Fund transfers in to or out of an account generate two types of records:
Authorization - A record stating that a given amount was authorized for adding to, or taking from, an account. It contains information about its nature, such as the amount, local currency, date and time, and applicable fees.
In the Pismo authorization workflow:
- Authorization/base I is the process of the initial request to the issuer to approve a transaction.
- Clearing/base II is the process of finalizing and posting the transaction.
Transaction - Belongs to one particular authorization. It is a part of a complete purchase or funds transfer. It can correspond to a purchase installment, a certain fee amount, a statement payment, or a transfer between accounts, among other things.
The following is the authorization base I workflow for both Full balance and Zero balance integrations.
Note: This article details the events that Pismo generates during the authorization and clearing process, for more information on these events, see Authorization events.
User provides merchant with card information.
Merchant's point-of-sale (POS) device or payment gateway formats a message with an authorization request to the acquirer. Acquirers own most POS devices.
Acquirer sends a message to the card network who then sends a message to the processor, the Pismo platform.
Pismo removes sensitive data from the message and generates a Network authorization ISO8583 message received event.
Zero balance does not get this event as it receives the raw message when Pismo calls the issuer's webhook during Step 5. The Zero balance validations request endpoint details what is sent in this call.
Pismo performs validations and, for Full balance, does anti-fraud and account and balance checks
- Full balance - Card validations (stateful) plus balance and account checks (stateless) and anti-fraud checks. Pismo calls issuer's anti-fraud webhook with its results which the issuer can override. For more information, see Anti-fraud integration. Note that this integration is optional - if none is provided, Pismo responds to the network with its own results.
- Zero balance - Basic validations - PAN, CVV, etc. (stateless). If card validation fails, go to step 6, Pismo does not need to call the issuer in this case. Otherwise, Pismo calls the issuer's webhook so they can do their own anti-fraud checks and account and balance checks. See Zero balance anti-fraud and validations integration for more information.
- Response time - In either case, the issuer has 2 seconds to respond.
- Validations - For more information on validations, see Authorization validation rules.
- Pismo gets response message from issuer (if called) and responds to network. Pismo generates a Network authorization received event (network-authorization-1) and a Card network authorization return sent event (network-message-1).
- The card network sends back the response to the acquirer, who then sends the message to the merchant.
- For Full balance issuers, Pismo does all accounting, ledger, and credit and debit settlement. It also generates a confirmation Network authorization received event.
- Zero balance clients get the clearing events, but have to do their own account and balance settlement.
See Clearing/base II for more information.
- Full balance - Pismo, if the authorization is approved, creates a transaction and generates a create transaction event.
- Zero balance issuers need to create the transaction themselves.
Updated 7 days ago