Payment API 2.0

Overview

The Payments API section provides a foundational understanding of how to integrate and manage payment operations using Cabbagino's platform. It covers the key aspects of payment processing, including setup, transaction handling, and security.

Building on API 1.0, this subsection introduces enhanced features, improved security protocols, and optimized transaction handling. It’s designed for developers looking to leverage the latest advancements in payment processing within their applications.

Covers the setup and management of webhooks to receive real-time notifications about payment events. It guides developers through the process of configuring webhooks to keep their systems updated with payment statuses and other critical events.

This section provides information on how to generate and verify digital signatures for payment requests, ensuring the authenticity and integrity of the transactions. It is essential for maintaining secure communication between your application and the Payments API.

A 3DS Handler is a software component or service responsible for managing the 3D Secure authentication process within an online payment system. It typically involves the following:

1. Integration with Payment Gateway: The 3DS Handler is integrated with the payment gateway used by the merchant to process transactions.

2. Communication Management: It manages communication between the merchant’s website, the 3DS server, and the ACS.

3. User Interface: It handles the redirection of the cardholder to the ACS for authentication and then back to the merchant’s site.

4. Transaction Monitoring: It monitors and logs the authentication process to ensure compliance and provide audit trails.

Key Components of 3D Secure:

1. Cardholder: The person making the online purchase.

2. Merchant: The online store or service where the purchase is made.

3. Issuer: The bank or financial institution that issued the credit or debit card.

4. Acquirer: The financial institution or bank that processes credit or debit card payments on behalf of the merchant.

5. 3DS Server: A server operated by the acquirer or a third-party service provider that handles the 3D Secure process.

6. Access Control Server (ACS): Managed by the issuer, this server handles the authentication of the cardholder.

How 3D Secure Works:

1. Initiation: The cardholder initiates a transaction on the merchant's website.

2. Redirection: The merchant's site redirects the cardholder to the 3DS server for authentication.

3. Authentication Request: The 3DS server sends an authentication request to the ACS.

4. Verification: The ACS verifies the cardholder’s identity. This could involve entering a password, a one-time passcode (OTP) sent via SMS, or using biometric methods.

5. Response: Once verified, the ACS sends a response back to the 3DS server.

6. Transaction Completion: The 3DS server notifies the merchant of the authentication result, and the transaction proceeds accordingly.

What is 3D Secure (3DS)?

3D Secure is a security protocol used by major credit card networks, such as Visa (Verified by Visa), MasterCard (MasterCard SecureCode), and American Express (SafeKey). It adds an additional layer of authentication for online transactions by redirecting the user to the card issuer’s domain for verification.