Skip to main content

API integration

This type of transaction is supported only on direct integration and provides customers with the ability to make P2P transfers using their own payment page.

Interaction format:

An image from the static

info

Note: the use of direct integration when collecting card data on the merchant side requires PCI DSS certification. Alternatively, you can use our tokenization widget, by implementing it on your site.

Use the HTTP POST method for P2P transfer.

Request parameters:

ParameterTypeRequiredDescription
pos_idUUIDMerchant's identifier (POS_ID)
modeMODEdirect
methodMETHODp2p
amountNumberTransaction amount. Must be a positive number. The number of decimal digits must be less than or equal to 2 (e.g., 100.00, 250, 50.50)
currencyCURRENCYTransaction currency (ISO_4217)
descriptionStringPayment description
order_idStringUnique identified of transfer
cc_numberCC_NUMBERCard number
exp_monthNumberCard expiration month field
exp_yearNumberCard expiration year field
card_cvvStringCard CVV
recipient_cc_numberStringRecipient's card number
order_3ds_bypassString3-D Secure flow option
customer_idStringCustomer’s identifier in merchant's system
customer_fnameStringCustomer’s first name
customer_lnameStringCustomer’s last name
customer_patronymStringCustomer’s patronym
customer_emailStringCustomer’s email
customer_phoneStringCustomer’s phone
customer_ipStringCustomer’s IP address
customer_countryStringCustomer’s country (ISO 3166-1 (alpha-2)). For instance, UA for Ukraine
customer_birthdayStringCustomer’s birthday (format: yyyy-MM-dd)
customer_tax_idStringCustomer’s tax identification number
server_urlURLWebhook notification will be sent to this URL
result_urlURLCustomer will be redirected to this URL after payment.
merchant_mccMCCMCC for this transaction
payloadStringField for custom data. Max 4000 symbols.
validation_urlURLPreflight request will be sent to this URL
external_feeNumberTransaction external fee. Note: usage of the parameter requires an approval
browser_fingerprintJsonBrowser fingerprint. These parameters could be used in 3DS 2.0 verification.

Request example:

$ curl "https://cpay.tranzzo.com/api/v1/payment" \
-H "Content-Type: application/json" \
-H "X-API-AUTH: CPAY ${API_KEY}:${API_SECRET}" \
-H "X-API-KEY: ${ENDPOINTS_KEY}" \
-X POST -d '{
"pos_id": "${POS_ID}",
"mode": "direct",
"method": "p2p",
"amount": 1,
"currency": "UAH",
"description": "P2P description",
"order_id": "123",
"order_3ds_bypass": "always",
"cc_number": "4242424242424242",
"exp_month": 2,
"exp_year": 24,
"card_cvv": "111",
"recipient_cc_number": "5555555555554444",
"server_url": "https://callback.blackhole.com/callback",
"result_url": "https://example.com/result",
"payload": "sale=true",
"external_fee": 0.05,
"browser_fingerprint": {
"browserColorDepth": "24",
"browserScreenHeight": "860",
"browserScreenWidth": "1600",
"browserJavaEnabled": "false",
"browserLanguage": "uk-UA",
"browserTimeZone": "Europe/Kiev",
"browserTimeZoneOffset": "-120",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"browserIpAddress": "127.0.0.1",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36"
}
}'

Response parameters:

ParameterTypeDescription
payment_idUUIDUnique Tranzzo payment identifier
order_idString(≤256)Unique identifier of order
gateway_order_idGW_IDUnique order identifier in bank acquirer system.
billing_order_idBILLING_IDUnique Tranzzo billing identifier
transaction_idUUIDTranzzo transaction identifier
pos_idUUIDMerchant's identifier (POS_ID)
modeMODEdirect
methodMETHODp2p
amountNumberTransaction amount
currencyCURRENCYTransaction currency (ISO_4217)
descriptionString(≤2048)Payment description
statusSTATUSTransaction status
status_codeSTATUS_CODETranzzo payment status code
status_descriptionStringTranzzo payment status code description
user_action_requiredBooleanEither customer action is required to proceed with payment
user_action_urlURLIf user_action_required is true then user should be redirected to this URL
eciECIElectronic Commerce Indicator - authentication result of credit card payment on 3D Secure
mccMCCMCC for this transaction
options_3dsString3-D Secure flow option
cc_maskCC_MASKCard number mask
cc_tokenCC_TOKENTranzzo card token generated for this card
cc_token_expirationTIMESTAMPToken expiration timestamp
customer_idStringCustomer’s identifier in merchant's system
customer_ipIPCustomer’s IP address
customer_fnameStringCustomer’s first name
customer_lnameStringCustomer’s last name
customer_patronymStringCustomer’s patronym
customer_emailStringCustomer’s email
customer_phoneStringCustomer’s phone
customer_countryStringCustomer’s country (ISO 3166-1 (alpha-2)). For instance, UA for Ukraine
customer_birthdayStringCustomer’s birthday (format: yyyy-MM-dd)
result_urlURLCustomer will be redirected to this URL after payment.
created_atTIMESTAMPTimestamp when transaction was created
processed_atTIMESTAMPTimestamp when transaction was updated last time
feeObjectAmount and currency of commission
fixed_feeObjectAmount and currency of fixed commission (fee), which constitutes a portion of the total commission (fee)
percent_feeObjectAmount and currency representing the interest commission (fee), which constitutes a portion of the total commission (fee)
payloadString(≤4096)Field for custom data.

Response example:

{
"payment_id": "9b1392a5-d030-4e85-b02d-9b7191ea2a5e",
"order_id": "123",
"gateway_order_id": "9B39A076243EB3EBB0925EAA981763AC:158545961",
"billing_order_id": "11231231231",
"transaction_id": "a8d80c86-0c7b-41bc-b63d-1e78f80edcd9",
"pos_id": "dc728de1-51ef-4ef1-80f7-3b44b07b5667",
"mode": "direct",
"method": "p2p",
"amount": 1000,
"currency": "UAH",
"description": "P2P description",
"status": "pending",
"status_code": "2122",
"status_description": "3DS verification is required to finish the transaction.",
"user_action_required": true,
"user_action_url": "http://secure.secure3d.net/s3st?a=start_3ds&tid=a8d81c860c7b41bcb65d1e78f80edcd923ac18d5dd1d4a37e6c7df7d5e4bec74ab5d790b",
"eci": "7",
"mcc": "4900",
"options_3ds": "supported",
"cc_mask": "424242******4242",
"cc_token": "ODJkZjBhNmY2OTMyNDJlN2wjMjFjfTQzOXU3ZDFhYzI6cWJmWHFmMHlzM3hYaXJMWEZv",
"cc_token_expiration": "2020-10-10T10:10:22",
"customer_id": "123",
"customer_ip": "194.183.171.239",
"customer_fname": "Tom",
"customer_lname": "Hanks",
"customer_email": "[email protected]",
"customer_phone": "+380999999999",
"customer_country": "UA",
"result_url": "https://example.com/result",
"created_at": "2018-10-10T10:10:22.100",
"processed_at": "2018-10-10T10:10:23.300",
"fee": {
"amount": 136,
"currency": "UAH"
},
"percent_fee": {
"amount": 126,
"currency": "UAH"
},
"fixed_fee": {
"amount": 10,
"currency": "UAH"
},
"payload": "sale=true"
}

In addition, the following data regarding the fingerprint of the payer's browser must be submitted in the request:

ParameterTypeDescription
browserColorDepthStringBrowser's color depth
browserScreenHeightStringBrowser's screen height
browserScreenWidthStringBrowser's screen width
browserJavaEnabledStringBrowser's java enabled
browserLanguageStringBrowser's language
browserTimeZoneStringBrowser's timezone
browserTimeZoneOffsetStringBrowser's timezone offset
browserAcceptHeaderStringBrowser's accept header
browserIpAddressStringBrowser's IP address
browserUserAgentStringBrowser's user agent

An example of a payer's browser fingerprint:

"browser_fingerprint": {
"browserColorDepth": "24",
"browserScreenHeight": "860",
"browserScreenWidth": "1600",
"browserJavaEnabled": "false",
"browserLanguage": "uk-UA",
"browserTimeZone": "Europe/Kiev",
"browserTimeZoneOffset": "-120",
"browserAcceptHeader": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
"browserIpAddress": "127.0.0.1",
"browserUserAgent": "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36"
}

To test the payment process:

Find more details in the integration checklist.

After completing the test to go online, you need:

  1. Create a live project in the merchant portal.
  2. Pass PCI DSS certification (if you intend to work with card data of payers on your side) or implement a tokenization widget (to make direct payments without using card data).
  3. After receiving information from our Compliance team about the completion of the settings for the project, make changes to the authentication data using the data of the live project.
  4. You are ready to provide P2P transfers for your customers.

See also: