Card Data in Text Form
If you meet the PCI requirements and directly collect, and store your customers' card data, you have the option to securely transmit this data to PayU in plain text form.
This integration type is exclusively available to those who meet the PCI DSS requirements pertaining to the storage and processing of card data. To enable this integration, additional configuration is necessary. As a result, before proceeding with the integration process, we strongly advise you to get in touch with your designated sales representative at PayU.
Extending Standard Order
To facilitate payment with pure card data, the standard order must be enhanced with payMethods object. Additionally if payment involves stored card data, you should include either cardOnFile or recurring field.
Creating Payment with Card Data in Text Form
The card data must be sent in the form of card object contained in the payMethods section.
"payMethods": {
"payMethod": {
"card": {
"number":"5100052384536818",
"expirationMonth":"11",
"expirationYear":"2020",
"cvv":"123"
}
}
},
For details on parameters, please refer to Create an Order section in the PayU API Reference.
cardOnFile Parameter
You should utilize the cardOnFile parameter when the payment is non-recurring, but involves either a stored card or the card is being stored for future use.
- FIRST - payment initiated by a cardholder who has agreed to save it, for future use. You can expect full authentication (3D Secure and/or CVV).
- STANDARD_CARDHOLDER - payment with already saved card, initialized by the card owner. Depending of payment parameters (e.g. high transaction amount) you can expect strong authentication (3D Secure and/or CVV).
- STANDARD_MERCHANT (MIT - Merchant-Initiated Transaction) - payment with already saved card, initialized by the shop without the card owner participation. By the definition, this payment type does not require strong authentication. You cannot use it if FIRST card-on-file payment failed.
cardOnFile parameter cannot be used with recurring parameter.
Only in case of one-time card payment this cardOnFile parameter can be skipped.
For a transaction with plain card data and cardOnFile parameter set to FIRST. You should extend payMethods.payMethod section with card object containing card data in text form.
For subsequent transactions marked as STANDARD, STANDARD_CARDHOLDER, and STANDARD_MERCHANT, you should retrieve the transaction data to obtain the firstTransactionId. Once you have obtained this firstTransactionId, you should pass it in the payMethods.payMethod.card section of the transaction request.
"payMethods": {
"payMethod": {
"card": {
"number":"5100052384536818",
"expirationMonth":"11",
"expirationYear":"2020",
"cvv":"123",
"firstTransactionId": "MCC0111LL1121"
}
}
},
For details on parameters, please refer to Create an Order section in the PayU API Reference.
Setting cardOnFile parameter in the correct way can increase conversion for payment cards and can guarantee transaction security.
recurring Parameter
The recurring field marks the order as recurring payment with stored card data (an order must be flagged as either cardOnFile or recurring, sending both fields will return error).
The recurring parameter can take one of two values:
- FIRST - first transaction with full authentication (the user is present and has agreed to recurring payment terms),
- STANDARD - subsequent recurring payment (user is not present).
For details on parameters, please refer to Create an Order section in the PayU API Reference. And if you are looking for more information about recurring payments, see Recurring Payments.
Setting recurring parameter in the correct way can increase conversion for payment cards and can guarantee transaction security.
External 3D Secure
In case you do not provide 3D Secure authentication result (see External 3D Secure), you should be prepared for handling responses with: WARNING_CONTINUE_3DS or WARNING_CONTINUE_CVV.