Process an online transaction using a scheme or gateway token.
Use the following request to initiate a scheme token number transaction with a token cryptogram.
{
"merchant": "MERCHANT-1",
"site": "SITE-1",
"merchantTransactionId": "ECOM_001",
"merchantTransactionDate": "2025-01-27 08:51:02.826445+00:00",
"transactionMethod": {
"intent": "Authorisation",
"entryType": "Ecom",
"fundingType": "Card"
},
"amounts": {
"transaction": 20,
"currencyCode": "GBP"
},
"fundingData": {
"card": {
"schemeTokenNumber": "4837261112345678",
"expiryMonth": "03",
"expiryYear": "2025",
"schemeTokenCryptogram": "AAEBAwQjSQAAXXXXXXXJYe0BbQA=",
"cardScheme": "Visa"
}
},
"threeDSecureData": {
"cardHolderAuthenticationVerificationValue": "MjAwNjI0MDkwMTEwMjA4NjU0MTY=",
"directoryServerTransactionId": "f25084f0-5b16-4c0a-ae5d-b24808a95e4b",
"electronicCommerceIndicator": "07",
"threeDSecureVersion": "2.1.0",
"threeDSecureTransactionStatus": "Y"
}
}| Parameter | Description |
|---|---|
merchantstring (≤ 20 characters) required | Your unique merchant identifier, as assigned by PXP. |
sitestring (≤ 20 characters) required | Your unique site identifier, as assigned by PXP. |
merchantTransactionIdstring (≤ 50 characters) required | A unique identifier for this transaction. |
merchantTransactionDatedate-time required | The date and time when the transaction happened, in ISO 8601 format. |
transactionMethodobject required | Details about the transaction method. |
transactionMethod.entryTypestring required | The entry type. For e-commerce transactions, this is always Ecom. |
transactionMethod.fundingTypestring required | The funding type. For card transactions, this is always Card. |
transactionMethod.intentstring required | The payment intent. Learn more about intents. Possible values:
|
amountsobject required | Details about the transaction amount. |
amounts.transactionnumber | The transaction amount. The numbers after the decimal will be zero padded if they are less than the expected currencyCode exponent. For example, GBP 1.1 = GBP 1.10, EUR 1 = EUR 1.00, or BHD 1.3 = 1.300. The transaction will be rejected if numbers after the decimal are greater than the expected currencyCode exponent (e.g., GBP 1.234), or if a decimal is supplied when the currencyCode of the exponent does not require it (e.g., JPY 1.0). |
amounts.currencyCodestring (1-3 characters) required | The currency code associated with the transaction, in ISO 4217 format. |
fundingDataobject required | Details about the payment method used for the transaction. |
fundingData.cardobject | Details about the card. |
fundingData.card.schemeTokenNumberstring required | A scheme token issued by Visa or Mastercard, used for subsequent transaction processing. This token enhances security and facilitates recurring transactions, providing a secure and efficient alternative to sharing sensitive card details. |
fundingData.card.expiryMonthstring (2 characters) required | The expiry month (MM) of the card. |
fundingData.card.expiryYearstring (4 characters) required | The expiry year (YYYY) of the card. |
fundingData.card.cardSchemestring required | The payment card's scheme, which indicates the network through which the card transactions are processed. |
fundingData.card.schemeTokenCryptogramstring required | A unique cryptogram generated during the tokenisation process, used to enhance the security of transaction processing. This cryptogram acts as a secure and unique identifier, akin to the token authentication verification value (TAVV), ensuring that each transaction is authenticated and verified without directly using sensitive card details. It plays a crucial role in the secure electronic payment ecosystem, especially in tokenised transactions, by providing an additional layer of security and authentication. |
threeDSecureDataobject | Details about the 3DS data. |
threeDSecureData.cardHolderAuthenticationVerificationValuestring | The Cardholder Authentication Verification Value (CAVV) is generated by the card issuer as part of the 3D Secure authentication process for Visa transactions. It indicates that the cardholder has been authenticated, and it should be appended to the authorisation request. |
threeDSecureData.directoryServerTransactionIdstring | The 3DS 2.0 transaction identifier returned by the card issuer, unique to each authentication attempt. |
threeDSecureData.electronicCommerceIndicatorstring | The Electronic Commerce Indicator (ECI) specifies the security level of an online transaction and the authentication outcome, crucial for determining liability in the event of a dispute. Possible values:
|
threeDSecureData.threeDSecureVersionstring | The version of the 3D Secure protocol used for the transaction's authentication, as returned by the Payment Service Provider (PSP)'s 3D Secure service. This indicates the specific set of 3D Secure features and security measures applied. |
threeDSecureData.threeDSecureTransactionStatusstring | The status of the transaction after being authenticated using the 3D Secure protocol, as provided by the Payment Service Provider (PSP). This indicates the result of the 3D Secure authentication process. |
If your request is successful, you'll receive a 200 response that includes the transaction's state. You'll also receive a Transaction (Card Authorised) webhook notification.
{
"state": "Authorised",
"stateData": {},
"approvalCode": "373356",
"merchantTransactionDate": "2025-04-03T09:24:03",
"merchantTransactionId": "3f43ffba-3480-4a4a-8a02-922c22fd7615",
"systemTransactionId": "8d615218-63de-4f41-b574-01868296335f",
"fundingData": {
"cardScheme": "MasterCard",
"expiryMonth": null,
"expiryYear": null,
"providerResponse": {
"provider": "pxpfinancial",
"code": "00",
"emvDataResponse": {},
"paymentAccountReference": "637607302178175469",
"electronicCommerceIndicatorAdjustment": "07",
"merchantAdvice": {},
"authorisedAmount": 20,
"settlementDate": "2025-04-04T00:00:00"
},
"processorTransactionId": "6fcde524-3194-4676-9a32-1f329d3d7883"
}
}