Skip to content
Last updated

Changelog

1.7.43 - 2025-09-18

  • PPRA-288: Added transaction history to the /giftcards/balance response when sending the RETURNHIST API Option in the request.
  • PPRA-292: Added Surcharge support
  • PPRA-332: Updated the conditional statement for plaid.redirectUrl on the /ach/plaid/link_token/create endpoint
  • PPRA-333: Added a link to the Shift4 Payment API in the .Net SDK overview section.
  • PPRA-334: Added merchant.gtv.enabled, merchant.surcharge.enabled, and merchant.autoClose.enabled to the /merchants/merchant endpoint response.
  • PPRA-336: Added dcc.marginOverEcb and dcc.displayUnit to the dcc response object
  • PPRA-338: Updated the .Net SDK content
    • Added Static Class Definition section
    • Updated S4Response description
    • Changed LogVerbosity to S4LogVerbosity in S4Request.SetConfig
    • Updated S4Request.SetConfig description
    • Added S4Response.GetHttpError
    • Updated LogVerbosity description
  • PPRA-339: Added support for the Java SDK
  • PPRA-340: Added the Commerce Engine Root CA to the Commerce Engine section of the Guides.

1.7.42 - 2025-08-25

  • PPRA-331: Fixed where the /ach/verify endpoint was missing the request body

1.7.41 - 2025-08-20

  • PPRA-323: Added support for the .NET SDK

1.7.40 - 2025-08-11

  • PPRA-318: Updated mPos.type description to remove the dependency on transaction.source
  • PPRA-322: Corrected the transaction.responseCode values for the /ach/plaid/public_token/exchange endpoint response.
  • PPRA-324: Added the D2 value to hostResponse.reaseonCode
  • PPRA-326: Added transaction.originalInvoice to all /transactions/refund request bodies and removed the Linked Refund body. Linked refunds can be used with any request body by sending the optional transction.originalInvoice field.
  • PPRA-327: Added card.type as an optional field to the P2PE - TDES DUKPT - EMV, P2PE - TDES DUKPT - MSR/Manual, P2PE - ID TECH - EMV/MSR/Manual, P2PE - On-Guard SDE - EMV, and P2PE - On-Guard SDE - MSR/Manual request bodies for the following endpoints:
    • /transactions/sale
    • /transactions/refund
    • /transactions/authorization
    • /transactions/manualauthorization
    • /transactions/manualsale endpoints
  • PPRA-328: Split the /devices/promptcardread response into separate responses for encrypted cards and unencrypted cards.

1.7.39 - 2025-07-09

  • PPRA-309: Added transaction.responseCode = P to the /ach/plaid/public_token/exchange endpoint response
  • PPRA-311: Removed the /tappp, /trustly, /vippreferred, and /venmo endpoints
  • PPRA-312: Added Pax L1400 and Verifone V660p, M425, and P630 to the list of Commerce Engine supported devices.

1.7.38 - 2025-06-30

  • PPRA-306: Added Dynamic Currency Conversion (DCC) receipt printing requirements

1.7.37 - 2025-06-26

  • PPRA-304: Marked transaction.source as conditional. Required when processing on an unattended device.
  • PPRA-305: Added Miura to devices.manufacturer

1.7.36 - 2025-06-25

  • PPRA-300: Added Castles to devices.manufacturer
  • PPRA-301: Removed the conditional text from card.number, customer.firstName and customer.lastName
  • PPRA-302: Updated the description for the USECARDNAME apiOption to clarify its use

1.7.35 - 2025-06-24

  • PPRA-293: Added device.nextStep to the /devices/promptsignature, /devices/promptcardread, /devices/prompttermsandconditions, /devices/promptinput, /devices/processform, & /devices/prompttip endpoints.
  • PPRA-294: Added Commerce Engine For On Premise and Commerce Engine For Cloud request bodies to the /devices/promptinput endpoint
  • PPRA-295: Added /devices/prompttip via Commerce Engine For On Premise and Commerce Engine For Cloud
  • PPRA-296: Added i4Go and 4Res documentation links to the landing page
  • PPRA-297: Marked customer.phoneCountry conditionally required in /3dsecure/standalone if customer.phoneNumber is included
  • PPRA-298: Increased form.header.value and form.subHeader.value max length to 100 in the /devices/processform endpoint.
  • PPRA-299: Increase device.promptTermsAndConditions.header and device.promptTermsAndConditions.ackText max length to 100 in the /devices/termsandconditions endpoint.

1.7.34 - 2025-06-13

  • PPRA-283: Removed the /3dsecure/sale, /3dsecure/authorization, and /3dsecure/verifycard endpoints and the 3d secure notification web hook
  • PPRA-284: Clarified the 3D Secure process flow
  • PPRA-291: Fixed the sale and auth endpoint examples so transaction.invoice matches on request and response.
  • PPRA-290: Added error 9551,88 no fallback to the error code list.

1.7.33 - 2025-04-07

  • PPRA-282: Updated the test trigger for card.number = 4321000000011001 to return error.primaryCode = 9951

1.7.32 - 2025-04-01

  • PPRA-271: Added support for the POST /giftcards/cashback endpoint and deprecated the /giftcards/cashout endpoint
  • PPRA-275: Added support for threeDSecure.version for merchants outside the United States.
  • PPRA-276: Updated the threeDSecure.programProtocol description to indicate it is for the United States only.
  • PPRA-280: Added card.entryMode to the /dcc/ratelookup endpoint for the P2PE - TDES DUKPT - EMV and P2PE - TDES DUKPT - MSR/Manual request bodies.

1.7.31 - 2025-03-14

  • PPRA-272: Added amount.CheckTotal to the /transactions/authorization, /transactions/capture, /transactions/sale, /giftcards/activate, /giftcards/allocate, and /giftcards/reload endpoints
  • PPRA-277: Added transaction.authorizationCode to the /giftcards/reload response

1.7.30 - 2025-03-07

  • PPRA-192: Added support for the /dcc/ratelookup endpoint and added the dcc object to the /transactions/authorization and /transactions/sale endpoints
  • PPRA-229: Added dcc.enabled, dcc.secondaryLookupDisclaimer and dcc.cardTypes to the merchant object in the /merchants/merchant response.

1.7.29 - 2025-02-04

  • PPRA-228: Removed the duplicate TransactionCurrencyCode from the raw tags receipt option.
  • PPRA-252: Removed paypal.paymentMethodId from PayPal Sale
  • PPRA-262: Added a Linked Refunds request body to the /transactions/refund endpoint.
  • PPRA-264: Removed the Max Length for receipt.printValue in the /devices/print endpoint.
  • PPRA-265: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /devices/processform endpoint
  • PPRA-266: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /devices/promptcardread endpoint
  • PPRA-267: Added Commerce Engine For On Premise request body to the /devices/reset endpoint
  • PPRA-268: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /transactions/manualauthorization endpoint
  • PPRA-269: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /transactions/manualsale endpoint
  • PPRA-270: Updated 3D Secure endpoints to indicate that only the /3dsecure/sale, /3dsecure/authorization, and /3dsecure/verifycard are limited to Europe but /3dsecure/standalone and /3dsecure/completion are not.

1.7.28 - 2025-01-14

  • PPRA-260: Marked transaction.originalInvoice as required on the /ach/refund endpoint
  • PPRA-263: Set device.displayText max length to 72 on the /devices/promptsignature endpoint for the Commerce Engine For On Premise and Commerce Engine For Cloud request bodies.

1.7.27 - 2024-12-30

  • PPRA-256: Marked card.entryMode as required for the Unencrypted Card request body on the /transactions/sale and /transactions/authorization endpoints
  • PPRA-257: Set customer.region max length to 3 on the /risk/assess endpoint
  • PPRA-255: Fixed where the GTV request body on the /ach/refund endpoint was incorrectly formatted.
  • PPRA-258: Marked cardBrandToken.requestorID as required for the 3D Secure Using Card Number request body on the /transactions/sale and /transactions/authorization endpoints.

1.7.26 - 2024-12-10

  • PPRA-253: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /devices/termsandconditions endpoint. Requires Commerce Engine version 2.6.4 or higher.

1.7.25 - 2024-10-29

  • PPRA-169: Removed ach.verificationType from the /ach/sale and /ach/refund requests and all ach fields except ach.accountLastFour from the /ach/plaid/public_token/exchange response.
  • PPRA-239: Updated the customer.postalCode field to min 1 max 9.
  • PPRA-241: The merchant.mid field is defined as a string but it should be a number.
  • PPRA-245: Added paypal.paymentMethodId and paypal.paymentMethodIdUsage to the /paypal/sale endpoint.
  • PPRA-256: Removed correlationId from the /ach/plaid/public_token/exchange endpoint response.

1.7.24 - 2024-09-12

  • PPRA-216: Added support for the /devices/getstatus endpoint
  • PPRA-234: Added Bin Blocking error codes
  • PPRA-235: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /devices/print endpoint. Requires Commerce Engine version 2.6.2 or higher.
  • PPRA-237: Added a note to all GET and DELETE endpoints indicating that an empty body may result in an error.

1.7.23 - 2024-07-30

  • PPRA-225: Add support for Account Name Inquiry (ANI) on the /cards/verify request.

1.7.22 - 2024-07-19

  • PPRA-167: Added merchant.supportedCurrencies to the GET /merchants/merchant endpoint response.
  • PPRA-196: Updated transaction.avs.result to include values 1-8.
  • PPRA-200: Added a note to the /tokens/4words endpoint clarifying that it is for Legacy TrueToken style tokens only.
  • PPRA-202: Updated all endpoints to clarify which integration methods are supported.
  • PPRA-211: Added support for amount.taxIndicator
  • PPRA-213: Updated the Commerce Engine section to indicate the A35, A77, and A3700 devices are supported.
  • PPRA-219: Added Account Update Status Triggers to the Test Server Trigger Values section.
  • PPRA-222: Updated the description for statementSuffix to clarify that card issuers may cut off the end of the suffix if its too long.
  • PPRA-223: Added a note to the transaction.hostResponse field indicating it is processor dependent and not returned in the demo environment.

1.7.21 - 2024-05-28

  • PPRA-187: Set risk.sessionId max length to 32.
  • PPRA-195: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /devices/promptsignature endpoint.
  • PPRA-197: Updated the card.bin field to max length 8 in the /cards/identify response.
  • PPRA-198: Fixed all references of True Token to be TrueToken
  • PPRA-199: Renamed the Commerce Engine Controlled Device request body to Commerce Engine For On Premise
  • PPRA-201: Added Commerce Engine For On Premise & Commerce Engine For Cloud request bodies to the /tokens/add endpoint.

1.7.20 - 2024-05-14

  • PPRA-189: Updated Commerce Engine supported devices to include A930 and coming soon to include A77.
  • PPRA-190: Added deployment model diagrams to the Commerce Engine section.
  • PPRA-191: Moved the Device Functionality section above the Endpoints section.

1.7.19 - 2024-04-26

  • PPRA-175: Added travel fields to the paypal/sale endpoint
  • PPRA-176: Added support for the paypal/initiate endpoint
  • PPRA-177: Added timeout test trigger values to the Test Server Trigger Values
  • PPRA-178: Removed the payPal object from the paypal/refund request
  • PPRA-180: Added a PayPal merchant flow diagram
  • PPRA-182: Added the TransactionCurrencyCode, SignatureRequired, and TerminalID keys to the raw receipt table
  • PPRA-183: Removed transaction.responseCode from paypal/initiate

1.7.18 - 2024-04-02

  • PPRA-148: Added support for the /updater/request endpoint
  • PPRA-149: Added support for the /updater/status endpoint
  • PPRA-171: Updated emv.fallback to be on the MSR/Manual request bodies instead of the EMV request bodies and added it to the response body
  • PPRA-172: Added card.type to the P2PE - On-Guard SDE - MSR/Manual and P2PE - TDES DUKPT - MSR/Manual request bodies for the /transactions/sale, /transactions/authorization, and /transactions/refund endpoints
  • PPRA-174: Removed Venmo, Trustly, TAPPP, and VIP Preferred

1.7.17 - 2024-03-27

  • PPRA-110: Added card ranges to the /merchants/merchant endpoint response if the RETURNPROCESSORS API Option is sent
  • PPRA-113: Added support for the Commerce Engine For Cloud request body type
  • PPRA-158: Added support for the Commerce Engine request body type
  • PPRA-160: cardOnFile.recurringExpiry and cardOnFile.recurringFrequency have a typo in the description where its should be it's
  • PPRA-162: hostResponse.reasonCode has a typo in the description for value 77
  • PPRA-163: The P2PE - TDES DUKPT - MSR/Manual request body example on the /tokens/add endpoint had incorrect values in the p2pe object
  • PPRA-166: Update the 3D Secure Smart Adviser test triggers to the latest card numbers
  • PPRA-170: Removed transaction.auto from the /transactions/sale endpoint.

1.7.16 - 2024-02-01

  • PPRA-152: Added accountType root level field for Interac contact EMV
  • PPRA-154: Added support for the Manual Card Entry - AES request body on the /tokens/add endpoints
  • PPRA-155: Added the AccessToken securityScheme to all endpoints except for /credentials/accesstoken
  • PPRA-156: Fixed examples on the following endpoints to ensure they match the request/response body format.
    • 3D Secure Notification
    • /vippreferred/enrollment
    • /vippreferred/disbursement
    • /vippreferred/checksale
    • /vippreferred/addbanking
    • /vippreferred/accountinquiry
    • /oct/updaterecipient
  • PPRA-157: Marked the 3059910000007215 and 30103869233631 test card numbers as Discover - Diners Club International
  • PPRA-150: Fixed a typo in ACH mandate section where it said mandage instead of mandate
  • PPRA-153: Updated array size of device.lineItems in the /devices/lineitems endpoint to allow a maximum of 10 items.

1.7.15 - 2023-12-15

  • PPRA-144: Added support for Ingenico On-Guard SDE P2PE

1.7.14 - 2023-12-06

  • PPRA-117: 3DS Standalone Fixes:
    • Removed the value 2 “Bypass 3D Secure authentication” from threeDSecure.initiate field.
    • Added a note to the customer and shipping elements indicating they are recommended to increase the possibility of frictionless flow”.
    • Added threeDSecure.securityLevelIndicator to the response on the /3dsecure endpoints
  • PPRA-118: Add the EMV body to the /tokens/add endpoint
  • PPRA-119: Fixed the /devices/print request body as it was not correctly showing how to send the data to be printed.
  • PPRA-122: Added a separate Legacy TrueToken request body for all endpoints with that have a token body
  • PPRA-123: Added clarification to Two Pass Verification that an issuer can decline the transaction due to invalid CSC rather than returning an approval with an invalid CSC indicator.
  • PPRA-124: 3D Secure enhancements:
    • Added the Token request body to the /3dsecure/authorization and /3dsecure/sale endpoints.
    • Marked the following items as requred for /transasctions/authorization and /transactions/sale using 3D Secure data
      • threeDSecure.cryptogram
      • threeDSecure.ecommIndicator
      • threeDSecure.securityLevelIndicator
      • threeDSecure.programProtocol
      • threeDSecure.directoryServerTranId
    • Added threeDSecure.programProtocol to the /3dsecure/standalone completion response body
    • Removed 3DS 1.0 from threeDSecure.programProtocol.
    • Removed the Apple Pay/Google Pay information from the /transasctions/authorization and /transactions/sale 3D Secure data request bodies.
  • PPRA-125: Removed transaction.saleFlag from the /3dsecure/standalone response sample.
  • PPRA-126: Added the F (Funded) value to the 3D Secure sale and refund status update notification webhooks.
  • PPRA-127: Added card.securityCode.value and card.securityCode.indicator to the /3dsecure/standalone request body.
  • PPRA-130: Marked batch.inclusive as required in the /batches/submit endpoint
  • PPRA-132: Updated the description for the amount object to remove the quotes around the example values.
  • PPRA-134: Added content describing the GTV format.
  • PPRA-135: Fixed where the Printing Receipts section was showing Transaction Time as EMV tag 9C when it should be 9F21.
  • PPRA-136: Added merchant.mid and merchant.name to the response for the following endpoints:
    • /transactions/*
    • /giftcards/*
    • /tokens/*
    • /cards/*
    • /reports/batchtotals
    • /batches/submit
    • /qrpayments/*
    • /risk/assess
    • /3dsecure/*
    • /trustly/*
    • /tappp/*
    • /paypal/*
    • /venmo/*
    • /vippreferred/*
    • /oct/*
    • /ach/*
  • PPRA-137: Marked threeDSecure.authenticationSource as required in the /transactions/authorization and /transactions/sale endpoints 3D Secure request bodies
  • PPRA-138: Updated the Test Server Trigger Values OCT chart
  • PPRA-139: Return merchant.defaultCurrency in the /merchants/merchant response.
  • PPRA-140: Added a note to the /merchants/merchant merchant.dayEndingTime response field indicating that its only application to US merchants.
  • PPRA-142: Added statementSuffix to the following endpoints:
    • /transactions/authorization
    • /transactions/capture
    • /transactions/sale
    • /transactions/refund
    • /transactions/manualauthorization
    • /transactions/manualsale

1.7.13 - 2023-09-08

  • PPRA-114: Renamed the API from 'Shift4 Platform API' to 'Shift4 Payment API'
  • PPRA-115: Clarified that SaleFlag is deprecated as a request field but still returned as transaction.saleFlag in the GET /transactions/invoice response to indicate the state of the transaction.
  • PPRA-116: Added a note to the device.promptPostalCode, device.promptCardSecurityCode, and device.promptStreetNumber fields to only send them when overriding the UTG MCE settings

1.7.12 - 2023-08-30

  • PPRA-54: Added ACH support
  • PPRA-90: Updated hostResponse.reasonCode to indicated AVS failures will return 77 and CVV failures will return N7.
  • PPRA-93: Added OCT Test Cards under the Test Card Numbers section of the Appendices.
  • PPRA-94: Fixed a typo in the POSHANDLEAVSFAIL API Option section where it was referencing transaction.responseCode
  • PPRA-95: Added error 9083,1 to the error list
  • PPRA-97: Added transaction.deferredAuth to the /transactions/sale, /transaction/authorization and /transactions/refund endpoints
  • PPRA-98: Added a note to the URLs section advising existing integrations may be using an older URL.
  • PPRA-99: Removed correlationId from the API documentation.
  • PPRA-100: Updated references to 'Shift4 Payments' to be 'Shift4'
  • PPRA-103: Updated char limit for transaction.retrievalReference on the OCT Payout response.
  • PPRA-105: Updated customer.postalCode to clarify that it is alphanumeric only and no special characters are allowed.
  • PPRA-106: Added merchant.mid to the DELETE /transactions/invoice response.
  • PPRA-108: Added Token as an optional request header parameter for the GET and DELETE /transactions/invoice endpoint.
  • PPRA-109: Added clarity to the P2PE Format section for handling EMV tags.
  • PPRA-111: Added a note to card.present with examples of subsequent transactions
  • PPRA-112: Updated transaction.source to specify value 3 should be sent for card present transactions that are manually entered on a payment device.

1.7.11 - 2023-06-12

  • PPRA-79 Marked transaction.source as required
  • PPRA-80 Marked the mPos object as conditionally required if transaction.source = 8 (mPos)
  • PPRA-84 Added mapping for FRC 22 to the FRC Mapping Table
  • PPRA-85 Fixed the dateTime example value in the /credentials/accesstoken to use the proper format.
  • PPRA-86 Added the /tokens/delete endpoint
  • PPRA-87 Fixed the /tokens/duplicate example to use a TrueToken instead of a GTV style token

1.7.10 - 2023-05-09

  • PPRA-50: Added mPOS.type to the /transactions/authorization and /transactions/sale endpoints.
  • PPRA-52: Updated the transaction.responseCode list in /cards/verify to remove invalid values
  • PPRA-67: Added correlationId to OCT and OCT trigger values
  • PPRA-70: Added error 9961,9 to the error codes
  • PPRA-73: Updated the offline processing section to indicate that UTG offline mode is now enabled by default.
  • PPRA-74: Added transaction.purchaseCard.customerReference to the /cards/verify endpoint
  • PPRA-75: Made card.entryMode and card.present optional in the /oct/payout token request body.
  • PPRA-76: Fixed where the links in the Quick Chip EMV section were not properly linking to the Swipe Ahead section.
  • PPRA-68: Fixed the test server trigger value header to be card.securityCode.result instead of card.securityCode.valid.
  • PPRA-69: Fixed where the transaction.responseCode enums had 'T' listed instead of 'X'
  • PPRA-71: Fixed the incorrect text in the /trustly/statusinquiry description.
  • PPRA-72: Removed card.securityCode from the risk/assess example.

1.7.9 - 2023-04-26

  • PPRA-63: Added the risk object to the /transactions/sale and /transactions/authorization endpoint 200 response.
  • PPRA-64: Fixed a typo in the correlationId description
  • PPRA-65: Updated the endpoint URLs for all endpoints
  • PPRA-66: Removed amount.surcharge from all endpoints

1.7.8 - 2023-04-05

  • PPRA-55: Fixed the server URLs for the OCT, PayPal, TAPPP, Trustly, Venmo, and VIP Preferred endpoints
  • PPRA-56: Updated the VIP Preferred endpoints to use ach.accountNumber and ach.routingNumber instead of ach.bankAccountNumber and ach.bankRoutingNumber.
  • PPRA-57: Added transaction.purchaseCard.customerReference to the /risk/assess endpoint.
  • PPRA-58: Added support for correlationID
  • PPRA-61: Updated the threeDSecure.cryptogram, threeDSecure.ecommIndicator, and threeDSecure.xid field definitions for Google Pay to remove the reference to paymentMethodData.tokenizationData.token

1.7.7 - 2023-02-02

  • PPRA-43: Added support for OTC Payout and Update Recipient
  • PPRA-53: Add the 'N' value to the riskRules.result for the /risk/rulestatus endpoint

1.7.6 - 2023-01-19

  • PPRA-46: Updated the description for riskRules.result in the /risk/rulestatus endpoint to clarify that it is the success or failure of the status call.
  • PPRA-47: Updated riskRules.status description to clarify that the 'A' value cannot be used when riskRules.parameter is card or token.
  • PPRA-48: Changed riskRule.parameter values from cardNumber to card and emailAddress to email.
  • PPRA-49: Updated riskRules.result to return 'E' when an error occurs.
  • PPRA-51: Updated the Test Server Trigger Values to use the new trigger amounts for approval, decline, referral and demo host error

1.7.5 - 2023-01-10

  • PPRA-8: Added support for the /3dsecure/standalone endpoint
  • PPRA-18: Updated the description for transaction.source to clarify that type 6 is Unattended Cardholder Activated Terminal
  • PPRA-20: Resolved an issue where The Understanding AVS and CSC Verification section was duplicated.
  • PPRA-21: Updated the description for transaction.responseCode 'S' and 'I' to clarify the use cases.
  • PPRA-23: Added a note to the AVS test triggers section indicating that if a value is sent in the customer.addressLine1 or customer.postalCode field and it does not match one of the triggers it will return transaction.avs.result = 'N'
  • PPRA-24: Updated the documentation so that references to API fields are displayed as code
  • PPRA-25: The /trustly/deposit initial deposit response body was missing the trusty.redirectReason field
  • PPRA-27: Removed card.type from the P2PE via IDTech Device, P2PE - TDES DUKPT - EMV, and P2PE - TDES DUKPT - MSR/Manual request bodies on the /transactions/sale, /transactions/authorization, /transactions/refund, /transactions/manualsale, and /transactions/manualauthorization endpoints
  • PPRA-28: Added card.token.value to the /risk/assess response.
  • PPRA-29: Added customer.shipping to the 3dsecure/sale, 3dsecure/authorization, 3dsecure/standalone, and 3dsecure/verifycard endpoints.
  • PPRA-30: Fixed the spelling of 'canceled' to be 'cancelled' to keep the documentation consistent.
  • PPRA-31: Added value 6 to the threeDSecure.eCommIndicator field.
  • PPRA-32: Added currencyCode to the /tranasctions/capture request.
  • PPRA-33: Marked postalCode as optional for all 3dsecure endpoints.
  • PPRA-34: Created separate request bodies for Card Number and Token in the 3dsecure/sale, 3dsecure/authorization, 3dsecure/verifycard, and 3dsecure/standalone endpoints
  • PPRA-35: Fixed the casing on the test and production URLs for the /venmo/customer endpoint.
  • PPRA-36: Added support for the reportingData object in the /transactions/authorization, /transactions/sale, /transactions/refund, /transactions/manualauthorization, /transactions/manualsale, /transactions/capture, /3dsecure/authorization, and /3dsecure/sale endpoints.
  • PPRA-37: Added clarification to the Access Token Exchange section of the Development Quick Start Guide indicating that the Access Token should be stored securely.
  • PPRA-38: Added support for the /risk/rulestatus and risk/ruleupdate endpoints
  • PPRA-39: Added support for returning emv.tlvData in the /transactions/authorization, /transactions/sale, and /transactions/refund responses
  • PPRA-40: Added transaction.source to the /3dsecure/authorization, /3dsecure/sale, and /3dsecure/verifycard endpoints
  • PPRA-41: Removed transaction.hotel, transaction.auto, transaction.airline, and transaction.amex from all 3dsecure endpoints.
  • PPRA-42: Removed receiptColumns from all 3dsecure endpoints.
  • PPRA-44: Removed transaction.businessDate from all 3dsecure endpoints.
  • PPRA-45: Added the /risk/ruleupdate and /riks/rulestatus endpoints.

1.7.4 - 2022-09-26

  • PPRA-12: cardOnFile.type should only contain the 'U08' option on the /transactions/capture endpoint
  • PPRA-13: cardOnFile.type should only contain the storage options on the /3dsecure/verifycard endpoint
  • PPRA-14: Update cardOnFile.transactionId description to not store the new transationId received in subsequent transaction responses
  • PPRA-15: Break out the Wallet/3DSecure using Card Number body into separate bodies for 3D Secure, Apple Pay and Google Pay.
  • PPRA-16: Add the date format to the transaction.businessDate field
  • PPRA-17: Update the transaction.airline.tickets.passengerName description to clarify that there are no dashes in the name

1.7.3 - 2022-09-12

  • PPRA-9: Updated the IIAS amounts to separate the Amount Type 4V 'Vision/Optical' and not include it under the type 4S 'Healthcare' total healthcare amount.
  • PPRA-10: Added support for SCA contactless EMV requiring card insertion

1.7.2 - 2022-08-18

  • PPRA-2: Added ReversalReason to the header parameters in the DELETE /transactions/invoice endpoint
  • PPRA-3: Added transaction.source to the /transactions/authorization, /transactions/sale, /transactions/refund and /transactions/capture endpoint
  • PPRA-4: Simplified the Card On File API by deprecating many of the fields and replacing them with a cardOnFile.type field
  • PPRA-5: Updated the amount.total description to clarify that the amount can not be zero.
  • PPRA-6: Added support for contactless EMV SCA Online PIN required scenario by returning transaction.responseCode = S.
  • PPRA-7: Added the [Converting Legacy Interfaces]'#tag/Converting-From-Legacy-Interfaces' section to assist vendors who are upgrading from a legacy TCP or HTTP interface.

1.7.1

  • Added support for the vippreferred/accountinquiry endpoint.
  • Added support for the vippreferred/addbanking endpoint.
  • Added support for the vippreferred/enrollment endpoint.
  • Added support for the vippreferred/checksale endpoint.
  • Added support for the vippreferred/disbursement endpoint.
  • Added the 3D Secure Smart Adviser Test Triggers section.

1.7.0

  • Added support for card not present payment processing in Europe.
  • Added support for the 3D Secure Smart Adviser endpoints /3dsecure/sale, /3dsecure/authorization, /3dsecure/completion, /3dsecure/verifycard and 3D Secure Notification.
  • Added currencyCode to the /transactions/sale, /transactions/authorization, /transactions/refund, /transactions/manualauth, and /transactions/manualsale endpoints.
  • Added 'Y', '1', '2', and '3' to the card.securityCode.result response field.
  • Added recurringExpiry and recurringFrequency to the transaction.cardOnFile object.
  • Added transaction.authType to the /transactions/authorization endpoint.
  • Added an incremental auth request body to the /transactions/authorization endpoint.
  • Added customer.phoneCountry to the /trustly/capture and /trustly/deposit initial request bodies.
  • Added error.code and error.severity to the error response body.
  • Updated the credentials.accessToken field length to 52 characters.
  • Removed card.securityCode from the risk/assess request.
  • Removed the max length value form the emv.tlvData field.
  • Removed token.serialNumber from the giftcard/cancel endpoint.
  • Updated customer.region description to clarify that its using the ISO-3166-2 standard.
  • Added a Card On File use case table.
  • Added a Currency Codes table.

1.6.15

  • Added support for the /paypal/sale endpoint.
  • Added support for the /paypal/refund endpoint.
  • Added support for the /venmo/sale endpoint.
  • Added support for the /venmo/refund endpoint.
  • Added support for the /venmo/customer endpoint.
  • Fixed transaction.hostResponse.reasonCode where it had the value 51 listed twice.
  • Updated transaction.expirationDate to clarify that its 3-4 characters.
  • Clarified that the productDescriptors array is limited to 4 elements and that each element can contain a maximum of 40 characters.
  • Added trustly.redirectReason to the /trustly/capture and /trustly/deposit responses.
  • Marked transaction.airline.travelAgencyCode and transaction.airline.travelAgencyName as conditional fields.

1.6.14

  • Modified the trustly notification to be a webhook rather than an endpoint.

1.6.13

  • Added ticketFare to the transaction.airline.ticket array.

1.6.12

  • Fixed the 504 timeout error response example where the primaryCode was showing 995 instead of 9951.

1.6.11

  • Added customer.emailAddress and customer.ipAddress to the /transactions/sale and /transactions/authorization endpoints.

1.6.10

  • Added clarifications to the transaction.cardOnFile.usageIndicator and transaction.cardOnFile.transactionId descriptions.

1.6.9

  • Clarified the format for transaction.airline.ticket.passengerName

1.6.8

  • Added the /tokens/duplicate endpoint back to the doc with a note that it is for legacy style tokens only.
  • Fixed the example in the Trustly notification where trustly.account.profile was showing as a string instead of an integer.
  • Marked the /batches/submit and /reports/batchtotals endpoints as being supported only through the hosted REST servers.

1.6.7

  • Added support for the airlines industry.
  • Fixed the production URL for the /risk/assess endpoint.
  • Fixed the GET /merchants/merchant example where the voiceCenter.accountNumber was showing as an integer instead of a string.

1.6.6

  • Renamed transaction.id to transaction.s4RiskId and risk.id to risk.tranId.
  • Added clarification to transaction.responseCode values 'D' and 'f' regarding the POSHANDLEAVSFAIL API Option.
  • Added clarification to the POSHANDLEAVSFAIL API Option that one pass AVS/CVV failures will result in transaction.responseCode 'f'.
  • Renamed the Partial Authorization section to Partial Approval.

1.6.5

  • Updated the /giftcards/activate, /giftcards/deactivate, /giftcards/cashout, /giftcards/, /giftcards/reactivate, /giftcards/reload, and /giftcards/balance endpoints to have unique request body schemas based on the request type.
  • Updated the /tokens/add endpoint to have unique request body schemas based on the request type.
  • Updated the /cards/verify and /cards/identify endpoints to have unique request body schemas based on the request type.

1.6.4

  • Fixed a typo in the shoppingCart array where the field quantity was misspelled.

1.6.3

  • Updated all fields that were the type was set as currency to be set as number
  • Fixed examples where SourceIp was incorrectly listed as SourceIP.

1.6.2

  • Added support for the /risk/assess endpoint
  • Added transaction.id, risk.id and risk.assessment to the /transactions/sale and /transactions/authorization endpoints. These values must be sent if the /risk/assess call was made prior to the transaction.
  • Added the 'A' value to transaction.authSource
  • Added transaction.authSource, transaction.responseCode, and transaction.hostResponse to the /trustly/capture, /trustly/deposit, /trustly/refund, and /trustly/cancel endpoints
  • Added the /trustly/statusinquiry endpoint
  • Added transaction.authSource, and transaction.responseCode to the /tappp/cancel, /tappp/capture, /tappp/decryptpayload, /tappp/initiatepayment, and /tappp/tokenstatus endpoints.

1.6.1

  • Added the lighthouse object back to the /transactions/sale endpoint with clarification that it is for Skytab transactions only.

1.6.0

  • Added support for the /tappp/initiatepayment endpoint
  • Added support for the /tappp/decryptpayload endpoint
  • Added support for the /tappp/tokenstatus endpoint
  • Added support for the /tappp/capture endpoint
  • Added support for the /tappp/cancel endpoint
  • Added transaction.saleFlag to the GET /transactions/invoice response

1.5.8

  • Updated the transaction flow diagram to show the 9551,4 error will come back as a 200 response not a 400 response.
  • Added transaction.retrievalReference to the /transactions/authorization, /transactions/capture, /transactions/sale, and /transactions/refund responses.
  • Added card.token to the /cards/verify response.
  • Added transaction.cardOnFile to the /cards/verify request and response.
  • Added transaction.cardOnFile to the /transactions/authorization response.

1.5.7

  • Added the 'X' value to the transaction.responseCode field.

1.5.6

  • Fixed the device.promptInput.index description so that the values are in a properly formatted table.

1.5.5

  • Added a link to the P2PE format section when referencing P2PE format 05 in the various transaction endpoints.
  • Added additional values to the hostResponse.reasonCode field to cover additional card brands.

1.5.4

  • Added the [Development Quick Start]'#section/Development-Quick-Start' section.

1.5.3

  • Added merchant.mid to the merchants/merchant response
  • Added transaction.vendorReference to the trustly notification request.

1.5.2

  • Broke down the /trustly/capture and /trustly/deposit process flow into eparate diagrams for initial and subsequent requests.
  • Added process flow diagrams to the /trustly/cancel and /trustly/refund requests
  • Fixed a typo in the Trustly refund response example where the tag was listed as originalnvoice instead of originalInvoice

1.5.1

  • Added trustly.transactionId to the /trustly/cancel and /trustly/refund requests
  • Removed amount from /trustly/cancel request
  • Added the Restaurant Authorization and Settlement Flow section to Basic Concepts

1.5.0

  • Added support for the /trustly/capture endpoint
  • Added support for the /trustly/deposit endpoint
  • Added support for the /trustly/refund endpoint
  • Added support for the /trustly/cancel endpoint
  • Added support for the Trustly notification request

1.4.5

  • Updated the /transactions/manualauthorization and /transactions/manualsale endpoints to have unique request body schemas based on the request type.

1.4.4

  • Updated the /transactions/refund endpoint to have unique request body schemas based on the request type.

1.4.3

  • Updated the /mode/offline and /mode/online endpoints to include AccessToken in the header.

1.4.2

  • Updated the /transactions/sale endpoint to have unique request body schemas based on the request type.
  • Fixed the cardOnFile.usageIndicator where the enums were specified as "Initial" and "Subsequent" instead of "01" and "02"
  • Fixed the cardOnFile.scheduledIndicator where the enums were specified as "Scheduled" and "Unscheduled" instead of "01" and "02"
  • Added transaction.businessDate to the /transactions/refund endpoint

1.4.1

  • Added a Wallet/3D Secure Using Card Number request body to the /transactions/authorization endpoint.
  • Fixed the receiptColumns length to 2 characters.

1.4.0

  • Updated the /transactions/authorization endpoint to have unique request body schemas based on the request type.
  • Updated the [Understanding Card Tokens]'#tag/Understanding-Card-Tokens' section to utilize Global Token Vault tokenization. Moved the legacy tokenization methodology to the [Legacy Card Tokens]'#tag/Legacy-Card-Tokens'
  • Removed Universal Token from the /giftcard endpoint responses.
  • Updated the text in the Two Pass Verification section to clarify that the gateway will automatically void a Two Pass Verification failure.

1.3.0

  • Added the /giftcards/allocate endpoint.

1.2.5

  • Added clarification to the /transactions/capture endpoint to indicate that the card object is required.

1.2.4

  • Added clarification to card.entryMode that the field is not needed when P2PE data is being sent from a non-UTG controlled device.

1.2.3

  • Added hostResponse object to transaction object in 200 authorization response.
  • Added a note to the transaction.invoice description to clarify that it is a numeric only field even though it is sent as a JSON String.

1.2.2

  • Added device.serialNumber for non-utg controlled devices.
  • Added device.manufacturer and device.model to the /refund endpoint

1.2.1

  • Updated the /devices/info responses to reflect the different data that is returned based on device type.

1.2.0

  • Added the /mode endpoint used to put UTG into offline mode via an API call.
  • Added expiration date to the "Using token" examples for various endpoints.
  • Clarified the dateTime field to be in the merchant's time.
  • Fixed the /giftcards/cancel endpoint to include token data.

1.1.8

  • Fixed the Max Length for VendorReference to 50 - was previously 60.

1.1.7

  • Added card.present to the /cards/verify endpoint

1.1.6

  • Added response values to the threeDSecure.cavvResult field
  • Clarified the description for BusinessDate on the reports/batchtotals and batches/submit endpoints.

1.1.5

  • Added ReceiptColumns to the /transactions/invoice GET and DELETE endpoints

1.1.4

  • Added additional threeDSecure fields.
  • Updated max length for previously configured threeDSecure properties.

1.1.3

  • Added qrCode.qrPayIndicator to the /transactions/authorization and /transactions/sale endpoint request.

1.1.2

  • Added the lighthouse object to the 400 and 504 responses.

1.1.1

  • Added the extendedCardData field to the /transactions/authorization and /transactions/sale endpoints. Used when processing 3D Secure, Apple Pay and Google Pay transactions via i4Go.

1.1.0

  • Added endpoints for /qrpayments/getqrcode, /qrpayments/getqrpaymentstatus, /qrpayments/getqrdetails, /qrpayments/cancelqrpayment
  • Added Apple Pay/3D Secure support to the /transactions/authorization and /transactions/sale endpoints. This feature is still in certification and is subject to change.

1.0.28

  • Added content to the notes Field definition stating, "Escaped quotation marks should not be sent in the Notes field."
  • Added the following note to the Endpoints definition under the Introduction. Note: The Shift4 REST API responses will filter out values that are empty strings, false 'Boolean', or zeros 'numeric'. For example, if a zero is sent in a numeric field such as tax, the API will not return that field in the response.
  • Added the amount.tax field to the /transactions/refund endpoint.
  • Added the transaction.purchaseCard object to the /transactions/refund endpoint.

1.0.27

  • Added Federal law requirement to truncate credit card information on receipts. This was added under Printing Receipts, EMV Receipts, and under the API Option RETURNEXPDATE.

1.0.26

  • Updated the transaction.manualTranid definition and updated its application to just Manual Authorization, and Manual Sale.

1.0.25

  • Added transaction.manualTranid and transaction.vendorReference, to Authorization, Capture, SalePurchase, Refund, Manual Authorization, and Manual Sale.

1.0.24

  • Corrected two typos. One in How Global TokenStore Works 'for the purpose of this example' and the other in Formatted Receipts 'receipts'.

1.0.23

  • Added Acceptable Test Card Trigger Numbers table, Required EMV Authorization Request Tags table, Required Contactless EMV Authorization Request Tags table, and Financially Sensitive EMV Tags table.
  • Added card types CI 'Citgo' and BC 'Backed Card'.
  • Added PRINTTIPLINE to the API Options.

1.0.22

  • Added lighthouse.data to the 200 response for the /transactions/sale endpoint

1.0.21

  • Added customer.firstName and customer.lastName to the 200 response for the following endpoints: /transactions/authorization, /transactions/capture, /transactions/sale, /transactions/invoice, /transactions/manualauthorization, and /transactions/manualsale

1.0.20

  • Fixed promptSecurityCode to reflect the correct field name - promptCardSecurityCode.
  • Fixed overrideBusDate to reflect the correct field name - transaction.businessDate.

1.0.19

  • Added header for Device Manufacture Only API Options.
  • Added CONTACTLESSEMVCAPABLE API Option with definition

1.0.18

  • Changed the AccessToken in the example to a working value so that it can just be copied/pasted for quick testing.

  • Changed the authToken and clientGuid in the credentials/accesstoken request to a working value so that it can just be copied/pasted for quick testing.

1.0.17

  • Added receiptColumns

1.0.16

  • Added API Option header parameter to GET transactions/invoice

1.0.15

  • Added IGNOREEXPIRY Api Option
  • Added the lighthouse object
  • Added Card On File Transaction content to Advanced Concepts

1.0.14

  • Added cardOnFile object
  • Added universal token object and GET /tokens/universaltoken endpoint
  • Corrected endpoint for POST /devices/termsandconditions

1.0.13

  • Corrected endpoint for DELETE /tokens
  • Updated response format and sample for POST /tokens/add
  • Updated response format for POST /cards/identify
  • Updated sample responses for several gift card endpoints

1.0.12

  • Updated device object
  • Updated /cards/identify response format

1.0.11

  • Updated parameters for formatted receipt
  • Reformatted Test Server Trigger Values section

1.0.10

  • Updated use cases
  • Added trigger for decline on a refund
  • Updated Citcon section

1.0.9

  • Updated void use case
  • Updated upload signature request format

1.0.8

  • Updated responseCode information

1.0.7

  • Updated card.type information

1.0.6

  • Updated void response format
  • Updated capture request format
  • Added transaction.amex object
  • Added transaction.saleFlag

1.0.5

  • Updated information on UTG and offline behavior
  • Corrected parameters on some devices endpoints

1.0.4

  • Updated Printing Receipts section
  • Rebranded DotN to LTM and Shift4's Gateway
  • Expanded information about closing batches
  • Added device.manufacturer and device.model

1.0.3

  • Updated device.capability object
  • Added formattedReceipt object and header

1.0.2

  • Added emv fields for fallback scenarios
  • Updated descriptions for customer and device.capability objects
  • Updated sample requests and responses

1.0.1

  • Added the following endpoints: /devices/promptinput, /giftcards/cancel
  • Added partial approval responseCode to the Transaction Flow Diagram
  • Updated the "conditional" statements about several fields

1.0.0

  • Removed Sandbox URLs
  • Added the following endpoints: /devices/prompttermsandconditions, /devices/initializereaders, /devices/promptcardread, /devices/processform

0.7.28 Beta

  • Added the following endpoints: /devices/promptconfirmation, /devices/lineitems, /devices/info, /devices/reset
  • Added apiOption POSHANDLEAVSFAIL
  • Added information regarding contactless EMV

0.7.27 Beta

  • Updated description of debit-related fields
  • Removed the /cards/block, /cards/blockstatus, /cards/unblock endpoints

0.7.26 Beta

  • Added a test card for Discover's new BIN range
  • Updated the request formats for some of the /cards, /devices, and /tokens endpoints

0.7.25 Beta

  • Added the following endpoints: /cards/verify, /cards/identify, /cards/block, /cards/unblock, /cards/blockstatus, /devices/print, /devices/promptsignature, /tokens/4words

0.7.24 Beta

  • Re-added the /tokens/delete endpoint
  • Added endpoints for /reports/batchtotals and /batches/submit
  • Added information about responseCode 'P' 'partial approval'
  • Updated the P2PE data samples

0.7.23 Beta

  • Changed customer.streetAddress to customer.addressLine1

0.7.22 Beta

  • Updated samples for Using EMV with P2PE
  • Updated Transaction Flow Diagram
  • Added overrideBusDate parameter

0.7.21 Beta

  • Added URL example for locally installed UTG

0.7.20 Beta

  • Added device.capability object

0.7.19 Beta

  • Updated EMV & P2PE information
  • Corrected the response format

0.7.18 Beta

  • Removed display of meaningless extra names for fields and objects 'ex: CustomerObject'
  • Added Gift Cards endpoints, Manual Sale and Manual Authorization

0.7.17 Beta

  • Added image for Transaction Flow Diagram

0.7.16 Beta

  • Added multiple versions of request bodies for several endpoints
  • Re-ordered request and response fields for greater consistency
  • Added example value for signature.data and emv.tlvdata
  • Fixed missing descriptions on some fields in error result schemas

0.7.15 Beta

  • Updated several design consideration sections to reflect API flow changes

0.7.14 Beta

  • Updated the response format for several endpoints
  • Removed references to a few deprecated API Options and fields

0.7.13 Beta

  • Split "Design Considerations" into multiple groups and relocated them to be after "Endpoints"
  • Updated references to old field names
  • Fixed unintentional linebreaks on several "Warning" messages

0.7.12 Beta

  • Updated sample error responses to be more accurate for each endpoint

0.7.11 Beta

  • Added clerk to sample response for multiple endpoints
  • Added 504 response type
  • Added information about special characters on some header parameters
  • Converted several lists to tables 'for enum's'

0.7.10 Beta

  • Updated name for /transactions/authorization endpoint
  • Added header fields for /credentials/accesstoken endpoint

0.7.9 Beta

  • Removed metatoken object and RETURNMETATOKEN APIOption

0.7.8 Beta

  • Added result parent object in responses
  • Removed /tokens/delete endpoint

0.7.7 Beta

  • Added the Hotel and Auto Rental blocks to the Capture request.
  • Removed the body from the DELETE functions in transactions/invoice and tokens/delete.
  • Fixed where some string fields were showing up as non-strings in the examples.

0.7.6 Beta

  • Fixed the credential object in the Access Token Exchange request so that it is singular.
  • Fixed the dateTime description and examples to show the colon in the time offset.
  • Fixed the server URLs to include /api/rest in the path.

0.7.5 Beta

  • Extended the Trigger Values section
  • Extended the Error Codes section

0.7.4 Beta

  • Changed the casing on the Header parameters.

0.7.3 Beta

  • Added Receipt Printing Requirements content
  • Removed apiOptions from responses