Card-on-file

A Checkout charge session can be created for a saved card (card-on-file). In this case, the customer will not have to enter card details, but only have to go through Strong Customer Authentication (SCA). A card-on-file session can be used for payments with a saved card where the customer is present (Customer Initiated Transaction) to be compliant with PSD2.

📘

Notice

The contrast to Merchant Initiated Transaction

To create a card-on-file charge session, the argument card_on_file must be supplied when creating the session. The argument value is a stored card reference ca_xxx.... The customer provided in the order object with customer_handle must match the customer owning the saved card.

If a payment fails in the card-on-file session, an error will be reported either as Javascript callback for overlay and embedded, or as an HTTP query argument error on the cancel url in window mode. If the card-on-file fails, an alternative payment option could be presented to the customer. E.g. a new session without card-on-file.

CVV will by default not be required for charge sessions, but will by default required for recurring sessions. It can be controlled using the parameter card_on_file_require_cvv.

Example API call to create a charge session with card-on-file:

curl -X POST \
  --url https://checkout-api.reepay.com/v1/session/charge \
  -u 'priv_xxxx:' \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  --data '{
    "card_on_file": "ca_11111111111111111111111111111111",
    "order": {
        "ordertext": "Awesome product",
        "handle": "order-12345",
        "amount": 10000,
        "customer_handle": "cust-0001"
    },
    "accept_url":"https://webshop.com/accept/order-12345",
    "cancel_url":"https://webshop.com/decline/order-12345"
}'