White Label Card Processing

Wyre offers our partners the benefit of implementing the functionality of our card processing API while maintaining their own UX/UI. This is available to partners that fulfill the specific requirements in the box below. The following is a guide on how to implement white label card processing if those requirements are met.

🚧

Requirements

PCI Compliance
If you choose this option you must demonstrate your PCI compliance to Wyre. This typically means you use a third party to handle card data securely. See our integration to Spreedly guide in the resource section for an easy solution.

User Agreement Disclosure
Your application should allow end users the ability to accept Wyre's User Agreement during the checkout process. This can function as a checkbox with a link to the agreement.

Example:
☑️I accept Wyre's User Agreement.

Create Wallet Order Reservation

After getting all set up, you'll need to create a Wallet Order Reservation ID for a wallet order. This allows you to lock in the details for the order in an immutable way from your server before taking in payment details.

The generated reservation wallet order ID may only be used once. If the order fails, the ID will become unusable. Any callbacks issued on behalf of the order will use the same order ID, so it can be useful for correlating Wyre orders to data in your own database. Reservations are good for one hour. Learn more about Wallet Order Reservations.

Create Wallet Order

Process the payment with the Card Processing API by using the Create Wallet Order endpoint.

Use the returned reservation from step #1 as the reservationId param for card processing. Note, default authorization is SMS and card2fa, to invoke 3D Secure use the body parameter 'trigger3ds' with the Create Wallet Order endpoint.

Get Order ID and Auth Codes

After you've created the order, you will receive the id of the order in the response. Also note the status and authCodesRequested parameters.

{
   "id":"WO_PQAG8JHTA2F",
   "createdAt":1595539060000,
   "owner":"account:AC_RW4FHEJPCHW",
   "status":"RUNNING_CHECKS",
   "orderType":"INTERNATIONAL",
   "sourceAmount":10.0,
   "purchaseAmount":9.31,
   "sourceCurrency":"USD",
   "destCurrency":"BTC",
   "transferId":null,
   "dest":"bitcoin:tb1q6yn0ajs733xsk25vefrhwjey4629qt9c67y6ma",
   "email":"[email protected]",
   "authCodesRequested":false,
   "paymentMethodName":"Visa ending 1111",
   "accountId":"AC_RW4FHEJPCHW"
}

Check Auth Code Requirements

While the order status = RUNNING_CHECKS and authCodesRequested is true, poll the Get Authorization endpoint to determine which auth codes are required.

🚧

Auth Codes Checks

When the wallet order status is different than RUNNING_CHECKS the Get Authorization endpoint (smsNeeded and card2faNeeded) should be ignored.
When using 3D Secure, the authorization3dsUrl will be populated, redirect the user there for authentication with their issuing bank (requires trigger3ds = true in the body of Create Order).

Example with SMS and Card 2-Factor Authentication (card2fa)

{
   "walletOrderId":"WO_9PUXWLZD888",
   "smsNeeded":true,
   "card2faNeeded":true
}

Example with 3D Secure Authentication

{
    "walletOrderId": "WO_Q9VCBECYBQ",
    "smsNeeded": false,
    "card2faNeeded": false,
    "authorization3dsUrl": "https://pay.testwyre.com/bank-authorization/WO_Q9VCBECYBQ"
}

Posting Authorization Codes

Wyre requires two authentication codes if authCodesRequested is true and you're not using 3D Secure :

  • CARD2FA - A 6 digit code that's added immediately to the end user's bank account. This code is usually displayed under Temporary Authorizations in the user's bank or credit card account online.
  • SMS - A 6 digit code sent to the user's mobile device.

You will need to confirm the codes that are requested. If the Authentication codes are not provided, the order will expire - the current expiration time is 10 minutes. When building your UI, you need to make it a real-time experience.

The GET request is only available until codes are still valid. After that, if you try to get authorization information in this endpoint we throw an error - check Card Exceptions. The current limit of attempts to specify the code is 5 times. After this, you will receive back an error and the order will expire.

You must provide the codes back in the following Submit Authorization endpoint:

{
   "type":"SMS", 
   "walletOrderId":"WO_Y74E8FXVWJ2",
   "reservation":"NHEA3UYXEXCUX4Y2HG78",
   "sms":"000000",
   "card2fa":"000000"
}

The node type must be either SMS, CARD2FA or ALL. When SMS the node sms is mandatory, when CARD2FA the node card2fa is mandatory, when ALL both sms and card2fa are mandatory.

Response:

{
  "walletOrderId":"WO_DX6B3UAVN8B",
  "success":true
}

When any code failed due to any reason (max attempts, time expiration, etc.) the order will also fail and card refunded. Failed orders cannot be resumed. These codes' needs might change at any time and based on the buyer's info.

Verify Order Authorization

Keep polling Get Wallet Order until the order's status is PROCESSING or COMPLETE.

This is a publicly accessible endpoint:

https://api.sendwyre.com/v3/orders/:orderId

You can also receive updates via Webhooks, contact our sales team at [email protected] to set up your webhook configuration.

Track Wallet Order

Once the transferId is returned it means the order was accepted and the transfer (blockchain transaction) is in progress.

To track its progress please check the transfer tracking documentation here: Track Wallet Order