Card Authorize

Determine if card requires 2fa

1.) AUTHENTICATE END USER

When authCodesRequested = true, you need to call:

GET v3/debitcard/authorization/:orderId

This will start the process of authenticating a user.

Wyre requires two authentication codes:

  • CARD2FA - A 6 digit code that's added immediately to the end user's bank account.
  • SMS - A 6 digits sent to the user's mobile device.
  • THREEDS: A URL with the 3DS challenge request by the Bank.

❗️

3DS Authentication - Breaking Change

Starting Jun 1st 2021, Wyre is gonna perform a 3DS rollout for ALL Card Processing API Partners. From 06-01-2021 to 09-01-2021 is the integration time window. After Sept 1st 2021 3Ds will be mandatory. This is a breaking change and is a mandatory step. Not adjusting to this change will make all orders fail.

When the authorization details call above returns a new parameter authorization3dsUrl with a valid URL, you should open a Web-View from the exact same device that sent the Wallet Order creation request, and let the user solve the 3DS challenge. Do not change the Web-View size or inject any kind of script or the 3DS challenge and order will immediately fail. The device IP address where the challenge is solved must be the same as the parameter ipAddress in the WO creation.

When 3DS is requested, CARD2FA and SMS will never be requested.

To receive the 3Ds authentication keep pooling until the Wallet Order Details until the status is PROCESSING or FAILED. Do not close the Web-View before the WO status is PROCESSING or FAILED.

During the 3DS rollout phase, there is a new parameter called trigger3ds = true in the Wallet Order creation that is gonna trigger the 3DS URL to help with the integration.

The need for confirming codes are dynamic and are based on each order. You will need to confirm only codes that are requested. If the Authentication codes are not provided, the order will expire - the current expiration time is 10 minutes. When building your UI, you need to make it a real-time experience.

The GET request is only available until codes are still valid. After that, if you try to get authorization information in this endpoint we throw an error, check Card Exceptions]. The current limit of attempts to specify the code is 5 times. After this, you will receive back an error and the order will expire.

If smsNeeded or card2faNeeded are true, you must provide the codes back in the following endpoints:

POST v3/debitcard/authorize/partner

🚧

Testing Note

In testwyre you need to provide card2fa only once each 2 minutes you submitted your last order using the same card and same billing. After 2 minutes you will need to provide card2fa again.

{
   "type":"SMS", 
   "walletOrderId":"WO_Y74E8FXVWJ2",
   "reservation":"NHEA3UYXEXCUX4Y2HG78",
   "sms":"000000",
   "card2fa":"000000"
}

The node type must be either SMS, CARD2FA or ALL. When SMS the node sms is mandatory, when CARD2FA the node card2fa is mandatory, when ALL both sms and card2fa are mandatory.

Response

{
  "walletOrderId":"WO_DX6B3UAVN8B",
  "success":true
}

When any code failed due to any reason (max attempts, time expiration...) the order will also fail and card refunded. Failed orders cannot be resumed. These codes' needs might change at any time and based on the buyer's info.

6.) VERIFY ORDER AUTHORIZATION

Keep polling Wallet Order Details until the order's status is PROCESSING or COMPLETE.

You can also receive updates via Webhooks, contact our sales team at [email protected] to set up your webhook configuration.

7.) TRACK WALLET ORDER

Once the transferId is returned it means the order was accepted and the transfer (blockchain transaction) is in progress.

To track its progress please check the transfer tracking documentation here https://docs.sendwyre.com/v3/docs/track-wallet-order

🚧

Test Data

You should provide your own test dummy data. Do not use the data in the samples.

Language
Credentials
Header
Click Try It! to start a request and see the response here!