Payment Gateway
Set up transactions with our Payment Gateway API.
The Maast Payment Gateway API is a method for processing payments with complete control over the checkout experience you provide. With the API, you are responsible for collecting and processing payment information on your servers. To reduce your PCI DSS scope, you can tokenize and store cardholder data in Maast's Customer Vault.
This page provides an overview of the Payment Gateway API and the features it supports. The API Quick Start guide gives instructions for the fastest possible setup of the Payment Gateway API for a sale transaction. The remaining guides show how to use the Payment Gateway API to perform a Sale, Tokenize, Void, or Refund transaction. See Payment Gateway in our API Reference for field definitions and details on all supported requests.
Features
Our Payment Gateway API has the following benefits:
- Fully customized - Keep customers on your site for payments, where you can configure payment fields however you wish.
- Flexible - Support a wide array of transactions, payment types, and currencies.
- Secure - All cardholder data is collected and processed by Maast, a PCI DSS certified Level 1 compliant Service Provider.
The API supports several different requests. We offer API reference for all supported requests and detailed implementation guides for some.
We have guides for the following API functions:
- Sale (Auth + Capture) - Authorizes and captures payment with a single request.
- Tokenize - Saves credit card or ACH payment information to a token (card ID) for use in future transactions.
- Void a Previously Authorized Transaction - Cancels an authorized transaction.
- Refund Previously Captured Transaction - Issues a full or partial refund to a captured transaction.
See the Payment Gateway API reference for the following additional functions supported by the API:
- Authorize Transaction - Sends cardholder data to the issuing bank for approval.
- Verify - Sends cardholder data to the issuing bank for verification.
- Capture an Authorized Transaction - Captures an authorized transaction, partially or in full.
- Send Transaction Receipt Email - Emails the receipt of a successful transaction to one or more addresses.
- Close Batch - Immediately closes the open batch of transactions.
- Force Transaction Approval - Forces a declined transaction into the system.
- Recharge Previously Settled Transaction - Uses data from a previous successful transaction to create a new sale transaction.
- Expire Token - Invalidates a token (card ID) for future transactions.
- Get Card Type Information for Visa, Mastercard, and Discover - Gets the card type of a specified payment card number.
- Request a Balance - Requests the balance of a specified FBO account.
- Issue Credit to Cardholder - Issues a non-referenced credit or payment to a cardholder.
- Initiate a Payment to a Payee - Initiates a payment to a profile stored in Payee Vault.
The Payment Gateway API supports the following payment types:
- E-commerce
- Mail order
- Telephone order
- Card swipe
- Recurring
- Installment
- Level II
- Level III
It supports these forms of payment:
- Visa
- Mastercard
- Discover
- American Express
- International Diners
- JCB
- Purchase cards
- Business cards
- Google Pay™
- ACH
It supports the following currencies:
- For credit card payments - All currencies supported by Mastercard and Visa
- For ACH payments - U.S. dollars (USD)
It supports these additional features:
- Retry logic - See below for more information.
- 3-D Secure Authentication - Use a third-party merchant plugin to get your Visa or Mastercard 3-D Secure values, and submit them with your transaction. See the 3-D Secure section of the Sale implementation guide for more information.
How it Works
This section provides an overview of the payment flow process with the Payment Gateway API for one-time payments and then for repeat transactions that use Customer Vault to store payment information.
One-Time Payments
For one-time payments, the Payment Gateway API payment flow is as follows:
- The customer selects to check out, sending payment information (the total sale amount and cardholder data) to the merchant server.
- The merchant server sends the payment information to the Maast server for authorization.
- Maast sends the payment information to the card brands for authorization, and it receives an approval or decline.
- Maast returns the response to the merchant server.
- The merchant server returns the response to the merchant's site.
- On approval, the merchant presents a receipt to the customer.
Repeat Payments with Customer Vault
For repeat-customer payments, the Payment Gateway API payment flow is as follows:
- The customer selects to check out, sending payment information (the total sale amount, cardholder data, and billing address) to the merchant server.
- The merchant server sends the following to the Maast server: the payment information and either a request for authorization or a request to perform a sale and tokenize.
- Maast sends the payment information to the card brands for authorization, and it receives an approval or decline.
- On approval, the following is stored in the Customer Vault: the customer ID, card ID, billing address, and any provided cardholder data.
- Maast returns the response to the merchant server, including the customer ID, card ID, and the first 6 and last 4 digits of the credit card number.
- On approval, the merchant presents a receipt to the customer.
Retry Logic
This API supports retry logic. Note:
- Messages retry when the developer application does not receive a response from the Maast host.
- When using retry, the developer application is responsible for properly handling the
retry_attempt
value. - The
retry_attempt
value is unique each 24-hour period. It is greater than zero and increases in an increment of 1 each time an attempt is made.
Updated about 1 month ago