A merchant key uniquely identifies your merchant to PaySimple in PMT so we move money to the correct deposit account. This key does not give access to any of PaySimple's systems, and thus it does not need to be kept secret (you may put it in client-side code).
Duplicate checking is performed by the processor. It provides a means to identify duplicate transactions by the following parameters:
- Same Card Number
- Same Transaction Amount
- Specific Transaction Category (Sale, Return, etc.)
- Within a certain number of Transactions (25) in the same batch (WorldPay) OR within a certain time frame (Forte)
- Same external id (Forte)
Card verification is a good option when you are collecting the card at a time prior to charging it.
Setting verification to
enabled will run an authorization that will never be charged against the card. This is the only way to verify the card is valid.
avs_only will verify the card postal code matches. Either option can incur a small authorization fee.
Yes, if your ACH processor is Forte.
Cards are immutable once created. Call the vault endpoint a second time to create a new token if you need to change expiration date or zip code. Then you can call the delete endpoint to remove the original card from the vault.
If you receive a communication error, and you set an
external_id, you should call lookup by external id with the unique
external_id you submitted with the request to see if the payment failed or not. If it returns a 404 or a 200 with status failed, resubmit the payment.
The Payments API does not send receipts to your customers. You must make sure you meet Visa receipt requirements.
Updated over 2 years ago