From c7a63cdf4908bc61f02adc3ee1849bacabd2a8e1 Mon Sep 17 00:00:00 2001 From: Peter Klogborg Date: Fri, 16 Jan 2026 12:59:44 +0100 Subject: [PATCH 1/2] merge token method documentation visa and mastercard --- .../authorizations_methods/token.md | 114 +++++++++--------- 1 file changed, 57 insertions(+), 57 deletions(-) diff --git a/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md b/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md index 8685310..2125492 100644 --- a/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md +++ b/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md @@ -6,11 +6,11 @@ weight: 135 --- #### Method: token -Three token frameworks are supported: +Token frameworks supported: * `clicktopay`: Click to Pay -* `token[m4m]`: Mastercard Digital Enablement Service (MDES) for Merchants (M4M) -* `token[vts]`: Visa Token Service (VTS) +* `token`: Visa and Mastercard + Requirement of some parameters depends on the initiator of the transaction; a parameter might be required for cardholder-initiated transactions (CITs) and otherwise optional. See the details for each parameter. @@ -50,92 +50,92 @@ Click to Pay token payment method for both Visa and Mastercard CITs. {{% /description_details %}} {{% /description_list %}} -#### Method: token[m4m] +#### Method: token + +Token payment method for both For both Visa Token Service (VTS) and Mastercard Digital Enablement Service (MDES) -The required values are found in either the MDES `transact` response or the Secure Card on File (SCOF) `checkout` response. +The required values are found in: +- the VTS provision token response. +- the MDES `transact` response +- the SCOF Secure Card on File `checkout` response. {{% description_list %}} -{{% description_term %}}token[m4m][tan] {{% regex %}}[0-9]{12,19}{{% /regex %}}{{% /description_term %}} +{{% description_term %}}token[tan] {{% regex %}}[0-9]{12,19}{{% /regex %}}{{% /description_term %}} {{% description_details %}}Token Account Number (TAN) of the token to charge. -Found in `encryptedPayload.encryptedData.accountNumber` (MDES) or `encryptedPayload.token.paymentToken` (SCOF). +| Response | Found in | +| ------ | --------- | +| VTS | `tokenInfo.encTokenInfo` | +| MDES | `encryptedPayload.encryptedData.accountNumber` | +| SCOF | `encryptedPayload.token.paymentToken` | {{% /description_details %}} -{{% description_term %}}token[m4m][expire_month] {{% regex %}}[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_term %}}token[expire_month] {{% regex %}}[0-9]{2}{{% /regex %}}{{% /description_term %}} {{% description_details %}}Expiry month of token to charge. -Found in `encryptedPayload.encryptedData.applicationExpiryDate` (MDES) or `encryptedPayload.token.tokenExpirationMonth` (SCOF). -{{% /description_details %}} - -{{% description_term %}}token[m4m][expire_year] {{% regex %}}20[0-9]{2}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Expiry year of token to charge. - -Found in `encryptedPayload.encryptedData.applicationExpiryDate` (MDES) or `encryptedPayload.token.tokenExpirationYear` (SCOF). +| Response | Found in | +| ------ | --------- | +| VTS | `tokenInfo.expirationDate.month` | +| MDES | `encryptedPayload.encryptedData.applicationExpiryDate ` | +| SCOF | `encryptedPayload.token.tokenExpirationMonth` | {{% /description_details %}} -{{% description_term %}}token[m4m][tav] {{% regex %}}[:base64:]{28}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Token Authentication Value (TAV). Also known as token cryptogram and Digital Secure Remote Payments (DSRP) cryptogram. -Only DSRP cryptograms are supported. The value must start with `[A-P]` to be a DSRP cryptogram. +{{% description_term %}}token[expire_year] {{% regex %}}20[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Expiry year of token to charge. -Found in `encryptedPayload.encryptedData.de48se43Data` (MDES) or `encryptedPayload.dynamicData.dynamicDataValue` (SCOF). -{{% regex_optional %}}Required for CITs. For MITs it shall only be included on the first, tokenized transaction or if there is a change to the token.{{% /regex_optional %}} +| Response | Found in | +| ------ | --------- | +| VTS | `tokenInfo.expirationDate.year` | +| MDES | `encryptedPayload.encryptedData.applicationExpiryDate ` | +| SCOF | `encryptedPayload.token.tokenExpirationYear` | {{% /description_details %}} -{{% description_term %}}token[m4m][rcai] {{% regex %}}[:base64:]{1..150}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Remote Commerce Acceptor Identifier. +{{% description_term %}}token[eci] {{% regex %}}0[57]{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Electronic Commerce Indicator. -Merchant identifier such as business website URL or reverse domain name (e.g. com.example.www). The identifier must be encoded as Base64. -Found in `customOutputData.remoteCommerceAcceptorIdentifier` (SCOF). (Not available in MDES.) -{{% regex_optional %}}Optional.{{% /regex_optional %}} -{{% /description_details %}} - -{{% description_term %}}token[m4m][3dsecure][v2] {{% regex %}}dictionary{{% /regex %}}{{% /description_term %}} -{{% description_details %}}See [Authentication: [3dsecure][v2]](#authentication-3dsecure-v2). -{{% regex_optional %}}Optional{{% /regex_optional %}} +| Response | Found in | Required for CITs | +| ------ | --------- | ---- | +| VTS | `cryptogramInfo.eci` | Yes, otherwise optional (defaults to `07`) | +| MDES | N/A | | +| SCOF | N/A | | {{% /description_details %}} -{{% /description_list %}} - -#### Method: token[vts] -The required values are found in the VTS provision token response. -{{% description_list %}} -{{% description_term %}}token[vts][tan] {{% regex %}}[0-9]{12,19}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Token Account Number (TAN) of the token to charge. +{{% description_term %}}token[tav] {{% regex %}}[:base64:]{28}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Token Authentication Value (TAV) also know as token cryptogram. -Found in `tokenInfo.encTokenInfo`. -{{% /description_details %}} +Visa specific name: Token Authentication Verification Value (TAVV). -{{% description_term %}}token[vts][expire_month] {{% regex %}}[0-9]{2}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Expiry month of token to charge. +Mastercard specific name: Digital Secure Remote Payments (DSRP) cryptogram. +For Mastercard only DSRP cryptograms are supported. The value must start with `[A-P]` to be a DSRP cryptogram. -Found in `tokenInfo.expirationDate.month`. -{{% /description_details %}} -{{% description_term %}}token[vts][expire_year] {{% regex %}}20[0-9]{2}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Expiry year of token to charge. -Found in `tokenInfo.expirationDate.year`. +| Response | Found in | Required for CITs | +| ------ | --------- | ---- | +| VTS | `cryptogramInfo.eci` | Yes; otherwise optional. | +| MDES | `encryptedPayload.encryptedData.de48se43Data` | Yes. For MITs it shall only be included on the first, tokenized transaction or if there is a change to the token| +| SCOF | `encryptedPayload.dynamicData.dynamicDataValue` | Yes. For MITs it shall only be included on the first, tokenized transaction or if there is a change to the token| {{% /description_details %}} -{{% description_term %}}token[vts][eci] {{% regex %}}0[57]{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Electronic Commerce Indicator. - -Found in `cryptogramInfo.eci`. -{{% regex_optional %}}Required for CITs; otherwise optional (defaults to `07`).{{% /regex_optional %}} -{{% /description_details %}} +{{% description_term %}}token[rcai] {{% regex %}}[:base64:]{1..150}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Remote Commerce Acceptor Identifier. -{{% description_term %}}token[vts][tav] {{% regex %}}[:base64:]{28}{{% /regex %}}{{% /description_term %}} -{{% description_details %}}Token Authentication Value (TAV). Also known as token cryptogram and Token Authentication Verification Value (TAVV). +| Response | Found in | Required? | +| ------ | --------- | - | +| VTS | N/A | N/A | +| MDES | N/A | N/A | +| SCOF | `customOutputData.remoteCommerceAcceptorIdentifier`| optional | -Found in `cryptogramInfo.cryptogram`. -{{% regex_optional %}}Required for CITs; otherwise optional.{{% /regex_optional %}} +Merchant identifier such as business website URL or reverse domain name (e.g. com.example.www). The identifier must be encoded as Base64. {{% /description_details %}} -{{% description_term %}}token[vts][3dsecure][v2] {{% regex %}}dictionary{{% /regex %}}{{% /description_term %}} +{{% description_term %}}token[3dsecure][v2] {{% regex %}}dictionary{{% /regex %}}{{% /description_term %}} {{% description_details %}}See [Authentication: [3dsecure][v2]](#authentication-3dsecure-v2). {{% regex_optional %}}Optional{{% /regex_optional %}} {{% /description_details %}} {{% /description_list %}} + + From 31b9aa4582851ab76385762d83f96368540b6ecd Mon Sep 17 00:00:00 2001 From: Peter Klogborg Date: Tue, 27 Jan 2026 09:48:33 +0100 Subject: [PATCH 2/2] move vts and m4m to deprecated --- .../api_reference/deprecated/deprecated.md | 110 ++++++++++++++++++ .../authorizations_methods/token.md | 1 + 2 files changed, 111 insertions(+) create mode 100644 website/content/gateway/api_reference/deprecated/deprecated.md diff --git a/website/content/gateway/api_reference/deprecated/deprecated.md b/website/content/gateway/api_reference/deprecated/deprecated.md new file mode 100644 index 0000000..40d1e5b --- /dev/null +++ b/website/content/gateway/api_reference/deprecated/deprecated.md @@ -0,0 +1,110 @@ +--- +title: "deprecated" +date: 2026-01-27T09:37:22+01:00 +anchor: "deprecated" +weight: 360 +--- +## Deprecated +This section included snippets of the old documentation. As long as its available in this section its +still a valid way to work with the api. +### M4m and Vts snippet from 2025 +#### Method: token + +* `token[m4m]`: Mastercard Digital Enablement Service (MDES) for Merchants (M4M) +* `token[vts]`: Visa Token Service (VTS) + +Requirement of some parameters depends on the initiator of the transaction; a parameter might be required for cardholder-initiated transactions (CITs) and otherwise optional. See the details for each parameter. + +{{% notice %}} +**Notice**: Signing is required to use the `token` payment method. +{{% /notice %}} + +#### Method: token[m4m] + +The required values are found in either the MDES `transact` response or the Secure Card on File (SCOF) `checkout` response. + +{{% description_list %}} +{{% description_term %}}token[m4m][tan] {{% regex %}}[0-9]{12,19}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Token Account Number (TAN) of the token to charge. + +Found in `encryptedPayload.encryptedData.accountNumber` (MDES) or `encryptedPayload.token.paymentToken` (SCOF). +{{% /description_details %}} + +{{% description_term %}}token[m4m][expire_month] {{% regex %}}[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Expiry month of token to charge. + +Found in `encryptedPayload.encryptedData.applicationExpiryDate` (MDES) or `encryptedPayload.token.tokenExpirationMonth` (SCOF). +{{% /description_details %}} + +{{% description_term %}}token[m4m][expire_year] {{% regex %}}20[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Expiry year of token to charge. + +Found in `encryptedPayload.encryptedData.applicationExpiryDate` (MDES) or `encryptedPayload.token.tokenExpirationYear` (SCOF). +{{% /description_details %}} + +{{% description_term %}}token[m4m][tav] {{% regex %}}[:base64:]{28}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Token Authentication Value (TAV). Also known as token cryptogram and Digital Secure Remote Payments (DSRP) cryptogram. + +Only DSRP cryptograms are supported. The value must start with `[A-P]` to be a DSRP cryptogram. + +Found in `encryptedPayload.encryptedData.de48se43Data` (MDES) or `encryptedPayload.dynamicData.dynamicDataValue` (SCOF). +{{% regex_optional %}}Required for CITs. For MITs it shall only be included on the first, tokenized transaction or if there is a change to the token.{{% /regex_optional %}} +{{% /description_details %}} + +{{% description_term %}}token[m4m][rcai] {{% regex %}}[:base64:]{1..150}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Remote Commerce Acceptor Identifier. + +Merchant identifier such as business website URL or reverse domain name (e.g. com.example.www). The identifier must be encoded as Base64. + +Found in `customOutputData.remoteCommerceAcceptorIdentifier` (SCOF). (Not available in MDES.) +{{% regex_optional %}}Optional.{{% /regex_optional %}} +{{% /description_details %}} + +{{% description_term %}}token[m4m][3dsecure][v2] {{% regex %}}dictionary{{% /regex %}}{{% /description_term %}} +{{% description_details %}}See [Authentication: [3dsecure][v2]](#authentication-3dsecure-v2). +{{% regex_optional %}}Optional{{% /regex_optional %}} +{{% /description_details %}} +{{% /description_list %}} + +#### Method: token[vts] + +The required values are found in the VTS provision token response. + +{{% description_list %}} +{{% description_term %}}token[vts][tan] {{% regex %}}[0-9]{12,19}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Token Account Number (TAN) of the token to charge. + +Found in `tokenInfo.encTokenInfo`. +{{% /description_details %}} + +{{% description_term %}}token[vts][expire_month] {{% regex %}}[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Expiry month of token to charge. + +Found in `tokenInfo.expirationDate.month`. +{{% /description_details %}} + +{{% description_term %}}token[vts][expire_year] {{% regex %}}20[0-9]{2}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Expiry year of token to charge. + +Found in `tokenInfo.expirationDate.year`. +{{% /description_details %}} + +{{% description_term %}}token[vts][eci] {{% regex %}}0[57]{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Electronic Commerce Indicator. + +Found in `cryptogramInfo.eci`. +{{% regex_optional %}}Required for CITs; otherwise optional (defaults to `07`).{{% /regex_optional %}} +{{% /description_details %}} + +{{% description_term %}}token[vts][tav] {{% regex %}}[:base64:]{28}{{% /regex %}}{{% /description_term %}} +{{% description_details %}}Token Authentication Value (TAV). Also known as token cryptogram and Token Authentication Verification Value (TAVV). + +Found in `cryptogramInfo.cryptogram`. +{{% regex_optional %}}Required for CITs; otherwise optional.{{% /regex_optional %}} +{{% /description_details %}} + +{{% description_term %}}token[vts][3dsecure][v2] {{% regex %}}dictionary{{% /regex %}}{{% /description_term %}} +{{% description_details %}}See [Authentication: [3dsecure][v2]](#authentication-3dsecure-v2). +{{% regex_optional %}}Optional{{% /regex_optional %}} +{{% /description_details %}} +{{% /description_list %}} \ No newline at end of file diff --git a/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md b/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md index 2125492..b4b59b6 100644 --- a/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md +++ b/website/content/gateway/api_reference/resources/authorizations/authorizations_methods/token.md @@ -11,6 +11,7 @@ Token frameworks supported: * `clicktopay`: Click to Pay * `token`: Visa and Mastercard +[token[m4m]](#deprecated) and [token[vts]](#deprecated) is deprecated, but still works. Requirement of some parameters depends on the initiator of the transaction; a parameter might be required for cardholder-initiated transactions (CITs) and otherwise optional. See the details for each parameter.