Payment Gateway

Overview

  • The Maast Payment Gateway provides you with complete control over your checkout experience. You can process either one-time payments or payments from repeat customers. Integrate directly with either the Payment Gateway API or via an SDK. You will be responsible for collecting and processing payment information on your servers. To reduce your PCI DSS (Payment Card Industry Data Security Standard) scope, tokenize and store cardholder data in Maast Customer Vault.

Maast is a PCI DSS (Payment Card Industry Data Security Standard) certified Level 1 compliant Service Provider.

How One-Time Payments Work

11991199
  1. During checkout, the total sale amount and cardholder data (payment information) is processed through the merchant server, and the merchant connects to the Payment Gateway API;

  2. The payment information is sent to the Payment Gateway for authorization;

  3. Maast sends the payment information to the card brands for an authorization and receives an approval or decline;

  4. The response is returned to the merchant server;

  5. The approval or decline is returned to the merchant's site;

  6. On approval, the merchant presents a receipt to the buyer.

How Repeat Customer Payments Work

11991199
  1. During checkout, the total sale amount and cardholder data is processed through the merchant server, and the merchant connects to the Payment Gateway API;

  2. The cardholder data and billing address (payment information) is sent to the Payment Gateway with the request to authorize or perform a sale, tokenize and store into the Customer Vault;

  3. Maast sends the payment information to the card brands for an authorization and receives an approval or decline;

  4. On approval, the customer ID, cardholder data and billing address is stored in the Customer Vault;

  5. The response is returned to the merchant server along with the first 6 and last 4 of the credit card number;

  6. On approval, the merchant presents a receipt to the buyer.

Features

  • Verify is used to send cardholder data to the issuing bank for validation
  • Authorization is used to send cardholder data to the issuing bank for approval. An approved transaction will continue to be open until it expires or a capture message is received. Authorizations are automatically voided if they are not captured within 28 days, although most issuing banks will release the hold after 24 hours in retail environments or 7 days in card not present environments.
  • Capture is used to capture a previously authorized transaction using the payment gateway identifier returned by the authorization message. A capture may be completed for any amount up to the authorized amount.
  • Sale is used to perform the function of an authorization and a capture in a single message. This message is used when either goods or services are provided at time of payment
  • Void is used to cancel a previously authorized transaction. Authorizations can be voided at any time. Captured transactions can be voided up until the batch is closed. The batch close time is configurable and by default is 9 PM Pacific Standard Time
  • Credit is used to issue a non-referenced credit or payment to a cardholder. The credit message is enabled during the first 30 days of production activity after which is disabled to prevent fraudulent use
  • Refund is used to issue a partial or full refund of a previously captured transaction using the payment gateway identifier. Multiple refunds are allowed per captured transaction provided that the sum of all refunds does not exceed the original captured transaction amount
  • Force is used to force a declined transaction into the system. This would occur when the online authorization was declined and the merchant received an authorization from a voice or automated response (ARU) system. The required fields are the same as a sale or authorization message with the following exceptions: the cardholder expiration date (exp_date) is not required, and the 6-character authorization code received from the issuer (auth_code) is required.
  • Tokenization is used to securely store cardholder data on the Maast platform and is supported on all transaction types. Alternatively by sending a Customer ID, you can store cardholder data as well as an array of data in Maast Customer Vault.
  • Batch Close will cause the open batch of transactions to be immediately closed. This message is normally used by POS devices that wish to control the timing of the batch close rather than relying on the daily automatic batch close.

Card Types

Visa, MasterCard, Discover, American Express, International Diners and JCB as well as purchase and business cards.


Currency Types

All currencies supported by MasterCard and Visa. Transactions will appear on the cardholder statement in their currency and you will be funded in USD. Daily exchange rates are applied by the card brands.


Payment Types

E-commerce, mail order, telephone order, card swipe, recurring, installment, Level II and III as well as 3D Secure.


Retry Logic

Support for retrying messages when the developer application does not receive a response from the Maast host. When using retry, the developer application is responsible for properly handling the retry_attempt value, which will be unique within a 24 hour period and greater than zero, incrementing by 1, each time an attempt is made.


Security

Sensitive cardholder data will travel from your customer's device touching your servers and onto Maast. Maast is a PCI DSS (Payment Card Industry Data Security Standard) certified Level 1 compliant Service Provider.


3-D Secure Support

Use a third-party Merchant Plug-in to obtain the Visa and MasterCard 3-D Secure values, then submit the values with your payment gateway transaction for 3-D Secure Authentication.

Integrate

Sign up for an account to access the Maast Sandbox environment and retrieve your sandbox test keys in the Administration section. Integrate directly with the Payment Gateway API or take advantage of one of our SDKs.

Test

Start testing now at https://api-test.maast.com

Go Live

Ready to Go Live!. Log in to your Sandbox account and click "Go Live" apply now for your production account.

Once you have received approval for your production account, log into Maast Manager and retrieve your production keys from the Administration section.

Start transacting at https://api.maast.com

Have a question? Click the chat button in the bottom right or email us at [email protected].


Did this page help you?