Authorization validation rules for platform operations [beta]
This guide contains the full list of authorization rules used by the Pismo platform to validate requests. An authorization for platform operations builds a validation result map with the status of each validation. The validation result map contains a list of validation result objects. Each object contains information in the following fields.
| Field | Description |
|---|---|
| name | Name of the evaluated rule. Use this field as the key to find the specific validation since the order of the validations inside the list can change. |
| status | Identifies if the rule was approved (APPROVED), rejected (REJECTED), or not evaluated during the validation flow (SKIPPED). |
| reason | Identifies the status reason why the specific rule was approved, rejected, or skipped. After identifying the rule itself using the field name, you can use the field reason to map specific scenarios that you want to monitor or create any rule for it. |
| description | Describes the validation result. This field should not be used as a key for any rule as it only aims to aid understanding of the validation result. |
| additional_data | Contains an object that holds important information related to that validation to help the system map scenarios and create rules over those validations. The contract for this field may be different for each validation, so every rule pattern can be found below. This object can also be empty. |
Response and denial codes
Account retrieval
When the authorization request from the payment methods service is performed using a Pismo account ID, the platform validates whether that account ID is valid and exists in the database. If any error occurs, the request is declined.
Name: ACCOUNT
Possible statuses: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ACCOUNT_FOUND | APPROVED | Account was found. | NA | 00 |
| ACCOUNT_SKIPPED | SKIPPED | Account validation was skipped. | NA | NA |
| ACCOUNT_NOT_FOUND | REJECTED | Account was not found. | IAD | 62 |
| ACCOUNT_ERROR | REJECTED | Internal error validating account. | SED | 96 |
Additional data: Contains the account ID received in the request.
Fields: account_id
Payload example:
{
"name": "ACCOUNT",
"status": "APPROVED",
"reason": "ACCOUNT_FOUND",
"description": "Account was found.",
"additional_data": {
"account_id": 9999
}
}
Account retrieval by bank account
When the payment methods authorization request is performed using the customer's bank, the platform validates whether that bank's information is valid and exists. If any error occurs or the account is not found based on the provided bank information, the request is declined.
Name: BANK_ACCOUNT
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| BANK_ACCOUNT_FOUND | APPROVED | Bank account was found. | NA | 00 |
| BANK_ACCOUNT_SKIPPED | SKIPPED | Bank account validation was skipped. | NA | NA |
| BANK_ACCOUNT_NOT_FOUND | SKIPPED | Bank account was not found. | BAN | 62 |
| BANK_ACCOUNT_ERROR | REJECTED | Internal error validating bank account. | BAE | 96 |
Additional data: Contains the account ID returned by the external system.
Fields: account_id
Payload example:
{
"name": "BANK_ACCOUNT",
"status": "APPROVED",
"reason": "BANK_ACCOUNT_FOUND",
"description": "Bank account was found.",
"additional_data": {
"account_id": 9999
}
}
Account retrieval by document number
When the payment methods authorization request is performed using a document number, the platform validates whether that document number is valid and exists. If any error occurs or the account is not found based on the provided document number, the request is declined.
Name: DOCUMENT_NUMBER
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| DOCUMENT_NUMBER_FOUND | APPROVED | Account was found successfully based on document number. | NA | 00 |
| DOCUMENT_NUMBER_SKIPPED | SKIPPED | Document number validation was skipped. | NA | NA |
| DOCUMENT_NUMBER_NOT_FOUND | REJECTED | Account was not found based on document number. | IDN | 62 |
| DOCUMENT_NUMBER_NOT_PERMITTED | REJECTED | Document number is not permitted for all accounts found. | DND | 57 |
| DOCUMENT_NUMBER_MULTIPLE_ACCOUNT_FOUND | REJECTED | Document number is linked to more than one account that allows authorization using document number. Authorization system can’t define which one to use. | MDN | 57 |
| DOCUMENT_NUMBER_ERROR | REJECTED | Internal error validating document number. | SED | 96 |
Additional data: Contains the field indicating whether the document number is present.
Fields: document_number_present
Payload example:
{
"name": "DOCUMENT_NUMBER",
"status": "APPROVED",
"reason": "DOCUMENT_NUMBER_FOUND",
"description": "Account was found successfully based on document number.",
"additional_data": {
"document_number_present": true
}
}
Account limits retrieval
Platform authorization retrieves the account limits information to process this authorization request and perform validations.
Name: ACCOUNT_LIMITS
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ACCOUNT_LIMITS_FOUND | APPROVED | Account limits were found. | NA | 00 |
| ACCOUNT_LIMITS_SKIPPED | SKIPPED | Account limits validation was skipped. | NA | NA |
| ACCOUNT_LIMITS_NOT_FOUND | REJECTED | Account limits were not found. | IAD | 62 |
| ACCOUNT_LIMITS_ERROR | REJECTED | Internal error validating account limits. | IAE | 96 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Contains current balances and limits.
Fields: available_credit_limit, available_total_installment_credit, available_withdrawal_credit, total_credit_limit, total_installment_credit_limit, withdrawal_credit_limit
Payload example:
{
"name": "ACCOUNT_LIMITS",
"status": "APPROVED",
"reason": "ACCOUNT_LIMITS_FOUND",
"description": "Account limits were found.",
"additional_data": {
"available_credit_limit": 87459.76,
"available_total_installment_credit": 179.2,
"available_withdrawal_credit": 4,
"total_credit_limit": 0,
"total_installment_credit_limit": 500,
"withdrawal_credit_limit": 500
}
}
Account status validation
Platform authorization performs the account status validation to verify whether the account is allowed to perform the request.
Name: ACCOUNT_STATUS
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ACCOUNT_STATUS_PERMITTED | APPROVED | Account status is permitted. | NA | 00 |
| ACCOUNT_STATUS_SKIPPED | SKIPPED | Account status validation was skipped. | NA | NA |
| ACCOUNT_STATUS_NOT_PERMITTED | REJECTED | Account is blocked from receiving debits or credits. | IAS | 57 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "ACCOUNT_STATUS",
"status": "REJECTED",
"reason": "ACCOUNT_STATUS_NOT_PERMITTED",
"description": "Account is blocked from receiving debits or credits. "
}
Account validation
Platform authorization validates if the account ID received from the payment methods request is valid.
Name: ACCOUNT_ID
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ACCOUNT_ID_PERMITTED | APPROVED | Account ID is permitted. | NA | 00 |
| ACCOUNT_ID_PERMITTED_SKIPPED | SKIPPED | Account ID validation was skipped. | NA | NA |
| ACCOUNT_ID_NOT_PERMITTED | REJECTED | Authorized account is different from the one received in the request. | IAD | 62 |
| ACCOUNT_ID_NOT_PROVIDED | REJECTED | Account ID was not provided in the request. | IAD | 62 |
Additional data: Not mapped yet.
Payload example:
{
"name": "ACCOUNT_ID",
"status": "APPROVED",
"reason": "ACCOUNT_ID_PERMITTED",
"description": "Account ID is permitted."
}
Anti-fraud integration
Platform authorization integrates with an external anti-fraud system to have the issuer-specific rules evaluated by their system.
Name: ANTI_FRAUD
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ANTI_FRAUD_APPROVED | APPROVED | Authorization passed anti-fraud evaluation. | NA | 00 |
| ANTI_FRAUD_SKIPPED | SKIPPED | Anti-fraud evaluation was skipped. | NA | NA |
| ANTI_FRAUD_NOT_APPROVED | REJECTED | Authorization failed anti-fraud evaluation. | AFD | 59 |
| ANTI_FRAUD_ERROR | REJECTED | Internal error in anti-fraud evaluation. | AFE | 92 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Contains the override flag when anti-fraud returns the response code or denial code to replace the authorization response, the force_approve flag when anti-fraud returns that the authorizer must force authorization approval even if any validation has been denied and the validation steps have been executed in the anti-fraud flow.
Fields: override, force_approve, executed_steps
Payload example:
{
"name": "ANTI_FRAUD",
"status": "APPROVED",
"reason": "ANTI_FRAUD_APPROVED",
"description": "Authorization passed anti-fraud evaluation.",
"additional_data": {
"override": "false",
"force_approve": "false",
"executed_steps": {}
}
}
Authorization registration
Platform authorization registers the authorization information into the database. If something fails on this operation, the authorization may be declined.
Name: AUTHORIZATION
Possible status: APPROVED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| AUTHORIZATION_CREATED | APPROVED | Authorization was created successfully. | NA | 00 |
| AUTHORIZATION_ERROR | REJECTED | Internal error in creating authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "AUTHORIZATION",
"status": "APPROVED",
"reason": "AUTHORIZATION_CREATED",
"description": "Authorization was created successfully.",
"additional_data": {}
}
Authorization retrieval
Payment methods flow retrieves the original authorization on the cancellation flow to perform some validations against its current status and determine whether that request may proceed. If the authorization is retrieved successfully, the flow goes on but if an error happens, the cancellation request is declined.
Name: AUTHORIZATION_RETRIEVAL
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| AUTHORIZATION_RETRIEVAL_SUCCESSFUL | APPROVED | Authorization was retrieved successfully. | NA | 00 |
| AUTHORIZATION_RETRIEVAL_SKIPPED | SKIPPED | Authorization retrieval was skipped. | NA | NA |
| AUTHORIZATION_RETRIEVAL_ERROR | REJECTED | Unexpected error has happened while retrieving the authorization. | ARE | 96 |
| AUTHORIZATION_RETRIEVAL_TIMEOUT | REJECTED | Timeout has happened while retrieving the authorization. | ART | 96 |
| AUTHORIZATION_RETRIEVAL_NOT_FOUND | REJECTED | Authorization was not found for the identifier provided. | ARN | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "AUTHORIZATION_RETRIEVAL",
"status": "APPROVED",
"reason": "AUTHORIZATION_RETRIEVAL_SUCCESSFUL",
"description": "Authorization was retrieved successfully."
}
Balances configuration retrieval
Payment methods flow integrates with the Balances configuration API to determine which account balances should be impacted by the Ledger in a given authorization. This functionality allows you to create dynamic rules to impact the balance, offering additional flexibility. All rules are associated with a processing code.
Name: BALANCES_CONFIG
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| BALANCES_CONFIG_FOUND | APPROVED | Balances configuration was found. | NA | 00 |
| BALANCES_CONFIG_SKIPPED | SKIPPED | Balances configuration validation was skipped. | NA | NA |
| BALANCES_CONFIG_NOT_FOUND | SKIPPED | Balances configuration was not found. | NA | NA |
| BALANCES_CONFIG_TIMEOUT | REJECTED | Balances configuration validation returned a timeout. | BTO | 96 |
| BALANCES_CONFIG_ERROR | REJECTED | Balances configuration validation returned an error. | BCE | 96 |
Additional data: Contains balance impact information returned by the Balances configuration API, which is used to impact the Ledger.
Fields: impact, consider, amount, amount_consider, reset_limit
Payload example:
{
"name": "BALANCES_CONFIG",
"status": "APPROVED",
"reason": "BALANCES_CONFIG_FOUND",
"description": "Balances configuration was found.",
"additional_data": {
"amount": "contract_amount",
"amount_consider": "principal_amount",
"consider": [
"AvailableCreditLimit",
"OverLimit"
],
"impact": [
"AvailableCreditLimit"
],
"reset_limit": "last_installment"
}
}
Card retrieval
When the authorization request from the payment methods service is performed using a card (PAN), the platform validates whether that card number is valid and exists in the database. If any error occurs, the request is declined.
Name: CARD
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_FOUND | APPROVED | Card was found. | NA | 00 |
| CARD_SKIPPED | SKIPPED | Card validation was skipped. | NA | NA |
| CARD_NOT_FOUND | REJECTED | Card was not found. | PNF | 14 |
| CARD_ERROR | REJECTED | Internal error validating card. | SED | 96 |
Additional data: Contains the card hash related to the card number received
Fields: card_hash
Payload example:
{
"name": "CARD",
"status": "APPROVED",
"reason": "CARD_FOUND",
"description": "Card was found.",
"additional_data": {
"card_hash": "99999999fOt10YS1QK8V3J6poQ/r1gOsfZZZZzzzzzZkxyiabfxRBPVfSzMlKAlXIs777777777tOwntil9k+A=="
}
}
Card ARQC validation
When the authorization request from the payment methods service is performed using a card (PAN) and contains the cryptogram (chip) information, the platform validates this Cryptogram information against the HSM to verify whether it is valid.
Name: ARQC
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_ARQC_VALID | APPROVED | ARQC was validated successfully. | NA | 00 |
| CARD_ARQC_SKIPPED | SKIPPED | ARQC validation was skipped. | NA | NA |
| CARD_ARQC_INVALID | REJECTED | ARQC is invalid. | ICR | 63 |
| HSM_REQUIRED_FIELD_ERROR | REJECTED | Missing required field. | KNC | 57 |
| CARD_ARQC_ERROR | REJECTED | Internal error validating ARQC. | SED | 96 |
Additional data: Contains the field that indicates whether the cryptogram data is present. When declined by HSM, contains the error code. When validation is skipped, contains the cause.
Fields: arqc_presence, code, cause
Payload example:
{
"name": "CARD_ARQC",
"status": "SKIPPED",
"reason": "CARD_ARQC_SKIPPED",
"description": "ARQC validation was skipped.",
"additional_data": {
"arqc_presence": false,
"cause": "Authorization has no cardholder verification method.",
"code": ""
}
}
Card ATC validation
ATC is the transaction counter present in the chip information of the card. Every time the cardholder performs a transaction using a POS that reads chip data, the counter is incremented. The Pismo platform compares the counter received in the request with the ones registered in the database from previous authorizations. If the counter is not duplicated and is within an allowed range (configured by the issuer), the request is validated.
Name: CARD_ATC
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_ATC_WITHIN_ALLOWED_RANGE | APPROVED | ATC is within allowed range. | NA | 00 |
| CARD_ATC_SKIPPED | SKIPPED | ATC validation was skipped. | NA | NA |
| CARD_ATC_OUTSIDE_ALLOWED_RANGE | REJECTED | ATC is outside allowed range. | ATC | 63 |
| CARD_ATC_IS_DUPLICATED | REJECTED | ATC is already registered in the database for this card. | ATC | 63 |
| MISSING_PROGRAM_PARAMETER | REJECTED | Min or max range parameters were not found to perform validation. | PPD | 57 |
Additional data: Contains the current ATC, the list of previous ATCs, and both min and max offset allowed parameters.
Fields: current_atc,previous_atc, min_offset_parameter, max_offset_parameter
Payload example:
{
"name": "CARD_ATC",
"status": "APPROVED",
"reason": "CARD_ATC_WITHIN_ALLOWED_RANGE",
"description": "ATC is within allowed range.",
"additional_data": {
"current_atc": "10",
"previous_atc": "[9,8,7,5,1]",
"min_offset_parameter": "5",
"max_offset_parameter": "15"
}
}
Card authorization mode validation
When authorization request from the payment methods service uses a card, the Pismo platform validates if the authorization mode (credit/debit) matches the card mode. Credit cards can only operate on credit mode and debit cards can only operate on debit mode. Combo or multi application cards can operate on both modes but the mode received on the authorization request must be enabled on the card.
Name: CARD_AUTHORIZATION_MODE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_AUTHORIZATION_MODE_VALID | APPROVED | Card has authorization mode enabled. | NA | 00 |
| CARD_AUTHORIZATION_MODE_SKIPPED | SKIPPED | Card mode validation was skipped. | NA | NA |
| CARD_AUTHORIZATION_MODE_INVALID | REJECTED | Card mode doesn't allow authorization mode. | IAM | 57 |
| CARD_AUTHORIZATION_MODE_NOT_FOUND | REJECTED | Card doesn't have authorization mode created. | IAM | 57 |
Additional data: Contains the authorization mode.
Fields: authorization_mode
Payload example:
{
"name": "CARD_AUTHORIZATION_MODE",
"status": "APPROVED",
"reason": "CARD_AUTHORIZATION_MODE_VALID",
"description": "Card has authorization mode enabled.",
"additional_data": {
"authorization_mode": "CREDIT"
}
}
Card CVV validation
When the authorization request from the payment methods service is performed using a card (PAN) and contains a CVV (track1 or track2 data), this CVV information is validated against the HSM to verify whether it is valid.
Name: CARD_CVV
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_CVV_VALID | APPROVED | CVV was validated successfully. | NA | 00 |
| CARD_CVV_SKIPPED | SKIPPED | CVV validation was skipped. | NA | NA |
| CARD_CVV_INVALID | REJECTED | CVV is invalid. | CVV | 14 |
| HSM_REQUIRED_FIELD_ERROR | REJECTED | Missing required field. | KNC | 57 |
| CARD_CVV_ERROR | REJECTED | Internal error validating CVV. | SED | 96 |
Additional data: Contains two fields indicating the track1 and track2 data presence and, when declined by HSM, contains the error code. When validation is skipped, contains the cause.
Fields: track1_presence, track2_presence, code, cause
Payload example:
{
"name": "CARD_CVV",
"status": "SKIPPED",
"reason": "CARD_CVV_SKIPPED",
"description": "CVV validation was skipped.",
"additional_data": {
"track1_presence": false,
"track2_presence": false,
"cause": "Authorization has no cardholder verification method.",
"code": ""
}
}
Card CVV2 validation
When the authorization request from the payment methods service is performed using a card (PAN) and contains a CVV2, the platform validates this CVV2 information against the HSM to verify whether it is valid. The platform also validates the entered expiration date during this flow since it is used on the CVV2 calculation and must be correct.
Name: CARD_CVV2
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_CVV2_VALID | APPROVED | CVV2 was validated successfully. | NA | 00 |
| CARD_CVV2_SKIPPED | SKIPPED | CVV2 validation was skipped. | NA | NA |
| CARD_CVV2_INVALID | REJECTED | CVV2 is invalid. | CV2 | 14 |
| CARD_EXPIRATION_DATE_INVALID | REJECTED | Entered expiration date is invalid. | IED | 54 |
| HSM_REQUIRED_FIELD_ERROR | REJECTED | Missing required field. Expiration date not provided. | KNC | 57 |
| CARD_CVV2_ERROR | REJECTED | Internal error validating CVV2. | SED | 96 |
Additional data: Contains the field indicating the CVV2 data presence, the entered expiration date, and, when declined by HSM, it contains the error code. When validation is skipped, contains the cause.
Fields: cvv2_presence, entered_expiration_date, code, cause
Payload example:
{
"name": "CARD_CVV2",
"status": "SKIPPED",
"reason": "CARD_CVV2_SKIPPED",
"description": "CVV2 validation was skipped.",
"additional_data": {
"cvv2_presence": false,
"entered_expiration_date": "2806",
"cause": "Authorization has no cardholder verification method.",
"code": ""
}
}
Card entered expiration date validation
When the authorization request from the payment methods service is performed using a card and cardholder provides the expiration date, the platform validates whether the entered expiration date matches the card’s expiration date.
Name: CARD_ENTERED_EXPIRATION_DATE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_ENTERED_EXPIRATION_DATE_VALID | APPROVED | Entered expiration date matches card expiration date. | NA | 00 |
| CARD_ENTERED_EXPIRATION_DATE_SKIPPED | SKIPPED | Validation of entered expiration date was skipped. | NA | NA |
| CARD_ENTERED_EXPIRATION_DATE_INVALID | REJECTED | Entered expiration date doesn't match card expiration date. | IED | 54 |
| CARD_ENTERED_EXPIRATION_DATE_ERROR | REJECTED | Internal error validating entered expiration date. | SED | 96 |
Additional data: Contains the entered expiration date and the card’s expiration date.
Fields: entered_expiration_date, card_expiration_date
Payload example:
{
"name": "CARD_ENTERED_EXPIRATION_DATE",
"status": "APPROVED",
"reason": "CARD_ENTERED_EXPIRATION_DATE_VALID",
"description": "Entered expiration date matches card expiration date.",
"additional_data": {
"card_expiration_date": "2806",
"entered_expiration_date": "2806"
}
}
Card expired date validation
When the authorization request from the payment methods service is performed using a card, the platform validates whether the card is expired.
Name: CARD_EXPIRATION_DATE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_NOT_EXPIRED | APPROVED | Card is not expired. | NA | 00 |
| CARD_EXPIRATION_SKIPPED | SKIPPED | Validation of card expiration date was skipped. | NA | NA |
| CARD_EXPIRED | REJECTED | Card is expired. | CEE | 54 |
| CARD_EXPIRATION_ERROR | REJECTED | Internal error validating card expiration date. | SED | 96 |
Additional data: Contains the card’s expiration date.
Fields: card_expiration_date
Payload example:
{
"name": "CARD_EXPIRATION_DATE",
"status": "APPROVED",
"reason": "CARD_NOT_EXPIRED",
"description": "Card is not expired.",
"additional_data": {
"card_expiration_date": "2806"
}
}
Card password tries validation
The Pismo platform validates and counts the number of incorrect password tries by the cardholder. If those tries reach a configured threshold, the card is blocked and new requests are allowed even if the password is correct. This threshold is configured by the issuer on the Pismo platform.
Password tries error counter is only reset when the cardholder enters the correct password in a new authorization request before reaching the blocking threshold. Requests that don't use the password, such as e-commerce or contactless, even though approved, do not reset the counter. After reaching the threshold, even the requests without password are declined.
Name: CARD_PASSWORD_TRIES
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_PASSWORD_TRIES_ALLOWED | APPROVED | Password tries are within configured threshold. | NA | 00 |
| CARD_PASSWORD_TRIES_SKIPPED | SKIPPED | Password tries validation was skipped. | NA | NA |
| CARD_PASSWORD_TRIES_EXCEEDED | REJECTED | Password tries exceeded configured threshold. | PTD | 75 |
| MISSING_PROGRAM_PARAMETER | REJECTED | Max password tries parameter was not found to perform validation. | PPD | 57 |
Additional data: Contains the current password tries count and the configured threshold.
Fields: current_password_tries, password_tries_allowed
Payload example:
{
"name": "CARD_PASSWORD_TRIES",
"status": "APPROVED",
"reason": "CARD_PASSWORD_TRIES_ALLOWED",
"description": "Password tries are within configured threshold.",
"additional_data": {
"current_password_tries": 0,
"password_tries_allowed": 3
}
}
Card PIN validation
When the authorization request from the payment methods service is performed using a card (PAN) and contains a PIN block, the platform validates this PIN block information against the HSM.
Name: CARD_PIN
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_PIN_VALID | APPROVED | PIN was validated successfully. | NA | 00 |
| CARD_PIN_SKIPPED | SKIPPED | PIN validation was skipped. | NA | NA |
| CARD_PIN_INVALID | REJECTED | PIN is invalid. | IPD | 55 |
| HSM_KEY_NOT_FOUND | REJECTED | HSM keys not found. | KNF | 57 |
| HSM_REQUIRED_FIELD_ERROR | REJECTED | Missing required field. | KNC | 57 |
| CARD_PIN_ERROR | REJECTED | Internal error validating PIN. | SED | 96 |
Additional data: Contains the field that indicates whether the PIN block data is present. When declined by HSM, contains the error code. When validation is skipped, contains the cause.
Fields: pin_presence, code, cause
Payload example:
{
"name": "CARD_PIN",
"status": "SKIPPED",
"reason": "CARD_PIN_SKIPPED",
"description": "PIN validation was skipped.",
"additional_data": {
"pin_presence": false,
"cause": "Authorization has no cardholder verification method.",
"code": ""
}
}
Card status validation
When the authorization request from the payment methods service is performed using a card, the platform validates whether the card has a blocked status.
Name: CARD_STATUS
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CARD_STATUS_VALID | APPROVED | Card is in valid status. | NA | 00 |
| CARD_STATUS_SKIPPED | SKIPPED | Card status validation was skipped. | NA | NA |
| CARD_STATUS_INVALID | REJECTED | Card is in blocked status. | CBD | 57 |
Additional data: Contains the card status.
Fields: card_status
Payload example:
{
"name": "CARD_STATUS",
"status": "APPROVED",
"reason": "CARD_STATUS_VALID",
"description": "Card is in valid status.",
"additional_data": {
"card_status": "NORMAL"
}
}
External calculation
If configured, the authorization request from the payment methods service calls an external endpoint to have the amounts of the authorization calculated by an external system. If any error occurs, the authorization is declined.
Name: EXTERNAL_CALCULATION
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| EXTERNAL_CALCULATION_SUCCESSFUL | APPROVED | External calculation was performed successfully. | NA | 00 |
| EXTERNAL_CALCULATION_SKIPPED | SKIPPED | External calculation was skipped. | NA | NA |
| EXTERNAL_CALCULATION_ERROR | REJECTED | Internal error when performing external calculation. | ECE | 92 |
| EXTERNAL_CALCULATION_TIMEOUT | REJECTED | Timeout when attempting to perform external calculation request. | ECT | 92 |
| EXTERNAL_CALCULATION_DECLINED | REJECTED | External call declined calculation request. | ECD | 57 |
| EXTERNAL_CALCULATION_INVALID_RESPONSE | REJECTED | External calculation response has invalid values. | ECI | 92 |
Additional data: Contains the list of validation errors when the external system responds with an unexpected response format or missing required fields.
Fields: response_status_code, error_1, error_2, error_n
Payload example:
{
"name": "EXTERNAL_CALCULATION",
"status": "APPROVED",
"reason": "EXTERNAL_CALCULATION_SUCCESSFUL",
"description": "External calculation was performed successfully."
}
Flex controls evaluation
Platform authorization evaluates flex controls for the operation.
Name: FLEX_CONTROLS
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| FLEX_CONTROLS_APPROVED | APPROVED | Authorization passed flex control evaluation. | NA | 00 |
| FLEX_CONTROLS_SKIPPED | SKIPPED | Flex controls evaluation was skipped. | NA | NA |
| FLEX_CONTROLS_NOT_APPROVED | REJECTED | Authorization failed flex control evaluation. | FCD | 57 |
| FLEX_CONTROLS_ERROR | REJECTED | Internal error in the evaluation of flex controls. | FCE | 96 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "FLEX_CONTROLS",
"status": "APPROVED",
"reason": "FLEX_CONTROLS_APPROVED",
"description": "Authorization passed flex control evaluation."
}
Ledger integration
Platform authorization integrates with Ledger API to evaluate impact on account limits for this operation.
Name: LEDGER
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| LEDGER_APPROVED | APPROVED | Ledger was impacted successfully. | NA | 00 |
| LEDGER_SKIPPED | SKIPPED | Ledger impacting was skipped. | NA | NA |
| LEDGER_INSUFFICIENT_FUNDS | REJECTED | Amount authorization is greater than the account available limits. | PLD | 51 |
| LEDGER_NOT_ALLOWED_OPERATION | REJECTED | Account is blocked from receiving debits or credits. | PLO | 57 |
| LEDGER_DUPLICATED_TRACKING_ID | REJECTED | Internal error of duplicated tracking ID in the ledger. | PLE | 96 |
| LEDGER_ERROR | REJECTED | Internal error in impacting ledger. | PLE | 96 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Contains the force flag when calling the ledger force flow and ignore_status when impacting the ledger normal flow without validating the account status.
Fields: force, ignore_status
Payload example:
{
"name": "LEDGER",
"status": "APPROVED",
"reason": "LEDGER_APPROVED",
"description": "Ledger was impacted successfully.",
"additional_data": {
"force": true
}
}
}
Merchant validation
To complete an authorization request, the authorization request from the payment methods service calls the merchants API to validate if the merchant can authorize transactions, which is when their status is ACTIVE or APPROVED.
Name: MERCHANT
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| MERCHANT_VALID_STATUS | APPROVED | Merchant has valid status. | NA | 00 |
| MERCHANT_SKIPPED | SKIPPED | Merchant validation was skipped. | NA | NA |
| MERCHANT_INVALID_STATUS | REJECTED | Merchant has invalid status. | IMD | 57 |
| MERCHANT_NOT_FOUND | REJECTED | Merchant was not found. | MNF | 57 |
| MERCHANT_ERROR | REJECTED | Internal error validating merchant. | SED | 96 |
Additional data: Contains the merchant external ID (external_id provided by the customer, not the Pismo internal ID) and status.
Fields: merchant_external_id (external ID provided by the customer, not Pismo internal ID), status, marketplace_id
Payload example:
{
"name": "MERCHANT",
"status": "APPROVED",
"reason": "MERCHANT_VALID_STATUS",
"description": "Merchant has valid status.",
"additional_data": {
"merchant_external_id": "FL-123456",
"status": "ACTIVE",
"marketplace_id": "102030"
}
}
Payment methods configuration retrieval
For every authorization request from the payment methods service, the platform retrieves the configurations related to the account/program/organization performing the request. If anything unexpected happens during this flow, the request may be declined.
Name: CONFIG
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| CONFIG_FOUND | APPROVED | Payment methods configuration was found. | NA | 00 |
| CONFIG_SKIPPED | SKIPPED | Payment methods configuration validation was skipped. | NA | NA |
| CONFIG_NOT_FOUND | REJECTED | Payment methods configuration was not found. | CNF | 57 |
| CONFIG_ERROR | REJECTED | Internal error validating payment methods configuration. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "CONFIG",
"status": "APPROVED",
"reason": "CONFIG_FOUND",
"description": "Payment methods configuration was found."
}
Payment methods acceptances retrieval
For every authorization request from the payment methods service, the platform retrieves the acceptances related to the account, program, and organization and processing code performing the request. If anything unexpected happens during this flow, the request may be declined.
Name: ACCEPTANCE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ACCEPTANCE_FOUND | APPROVED | Payment methods acceptances were found. | NA | 00 |
| ACCEPTANCE_SKIPPED | SKIPPED | Payment methods acceptances validation was skipped. | NA | NA |
| ACCEPTANCE_NOT_FOUND | REJECTED | Payment methods acceptances were not found. | AND | 57 |
| ACCEPTANCE_ERROR | REJECTED | Internal error validating payment methods acceptances. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "ACCEPTANCE",
"status": "APPROVED",
"reason": "ACCEPTANCE_FOUND",
"description": "Payment methods acceptances were found."
}
Payment methods integrity
Payment methods flow saves an integrity message to process the integrity validation of the flow later. If this operation fails to register the integrity message, the request is declined.
Name: PAYMENT_METHODS_INTEGRITY
Possible status: APPROVED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PAYMENT_METHODS_INTEGRITY_CREATED | APPROVED | Payment methods integrity message was created successfully. | NA | 00 |
| PAYMENT_METHODS_INTEGRITY_ERROR | REJECTED | Unexpected error happened while saving the payment methods integrity message. | OIE | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PAYMENT_METHODS_INTEGRITY",
"status": "APPROVED",
"reason": "PAYMENT_METHODS_INTEGRITY_CREATED",
"description": "Payment methods integrity message was created successfully."
}
Payment methods persistence
Payment methods flow saves the request and response information in the persistence record to guarantee integrity of the flow. If this operation fails to register the information into the database, the request is declined.
Name: PAYMENT_METHODS_PERSISTENCE
Possible status: APPROVED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PAYMENT_METHODS_PERSISTENCE_CREATED | APPROVED | Payment methods persistence record was created successfully. | NA | 00 |
| PAYMENT_METHODS_PERSISTENCE_ERROR | REJECTED | Unexpected error happened while saving the payment methods persistence record. | OPE | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PAYMENT_METHODS_PERSISTENCE",
"status": "APPROVED",
"reason": "PAYMENT_METHODS_PERSISTENCE_CREATED",
"description": "Payment methods persistence record was created successfully."
}
Operation amount calculation
Platform authorization calls the Rates API to calculate the contract amount including taxes and fees on this authorization. If any error occurs, the request is declined.
Name: RATES
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| RATES_APPROVED | APPROVED | Rates calculation was performed. | NA | 00 |
| RATES_SKIPPED | SKIPPED | Rates calculation was skipped. | NA | NA |
| RATES_ERROR | REJECTED | Internal error in calculating rates. | PRE | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "RATES",
"status": "APPROVED",
"reason": "RATES_APPROVED",
"description": "Rates calculation was performed."
}
Original authorization retrieval
Platform authorization retrieves the original authorization and performs validations.
Name: ORIGINAL_AUTHORIZATION
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| ORIGINAL_AUTHORIZATION_APPROVED | APPROVED | Original authorization validation was approved. | NA | 00 |
| ORIGINAL_AUTHORIZATION_SKIPPED | SKIPPED | Original authorization validation was skipped. | NA | NA |
| ORIGINAL_AUTHORIZATION_NOT_FOUND | REJECTED | Original authorization was not found. | POA | 57 |
| ORIGINAL_AUTHORIZATION_IS_DENIED | REJECTED | Original authorization is denied and therefore can not be cancelled. | POA | 57 |
| ORIGINAL_AUTHORIZATION_IS_FROM_DIFFERENT_ACCOUNT | REJECTED | Original authorization is from a different account. | POA | 57 |
| ORIGINAL_AUTHORIZATION_IS_UNABLE_TO_CONFIRM | REJECTED | Original authorization is not pending. | POA | 57 |
| ORIGINAL_AUTHORIZATION_HAS_DIFFERENT_CONFIGURATION | REJECTED | Original authorization has different configuration. | POA | 57 |
| ORIGINAL_AUTHORIZATION_ERROR | REJECTED | Internal error validating original authorization. | POA | 57 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "ORIGINAL_AUTHORIZATION",
"status": "APPROVED",
"reason": "ORIGINAL_AUTHORIZATION_APPROVED",
"description": "Original authorization validation was approved."
}
Platform authentication
Payment methods flow supports external integration to have the request authenticated against an external provider. If authentication is enabled and the information related to this is sent into the request payload, Payment methods API calls the external provider to validate this information. The result of this validation is attached to the validation result map on this entry.
If the platform does not authenticate and decline the request, it does not add an entry to the validation result map, since the flow is stopped and the request receives the 401 - Unauthorized HTTP response.
Name: PLATFORM_AUTHENTICATION
Possible status: APPROVED, SKIPPED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PLATFORM_AUTHENTICATION_SUCCESSFUL | APPROVED | Request was authenticated successfully. | NA | 00 |
| PLATFORM_AUTHENTICATION_SKIPPED | SKIPPED | Platform authentication call was skipped. | NA | NA |
| PLATFORM_AUTHENTICATION_FAILED_SKIPPED | SKIPPED | Platform authentication validation has failed but it was not required for this request. | NA | NA |
Additional data: Not mapped yet.
Payload example:
{
"name": "PLATFORM_AUTHENTICATION",
"status": "APPROVED",
"reason": "PLATFORM_AUTHENTICATION_SUCCESSFUL",
"description": "Request was authenticated successfully."
}
Platform authorization
To complete an authorization request, the authorization request from the payment methods service calls the platform authorization flow that performs all platform validations, such as ledger, rates, flex controls, and anti-fraud. If an error occurs during this call, the request is declined.
Name: PLATFORM_AUTHORIZATION
Possible status: APPROVED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PLATFORM_AUTHORIZATION_SUCCESSFUL | APPROVED | Platform authorization was processed successfully. | NA | 00 |
| PLATFORM_AUTHORIZATION_ERROR | REJECTED | Platform authorization call returned an error. | PAE | 96 |
| PLATFORM_AUTHORIZATION_TIMEOUT | REJECTED | Timeout when attempting to perform platform authorization request. | PAT | 96 |
| PLATFORM_AUTHORIZATION_DUPLICATED_TRACKING_ID | REJECTED | Platform authorization responded an idempotent response since tracking ID was already used. | PAD | 30 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PLATFORM_AUTHORIZATION",
"status": "REJECTED",
"reason": "PLATFORM_AUTHORIZATION_ERROR",
"description": "Platform authorization call returned an error."
}
Processing code mapping
Payment methods flow integrates processing code API to map the correct processing code to the authorization. This allows you to create mapping rules where the processing code received may be changed into a new one to have a specific mapping for each necessary scenario.
Name: PROCESSING_CODE_MAPPER
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PROCESSING_CODE_MAPPED | APPROVED | Processing code was mapped successfully. | NA | 00 |
| PROCESSING_CODE_MAPPING_SKIPPED | SKIPPED | Processing code mapping was skipped. | NA | NA |
| PROCESSING_CODE_MAPPING_ERROR | REJECTED | Internal error mapping processing code. | PCO | 96 |
Additional data: Contains the original processing code received on the request and the mapped processing code that is returned after mapping (this may be the same processing code as the received one if no rule is configured).
Fields: original_processing_code, mapped_processing_code
Payload example:
{
"name": "PROCESSING_CODE_MAPPER",
"status": "APPROVED",
"reason": "PROCESSING_CODE_MAPPED",
"description": "Processing code was mapped successfully.",
"additional_data": {
"original_processing_code": "00",
"mapped_processing_code": "003000"
}
}
Processing code type validation
Platform authorization validates whether the processing code has a valid balance impact type of credit, debit, or zero balance. If it is an invalid type, the request is declined.
Name: PROCESSING_CODE_TYPE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PROCESSING_CODE_TYPE_VALID | APPROVED | Processing code has a valid balance impact type. | NA | 00 |
| PROCESSING_CODE_TYPE_SKIPPED | SKIPPED | Processing code balance impact type validation was skipped. | NA | NA |
| PROCESSING_CODE_TYPE_INVALID | REJECTED | Processing code has an invalid balance impact type. | PCD | 57 |
| PROCESSING_CODE_HAS_DIFFERENT_IMPACT_THAN_ORIGINAL_AUTHORIZATION | REJECTED | Processing code has a different balance impact than original authorization. | PCD | 57 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PROCESSING_CODE_TYPE",
"status": "APPROVED",
"reason": "PROCESSING_CODE_TYPE_VALID",
"description": "Processing code has a valid balance impact type."
}
Processing code validation
Platform authorization validates if the processing code is valid.
Name: PROCESSING_CODE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PROCESSING_CODE_FOUND | APPROVED | Processing code was found. | NA | 00 |
| PROCESSING_CODE_SKIPPED | SKIPPED | Processing code validation was skipped. | NA | NA |
| PROCESSING_CODE_ERROR | REJECTED | Internal error validating processing code. | PCE | 96 |
| PROCESSING_CODE_NOT_FOUND | REJECTED | Processing code was not found. | PCD | 57 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PROCESSING_CODE",
"status": "APPROVED",
"reason": "PROCESSING_CODE_FOUND",
"description": "Processing code was found."
}
Program parameters retrieval
To perform card password tries and card ATC validations, the platform needs to retrieve program parameters. If something goes wrong with this retrieval, the authorization may be denied.
Name: PROGRAM_PARAMETER
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PROGRAM_PARAMETER_FOUND | APPROVED | Program parameters were found successfully. | NA | 00 |
| PROGRAM_PARAMETER_SKIPPED | SKIPPED | Program parameters validation was skipped. | NA | NA |
| PROGRAM_PARAMETER_ERROR | REJECTED | Internal error validating program parameters. | PPE | 96 |
Additional data: Contains the program ID related to this request.
Fields: program_id
Payload example:
{
"name": "PROGRAM_PARAMETER",
"status": "APPROVED",
"reason": "PROGRAM_PARAMETER_FOUND",
"description": "Program parameters were found successfully.",
"additional_data": {
"program_id": 99
}
}
Program retrieval
Platform authorization retrieves the program information to process this authorization request and make some validations.
Name: PROGRAM
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| PROGRAM_FOUND | APPROVED | Program was found. | NA | 00 |
| PROGRAM_SKIPPED | SKIPPED | Program validation was skipped. | NA | NA |
| PROGRAM_NOT_FOUND | REJECTED | Program was not found. | PPN | 57 |
| PROGRAM_ERROR | REJECTED | Internal error validating program. | PPE | 96 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "PROGRAM",
"status": "APPROVED",
"reason": "PROGRAM_FOUND",
"description": "Program was found."
}
Remaining cancellation balance
Platform authorization retrieves the remaining cancellation balance and performs validations.
Name: REMAINING_CANCELLATION_BALANCE
Possible status: APPROVED, SKIPPED, REJECTED
Possible reasons:
| Reason | Status | Description | Denial code | Response code |
|---|---|---|---|---|
| REMAINING_CANCELLATION_BALANCE_APPROVED | APPROVED | Remaining cancellation balance for this authorization was approved. | NA | 00 |
| REMAINING_CANCELLATION_BALANCE_SKIPPED | SKIPPED | Remaining cancellation balance for this authorization was skipped. | NA | NA |
| CANNOT_PARTIALLY_CANCEL_AUTHORIZATION_PENDING_CONFIRMATION | REJECTED | Original authorization is pending confirmation and therefore can not be partially cancelled. | PRC | 57 |
| AUTHORIZATION_ALREADY_CANCELLED | REJECTED | Authorization was already cancelled. | PRC | 57 |
| TOTAL_CANCELLATION_BALANCE_EXCEEDS_AUTHORIZED | REJECTED | Total cancellation balance exceeds the authorized amount. | PRC | 57 |
| REMAINING_CANCELLATION_BALANCE_IMPACTED_LIMITS_ERROR | REJECTED | Original authorization impacted limits different from AvailableCreditLimit and AvailableWithdrawalLimit, and therefore cannot be partially cancelled. | PRC | 57 |
| REMAINING_CANCELLATION_BALANCE_ERROR | REJECTED | Internal error in remaining cancellation balance validation. | PRC | 96 |
| UNEXPECTED_ERROR | REJECTED | Unexpected error happened while processing the authorization. | SED | 96 |
Additional data: Not mapped yet.
Payload example:
{
"name": "REMAINING_CANCELLATION_BALANCE",
"status": "APPROVED",
"reason": "ORIGINAL_AUTHORIZATION_APPROVED",
"description": "Remaining cancellation balance for this authorization was approved."
}
Updated 16 days ago