Authorization validation rules for card network operations

The Pismo platform follows a list of rules to validate a transaction. After performing these validations and determining whether to accept or reject the transaction, the platform delivers the validation results data to the client in the Network authorization event.

📘

The Network Authorization event is the primary event for verifying authorizations. However, the authorization workflow sends other events that you should also consume. For more information, see Authorization events.

The transaction validation rules depend on whether the client is full balance or zero balance:

  • In full balance integration, the platform sends the same validation results data in a request to an external anti-fraud service provided by one of Pismo's partners. You select which partner you want Pismo to use for this service during program setup.
  • In zero balance integration, the platform sends the validation results data in a request to a card issuer webhook, which you must register during setup. You should use this data to perform your own set of validations.

If the anti-fraud service (for full balance) or your own validation process (for zero balance) denies the transaction, then the Pismo platform notifies the card network that the transaction is denied.

If the Pismo platform denies the transaction, but the anti-fraud service or your validation process approves it, the platform's behavior depends on how your program is configured. The next section explains this in detail.

📘

International installment purchases

While making purchases in installments is common in Brazil, the Pismo platform does not support this payment method for international purchases. Authorizations for installment purchases will be denied.

Overriding the response code

There are several settings that can override the response code:

  • Override Response Code – If this setting is activated, the antifraud system can override the Pismo platform's response code. Suppose a purchase is declined by Pismo with response code 57. In this scenario, the antifraud system might override it with another valid response code such as 63. Since the response code is what the Pismo platform sends to the network, overriding it effectively overrides the platform's decision as far as the network is concerned. Internally, however, the platform's decision is not overridden. To activate this setting, you open a service ticket with the Authorization team.
  • Override Pismo Decision – If this setting is activated, the antifraud system's decision is final. All Pismo platform decisions are overridden. To activate this setting, you open a service ticket with the Authorization team.
  • Override At Request Level – The antifraud system can force the Pismo platform to approve any given authorization request by including the parameter force_approve in its response and setting it to True.

See Overwrite the Pismo platform decision for more information.

Validation results data

After the Pismo platform finishes applying the validation rules to a transaction, it creates a list of objects containing the validation results. Each object represents the result of applying a specific validation rule. This data is sent to the client in the validation_resultsfield of the Network authorization event. It's also sent to the anti-fraud service (full balance integration) or to the card issuer webhook (zero balance integration).

📘

The validation_resultsfield of the Network Authorization event always contains the result for every rule in the list, even if that result is SKIPPED.

Every object in the list contains the following fields:

  • name – Name of the evaluated rule. You use this field to find the result of a specific validation. The order of the validations inside the list can change, so you must use the name field for this.
  • status – Identifies how the rule was evaluated: approved (APPROVED), rejected (REJECTED), or not evaluated (SKIPPED).
  • reason – The reason the rule was not approved. After identifying the rule itself using the field name, you can use this information to do your own monitoring. For example, you could monitor how many purchases were denied because of LEDGER_INSUFFICIENT_BALANCE.
  • description – Describes the validation result in a textual form. This field should not be used as a key. It's only intended to help you understand the validation result.
  • additional_data – This optional field contains important additional information related to the validation. You can use this information for your own monitoring. For example, you can monitor custom denial codes using the additional_data field of the Flex controls validation rule.
Validation results example
{
    "validation_results": [
        {
            "name": "MAGNETIC_STRIPE",
            "status": "SKIPPED",
            "reason": "NO_MAGNETIC_STRIPE",
            "description": "No magnetic stripe",
            "additional_data": {}
        },
        {
            "name": "TERMINAL_CAPABILITY",
            "status": "APPROVED",
            "reason": "TERMINAL_CAPABILITY_VALID",
            "description": "Terminal capability is valid",
            "additional_data": {}
        },
        {
            "name": "ARQC",
            "status": "SKIPPED",
            "reason": "NO_CRYPTOGRAM",
            "description": "No cryptogram present",
            "additional_data": {}
        },
        {
            "name": "CVM",
            "status": "APPROVED",
            "reason": "MDES_WITH_PIN_VALIDATED_OFFLINE",
            "description": "Mdes with pin validated offline",
            "additional_data": {}
        },
        {
            "name": "ENTRY_MODE",
            "status": "APPROVED",
            "reason": "ENTRY_MODE_VALID",
            "description": "Entry mode valid",
            "additional_data": {}
        },
        {
            "name": "CHIP_SIGNATURE",
            "status": "SKIPPED",
            "reason": "NO_CHIP_SIGNATURE",
            "description": "No chip signature present",
            "additional_data": {}
        },
        {
            "name": "CARD_EXISTS",
            "status": "APPROVED",
            "reason": "CARD_FOUND",
            "description": "Card exists.",
            "additional_data": {}
        },
        {
            "name": "CARD_MODE",
            "status": "APPROVED",
            "reason": "CARD_MODE_VALID",
            "description": "Valid card mode",
            "additional_data": {}
        },
        {
            "name": "CARD_TOKEN_STATUS",
            "status": "APPROVED",
            "reason": "CARD_TOKEN_STATUS_VALID",
            "description": "Card token status: ACTIVE.",
            "additional_data": {}
        },
        {
            "name": "PROGRAM",
            "status": "APPROVED",
            "reason": "PROGRAM_FOUND",
            "description": "Program ProgramId found.",
            "additional_data": {}
        },
        {
            "name": "PROGRAM_CONFIG",
            "status": "APPROVED",
            "reason": "PROGRAM_CONFIG_FOUND",
            "description": "Program found.",
            "additional_data": {}
        },
        {
            "name": "DCC",
            "status": "SKIPPED",
            "reason": "NOT_DCC_TRANSACTION",
            "description": "It is not a DCC transaction.",
            "additional_data": {}
        },
        {
            "name": "CONTACTLESS",
            "status": "APPROVED",
            "reason": "CONTACTLESS_ENABLED",
            "description": "Contactless enabled.",
            "additional_data": {}
        },
        {
            "name": "ACCOUNT_TYPE",
            "status": "APPROVED",
            "reason": "ACCOUNT_TYPE_VALID",
            "description": "Account Type: CREDIT_CARD_ACCOUNT. Card Mode: CREDIT.",
            "additional_data": {}
        },
        {
            "name": "CARD_ATC",
            "status": "APPROVED",
            "reason": "CARD_ATC_VALID",
            "description": "Received null but the last is null. Used these params: MinOffset: 5, MaxOffset: 15, IsAdvice: false.",
            "additional_data": {}
        },
        {
            "name": "OPERATION",
            "status": "APPROVED",
            "reason": "VALID_OPERATION",
            "description": "Valid operation (00) for OrgId (OrgId) and ProgramId (ProgramId).",
            "additional_data": {}
        },
        {
            "name": "PASSWORD_ATTEMPTS",
            "status": "APPROVED",
            "reason": "CARD_PASSWORD_ATTEMPTS_VALID",
            "description": "Password tries is valid.",
            "additional_data": {}
        },
        {
            "name": "CARD_INPUTTED_EXPIRATION_DATE",
            "status": "APPROVED",
            "reason": "CARD_INPUTTED_EXPIRATION_DATE_VALID",
            "description": "Card inputted expiration date is valid.",
            "additional_data": {}
        },
        {
            "name": "CARD_VALID_UNTIL",
            "status": "APPROVED",
            "reason": "CARD_VALID_UNTIL_VALID",
            "description": "Card is valid.",
            "additional_data": {}
        },
        {
            "name": "CARD_EXPIRATION_DATE",
            "status": "APPROVED",
            "reason": "CARD_NOT_EXPIRED",
            "description": "Card not expired.",
            "additional_data": {}
        },
        {
            "name": "CARD_STATUS",
            "status": "APPROVED",
            "reason": "CARD_STATUS_VALID",
            "description": "Card status: NORMAL.",
            "additional_data": {}
        },
        {
            "name": "ACCOUNT_LIMITS",
            "status": "APPROVED",
            "reason": "ACCOUNT_LIMITS_FOUND",
            "description": "Account limits exists.",
            "additional_data": {}
        },
        {
            "name": "ACCOUNT_STATUS",
            "status": "APPROVED",
            "reason": "ACCOUNT_STATUS_VALID",
            "description": "Account has a valid status: true.",
            "additional_data": {}
        },
        {
            "name": "CREDIT_LIMIT",
            "status": "APPROVED",
            "reason": "CREDIT_LIMIT_IMPACT_FOUND",
            "description": "Acceptances found.",
            "additional_data": {}
        },
        {
            "name": "MAX_TRANSACTIONS_FOR_TEMPORARY_CARD",
            "status": "SKIPPED",
            "reason": "MAX_TRANSACTIONS_IF_TEMPORARY_CARD_SKIPPED",
            "description": "Card is not temporary.",
            "additional_data": {}
        },
        {
            "name": "CARD_TRANSACTION_LIMIT",
            "status": "APPROVED",
            "reason": "LIMIT_APPROVED",
            "description": "Card transaction sufficient limit.",
            "additional_data": {}
        },
        {
            "name": "LEDGER",
            "status": "APPROVED",
            "reason": "LEDGER_APPROVED",
            "description": "Ledger validations approved.",
            "additional_data": {}
        },
        {
            "name": "RULES",
            "status": "SKIPPED",
            "reason": "RULES_NOT_ENABLED",
            "description": "Rules Evaluation not enabled.",
            "additional_data": {}
        },
        {
            "name": "ANTI_FRAUD",
            "status": "APPROVED",
            "reason": "ANTI_FRAUD_APPROVE",
            "description": "AntiFraud approved this authorization",
            "additional_data": {}
        },
        {
            "name": "PROGRAM_CONFIG",
            "status": "APPROVED",
            "reason": "PROGRAM_CONFIG_FOUND",
            "description": "Program found.",
            "additional_data": {}
        }
    ]
}

List of Rules

The following table lists all the rules the Pismo platform uses to validate transactions. Each rule links to a details page.