or with an India-issued card.

Saudi Arabia

These fields are required only if your business is located in Saudi Arabia and you are processing payments through
Visa Platform Connect
.
recurringAmountType

Simple Order Example: Authorizing a Merchant-Initiated Recurring Payment

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_commerceIndicator=recurring
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthOriginalAmount=100.00   //This field is for Discover only.
subsequentAuthReason=7
subsequentAuthStoredCredential=true
subsequentAuthTransactionID=23976974322
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Mastercard Standing Order Payments

A standing order payment is a recurring COF transaction that is a variable amount at a regular interval, such as a utility bill, not to exceed one year between transactions. The series of recurring payments is the result of an agreement between you and the customer for the purchase of goods or services that are provided at regular intervals.

Mastercard Initial CIT Standing Order Payment

The first transaction in a standing order payment is a customer-initiated transaction (CIT). Before you can perform a subsequent merchant-initiated transaction (MIT), you must store the customer's credentials for later use. Before you can store the user's credentials, you must get the customer's consent to store their private information. This process is also known as establishing a relationship with the customer.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Successful Response

You must store the
network transaction ID
 from the successful response message to include in subsequent MIT authorization requests in order to associate the CIT to the MIT. The network transaction ID is the
ccAuthReply_paymentNetworkTransactionID
 field value.
Store the
network transaction ID
, which is the
ccAuthReply_paymentNetworkTransactionID
 field value, from the successful response message. You must include the network transaction ID in subsequent MIT authorization requests in order to associate the CIT to the MIT.

Simple Order Example: Authorizing Initial CIT Standing Order Payments

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuthFirst=True
subsequentAuthReason=8
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Mastercard Subscription Payments

A subscription payment is a recurring COF transaction that is processed at a fixed amount at regular intervals not to exceed one year between transactions. The series of recurring payments is the result of an agreement between you and the customer for the purchase of goods or services that are provided at regular intervals.

Mastercard CIT Initial Subscription Payment

The first transaction in a subscription payment is a customer-initiated transaction (CIT). Before you can perform a subsequent merchant-initiated transaction (MIT), you must store the customer's credentials for later use. Before you can store the user's credentials, you must get the customer's consent to store their private information. This process is also known as establishing a relationship with the customer.

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Successful Response

You must store the
network transaction ID
 from the successful response message to include in subsequent MIT authorization requests in order to associate the CIT to the MIT. The network transaction ID is the
ccAuthReply_paymentNetworkTransactionID
 field value.
Store the
network transaction ID
, which is the
ccAuthReply_paymentNetworkTransactionID
 field value, from the successful response message. You must include the network transaction ID in subsequent MIT authorization requests in order to associate the CIT to the MIT.

Simple Order Example: Authorizing Initial CIT Subscription Payments

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuthFirst=true
subsequentAuthReason=7
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Unscheduled COF Payments

An unscheduled credentials-on-file (COF) transaction uses stored payment information for a fixed or variable amount that does not occur regularly. An account top-up is one kind of unscheduled COF.

Customer-Initiated Unscheduled COF Payment with PAN

An unscheduled credentials-on-file (COF) transaction uses stored payment information for a fixed or variable amount that does not occur regularly. An account top-up is one kind of unscheduled COF.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Successful Response

You must store the
network transaction ID
 from the successful response message to include in subsequent MIT authorization requests in order to associate the CIT to the MIT. The network transaction ID is the
ccAuthReply_paymentNetworkTransactionID
 field value.
Store the
network transaction ID
, which is the
ccAuthReply_paymentNetworkTransactionID
 field value, from the successful response message. You must include the network transaction ID in subsequent MIT authorization requests in order to associate the CIT to the MIT.

Required Fields for Authorizing Initial CIT Unscheduled COF Payments

Simple Order Example: Authorizing Initial CIT Unscheduled COF Payments

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_run=true
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=false
subsequentAuthFirst=True
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Merchant-Initiated Unscheduled COF Payments with PAN

After the initial CIT unscheduled COF payment, subsequent unscheduled COF transactions are merchant-initiated transactions (MITs).

Prerequisites

The first transaction in an unscheduled COF payment is a customer-initiated transaction (CIT). Before you can perform a subsequent merchant-initiated transaction (MIT), you must store the customer's credentials for later use. Before you can store the user's credentials, you must get the customer's consent to store their private information. This process is also known as establishing a relationship with the customer.

Supported Card Types

These are the supported card types for processing credentialed transactions:
  • American Express
  • Mastercard
  • Visa

Endpoint

Set the
ccAuthService_run
 field to
true
.
Send the request to
https://ics2ws.ic3.com/commerce/1.x/transactionProcessor
.

Required Fields for Authorizing Subsequent MIT Unscheduled COF Payments

Simple Order Example: Authorizing Subsequent MIT Unscheduled COF Payments

Request
billTo_city=Foster City
billTo_country=US

billTo_email=null@cybersource.com

billTo_firstname=John
billTo_lastname=Smith
billTo_state=CA
billTo_postalCode=94404
billTo_street1=201 S. Division St.
card_expirationMonth=12
card_expirationYear=2031
card_accountNumber=4111111111111111
ccAuthService_commerceIndicator=internet
merchantId=pa_ctv_sg101
merchantReferenceCode=33557799
purchaseTotals_currency=USD
purchaseTotals_grandTotalAmount=100.00
subsequentAuth=true
subsequentAuthOriginalAmount=100.00   //This field is for Discover only.
subsequentAuthStoredCredential=true
subsequentAuthTransactionID=23976974322
Response to a Successful Request
additional_processor_response=e1cdcafc-cdbb-4ef7-8788-a1234e844805
request_id=6461515866500167772420
decision=ACCEPT
reasonCode=100
merchantReferenceCode=Merchant_REF
purchaseTotals_currency=mxn
cardCategory=FccAuthService_reconciliationID=ZUDCXJO8KZRFXQJJ
ccAuthReply_amount=100.00
ccAuthReply_avsCode=5
ccAuthReply_authorizationCode=570110
ccAuthReply_processorResponse=1
ccAuthReply_authorizedDateTime=2022-03-01T161947Z
ccAuthReply_paymentNetworkTransactionID=111222

Reference Information

This section contains this helpful reference information when processing credentialed transactions.

Payer Authentication Values

This section describes the possible payer authentication values you can include in the
processingInformation. commerceIndicator
ccAuthService_commerceIndicator
 request field.
The level of security in payer authentication is denoted by the two digit Electronic Commerce Indicator (ECI) that is assigned to the transaction. These digital values have text equivalents which are assigned to the
e_commerce_indicator
 field.
The American Express, Diners, Discover, UPI, and Visa card brands use 05, 06, and 07 digit values to express the authentication level for a 3-D Secure transaction.
Text Values for ECI Values
ECI Value
Meaning
Visa
Diners
Discover
UPI
Amex
05
Authenticated
vbv
pb
dipb
up3ds
aesk
06
Attempted authentication with a cryptogram
vbv_attempted
pb_attempted
dipb_attempted
up3ds_attempted
aesk_attempted
07
Internet, not authenticated
vbv_failure/internet
internet
internet
up3ds_failure/internet
internet
Mastercard and Maestro cards use 00, 01, 02, 06, and 07 digit values to indicate the authentication level of the transaction.
Mastercard/Maestro Text Values for ECI Values
ECI Value
Meaning
Mastercard/Maestro
00
Internet, not authenticated
spa/internet
01
Attempted authentication
spa
02
Authenticated
spa
06
Exemption from authentication or network token without 3‑D Secure
spa
07
Authenticated merchant-initiated transaction
spa

Relaxed Requirements for Address Data and Expiration Date in Payment Transactions

With relaxed requirements for address data and the expiration date, not all standard payment request fields are required. It is your responsibility to determine whether your account is enabled to use this feature and which fields are required.

Requirements

You must contact customer support in order to enable relaxed requirements for address data and expiration date.

Services

Relaxed requirements for address data and expiration date are supported for these services:
  • Authorization
  • Capture
  • Stand-alone credit
  • Subscription create
  • Subscription update

Relaxed Fields

When relaxed requirements for address data and expiration date are enabled for your
Cybersource
 account, and your service request does not include one or more of the fields in the following list, you increase the risk of declined transactions and fraud depending on your location, your processor, and the cardholder's issuing bank.
It is your responsibility to determine whether a field is required for the transaction you are requesting. For example, an issuing bank can decline an authorization request for a recurring transaction with a Visa Europe card if the expiration date is incorrect, invalid, or missing. If you do not provide the correct expiration date for a recurring transaction the authorization request may be declined.
When you include this field in your request, you must also include
card_expirationYear
.
You can submit an expiration date that has expired. This exception does not apply when you combine any of the services listed above with any other service.
This field is required for payment network token transactions and subscription creation requests.
When you include this field in your request, you must also include
card_expirationMonth
.
You can submit an expiration date that has expired. This exception does not apply when you combine any of the services listed above with any other service.
This field is required for payment network token transactions and subscription creation requests.