Skip to main content

Deposits (New)

Introduction

The deposit operation allows customers of Paysafe Embedded Wallet to load funds into their embedded wallet accounts.

tip

Embedded wallet deposits are being updated to a more simplified and consistent solution approach, that supports building direct end-user applications using Paysafe Embedded Wallet SDK for enhanced security and reduced TCO and TCD for partners.

The existing deposit and withdrawal approach still exists and is supported for existing partners see Legacy Deposits.

The new deposit approach leverages Paysafe Embedded Wallet SDKs to offer enhanced security and reduced TCO and TCD for partners adopting the solution.

The supported deposit methods are:

  • Debit or Credit card
  • ACH Direct Debit for US customers (In Development)
  • Bankwire deposit using VIBAN or Virtual Account for EU and UK customers (In Development)
  • other deposit methods are coming...

Card Deposits

Card deposits using VISA and MASTERCARD is supported for both PCI-DSS compliant and noncompliant partners. 3D secure authentication provides an additional layer of protection.

Partners should leverage the provided web and mobile SDKs to implement the deposit flow and can choose between various development options, depending on their PCI-DSS compliance level and customization needs.

The deposit API supports either re-using an existing card for deposit or entering new card information during the deposit process.

tip
  • Only cards that previously have been successfully deposited can be re-used for new deposits.
  • User consent is required for storing card information in Embedded Wallet.

PCI DSS compliant

Partners, that are PCI DSS Level 1 compliant can access cardholder data. This allows them to leverage directly the user-facing APIs through Paysafe SDK and build the deposit interface from scratch.

tip

Partners are required to request the pci-dss-1 scope when issuing SDK JWT tokens. If scope is not present in the JWT access token the Paysafe User Facing API will treat them as non-PCI compliant and trigger redirect flow.

Card Card Card Card

PCI DSS noncompliant in web browser

Partners, that are not PCI DSS Level 1 compliant can not access cardholder data. It is required for them to leverage the Paysafe hosted page that collects the cardholder information if they are building web applications.

tip

Existing card instruments stored with user consent can still be used.

warning

When redirecting to Paysafe hosted page, developers have several options. Paysafe do it's best to be iframe-compatible, yet - there is a possibility for the flow to jump outside the iframe on 3DS challenge. For proper integration and better UX, we recommend one of the following:

  • Open page in a new window, without nesting in iframe
  • Embed page within iframe, but handle appropriately in case of a jump out
Card Card Card Card

PCI DSS noncompliant on mobile devices

Partners, that are not PCI DSS Level 1 compliant can not access cardholder data. It is required for them to leverage the Paysafe mobile SDK, that collects the cardholder information if they are building mobile applications.

Paysafe mobile SDK ensures cardholder data is collected in PCI DSS compliant manner. For that reason, partners can leverage the pci-dss-1 scope for their mobile applications, when using the Paysafe mobile SDK.

tip

Partners are required to request the pci-dss-1 scope when issuing SDK JWT tokens. If scope is not present in the JWT access token the Paysafe User Facing API will treat them as non-PCI compliant and trigger redirect flow.

Card Card Card Card