Credit Card Processing

Credit Card Life Cycle: Normal Flow

This flow covers the system interactions that occur for the standard, happy-path credit card use case:

• Credit card checkout in the webstore is successful.
• The order passes the fraud check.
• The order is successfully fulfilled.
• Payment is settled.

Shopper Checkout

1. The webstore sends a CreditCardAuthRequest message to the Payment Service and receives an approval.
2. The webstore places the order in the order management system.

Order Management

1. The order management system sends the order for fraud review via a RiskAssessmentRequest message.
2. The order management system waits for a RiskAssessmentReply message to be returned asynchronously via the Advanced Message Queuing Protocol (AMQP).
3. The Risk Service uses order and payment data to assess risk. Some orders might be flagged for manual review.
4. The Risk Service sends a RiskAssessmentReply message with the result that the order passed its fraud check.
5. The order is released for fulfillment.

When part or all of the order is available for fulfillment, the following steps are performed:

1. The order management system prepares an invoice for the shipment.
2. The order management system calls confirm funds to confirm that the payment authorization is still valid for the currency amount of the invoice.
3. If the confirm funds response is positive, the shipment is released for fulfillment from the warehouse or third-party shipper.
4. The fulfillment system sends a confirmation that the shipment was shipped.
5. The order management system calls issues a payment settlement request to collect payment on the shipment.

Credit Card Fault Response

When credit card processing encounters an exception that should be handled at the web store or the client layer, a fault response message is returned. For a list of fault response codes and more information, see Credit Card Fault Response Codes.

Credit Card Life Cycle: Order Canceled Due to Fraud

This flow covers the system interactions that occur when the risk review rejects an order that used a credit card for payment:

• Credit card checkout in the webstore is successful.
• The order is rejected in the fraud check.
• The credit card authorization is canceled.

Shopper Checkout

1. The webstore sends a CreditCardAuthRequest message to the Payment Service and receives an approval.
2. The webstore places the order in the order management system.

Order Management

1. The order management system sends the order for fraud review via a RiskAssessmentRequest message.
2. The order management system waits for a RiskAssessmentReply message to be returned asynchronously via the AMQP.
3. The Risk Service uses order and payment data to assess risk. Some orders might be flagged for manual review.
4. The Risk Service sends a RiskAssessmentReply message with the result that the order failed its fraud check.
5. The order management system cancels the order.
6. The order management system sends a PaymentAuthCancelRequest message to the Payment Service to release the authorization hold on the customer's funds.
7. The order management system waits for a PaymentAuthCancelReply message to be returned asynchronously via the AMQP.
8. The Payment Service sends a PaymentAuthCancelReply message.

Credit Card API Operations

Credit card processing uses the following API operations:

• Credit Card Authorization
• Private Label Credit Card Authorization
• Payment Settlement
• Payment Authorization Cancel
• Risk Assessment
• Validate Card
• Terms And Conditions

Other useful links:

• Tokenization and ThreeDS authentication