2022-09-12 changelog

AccountsAnti-fraudAuthorizationDocumentationMigrationsSecurity

Highlights

πŸ“ New program configuration for anti-fraud timeout or error

A new program setting is now available to approve or deny an authorization if the anti-fraud process times out or returns an error. This setting determines whether to approve or deny an authorization if a client anti-fraud system is unavailable due to timeout or any other unexpected condition that returns the HTTP status code 500.

Previously, the authorizations were approved by default when a client anti-fraud system was unavailable. Now, to configure this new setting at the program level, you need to contact a Pismo representative.

πŸ“ Enhanced security of authorization flows

The authorization flow security within the Pismo platform has been enhanced to remove any logs with potentially sensitive data.

πŸ“Get daily account balance limits

The new endpoint is now available to list the account's daily balance limits. See the guide for additional information.

Updates and fixes

πŸ“ Updates to validation codes for authorization events

Validation codes for authorization events have been updated as follows:

  • The Mastercard and Visa denial have been updated to adhere to the ABECS (Brazilian Association of Credit Card and Services Companies) regulations that came into force in 2020.
  • Added codes for dealing with processing codes:
    • PCT - A timeout occurred in processing code definition.
    • PCE - Unexpected error in processing code definition.

πŸ“ Program ID added to authorization webhook request

Pismo's webhook request to authorize the issuer's debit (zero balance program) now contains the program ID.

πŸ“ Correction to handle account overlimit

The payments flow has been updated to correctly recognize the overlimit configuration for an account within a credit program. Overlimit is an emergency limit that the issuer makes available for users to access funds beyond their maximum available credit limit. You can configure the overlimit percentage to be applied on top of the maximum credit limit on the account by using the percentage_over_limit field in the Update limit of an account endpoint.

Documentation updates

πŸ“ Migrations API endpoints documented

The migrations API endpoints are now documented.

πŸ“ Improved core objects diagram

A new diagram in the Core objects guide explains in more detail the relationships among system objects and includes the concept of entities.

πŸ“ New Multifactor authentication guide

The new Multifactor authentication (MFA) guide explains Pismo's implementation of multifactor authentication for web applications in production environments.

πŸ“New Exchange rates guide

The new Exchange rates guide explains how you can use the latest endpoints to create and get daily exchange rates at the organization and program level. Note that the following endpoints are being deprecated and should not be used for any new development:

πŸ“ New events documentation

The following new documentation lists the endpoints and the events they generate:

πŸ“ New card network authorization flows documentation

The following new guides illustrate different authorization flows:

πŸ“ Event data guide updates

In the Event data guide:

  • Added an explanation of the β€œat least once delivery guarantee”.
  • Updated β€œJSON schemas in S3 bucket” section to reflect changes in how you access the schemas.