White Label Card Processing
Wyre offers our partners the benefit of implementing the functionality of our card processing API while maintaining their own UX/UI. This is available to partners that fulfill the specific requirements in the box below. The following is a guide on how to implement white label card processing if those requirements are met.
Requirements
PCI Compliance
If you choose this option you must demonstrate your PCI compliance to Wyre. This typically means you use a third party to handle card data securely. See our integration to Spreedly guide in the resource section for an easy solution.User Agreement Disclosure
Your application should allow end users the ability to accept Wyre's User Agreement during the checkout process. This can function as a checkbox with a link to the agreement.Example:
☑️I accept Wyre's User Agreement.
Create Wallet Order Reservation
After getting all set up, you'll need to create a Wallet Order Reservation ID for a wallet order. This allows you to lock in the details for the order in an immutable way from your server before taking in payment details.
The generated reservation wallet order ID may only be used once. If the order fails, the ID will become unusable. Any callbacks issued on behalf of the order will use the same order ID, so it can be useful for correlating Wyre orders to data in your own database. Reservations are good for one hour. Learn more about Wallet Order Reservations.
Create Wallet Order
Process the payment with the Card Processing API by using the Create Wallet Order endpoint.
Use the returned reservation
from step #1 as the reservationId
param for card processing. Note, default authorization is SMS and card2fa, to invoke 3D Secure use the body parameter 'trigger3ds' with the Create Wallet Order endpoint.
Get Order ID and Auth Codes
After you've created the order, you will receive the id
of the order in the response. Also note the status
and authCodesRequested
parameters.
{
"id":"WO_PQAG8JHTA2F",
"createdAt":1595539060000,
"owner":"account:AC_RW4FHEJPCHW",
"status":"RUNNING_CHECKS",
"orderType":"INTERNATIONAL",
"sourceAmount":10.0,
"purchaseAmount":9.31,
"sourceCurrency":"USD",
"destCurrency":"BTC",
"transferId":null,
"dest":"bitcoin:tb1q6yn0ajs733xsk25vefrhwjey4629qt9c67y6ma",
"email":"[email protected]",
"authCodesRequested":false,
"paymentMethodName":"Visa ending 1111",
"accountId":"AC_RW4FHEJPCHW"
}
Check Auth Code Requirements
While the order status = RUNNING_CHECKS
and authCodesRequested
is true, poll the Get Authorization endpoint to determine which auth codes are required.
Auth Codes Checks
When the wallet order status is different than
RUNNING_CHECKS
the Get Authorization endpoint (smsNeeded
andcard2faNeeded
) should be ignored.
When using 3D Secure, the authorization3dsUrl will be populated, redirect the user there for authentication with their issuing bank (requires trigger3ds = true in the body of Create Order).
Example with SMS and Card 2-Factor Authentication (card2fa)
{
"walletOrderId":"WO_9PUXWLZD888",
"smsNeeded":true,
"card2faNeeded":true
}
Example with 3D Secure Authentication
{
"walletOrderId": "WO_Q9VCBECYBQ",
"smsNeeded": false,
"card2faNeeded": false,
"authorization3dsUrl": "https://pay.testwyre.com/bank-authorization/WO_Q9VCBECYBQ"
}
Posting Authorization Codes
Wyre requires two authentication codes if authCodesRequested
is true and you're not using 3D Secure :
- CARD2FA - A 6 digit code that's added immediately to the end user's bank account. This code is usually displayed under
Temporary Authorizations
in the user's bank or credit card account online. - SMS - A 6 digit code sent to the user's mobile device.
You will need to confirm the codes that are requested. If the Authentication codes are not provided, the order will expire - the current expiration time is 10 minutes. When building your UI, you need to make it a real-time experience.
The GET request is only available until codes are still valid. After that, if you try to get authorization information in this endpoint we throw an error - check Card Exceptions. The current limit of attempts to specify the code is 5 times. After this, you will receive back an error and the order will expire.
You must provide the codes back in the following Submit Authorization endpoint:
{
"type":"SMS",
"walletOrderId":"WO_Y74E8FXVWJ2",
"reservation":"NHEA3UYXEXCUX4Y2HG78",
"sms":"000000",
"card2fa":"000000"
}
The node type
must be either SMS
, CARD2FA
or ALL
. When SMS
the node sms
is mandatory, when CARD2FA
the node card2fa
is mandatory, when ALL
both sms
and card2fa
are mandatory.
Response:
{
"walletOrderId":"WO_DX6B3UAVN8B",
"success":true
}
When any code failed due to any reason (max attempts, time expiration, etc.) the order will also fail and card refunded. Failed orders cannot be resumed. These codes' needs might change at any time and based on the buyer's info.
Verify Order Authorization
Keep polling Get Wallet Order until the order's status is PROCESSING
or COMPLETE
.
This is a publicly accessible endpoint:
https://api.sendwyre.com/v3/orders/:orderId
You can also receive updates via Webhooks, contact our sales team at [email protected] to set up your webhook configuration.
Track Wallet Order
Once the transferId
is returned it means the order was accepted and the transfer (blockchain transaction) is in progress.
To track its progress please check the transfer tracking documentation here: Track Wallet Order
Updated 26 days ago