API ExplorerFAQ
Search…
Get Started 🚀
Guide
#nocode and API
Quickstart
Use our API
Create new accounts
Manage accounts and IBANs
Fund an account
Make transactions
Issue cards
Control card usage
Giving access to accounts
Use our webhooks
Capital Deposit
Regulatory
Partnership with Swan
Guidelines
Requirements for France
Activate your project
Concepts
Overview
User
Account Holder
Account Membership
Account
Cards
IBAN
Payment
Account Funding
API
Overview - Why GraphQL?
Endpoints
Authentication
Errors & Rejections
Testing API
Pagination
Consent
Webhooks
Payment control
Sample implementation
PROCESS
Passcode reset
Help
FAQ
Country coverage
Contact us
Change log
Powered By GitBook
Payment control

Introduction

The Mastercard network always requires Swan to either approve or deny transactions. With the Payment control feature, you are brought into the process. Payment Control allows you to approve or deny every single card transaction.
When activated, Swan will send you the transaction details received by Mastercard and take your answer into account. We'll do our own tests (does the card and account exist? are there enough funds?), if everything is OK on our side, we'll take your answer into account. Only then do we answer Mastercard. Beware that we do our control at the same time as we send you the request, so even if you accept a payment, we can refuse it.
Time is very sensitive in this operation. A timeout from Swan will result in a declined operation for the cardholder. Therefore, you'll want to test this feature thoroughly. We provide all the materials you need to test in our sandbox, including the ability to set a default answer in case of timeout.
Transaction flow

Add a payment control endpoint

The updateCardPartnerControlmutation is used to set up and update the payment control. Here are the available settings:
  • endpoint: your endpoint (mandatory)
  • protocol: for now, it must be HttpJson
  • defaultResponse: in case of timeout, can be true or false
  • timeoutMs: to allow you more flexibility, up to 10s in the sandbox environment and 1s in the live environment.
  • secret: we'll add your secret to a "x-swan-secret" header

Transaction data sent

We add flags to specify that Swan is making the POST request :
  • An "x-swan" http header
  • An "x-swan-secret" http header with the provided secret
The payload is as follows. All fields are optional as they are subject to changes:
  • timeoutAt: epoch millis at which we'll fallback on default response
  • transactionId
  • paymentId
  • accountId
  • cardId
  • dateTime: epoch millis at which the payment occurred
  • originalAmountValue
  • originalAmountCurrency
  • amountValue
  • amountCurrency
  • merchantId
  • merchantCategoryCode
  • merchantName
  • merchantCity
  • merchantCountry
  • transactionCategory
  • authorizationType
Request
Response
1
{
2
"timeoutAt": 1646214666661,
3
"transactionId": "aucao_46cddd0be7cfbcaca72c22033da21894",
4
"paymentId": "cro_165f1fbe0f5997718ce17baa3219b569",
5
"accountId": "4ce6e0e7-ff58-4ce6-89e2-943eef1c4004",
6
"cardId": "ec7b3a68-5e06-40a0-a3d2-2ae4209fb87b",
7
"dateTime": 1646214656661,
8
"originalAmountValue": 10.00,
9
"originalAmountCurrency": "EUR",
10
"amountValue": 10.00,
11
"amountCurrency": "EUR",
12
"merchantId": "SWAN",
13
"merchantCategoryCode": "0000",
14
"merchantName": "SWAN",
15
"merchantCity": "PARIS",
16
"merchantCountry": "FRA",
17
"transactionCategory": "InStore",
18
"authorizationType": "Classic"
19
}
Copied!
1
{ "accepted":true}
Copied!

Your answer

As an answer, we expect a boolean in the accepted field. We'll take your default response into account if we don't have an answer from you after the timeout or endpoint contact error.
We suggest a default response true from a client perspective.
It could happen that both of our answers (yours and Swan's) aren't accepted by Mastercard due to QoS and delegation process
API - Previous
Webhooks
Next - API
Sample implementation
Last modified 3mo ago
Export as PDF
Copy link
Contents
Introduction
Add a payment control endpoint
Transaction data sent
Your answer