About this guide

February 7, 2025

Added new enum value to orderSource.

Added NPT related Note to expDate.

Added response codes 565 and 566.

January 15, 2025

Fixed various typos

Removed Response Code 136

Changed message for Response Code 378 from "...allowed percentage" to "...allowed limit".

Corrected Online Funding Instruction Void example, which contained two id attributes.

November 11, 2024

Correct types and misspellings.

Added clarifying text or enhanced existing text.

Added Notes to <accountFundingTransactionData> and child element clarifying requirements.

Removed the 'use for surcharge testing' comment from several test cards.

Added Discover/JBC test card number.

November 4, 2024

Corrected misc. typos and minor errors.

Removed various Notes, text and header error messages related to Open Access/Transact.

Added Note to <authenticationProtocolVersion> about prior enum values.

Added Mastercard requirements info to <accountFundingTransactionData> and child elements.

Added Note to <partialCaptureTotalCount> about Mastercard handling of value 99.

Changed all <identityBundle> child elements from required to optional.

October 9, 2024

Updated CoF processing diagram (see Card on File Processing

Added new elements to support schema V12.42.

Changed all children of <identityBundle> from required to optional.

Added Mastercard requirement to <paymentType> element.

Expanded enumerations for <authenticationProtocolVersion>. Also, adjusted text and added Note.

Added text to all postal code related elements concerning the use of a hyphen with 9-digit codes.

Added Response Codes 136, 137, 973, and 999.

Corrected various typos and minor errors.

September 13, 2024

Changed the allowed filename length for a Session file for 128 to 100.

Added Note to Testing FraudSight section clarifying the use of the webSessionId element.

Added Note to about JBC, CUP, and Diners to Discover BIN ranges.

Updated guide with new elements for Version 12.41 of the schema

Changed maxLength for <cardSuffix> from 6 to 23 characters.

V4.58 August 14, 2024

Updated examples for schema version V12.40.

Added new elements introduced in schema version V12.40.

Added new enum values for <authenticationProtocolVersion> element.

Updated the usage Note for tokenAuthenticationValue to include Visa NPT transactions.

Minor edits, fix broken links and typos, etc.

Added Response Code 998.

Added Comments column to Test Card Number table specifying which cards yield successful outcome when including surchargeAmount in the request.

V4.57 July 19, 2024

Updated Card on File processing diagram.

Updated timeout setting advice for dupe checking to include Credit transactions.

Added positive test for Account Funding.

Added transaction examples for five new Buy No Pay Later transaction types

Fixed several broke links.

Changed totalDigits from 8 to 12 for many amount related elements to properly reflect schema parameters.

Added rtp attribute to PayfacCredit, payoutOrgCredit, reserveCredit, and submerchantCredit transactions.

Added table to lodgingInfo description page denoting elements to obtain the best interchange for the cruise industry.

Added "No longer support" Note to the MPOS element and child elements.

Added Response Codes 014, 015, and 016 associated with Buy Now Pay Later transactions.

V4.56 June 20, 2024

Added Note to Void transaction - You cannot use a Void transaction to void a Prime Single-Message transaction.

Added new elements from schema version 12.38 supporting captures for multi-party auths and element for the additional encryption of transactions.

Removed the "not GA" Note from accountFundingTransactionData and child elements.

Added Response Code 946 - CTXand CCD records are not allowed for Canadian merchants.

V4.55 - May 9, 2024

Fixed miscellaneous typos cross-references, etc.

Updated Card on File decision tree diagram.

Added four Account Funding certification tests.

Added new elements and transaction types for schema version V12.37.

Clarified unitCost definition to specify no cents in value.

Updated messages associated with response codes 466, 467, and 486.

Added new response codes: 995 - Invalid Credit Account, 996 - Invalid Checking Account, and 997 - Invalid Savings Account.

Added card number range info for Discover cards.

V4.54 - April 9, 2024

Updated guide for Finicity (direct debit account verification) transactions (not yet generally available).

Corrected frequencyOfMIT enum value from BiAnnual to BiAnnually.

Changed maxLength of origId from 25 to 36.

Deprecated enum value from businessIndicator and moved to accountFundingTransactionType.

V4.53 - March 6, 2024

Modified Supplied Data Elements for Guaranteed Payment certification tests. Also fixed the spelling of Signifyd in test email addresses.

Changed the expiration date for (Account Updater) test 104.

Added new elements (accountFundingTransactionDate, receiverFirstName, receiverLastName, receiverState, receiverCountry, and receiverAccountNumber) introduced in schema version 12.35 .

Added new enum value to orderChannel, businessIndicator, and fulfilmentType elements.

Added a Note to cardholderAddress specifying that it is required for Fast Access Funding transactions.

Added Response Code 994 - Invalid Country Code.

Change Response Code type for codes 138, 139, 141, 142, and 258.

Added Note to vendorCredit tests.

V2.52 - February 14, 2024

Modified the Note for Auth for Refund under Credit Transaction.

Removed Note on the threatMatrixSessionId and webSessionId elements.

Added Response Code 468 - Invalid or missing businessIndicator for account funding transaction.

Modified the description for response code 340 to include "merchant transaction limit".

Misc. fixes - typos, broken links, etc.

V2.51 - January 18, 2024

Added Card on File section.

Added/updated Account Updater certification tests.

Added/updated elements for schema V12.34, including new echeckCustomerId element, new enums for businessIndicator element, and revised definition for amount element when used in funding instructions.

Added Note to totalPaymentCount element and "best practice" text to cardValidationNumber element.

Added Response Reason Codes 138, 139, and 993.

V2.50,October 5, 2023

Added new elements (schema V12.33) supporting more data points for the Guaranteed Payments service.

Added cryptogram use Notes to <authenticationValue> and <tokenAuthenticationValue>.

V2.49, September 7, 2023

Fixed several incorrect links for children of passengerTransportData.

Removed the "...not in use" Note from tokenAuthenticationValue element.

Changed info for <customerIpAddress>, which now supports IPV6 (new schema version 12.32).

Added Response Codes 141, 142, and 143.

Added new SSR report to list.

V2.48, August 10, 2023

Expanded Guaranteed Payments section.

Added Guaranteed Payments Certification tests.

Added Note about using the Declined Transaction report to verify the status of Credit transactions.

Corrected parents for checkoutId element.

Also, corrected the parent elements for fundingInstructionVoid.

V2.47, June 2023

Added optional Certification tests for Incremental Authorizations

Fixed error in list of <location> parent elements.

Added Response Codes 156 thru 159, 161 and 162 for Incremental Auth.

V2.46, May 2023

Modified FraudSight certification tests and added Guaranteed Payment tests.

Corrected Note. It read vendor debit not supported in Canada, but should have read vendor credit not supported in Canada. Vendor debit is no longer supported anywhere.

Added Note to processingType and businessIndicator elements.

Corrected miscellaneous typos

V2.45, April 2023

Added "not yet available" Note to authIndicator element.

V2.44, March 2023

Added foreignRetailerIndicator element (schema version 12.31).

Updated structural examples of capture, captureGivenAuth, forcedCapture, and sale transactions to reflect new element.

Corrected card number for FraudSight cert test (orderId) tmx_pass_order_id.

Added Response Reason Codes 131, 132, 895, and 992.

V2.43, February 2023

Remove TLS Cipher List from Guide.

Fixed missing image, Figure 1-6.

Fixed broken link to Github SDK repository.

Added bullet about total sum of amounts for any transaction type in a Batch.

Added optional certification test for Google Pay, Merchant Decrypt scenario.

Updated Authorization request structural examples to reflect incremental auths.

Added "not used at this time" note to tokenAuthenticationValue element.

Added info about additional uses for authenticationValue element.

Updated note for authenticationTransactionId element.

Added new element, authIndicator, to support incremental auths (cnpAPI V12.30).

Added Response Code 103.

Added time of second submission window (11:00 AM - 12:30 PM ET) for Same Day Funding.

V2.42, January 2023

Added new elements (V12.28 and V12.29) to support Guaranteed Payments. Also modified structural examples to reflect new <sellerInfo> element.

Modified some key values in Cert tests 43, 47, and 64, so simulator will return correct results.

V2.41, September, 7, 2022

Augmented Guaranteed Payments section with required elements and images.

Updated FraudSight certification tests

Added elements supporting V12.26 and 12.27 of the cnpAPI, including elements for air/rail travel and AuthMax (response).

Added enum values to (Status) Query transaction to support Funding Instructions

Added response reason codes 112 through 118

V2.40, August 10, 2022

Added section about Guaranteed Payments.

Removed section about TIN Validation.

Added new elements for Cruise lines and rail travel (incomplete). This feature is not yet available for general use.

V2.39, July 13, 2022

Same Day Funding limit changed for $100K/day to $1M/day.

Added Response Codes 651, 653-655, and 657-670.

V2.38, May 18, 2022

Added new element definitions in support of schema V12.25.

Changed parameters in Direct Debit test cases (orderId) 47 and 64.

Updated guide to reflect changes due to the transfer of U.S. Dynamic Payout processing services to RealNet Payments LLC, a licensed money transmitter in the jurisdictions listed here.

Reclassified Response Code 555 from Hard to Soft Decline.

V2.37, April 14, 2022

Add response codes 148, 149, and 317

Added elements in support of version V12.24 of the schema.

refined the definitions of many elements added in schema V12.23.

Removed references to Physical Check Debit/Credit and Vendor Debit.

Fixed Vendor Credit and two FastAccess Funding Instruction certification tests.

V2.36, March 29, 2022

Added many elements in support of version V12.23 of the schema.

V2.35, February 23, 2022

Refined description for response codes 145, 146, and 147. Also added response code 555.

Added new cardholderAddress and vendorAddress elements to fastAccessFunding and vendorCredit/vendorDebit transactions respectively. These elements are not yet active on the Production platform, but will be available in the Pre-Live environment on March 1, 2022 to enable certification testing.

Added new Dynamic Payout certification tests for Submerchant Debit/Credit, Vendor Credit and FastAccess Funding

Changed fundingCustomerId and fundingSubmerchantId element from required to optional for Vendor Credit/Debit and FastAccess Funding

Fixed broken link to the Sandbox environment.

V2.34, January 12, 2022

Resolved formatting issues in parameter tables.

Added info about new Response Codes (939, 990, and 991)

Changed maxLength of authenticationValue element from 56 to 512.

Corrected typo in structural example of lineItemData element.

Added notes about Visa and Mastercard requirements to the cardholderAuthentication and authenticationTransactionId elements.

V2.33, November 24, 2021

Modified the description of originalTrandsactionAmount, authenticationTransactionId, and authenticationProtocolVersion.

Modified the description of response codes 145, 146, 147, 361, and 501

V2.32, October 26, 2021

Removed unsupported ciphers from list.

Added a Note for the queryTransaction

V2.31, October 6, 2021

Removed reference to FTP from protocol list.

Removed broken link to the Sandbox Environment.

Added info for new Response Codes 145, 146, and 147.

Fixed assorted minor typos in guide.

V2.30, September 8, 2021

Added two certification tests for Direct Debit Sale and Credit daily limits

V2.29, August 4, 2021

Added Note to Multiple Daily Delivery section.

Changed classification (hard/soft) of several response code to better align with Visa codes.

V2.28, July 7, 2021

Added response code 656.

Corrected some minor typos.

V2.27, June 9, 2021

Added response codes 890, 891, 924, 965, and 966.

Added Note to applicationPrimaryAccountNumber element

2.26, May 5, 2021

Removed several sections about deprecated Basic Fraud Filters.

Added Cautions about (Canadian) Interac transactions to the sale and secondaryAmount elements.

Added enum value IC to type element.

Corrected Response Code 925. Code should be 923. Added Response Codes 922 and 945

2.25, April 7, 2021

Added link to FraudSight javascript info.

Added orderId element to capture and credit transactions.

2.24, March 10, 2021

Replaced Fraud Toolkit with FraudSight material.

Added Response Codes 981 thru 988.

Added info about depositTransactionReversal, depositTransactionReversalResponse, refundTransactionReversal, and refundTransactionReversalResponse messages.

Added notes about allowed transactions for Dynamic Payout in Canada.

2.23, February 10, 2021

MaxLength for the orderID element changed from 25 to 256.

2.22, October 13, 2020

Expanded the description of Response Code 563.

2.21,

September 16, 2020

Added information about new businessIndicator element.

2.20,

August 19, 2020

Added new transaction type: transactionReversal/transactionReversalResponse. Note: This transaction type is in development and not ready for use.

Also, made a few minor corrections.

2.19,

July 22, 2020

Added the autheticatedShopperId, debitRespnse, debitMessage, and copayAmount topics. Also updated parent element topics.

2.18,

June 24, 2020

Added the tokenAutheticationValue topic

Updated the authReversalResponse,captureResponse, cardholderAuthentication and pinlessDebitResponse topics

Updated the Authorization Reversal Responses topic

Updated the Capture Response topic

2.17

New format.

Changed the location attribute to an optional element and added it to Online transaction response messages.

Removed the "Not generally available..." Note from the lodgingInfo element and 12 child elements.

CHanged Same Day Funding daily limit from $25,000 to $100,000.

2.16

2.15

Clarify Note in test 43.

Removed test 60.

Added information about new Response Codes 980 and 651 thru 670.

2.14

Added info about new location attribute for Online responses.

Added table for subsequent transactions in a Stored Credentials stream to multiple element pages.

Added Note about stripping/padding to accNum and routingNum elements.

Added Note about Mastercard 3DS Result Codes. Also, added info about response codes 945 and 946

2.13

Remove references to FTP with PGP encryption.

Corrected extended response code for test 101.

Added infor about merchantCategoryCode element. Also changed the type and length parameters for authenticationTransactionId and added info about new authenticationProtocolVerson element.

Added new response code: 170 - Submitted MCC not allowed.

New document format

2.12

Modified results for tests 100 and 100 to reflect

extentedCardResponse element inclusion.

2.11

Corrected comments about supported card brands for CoF.

Added info about multiple daily deliveries of settlement transactions.

Added note about 20K character limit for Online request submitted by merchants using Open Access (i.e., Transact).

The duration element has a maxLength of 2 for Visa transactions.

Added info about the accountUpdateSource and skipRealtimeAU elements.

Added response codes returned in the extendedCardResponse.

Added a new response codes: 507 related to account updates and 740 related to the Visa duration limit noted above.

Corrected Visa card number in Table D-3.

2.10

Removed all references to the Post-Live environment.

Corrected approvedAmount is test 31.

Removed Note about elements used for L2/L3 transactions.

Updated description of Response Code 550.

Updated list of Dynamic Payout SSR reports.

2.9

Updated Table 1-4 - Response Codes not recycled.

Updated tests DI3DS2 and DI3DS3 to return correct results.

2.8

Added certification test that returns the accountRangeId element.

Removed Notes from Dynamic Payout transactions stating that you could not use both Online and Batch transactions.

Added Response Code 564.

Added information about Dynamic Payout by direct merchants, including new transaction types and examples.

2.7

Rewrote tokenization section for OmniTokens.

Corrected Encryption Key note in Section 2.5.21. The key does not expire in the Pre-/Post-Live environments.

Removed JCB entry from Credit Card Numbers table. The info in the Discover Card section still applies.

2.6

Removed Partial Approval bullet from Healthcare Card section.

Changed test card number in Table 2-10 (orderId Sale111111).

2.5

Corrected definition of tokenUrl element.

Changed Dynamic Payout overbalance message.

2.4

Added Amazon Pay info and Cert tests.

2.3

Renamed eCheck to Direct Debit where applicable.

Added Partial Approval bullet to IISA requirements.

Added note about Ruby SDK support ending at V12.3.

Added note about maximum filename length for Batch files.

Removed material for Sepa, IDEAL, Sofort, and Giropay.

Added Not Supported notes to Sepa, IDEAL, Sofort, and Giropay elements.

Added test card and Bin range for UnionPay 81 series card.

Added CTX Information certification tests.

Changed text to reflect new behavior for balance checking of Funding Instruction Batch files.

2.2

Removed Implementation section from Contact Info.

Added Cert test for Refund Authorization.

Replace eCheck with Direct Debit, except element names.

Added new elements for V12.7 of the schema.

Expanded the description of the authenticationValue element to

include its use in the Apple Pay Merchant Decrypt scenario.

Added Response Code 942, 943, and 944.

2.1

Changed the list of allowed values for debitNetworkName.

Added space as an allowed character in the descriptor element.

2.0

Applied new Worldpay template and other related updates.

Fixed broken link to Pre-live self-provisioning site.

Removed "not GA" Note about Online Funding Instructions.

Corrected definition of advancedFraudResults, which stated all child elements are required, but should be all optional.

The schema changed from V12.5 to V12.6, but we did not introduce any new elements. The change involved one item moving between schema files without impacting any features.

1.8

Began rebranding, changing Vantiv to Worldpay.

Added Cert tests for Fast Access Funding.

Modified Fraud Toolkit information, examples, and elements to reflect the use of the webSessionId element instead of the threatMetrixSessionId element.

1.7

Updated info about using stored credentials for Apple Pay and Google Pay.

Added info about expanded capability of the Sandbox.

Corrected results for test Net_Id3.

Added note to totalHealthcareAmount.

Added new elements and cert tests for passing encrypted PAN and CVV in a Register Token Request.

Added new Response Code; 540 - Hard Decline - Decryption Failed.

1.6

Added info about new standalone Fraud Check capabilities.

Removed tests 3DS17, 3DS18, and 3DS19 from the guide.

Added info about AmEx SafeKey (3DS) to element definitions.

1.5

Returned IIAS/Healthcare support info to the document.

Added Mastercard to notes about automatic Auth Reversal when Capture is less than Auth amount.

Added Note about required fields for FastAccess Funding when pushing funds to a Mastercard.

1.4

Added testing information for Visa Stored Credential scenarios.

Added new elements to support Preferred Debit Network.

Added info about new accountRangeId element.

Corrected allowed length of approvedAmount element.

Added webSessionId to advancedFraudChecks structure.

Added numTranslateToLowValueTokenRequests attribute to batchRequest structure.

Changed deadline for Same Day Funding from 12:00 PM ET to 11:00 AM ET.

1.3

Replace Android Pay info with Google Pay info

Updated the document for schema V12.2, including a new message type for retrieving a low value token for a high value token, new elements to support lodging transactions, and new elements for standalone fraud checks. The lodging and token translate features are not yet available for general use.

1.2

Added note about HTTP/1.0 and HTTP/1.1.

Added Response Codes 640, 641, and 642 for PINless Debit.

Added info about Response Reason Code 825.

Added info about allowing 60 second gap between a transaction and submitting a Void.

Added processingType enums for Card on File transactions.

Added the pinlessDebitResponse and networkName elements.