# Cardholder-initiated Transaction scenario
Cardholder can initiate transaction using stored credentials. Below, decribes a possible scenario
# Step 1
- Cardholder buy an item from your store for the first time and agrees to place their card on file with the merchant.
- The cardholder performs a payment by entering full card details.
- If the merchant is PCI SAQ-D Compliant, he can perform a full card payment else he should perform the payment using a payment-nonce.
TIP
Note
- For PCI SAQ-D merchants, they might choose to save the full card details on their servers.
- For non PCI merchants, they might choose to save the Payer details and associated
payer.funding_instrument.credit_card.id.
# Step 2
- A cardholder return to the store and buy an item.
- At checkout the merchant has the ability of proposing the cardholder to choose from either performing the payment using a saved card or by entering complete card details.
- If the cardholder choose to use stored card details, use our payer endpoint to retrieve the card information.
# For PCI SAQ-D merchants
If the merchant is PCI SAQ-D Compliant, they will perform a full card payment with the flag payer.funding_instrument.credit_card.stored: true set to true. (note that CVV is not stored and needs to be entered by the Payer)
# Authorize a subsequent payment using full card details
Request example
- Shell
- JavaScript
curl -X POST \
https://api.ompay.com/v1/merchants/w3z8dfhkzvfq0j9n/payment \
-H 'authorization: Basic ODZidWQ0Y2JremlxOXZmYzoweHI1ZDkwOHo2bmo4a2h6' \
-H 'content-type: application/json' \
-d '{
"intent": "auth",
"payer": {
"payment_type": "CC",
"funding_instrument": {
"credit_card": {
"number": "4543474002249996",
"expire_month": "06",
"expire_year": "2025",
"cvv2": "956",
"name": "Tom Hanks",
"stored":true
}
},
"payer_info": {
"email": "tomhank@gmail.com",
"name": "Tom Hanks",
"billing_address": {
"line1": "18 Avenue",
"line2": "cassidy",
"city": "Rose-Hill",
"country_code": "mu",
"postal_code": "72101",
"state": "",
"phone": {
"country_code": "230",
"number": "57976041"
}
}
}
},
"payee": {
"email": "mail@test.com",
"merchant_id": "w3z8dfhkzvfq0j9n"
},
"transaction": {
"type": "1",
"amount": {
"currency": "USD",
"total": "300"
},
"invoice_number": "123455",
"items": [{
"sku": "100299S",
"name": "Ultrawatch",
"description": "Smart watch",
"quantity": "1",
"price": "500",
"shipping": "20",
"currency": "USD",
"url": "",
"image": "",
"tangible": "true"
},
{
"sku": "100269S",
"name": "Drone",
"description": "drone x",
"quantity": "1",
"price": "500",
"shipping": "20",
"currency": "USD",
"url": "",
"image": "",
"tangible": "true"
}
]
}
}'
Response example
{
"id": "2JHY1CB6CR8N0FZK43WU",
"reference_id": "2JHY1CB6CR8N0FZK43WU",
"state": "authorised",
"result": {
"authorisation_code": "590622",
"code": "0000",
"description": "Approved"
},
"intent": "AUTH",
"payer": {
"payment_type": "CC",
"funding_instrument": {
"credit_card": {
"id": "20abc6eb-35fd-427e-b57e-c7eea99dd423",
"type": "Visa",
"expire_month": 6,
"expire_year": 2025,
"name": "Tom Hanks",
"cvv_check": "Y",
"avs_check": "S",
"last4": "9996",
"bin": "454347",
"bin_data": {
"bin": "454347",
"country_code": "MU",
"country_name": "Mauritius",
"bank_name": "MCB",
"card_scheme": "Visa",
"card_type": "Credit",
"card_category": "1"
}
}
},
"payer_info": {
"id": "35d4d1ec-4f9d-416d-acdc-d12f4bf0c6df",
"email": "tomhank@gmail.com",
"name": "Tom Hanks",
"billing_address": {
"phone": {
"country_code": "230",
"number": "57976041"
},
"line1": "18 Avenue",
"line2": "cassidy",
"city": "Rose-Hill",
"country_code": "MU",
"postal_code": "72101",
"state": ""
}
}
},
"transaction": {
"amount": {
"currency": "USD",
"total": "300"
},
"type": "1",
"mode": "1",
"items": [
{
"sku": "100299S",
"name": "Ultrawatch",
"description": "Smart watch",
"quantity": "1",
"price": "500",
"shipping": "",
"url": ""
},
{
"sku": "100269S",
"name": "Drone",
"description": "drone x",
"quantity": "1",
"price": "500",
"shipping": "",
"url": ""
}
],
"shipping_address": {
"phone": {}
},
"invoice_number": "123455"
},
"custom": {},
"risk_check": true,
"three_d": {},
"create_time": "2023-06-09T18:07:37Z",
"subscriptions": null
}
# For Non PCI merchants
if the merchant is not PCI SAQ-D and uses our Vault to store credit card details. The merchant will need to specify the credit_card_id retrieved and stored from the initial payment.
# Step 1: Retrieve payers associated cards
Request example
curl -X GET \
https://api.ompay.com/v1/merchants/w3z8dfhkzvfq0j9n/payer/0f053a05-9fa2-49a1-871f-3098e4b114e2/card \
-H 'authorization: Basic ODZidWQ0Y2JremlxOXZmYzoweHI1ZDkwOHo2bmo4a2h6' \
-H 'content-type: application/json'
Response example
{
"count": 1,
"credit_cards": [{
"id": "9c22d208-4e25-47f8-8d32-c0e6d97c17c2",
"type": "Visa",
"expire_month": 12,
"expire_year": 2020,
"name": "Tom Hanks",
"cvv_check": "Y",
"avs_check": "S",
"last4": "4821",
"bin": "400552",
"is_default": true,
"bin_data": {
"bin": "400552",
"country_code": "MU",
"country_name": "Mauritius",
"bank_name": "MCB",
"card_scheme": "Visa",
"card_type": "Credit",
"card_category": "1"
}
}]
}
- Based on the response above, the merchant can display the bin and last4 digit to the customer, so that they can select the stored card
# Step 2: Authorize a subsequent payment using card_id
- Once the cardholder select a card and enters the CVV, the merchant will be able to perform a payment using the
credit_card_idof the selected card- For more information on payment using card id, please refer to this page.
Note
In order to facilitate the payment process, it is essential to present a CVV input field to the customer. This field allows them to securely enter their CVV (Card Verification Value) and successfully finalize the payment transaction.