Card-on-file
A Checkout charge session can be created for a saved card (card-on-file). In this case the customer will not have to enter card details, but only have to go through Strong Customer Authentication (SCA). A card-on-file session can be used for payments with a saved card where the customer is present (Customer Initiated Transaction) to be compliant with PSD2.
Note
Notice the contrast to Merchant Initiated Transaction.
To create a card-on-file charge session the argument card_on_file
must be supplied when creating the session. The argument value is a stored card reference ca_xxx....
The customer provided in the order object with customer_handle
must match the customer owning the saved card.
If a payment fails in the card-on-file session, an error will be reported either as Javascript callback for overlay and embedded, or as a HTTP query argument error on the cancel url in window mode. If the card-on-file fails, an alternative payment option could be presented to the customer. E.g. a new session without card-on-file.
CVV will by default not be required for charge sessions but will by default required for recurring sessions. It can be controlled using the parameter card_on_file_require_cvv.
Example API call to create a charge session with card-on-file:
cURL
curl -X POST \ --url https://checkout-api.reepay.com/v1/session/charge \ -u 'priv_xxxx:' \ -H 'Accept: application/json' \ -H 'Content-Type: application/json' \ --data '{ "card_on_file": "ca_11111111111111111111111111111111", "order": { "ordertext": "Awesome product", "handle": "order-12345", "amount": 10000, "customer_handle": "cust-0001" }, "accept_url":"https://webshop.com/accept/order-12345", "cancel_url":"https://webshop.com/decline/order-12345" }'