Overview

The CardPointe Gateway API allows you to securely accept a wide-range of credit, debit, and alternative payments.  

To get started with the CardPointe Gateway API, review the Integration Process Overview for helpful information for testing and integrating the API.

What's New?

Visit Statuspage and click subscribe to updates to receive important release and status notifications.

Date Updated: 2/10/2024

An update to the CardPointe Gateway was released to the UAT environment on 2/2/2024 and to the Production environment on 2/10/2024.

This update includes backend enhancements. 

Date Updated: 11/9/2023

An update to the CardPointe Gateway was released to the UAT environment on 10/23/2023 and has been deployment to the production environment on 11/9/2023.

This release includes the following updates in addition to internal fixes and enhancements:

Original MID Requirement for Refund Requests

Refund requests must include the Merchant ID (MID) used in the original authorization request. If the refund includes a different MID, or a null value, then the request returns an error as seen in the example below. See the Refund Requirement Update for more information. 

{ 
    "respproc": "PPS", 
    "resptext": "Txn not found", 
    "retref": "198096236590", 
    "respcode": "29", 
    "respstat": "C" 
}

Surcharge Endpoint

The surcharge endpoint has been added to determine whether or not a surcharge fee will be applied to a transaction, based on the cardholder's postal code and payment method. This allows your application to notify the cardholder of the potential credit card surcharge prior to completing a transaction.

This request does not effect whether or not a surcharge is applied to a transaction; the CardPointe Gateway automatically applies a surcharge depending on the merchant configuration and the eligibility of the payment account. This request is used only for informational purposes.

For more information on credit card surcharging, see the Merchant Surcharge Program overview

{
    "token": "CREDIT",
    "postal": "NOT_RESTRICTED",
    "messages": []
}

Authorization Code in Refund Endpoint

The authcode field is now included in the API response for the /refund endpoint for both online and offline refunds. For online refunds the authcode returned by the processor will be included in the response. For auto-approved (offline) refunds, the "authcode":"REFUND" is returned in the response. The following example displays an online refund authorization response:

{
    "authcode": "PPS655",
    "respproc": "AMEX",
    "amount": "3.00",
    "resptext": "Approval",
    "retref": "270110240566",
    "respstat": "A",
    "respcode": "000",
    "merchid": "831831831901"
}

See the Refund Authorization overview for more information on online refunds.

Profile Field Validation

When making an authorization request with a stored profile, the profile field will no longer accept a token; instead, you must include the profile ID and account ID pair to authorize a transaction. 

RESTful Implementation

The CardPointe Gateway API uses RESTful web services to implement create, read, update, and delete (CRUD) functions. 

  • GET operations are used for inquiry requests (for example, the Inquire and Settlement Status services).
  • PUT and POST operations are used to make create or update requests (for example the Authorization and Void services).
  • DELETE operations are supported for the Profile service, to delete a stored profile.
  • The REST Service expects all properties encoded as US ASCII Strings.

This web service uses the JSON (JavaScript Object Notation) method of encoding data for transmission via the HTTP network protocol. Most programming languages have libraries to convert an arbitrary object to and from a JSON data transfer encoding. 

All request parameters are case-sensitive, as documented in the API.

The CardPointe Gateway API returns all response data in JSON. Updates to the API are backwards compatible, and we reserve the right to add new properties (key/value pairs) within the JSON response.

It is a best practice to develop client applications that dynamically accept and parse all JSON response properties, rather than coding for the static position of specific properties within the response data.

Developer Resources

The following resources are available to simplify your integration.

Developer Guides

Our Developer Guides provide additional information for integrating the CardPointe Gateway and related products and services.

You can browse the whole library at the Developer Guides home page, or jump right to the CardPointe Gateway Developer Guides to make the most of your CardPointe Gateway API integration.

Sample Postman Collection

To help you get started with your integration, we created a sample Postman Collection that includes a template of the CardPointe Gateway API service endpoints.

The CardPointe Gateway API Integration collection also includes a sample Environment to help you get familiar with the API. 

Click the Run in Postman button to download the CardPointe Gateway API Integration collection:

Run in Postman

See Running the API in Postman in the CardPointe Gateway Developer Guides for more information on using the Postman collection.

Connecting to the Server

Your application communicates with the CardPointe Gateway RESTful web service using the following URL:

https://<site>.cardconnect.com/cardconnect/rest/<endpoint>

A username and password are required in the HTTP Authorization Header property in each API request using the API credentials provided for your merchant account. 

Basic Authorization is expected, using a Base64-encoded username and password string as the value. If this value is incorrect or not provided in the request header, an HTTP Exception "401:Unauthorized" is returned to the caller. 

See the API Connectivity Guide for more information on connecting to the CardPointe Gateway and other CardPointe services.

Testing Your API Credentials

To test and validate your API credentials, you can make a PUT request, including the merchant ID in the body of the request, to the base URL. The Gateway verifies that the MID matches the credentials provided in the header.

For example:

PUT /cardconnect/rest/ Host: <site>Authorization: Basic <base64 encoded mid-level credentials>Content-Type: application/json{"merchid": "496082673888"}

If the credentials are valid, the response returns the message "CardConnect REST Servlet." 

Inquire Merchant

A GET request to the inquireMerchant endpoint returns information on the merchant account configuration. This can be helpful for partners who need to validate their CardPointe merchant IDs or for businesses with merchants operating in multiple locations, to ensure that the merchant ID is boarded to the correct site.

inquireMerchant Service URL

MethodGET
URLhttps://<site>.cardconnect.com/cardconnect/rest/inquireMerchant/<merchid>
HeadersContent-Type: application/json
Authorization: Basic

inquireMerchant Request

Fields in bold are required.

FieldMax LengthTypeDescription
merchid16NThe MID to validate against the site specified in the request URL.

inquireMerchant Response

The inquireMerchant response includes the status of the merchant account. 

If the MID is valid, the response includes the following details:

Field Max Length Type Description
acctupdater1ANSpecifies whether or not the MID is enrolled in the Card Account Updater service.
Possible values are:
  • Y
  • N
avs1ANSpecifies whether or not AVS validation is enabled for the MID. 
Possible values are:
  • Y
  • N
If Y, the MID can perform $0 authorizations to validate the postal and address values in the auth request.
cardproc4ANThe card processor that the MID is configured to use.
cvv1AN

Specifies whether or not CVV validation is enabled for the MID.
Possible values are:

  • Y
  • N

If Y, the MID can perform $0 authorizations to validate the cvv2 value in the auth request.

echeck1AN

Specifies whether or not the MID is configured to process eCheck/ACH transactions.
Possible values are:

  • Y
  • N

If Y, the MID can perform ACH transactions.

enabled5ANSpecifies whether the MID is currently enabled for use. 
Possible values are:
  • true 
  • false
fee_format

7

AN

Specifies the surcharge fee format.

Possible values are:

  • flat
  • percent
fee_merchid16N

Specifies the linked MID used for processing transactions with surcharge enabled.

if not applicable, this field is returned as an empty string.

fee_type1AN

Specifies whether the merchant has convenience or surcharge fees enabled.

Possible values are:

  • C - convenience fee
  • F - service fee
  • S - surcharge fee
  • N - none
fee_value-NSpecifies the fee value configured for the MID, where the value is either a percentage or flat amount, used to calculate the fee for each transaction.
merchid16NThe MID specified in the request.
site12ANThe site that the MID is configured to use.

If the MID is valid, but is not configured on the site specified in the request, the response returns the following message:

{"message":"contact support - merchant not on site"}


If the MID is not valid, the response returns the following message:

{"message": "Invalid merchant"}

Surcharge

The surcharge endpoint is used to determine whether or not a surcharge fee will be applied to a transaction, based on the cardholder's postal code and payment method. This allows your application to notify the cardholder of the potential credit card surcharge prior to completing a transaction.

This request does not affect whether or not a surcharge is applied to a transaction; the CardPointe Gateway automatically applies a surcharge depending on the merchant configuration and the eligibility of the payment account. This request is used only for informational purposes.

For more information on credit card surcharging, see the Merchant Surcharge Program overview.

This endpoint only accepts a tokenized credit or debit account in the request.

Surcharge Service URL

MethodGET
URLhttps://<site>.cardconnect.com/cardconnect/rest/surcharge?merchid=<MID>&token=<token>&postal=<cardholder postal>
HeadersContent-Type: application/json
Authorization: Basic

Surcharge Request

FieldMax LengthTypeDescription

merchid

16NThe merchant ID (MID) used to process the transaction.
postal9AN

The cardholder's postal code used to verify that the cardholder's state supports surcharging.

Optional if token is specified.

token19N

The tokenized account number used to verify that the card type is eligible for surcharging.

Optional if postal is specified.

Surcharge Response

Field

Content

Max LengthTypeDescription
messagesAn array of one or more detailed response messages28A

Empty ([]) for a successful request.

Otherwise, an array with one or more of the following objects:

  • "field":"merchid", "message":"Invalid merchid"
  • "field":"postal", "message":"postal is missing or empty"
  • "field":"token", "message":"Bin info not found for token"
  • "field":"token", "message":"Invalid Token"
  • "field":"token", "message":"token is missing or empty"
postalPostal restriction indicator14A

Whether or not the cardholder's location allows surcharging.

One of the following:

  • RESTRICTED - The cardholder's state does not allow surcharging.
  • NOT_RESTRICTED - The cardholder's state does allow surcharging.
  • UNKNOWN - The postal code was omitted, or unknown.
tokenCard type restriction indicator7A

The card type identified by the token.

One of the following:

  • <strong>CREDIT</strong> - The token is a credit card, and is eligible for surcharge.
  • <strong>DEBIT</strong> - The token is a debit card, and is ineligible for surcharge.
  • <strong>UNKNOWN</strong> - The token was omitted or could not be identified.


Authorization

Authorization is the initial step in accepting payment from a cardholder. This action "authorizes" or requests permission from the bank to transfer money from the cardholder to the merchant.

The authorization service supports a PUT or POST request that includes a JSON encoded list of fields defined for the service. The service responds with either an HTTP Exception, if there are errors, or a JSON-encoded response, if the request was successful.

Within the response, the status of the transaction is described in the respstat value:

  • A - Approved
  • B - Retry
  • C - Declined

Authorization and Capture

Capture may take place during the authorization (see capture field in the request) or after the initial authorization is submitted.

If the capture request is delayed, note that authorizations usually expire after seven (7) days. Pending authorizations display as holds or pending transactions on a cardholder's account until they expire or are captured.

If the request is successful, the transaction and associated line items are automatically captured for settlement.

All fields defined for the Capture Service endpoint, including Level 2 and Level 3 transaction details, may be sent in the authorization request; however, they are only processed if "capture" : "y" in the request. 

Additional Optional Fields

User Fields

You can include additional data in the authorization request for future retrieval by using optional userfields. The value of the userfields object is a series of name-value pairs that are meaningful to the merchant. 

You can use an array or an object.

The name and value fields can include any string value, and you can include as many fields as necessary; however, the total length of user defined fields, URL/JSON encoded, is limited to 4000 bytes, where 1 character is equal to 1 byte. 

If you use the CardPointe web application for transaction reporting, you must ensure that you pass your custom fields in an array, in the order that they are configured in the CardPointe application to ensure that the fields are populated correctly in the Transactions table. If there is no value for a field, you must include the field with an empty value (for example, "udf1":"") to preserve the expected order of the fields. If you pass the fields in an object, the order will not be preserved.

FieldSizeTypeComments
nameAnyANThe name of the field
valueAnyANThe value of the field

Example User Fields

//object
 "userfields":
    {
        "udf0": "value0",
        "udf1": "value1",
        "udf2": "value2"
    }

//array
"userfields":
    [
        {"udf0": "value0"},
        {"udf1": "value1"},
        {"udf2": "value2"}, 
        {"custommerchant": "ABC Company"},
        {"customphone": "888-555-4357"}
    ]

Custom Descriptor Fields

You can provide custom identifying information about a merchant (for example, business name or phone number) or a custom product name in an authorization request, which appears on buyers’ credit/debit card statements. 

See your sales person for feature availability and merchant configuration. Once configured add UserField entries for each piece of custom data to be replaced.

FieldSizeTypeComments
custommerchant12ANMerchant name field
customproduct12ANProduct name field
customphone10NFormat must be ##########

The CardPointe Gateway can supports electronic check transactions (ACH) for merchants boarded to a supported ACH services platform (for example ProfitStars).

See Processing ACH Payments in the CardPointe Gateway Developer Guides, for detailed information and requirements for processing ACH transactions on the ProfitStars platform.

Authorization Service URL

MethodPUT or POST
URLhttps://<site>.cardconnect.com/cardconnect/rest/auth
HeadersContent-Type: application/json
Authorization: Basic

Authorization Request

Notes:

  • Fields in bold are required.

  • Underlined fields can be saved to a profile, if "profile" : "y" in the request. See Profiles for more information.

    Note: If the authorization request fails or is declined, the profile is not created.

  • Most fields in the authorization request correspond to columns on the CardPointe application's Transactions table. See the CardPointe Web App User's Guide for more information.

FieldMax LengthTypeComments
merchid16NCardPointe merchant ID, required for all requests.
amount14NAmount with decimal or without decimal in currency minor units (for example, USD Pennies or EUR Cents). 

The value can be a positive or negative amount or 0, and is used to identify the type of authorization, as follows:
  • Positive - Authorization request.
  • Zero - Account Verification request. Account Verification is not supported for eCheck (ACH) authorizations.
  • Negative - Refund without reference (Forced Credit). Merchants must be configured to process forced credit transactions. To refund an existing authorization, use Refund.
expiry8NCard expiration in one of the following formats
  • MMYY
  • YYYYM (for single-digit months)
  • YYYYMM
  • YYYYMMDD
 Not required for eCheck (ACH) or digital wallet (for example, Apple Pay or Google Pay) payments.
account19NCan be:
  • CardSecure Token - A token representing a payment account number. See the CardSecure Developer Guide for more information.
  • Clear text card number
    Note: Only PCI Level 1 and Level 2 compliant merchants should handle clear text card numbers in authorization requests. It is strongly recommended that you tokenize the clear text card data before passing it in an authorization
    request.


  • Bank Account Number - Account(s) must be entitled with electronic check capability. When using this field, the bankaba field is also required.

    See Processing ACH Payments in the CardPointe Gateway Developer Guides for more information on ACH transactions.
Note: To use a stored profile, omit the account property and supply the profile ID in the profile field instead. See Profiles for more information.
postal9ANThe account holder's postal code.

If country is "US", must be 5 or 9 digits. Otherwise any alphanumeric string is accepted. Defaults to "55555" if not included in the request or stored profile.

Note: It is strongly recommended that your application prompts for postal code for card-not-present transactions to prevent fraud and downgrades, and to avoid declines on the CardPointe Gateway if the AVS verification option is enabled for your merchant account.
cvv24NThe 3 or 4-digit cardholder verification value (CVV2/CVC/CID) value present on the card.

Note:
It is strongly recommended that your application prompts for CVV for card-not-present transactions for fraud prevention and to avoid declines on the CardPointe Gateway if the CVV verification option is enabled for your merchant account.
ecomind1A

A transaction origin indicator, for card-not-present and eCheck (ACH) transactions only.

For ProfitStars ACH transactions, see Making an ACH Authorization Request for more information.

For card-not-present transactions, one of the following values:

  • T - telephone or mail payment
  • R - recurring billing
  • E - e-commerce web or mobile application

Note: You should include the appropriate ecomind value for all card-not-present transactions, to ensure that the transaction processes at the appropriate interchange level. Do not include ecomind for card-present transactions, in which the payment card data is obtained using a POS device.

cof1AN

Required for initial and subsequent transactions using stored cardholder payment information. The cof parameter specifies whether the transaction is initiated by the customer or merchant.

Specify one of the following values:

  • C - Customer-Initiated Transaction (CIT)
  • M - Merchant-Initiated Transaction (MIT)

See the Visa and Mastercard Stored Credential Transaction Framework support article for detailed information and requirements for using the cof and cofscheduled fields.

cofpermission1AN

Optionally, when "profile":"y" to create a stored profile, include "cofpermission":"y" to indicate that you obtained the cardholder's permission to store their payment data. This field is only used for reporting purposes, via the get profile response.

Specify one of the following values:

  • Y - The cardholder provided their consent to store and reuse their payment details.
  • N - The cardholder did not provide their consent.

Defaults to N if not provided.

cofscheduled1AN

Required for transactions using stored cardholder payment information. For a merchant-initiated transaction (MIT), the cofscheduled parameter specifies whether the transaction is a one-time payment or a scheduled recurring payment.

Specify one of the following values:

  • Y - The transaction is a scheduled (automated) payment.
  • N - The transaction is a one-time payment.
See the Visa and Mastercard Stored Credential Transaction Framework support article for detailed information and requirements for using the cof and cofscheduled fields.
currency3ANCurrency of the authorization (for example, USD for US dollars or CAD for Canadian Dollars).

Note: If specified in the auth request, the currency value must match the currency that the MID is configured for. Specifying the incorrect currency will result in a "Wrong currency for merch" response.
bankaba9NBank routing (ABA) number. Required for eCheck (ACH) authorizations when a bank account number is provided in the account field. bankaba is not required if a CardSecure token (generated from the account/bankaba pair) is provided in the account field.
track76ANPayment card track data captured using a supported card reader device (for example, a desktop card reader device). Can be unencrypted Track 1 or Track 2 data, or encrypted swipe data (containing Track 1 and/or Track 2) data. 
receipt4AOptional, to return receipt data fields in the authorization response to print on a receipt.

Specify one of the following values:
  • Specify Y to return the receipt data.
  • Specify json to return the receiptObj data.
Defaults to if not provided.
bin1AOptional, to return BIN lookup fields in the authorization response.

Specify Y to retrieve the BIN data for the card. 

Defaults to N if not provided.
profile24AN

Optional, to create a stored customer profile or to use an existing profile.

To create a profile using the account holder data provided in the request, specify Y.

Note: If the authorization request fails or is declined, the profile is not created.

To use an existing profile for this authorization, omit the account parameter and instead use the profile parameter to supply the 20-digit profile id and 1-3-digit account id string in the format <profileid>/<acctid>. See Profiles for more information.

Note: You can submit a $0 authorization, including CVV and AVS verification, to validate the customer's information before creating a profile.

auoptout1AOptional, when creating a profile, to specify whether or not the profile is set to opt out of the Card Account Updater service. Requires the merchant account to be enrolled in the Card Account Updater add-on.

Specify one of the following values:

  • Y - Yes; updates are not retrieved for this profile.
  • N - No; updates are retrieved for this profile.

Defaults to N if not provided.

capture1A

Optional, specify Y to capture the transaction for settlement if approved.

Defaults to N if not provided.

Note: When "capture":"y", you can optionally include Level 2 and Level 3 transaction details in the authorization request. 

tokenize1AOptional, specify N or omit to return an account token in the account field in the response. If tokenize is Y the masked card or ACH account number is returned in the response.
signature6144ANJSON escaped, Base64 encoded, Gzipped, BMP of signature data. If the authorization is using a token with associated signature data, then the signature from the token is used.
name30ANAccount holder's name, optional for credit cards and electronic checks (ACH).
company128ANAccount holder's company name.
address30ANAccount holder's street address, required for AVS verification.
address230ANSecond address line (for example, apartment or suite number) if applicable.
city30ANAccount holder's city.
region20ANAccount holder's region, US State, Mexican State, Canadian Province
country2ANAccount holder's country (2-character country code), defaults to "US". 

Required for all non-US addresses
phone15ANAccount holder's phone number.
email128ANAccount holder's email address.
orderid

50

ANSource system order number.

Note:If you include an order ID it must meet the following requirements:

  • The order ID must be a unique value. Using duplicate order IDs can lead to the wrong transaction being voided in the event of a timeout.
  • The order ID must not include any portion of a payment account number (PAN), and no portion of the order ID should be mistaken for a PAN. If the order ID passes the Luhn check performed by the CardPointe Gateway, the value will be masked in the database, and attempts to use the order ID in an inquire, void, or refund request will fail.
authcode6ANAuthorization code from original authorization (VoiceAuth). For Voice/Capture-Only, include valid authcode.
taxexempt1AIf taxexempt is set to N for the transaction and a tax is not passed, the default configuration data is used. If taxexempt is set to Y, the taxamnt is $0.00. 
taxamnt12NTax amount for the order, either decimal or in currency minor units (for example, USD Pennies or MXN Centavos).

If taxexempt is Y, taxamnt must be zero or omitted. If taxexempt is N, taxamnt must be a positive, non-zero value.
termid8ANThe Terminal Device ID, required when the Send Terminal ID for Reporting feature is enabled for First Data ClientLine Reporting.

termid must be exactly 8 characters long, and the last 5 characters (used to display on the report)  must be numbers.

Note: This field is not used for CardPointe transaction reporting.

accttype6AThe account type, not required unless one of the following:
  • ECHK - Electronic checking account, for ACH transactions.
  • ESAV - Electronic savings account, for ACH transactions.
  • PDEBIT - For PINless Debit transactions. Must be enabled for the merchant account.

Authorization Response

A successful authorization response returns the following fields for an approved or declined authorization:

FieldContentMax LengthComments
respstatStatus1Indicates the status of the authorization request. Can be one of the following values:
  • A - Approved
  • B - Retry
  • C - Declined
retrefRetrieval reference number12The unique retrieval reference number, used to identify and manage the transaction.
accountAccount number19Either the masked payment card or eCheck (ACH) account if "tokenize" : "y" in the request OR the token generated for the account if "tokenize" : "n" or was omitted in the request.
expiryExpiration Date4The payment card expiration date, in MMYY format, if expiry was included in the request.
tokenToken19The tokenized account number, which can be used in profile, capture, and settlement requests.
amountAmount12Authorized amount. Same as the request amount for most approvals.

The amount remaining on the card for prepaid/gift cards if partial authorization is enabled.

Not relevant for declines.
orderIdOrder ID

50

The orderid, copied from the authorization request.

The orderId is returned in the response when the request includes an orderid and "receipt":"y".

If no orderid was passed and "receipt":"json", "n", or omitted the orderId field is omitted from the response.

merchidMerchant ID12Copied from the authorization request.
respcodeResponse code-Alpha-numeric response code that represents the description of the response.
resptextResponse text-Text description of response.
respprocResponse processor4Abbreviation that represents the platform and the processor for the transaction
cofStored Credential Transaction Indicator1Returns the cof value, if included in the authorization request. 

One for the following values:
  • C - Customer-Initiated Transaction (CIT)
  • M - Merchant-Initiated Transaction (MIT)
avsrespAVS Response Code2Alpha-numeric AVS (zip code) verification response code.

Note:
avsresp is typically only returned for approved authorizations, however this field can be returned in the response for a declined authorization if this setting is enabled for the merchant account.
cvvrespCVV Response Code1Alpha-numeric CVV (card verification value) verification response code, if returned by the processor.

One of the following values:
  • M - Valid CVV Match.
  • N - Invalid CVV.
  • P - CVV Not Processed.
  • S - Merchant indicated that the CVV is not present on the card.
  • U - Card issuer is not certified and/or has not provided Visa encryption keys.
  • X or blank - No response. 
Note: cvvresp is typically only returned for approved authorizations, however this field can be returned in the response for a declined authorization if this setting is enabled for the merchant account.
binInfoBIN service response-An array that includes the fields returned in the BIN response.
bintypeType of BIN16Possible Values:
  • Corp
  • FSA+Prepaid
  • GSA+Purchase
  • Prepaid
  • Prepaid+Corp
  • Prepaid+Purchase
  • Purchase
entrymodePOS Entry Mode25Possible Values:
  • Keyed
  • Moto
  • ECommerce
  • Recurring
  • Swipe (Non EMV)
  • DigitalWallet
  • EMVContact
  • Contactless
  • Fallback to Track
  • Fallback to Keyed
fee_amount14Na fee amount (for example a credit card surcharge amount) applied to the transaction, in dollars and cents.
fee_authcode6NDuplicate of the authcode field included if the transaction included a fee (for example, a credit card surcharge).
fee_format7ANThe fee format configured for the merchant account (for example, "percent").
fee_merchid--The merchant ID used to process a fee. If not applicable or the same as the transaction merchant ID, returns an empty value ("").
fee_retref-

-

The unique retrieval reference number for a fee. If not applicable or the same as the transaction retref, returns an empty value ("").
fee_type13ANThe type of fee applied to the transaction. 
fee_value3NThe fee rate applied to the transaction with decimal implied (for example "300" for a 3% rate. 
declineCategoryVisa Decline Category Code1

A numeric decline category code, only returned for declined transactions using Visa accounts.

See Visa Decline Rules and Responses for detailed information on handling Visa declines.

One of the following values:

  • 1 - Issuer Will Never Approve.

    In this case, the merchant should never reattempt to authorize the transaction, and the cardholder must provide an alternate payment method. This code can be returned for accounts that are blocked, never existed, or are otherwise flagged as invalid by the issuer.

  • 2 - Issuer Cannot Approve at this Time.

    In this case, the merchant may reattempt the authorization at a later time. Reasons for this decline can include velocity controls, credit risk holds, or system errors.

    Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

  • 3 - Issuer Cannot Approve Based on Details Provided.

    In this case, the card has been declined due to incorrect data, such as the CVV, expiry, or PIN. The merchant may attempt the authorization, after obtaining the corrected data.

    Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

declineCategoryText

Visa Decline Category Code Description25

A text description to provide more information on the decline.

One of the following:

  • Do not retry - Returned for declineCategory 1.
  • Wait to retry - Returned for declineCategory 2.
  • Fix the request and retry - Returned for declineCategory 3.

Additionally, the following fields are returned for approved authorizations.

Field Content Max Length Comments
authcode Authorization Code 6 Authorization Code from the Issuer
signature Signature Bitmap 6144 JSON escaped, Base64 encoded, Gzipped, BMP of signature data. Returned if the authorization used a token that had associated signature data or track data with embedded signature data.
commcard Commercial Card Flag 1 Y if a Corporate or Purchase Card
emv Cryptogram - Authorization Response Cryptogram (ARPC). This is returned only when EMV data is present within the Track Parameter.
emvTagDataReceipt/EMV Tag Data2000A string of receipt and EMV tag data (when applicable) returned from the processor.


This data returned should be presented on a receipt if applicable, and recorded with the transaction details for future reference.

See EMV Tag Data Fields, below, for a list of the possible fields returned.

Note: This string is returned for both EMV and non-EMV transactions on the First Data RapidConnect (RPCT) front end platform.
receiptReceipt Data Array-Returned when the request includes "receipt":y"

A stringifed array that includes additional fields to be printed on a receipt.

See Receipt Data Fields, below, for a list of the possible fields returned.
receiptObjReceipt Data Object-Returned when the request includes "receipt":json".

Additional fields to be printed on a receipt.

receiptObj includes additional details not included in the receipt string.

See Receipt Data Fields, below, for a list of the possible fields returned.

EMV Tag Data Fields

The emvTagData included in the authorization response includes a string of the following fields. 

This string is returned for both EMV non-EMV transactions on the First Data RapidConnect (RPCT) processor. 

EMV Tag Data Array Objects

Name Tag Details Source Format Max Length
TVR (Terminal Verification Results) 95 Status of the different functions as seen from the terminal Terminal Binary 5
ARC (Authorization Response Code) 8A Indicates the transaction disposition of the transaction received from the issuer for online authorizations. Issuer/Terminal String 2
PIN (CVM Results) 9F34 Indicates the results of the last CVM performed. If PIN was entered, then "Verified by PIN" Terminal String 15
Signature (CVM Results) 9F34 Indicates the results of the last CVM performed. If "true" then CVM supports signature and signature line may be applicable. However, card brands have moved away from requiring signature.

Returns "unknown" if the signature requirement could not be determined.
Terminal Binary 7
Mode Identifies the mode used to authorize (or decline) the transaction.  Always "Issuer" CardPointe Gateway String 6
TSI (Transaction Status Information) 9B Indicates the functions performed in a transaction Terminal Binary 2
Application Preferred Name 9F12 Preferred mnemonic associated with the AID. If unavailable, use Application Label.  Card String 16
Network LabelIdentifies the Authorizing Network Name, which should be printed on the receipt.IssuerString10
AID (Application Identifier, Terminal) 9F06 Identifies the application as described in ISO/IEC 7816-5 Terminal Binary  16
IAD (Issuer Application Data) 9F10 Contains proprietary application data for transmission to the issuer in an online transaction. Card Binary 32
Entry method Indicator identifying how the card information was obtained.

One of the following values:
  • Manual
  • Chip Read
  • Contactless Chip
  • Contactless Fallback Swipe
  • Fallback Keyed
  • Fallback Swipe
  • Swipe
Terminal String

26

Application Label 50 Mnemonic associated with the AID according to ISO/IEC 7816-5. If unavailable, use Application Preferred Name.  Card String (with the special character limited to space) 16

Receipt Data Fields

receipt and receiptObj provide additional merchant and authorization details for use in printing receipts. The receipt data includes merchant account information, populated using the merchant properties configured for the MID, as well as additional transaction details from the authorization response. You can optionally include a custom order note (orderNote) and item details (items), by including a userFields object in the authorization request. 

See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.

Expand the following topics to review the contents and examples of the receipt and receiptObj data.

receiptObj includes the same fields as the receipt string, as well as additional fields duplicated from the emvTagData array.

receipt string Fields

The receipt string includes the following fields:

FieldFormatDescription
headerANA customizable field to display an alphanumeric message. For example, a specific terms, disclosure, or cardholder agreement statement.
footerANA customizable field to display an alphanumeric message. For example, a specific terms, disclosure, or cardholder agreement statement.
dbaANThe merchant's Doing Business As (DBA) name.
address1ANLine 1 of the merchant's address.
address2ANLine 2 of the merchant's address.
phoneNThe merchant's phone number.
dateTimeNThe date and time of the transaction (YYYYMMDDHHMMSS).
nameOnCardAThe Cardholder's name, if included in the authorization request.
orderNoteANA custom order note, if included in the userFields in the authorization request.
itemsANA custom item descriptor, if included in the userFields in the authorization request.

receipt Example

"receipt": "{\"dateTime\":\"20210113154743\",\"dba\":\"receipt Test North2\",\"address2\":\"DENVER\",\"phone\":\"123-456-7890\",\"footer\":\"\",\"nameOnCard\":\"CC TEST\",\"address1\":\"Street\",\"orderNote\":\"\",\"header\":\"\",\"items\":\"\"}"

receiptObj Fields

The receiptObj string includes the following fields:

Each field is only returned when a value is present, otherwise the field is omitted from the object.

Field FormatDescription
address1ANLine 1 of the merchant's address.
address2ANLine 2 of the merchant's address.
Application LabelANDuplicated from the emvTagData object. Mnemonic associated with the AID according to ISO/IEC 7816-5. 
dateTimeNThe date and time of the transaction (YYYYMMDDHHMMSS).
dbaANThe merchant's Doing Business As (DBA) name.
emvJSON ObjectAn object that returns the following fields, when present, duplicated from the emvTagData object:
  • AID- Identifies the application as described in ISO/IEC 7816-5.
  • ARC - Indicates the transaction disposition of the transaction received from the issuer for online authorizations.
  • IAD - Contains proprietary application data for transmission to the issuer in an online transaction.
  • TSI - Indicates the functions performed in a transaction.
  • TVR - Status of the different functions as seen from the terminal.
Entry MethodANDuplicated from the emvTagData object. 

Indicator identifying how the card information was obtained.

One of the following values:

  • Manual
  • Chip Read
  • Contactless Chip
  • Fallback Keyed
footerANA customizable field to display an alphanumeric message. For example, a specific terms, disclosure, or cardholder agreement statement.
headerANA customizable field to display an alphanumeric message. For example, a specific terms, disclosure, or cardholder agreement statement.
itemsANA custom item descriptor, if included in the userFields in the authorization request.
ModeANDuplicated from the emvTagData object. Identifies the mode used to authorize (or decline) the transaction. Always Issuer.
nameOnCardANThe Cardholder's name, if included in the authorization request.
orderNoteANA custom order note, if included in the userFields in the authorization request.

phone

N

The merchant's phone number.
PINANDuplicated from the emvTagData object. Indicates the results of the last CVM performed. If PIN was entered, then "Verified by PIN"
SignatureANDuplicated from the emvTagData object. Indicates the results of the last CVM performed. If "true" then CVM supports signature and signature line may be applicable. However, card brands have moved away from requiring signature.

Returns "unknown" if the signature requirement could not be determined.

receiptObj Example

"receiptObj": {\"dateTime\":\"20210113154743\",\"dba\":\"RapidConnect Retail\",\"PIN\":\"Verified by PIN\",\"address2\":\"DENVER\",\"phone\":\"123-456-7890\",\"footer\":\"\",\"nameOnCard\":\"CC TEST\",\"address1\":\"Street\",\"Mode\":\"Issuer\",\"Network Label\":\"AMEX\",\"Entry Method\":\"Chip Read\",\"Application Label\":\"AMEX 2\",\"emv\":{\"TVR\":\"0000008001\",\"AID\":\"A0000000042203\",\"IAD\":\"0110A0000F040000010203040506070809FF0102030405060708090A0B0C0D0E\"}}"

Profiles

The CardPointe Gateway has the ability to store information about the account holder, called a profile. Setting the optional field profile to Y in the first authorization or account verification request creates a new profile using the information in the request. 

The profile feature requires that the account number be converted to a token. Subsequent authorization requests access the stored profile by setting the profile property to the profileid value which is returned in the original authorization or profile create request. The fields stored in the profile are marked by the # in the Authorization Request fields table.

Response Codes

The status of the authorization is indicated by the response status (respstat) value in the authorization response

respstatMeaning
AApproved
BRetry
CDeclined

Additional processor response information is returned in the respcode and respproc fields. See Gateway Response Codes for detailed information.

Capture

The capture service queues the transaction amount for settlement. Capture can occur within the authorization request or subsequently.

If the amount to be captured is more than the authorized amount (such as a tip adjustment), ensure that the merchant is appropriately entitled with this capability.

The service responds with either a JSON-encoded response or an HTTP error code.  

    Capture Service URL

    MethodPUT or POST
    URLhttps://<site>.cardconnect.com/cardconnect/rest/capture
    HeadersContent-Type: application/json
    Authorization: Basic

    Capture Request

    The capture request uses the Retrieval Reference Number (retref) from the original authorization request. When the amount is omitted, the original authorization amount is captured.

    Fields in bold are required. 

    FieldSizeTypeComments
    merchid16NMerchant ID, required for all requests. Must match merchid of transaction to be captured
    retref14NCardPointe retrieval reference number from authorization response
    authcode6ANAuthorization code from original authorization request
    amount12NCapture amount in decimal or in currency minor units (for example, USD Pennies or MXN Centavos)
    invoiceid12ANAn optional invoice ID. 
    receipt1AOptional, to return receipt data fields in the response. 

    Specify Y to return additional merchant and transaction data to print on a receipt. 

    Defaults to if not provided.

    Capture Response

    FieldContentMax LengthComments
    merchidMerchant ID16Copied from the capture request
    accountAccount number (masked)19Masked account number
    authcode Authorization Code 6 Authorization Code from the Issuer
    orderIdOrder ID

    50

    The orderid, copied from the authorization request.

    The orderId is returned in the response when the request includes an orderid and "receipt":"y".

    If no orderid was passed and "receipt":"json", "n", or omitted the orderId field is omitted from the response.

    amountAmount to capture12The amount included in the capture request.
    retrefRetrieval reference number14The retref included in the capture request.
    batchidBatch ID assigned to transaction12Automatically created and assigned unless otherwise specified
    commcard Commercial Card Flag 1 Y if a Corporate or Purchase Card
    setlstatSettlement status40The current settlement status. The settlement status changes throughout the transaction lifecycle, from authorization to settlement. The following values can be returned in the capture response:

    Note: See Settlement Status Response Values for a complete list of
    setlstat values.
    • Authorized - The authorization was approved, but the transaction has not yet been captured. 
    • Declined - The authorization was declined; therefore, the transaction can not be captured.
    • Queued for Capture - The authorization was approved and captured but has not yet been sent for settlement.
    • Voided - The authorization was voided; therefore, the transaction cannot be captured.
    • Zero Amount - The authorization was a $0 auth for account validation, which cannot be captured. 
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.

    Capture Level 2 Data

    If available, the Level 2 fields can be provided in the capture request and should be provided for corporate or purchase cards to qualify for improved interchange rates.

    FieldSizeTypeComments
    ponumber36ANCustomer purchase order number
    taxamnt12NTax amount for the order, either decimal or in currency minor units (for example, USD Pennies or MXN Centavos). 

    If taxexempt is Y, taxamnt must be zero or omitted. If taxexempt is N, taxamnt must be a positive, non-zero value.

    Many Level 2 protocols refer to a "Customer Code," which is described as "an identifier the customer would recognize." The CardPointe Gateway populates this field with the ponumber. If the ponumber is not provided, then the orderid from the authorization request is used. If neither the ponumber or the orderid is available, the Retrieval Reference Number (retref) is used.

    The Level 2 protocol also requires certain merchant information, such as Postal Code and Tax Identification Number. These fields are filled from the configuration table created during the merchant boarding process.

    Capture Level 3 Data

    If available, Level 3 line item data can be sent with the capture request, particularly for any commercial or corporate payment cards. To qualify for Level 3 Interchange rates, Level 2 data (described above) must also be provided.

    Level 3 data includes additional Order Level items such as freight and discount amount, as well as information from each line item of the order. These are stored as an array in the items field.

    FieldSizeTypeComments
    frtamnt12NTotal order freight amount, default 0
    dutyamnt12NTotal order duty amount, default 0
    orderdate8NYYYYMMDD

    For most industries this is the delivery date for the order

    Defaults to System Date when captured
    shiptozip12ANIf country is "US", must be 5 or 9 digits

    Otherwise, any alphanumeric string is accepted
    shipfromzip12ANSame as above
    shiptocountry2AShip To Country Code, default is US
    itemsvariesArrayArray of items

    Line Item Records

    FieldSizeTypeComments
    lineno4NOptional line number for each item. Line numbers do not need to be specified sequentially; however, if no lineno value is included, items are assigned sequential line numbers.
    material12ANOptional material code (also referred to as a Commodity Code) for each item. 
    description26ANAn item description, required.
    upc14NOptional UPC code for each item. If upc is included, the value must not be all zeros.

    Some processors limit this value to 12 characters.
    quantity12NQuantity of the item purchased. Can be a whole amount or amount with up to three decimal places.
    uom8ANUnit of measure (for example, "each" or "ton").

    Some processors limit this value to 4 characters.
    unitcost12NOptional item cost, excluding tax as a decimal amount or in currency minor units (for example, USD Pennies or MXN Centavos formatted as 1.23 or 123 for $1.23). 


    The unitcost should not be greater than the amount for the order.

    When omitted, this value is calculated as netamnt/quantity.
    netamnt12NNet total of unitcost x quantity, excluding tax and discount, as a decimal amount or in currency minor units.

    netamnt is always a positive value, even for refunds.

    Zero amounts are allowed for no-charge items, such as a manual, that are included in the order.
    taxamnt12NTax amount for each item, as a decimal amount or in currency minor units. The sum total of taxamnt for all items equals the total tax amount for the order.

    The total of netamnt + taxamnt - discamnt equals the order amount.

    If taxexempt is Ytaxamnt must be zero or omitted. If taxexempt is Ntaxamnt must be a positive, non-zero value.
    taxexempt1ANIndicates whether or not the order is tax exempt.

    taxexempt should be Y if:
    • The payment card BIN type is GSA (government).

      Note: All GSA orders are set to taxexempt regardless of this setting. 
    • The merchant is a government agency.

      In this case, you must include taxexempt = Y in the request for each order.
    taxexempt defaults to N.
    discamnt12NOptional discount amount for each item, as a decimal amount or in currency minor units.

    Void

    The void service cancels a transaction that is in either "Authorized" or "Queued for Capture" status.

    Partial voids are not supported for debit transactions. If you specify a partial void amount for a debit transaction, the entire amount is voided. Omit the amount or specify the full amount for a debit void.

    You can retrieve the status of a transaction using the inquire or inquireByOrderid endpoint. 

    The response includes a voidable field, which indicates whether or not the transaction can be voided.

    The setlstatfield in determines the amount that can be voided, where:

    • "setlstat" : "Authorized"
      This status indicates the transaction has been authorized but not queued for capture. The entire amount or a partial amount can be voided.
    • "setlstat" : "Queued for Capture"
      Only the entire amount can be voided.

    Void Service URL

    MethodPUT or POST
    URLhttps://<site>.cardconnect.com/cardconnect/rest/void
    HeadersContent-Type: application/json
    Authorization: Basic

    Void Request

    Fields in bold are required.

    FieldSizeTypeComments
    merchid16N

    Merchant ID, required for all requests.

    Must match merchid of the transaction to be voided.

    retref14N

    The retrieval reference number from the original authorization response.

    amount12N

    Optional. If omitted or equal to $0, the full amount is voided.

    If no capture has taken place (setlstat:Authorized), you can specify a partial amount to void to reduce the amount of the authorization.

    Note: Partial voids are not supported for debit transactions. If you specify a partial void amount for a debit transaction, the entire amount is voided. Omit the amount or specify the full amount for a debit void.

    Void Response

    If the void is successful, the authcode will contain REVERS. If transaction is not found or an error occurs: 

    • respproc will contain PPS
    • respcode will contain an error code 
    • respstat will contain C indicating the transaction has declined
    • resptext will contain a descriptive message
    FieldContentMax LengthComments
    merchidMerchant ID16Retrieved from void request
    orderIdOrder ID

    50

    The order ID associated with the authorization, if present.

    orderId is returned in the void response when the corresponding authorization request included an orderid and "receipt":"y".

    If no orderid was passed, but "receipt":"y", the orderId field is returned with no value ("orderId":""); however, if no orderid was passed and "receipt":"json", "n", or is omitted, the orderId field is omitted.
    amountAmount12The final amount authorized after the void. 

    If the full amount was voided, the amount value in the response is 0.00.

    If a partial amount was voided, the amount value in the response is the difference between the original authorization amount and the amount voided.
    currencyCurrency3From the original authorization request
    retrefRetrieval reference number14Retrieved from void request
    authcodeAuthorization code6Identifies if the void was successful. Can one of the following values: 
    • REVERS - Successful
    • Null - Unsuccessful. Refer to the respcode and resptext.
    respcodeResponse code3Alpha-numeric response code that represents the description of the response
    respprocResponse processor4Abbreviation that represents the platform and the processor for the transaction
    respstatResponse status1Indicates the status of the request. Can be one of the following values:
    • A - Approved
    • B - Retry
    • C - Declined
    resptextResponse text40Text description of response
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt, copied from the original authorization response, if present.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.

    Refund

    The refund service is used for transactions that are in a settled status.

    You can refund a specific transaction using the retrieval reference number (retref) provided in the authorization response. 

    You can retrieve the status of a transaction using the inquire or inquireByOrderid endpoint.

    The response includes a refundable field, which indicates whether or not the transaction can be refunded.

    The specific transaction status is recorded in the setlstat field.

    Some banks impose maximum time limits (for example, 6 months) to perform a refund using a retref

    If you do not have a retref for the transaction, you can return funds to an account by passing a negative amount (forced credit) in an authorization and subsequent capture request. 

    Refund Service URL

    MethodPUT or POST
    URLhttps://<site>.cardconnect.com/cardconnect/rest/refund
    HeadersContent-Type: application/json
    Authorization: Basic

    Refund Request

    Fields in bold are required.

    FieldSizeTypeComments
    merchid16NMerchant ID, required for all requests.
    retref14NThe retrieval reference number from the original authorization.
    amount12NPositive amount with decimal or amount without decimal in currency minor units (for example, USD Pennies or MXN Centavos) for partial refunds.

    If no value is provided, the full amount of the transaction is refunded. 
    orderid

    50

    AN

    Optional, a unique order number for the refund transaction, to specify a unique identifier for the refund instead of retaining the order ID from the original authorization (if present).

    If an orderid is present in the refund request, it will be stored and associated with the refund transaction record.

    If an orderid is not present in the refund request, the refund will be associated with the orderid from the original authorization, if one was provided.

    Note: If you include an order ID it must meet the following requirements:

    • The order ID must be a unique value. Using duplicate order IDs can lead to the wrong transaction being voided in the event of a timeout.
    • The order ID must not include any portion of a payment account number (PAN), and no portion of the order ID should be mistaken for a PAN. If the order ID passes the Luhn check performed by the CardPointe Gateway, the value will be masked in the database, and attempts to use the order ID in an inquire, void, or refund request will fail.

    Refund Response

    If the transaction is found, the response values (resproc, respcode, respstat, resptext) will contain the result of the request. If the transaction is not found, or an error occurs:

    • respproc will contain PPS
    • respcode will contain an error code 
    • respstat will contain C indicating the transaction has declined
    • resptext will contain a descriptive message 

    See Gateway Response Codes for more information on these values. 

    Refunds are automatically approved by the CardPointe Gateway and submitted for settlement.

    FieldContentMax LengthComments
    merchidMerchant ID16Copied from refund request
    amountAmount12Copied from refund request, contains the refund amount
    retrefRetrieval reference number14New retref of refund transaction
    orderIdOrder ID

    50

    The orderid, copied from the original authorization request or the refund request.

    The orderId is returned in the response when the authorization or refund request includes an orderid and "receipt":"y".

    If no orderid was passed and "receipt":"json", "n", or is omitted, the orderId field is omitted from the response.

    respcodeResponse code3Alpha-numeric response code that represents the description of the response
    respprocResponse processor4Abbreviation that represents the platform and the processor for the transaction
    respstatResponse status1A - Approved
    B - Retry
    C - Declined
    resptextResponse text40Text description of the response
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt, copied from the original authorization response, if present.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.
    declineCategoryVisa Decline Category Code1

    A numeric decline category code, only returned for declined transactions using Visa accounts.

    See Visa Decline Rules and Responses for detailed information on handling Visa declines.

    One of the following values:

    • 1 - Issuer Will Never Approve.

      In this case, the merchant should never reattempt to authorize the transaction, and the cardholder must provide an alternate payment method. This code can be returned for accounts that are blocked, never existed, or are otherwise flagged as invalid by the issuer.

    • 2 - Issuer Cannot Approve at this Time.

      In this case, the merchant may reattempt the authorization at a later time. Reasons for this decline can include velocity controls, credit risk holds, or system errors.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    • 3 - Issuer Cannot Approve Based on Details Provided.

      In this case, the card has been declined due to incorrect data, such as the CVV, expiry, or PIN. The merchant may attempt the authorization, after obtaining the corrected data.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    declineCategoryText

    Visa Decline Category Code Description25

    A text description of the declineCategory value.

    One of the following:

    • Do not retry - Returned for declineCategory 1.
    • Wait to retry - Returned for declineCategory 2.
    • Fix the request and retry - Returned for declineCategory 3.

    Inquire 

    The inquire service returns information for an individual transaction, including its settlement status (setlstat) and the response codes from the initial authorization. 

    Inquire Service URL

    MethodGET
    URLhttps://<site>.cardconnect.com/cardconnect/rest/inquire/<retref>/<merchid>
    HeaderAuthorization: Basic

    Inquire Request

    Fields in bold  are required.

    FieldContentMax LengthComments
    merchidMerchant ID16From the original authorization
    retrefRetrieval Reference Number14From the original authorization

    Inquire Response

    FieldContentMax LengthComments
    merchidMerchant ID12The Merchant ID, copied from the Inquire request.
    orderIdOrder ID

    50

    The order ID associated with the authorization, if present.


    orderId is returned in the inquire response when the corresponding authorization request included an orderid and "receipt":"y".

    If no orderid was passed, but "receipt":"y", the orderId field is returned with no value ("orderId":""); however, if no orderid was passed and "receipt":"json""n",  or is omitted, the orderId field is omitted.

    accountAccount number25The tokenized payment account used in the original authorization.
    expiryAccount expiration date4The account's expiration date, in format MMYY.
    amountAmount to capture12Copied from original authorization response.
    currencyCurrency of amount3Copied from original authorization response.
    retrefRetrieval reference number12Copied from inquire request.
    respcodeResponse code4Copied from original authorization response.
    respprocResponse processor4Copied from original authorization response.
    respstatResponse status1Copied from original authorization response.
    resptextResponse text40Copied from original authorization response.
    batchidBatchid assigned to transaction12A unique batch ID, if the transaction was successfully captured.
    setlstatSettlement Status40The current settlement status. The settlement status changes throughout the transaction lifecycle, from authorization to settlement. The following values can be returned in the inquire response:


    Note: See Settlement Status Response Values for a complete list of
    setlstat values.

    • Accepted - The batch for this transaction was transmitted and accepted for funding.
    • Amount Under Review - First Data North and Rapid Connect only. The batch for this transaction was transmitted for settlement, and the transaction was placed under review because the amount exceeded a configured threshold. The transaction should be accepted or rejected for funding the next day; however, the setlstat field may not be updated. Check CardPointe for the current status.  
    • Authorized - The authorization was approved, but the transaction has not yet been captured.
    • Declined - The authorization was declined.
    • Format Error - The order did not transmit for settlement due to unexpected or invalid order or item data. Contact Support if you encounter this status. 
    • Pin Debit - Vantiv PIN debit transactions only. Vantiv PIN debit transactions are settled by Vantiv, unlike First Data North and Rapid Connect PIN debit transactions, which are submitted with the batch for settlement. 
    • Queued for Capture - The authorization was approved and captured but has not yet been sent for settlement.
    • Rejected - The batch was sent for settlement, but the transaction was rejected for funding. Contact Support if you encounter this status.
    • Token Decrypt - The transaction was not settled due to a token decryption error. Contact Support if you encounter this status.
    • Voided - The transaction was voided.
    • Zero Amount - The authorization was a $0 auth for account validation.
    capturedateCapture date and time14The date the transaction was captured, in the format YYYYMMDDHHMMSS.
    settledateSettlement date and time14The date the transaction was settled, in the format YYYYMMDDHHMMSS.
    signatureSignature Bitmap6144JSON-escaped, Base64-encoded, Gzipped, BMP of signature data (from a signature-capable terminal). Returned if the authorization used a token that had associated signature data or track data with embedded signature data.
    tokentokenvariesToken copied from the original authorization response.
    profileid20 digit profile ID20Primary identifier to access profiles. Present if transaction utilized a stored profileid. 
    acctid3 digit account ID3Account identifier within a profile. Present if transaction utilized a stored profileid. 
    authdateAuthorization Date8Date of the authorization, in the format YYYYMMDD.
    lastfourLast four of token/card number4Last 4 digits of the token and card number. 
    nameAccount name30The account name, if returned in the track data.
    bintypeType of BIN16The type of card, based on the BIN.

    Possible values:
    • Corp
    • FSA+Prepaid
    • GSA+Purchase
    • Prepaid
    • Prepaid+Corp
    • Prepaid+Purchase
    • Purchase
    entrymodePOS Entry Mode25Possible Values:
    • Keyed
    • Moto
    • ECommerce
    • Recurring
    • Swipe (Non EMV)
    • DigitalWallet
    • EMVContact
    • Contactless
    • Fallback to Track
    • Fallback to Keyed
    fee_authcode6NDuplicate of the authcode field included if the transaction included a fee (for example, a credit card surcharge).
    fee_format7ANThe fee format configured for the merchant account (for example, "percent").
    fee_merchid--The merchant ID used to process a fee. If not applicable or the same as the transaction merchant ID, returns an empty value ("").
    fee_retref-

    -

    The unique retrieval reference number for a fee. If not applicable or the same as the transaction retref, returns an empty value ("").
    fee_type13ANThe type of fee applied to the transaction. 
    fee_value3NThe fee rate applied to the transaction with decimal implied (for example "300" for a 3% rate. 
    emvTagDataEMV tag data2000A string of EMV data returned from the processor when an EMV card is used. This data returned should be presented on a receipt if applicable, and recorded with the transaction details for future reference.

    Refer to EMV Tag Data for a list of the possible fields returned
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.
    userfield [0..9]Custom Field20A value passed by the merchant with the original authorization to further identify the transaction (see the userfields description under the Authorization Service).
    voidableVoid Indicator1Indicates whether the transaction can be voided in its current state.

    The voidable value is determined by the status of the batch at the time of inquiry.

    If Y, the transaction can be voided.

    If N, the transaction cannot be voided.
    refundableRefund Indicator1Indicates whether the transaction can be refunded in its current state.

    The refundable value is determined by the status of the batch at the time of inquiry, as well as the MID configuration. If the MID is enabled to refund for unsettled authorizations, then refundable always returns Y.

    If Y, the transaction can be refunded.

    If N, the transaction cannot be refunded.
    declineCategoryVisa Decline Category Code1

    A numeric decline category code, only returned for declined transactions using Visa accounts.

    See Visa Decline Rules and Responses for detailed information on handling Visa declines.

    One of the following values:

    • 1 - Issuer Will Never Approve.

      In this case, the merchant should never reattempt to authorize the transaction, and the cardholder must provide an alternate payment method. This code can be returned for accounts that are blocked, never existed, or are otherwise flagged as invalid by the issuer.

    • 2 - Issuer Cannot Approve at this Time.

      In this case, the merchant may reattempt the authorization at a later time. Reasons for this decline can include velocity controls, credit risk holds, or system errors.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    • 3 - Issuer Cannot Approve Based on Details Provided.

      In this case, the card has been declined due to incorrect data, such as the CVV, expiry, or PIN. The merchant may attempt the authorization, after obtaining the corrected data.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    declineCategoryText

    Visa Decline Category Code Description25

    A text description of the declineCategory value.

    One of the following:

    • Do not retry - Returned for declineCategory 1.
    • Wait to retry - Returned for declineCategory 2.
    • Fix the request and retry - Returned for declineCategory 3.

    Inquire By Order ID

    Similarly to the inquire endpoint, requests to the inquireByOrderid endpoint return information for an authorization; however, inquireByOrderid references the Order ID associated with the transaction instead of the retrieval reference number (retref). 

    This allows you to get information about a transaction if the original authorization was interrupted and no response was returned, including the retref (if one was generated).

    It is strongly recommended that you use a unique order ID for every transaction, if you are using order IDs. Doing so allows you to more easily and accurately retrieve data on all transactions.

    Inquire By Order ID Service URL

    MethodGET
    URLhttps://<site>.cardconnect.com/cardconnect/rest/inquireByOrderid/<orderid>/<merchid>/<set>
    HeaderAuthorization: Basic

    Inquire By Order ID Request

    This request returns all transactions for the specified merchant ID (MID), using the specified Order ID. 

    Specify 1 for the set parameter to restrict the inquiry to the specified MID. 

    If you have multiple MIDs and do not know which MID was used in the original transaction, you can omit the set parameter from the end of the request to optionally inquire on the order ID across all MIDs on the site.

    • Fields in bold are required.
    • The Inquire By Order ID endpoint accepts a query string.
    FieldContentMax LengthComments
    merchidMerchant ID14From the original authorization
    orderidOrder ID

    50

    From the original authorization
    set1 or blank1set to 1 to restrict the inquiry to the merchant ID (MID) specified in the request. If you have multiple MIDs and want to search for the order ID across all MIDs, omit this parameter.

    Inquire By Order ID Response

    The inquireByOrderid response includes the following fields:

    If the specified Order ID was used in multiple authorization attempts (for example, to retry a declined transaction), then the InquireByOrderID response returns an array that includes an object for each transaction record that matches the Order ID.

    FieldContentMax LengthComments
    amountAmount to capture12Copied from the original authorization response.
    orderIdOrder ID50The order ID associated with the transaction.
    resptextResponse text40Copied from the original authorization response.
    setlstatSettlement Status40The current settlement status. The settlement status changes throughout the transaction lifecycle, from authorization to settlement. The following values can be returned in the inquireByOrderid response:


    Note: See Settlement Status Response Values for a complete list of
    setlstat values.

    • Accepted - The batch for this transaction was transmitted and accepted for funding.
    • Amount Under Review - First Data North and Rapid Connect only. The batch for this transaction was transmitted for settlement, and the transaction was placed under review because the amount exceeded a configured threshold. The transaction should be accepted or rejected for funding the next day; however, the setlstat field may not be updated. Check CardPointe for the current status.
    • Authorized - The authorization was approved, but the transaction has not yet been captured.
    • Declined - The authorization was declined.
    • Format Error - The order did not transmit for settlement due to unexpected or invalid order or item data. Contact Support if you encounter this status.
    • Pin Debit - Vantiv only. PIN debit transactions are settled by Vantiv, and are not submitted with the batch for settlement.
    • Queued for Capture - The authorization was approved and captured but has not yet been sent for settlement.
    • Rejected - The batch was sent for settlement, but the transaction was rejected for funding. Contact Support if you encounter this status.
    • Token Decrypt - The transaction was not settled due to a token decryption error. Contact Support if you encounter this status.
    • Voided - The transaction was voided.
    • Zero Amount - The authorization was a $0 auth for account validation.
    respcodeResponse code4Copied from the original authorization response.
    merchidMerchant ID12Copied from the original authorization response.
    tokentokenvariesCopied from the original authorization response.
    respprocResponse processor4Copied from the original authorization response.
    authdateAuthorization Date8The date of the authorization in the format YYYYMMDD.
    lastfourLast four of token/card number4Last 4 digits of the token and card number. 
    nameAccount name30Account name, if returned in the track data.
    expiryAccount expiration date4Expiration date in the format MMYY.
    currencyCurrency of amount3Copied from the original authorization response.
    retrefRetrieval reference number12Copied from the inquireByOrderid request.
    respstatResponse status1Copied from the original authorization response.
    accountAccount number25The tokenized payment account used in the original authorization.
    bintypeType of BIN16The type of card, based on the BIN.

    Possible values:
    • Corp
    • FSA+Prepaid
    • GSA+Purchase
    • Prepaid
    • Prepaid+Corp
    • Prepaid+Purchase
    • Purchase
    entrymodePOS Entry Mode25

    Possible Values:

    • Keyed
    • Moto
    • ECommerce
    • Recurring
    • Swipe (Non EMV)
    • DigitalWallet
    • EMVContact
    • Contactless
    • Fallback to Track
    • Fallback to Keyed
    fee_authcode6NDuplicate of the authcode field included if the transaction included a fee (for example, a credit card surcharge).
    fee_format7ANThe fee format configured for the merchant account (for example, "percent").
    fee_merchid--The merchant ID used to process a fee. If not applicable or the same as the transaction merchant ID, returns an empty value ("").
    fee_retref-

    -

    The unique retrieval reference number for a fee. If not applicable or the same as the transaction retref, returns an empty value ("").
    fee_type13ANThe type of fee applied to the transaction. 
    fee_value3NThe fee rate applied to the transaction with decimal implied (for example "300" for a 3% rate. 
    emvTagDataEMV tag data2000A string of EMV data returned from the processor when an EMV card is used. This data returned should be presented on a receipt if applicable, and recorded with the transaction details for future reference.

    Refer to EMV Tag Data for a list of the possible fields returned
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.
    userfield [0..9]Custom Field20A value passed by the merchant with the original authorization to further identify the transaction (see the userfields description under the Authorization Service).
    voidableVoid indicator1Indicates whether the transaction can be voided in its current state.

    The voidable value is determined by the status of the batch at the time of inquiry.

    If Y, the transaction can be voided.

    If N, the transaction cannot be voided.
    refundableRefund indicator1Indicates whether the transaction can be refunded in its current state.

    The refundable value is determined by the status of the batch at the time of inquiry, as well as the MID configuration. If the MID is enabled to refund for unsettled authorizations, then refundable always returns Y.

    If Y, the transaction can be refunded.

    If N, the transaction cannot be refunded.
    declineCategoryVisa Decline Category Code1

    A numeric decline category code, only returned for declined transactions using Visa accounts.

    See Visa Decline Rules and Responses for detailed information on handling Visa declines.

    One of the following values:

    • 1 - Issuer Will Never Approve.

      In this case, the merchant should never reattempt to authorize the transaction, and the cardholder must provide an alternate payment method. This code can be returned for accounts that are blocked, never existed, or are otherwise flagged as invalid by the issuer.

    • 2 - Issuer Cannot Approve at this Time.

      In this case, the merchant may reattempt the authorization at a later time. Reasons for this decline can include velocity controls, credit risk holds, or system errors.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    • 3 - Issuer Cannot Approve Based on Details Provided.

      In this case, the card has been declined due to incorrect data, such as the CVV, expiry, or PIN. The merchant may attempt the authorization, after obtaining the corrected data.

      Note: You may reattempt this transaction a maximum of 15 times in a 30-day period before incurring excessive reattempt fees, unless you receive an updated declineCategory of 1, in which case you should no longer reattempt this transaction.

    declineCategoryText

    Visa Decline Category Code Description25

    A text description of the declineCategory value.

    One of the following:

    • Do not retry - Returned for declineCategory 1.
    • Wait to retry - Returned for declineCategory 2.
    • Fix the request and retry - Returned for declineCategory 3.

    Void By Order ID

    The voidByOrderId endpoint is used to look up and void a transaction record using the order ID supplied in the original authorization request. If the order ID supplied in a voidByOrderId request matches a transaction record for the specified merchant, the authorization is voided and a response is returned.

    voidByOrderId can be used in the event that no response is returned by an inquireByOrderId request, when you are unsure of a transaction's status. It's recommended to call voidByOrderId three times (3x) if no response was returned by either an inquireByOrderid request or the initial auth request.

    Partial voids are not supported for debit transactions. If you specify a partial void amount for a debit transaction, the entire amount is voided. Omit the amount or specify the full amount for a debit void.

    It is strongly recommended that you use a unique order ID for every transaction, if you are using order IDs. Doing so allows you to more easily and accurately retrieve data on all transactions.

    Void By Order ID Service URL

    MethodPUT or POST
    URLhttps://<site>.cardconnect.com/cardconnect/rest/voidByOrderId/
    HeadersContent-Type: application/json
    Authorization: Basic

    Void By Order ID Request

    Fields in bold are required.

    FieldMax LengthTypeComments
    merchid14NFrom the original authorization
    orderid

    50

    AFrom the original authorization
    amount12

    N

    Optional. If omitted or equal to $0, the full amount is voided.

    If no capture has taken place (setlstat:Authorized), you can specify a partial amount to void to reduce the amount of the authorization.

    Note: Partial voids are not supported for debit transactions. If you specify a partial void amount for a debit transaction, the entire amount is voided. Omit the amount or specify the full amount for a debit void.

    Void By Order ID Response

    If the void is successful, the authcode will contain REVERS. If the transaction is not found, or an error occurs:

    • respproc will contain PPS
    • respcode will contain an error code
    • respstat will contain C indicating the transaction has declined
    • resptext will contain a descriptive message
    FieldContentMax LengthComments
    merchidMerchant ID16Retrieved from void request
    orderIdOrder ID

    50

    The order ID associated with the transaction.
    amountAmount12The final amount authorized after the void.

    If the full amount was voided, the amount value in the response is 0.00.

    If a partial amount was voided, the amount value in the response is the difference between the original authorization amount and the amount voided.
    currencyCurrency3From the original authorization request
    retrefRetrieval reference number14Retrieved from void request
    authcodeAuthorization code6Identifies if the void was successful. Can one of the following values:
    • REVERS - Successful
    • Null - Unsuccessful. Refer to the respcode and resptext.
    respcodeResponse code3Alpha-numeric response code that represents the description of the response
    respprocResponse processor4Abbreviation that represents the platform and the processor for the transaction
    respstatResponse status1Indicates the status of the request. Can be one of the following values:
    • A - Approved
    • B - Retry
    • C - Declined
    resptextResponse text40Text description of response
    receiptReceipt Data-An object that includes additional fields to be printed on a receipt, copied from the original authorization response, if present.

    Refer to Receipt Data for a list of possible fields returned.

    See Printing Receipts Using Authorization Data for detailed information on customizing the receipt data fields and printing receipts.

    Settlement Status

    For the settlement status of an individual transaction that has not been settled, use the inquire service. 

    The settlement status service returns the status of transactions which have been submitted to the processor for settlement. The transaction’s setlstatus is updated appropriately when the CardPointe Gateway receives a response from the processor. You can either specify a batchid to return a specific batch of transactions, or use a date to return all transactions settled for that date. 

    "Null Batches" is returned when no data is available for display. When passing the merchid as the only parameter,  only batches not previously requested are shown. If the merchid has previously been queried for batches, responses will contain only batches not previously returned.

    Settlement Service URL

    MethodGET
    URLhttps://<site>.cardconnect.com/cardconnect/rest/settlestat?
    Parameters
    • merchid=<merchid>&date=<MMDD>

      Queries all settled transactions by date.


    • merchid=<merchid>&batchid=<batchid>

      Queries all settled transactions by batch ID.
    HeaderAuthorization: Basic

    The merchid parameter is required in all instances.

    Settlement Response

    FieldContentMax LengthComments
    batchidBatch ID12Copied from the capture request
    hoststatBatch settlement status2One of the values below:
    • Blank – Queued for the processor
    • BB – The batch transmitted successfully; however all orders were  rejected by the processor.
    • EB - The batch was empty (contained no valid transactions).
    • GB – The batch was accepted by the processor.
    • MB – Some transactions were accepted and some were rejected.
    • RB - The batch was rejected by the processor.
    • SB - The batch was sent to the processor, but not yet confirmed.
    • ND - The batch was sent to the processor, but no confirmation was received within the expected timeout window. This status can indicate a bad batch or a communication error or other delay in the processor sending the confirmation.
    hostbatchHost batch ID16The batch identifier assigned by the payment processor.
    merchidMerchant ID16Merchant ID
    respprocClearing House4CardPointe Gateway abbreviation for Clearing House
    txnsArray of transactions--Array of retref / setlstat pairs 

    Each transaction response in the txns array contains the fields shown below.

    FieldContentMax LengthComments
    authcodeAuthorization code6The authcode copied from the authorization response.
    cardtype

    Card brand or account type

    4The card brand or account type returned by the processor.
    retrefRetrieval reference number12CardPointe retrieval reference number from authorization response
    setlamountAmount settled12The transaction amount settled for the authorization
    salesdocAdditional field / Order ID50Optional additional field for Order ID or similar.


    The order ID associated with the authorization, if present.


    orderId is returned in the salesdoc field when the corresponding authorization request included an orderid and "receipt":"y".

    If no orderid was passed, but "receipt":"y", the orderId field is returned with no value ("orderId":""); however, if no orderid was passed and "receipt":"json""n", or omitted, the orderId field is omitted.

    setlstatSettlement status1The current settlement status. The settlement status changes throughout the transaction lifecycle, from authorization to settlement. The following values can be returned in the settlestat response:


    Note: See Settlement Status Response Values for a complete list of
    setlstat values.

    • F - Format Error - The order did not transmit for settlement due to unexpected or invalid order or item data. Contact Support if you encounter this status.
    • N - Rejected - The batch was sent for settlement, but the transaction was rejected for funding. Contact Support if you encounter this status.
    • P - Pin Debit - Vantiv only. PIN debit transactions are settled by Vantiv, and are not submitted with the batch for settlement.
    • T - Token Decrypt - The transaction was not settled due to a token decryption error. Contact Support if you encounter this status.
    • W - Amount under review - First Data North and Rapid Connect only. The batch for this transaction was transmitted for settlement, and the transaction was placed under review because the amount exceeded a configured threshold. The transaction should be accepted or rejected for funding the next day; however, the setlstat field may not be updated. Check CardPointe for the current status.
    • Y - Accepted - The batch for this transaction was transmitted and accepted for funding.

    Settlement Status Response Values

    The settlement status changes throughout the transaction lifecycle, from authorization to settlement. The setlstat field returns the current settlement status, and is included in the following response objects:

    • capture - The setlstat field in the capture response indicates the transaction's status post-authorization, but prior to settlement.

    • inquire/inquireByOrderid - The setlstat field in the inquire responses indicates the transaction's status throughout the entire transaction lifecycle; therefore the inquire response can return all possible setlstat values.

    • settlestat - The setlstat field in the settlestat response indicates the transaction's status once the batch has been sent for settlement. The response includes a setlstat value for each transaction in the txn array.

    The following table provides detailed information on each setlstatus value, including the values can be returned in the response:

    The setlstat value format varies depending on the response type:

    • The capture and inquire/inquireByOrderid responses displays the verbose setlstat status, listed in the Status column in the following table (for example, "setlstat":"Queued for Capture").

    • The settlestat response displays the abbreviated setlstat label, listed in the Label column in the following table (for example, "setlstat":"N").

    Label

    Status

    Returned by

    Description

    A

    Authorized

    The authorization was approved, but the transaction has not yet been captured.

    D

    Declined

    The authorization was declined.

    F

    Format error

    The order did not transmit for settlement due to unexpected or invalid order or item data. Contact Support if you encounter this status.

    N

    Rejected

    The batch was sent for settlement, but the transaction was rejected for funding. Contact Support if you encounter this status.

    P

    Pin Debit

    Vantiv only. PIN debit transactions are settled by Vantiv, and are not submitted with the batch for settlement.

    R

    Queued for Capture

    The authorization was approved and captured but has not yet been sent for settlement.

    T

    Token Decrypt

    The transaction was not settled due to a token decryption error. Contact Support if you encounter this status.

    V

    Voided

    The transaction was voided.

    W

    Amount under review

    First Data North and Rapid Connect only. The batch for this transaction was transmitted for settlement, and the transaction was placed under review because the amount exceeded a configured threshold. The transaction should be accepted or rejected for funding the next day; however, the setlstat field may not be updated. Check CardPointe for the current status.

    Y

    Accepted

    The batch for this transaction was transmitted and accepted for funding.

    Z

    Zero amount

    The authorization was a $0 auth for account validation.

    Funding

    Funding data is only available for merchants with the funding service configured and enabled in the production environment.

    The funding endpoint provides merchant funding information and supplemental transaction and funding adjustment details. This information is provided by the host payment processing platform (for example, First Data Omaha). 

    For merchants with next day funding, funding data is typically available between 1PM and 6PM ET on the day following settlement. 

    For merchants without next day funding, funding data is typically available within 1-2 business days between 1PM and 6PM ET.

    Profitstars ACH funding data is typically available within 72 hours.

    A request to the funding endpoint returns all available funding data for the merchant on the date specified, in an array of fundings, txns (transactions), adjustments, and chargebacks records. If no adjustment or chargeback data is present for the date specified, these arrays are not returned.

    If no batches are found or are ready to return, the service returns

    {"errormsg":"No deposits match your request"}.

    Funding Service URL

    MethodGET
    URLhttps://<site>.cardconnect.com/cardconnect/rest/funding?
    Query Parametersmerchid=<merchid>&date=<MMDD>or<YYYYMMDD>
    HeaderAuthorization: Basic

    merchid is required.

    date is optional, and can be specified in the format MMDD to specify a day within the current calendar year, or YYYYMMDD to specify a date in a previous calendar year. If no date is specified, the service checks for any funding data that has not already been retrieved.

    To use the funding endpoint to retrieve ACH funding data, you must use the ACH MID and API credentials associated with this MID.

    Funding Response

    Each funding service request returns up to four JSON arrays (txns, fundings, adjustments, and chargebacks) as applicable, along with other fields that help identify information about the funding.

    The following table describes each property/node in the object provided in the Funding response.

    FieldMax LengthTypeDescription
    fundingsvariesData ArrayThis array represents information about the deposit executed.

    See fundings Node for more information.
    txnsvariesData ArrayThis array represents all the transactions funded for the given date provided.

    See txns Node for more information.
    adjustmentsvariesData ArrayAmounts credited to or deducted from account to resolve processing or billing discrepancies.

    See adjustments Node for more information.
    chargebacksvariesData ArrayThis array represents all the chargebacks for the given date provided. The chargebacks node is only available for merchants configured to obtain this data, and is only returned if chargeback data is available for the given date.

    See chargebacks Node for more information.
    fundingdate8Funding Date YYYY-MM-DDThe date of the bank funding event.
    merchid16NThe merchant account ID related to the funding event.
    datechanged8Date YYYY-MM-DDThe date the record was last updated.
    fundingmasterid22Funding Master IDUnique key for an aggregated merchant's daily funding.

    fundings Node

    FieldContentMax LengthDescription
    fundingmasteridFunding Master ID22Unique key for an aggregated merchant's daily funding.
    merchidMerchant ID25Merchant identifier assigned by host.
    netsalesNet Sales12Total sales processed by merchant.
    thirdpartyThird Party12Transactions that are passed directly to a third party service provider for processing and/or funding.
    adjustmentAdjustment12Amounts credited to or deducted from account to resolve processing or billing discrepancies.
    interchangefeeInterchange Fees12Variable amounts established by the card associations for processing transactions.
    servicechargeService Charges12Amounts charged to authorize, process, and settle card transactions.
    feeFees12A range of transaction-based and/or fixed amounts for specific card processing services.
    reversalReversals12Transactions that are challenged or disputed by a cardholder or card-issuing bank.
    otheradjustmentOther Adjustment12General adjustment classification, when no adjustment type is provided by the host.
    totalfundingFunding Amount12Total amount of merchant debit or credit event.
    fundingdateFunding Date8The date of the bank funding event.
    currencyCurrency Code3Three digit code identifying the funded currency. 

    Refer to the Response Appendix (Currency Codes) for possible field values. 
    ddanumberDDA Number20Masked demand deposit account number
    abanumberABA Number20American Bankers Association (ABA) that identifies the bank
    fundingidN22Unique key identifier for merchants with daily funding activity
    datechangedDate YYYY-MM-DD8The date when the record was last updated
    dateaddedDate YYYY-MM-DD8The date when the transaction was created
    deposittrancodeDeposit Transaction Code10
    depositachtracenumberDeposit ACH Trace Number20

    txns Node

    FieldContentMax LengthDescription
    fundingtxnidTransaction ID22The fundingmasterid associated with the transaction.
    retrefGateway ID30Gateway retrieval reference number (aka retref).
    authcodeAuthorization Code6The authorization code returned by the issuer.
    authdateAuthorization Date14The date on which the authorization was processed, in the format YYYYMMDDHHMMSS.
    respcodeResponse code-Alpha-numeric response code that represents the description of the response.
    batchidBatch ID12The batch ID, automatically created and assigned unless otherwise specified in the authorization request.
    cardprocCard Processor4The processor that the MID is configured to use.
    interchangeunitfeeInterchange unit fee12Unit-based fee charged for acceptance of card transaction.
    interchangepercentfeeInterchange percent fee12Percentage-based fee charged for acceptance of card transaction.
    dateTransaction Date8Date the transaction occurred.
    cardnumberCard Number25Masked card number used for transaction.
    cardtypeCard Type20Type of card used for transaction.

    Refer to the Response Appendix (Card Type) for possible field values. 
    cardbrandCard Brand30The brand associated with the card.

    Refer to the Response Appendix (Card Brand) for possible field values. 
    amountAmount12The transaction amount.
    currencyCurrency Code3Three character currency code associated to transaction.

    Refer to the Response Appendix (Currency Codes) for possible field values. 
    typeType25Type of transaction Processed.

    Refer to the Response Appendix (Transaction Type) for possible field values. 
    statusType100Status of transaction Funding.

    Refer to the Response Appendix (Transaction Status) for possible field values. 
    userfieldn Custom Field20A value passed by the merchant with the original authorization to further identify the transaction (see "userfields" within the Authorization Service).

    The response can include up to 10 custom userfields, labeled userfield0 through userfield9.


    Currently, the userfieldn is not supported in UAT for testing.

    fundingidFunding Identifier22CardPointe unique key identifier for merchant transaction funding activity.
    plancodeInterchange Level10An alpha-numeric value representing the applicable interchange rate.
    downgradereasoncodesDowngrade Reason Codes100The downgrade reason codes associated with the transaction, if applicable.
    invoicenumberInvoice NumberNumThe invoice number from the original transaction, if applicable.
    sourcetransactionidSource Transaction ID100The source transaction ID, (either the CardPointe Gateway transaction GUID or the BluePay Gateway source transaction ID) for the transaction.
    terminalnumberTerminal Number10
    achreturncodeACH Return Code5

    Alpha-numeric code that provides additional information for rejected ACH transactions.

    See Using the Funding Endpoint in the CardPointe Gateway Developer Guides for possible field values.

    parentretrefParent Retrieval Reference Number30The original (or prior) transaction associated with a refund or ACH Return.

    adjustments Node

    FieldContentMax LengthDescription
    fundingadjustmentidFunding Adjustment ID22CardPointe unique system identifier for adjustment.
    fundingmasteridFunding Master ID22Unique key for an aggregated merchant's daily funding.
    merchidMID25Merchant identifier assigned by host.
    categoryAdjustment Group100Category of deposit adjustment 

    Refer to the Response Appendix (Adjustment Group) for possible field values. 
    typeAdjustment Group Description100Type of deposit adjustment.
    descriptionAdjustment Description200Detailed description of adjustment.
    amountAdjustment Amount12Amount of adjustment.
    currencyCurrency Code10Three digit code identifying the funded currency.

    Refer to the Response Appendix (Currency Code) for possible field values. 
    datechangedDate Changed8The date when the record was last updated, in the format YYYY-MM-DD.
    dateaddedDate Added8The date when the transaction was created, in the format YYYY-MM-DD.

    If no adjustment detail is listed by the host, any offset to the funding amount will be listed as other adjustment in this record.

    chargebacks Node

    Chargeback data is only applicable to specific clients that have been configured appropriately. This node is only returned if chargeback records are present for the given date.

    FieldContentMax LengthDescription
    depositdateDeposit Date8The merchant's deposit date associated with the chargeback record, in the format YYYY-MM-DD.
    amountChargeback Amount20, 2 decThe amount of the chargeback to the cardholder's account.
    transactiondateTransaction Date8The date of the original transaction, in the format YYYY-MM-DD.
    reasondescriptionChargeback Description200A description of the chargeback reason, useful in understanding or disputing the chargeback.


    See Chargeback Reason Codes and Descriptions in the Response Appendix below for more information.
    reasoncodeChargeback Reason Code4An alphanumeric code returned by the issuer, that provides the reason for the chargeback. 


    See Chargeback Reason Codes and Descriptions in the Response Appendix below for more information.
    datechangedDate Changed8The date of the most recent update to the chargeback event record, in the format YYYY-MM-DD.
    sourcetransactionidSource Transaction ID100The source transaction ID, (either the CardPointe Gateway transaction GUID or the BluePay Gateway source transaction ID) for the original transaction associated with the chargeback.
    transactionamountTransaction Amount20, 2 decThe amount of the original transaction associated with the chargeback.
    chargebackdateDate of Chargeback8The date that the chargeback event occurred, in the format YYYY-MM-DD
    sequencenumberChargeback Sequence Number30The chargeback sequence number, returned by the processor.
    dateaddedDate Added8The date that the chargeback record was added to the master funding event, in the format YYYY-MM-DD
    merchidMerchant ID30The merchant ID associated with the original transaction associated with the chargeback.
    authcodeAuthorization code8The authorization code for the original transaction associated with the chargeback.
    fundingmasteridFunding Master ID22The unique ID for the funding record that includes the chargeback.
    fundingchargebackidFunding Chargeback ID-The unique ID for the chargeback record within the parent funding record.
    casenumberChargeback Case Number30

    A unique case number returned by the processor.

    acquirereferencenumberAcquirer Reference Number30A unique reference number for the chargeback record, returned by the acquirer/issuer.
    cardnumberMasked Card Number30The masked card number from the original transaction associated with the chargeback.
    retrefRetrieval Reference Number, CardPointe Transaction ID30The retref from the original transaction associated with the chargeback.
    invoicenumberTransaction Invoice Number-The invoice number from the original transaction associated with the chargeback, if applicable.

    Response Appendix

    Card Type Responses

    See below for a legend of possible return values for the cardtype field. 

    Card TypeDescription
    CreditPayment card issued by a bank, business, etc., allowing the holder to purchase goods or services on credit.
    DebitPayment card issued by a bank allowing the holder to transfer money electronically to another bank account when making a purchase.
    EBTElectronic Benefit Transfer is an electronic system that allows state welfare departments to issue benefits via a magnetically encoded payment card.

    Card Brand Responses

    See below for a legend of possible return values for the cardbrand field. 

    Card BrandDescription
    MCMasterCard
    VISAVisa
    DSCVDiscover
    UNKNUnknown
    AMEXAmerican Express
    WEXWright Express
    VYGRVoyager
    TELTelecheck
    DNRDiners
    JCBJapan Credit Bureau
    BMLBill Me Later
    RMRevolution Money

    Currency Code Responses

    The CardPointe Gateway adheres to the ISO 4217 standards for currency code identification as set forth by the International Organization for Standards (ISO) . Please refer to http://www.iso.org/iso/currency_codes for a comprehensive mapping of alphabetic codes.

    Transaction Type Responses

    See below for a legend of possible return values for the type field. 

    Transaction TypeDescription
    SALESale or ticket-only sale.
    REFUNDCredit back of a sale due to a return or refund.
    CASH ADVANCECash Advance
    VOID SALEVoid a sale or ticket-only sale or a cash advance.
    VOID REFUNDVoid a return or refund.
    AUTH REQUESTAuthorization request.
    ACCOUNT VERIFYAccount verification.
    UNKNOWNSource data transaction type not mapped.

    Transaction Status Responses

    See below for a legend of possible return values for the status field. 

    Transaction StatusDescription
    AuthThe credit card authorization request was processed successfully.
    CapturedThe credit card authorization was captured, and the request was processed successfully by the payment processor.
    VoidedA deletion of the transaction information.
    FailureThe credit card (authorization, capture, or credit) or check (debit or credit) request failed.
    RejectedA rejection of the transaction information due to duplicate transaction or fraud protection.
    DeclinedA response from the card issuer denying the use of the card for the attempted transaction.
    SettledThe check debit or credit request was processed successfully.
    ProcessedThe transaction was fully processed.

    Note: for ACH transactions, the Processed status is displayed for rejected transaction. See the achreturncode field for more information on the transaction.
    UnknownTransaction status not supplied.

    Adjustment Group Responses

    See below for a legend of possible returns for the category field.

    Adjustment GroupAdjustment Group Detail
    ADJUSTMENTSDEPOSIT ADJUSTMENTS
    ADJUSTMENTSFINANCIAL ADJUSTMENTS
    ADJUSTMENTSAGENT BANK
    ADJUSTMENTSCASH ADVANCE ADJUSTMENT
    ADJUSTMENTSCOST OF FUNDS
    ADJUSTMENTSDEPOSIT ADJUSTMENTS
    FEESFEES
    FEESADDRESS VERIFICATION
    FEESAUTHORIZATIONS
    FEESACCOUNT MANAGEMENT FEES
    FEESWS INFO. MGR.
    FEESCHARGEBACK TRANSACTION PROCESSING
    FEESDEBIT
    FEESDATA CAPTURE
    FEESCES IMAGE
    FEESEQUIPMENT
    FEESCOMMUNICATION
    FEESCASH ADVANCE
    FEESCES LINK
    FEESCHECK SERVICES
    FEESFUNDS TRANSFER
    FEESSUPPLIES
    FEESFOREIGN HANDLING
    FEESREPORT
    FEESCES TRANSLINK
    FEESUSAVE
    INTERCHANGE CHARGESINTERCHANGE CHARGES
    INTERCHANGE CHARGESINTERCHANGE
    INTERCHANGE CHARGESASSESSMENT
    INTERCHANGE CHARGESNON-QUAL TRANSACTIONS
    INTERCHANGE CHARGESAGENT INTERCHANGE
    INTERCHANGE CHARGESINTERCHANGE/ASSESSMENT ADJ.
    INTERCHANGE CHARGESDEBIT
    REVERSALCHARGEBACKS/CHARGEBACK REVERSALS
    REVERSALDEBIT ADJUSTMENTS
    REVERSALDEBIT ADJUSTMENT REVERSAL
    SERVICE CHARGESSERVICE CHARGES
    SERVICE CHARGESSERVICE CHARGE ADJUSTMENTS
    SERVICE CHARGESDEBIT SERVICE CHARGE
    THIRD PARTYTHIRD PARTY ADJUSTMENTS
    OTHER ADJUSTMENTOTHER ADJUSTMENT

    Chargeback Reason Codes and Descriptions

    Card BrandreasoncodereasondescriptionDays to DisputeDispute Category
    Amex A01 No Valid Authorization/Excessive Amount 120 Authorization
    Amex A02 No Authorization/Invalid Approval Code 120 Authorization
    Amex A08 Authorization Approval Code Expired 120 Authorization
    Amex C02 Credit Not Processed 120 Cardholder Dispute
    Amex C04 Credit Not Processed / Returned Merchandise 120 Cardholder Dispute
    Amex C05 Credit Not Processed / Cancelled Transaction 120 Cardholder Dispute
    Amex C08 Non Receipt of Merchandise / Service 120 Cardholder Dispute
    Amex C14 Paid By Other Means 120 Processing Errors
    Amex C18 Cancelled Trans / No Show 120 Cardholder Dispute
    Amex C28 Cancelled Recurring 120 Cardholder Dispute
    Amex C31 Cardholder Dispute - Not As Described 120 Cardholder Dispute
    Amex C32 Cardholder Dispute - Defective 120 Cardholder Dispute
    Amex F10 No swipe - keyed transaction 120 Fraud
    Amex F14 No Signature Obtained 120 Fraud
    Amex F24 Fraud - No Cardholder Knowledge 120 Fraud
    Amex F29 Fraudulent Transaction - Card Not Present 120 Fraud
    Amex F30 EMV Counterfeit 120 Fraud
    Amex F31 EMV Lost/Stolen/Non Received 120 Fraud
    Amex FR2 Fraud - Full Recourse Agreement 120 Fraud
    Amex FR4 Immediate Chargeback Program - Miscellaneous
    Amex FR5 Immediate Chargeback Program - Miscellaneous
    Amex FR6 Immediate Chargeback Program - Miscellaneous
    Amex M01 Merchant Accepted Chargeback - Miscellaneous
    Amex M04 Merchant Accepted Chargeback - Miscellaneous
    Amex M10 Capital damages - Miscellaneous
    Amex M11 CM Credited- Chargeback Reversed - Miscellaneous
    Amex M19 Offset Adjustment - Miscellaneous
    Amex M23 Offset Adjustment - Miscellaneous
    Amex M27 Offset Adjustment - Miscellaneous
    Amex M29 Discount Fees - Miscellaneous
    Amex M36 Dispute Other - Miscellaneous
    Amex M38 Chargeback Reversed - Miscellaneous
    Amex M42 Chargeback Reversal Expired - Miscellaneous
    Amex M43 Marketing Programs - Miscellaneous
    Amex M44 Marketing Programs - Miscellaneous
    Amex M45 Offset adjustment - Miscellaneous
    Amex M46 Offset adjustment - Miscellaneous
    Amex M49 Unauthorized Charge - Car Rental 120 Fraud
    Amex P01 Non-Matching Account Number 120 Authorization
    Amex P03 Credit Posted as a Card Sale 120 Processing Errors
    Amex P04 Card Sale Posted as a Credit 120 Processing Errors
    Amex P05 Transaction amount differs 120 Processing Errors
    Amex P07 Late Presentment 120 Processing Errors
    Amex P08 Duplicate Processing 120 Processing Errors
    Amex P22 Card Number Does Not Match Original Charge - Authorization
    Amex P23 Correct Transaction Currency Code Not Provided 120 Processing Errors
    Amex R03 Insufficient Doc - Miscellaneous
    Amex R13 Retrieval Response Not Received - Miscellaneous
    Discover 4534 DP Duplicate Processing 120 Processing Errors
    Discover 4541 AP Recurring Payments 120 Cardholder Dispute
    Discover 4542 LP Late Presentation 120 Processing Errors
    Discover 4550 CD Credit/Debit Posted Incorrectly 120 Processing Errors
    Discover 4553 RM Cardholder Disputes Quality of Goods or Services 120 Cardholder Dispute
    Discover 4586 AW Altered Amount 120 Processing Errors
    Discover 4752 AA Does Not Recognize 120 Fraud
    Discover 4753 IN Invalid Card Number 120 Fraud
    Discover 4755 RG Non-Receipt of Goods or Services 120 Cardholder Dispute
    Discover 4757 TF Violation of Operating Regulations 120 Authorization
    Discover 4762 05 Good Faith Investigation 120 Fraud
    Discover 4863 AT Authorization NonCompliance 120 Authorization
    Discover 4864 NF Non-Receipt of Case from ATM 120 Cardholder Dispute
    Discover 4865 PM Paid by Other Means 120 Processing Errors
    Discover 4866 UA05 Fraud Chip Card Counterfeit Transaction 120 Fraud
    Discover 4867 UA06 Fraud Chip and PIN Transaction 120 Fraud
    Discover 6050 DC Dispute Compliance 120 Authorization
    Discover 7010 UA01 Fraud - Card Present Transaction 120 Fraud
    Discover 7030 UA02 Fraud - Card Not Present Transaction 120 Fraud
    Discover 8002 RN2 Credit Not Processed 120 Cardholder Dispute
    MasterCard 07 Warning Bulletin File  - Authorization
    MasterCard 08 Authorization Related 90 Authorization
    MasterCard 12 Account number not on file  - Authorization
    MasterCard 31 Transaction amount differs 120 Proccessing Errors
    MasterCard 34 Point of Interaction Error 120 Proccessing Errors
    MasterCard 37 No Cardholder Authorization 120 Fraud
    MasterCard 40 Fraudulent Processing of Transactions 120 Fraud
    MasterCard 41 Cancelled Recurring Digital Goods Transaction 120 Cardholder Dispute
    MasterCard 42 Late Presentment 120 Proccessing Errors
    MasterCard 46 Correct Transaction Currency Code not provided 120 Proccessing Errors
    MasterCard 49 Questionable Merchant Activity 120 Fraud
    MasterCard 50 Installment Billing 120 Cardholder Dispute
    MasterCard 53 Cardholder Dispute Defective\Not as Described 120 Cardholder Dispute
    MasterCard 54 Cardholder Dispute Not Elsewhere Classified (US Region only) 120 Cardholder Dispute
    MasterCard 55
    Goods or Services Not Provided
    120 Cardholder Dispute
    MasterCard 59 No Show, Addendum, or ATM Dispute 120 Cardholder Dispute
    MasterCard 60 Credit Not Processed 120 Cardholder Dispute
    MasterCard 63 Cardholder Does Not Recognize-Potential Fraud 120 Fraud
    MasterCard 70 Chip Liability Shift 120 Fraud
    MasterCard 71 Chip/PIN Liability Shift 120 Fraud
    Visa 30 Services/Merchandise Not Rendered 120 Cardholder Dispute
    Visa 41 Cancelled Recurring Transaction 120 Cardholder Dispute
    Visa 53 Not As Described/Defective 120 Cardholder Dispute
    Visa 57 Fraudulent Processing of Transactions 120 Fraud
    Visa 62 Counterfeit Transaction 120 Fraud
    Visa 71 Authorization Request Declined 75 Authorization
    Visa 72 No Authorization 75 Authorization
    Visa 73 Expired Card 75 Authorization
    Visa 74 Late Presentment 120 Processing Errors
    Visa 75 Cardholder Does Not Recognize 120 Fraud
    Visa 76 Incorrect Transaction Code(Credit Posted as a Purchase) 120 Processing Errors
    Visa 77 Non-Matching Account Number 75 Authorization
    Visa 80 Incorrect Transaction Amount Or Account number 120 Processing Errors
    Visa 81 Fraud- Card Present Environment 120 Fraud
    Visa 82 Duplicate Processing 120 Fraud
    Visa 82 Duplicate Processing 120 Processing Errors
    Visa 83 Fraud- Card Not Present Environment 120 Fraud
    Visa 85 Credit Not Processed 120 Cardholder Dispute
    Visa 86 Paid by Other Means 120 Processing Errors
    Visa 90 Non-Receipt of Cash at ATM 120 Cardholder Dispute
    Visa 93 Fraud Monitoring Program 120 Fraud
    Visa 70 Int'l only Card Recovery Bulletin or Exception File 75 Authorization
    Visa 78 Int'l only Service Violation Code 75 Authorization
    Visa 1010 EMV Liability Shift Counterfeit Fraud up to 120 days Fraud
    Visa 1020 EMV Liability Shift Non-Counterfeit Fraud up to 120 days Fraud
    Visa 1030 Other Fraud – Card Present Environment up to 120 days Fraud
    Visa 1040 Other Fraud – Card Absent Environment up to 120 days Fraud
    Visa 1050 Visa Fraud Monitoring Program up to 120 days Fraud
    Visa 1110 Card Recovery Bulletin up to 120 days Authorization
    Visa 1120 Declined Authorization up to 120 days Authorization
    Visa 1130 No Authorization up to 120 days Authorization
    Visa 1210 Late Presentment up to 120 days Processing Errors
    Visa 1220 Incorrect Transaction Code up to 120 days Processing Errors
    Visa 1230 Incorrect Currency up to 120 days Processing Errors
    Visa 1240 Incorrect Account Number up to 120 days Processing Errors
    Visa 1250 Incorrect Amount up to 120 days Processing Errors
    Visa 1261 Duplicate Processing up to 120 days Processing Errors
    Visa 1262 Paid by Other means up to 120 days Processing Errors
    Visa 1270 Invalid Data up to 120 days Processing Errors
    Visa 1310 Merchandise/Services Not Received up to 120 days Cardholder Dispute
    Visa 1320 Cancelled Recurring up to 120 days Cardholder Dispute
    Visa 1330 Not As Described or Defective Merchandise/Services up to 120 days Cardholder Dispute
    Visa 1340 Counterfeit Merchandise up to 120 days Cardholder Dispute
    Visa 1350 Misrepresentation up to 120 days Cardholder Dispute
    Visa 1360 Credit Not Processed up to 120 days Cardholder Dispute
    Visa 1370 Cancelled Merchandise/Services up to 120 days Cardholder Dispute
    Visa 1380 Original Credit Transaction Not Accepted up to 120 days Cardholder Dispute
    Visa 1390 Non-Receipt of Cash or Load Transaction Value up to 120 days Cardholder Dispute

    Profile

    A profile can consist of multiple sets of profile account data. Each set is assigned an account ID, which can be used in conjunction with the profile ID to access a specific account. The format is <profile ID>/<account ID> for use in each request’s profile field. One account in each profile will be marked as the default account and will be referenced when no account ID is supplied.

    In addition to the profile create and use features of the authorization service, the Profile services provides an independent method to create, update/replace, retrieve and delete a profile.

    A create or update request is made including the fields below (the same fields marked with asterisk in the authorization request). The service tokenizes the account property and creates the profile with a token and profile ID and optional account ID. One account ID in each profile can be marked as the default account. The default account will be used for all authorization requests when only the profile ID is supplied. If an account ID is present the service retrieves the existing profile and updates it, or returns profile not found.

    A profile can be associated with a maximum of 998 payment records (active/inactive).

    Profile Service URLs

    The profile service provides three methods.

    MethodURLHeaders
    PUT or POST
    (Create/Update)
    https://<site>.cardconnect.com/cardconnect/rest/profile

    See the Create/Update Profile Request for more information.
    Content-Type: application/json
    Authorization: Basic
    GEThttps://<site>.cardconnect.com/cardconnect/rest/profile/<profile ID>/<account ID>/<merchid>

    If the account ID is omitted, then all accounts in the profile are returned.

    See the Get Profile Request for more information.
    Authorization:Basic
    DELETEhttps://<site>.cardconnect.com/cardconnect/rest/profile/<profile ID>/<account ID>/<merchid>

    If the account ID is omitted, then all accounts in the profile are deleted.

    If a profile or an account within a profile is associated with a CardPointe Billing Plan, then deleting the account or profile also cancels and deletes the billing plan.



    See the Delete Profile Request for more information.
    Content-Type: application/json
    Authorization: Basic

    Create/Update Profile Request

    A PUT or POST call to the profile endpoint creates a new profile or adds a new account to an existing profile. 

    The service tokenizes the account property and creates the profile with a token and profile ID and optional account ID. If the profile includes multiple accounts, one account ID in the profile can be marked as the default account by setting the defaultacct parameter to "Y." The default account will be used for all authorization requests when only the profile ID is supplied. 

    In addition to creating a new profile, you can use this service to do the following:

    • To update a profile, include an existing profile ID in the request. The service retrieves the existing profile and updates it with the values in the request. 
    • To update an account, include an existing profile ID and account ID pair in the request. The service retrieves the existing account data and updates it with the values in the request.
    • To add an account to an existing profile, include an existing profile ID and the new payment account data in the request. The service retrieves the existing profile and adds a new acctid containing the values in the request.

    Create/Update Profile Request URL

    https://<site>.cardconnect.com/cardconnect/rest/profile/

    If you attempt to create a new profile that exactly matches an existing profile, the new profile will not be created; instead the response includes the profileid and acctid for the existing profile.

    The following fields are checked for matches, and if all of the following fields match an existing profile, the new profile is not created:

    • merchid
    • token
    • accttype
    • expiry
    • name
    • address
    • city
    • state
    • country
    • postal
    • phone
    • email
    • auoptout

    If the request includes "defaultacct":"Y", the CardPointe Gateway will update the existing profile to set it as the default, and will return the existing profileid and acctid info in the response.

    You can submit a $0 authorization, including CVV and AVS verification, to validate the customer's information before creating a profile.

    Fields marked with an asterisk (*) are copied from the Authorization request.

    Fields in bold are required.

    FieldMax LengthTypeComments
    profile20+N20-digit profile ID and (optional) 3-digit account ID string in the format <profile id>/<account id>, required to update an existing profile.
    defaultacct1AN"Y" to assign as default account
    profileupdate1AN"Y" to update profile data with non-empty request data only as opposed to full profile replacement including empty values
    cofpermission*1AN

    Optionally specifies whether or not the cardholder provided consent to store their payment details in a profile.

    Specify one of the following values:

    • Y - The cardholder provided their consent to store and reuse their payment details.
    • N - The cardholder did not provide their consent.

    Defaults to N if not provided.

    auoptout1AN

    Specifies whether or not the profile is set to opt out of the CardPointe Account Updater service. Requires the merchant account to be enrolled in the Card Account Updater add-on.

    Specify one of the following values:

    • Y - Yes; updates are not retrieved for this profile.
    • N - No; updates are retrieved for this profile.

    Defaults to N if not provided.

    accttype6ANOne of PPAL, PAID, GIFT, PDEBIT, otherwise not required
    merchid*16NMerchant ID, required for all requests
    account*19NOne of the following:
    • CardSecure Token - See the CardSecure Developer Guide for more information.
    • Clear-text card number
    • Bank Account Number - Account(s) must be entitled with electronic check capability. When using this field, the bankaba field is also required.
    bankaba9NBank routing (ABA) number, ECHK only
    expiry8NCard expiration in one of the following formats:
    • MMYY
    • YYYYM (for single-digit months)
    • YYYYMM
    • YYYYMMDD

    Not required for eCheck (ACH) or digital wallet (for example, Apple Pay or Google Pay) payments.

    name30ANAccount name; optional for credit cards, but required for E-check/ACH authorizations.
    address30ANAccount street address.
    city30ANAccount city.
    region20ANAccount US state, Mexican state, or Canadian province.
    country3ANAccount country (2 character country code).
    phone15ANAccount phone; optional for credit cards, but required for ACH(ECHK or ESAV) transactions.
    postal10ANAccount postal code.
    if country is "US", must be 5 or 9 digits
    otherwise any alphanumeric string is accepted
    company128ANCompany name associated with the account.
    email128ANE-Mail address of the account holder

    Create/Update Profile Response

    FieldMax LengthTypeComments
    profileid20NPrimary identifier to access profiles
    acctid3NAccount identifier within a profile
    respstat1AA - Approved
    B - Retry
    C - Declined
    token19ANThe token included in the request. If a card number or bank account number was included in the request, returns a new token generated for that account. 
    respcode3AAlpha-numeric response code that represents the description of the response.
    resptext40AText description of response.
    respproc4AAbbreviation that represents the platform and the processor for the transaction.
    accttype6AThe account type.
    expiry8NCard Expiration.
    name30ANAccount name.
    address30ANAccount street address.
    city30ANAccount city.
    region20ANUS State, Mexican State, Canadian Province.
    country3ANAccount country (2 character country code).
    phone15ANAccount phone.
    postal10ANAccount postal code.
    email128ANEmail address of the account holder.
    company128ANCompany name associated with the account.
    defaultacct1AY marks the default account referenced when a profile ID is used without an associated account ID.
    gsacard1AIdentifies if the card is a government issued card.
    auoptout1AIdentifies whether or not the profile is set to opt out of the CardPointe Account Updater service.
    • Y = Yes (updates are not retrieved for this profile)
    • N = No (updates are retrieved for this profile)
    cofpermission1ANIdentifies whether or not the cardholder provided consent to store their payment details in a profile.

    One of the following values:

    • Y - The cardholder provided their consent to store and reuse their payment details.
    • N - The cardholder did not provide their consent.

    Get Profile Request

    A GET request to the profile endpoint returns the stored data for the specified profile ID. 

    If the profile includes more than one account, you can specify an account ID to retrieve data for a specific account. If you do not include an account ID, then data for all accounts in the profile is returned in the response.

    Get Profile Request URL

    https://<site>.cardconnect.com/cardconnect/rest/profile/<profile ID>/<account ID>/<merchid>

    Fields in bold are required.

    FieldMax LengthTypeComments
    profile ID20NPrimary identifier to access profiles
    account ID3NAccount identifier within a profile
    merchid16NCardPointe merchant ID (MID) required in all requests.

    Get Profile Response

    FieldMax LengthTypeComments
    profileid20NThe primary profile identifier.
    acctid3NThe account identifier within a profile.
    accttype6ANThe value supplied in account creation; VISA, MC, DISC, ECHK.
    token19NThe token associated with the account.
    expiry8NCard expiration in either MMYY or YYYYMMDD format.
    name30ANAccount name; optional for credit cards, but required for ACH (ECHK or ESAV).
    address30ANAccount street address.
    city30ANAccount city.
    region20ANAccount US state, Mexican state, or Canadian province.
    country3ANAccount country (2 character country code).
    postal10ANAccount postal code.
    If country is "US", must be 5 or 9 digits, otherwise any alphanumeric string is accepted.
    company128ANCompany name associated with the account.
    defaultacct1ANY marks the default account referenced when a profile ID is used without an associated account ID
    auoptout1ANIdentifies whether or not the profile is set to opt out of the CardPointe Account Updater service.
    • Y = Yes (updates are not retrieved for this profile)
    • N = No (updates are retrieved for this profile)
    cofpermission1ANIdentifies whether or not the cardholder provided consent to store their payment details in a profile.

    One of the following values:

    • Y - The cardholder provided their consent to store and reuse their payment details.
    • N - The cardholder did not provide their consent.
    gsacard1ANIdentifies whether the card is government issued.

    Delete Profile Request

    A DELETE request to the profile endpoint deletes the stored data for the specified profile ID. 

    If the profile includes more than one account, you can specify an account ID to delete data for a specific account. If you do not include an account ID, then data for all accounts in the profile is deleted.

    If a profile or an account within a profile is associated with a CardPointe Billing Plan, then deleting the account or profile also cancels and deletes the billing plan.

    Delete Profile Request URL

    https://<site>.cardconnect.com/cardconnect/rest/profile/<profile ID>/<account ID>/<merchid>

    Fields in bold are required.

    FieldMax LengthTypeComments
    profile ID20NPrimary identifier to access profiles
    account ID3NAccount identifier within a profile
    merchid16NCardConnect merchant ID (MID) required in all requests.

    Delete Profile Response

    FieldMax LengthTypeComments
    resptext20AProfile delete request status
    respcode6NResponse code assigned by the CardPointe Gateway on the delete request
    respproc6AResponse processor - Always PPS for a profile delete request
    respstat1AResponse status:
    A = Approved
    C = Not found

    Signature Capture

    This signature capture service augments an existing authorization record with the provided signature data. The signature can then be retrieved by an inquire request.

    Signature Capture Service URL

    MethodPUT or POST
    URLhttps://<site>.cardconnect.com/cardconnect/rest/sigcap
    HeadersContent-Type: application/json
    Authorization: Basic

    Signature Capture Request

    Fields in bold are required.

    FieldMax LengthTypeComments
    merchid12NMerchant ID, required for all requests
    retref12NCardPointe retrieval reference number from authorization response
    signature6146ANJSON Encoded, Base64 Encoded, GZipped, BMP (200x100px) image. Omit to erase an associated signature.

    Signature Capture Response

    FieldTypeComments
    resptextANResponse text
    respcodeNResponse code (02 - success, 03 - failure)
    retrefNProvided retref
    merchidNProvided merchid

    BIN

    The BIN service allows you to use a CardSecure token to determine what type of payment card is being used. The first six (6) digits of a credit card are known as the Bank Identifier Number (BIN), also known as an Issuer Identification Number (IIN). 

    The BIN service supports the Visa, Mastercard, Amex, Discover, Diners, and JCB card brands.  

    Visa and Mastercard return all parameters described in the BIN response. For other card brands, only the country, product, and bin parameters are relevant.

    BIN Service URL

    MethodGET
    URLhttps://<site>.cardconnect.com/cardconnect/rest/bin/<merchid>/<token>
    HeaderAuthorization: Basic

    BIN Response

    FieldTypeComments
    countryAIssuer country of origin
    productACard type, one of the following:
    • A = Amex
    • D = Discover
    • M = Mastercard
    • N = Non-co-branded debit card
    • V = Visa
    binNThe bank identification number (BIN) of the card used.
    cardusestringAGeneral usage type, one of the following:
    • Credit Hybrid (PIN and Signature)
    • PIN Only Debit with Electronic Benefit Transfer
    • Debit Hybrid (PIN and Signature)
    • USA Commercial Debit, Signature Only, No PIN Access
    • USA Commercial Debit, PIN Capable
    • Non USA Consumer Debit, No PIN Access
    • Non USA Commercial Debit, No PIN Access
    • Non USA Consumer Debit, PIN Capable
    • Non USA Commercial Debit, PIN Capable
    • PIN Only Debit without Electronic Benefit Transfer
    • Private Label Credit (MasterCard)
    • Signature only Debit, No PIN Access
    • True credit, No PIN/Signature capability
    gsabooleanTrue
    False
    corporatebooleanTrue
    False
    fsabooleanTrue
    False
    subtypeADetailed subtype of card, blank if not available.
    purchasebooleanTrue
    False
    prepaidbooleanTrue
    False
    issuerACard issuing bank/institution
    binloNThe low end of the BIN range that includes the card’s BIN value. Masked after the first six (6) digits.
    binhiNThe high end of the BIN range that includes the card’s BIN value. Masked after the first six (6) digits.

    BIN Missing or Error Response

    FieldTypeComments
    successbooleanTrue = successful request, but no BIN information available.
    False = an error occurred during the request
    errormsgAReason for error