Developers

Overview

This is a zero value transaction to verify or authorize a card.

Use Cases

A merchant may want to perform a zero-authorization card transaction in order to:

• Store card details for future use – Card schemes often insist that a zero-authorization transaction be sent before allowing card credentials to be stored for future use.
• Add a card (card registration) – A customer is sometimes required to add a card to their account, so that it can be verified, and used to charge the customer at a later date. For example adding a card at the beginning of an evaluation period, so it can be verified and charged at the end of the evaluation period.
• Verify a card – A merchant may want to move a potential customer to the next stage in the sales cycle by asking them to supply their card details. This allows the merchant to verify the existence of a card without charging it, as well as testing the customer’s level of commitment to eventually completing the sale.

Perform a Zero-Authorization Transaction

1. Call the /openOrder API call and set amount=0 and transactionType=Auth.
   

   Example of an /openOrder API Call

   {  
      "merchantId":"<your merchantId>",
      "merchantSiteId":"<merchantSiteId>",
      "userTokenId":"<a user identifier>",
      "clientUniqueId":"<The ID of the transaction in merchant system>",
      "clientRequestId":"<The ID of the API request in the merchant’s system>",
      "currency":"USD",
      "transactionType":"Auth",
      "amount":"0",
      "timeStamp":"<YYYYMMDDHHmmss>",
      "checksum":"<calculated checksum>"
   }

2. Use a /payment API call or a createPayment() call to send an authorization-only request with the transactionType set to “Auth” and the amount set to zero (amount=0).
   

   Example /payment API Request – with amount=0 and transactionType=Auth

   { 
      "sessionToken":"3993eb0c-5f64-4a6c-b16c-485818eb76eb",
      "merchantId":"<your merchantId>",
      "merchantSiteId":"<merchantSiteId>",
      "userTokenId":"<a user identifier>",
      "clientRequestId":"<The ID of the API request in the merchant’s system>",
      "clientUniqueId":"<The ID of the transaction in merchant system>",
      "currency":"USD",
      "amount":"0",
      "transactionType":"Auth",
      "paymentOption":{ 
         "card":{ 
            "cardNumber":"4000020951595032",
            "cardHolderName":"John Smith",
            "expirationMonth":"12",
            "expirationYear":"2022",
            "CVV":"217"
         }
      },
      "deviceDetails":{ 
         "ipAddress":"127.0.0.1"
      },
       "billingAddress":{
           "email":"john.smith@email.com",
           "country":"US"
       },
      "timeStamp":"<YYYYMMDDHHmmss>",
      "checksum":"<calculated checksum>"
   }

   Example createPayment() Request

   sfc.createPayment({
       "sessionToken": "3993eb0c-5f64-4a6c-b16c-485818eb76eb", //received from openOrder API 
       "merchantId": "<your merchantId>", //as assigned by Nuvei
       "merchantSiteId": "<merchantSiteId>", //as assigned by Nuvei
       "clientUniqueId": "<The ID of the transaction in merchant system>", // optional
       "paymentOption": {
         "card": { //this sample clearly shows text cards can also work with Nuvei Fields
           "cardNumber": "5111426646345761",
           "cardHolderName": "John Smith",
           "expirationMonth": "12",
           "expirationYear": "2022",
           "CVV": "217"
         }
       }
     },
     function(res) {
       console.log(res) if (res.cancelled === true) {
         example.querySelector('.token').innerText = 'cancelled';
       }
       else {
         example.querySelector('.token').innerText = res.transactionStatus + ' - Reference: ' + res.transactionId;
       }
       example.classList.add('submitted');
     }
   )

3. Perform a full 3D-Secure challenge (see 3D-Secure Guide), to comply with the “strong authentication validation” requirement set by card schemes for each zero-authorization request.