8 August 2025
Changes between 7 July and 8 August 2025
Click to Pay
New
Pismo now supports Click to Pay, a new secure, streamlined online checkout solution using tokenization. Most major card networks now have a Click to Pay service. Initially, Pismo supports Visa’s Click to Pay service. Support for Mastercard’s service is now in development. More card networks' Click to Pay services will be supported in the future. There is a new Click to Pay guide, a new Visa Click to Pay API, and a new Click to Pay event.
This feature is in beta, giving you early access to explore its capabilities and share feedback. Note that the functionality and API contracts might change before the production release. For more information or to join the beta program, contact your Pismo representative.
Balance configurations
Docs
References to balance configurations were updated throughout the guide and API reference documentation.
Client webhooks
Updated
The Zero balance validations webhook was updated with the following:
- Three new request fields were added to the Request fields list and the Sample request:
match_address,match_postal_code, andno_address_data. These three field values override Pismo’s matching results when informed, so they have been marked as not required in the Response fields list and removed from the Sample response. - Pismo now validates the account owner name and sends the result in the Zero Balance request payload. The client can return the same values/result received in the request or they can return different values/result based on their business case. The response from the client overrides Pismo's result. As a result, the following fields were also added to the Request fields list and the Sample request:
account_owner_dataaccount_owner_typeaccount_owner_name_firstaccount_owner_name_middleaccount_owner_name_lastadditional_service_result_dataaccount_name_request_resultfull_name_account_match_decisionlast_name_account_match_decisionmiddle_name_account_match_decisionfirst_name_account_match_decision
additional_service_request_dataaccount_name_request
- The
additional_service_request_datafield and theaccount_name_requestfield have been removed from the Response field and the Sample response.
Updated
The referral field has been removed and is no longer required in the anti-fraud Full balance webhook response. The example response in the Anti-fraud integration guide has also been updated to reflect this change.
Flex controls
Docs
The country_code and acquirer_country_code field descriptions in the flex controls endpoint documentation were improved to provide additional explanations.
Ledger
Updated
In the Update account limits endpoint, all amount limit field descriptions were updated to state that the ledger stores and reports the amount using the same number of decimal places as supplied in the request payload. Previously, the documentation incorrectly stated that the number of decimal places was two.
Updated
The Update account limits endpoint now includes the following new validations.
- The
max_credit_limitfield now includes validation that this value must not be less than thetotal_credit_limitor the program’s minimum credit limit parameter, and must not exceed the program’s maximum credit limit parameter. - The
total_installment_credit_limitfield now includes validation that this value must not exceed the program’s maximum credit limit parameter.
Organizations
Updated
The Update Org endpoint now includes two new fields: document_number and legal_proxy_name.
Payments
Fixed
In the Create cash-in or cash-out endpoint, the currency field name was corrected to be currency_code.
Programs
New
A new card-issuing program type for prepaid voucher meal/food cards has been added: VOUCHER.
Docs
The Program types guide now includes a new Sample credit program JSON section. Internally, the Pismo platform keeps a JSON file for each program. This sample shows what a typical credit program might look like, with the processing codes, transaction types, transaction categories, network acceptances, and program parameters given to a credit program upon creation.
Security
Docs
The Generate your JWT instructions in the Authentication with OpenID Connect guide were updated to clarify that you can use any trusted helper library that is compatible with your stack when generating your JSON web token.
Setup
New
The new program parameter Revolving statement summary at cycle closing is now available and is listed in the Program parameters guide.
Docs
The Program parameters guide was updated in the following ways.
- There was a duplicated display name: “Interest projection reversal “. The first instance of this name was changed to “Accruals reversal strategy”, which is the correct name for that parameter. Since the table is in alphabetical order, the row for this parameter was moved up.
- The duplicate row for “Maximum credit limit” was removed.
Instant payments
New
There is a new Pix instant payments API endpoint - Execute scheduled Pix-out transfer in advance. The endpoint performs a scheduled Pix-out transfer execution in advance. A scheduled transfer can have many executions if, for example, it is recurring.
Updated
A new required header field, Idempotency-Key, was added to the Instant payments - Pix payments > Scheduled transfers V2 endpoint.
Updated
Two new objects were added to the Instant payments - QR Code > Create dynamic COBV QR Code endpoint: withdraw and change. These objects can be used to make a cash withdrawal or cashback transaction.
Docs
The new Pix and QR Codes guide is now available. A Quick Response (QR) Code is a type of barcode that digital devices can scan and read. Pix uses QR Codes—specifically the Brazilian BR Code format adhering to Europay Mastercard Visa (EMV) standards—to embed payment details such as recipient account, Pix key, and in the case of dynamic codes, transaction amount and metadata. QR Codes can be used for immediate payments as well as scheduled and automatically-recurring payments.
Transaction banking
New
A new endpoint Get AES key is now available to enhance communication security using AES keys. This endpoint encrypts the response payload using a public key you have previously uploaded. Before this release, only files could be encrypted, not the response messages
Updated
The following error messages were added to the Create earmark, Update earmark, and Cancel earmark endpoints:
WEAM0039: Invalid business date for current business day cycle- This error occurs when clients submit a business date that is excessively old. There is a restriction on how far back a financial operation can be backdated.WEAM0041: Business date cannot be earlier than earmark creation date- This error occurs when clients try to update or cancel an earmark using a business date earlier than its creation date.WEAM0042: Future dated earmark operations are not allowed- This error occurs when clients use a future business date. Unlike payments, earmark operations don’t support future-dated transactions.WEAM0043: Cannot post transaction on holidays- This error occurs when transactions are posted on holidays.WEAM0044: Cannot post transaction on weekends- This error occurs when transactions are posted on weekends.
Updated
The Create operation block endpoint now includes a missing field created_at and an example to the 201 response payload.
Updated
In the Close transaction banking account and Update transaction banking account status endpoints, the following error message was added to notify clients who attempt to update an account that is already in its final status such as CLOSED:
WCAC0035: Account is currently in the final status
Updated
The following validation errors were added to the Request bulk settlement endpoint:
WSTM0010: Bulk settlement for the current date is allowed only after {hour}:{minute}, according to the division’s time zoneWSTM0011: Administrative division is misconfigured
Updated
The error WPMT0045: Back business dating is disabled was introduced to inform clients that backdated earmark requests are not allowed when Past business date toggle is disabled. This error was added to the following endpoints:
Authorization
Docs
The description of the Cancel authorization endpoint now points to its generated event, Network authorization received.
Card network integration
Updated
Due to a new release implemented by the card networks, the following validation codes were updated for CNC - Account cancelled.
| Old code | New code | |
|---|---|---|
| VDC (Visa) | 62 | 46 |
| MDC (Mastercard) | 57 | 62 |
| EDC (ELO) | 57 | 46 |
Card tokenization
New
A new tokenization endpoint is now available - Card token operation. This endpoint performs a token operation for a specific card.
New
The Card issuing - Tokenization > Visa Click to Pay > Get Visa CTP customer cards status endpoint now takes the Owner business ID (identifies the issuing entity creating or managing enrollment in Click to Pay) as a required header (x-owner-bid) parameter and not in the path. The Visa Click to Pay service API is currently in beta.
Cards
Updated
Pismo cards now support 6-digit Primary Identification Numbers (PINs) in addition to 4-digit PINs (or passwords). In the Create card endpoint, there is now a new pin_length field, which you can set to 4 or 6.
Updated
In the Create card endpoint, there is now a new generate_pvv boolean field (should a PIN Verification Value (PVV) be generated and inserted into the card tracks during embossing?) This is for physical cards. This is necessary for Visa's PVS service. Default is false.
Embossing
Docs
New sections about Embossing layouts and Embossing upload times were added to the Physical card embossing guide.
Statements
Updated
The body parameter cancel_at_start_date was added to the Configure account transaction category rates endpoint.
Updated
The header field x-account-id was removed from the Update statements calendar endpoint. It’s not needed, since the account ID is retrieved from the access token. Also, a note was added to the endpoint description explaining that the endpoint requires an account token.
Updated
The new create-accruals field was added to the Configure features by account status endpoint.
Updated
Two new fields, final_account_status and excluded_steps were added to the body parameters of the Close delinquent account endpoint.
Updated
The [optional] tag was removed from step 11 in Add a floating interest rate plan. This step is not optional if the benchmark index is provided (step 10). Since step 10 is required, this means that step 11 is also required.
Updated
In the table in the Multivalue program parameters guide, the description for the PAYMENTS_TTS parameter was corrected. The line “By default, the platform considers the following transaction types as payments: 282, 320, 342, 701, 711, 721, 2224” was changed to “By default, the platform considers the following transaction types as payments: 201, 244, 255, 276, 282, 320, 342, 701, 711, 721, 2224”.
Docs
The table in the Multivalue program parameters guide was updated and some information was added to the opening text.
Docs
A link to the Understanding statements guide was added in the descriptions of the following endpoints:
Docs
How to manually close a delinquent account instructions were updated to remove irrelevant information and specify which multivalue program parameter to use.
Merchants
Updated
The Create merchant transaction and Create reversal transaction endpoints now include processing_code and currency_code fields in the response body.
Updated
In the Create merchant transaction endpoint, you can now send a currency_code within the authorization object and a status within the acceptance object.
Deprecated
The following two endpoints have now passed the deprecation date and are no longer available:
- GET /v1/merchants/scheduler
- POST /v1/creditors
Deprecated
The merchant terminals endpoints, events, and related documentation were removed as they were not being used.
Transactions
New
The following new transaction endpoints for split transactions are now available.
Control Center
Docs
The Control Center documentation was updated to reflect the redesigned menu structure, making it easier to find what you need. The Get Started pages have also been refined to emphasize key features, guide you through navigation, and simplify access, login, and security topics.