Deposits
Introduction
The deposit operation allows customers of Paysafe Embedded Wallet to load funds into their embedded wallet accounts.
Embedded wallet deposits are being updated to a more simplified and consistent solution approach, that supports building direct end-user applications using Paysafe Embedded Wallet SDK for enhanced security and reduced TCO and TCD for partners.
The new deposit approach leverages Paysafe Embedded Wallet SDKs to offer enhanced security and reduced TCO and TCD for partners adopting the solution.
The supported deposit methods are:
- Debit or Credit card
- ACH Direct Debit for US customers (In Development)
- Bankwire deposit using VIBAN or Virtual Account for EU and UK customers (In Development)
- other deposit methods are coming...
For more information check:
Bankwire deposit
Paysafe Embedded Wallet supports bank transfer deposits using customer assigned vIBANs in Paysafe partner bank. Once offline customer deposit reaches Paysafe partner bank, customer's wallet is funded with the corresponding amount.
Virtual IBAN is assigned to each customer during the onboarding process. You can obtain the vIBAN using Accounts API.
GET https://api.paysafe.com/digitalwallets/v2/accounts
[{
"id": "509876034",
"customerId": "5435323362",
"currencyCode": "GBP",
"totalBalance": 55000,
"availableBalance": 50000,
"virtualInstrument": [
{
"instrumentType": "SEPA_BANK_ACCOUNT",
"iban": "NL74ABNA1231242344",
"bic": "ABNANL2APIP",
"status": "ACTIVE"
}
],
"creationTime": "2019-08-24T14:15:22Z",
"hasVirtualInstrument": true
}]
Bank Transfer Deposit Steps
-
Merchant must show vIBAN or Paysafe details as account holder upon bank transfer payment option on Merchant website
-
Customer initiates bank transfer from their bank to their vIBAN or Paysafe account
-
Paysafe performs vIBAN and name match when deposit is received in Paysafe partner bank
-
The transaction amount will be credited to the customer wallet
-
Where applicable, the merchant deposit fee amount will be debited from the customer wallet
infoCustomers can only be charged a pre-defined fixed fee for bank transfer deposits.
-
Merchant recieves a TransactionUpdateWebhook when funds are deposited in the wallet
POST
https://<merchant callback URL>
Transaction update webhook{
"id": "3aeb9c63-6386-46a3-9f8e-f452e722228a",
"timestamp": "2021-07-15T17:54:12Z",
"transaction": {
"id": "544232",
"merchantRefNum": "abcd1234",
"customerId": "1234",
"accountId": "212345",
"type": "DEPOSIT",
"slipId": "121345",
"amount": 1000,
"currencyCode": "EUR",
"creationTime": "2021-07-15T17:54:12Z",
"direction": "CREDIT",
"paymentType": "BANK_TRANSFER",
"description": "Transaction description.",
"status": "COMPLETED"
}
}
Virtual Bank Accounts
Paysafe Embedded Wallet provides an option to create a virtual Bank Account and link it to a wallet. Once created any funds wired to that Bank Account can be credited automatically to the associated wallet.
Card Deposits
Card deposits using VISA and MASTERCARD is supported for both PCI-DSS compliant and noncompliant partners. 3D secure authentication provides an additional layer of protection.
Partners should leverage the provided web and mobile SDKs to implement the deposit flow and can choose between various development options, depending on their PCI-DSS compliance level and customization needs.
The deposit API supports either re-using an existing card for deposit or entering new card information during the deposit process.
- Only cards that previously have been successfully deposited can be re-used for new deposits.
- User consent is required for storing card information in Embedded Wallet.
PCI DSS compliant
Partners, that are PCI DSS Level 1 compliant can access cardholder data. This allows them to leverage directly the user-facing APIs through Paysafe SDK and build the deposit interface from scratch.
Partners are required to request the pci-dss-1
scope when issuing SDK JWT tokens. If scope is not present in the JWT access token the Paysafe User Facing API will treat them as non-PCI compliant and trigger redirect flow.
PCI DSS noncompliant in web browser
Partners, that are not PCI DSS Level 1 compliant can not access cardholder data. It is required for them to leverage the Paysafe hosted page that collects the cardholder information if they are building web applications.
Existing card instruments stored with user consent can still be used.
When redirecting to Paysafe hosted page, developers have several options. Paysafe do it's best to be iframe-compatible, yet - there is a possibility for the flow to jump outside the iframe on 3DS challenge. For proper integration and better UX, we recommend one of the following:
- Open page in a new window, without nesting in iframe
- Embed page within iframe, but handle appropriately in case of a jump out
PCI DSS noncompliant on mobile devices
Partners, that are not PCI DSS Level 1 compliant can not access cardholder data. It is required for them to leverage the Paysafe mobile SDK, that collects the cardholder information if they are building mobile applications.
Paysafe mobile SDK ensures cardholder data is collected in PCI DSS compliant manner. For that reason, partners can leverage the pci-dss-1
scope for their mobile applications, when using the Paysafe mobile SDK.
Partners are required to request the pci-dss-1
scope when issuing SDK JWT tokens. If scope is not present in the JWT access token the Paysafe User Facing API will treat them as non-PCI compliant and trigger redirect flow.