Payment Menu v2

Verify

Validating the payer’s payment details.

Edit "Verify" on GitHub

The Verify operation lets you post verification payments, which confirm the validity of card information without reserving or charging any amount.

Introduction To Verify

This option is commonly used when initiating a subsequent unscheduled purchase flow - where you do not want to charge the payer right away.

info

Please note that all boolean card attributes involving the rejection of certain card types are optional and require enabling in the contract with Swedbank Pay.

Verification Through Swedbank Pay Payments

  • When properly set up in your merchant/webshop site, and the payer initiates a verification operation, you make a POST request towards Swedbank Pay with your Verify information. This will create a payment resource with a unique id. You either receive a Redirect URL to a hosted page or a JavaScript source in response.
  • You need to embed the script source on your site to create aSeamless View in an iframe; so that the payer can enter the card details in a secure Swedbank Pay hosted environment.
  • Swedbank Pay will handle 3-D Secure authentication when this is required.
  • Swedbank Pay will redirect the payer’s browser to - or display directly in the iframe - one of two specified URLs, depending on whether the payment session is followed through completely or cancelled beforehand. Please note that both a successful and rejected payment reach completion, in contrast to a cancelled payment.
  • When you detect that the payer reach your completeUrl, you need to do a GET request to receive the state of the transaction.
  • Finally you will make a GET request towards Swedbank Pay with the id of the payment received in the first step, which will return the payment result and a unscheduledToken that can be used for subsequent unscheduled server-to-server based payments.

API Requests

The API requests are displayed in the Verification flow below. The options you can choose from when creating a payment with key operation set to Value Verify are listed below.

Please note that not including paymentUrl in the request will generate a redirect-verification operation in the response, meant to be used in the Redirect flow. Adding paymentUrl input will generate the response meant for Seamless View, which does not include the redirect-verification. The request below is the Redirect option.

How It Looks

You will redirect the payer to Swedbank Pay hosted pages to collect the card information.

screenshot of the swedish card verification page

Verify Request

Request

1
2
3
4
POST /psp/paymentorders HTTP/1.1
Host: api.externalintegration.payex.com
Authorization: Bearer <AccessToken>
Content-Type: application/json;version=3.x/2.0      // Version optional for 3.0 and 2.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{
    "paymentorder": {
        "operation": "Verify",
        "currency": "NOK",
        "description": "Test Verification",
        "userAgent": "Mozilla/5.0...",
        "language": "nb-NO",  
        "generateUnscheduledToken": true,
        "urls": {
            "hostUrls": ["https://example.com", "https://example.net"],
            "completeUrl": "https://example.com/payment-completed",
            "cancelUrl": "https://example.com/payment-cancelled",
            "logoUrl": "https://example.com/payment-logo.png",
            "termsOfServiceUrl": "https://example.com/payment-terms.html"
        },
        "payeeInfo": {
            "payeeId": "5cabf558-5283-482f-b252-4d58e06f6f3b",
            "payeeReference": "CD1234",
            "payeeName": "Merchant1",
            "productCategory": "A123",
            "orderReference": "or-12456",
            "subsite": "MySubsite", 
        },
        "payer": {
            "payerReference": "AB1234",
        }
    },
    "creditCard": {
        "rejectCreditCards": false,
        "rejectDebitCards": false,
        "rejectConsumerCards": false,
        "rejectCorporateCards": false
    }
}

Verify Response

Response

1
2
3
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8; version=2.0
api-supported-versions: 3.x/2.0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
{
    "paymentOrder": {
        "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
        "created": "2024-05-03T09:04:48.8351546Z",
        "updated": "2024-05-03T09:04:48.8534539Z",
        "operation": "Verify",
        "state": "Ready",
        "currency": "NOK",
        "amount": 0,
        "vatAmount": 0,
        "description": "Test Verification",
        "initiatingSystemUserAgent": "PostmanRuntime/7.37.3",
        "userAgent": "Mozilla/5.0",
        "language": "nb-NO",
        "availableInstruments": [
            "CreditCard"
        ],
        "integration": "",
        "urls": {
            "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/urls"
        },
        "payeeInfo": {
            "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payeeInfo"
        },
        "payer": {
            "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payers"
        },
        "payments": {
            "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/payments"
        },
        "currentPayment": {
            "id": "/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777/currentpayment"
        },
        "items": [
            {
                "creditCard": {
                    "cardBrands": [
                        "CoopMatkonto",
                        "Ica",
                        "MasterCard",
                        "Visa",
                        "Amex",
                        "Dankort",
                        "Jcb",
                        "Maestro"
                    ]
                }
            }
        ]
    },
    "operations": [
        {
            "method": "PATCH",
            "href": "https://api.externalintegration.payex.com/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
            "rel": "update-paymentorder-updateorder",
            "contentType": "application/json"
        },
        {
            "method": "PATCH",
            "href": "https://api.externalintegration.payex.com/psp/paymentorders/14e9908e-1107-4181-a9fb-08dc64fc1777",
            "rel": "update-paymentorder-abort",
            "contentType": "application/json"
        },
        {
            "method": "GET",
            "href": "https://ecom.externalintegration.payex.com/checkout/9b9a0db077d065719f9e05c3ff583783fc474bb3cd712bfa3cfb4759145ba1b8?_tc_tid=dd40b8e24cb0429c823f64111b9a9ba8",
            "rel": "redirect-paymentorder",
            "contentType": "text/html"
        },
        {
            "method": "GET",
            "href": "https://ecom.externalintegration.payex.com/checkout/client/9b9a0db077d065719f9e05c3ff583783fc474bb3cd712bfa3cfb4759145ba1b8?culture=nb-NO&_tc_tid=dd40b8e24cb0429c823f64111b9a9ba8",
            "rel": "view-paymentorder",
            "contentType": "application/javascript"
        }
    ]
}
  

Verification Flow

The sequence diagram below shows the two requests you have to send to Swedbank Pay to make a purchase. The links will take you directly to the API description for the specific request. The diagram also shows in high level, the sequence of the process of a complete purchase. When dealing with credit card payments, 3-D Secure authentication of the cardholder is an essential topic. There are three alternative outcome of a credit card payment:

  • 3-D Secure enabled - by default, 3-D Secure should be enabled, and Swedbank Pay will check if the card is enrolled with 3-D Secure. This depends on the issuer of the card. If the card is not enrolled with 3-D Secure, no authentication of the cardholder is done.
  • Card supports 3-D Secure - if the card is enrolled with 3-D Secure, Swedbank Pay will redirect the cardholder to the autentication mechanism that is decided by the issuing bank. Normally this will be done using BankID or Mobile BankID.