Card

Introduction

Card payments operate through a secure and standardized process that enables customers to make electronic transactions using their credit or debit cards.

Supporting technical documentation	Link
Swagger	Go
API reference	Go
Postman recipes	Go

When a customer initiates a card payment at a point of sale, online store, or any other transactional setting, the following steps occur:

Step	Action	Description
`1`	Payment Gateway	The payment gateway processes the card details and forwards an authorization request to the cardholder's bank (issuing bank) through a payment network like Visa or MasterCard.
`2`	Authorization Response	The issuing bank receives the authorization request, verifies the available funds, and checks for any potential fraud or security concerns. It then sends an authorization or decline response back to the payment gateway.
`3`	Merchant Confirmation	Based on the response from the issuing bank, the payment gateway informs the merchant whether the transaction is approved or declined. If approved, the merchant can proceed with the sale.
`4`	Capture and Settlement	If the transaction is authorized, the merchant captures the payment amount, indicating the final acceptance of the transaction. At this point, the transaction moves towards settlement, where the funds are transferred from the customer's bank to the merchant's bank.
`5`	Funds Transfer	The acquiring bank (merchant's bank) sends a request to the issuing bank for the actual funds to be transferred. The issuing bank transfers the funds to the acquiring bank, completing the payment process.
`6`	Customer Statement	The customer's bank statement reflects the payment, and the merchant receives the payment in their bank account, typically within a few business days.

Step1: Initiate Purchase

To accept Debit and Credit card payments in your application or website, use:

Request	URL
POST	https://gate.reviopay.com/api/v1/purchases/

Please remember to specify the success/fail redirect in the call to generate the direct_post_url.
To capture customers' card details, use an HTML form hosted on your website with method="POST" and action pointing to the direct_post_url of the transaction.

{
    "client_id": "{{client_id}}",
    "purchase": {
    	"currency": "ZAR",
        "language": "en",
	    "products": [
	    	{
    			"name": "My product or service - charge 1",
                "price": 100
			}
	    ]        
	},
	"brand_id": "{{brand_id}}",
    "force_recurring": true
}

Step2: Charge card

Request	URL
POST	https://gate.reviopay.com/p/{{Insert_direct_post_url}}/

You will also need to fill the form with <input>'s for the fields with card details. As a result, when a customer submits their card details, they will be posted straight to our system, allowing you to customise the checkout as you wish.

<!DOCTYPE html>
<html>
<body>

<h2>Card Direct Post</h2>

<form action="https://gate.reviopay.com/p/{{Insert direct_post_url}}/" method="POST">

  <label for="fname">Cardholder Name:</label><br>
  <input type="text" id="cardholder_name" name="cardholder_name" value="Input"><br><br>
  
  <label for="lname">Card number:</label><br>
  <input type="text" id="card_number" name="card_number" value="Input"><br><br>
  
  <label for="lname">Expires:</label><br>
  <input type="text" id="expires" name="expires" value="Input"><br><br>
  
  <label for="lname">CVC:</label><br>
  <input type="text" id="cvc" name="cvc" value="Input">
  
  <br><br>
  <input type="submit" value="Submit">
</form> 

</body>
</html>

Step3: Verify status

Use the success_callback parameter of the Purchase object.
Use GET /purchases/<purchase_id> request.
Set up a Webhook using your account's Developers section or Webhook API to listen to purchase.paid, or purchase.payment_failure event on your server.

✅
Your PCI DSS requirement is only raised to the Self-Assessment Questionnaire (SAQ A-EP), as your system doesn't receive or process card data.