Authorization validation rules for platform operations [beta]

This guide contains the full list of authorization rules used by the Pismo platform to validate requests. An authorization for platform operations builds a validation result map with the status of each validation. The validation result map contains a list of validation result objects. Each object contains information in the following fields.

FieldDescription
nameName of the evaluated rule. Use this field as the key to find the specific validation since the order of the validations inside the list can change.
statusIdentifies if the rule was approved (APPROVED), rejected (REJECTED), or not evaluated during the validation flow (SKIPPED).
reasonIdentifies the status reason why the specific rule was approved, rejected, or skipped. After identifying the rule itself using the field name, you can use the field reason to map specific scenarios that you want to monitor or create any rule for it.
descriptionDescribes the validation result. This field should not be used as a key for any rule as it only aims to aid understanding of the validation result.
additional_dataContains an object that holds important information related to that validation to help the system map scenarios and create rules over those validations. The contract for this field may be different for each validation, so every rule pattern can be found below.

Account retrieval

When the authorization request from the payment methods service is performed using a Pismo account ID, the platform validates whether that account ID is valid and exists in the database. If any error occurs, the request is declined.

Name: ACCOUNT

Possible statuses: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ACCOUNT_FOUNDAPPROVEDAccount was found.NA00
ACCOUNT_SKIPPEDSKIPPEDAccount validation was skipped.NANA
ACCOUNT_NOT_FOUNDREJECTEDAccount was not found.IAD62
ACCOUNT_ERRORREJECTEDInternal error validating account.SED96

Additional data: Contains the account ID received in the request.

Fields: account_id

Payload example:

{
    "name": "ACCOUNT",
    "status": "APPROVED",
    "reason": "ACCOUNT_FOUND",
    "description": "Account was found.",
    "additional_data": {
        "account_id": 9999
    }
}

Account retrieval by document number

When the payment methods authorization request is performed using a document number, the platform validates whether that document number is valid and exists in the database. If any error occurs or the account is not found based on the provided document number, the request is declined.

Name: DOCUMENT_NUMBER

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
DOCUMENT_NUMBER_FOUNDAPPROVEDAccount was found successfully based on document number.NA00
DOCUMENT_NUMBER_SKIPPEDSKIPPEDDocument number validation was skipped.NANA
DOCUMENT_NUMBER_NOT_FOUNDREJECTEDAccount was not found based on document number.IDN62
DOCUMENT_NUMBER_NOT_PERMITTEDREJECTEDDocument number is not permitted for all accounts found.DND57
DOCUMENT_NUMBER_MULTIPLE_ACCOUNT_FOUNDREJECTEDDocument number is linked to more than one account that allows authorization using document number. Authorization system can’t define which one to use.MDN57
DOCUMENT_NUMBER_ERRORREJECTEDInternal error validating document number.SED96

Additional data: Contains the field indicating whether the document number is present.

Fields: document_number_present

Payload example:

{
    "name": "DOCUMENT_NUMBER",
    "status": "APPROVED",
    "reason": "DOCUMENT_NUMBER_FOUND",
    "description": "Account was found successfully based on document number.",
    "additional_data": {
        "document_number_present": true
    }
}

Account limits retrieval

Platform authorization retrieves the account limits information to process this authorization request and perform validations.

Name: ACCOUNT_LIMITS

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ACCOUNT_LIMITS_FOUNDAPPROVEDAccount limits were found.NA00
ACCOUNT_LIMITS_SKIPPEDSKIPPEDAccount limits validation was skipped.NANA
ACCOUNT_LIMITS_NOT_FOUNDREJECTEDAccount limits were not found.IAD62
ACCOUNT_LIMITS_ERRORREJECTEDInternal error validating account limits.IAE96
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Contains current balances and limits.

Fields: available_credit_limit, available_total_installment_credit, available_withdrawal_credit, total_credit_limit, total_installment_credit_limit, withdrawal_credit_limit

Payload example:

{
    "name": "ACCOUNT_LIMITS",
    "status": "APPROVED",
    "reason": "ACCOUNT_LIMITS_FOUND",
    "description": "Account limits were found.",
    "additional_data": {
    	  "available_credit_limit": 87459.76,
        "available_total_installment_credit": 179.2,
        "available_withdrawal_credit": 4,
        "total_credit_limit": 0,
        "total_installment_credit_limit": 500,
        "withdrawal_credit_limit": 500
    }
}

Account status validation

Platform authorization performs the account status validation to verify whether the account is allowed to perform the request.

Name: ACCOUNT_STATUS

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ACCOUNT_STATUS_PERMITTEDAPPROVEDAccount status is permitted.NA00
ACCOUNT_STATUS_SKIPPEDSKIPPEDAccount status validation was skipped.NANA
ACCOUNT_STATUS_NOT_PERMITTEDREJECTEDAccount is blocked from receiving debits or credits.IAS57
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "ACCOUNT_STATUS",
    "status": "REJECTED",
    "reason": "ACCOUNT_STATUS_NOT_PERMITTED",
    "description": "Account is blocked from receiving debits or credits. ",
    "additional_data": {}
}

Account validation

Platform authorization validates if the account ID received from the payment methods request is valid.

Name: ACCOUNT_ID

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ACCOUNT_ID_PERMITTEDAPPROVEDAccount ID is permitted.NA00
ACCOUNT_ID_PERMITTED_SKIPPEDSKIPPEDAccount ID validation was skipped.NANA
ACCOUNT_ID_NOT_PERMITTEDREJECTEDAuthorized account is different from the one received in the request.IAD62
ACCOUNT_ID_NOT_PROVIDEDREJECTEDAccount ID was not provided in the request.IAD62

Additional data: Not mapped yet.

Payload example:

{
    "name": "ACCOUNT_ID",
    "status": "APPROVED",
    "reason": "ACCOUNT_ID_PERMITTED",
    "description": "Account ID is permitted.",
    "additional_data": {}
}

Anti-fraud integration

Platform authorization integrates with an external anti-fraud system to have the issuer-specific rules evaluated by their system.

Name: ANTI_FRAUD

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ANTI_FRAUD_APPROVEDAPPROVEDAuthorization passed anti-fraud evaluation.NA00
ANTI_FRAUD_SKIPPEDSKIPPEDAnti-fraud evaluation was skipped.NANA
ANTI_FRAUD_NOT_APPROVEDREJECTEDAuthorization failed anti-fraud evaluation.AFD59
ANTI_FRAUD_ERRORREJECTEDInternal error in anti-fraud evaluation.AFE92
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "ANTI_FRAUD",
    "status": "APPROVED",
    "reason": "ANTI_FRAUD_APPROVED",
    "description": "Authorization passed anti-fraud evaluation.",
    "additional_data": {
}

Authorization registration

Platform authorization registers the authorization information into the database. If something fails on this operation, the authorization may be declined.

Name: AUTHORIZATION

Possible status: APPROVED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
AUTHORIZATION_CREATEDAPPROVEDAuthorization was created successfully.NA00
AUTHORIZATION_ERRORREJECTEDInternal error in creating authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "AUTHORIZATION",
    "status": "APPROVED",
    "reason": "AUTHORIZATION_CREATED",
    "description": "Authorization was created successfully.",
    "additional_data": {}
}

Authorization retrieval

Payment methods flow retrieves the original authorization on the cancellation flow to perform some validations against its current status and determine whether that request may proceed. If the authorization is retrieved successfully, the flow goes on but if an error happens, the cancellation request is declined.

Name: AUTHORIZATION_RETRIEVAL

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
AUTHORIZATION_RETRIEVAL_SUCCESSFULAPPROVEDAuthorization was retrieved successfully.NA00
AUTHORIZATION_RETRIEVAL_SKIPPEDSKIPPEDAuthorization retrieval was skipped.NANA
AUTHORIZATION_RETRIEVAL_ERRORREJECTEDUnexpected error has happened while retrieving the authorization.ARE96
AUTHORIZATION_RETRIEVAL_TIMEOUTREJECTEDTimeout has happened while retrieving the authorization.ART96
AUTHORIZATION_RETRIEVAL_NOT_FOUNDREJECTEDAuthorization was not found for the identifier provided.ARN96

Additional data: Not mapped yet.

Payload example:

{
    "name": "AUTHORIZATION_RETRIEVAL",
    "status": "APPROVED",
    "reason": "AUTHORIZATION_RETRIEVAL_SUCCESSFUL",
    "description": "Authorization was retrieved successfully.",
    "additional_data": null
}

Balances configuration retrieval

Payment methods flow integrates with the Balances configuration API to determine which account balances should be impacted by the Ledger in a given authorization. This functionality allows you to create dynamic rules to impact the balance, offering additional flexibility. All rules are associated with a processing code.

Name: BALANCES_CONFIG

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
BALANCES_CONFIG_FOUNDAPPROVEDBalances configuration was found.NA00
BALANCES_CONFIG_SKIPPEDSKIPPEDBalances configuration validation was skipped.NANA
BALANCES_CONFIG_NOT_FOUNDSKIPPEDBalances configuration was not found.NANA
BALANCES_CONFIG_TIMEOUTREJECTEDBalances configuration validation returned a timeout.BCT96
BALANCES_CONFIG_ERRORREJECTEDBalances configuration validation returned an error.BCE96

Additional data: Contains balance impact information returned by the Balances configuration API, which is used to impact the Ledger.

Fields: impact, consider, amount, amount_consider, reset_limit

Payload example:

{
	"name": "BALANCES_CONFIG",
	"status": "APPROVED",
	"reason": "BALANCES_CONFIG_FOUND",
	"description": "Balances configuration was found.",
	"additional_data": {
		"amount": "contract_amount",
		"amount_consider": "principal_amount",
		"consider": [
			"AvailableCreditLimit",
			"OverLimit"
		],
		"impact": [
			"AvailableCreditLimit"
		],
		"reset_limit": "last_installment"
	}
}

Card retrieval

When the authorization request from the payment methods service is performed using a card (PAN), the platform validates whether that card number is valid and exists in the database. If any error occurs, the request is declined.

Name: CARD

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_FOUNDAPPROVEDCard was found.NA00
CARD_SKIPPEDSKIPPEDCard validation was skipped.NANA
CARD_NOT_FOUNDREJECTEDCard was not found.PNF14
CARD_ERRORREJECTEDInternal error validating card.SED96

Additional data: Contains the card hash related to the card number received

Fields: card_hash

Payload example:

{
    "name": "CARD",
    "status": "APPROVED",
    "reason": "CARD_FOUND",
    "description": "Card was found.",
    "additional_data": {
        "card_hash": "99999999fOt10YS1QK8V3J6poQ/r1gOsfZZZZzzzzzZkxyiabfxRBPVfSzMlKAlXIs777777777tOwntil9k+A=="
    }
}

Card ARQC validation

When the authorization request from the payment methods service is performed using a card (PAN) and contains the cryptogram (chip) information, the platform validates this Cryptogram information against the HSM to verify whether it is valid.

Name: ARQC

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_ARQC_VALIDAPPROVEDARQC was validated successfully.NA00
CARD_ARQC_SKIPPEDSKIPPEDARQC validation was skipped.NANA
CARD_ARQC_INVALIDREJECTEDARQC is invalid.ICR63
HSM_REQUIRED_FIELD_ERRORREJECTEDMissing required field.KNC57
CARD_ARQC_ERRORREJECTEDInternal error validating ARQC.SED96

Additional data: Contains the field that indicates whether the cryptogram data is present. When declined by HSM, contains the error code. When validation is skipped, contains the cause.

Fields: arqc_presence, error_code, cause

Payload example:

{
    "name": "CARD_ARQC",
    "status": "SKIPPED",
    "reason": "CARD_ARQC_SKIPPED",
    "description": "ARQC validation was skipped.",
    "additional_data": {
        "arqc_presence": false,
        "cause": "Authorization has no cardholder verification method.",
        "error_code": ""
    }
}

Card ATC validation

ATC is the transaction counter present in the chip information of the card. Every time the cardholder performs a transaction using a POS that reads chip data, the counter is incremented. The Pismo platform compares the counter received in the request with the ones registered in the database from previous authorizations. If the counter is not duplicated and is within an allowed range (configured by the issuer), the request is validated.

Name: CARD_ATC

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_ATC_WITHIN_ALLOWED_RANGEAPPROVEDATC is within allowed range.NA00
CARD_ATC_SKIPPEDSKIPPEDATC validation was skipped.NANA
CARD_ATC_OUTSIDE_ALLOWED_RANGEREJECTEDATC is outside allowed range.ATC63
CARD_ATC_IS_DUPLICATEDREJECTEDATC is already registered in the database for this card.ATC63
MISSING_PROGRAM_PARAMETERREJECTEDMin or max range parameters were not found to perform validation.PPD57

Additional data: Contains the current ATC, the list of previous ATCs, and both min and max offset allowed parameters.

Fields: current_atc,previous_atc, min_offset_parameter, max_offset_parameter

Payload example:

{
    "name": "CARD_ATC",
    "status": "APPROVED",
    "reason": "CARD_ATC_WITHIN_ALLOWED_RANGE",
    "description": "ATC is within allowed range.",
    "additional_data": {
        "current_atc": "10",
        "previous_atc": "[9,8,7,5,1]",
        "min_offset_parameter": "5",
        "max_offset_parameter": "15"
    }
}

Card authorization mode validation

When authorization request from the payment methods service uses a card, the Pismo platform validates if the authorization mode (credit/debit) matches the card mode. Credit cards can only operate on credit mode and debit cards can only operate on debit mode. Combo or multi application cards can operate on both modes but the mode received on the authorization request must be enabled on the card.

Name: CARD_AUTHORIZATION_MODE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_AUTHORIZATION_MODE_VALIDAPPROVEDCard has authorization mode enabled.NA00
CARD_AUTHORIZATION_MODE_SKIPPEDSKIPPEDCard mode validation was skipped.NANA
CARD_AUTHORIZATION_MODE_INVALIDREJECTEDCard mode doesn't allow authorization mode.IAM57
CARD_AUTHORIZATION_MODE_NOT_FOUNDREJECTEDCard doesn't have authorization mode created.IAM57

Additional data: Contains the authorization mode.

Fields: authorization_mode

Payload example:

{
    "name": "CARD_AUTHORIZATION_MODE",
    "status": "APPROVED",
    "reason": "CARD_AUTHORIZATION_MODE_VALID",
    "description": "Card has authorization mode enabled.",
    "additional_data": {
        "authorization_mode": "CREDIT"
    }
}

Card CVV validation

When the authorization request from the payment methods service is performed using a card (PAN) and contains a CVV (track1 or track2 data), this CVV information is validated against the HSM to verify whether it is valid.

Name: CVV

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_CVV_VALIDAPPROVEDCVV was validated successfully.NA00
CARD_CVV_SKIPPEDSKIPPEDCVV validation was skipped.NANA
CARD_CVV_INVALIDREJECTEDCVV is invalid.CVV14
HSM_REQUIRED_FIELD_ERRORREJECTEDMissing required field.KNC57
CARD_CVV_ERRORREJECTEDInternal error validating CVV.SED96

Additional data: Contains two fields indicating the track1 and track2 data presence and, when declined by HSM, contains the error code. When validation is skipped, contains the cause.

Fields: track1_presence, track2_presence, error_code, cause

Payload example:

{
    "name": "CARD_CVV",
    "status": "SKIPPED",
    "reason": "CARD_CVV_SKIPPED",
    "description": "CVV validation was skipped.",
    "additional_data": {
        "track1_presence": false,
        "track2_presence": false,
        "cause": "Authorization has no cardholder verification method.",
        "error_code": ""
    }
}

Card CVV2 validation

When the authorization request from the payment methods service is performed using a card (PAN) and contains a CVV2, the platform validates this CVV2 information against the HSM to verify whether it is valid. The platform also validates the entered expiration date during this flow since it is used on the CVV2 calculation and must be correct.

Name: CVV2

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_CVV2_VALIDAPPROVEDCVV2 was validated successfully.NA00
CARD_CVV2_SKIPPEDSKIPPEDCVV2 validation was skipped.NANA
CARD_CVV2_INVALIDREJECTEDCVV2 is invalid.CV214
CARD_EXPIRATION_DATE_INVALIDREJECTEDEntered expiration date is invalid.IED54
HSM_REQUIRED_FIELD_ERRORREJECTEDMissing required field. Expiration date not provided.KNC57
CARD_CVV2_ERRORREJECTEDInternal error validating CVV2.SED96

Additional data: Contains the field indicating the CVV2 data presence, the entered expiration date, and, when declined by HSM, it contains the error code. When validation is skipped, contains the cause.

Fields: cvv2_presence, entered_expiration_date, error_code, cause

Payload example:

{
    "name": "CARD_CVV2",
    "status": "SKIPPED",
    "reason": "CARD_CVV2_SKIPPED",
    "description": "CVV2 validation was skipped.",
    "additional_data": {
        "cvv2_presence": false,
        "entered_expiration_date": "2806",
        "cause": "Authorization has no cardholder verification method.",
        "error_code": ""
    }
}

Card entered expiration date validation

When the authorization request from the payment methods service is performed using a card and cardholder provides the expiration date, the platform validates whether the entered expiration date matches the card’s expiration date.

Name: CARD_ENTERED_EXPIRATION_DATE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_ENTERED_EXPIRATION_DATE_VALIDAPPROVEDEntered expiration date matches card expiration date.NA00
CARD_ENTERED_EXPIRATION_DATE_SKIPPEDSKIPPEDValidation of entered expiration date was skipped.NANA
CARD_ENTERED_EXPIRATION_DATE_INVALIDREJECTEDEntered expiration date doesn't match card expiration date.IED54
CARD_ENTERED_EXPIRATION_DATE_ERRORREJECTEDInternal error validating entered expiration date.SED96

Additional data: Contains the entered expiration date and the card’s expiration date.

Fields: entered_expiration_date, card_expiration_date

Payload example:

{
    "name": "CARD_ENTERED_EXPIRATION_DATE",
    "status": "APPROVED",
    "reason": "CARD_ENTERED_EXPIRATION_DATE_VALID",
    "description": "Entered expiration date matches card expiration date.",
    "additional_data": {
        "card_expiration_date": "2806",
        "entered_expiration_date": "2806"
    }
}

Card expired date validation

When the authorization request from the payment methods service is performed using a card, the platform validates whether the card is expired.

Name: CARD_EXPIRATION_DATE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_NOT_EXPIREDAPPROVEDCard is not expired.NA00
CARD_EXPIRATION_SKIPPEDSKIPPEDValidation of card expiration date was skipped.NANA
CARD_EXPIREDREJECTEDCard is expired.CEE54
CARD_EXPIRATION_ERRORREJECTEDInternal error validating card expiration date.SED96

Additional data: Contains the card’s expiration date.

Fields: card_expiration_date

Payload example:

{
    "name": "CARD_EXPIRATION_DATE",
    "status": "APPROVED",
    "reason": "CARD_NOT_EXPIRED",
    "description": "Card is not expired.",
    "additional_data": {
        "card_expiration_date": "2806"
    }
}

Card password tries validation

The Pismo platform validates and counts the number of incorrect password tries by the cardholder. If those tries reach a configured threshold, the card is blocked and new requests are allowed even if the password is correct. This threshold is configured by the issuer on the Pismo platform.

Password tries error counter is only reset when the cardholder enters the correct password in a new authorization request before reaching the blocking threshold. Requests that don't use the password, such as e-commerce or contactless, even though approved, do not reset the counter. After reaching the threshold, even the requests without password are declined.

Name: CARD_PASSWORD_TRIES

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_PASSWORD_TRIES_ALLOWEDAPPROVEDPassword tries are within configured threshold.NA00
CARD_PASSWORD_TRIES_SKIPPEDSKIPPEDPassword tries validation was skipped.NANA
CARD_PASSWORD_TRIES_EXCEEDEDREJECTEDPassword tries exceeded configured threshold.PTD75
MISSING_PROGRAM_PARAMETERREJECTEDMax password tries parameter was not found to perform validation.PPD57

Additional data: Contains the current password tries count and the configured threshold.

Fields: current_password_tries, password_tries_allowed

Payload example:

{
    "name": "CARD_PASSWORD_TRIES",
    "status": "APPROVED",
    "reason": "CARD_PASSWORD_TRIES_ALLOWED",
    "description": "Password tries are within configured threshold.",
    "additional_data": {
        "current_password_tries": 0,
        "password_tries_allowed": 3
    }
}

Card PIN validation

When the authorization request from the payment methods service is performed using a card (PAN) and contains a PIN block, the platform validates this PIN block information against the HSM.

Name: CARD_PIN

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_PIN_VALIDAPPROVEDPIN was validated successfully.NA00
CARD_PIN_SKIPPEDSKIPPEDPIN validation was skipped.NANA
CARD_PIN_INVALIDREJECTEDPIN is invalid.IPD55
HSM_KEY_NOT_FOUNDREJECTEDHSM keys not found.KNF57
HSM_REQUIRED_FIELD_ERRORREJECTEDMissing required field.KNC57
CARD_PIN_ERRORREJECTEDInternal error validating PIN.SED96

Additional data: Contains the field that indicates whether the PIN block data is present. When declined by HSM, contains the error code. When validation is skipped, contains the cause.

Fields: pin_presence, error_code, cause

Payload example:

{
    "name": "CARD_PIN",
    "status": "SKIPPED",
    "reason": "CARD_PIN_SKIPPED",
    "description": "PIN validation was skipped.",
    "additional_data": {
        "pin_presence": false,
        "cause": "Authorization has no cardholder verification method.",
        "error_code": ""
    }
}

Card status validation

When the authorization request from the payment methods service is performed using a card, the platform validates whether the card has a blocked status.

Name: CARD_STATUS

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CARD_STATUS_VALIDAPPROVEDCard is in valid status.NA00
CARD_STATUS_SKIPPEDSKIPPEDCard status validation was skipped.NANA
CARD_STATUS_INVALIDREJECTEDCard is in blocked status.CBD57

Additional data: Contains the card status.

Fields: card_status

Payload example:

{
    "name": "CARD_STATUS",
    "status": "APPROVED",
    "reason": "CARD_STATUS_VALID",
    "description": "Card is in valid status.",
    "additional_data": {
        "card_status": "NORMAL"
    }
}

External calculation

If configured, the authorization request from the payment methods service calls an external endpoint to have the amounts of the authorization calculated by an external system. If any error occurs, the authorization is declined.

Name: EXTERNAL_CALCULATION

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
EXTERNAL_CALCULATION_SUCCESSFULAPPROVEDExternal calculation was performed successfully.NA00
EXTERNAL_CALCULATION_SKIPPEDSKIPPEDExternal calculation was skipped.NANA
EXTERNAL_CALCULATION_ERRORREJECTEDInternal error when performing external calculation.ECE92
EXTERNAL_CALCULATION_TIMEOUTREJECTEDTimeout when attempting to perform external calculation request.ECT92
EXTERNAL_CALCULATION_DECLINEDREJECTEDExternal call declined calculation request.ECD57
EXTERNAL_CALCULATION_INVALID_RESPONSEREJECTEDExternal calculation response has invalid values.ECI92

Additional data: Contains the list of validation errors when the external system responds with an unexpected response format or missing required fields.

Fields: error_1, error_2, error_n

Payload example:

{
    "name": "EXTERNAL_CALCULATION",
    "status": "APPROVED",
    "reason": "EXTERNAL_CALCULATION_SUCCESSFUL",
    "description": "External calculation was performed successfully.",
    "additional_data": null
}

Flex controls evaluation

Platform authorization evaluates flex controls for the operation.

Name: FLEX_CONTROLS

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
FLEX_CONTROLS_APPROVEDAPPROVEDAuthorization passed flex control evaluation.NA00
FLEX_CONTROLS_SKIPPEDSKIPPEDFlex controls evaluation was skipped.NANA
FLEX_CONTROLS_NOT_APPROVEDREJECTEDAuthorization failed flex control evaluation.FCD57
FLEX_CONTROLS_ERRORREJECTEDInternal error in the evaluation of flex controls.FCE96
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "FLEX_CONTROLS",
    "status": "APPROVED",
    "reason": "FLEX_CONTROLS_APPROVED",
    "description": "Authorization passed flex control evaluation.",
    "additional_data": {}
}

Ledger integration

Platform authorization integrates with Ledger API to evaluate impact on account limits for this operation.

Name: LEDGER

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
LEDGER_APPROVEDAPPROVEDLedger was impacted successfully.NA00
LEDGER_SKIPPEDSKIPPEDLedger impacting was skipped.NANA
LEDGER_INSUFFICIENT_FUNDSREJECTEDAmount authorization is greater than the account available limits.PLD51
LEDGER_NOT_ALLOWED_OPERATIONREJECTEDAccount is blocked from receiving debits or credits.PLO57
LEDGER_DUPLICATED_TRACKING_IDREJECTEDInternal error of duplicated tracking ID in the ledger.PLE96
LEDGER_ERRORREJECTEDInternal error in impacting ledger.PLE96
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "LEDGER",
    "status": "APPROVED",
    "reason": "LEDGER_APPROVED",
    "description": "Ledger was impacted successfully.",
    "additional_data": {}
    }
}

Merchant validation

To complete an authorization request, the authorization request from the payment methods service calls the merchants API to validate if the merchant can authorize transactions, which is when their status is ACTIVE or APPROVED.

Name: MERCHANT

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
MERCHANT_VALID_STATUSAPPROVEDMerchant has valid status.NA00
MERCHANT_SKIPPEDSKIPPEDMerchant validation was skipped.NANA
MERCHANT_INVALID_STATUSREJECTEDMerchant has invalid status.IMD57
MERCHANT_NOT_FOUNDREJECTEDMerchant was not found.MNF57
MERCHANT_ERRORREJECTEDInternal error validating merchant.SED96

Additional data: Contains the merchant external ID (external_id provided by the customer, not the Pismo internal ID) and status.

Fields: merchant_external_id (external ID provided by the customer, not Pismo internal ID), status

Payload example:

{
    "name": "MERCHANT",
    "status": "APPROVED",
    "reason": "MERCHANT_VALID_STATUS",
    "description": "Merchant has valid status.",
    "additional_data": {
        "merchant_external_id": "FL-123456",
        "status": "ACTIVE"
    }
}

Payment methods configuration retrieval

For every authorization request from the payment methods service, the platform retrieves the configurations related to the account/program/organization performing the request. If anything unexpected happens during this flow, the request may be declined.

Name: CONFIG

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
CONFIG_FOUNDAPPROVEDPayment methods configuration was found.NA00
CONFIG_SKIPPEDSKIPPEDPayment methods configuration validation was skipped.NANA
CONFIG_NOT_FOUNDREJECTEDPayment methods configuration was not found.CNF57
CONFIG_ERRORREJECTEDInternal error validating payment methods configuration.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "CONFIG",
    "status": "APPROVED",
    "reason": "CONFIG_FOUND",
    "description": "Payment methods configuration was found.",
    "additional_data": {}
}

Payment methods acceptances retrieval

For every authorization request from the payment methods service, the platform retrieves the acceptances related to the account, program, and organization and processing code performing the request. If anything unexpected happens during this flow, the request may be declined.

Name: ACCEPTANCE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ACCEPTANCE_FOUNDAPPROVEDPayment methods acceptances were found.NA00
ACCEPTANCE_SKIPPEDSKIPPEDPayment methods acceptances validation was skipped.NANA
ACCEPTANCE_NOT_FOUNDREJECTEDPayment methods acceptances were not found.AND57
ACCEPTANCE_ERRORREJECTEDInternal error validating payment methods acceptances.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "ACCEPTANCE",
    "status": "APPROVED",
    "reason": "ACCEPTANCE_FOUND",
    "description": "Payment methods acceptances were found.",
    "additional_data": null
}

Payment methods integrity

Payment methods flow saves an integrity message to process the integrity validation of the flow later. If this operation fails to register the integrity message, the request is declined.

Name: PAYMENT_METHODS_INTEGRITY

Possible status: APPROVED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PAYMENT_METHODS_INTEGRITY_CREATEDAPPROVEDPayment methods integrity message was created successfully.NA00
PAYMENT_METHODS_INTEGRITY_ERRORREJECTEDUnexpected error happened while saving the payment methods integrity message.OIE96

Additional data: Not mapped yet.

Payload example:

{
    "name": "PAYMENT_METHODS_INTEGRITY",
    "status": "APPROVED",
    "reason": "PAYMENT_METHODS_INTEGRITY_CREATED",
    "description": "Payment methods integrity message was created successfully.",
    "additional_data": null
}

Payment methods persistence

Payment methods flow saves the request and response information in the persistence record to guarantee integrity of the flow. If this operation fails to register the information into the database, the request is declined.

Name: PAYMENT_METHODS_PERSISTENCE

Possible status: APPROVED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PAYMENT_METHODS_PERSISTENCE_CREATEDAPPROVEDPayment methods persistence record was created successfully.NA00
PAYMENT_METHODS_PERSISTENCE_ERRORREJECTEDUnexpected error happened while saving the payment methods persistence record.OPE96

Additional data: Not mapped yet.

Payload example:

{
    "name": "PAYMENT_METHODS_PERSISTENCE",
    "status": "APPROVED",
    "reason": "PAYMENT_METHODS_PERSISTENCE_CREATED",
    "description": "Payment methods persistence record was created successfully.",
    "additional_data": null
}

Operation amount calculation

Platform authorization calls the Rates API to calculate the contract amount including taxes and fees on this authorization. If any error occurs, the request is declined.

Name: RATES

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
RATES_APPROVEDAPPROVEDRates calculation was performed.NA00
RATES_SKIPPEDSKIPPEDRates calculation was skipped.NANA
RATES_ERRORREJECTEDInternal error in calculating rates.PRE96

Additional data: Not mapped yet.

Payload example:

{
    "name": "RATES",
    "status": "APPROVED",
    "reason": "RATES_APPROVED",
    "description": "Rates calculation was performed.",
    "additional_data": {}
}

Original authorization retrieval

Platform authorization retrieves the original authorization and performs validations.

Name: ORIGINAL_AUTHORIZATION

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
ORIGINAL_AUTHORIZATION_APPROVEDAPPROVEDOriginal authorization validation was approved.NA00
ORIGINAL_AUTHORIZATION_SKIPPEDSKIPPEDOriginal authorization validation was skipped.NANA
ORIGINAL_AUTHORIZATION_NOT_FOUNDREJECTEDOriginal authorization was not found.POA57
ORIGINAL_AUTHORIZATION_IS_DENIEDREJECTEDOriginal authorization is denied and therefore can not be cancelled.POA57
ORIGINAL_AUTHORIZATION_IS_FROM_DIFFERENT_ACCOUNTREJECTEDOriginal authorization is from a different account.POA57
ORIGINAL_AUTHORIZATION_ERRORREJECTEDInternal error validating original authorization.POA57
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "ORIGINAL_AUTHORIZATION",
    "status": "APPROVED",
    "reason": "ORIGINAL_AUTHORIZATION_APPROVED",
    "description": "Original authorization validation was approved.",
    "additional_data": {}
}

Platform authentication

Payment methods flow supports external integration to have the request authenticated against an external provider. If authentication is enabled and the information related to this is sent into the request payload, Payment methods API calls the external provider to validate this information. The result of this validation is attached to the validation result map on this entry.

If the platform does not authenticate and decline the request, it does not add an entry to the validation result map, since the flow is stopped and the request receives the 401 - Unauthorized HTTP response.

Name: PLATFORM_AUTHENTICATION

Possible status: APPROVED, SKIPPED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PLATFORM_AUTHENTICATION_SUCCESSFULAPPROVEDRequest was authenticated successfully.NA00
PLATFORM_AUTHENTICATION_SKIPPEDSKIPPEDPlatform authentication call was skipped.NANA
PLATFORM_AUTHENTICATION_FAILED_SKIPPEDSKIPPEDPlatform authentication validation has failed but it was not required for this request.NANA

Additional data: Not mapped yet.

Payload example:

{
    "name": "PLATFORM_AUTHENTICATION",
    "status": "APPROVED",
    "reason": "PLATFORM_AUTHENTICATION_SUCCESSFUL",
    "description": "Request was authenticated successfully.",
    "additional_data": null
}

Platform authorization

To complete an authorization request, the authorization request from the payment methods service calls the platform authorization flow that performs all platform validations, such as ledger, rates, flex controls, and anti-fraud. If an error occurs during this call, the request is declined.

Name: PLATFORM_AUTHORIZATION

Possible status: APPROVED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PLATFORM_AUTHORIZATION_SUCCESSFULAPPROVEDPlatform authorization was processed successfully.NA00
PLATFORM_AUTHORIZATION_ERRORREJECTEDPlatform authorization call returned an error.PAE96
PLATFORM_AUTHORIZATION_TIMEOUTREJECTEDTimeout when attempting to perform platform authorization request.PAT96
PLATFORM_AUTHORIZATION_DUPLICATED_TRACKING_IDREJECTEDPlatform authorization responded an idempotent response since tracking ID was already used.PAD30

Additional data: Not mapped yet.

Payload example:

{
    "name": "PLATFORM_AUTHORIZATION",
    "status": "REJECTED",
    "reason": "PLATFORM_AUTHORIZATION_ERROR",
    "description": "Platform authorization call returned an error.",
    "additional_data": null
}

Processing code mapping

Payment methods flow integrates processing code API to map the correct processing code to the authorization. This allows you to create mapping rules where the processing code received may be changed into a new one to have a specific mapping for each necessary scenario.

Name: PROCESSING_CODE_MAPPER

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PROCESSING_CODE_MAPPEDAPPROVEDProcessing code was mapped successfully.NA00
PROCESSING_CODE_MAPPING_SKIPPEDSKIPPEDProcessing code mapping was skipped.NANA
PROCESSING_CODE_MAPPING_ERRORREJECTEDInternal error mapping processing code.PCO96

Additional data: Contains the original processing code received on the request and the mapped processing code that is returned after mapping (this may be the same processing code as the received one if no rule is configured).

Fields: original_processing_code, mapped_processing_code

Payload example:

{
    "name": "PROCESSING_CODE_MAPPER",
    "status": "APPROVED",
    "reason": "PROCESSING_CODE_MAPPED",
    "description": "Processing code was mapped successfully.",
    "additional_data": {
        "original_processing_code": "00",
        "mapped_processing_code": "003000"
    }
}

Processing code type validation

Platform authorization validates whether the processing code has a valid balance impact type of credit, debit, or zero balance. If it is an invalid type, the request is declined.

Name: PROCESSING_CODE_TYPE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PROCESSING_CODE_TYPE_VALIDAPPROVEDProcessing code has a valid balance impact type.NA00
PROCESSING_CODE_TYPE_SKIPPEDSKIPPEDProcessing code balance impact type validation was skipped.NANA
PROCESSING_CODE_TYPE_INVALIDREJECTEDProcessing code has an invalid balance impact type..PCD57

Additional data: Not mapped yet.

Payload example:

{
    "name": "PROCESSING_CODE_TYPE",
    "status": "APPROVED",
    "reason": "PROCESSING_CODE_TYPE_VALID",
    "description": "Processing code has a valid balance impact type.",
    "additional_data": {}
}

Processing code validation

Platform authorization validates if the processing code is valid.

Name: PROCESSING_CODE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PROCESSING_CODE_FOUNDAPPROVEDProcessing code was found.NA00
PROCESSING_CODE_SKIPPEDSKIPPEDProcessing code validation was skipped.NANA
PROCESSING_CODE_ERRORREJECTEDInternal error validating processing code.PCE96
PROCESSING_CODE_NOT_FOUNDREJECTEDProcessing code was not found.PCD57
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "PROCESSING_CODE",
    "status": "APPROVED",
    "reason": "PROCESSING_CODE_FOUND",
    "description": "Processing code was found.",
    "additional_data": {}
}

Program parameters retrieval

To perform card password tries and card ATC validations, the platform needs to retrieve program parameters. If something goes wrong with this retrieval, the authorization may be denied.

Name: PROGRAM_PARAMETER

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PROGRAM_PARAMETER_FOUNDAPPROVEDProgram parameters were found successfully.NA00
PROGRAM_PARAMETER_SKIPPEDSKIPPEDProgram parameters validation was skipped.NANA
PROGRAM_PARAMETER_ERRORREJECTEDInternal error validating program parameters.PPE96

Additional data: Contains the program ID related to this request.

Fields: program_id

Payload example:

{
    "name": "PROGRAM_PARAMETER",
    "status": "APPROVED",
    "reason": "PROGRAM_PARAMETER_FOUND",
    "description": "Program parameters were found successfully.",
    "additional_data": {
        "program_id": 99
    }
}

Program retrieval

Platform authorization retrieves the program information to process this authorization request and make some validations.

Name: PROGRAM

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
PROGRAM_FOUNDAPPROVEDProgram was found.NA00
PROGRAM_SKIPPEDSKIPPEDProgram validation was skipped.NANA
PROGRAM_NOT_FOUNDREJECTEDProgram was not found.PPN57
PROGRAM_ERRORREJECTEDInternal error validating program.PPE96
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Not mapped yet.

Payload example:

{
    "name": "PROGRAM",
    "status": "APPROVED",
    "reason": "PROGRAM_FOUND",
    "description": "Program was found.",
    "additional_data": {}
}

Remaining cancellation balance

Platform authorization retrieves the remaining cancellation balance and performs validations.

Name: REMAINING_CANCELLATION_BALANCE

Possible status: APPROVED, SKIPPED, REJECTED

Possible reasons:

ReasonStatusDescriptionCustom codeResponse code
REMAINING_CANCELLATION_BALANCE_APPROVEDAPPROVEDRemaining cancellation balance for this authorization was approved.NA00
REMAINING_CANCELLATION_BALANCE_SKIPPEDSKIPPEDRemaining cancellation balance for this authorization was skipped.NANA
CANNOT_PARTIALLY_CANCEL_AUTHORIZATION_PENDING_CONFIRMATIONREJECTEDOriginal authorization is pending confirmation and therefore can not be partially cancelled.PRC57
AUTHORIZATION_ALREADY_CANCELLEDREJECTEDAuthorization was already cancelled.PRC57
TOTAL_CANCELLATION_BALANCE_EXCEEDS_AUTHORIZEDREJECTEDTotal cancellation balance exceeds the authorized amount.PRC57
REMAINING_CANCELLATION_BALANCE_ERRORREJECTEDInternal error in remaining cancellation balance validation.PRC96
UNEXPECTED_ERRORREJECTEDUnexpected error happened while processing the authorization.SED96

Additional data: Contains the platform denial code and response code when there is a validation error.

Fields: denial_code, response_code

Payload example:

{
    "name": "REMAINING_CANCELLATION_BALANCE",
    "status": "APPROVED",
    "reason": "ORIGINAL_AUTHORIZATION_APPROVED",
    "description": "Remaining cancellation balance for this authorization was approved.",
    "additional_data": {}
}