Payment Gateway
Set up transactions with our Payment Gateway API.
The Maast Payment Gateway API is a method for processing payments with complete control over the checkout experience you provide. With the API, you are responsible for collecting and processing payment information on your servers. To reduce your PCI DSS scope, you can tokenize and store cardholder data.
This page provides an overview of the Payment Gateway API and the features it supports. The API Quick Start guide gives instructions for the quickest setup of the Payment Gateway API for a sale transaction. The remaining guides show how to use the Payment Gateway API to perform a Sale, Tokenize, Void, or Refund transaction. See Payment Gateway in our API Reference for field definitions and details on all supported requests.
Features
Our Payment Gateway API has the following benefits:
- Fully customized - Keep customers on your site for payments, where you can configure payment fields however you wish.
- Flexible - Support a wide array of transactions, payment types, and currencies.
- Secure - All cardholder data is collected and processed by Maast, a PCI DSS certified Level 1 compliant Service Provider.
The API supports several different requests. We offer API reference for all supported requests and detailed implementation guides for some.
We have guides for the following API functions:
- Sale (Auth + Capture) - Authorizes and captures payment with a single request.
- Tokenize - Saves credit card or ACH payment information to a token (card ID) for use in future transactions.
- Void a Previously Authorized Transaction - Cancels an authorized transaction.
- Refund Previously Captured Transaction - Issues a full or partial refund to a captured transaction.
See the Payment Gateway API reference for the following additional functions supported by the API:
- Authorize Transaction - Sends cardholder data to the issuing bank for approval.
- Verify - Sends cardholder data to the issuing bank for verification.
- Capture an Authorized Transaction - Captures an authorized transaction, partially or in full.
- Send Transaction Receipt Email - Emails the receipt of a successful transaction to one or more addresses.
- Close Batch - Immediately closes the open batch of transactions.
- Force Transaction Approval - Forces a declined transaction into the system.
- Recharge Previously Settled Transaction - Uses data from a previous successful transaction to create a new sale transaction.
- Expire Token - Invalidates a token (card ID) for future transactions.
- Get Card Type Information for Visa, Mastercard, and Discover - Gets the card type of a specified payment card number.
- Request a Balance - Requests the balance of a specified FBO account.
- Issue Credit to Cardholder - Issues a non-referenced credit or payment to a cardholder.
- Initiate a Payment to a Payee - Initiates a payment to a profile stored in Payee Vault.
The Payment Gateway API supports the following forms of payment:
- Visa
- Mastercard
- Discover
- American Express
- Google Pay™
- ACH
The API supports these payment types:
- E-commerce
- Card swipe
- Recurring
- Installment
- Mail order
- Telephone order
It supports these currencies:
- For credit card payments - All currencies supported by Mastercard and Visa
- For ACH payments - U.S. dollars (USD)
It supports these types of optional data:
- Level II
- Level III
- 3-D Secure authentication:
- Use a third-party merchant plugin to get your Visa or Mastercard 3-D Secure values and submit them with your transaction.
- See the 3-D Secure section of the Sale implementation guide for more information.
How it Works
This section provides an overview of the payment flow process using the Payment Gateway API for one-time payments and for repeat transactions with stored payment information.
One-Time Payments
For one-time payments, the Payment Gateway API payment flow is as follows:
- The customer selects to check out, sending payment information (the total sale amount and cardholder data) to the merchant server.
- The merchant server sends the payment information to the Maast server for authorization.
- Maast sends the payment information to the card brands for authorization, and it receives an approval or decline.
- Maast returns the response to the merchant server.
- The merchant server returns the response to the merchant's site.
- On approval, the merchant presents a receipt to the customer.
Repeat Payments
To tokenize payment method information for repeat-customer payments, the Payment Gateway API payment flow is below. Note that this is distinct from the use of Customer Vault to save a customer payment profile; see Payment Method Storage for more information.
- The customer selects to check out, sending payment information (the total sale amount, cardholder data, and billing address) to the merchant server.
- The merchant server sends the following to the Maast server: the payment information and either a request for authorization or a request to perform a sale and tokenize.
- Maast sends the payment information to the card brands for authorization, and it receives an approval or decline.
- On approval, the following information is stored: the customer ID, card ID, billing address, and any provided cardholder data.
- Maast returns the response to the merchant server, including the customer ID, card ID, and the first 6 and last 4 digits of the credit card number.
- On approval, the merchant presents a receipt to the customer.
Updated over 1 year ago