Credit and Debit Cards
Introduction
Credit and debit cards are foundational to modern payment systems, offering consumers and merchants a reliable and efficient means of conducting transactions. While both facilitate payments, they differ significantly in operation. Credit cards allow consumers to borrow funds up to a predetermined limit, enabling purchases with deferred payments. Debit cards, on the other hand, directly deduct funds from the consumer's bank account at the time of purchase, limiting spending to the available account balance.
KontoCloud supports an extensive range of credit and debit card brands, ensuring broad acceptance and flexibility for merchants. Supported credit card brands include VISA, Mastercard, American Express, and Discover. For debit cards, KontoCloud supports VISA Debit, VISA Electron, Maestro, and Carte Bancaire. This comprehensive support enables merchants to cater to a diverse customer base, accommodating various payment preferences and enhancing the overall transaction experience. For more details on supported payment options, visit the Payment Options Guide.
Workflows and Transaction Types
Integration Flow for Merchants
Merchants can easily integrate credit and debit card payment options using KontoCloud's Web SDK or APIs. These tools ensure seamless setup and compliance with security standards, including PCI DSS. Sensitive cardholder information is tokenized during transactions, minimizing exposure to fraud risks. Refer to the Integration Guide for details on implementation.
Lifecycle of Credit/Debit Card Transactions
Card transactions proceed through well-defined stages, each critical to the payment process:
- Authorization: The customer's card is verified, and the specified amount is reserved. This ensures funds are available before the transaction is captured. For more, see the Authorization Process.
- Capture: Capturing finalizes the payment, transferring the authorized amount to the merchant. Partial captures are also supported, offering flexibility in cases such as incomplete shipments. Explore the Capture Workflow.
- Refund: Merchants can issue partial or full refunds based on their policies and customer requests.
- Cancel: Unused authorizations can be canceled prior to capture, ensuring no funds are deducted from the customer’s account.
Customer-Initiated Transactions (CIT)
These transactions involve the customer actively providing their card details during checkout. This could include one-time purchases or payments made by registered users. CITs are foundational to e-commerce and in-store payments, offering a secure and efficient process. For more information, visit the CIT Documentation.
Merchant-Initiated Transactions (MIT)
MITs cater to recurring payments and subscriptions, where the customer is not directly involved in each transaction. This requires securely storing card details as a tokenized payment option. For specific MIT use cases, refer to the MIT Guide.
Storable Payment Option (SPO)
KontoCloud supports storing credit and debit card details securely as a storable payment option (SPO). This allows merchants to streamline future transactions, enabling features like one-click checkouts and automated billing. Tokenization ensures sensitive details are never exposed. Learn more in the Store New Payment Option Guide.
Specific Workflows
KontoCloud provides advanced workflows to cater to various business needs. Partial captures allow merchants to process only a portion of the authorized amount, useful for incomplete shipments or cases where the final amount differs. Flexible refund options enable merchants to address customer issues efficiently, whether for partial amounts or full transactions. Chargebacks and disputes can also be managed through KontoCloud, with tools and guidelines ensuring compliance with card network rules. For details on these workflows, visit the Capture Documentation.
3D-Secure v2.x Requirements
To enhance security and comply with the Payment Services Directive (PSD2), KontoCloud implements 3D-Secure v2.x protocols. This includes frictionless authentication for low-risk transactions and challenge flows for higher-risk payments, improving the balance between user experience and security. Visit the 3D-Secure v2.x Requirements Documentation for detailed implementation guidelines.
Communication with the Customer
KontoCloud enables merchants to communicate effectively with customers throughout the transaction lifecycle. Automated email notifications and app alerts inform customers of key updates, including payment authorizations, successful captures, issued refunds, and transaction cancellations. Transparent communication builds customer trust and ensures clarity in case of disputes or errors.
Credit / Debit Cards Test Data
Please note, that these cards are solely intended for testing purposes. Do not use them outside of test systems!
As of the new Payment Services Directive (PSD2) currently we only accept Card Payments with 3D Secure Enabled Credit/Debit Cards.
When configuring Content Security Policy consider 3-D Secure Verification will redirect to the Customer's Issuing Bank in order to Authorize the Transaction.
For Carte Bancaire (in France), please use any valid VISA test card. This is for testing purposes only!
ACI test credit cards
| VISA | Mastercard | American Express | Payment | Registration |
|---|---|---|---|---|
| 4200 0000 0000 0042 | 5200 0000 0000 0015 | 3434 3434 3434 343 | Challenge | Challenge |
| 4200 0000 0000 0067 | 5200 0000 0000 0049 | 3759 8700 0000 021 | Challenge | Challenge |
| 4200 0000 0000 0018 | 5200 0000 0000 0064 | 3759 8700 0169 867 | Challenge | Challenge |
| 4200 0000 0000 0075 | 5200 0000 0000 0072 | 3714 4963 5398 431 | Challenge | Challenge |
| 4200 0000 0000 0091 | 5200 0000 0000 0007 | 3745 0026 2001 008 | Frictionless | Challenge |
| 4200 0000 0000 0109 | 5200 0000 0000 0023 | 3772 7708 1382 243 | Frictionless | Challenge |
| 4200 0000 0000 0026 | 5200 0000 0000 0056 | 3759 8700 0000 062 | Frictionless | Challenge |
| 4200 0000 0000 0059 | 5200 0000 0000 0106 | 3739 5319 2351 004 | Frictionless | Challenge |
During Registrations (Adding a Stored Payment Option) of Credit / Debit Cards, the 3-D Secure Verification "Challenge" Flow is Mandatory to Enhance Security.
To test a Failure scenario select "Technical Error" from the 3-D Secure Simulator.
Additional Card Details
| Item | Description | Example |
|---|---|---|
| Expiry Date | Any valid Date in the future | ex. for February 2025 enter "02/25" |
| Card Holder | Any Name can be provided | ex. "John Doe" or "Hans Gruber" |
| CVV / CVC | VISA / Mastercard - 3 Digits American Express - 4 Digits | ex. "123", "505" or "999" etc. ex. "1234", "9999" and so on |
3-D Secure Verification Simulators
After providing one of the Test Cards (shown above) in the Payment Form a Verification Simulator will be displayed, in accordance with the 3-D Secure Version of that Test Card.
The available options are "Approve", "Decline" and "Technical Error". To Successfully Pass the 3-D Secure Verification choose "Approve".
Stratus test credit cards
VISA
| Card Number | Payment | Registration |
|---|---|---|
| 4440000009900010 | Challenge | Challenge |
| 4440000042200014 | Frictionless | Frictionless |
| 4440000042200022 | Authentication Attempted | n/a |
Mastercard
| Card Number | Payment | Registration |
|---|---|---|
| 5123450000000008 | Challenge | Challenge |
| 2223000000000007 | Challenge | Challenge |
| 5123456789012346 | Frictionless | n/a |
| 5555555555000018 | Frictionless | n/a |
| 5500005555555559 | Authentication Attempted | n/a |
| 5506900140100503 | Authentication Rejected | n/a |
| 5455031257390496 | Error during authentication | Error during authentication |
| 5455031252665454 | Error during authentication | Error during authentication |
| 5123459999998221 | Error during authentication | Error during authentication |
During registrations (Adding a Stored Payment Option) of Credit / Debit Cards, the 3-D Secure Verification "Challenge" flow is mandatory to enhance security.
To test a Failure scenario, select error result codes from the 3-D Secure Simulator or use an amount greater than 200.
Additional Card Details
| Item | Description | Example |
|---|---|---|
| Expiry Date | Any valid Date in the future | ex. for February 2025 enter "02/25" |
| Card Holder | Any Name can be provided | ex. "John Doe" or "Hans Gruber" |
| CVV / CVC | VISA / Mastercard - 3 Digits American Express - 4 Digits | ex. "123", "505" or "999" etc. ex. "1234", "9999" and so on |
3-D Secure Verification Simulators
After providing one of the Test Cards (shown above) in the Payment Form a Verification Simulator will be displayed, in accordance with the 3-D Secure Version of that Test Card.
The available options are:
- (Y) Authentication/Account Verification Successful,
- (N) Not Authenticated/Account Not Verified Transaction Denied
- (N) Authentication Cancelled
- (U) Authentication not available
- (R) Authentication rejected
- (E) Authentication Server Error
- (AI) API Gateway ASM Policy Error
To Successfully Pass the 3-D Secure Verification choose "(Y) Authentication/Account Verification Successful".
