Credit Card Processing

Overview

The Payment API and the Risk Assessment API integrate credit card processing between the customer-facing webstore and the order management system. Two integration configurations are offered:

A customer-hosted webstore with a customer-hosted order management system
A customer-hosted webstore with the Radial hosted order management system

Payment Method

There are two basic categories of credit card transactions: Card Not Present and Card Present (face-to-face).

Card Not Present transaction is made whether the cardholder does not or cannot physically present the card for a merchant's visual examination at the time that an order is given and payment effected, such as mail-order transactions by mail or fax, over the telephone or the Internet.
Card Present transaction is a payment card transaction where both the cardholder and merchant are physically present at the time of the sale.

Credit Card Life Cycle: Normal Flow

This flow covers the system interactions that occur for the standard, happy-path credit card use case:

Credit card checkout in the webstore is successful.
The order passes the fraud check.
The order is successfully fulfilled.
Payment is settled.

Shopper Checkout

The webstore sends a CreditCardAuthRequest message to the Payment Service and receives an approval.
The webstore places the order in the order management system.

Order Management

The order management system sends the order for fraud review via a RiskAssessmentRequest message.
The order management system waits for a RiskAssessmentReply message to be returned asynchronously via the Advanced Message Queuing Protocol (AMQP).
The Risk Service uses order and payment data to assess risk. Some orders might be flagged for manual review.
The Risk Service sends a RiskAssessmentReply message with the result that the order passed its fraud check.
The order is released for sourcing for fulfillment.

When part or all of the order is available for fulfillment, the following steps are performed:

The order management system prepares an invoice for the shipment.
The order management system calls ConfirmFunds to confirm that the payment authorization is still valid for the currency amount of the invoice.
If the ConfirmFunds response is positive, the shipment is released for fulfillment from the warehouse or third-party shipper.
The fulfillment system sends a confirmation that the shipment was shipped.
The order management system calls the Payment Settlement operation to collect payment on the shipment.

Credit Card Life Cycle: Order Canceled Due to Fraud

This flow covers the system interactions that occur when the risk review rejects an order that used a credit card for payment:

Credit card checkout in the webstore is successful.
The order is rejected in the fraud check.
The credit card authorization is canceled.

Shopper Checkout

The webstore sends a CreditCardAuthRequest message to the Payment Service and receives an approval.
The webstore places the order in the order management system.

Order Management

The order management system sends the order for fraud review via a RiskAssessmentRequest message.
The order management system waits for a RiskAssessmentReply message to be returned asynchronously via the AMQP.
The Risk Service uses order and payment data to assess risk. Some orders might be flagged for manual review.
The Risk Service sends a RiskAssessmentReply message with the result that the order failed its fraud check.
The order management system cancels the order.
The order management system sends a PaymentAuthCancelRequest message to the Payment Service to release the authorization hold on the customer's funds.
The order management system waits for a PaymentAuthCancelReply message to be returned asynchronously via the AMQP.
The Payment Service sends a PaymentAuthCancelReply message.

Credit Card API Operations

Credit card processing uses the following API operations: