Card transaction

Process an in-store (card present) transaction.

Initiate a card transaction

POST

/v1/transactions

Request examples

Use the following example to request an in-store card authorisation with contactless.

{
  "merchant": "MERCHANT-1",
  "site": "SITE-1",
  "merchantTransactionId": "POS_001",
  "merchantTransactionDate": "2025-01-27 08:51:02.826445+00:00",
  "transactionMethod": {
    "intent": "Authorisation",
    "fundingType": "Card",
    "entryType": "Instore"
  },
  "amounts": {
    "transaction": 6,
    "currencyCode": "CHF"
  },
  "fundingData": {
    "card": {
      "pointOfInteraction": {
        "entryType": "CardContactless",
        "kernelApplicationVersion": "321313",
        "deviceModelName": "CastlesSaturn1000",
        "operatingSystemVersion": "1",
        "pointOfSaleId": "111",
        "pointOfSaleApplicationVersion": "4.23.060.0",
        "serialNumber": "1234567812345678"
      },
      "securityLevel": {
        "primaryAccountNumber": "4111111111111111",
        "expiryMonth": "01",
        "expiryYear": "2031",
        "holderName": "John Doe",
        "iccTrack2Equivalent": "41111111111111115D310120119058101"
      },
      "emvData": {
        "applicationIdentifier": "A0000000032010",
        "applicationInterchangeProfile": "0020",
        "applicationLabel": "VISA ELECTRON",
        "applicationPreferredName": "PreferredName",
        "applicationTransactionCounter": "0001",
        "applicationUsageControl": "FF80",
        "applicationVersionNumber": "008D",
        "authorisationRequestCryptogram": "0E45587C1C56DC8B",
        "contactless": {
          "discretionaryData": "D1F2C3B4A567890123456789ABCDEF12",
          "formFactor": "20700000"
        },
        "cryptogramInformationData": "80",
        "cryptogramTransactionType": "00",
        "cardHolderVerificationMethodResults": "3F0000",
        "dedicatedFileName": "A0000000032010",
        "issuerActionCodesDefault": "F040008800",
        "issuerActionCodesDenial": "0000000000",
        "issuerActionCodesOnline": "0000000000",
        "issuerApplicationData": "1F220100A000000000564953414C335445535443415345000000000000000000",
        "primaryAccountNumberSequenceNumber": "0001",
        "pointOfSaleEntryMode1": "07",
        "pointOfSaleEntryMode2": "00",
        "terminalCapabilities": "E06848",
        "terminalCountryCode": "0826",
        "terminalType": "00",
        "terminalVerificationResult": "0000000000",
        "transactionStatusInformation": "6800",
        "unpredictableNumber": "7264193E",
        "additionalTags": "9F6604FFFFFFFF9F6C02FFFF"
       }
     }
   }
}

Property	Description
`merchant` string (≤ 20 characters) required	Your unique merchant identifier, as assigned by PXP.
`site` string (≤ 20 characters) required	Your unique site identifier, as assigned by PXP.
`merchantTransactionId` string (≤ 50 characters) required	A unique identifier for this transaction.
`merchantTransactionDate` date-time required	The date and time when the transaction happened, in ISO 8601 format.
`transactionMethod` object required	Details about the transaction method.
`transactionMethod.entryType` string required	The entry type. For in-store transactions, this is always `Instore`.
`transactionMethod.fundingType` string required	The funding type. For card transactions, this is always `Card`.
`transactionMethod.intent` string required	The payment intent. Learn more about intents. Possible values: `Authorisation` `EstimatedAuthorisation` `Purchase` `Payout` `Refund`
`amounts` object required	Details about the transaction amount.
`amounts.transaction` number	The transaction amount. The numbers after the decimal will be zero padded if they are less than the expected `currencyCode` exponent. For example, GBP 1.1 = GBP 1.10, EUR 1 = EUR 1.00, or BHD 1.3 = 1.300. The transaction will be rejected if numbers after the decimal are greater than the expected `currencyCode` exponent (e.g., GBP 1.234), or if a decimal is supplied when the `currencyCode` of the exponent does not require it (e.g., JPY 1.0).
`amounts.currencyCode` string (1-3 characters) required	The currency code associated with the transaction, in ISO 4217 format.
`fundingData.card.pointOfInteraction` object required	Details about the device and environment where a card present transaction takes place. It includes various attributes that help identify and describe the capabilities and configurations of the point-of-sale (POS) device.
`fundingData.card.pointOfInteraction.entryType` string required	The method by which the card information was entered during the transaction. This field is crucial for determining the specific process and security measures used in the transaction. It helps in categorising the entry type, whether it involves physical card interaction or a contactless device. Possible values: `CardContactless` `ChipAndPin` `ChipAndSignature` `FallbackToSwipe` `KeyEntry` `PhoneContactless` `Swiped` `WatchContactless` `WearableContactless`
`fundingData.card.pointOfInteraction.kernelApplicationVersion` string required	The version of the kernel application running on the device, which manages the card interaction process.
`fundingData.card.pointOfInteraction.deviceModelName` string required	The device model name of the point-of-sale device used for processing the transaction.
`fundingData.card.pointOfInteraction.operatingSystemVersion` string required	The version of the operating system installed on the point-of-sale device.
`fundingData.card.pointOfInteraction.pointOfSaleId` string (≤ 20 characters) required	A PXP unique identifier for the specific point-of-sale device, often assigned by the merchant or payment processor.
`fundingData.card.pointOfInteraction.pointOfSaleApplicationVersion` string (≤ 20 characters) required	The version of the point-of-sale application software installed on the device.
`fundingData.card.pointOfInteraction.serialNumber` string required	The serial number of the point-of-sale device, which uniquely identifies the hardware device.
`fundingData.card.securityLevel` object required	Security details about the card used for the transaction.
`fundingData.card.securityLevel.primaryAccountNumber` string (10-19 characters)	The unique number assigned to a payment card, such as a credit or debit card. This number typically contains 16 digits, structured in a specific format to indicate the card network, issuing bank, and account number. This is present if the card is manually entered into a device without point-to-point encryption.
`fundingData.card.securityLevel.expiryMonth` string (2 characters)	The expiry month (`MM`) of the card. This is present if the card is manually entered into a device without point-to-point encryption.
`fundingData.card.securityLevel.expiryYear` string (4 characters)	The expiry year (`YYYY`) of the card. This is present if the card is manually entered into a device without point-to-point encryption.
`fundingData.card.securityLevel.cardVerificationCode` string (3-4 characters)	The Card Verification Code (CVC) associated with the payment card, which is used to verify that the cardholder is in possession of the card during non-face-to-face transactions. This is present if the card is manually entered into a device without point-to-point encryption.
`fundingData.card.securityLevel.holderName` string (≤ 100 characters)	The full name of the individual who owns the payment card. This name is printed on the physical card and is used for verifying the cardholder's identity during transactions.
`fundingData.card.securityLevel.iccTrack2Equivalent` string (≤ 37 characters)	This field contains Track 2 equivalent data from the chip of the card. This data is similar to Track 2 data but is obtained from the card's chip rather than the magnetic stripe.
`fundingData.card.emvData` object	Detailed EMV (Europay, Mastercard, and Visa) data required for chip and PIN or contactless in-store transactions. Each field within this object represents a specific EMV tag that provides critical information about the transaction, card, and device.
`fundingData.card.emvData.applicationIdentifier` string required	EMV tag 9F06: identifies the application according to ISO/IEC 7816-5.
`fundingData.card.emvData.applicationInterchangeProfile` string required	EMV tag 82: indicates the card's capabilities for supporting specific functions in the application.
`fundingData.card.emvData.applicationLabel` string required	EMV tag 50: mnemonic associated with the Application Identifier (AID) according to ISO/IEC 7816-5.
`fundingData.card.emvData.applicationPreferredName` string required	The preferred name of the application as designated by the card issuer.
`fundingData.card.emvData.applicationTransactionCounter` string required	EMV tag 9F36: a counter maintained by the application in the ICC, incremented by the card for each transaction.
`fundingData.card.emvData.applicationUsageControl` string required	EMV tag 9F07: indicates the issuer's specified restrictions on geographic usage and services allowed for the application.
`fundingData.card.emvData.applicationVersionNumber` string required	EMV tag 9F08: version number assigned by the payment system for the application.
`fundingData.card.emvData.authorisationRequestCryptogram` string required	EMV tag 9F26: cryptogram generated by the card during the transaction.
`fundingData.card.emvData.contactless` object	Details about the contactless payment.
`fundingData.card.emvData.contactless.discretionaryData` string	Additional data specified by the issuer, included in the transaction for contactless payments.
`fundingData.card.emvData.contactless.formFactor` string	EMV tag 9F6E: indicates the type of device used in the transaction.
`fundingData.card.emvData.cryptogramInformationData` string required	EMV tag 9F27: indicates the type of cryptogram and the actions to be performed by the device. Possible values: `00`: AAC (Application Authentication Cryptogram) - Transaction declined by the card. `40`: TC (Transaction Certificate) - Transaction approved by the card. `80`: ARQC (Authorisation Request Cryptogram) - Request for online Authorisation. `C0`: ARPC (Authorisation Response Cryptogram) - Response from issuer to ARQC. `10`: AAR (Application Authentication Request) - Additional Authorisation request for offline data authentication.
`fundingData.card.emvData.cryptogramTransactionType` string required	EMV tag 9C: indicates the type of financial transaction, represented by the first two digits of ISO 8583:1987 Processing Code.
`fundingData.card.emvData.cardHolderVerificationMethodResults` string required	EMV tag 9F34: indicates the results of the last cardholder verification method performed.
`fundingData.card.emvData.dedicatedFileName` string required	EMV tag 84: identifies the application or file in the card.
`fundingData.card.emvData.issuerActionCodesDefault` string required	EMV tag 9F0D: specifies the issuer's conditions for transaction rejection when the device is unable to go online.
`fundingData.card.emvData.issuerActionCodesDenial` string required	EMV tag 9F0E: specifies the issuer's conditions that cause the denial of a transaction without an attempt to go online.
`fundingData.card.emvData.issuerActionCodesOnline` string required	EMV tag 9F0F: specifies the issuer's conditions that cause a transaction to be transmitted online.
`fundingData.card.emvData.issuerApplicationData` string required	EMV tag 9F10: contains proprietary application data for transmission to the issuer in an online transaction.
`fundingData.card.emvData.primaryAccountNumberSequenceNumber` string required	EMV tag 5F34: identifies and differentiates cards with the same PAN.
`fundingData.card.emvData.pointOfSaleEntryMode1` string required	EMV tag 9F39: indicates the method by which the PAN was entered, according to the first digit of the ISO 8583:1987 point of sale entry mode. Possible values: `05`: `contactChip` `08`: `contactlessEMV` `09`: `magneticStripeReadFallback`
`fundingData.card.emvData.pointOfSaleEntryMode2` string required	EMV tag 9F39: indicates the method by which the PAN was entered, according to the second digit of the ISO 8583:1987 point of sale Entry Mode. Possible values: `00`: normal `01`: `recurring` `02`: `installment` `03`: `incremental` `10`: `partialApproval` `90`: `preAuthorisation`
`fundingData.card.emvData.terminalCapabilities` string required	EMV tag 9F33: indicates the card data input, CVM, and security capabilities of the device.
`fundingData.card.emvData.terminalCountryCode` string required	EMV tag 9F1A: indicates the country of the device, represented according to ISO 3166.
`fundingData.card.emvData.terminalType` string required	EMV tag 9F35: indicates the type of terminal involved in the transaction. Possible values: `01`: Attended, online only. A device that requires human interaction (e.g., a cashier) and is only capable of performing online transactions. `02`: Attended, offline with online capability: A device that requires human interaction and can perform both offline and online transactions. `03`: Attended, offline only. A device that requires human interaction and is only capable of performing offline transactions. `04`: Unattended, online only. A device that does not require human interaction (e.g., self-service kiosk) and is only capable of performing online transactions. `05`: Unattended, offline with online capability. A device that does not require human interaction and can perform both offline and online transactions. `06`: Unattended, both online and offline capable. `07`: Attended, offline-only terminal with cash dispensing (e.g., attended ATM). `08`: Attended, online-only terminal with cash dispensing. `09`: Attended, both online and offline capable with cash dispensing. `14`: Unattended, offline-only terminal with cash dispensing. `15`: Unattended, online-only terminal with cash dispensing. `16`: Unattended, both online and offline capable with cash dispensing. `21`: Attended, offline-only terminal with goods dispensing (e.g., vending). `22`: Attended, online-only terminal with goods dispensing. `23`: Attended, both online and offline capable with goods dispensing. `24`: Unattended, offline-only terminal with goods dispensing. `25`: Unattended, online-only terminal with goods dispensing. `26`: Unattended, both online and offline capable with goods dispensing. `34`: Unattended, offline-only terminal with services dispensing. `35`: Unattended, online-only terminal with services dispensing. `36`: Unattended, both online and offline capable with services dispensing. `61`: Unattended, offline only. A device that does not require human interaction and is only capable of performing offline transactions.
`fundingData.card.emvData.terminalVerificationResult` string required	EMV tag 95: status of the different functions as seen from the device.
`fundingData.card.emvData.transactionStatusInformation` string required	EMV tag 9B: indicates the functions performed in a transaction.
`fundingData.card.emvData.unpredictableNumber` string required	EMV tag 9F37: value to provide variability and uniqueness to the generation of a cryptogram.
`fundingData.card.emvData.additionalTags` string	Additional EMV tags, as required by acquirers (e.g., TTQ or CTQ). Encoded as concatenated TLV (Tag-Length-Value) structures in hexadecimal format.

Response examples

If your request is successful, you'll receive a 200 response that includes the transaction's state. You'll also receive a Transaction (Card Authorised) webhook notification.

{
  "state": "Authorised",
  "stateData": {},
  "approvalCode": "401445",
  "merchantTransactionDate": "2025-03-28T10:24:51",
  "merchantTransactionId": "433835e6-a332-452a-861b-069593dbb7c5",
  "systemTransactionId": "238e5bc9-0166-4a8b-84b2-a12b804182bc",
  "fundingData": {
    "cardScheme": "MasterCard",
    "primaryAccountNumber": "5431111111111111",
    "expiryMonth": "01",
    "expiryYear": "2031",
    "gatewayTokenId": "5fbd77ce-02c1-40ed-94bc-1016660b7512",
    "providerResponse": {
      "provider": "pxpfinancial",
      "code": "00",
      "merchantId": "7171910017",
      "terminalId": "32454401",
      "emvDataResponse": {
        "applicationIdentifier": "A0000000032010",
        "applicationLabel": "VISA ELECTRON",
        "primaryAccountNumberSequenceNumber":"0001",
        "authorisationResponseCode": "00",
        "issuerAuthenticationData": "C9DF3CA29138D5E83030"
      },
      "electronicCommerceIndicatorAdjustment": "07",
      "merchantAdvice": {},
      "authorisedAmount": 6
    },
    "processorTransactionId": "f9c1f0ea-6c2f-4517-b2ca-460645f07e40"
  }
}

Card transaction

Initiate a card transaction

Request examples

Response examples

Was this helpful?