Secure Card on File (SCOF)
Securely store cardholder credentials for repeat purchases and consumer-initiated transactions, with support for unscheduled CIT use cases.
Secure Card on File (SCOF) lets approved merchants store cardholder credentials securely for repeat purchases and consumer-initiated transactions.
What we know so far
- SCOF supports unscheduled Card on File transactions (UCoF / CIT) under the Visa and Mastercard rules.
- The cardholder must give consent for the merchant to initiate one or more future transactions.
- Subsequent payments must be properly flagged so the schemes recognise the stored credential.
- Underlying API:
POST /v1/purchasewith stored card token and the appropriateindustry_specific_transactionindicator.
API reference
Live request / response schema, parameters, example payload, and cURL / Node / Python / PHP code samples — pulled from the OpenAPI spec for post_/v1/purchase/{init}.
POST
/v1/purchase/{init}
Operation
purchasePath parameters
| Name | Example | Description |
|---|---|---|
init |
— |
Token returned from /v1/init. Not required |
Request body
| Field | Type | Description |
|---|---|---|
reference2
|
string (0,any) | |
industry_
|
string (0,any) | |
moto
|
boolean | |
zip
|
string (0,any) | |
address
|
string (0,any) | |
balance
|
string (0,any) | |
fee
|
number (0,any) | |
sca_
|
string (0,any) | |
mpg_
|
string (0,any) | |
card_
|
string (0,any) | |
card_
|
string (0,any) | |
merchant
|
string (0,any) | |
terminal
|
string (0,any) | |
user
|
string (0,any) | |
currency
|
string (0,any) | |
card
|
string (0,any) | |
card_
|
string (0,any) | |
reference
|
string (0,any) | |
cardholder_
|
string (2,45) | |
cvv2
|
string (0,any) | |
mid
|
string (0,any) | |
xid
|
string (28,28) | |
cavv
|
string (28,28) | |
version
|
integer (0,any) | |
directory_
|
string (36,36) | |
resolution
|
string (0,any) | |
eci
|
string (0,2) | |
recurring_
|
integer (0,any) | |
initial_
|
string (0,any) | |
transaction_
|
string (0,any) | |
settlement_
|
string (0,any) |
Example request
{
"reference2": "string",
"industry_specific_transaction": "string",
"moto": "boolean",
"zip": "string",
"address": "string",
"balance": "string",
"fee": "number",
"financial_institution_service_data": {
"date_of_birth": "2021-12-12",
"postal_code": "string",
"surname": "string"
},
"client_fingerprint": {
"location_finger_print": "",
"ip_address": "127.0.0.1",
"geo_location": "string",
"device_type": "string",
"operating_type_and_version": "WI11",
"browser_type_and_version": "CH88",
"email": "string"
},
"delivery_details": {
"delivery_name": "John Doe",
"delivery_street_name": "James Bourchier 76A",
"delivery_zip": "1407",
"delivery_city": "Sofia",
"delivery_country": "BG"
},
"sca_exemption": "string",
"wallet_payment": {
"wallet_identifier": "apple-pay",
"digital_payment_cryptogram": "string",
"remote_commerce_acceptor_identifier": "string"
},
"aft": {
"account_owner_address1": "James Bourchier 76A",
"account_owner_address2": "James Bourchier 76A",
"account_owner_street": "James Bourchier",
"account_owner_postal_code": "ABCDE12345",
"account_owner_city": "Sofia",
"account_owner_country": "BGR",
"merchant_postal_code": "ABCDE123",
"merchant_state": "SOF",
"acceptor_legal_name": "Paynetics",
"sender_address": "James Bourchier 76A",
"sender_city": "Sofia",
"sender_state": "SF",
"sender_country": "BGR",
"sender_name": "John Doe",
"sender_account_number": "efa213eab69d46c4a690",
"recipient_name": "John Doe",
"bai": "string",
"account_owner_subdivision_code": "abc",
"mvv": "13456ABCD"
},
"partner_data": {
"independent_sales_organization_id": "00001111222"
},
"market_specific_extensions": {
"mcc": "0000"
},
"additional_clearing_data": {
"merchant_street": "James Bourchier",
"merchant_postcode": "ABCDE12345"
},
"mpg_id": "string",
"card_expiration_month": "string",
"card_expiration_year": "string",
"merchant": "string",
"terminal": "string",
"user": "string",
"amount": "number",
"currency": "string",
"card": "string",
"card_number": "string",
"reference": "string",
"cardholder_name": "string",
"cvv2": "string",
"mid": "string",
"card_acceptor": {
"name": "string"
},
"xid": "string",
"cavv": "string",
"version": "integer",
"directory_transaction_id": "string",
"resolution": "string",
"eci": "string",
"recurring_type": "integer",
"initial_transaction": "string",
"transaction_stamp": "string",
"settlement_date": "string"
}Response
| Field | Type | Description |
|---|---|---|
code
|
integer (0,any) |
Example response
{
"code": "integer",
"data": {
"card_number": "string",
"processing_code": "string",
"amount": "number",
"stan": "string",
"local_time": "string",
"local_date": "string",
"auth_code": "string",
"response_code": "string",
"card_acceptor_terminal_id": "string",
"card_acceptor_identification_code": "string",
"currency": "string",
"transaction": "string",
"external_transaction_id": "string",
"error_details": "string",
"cvv_status": "string",
"avs_status": "string",
"ccti_id": "string",
"transaction_stamp": "string",
"retrieval_reference_number": "string",
"card": "string",
"original_network_response_code": "string",
"action_code": "string",
"order": "string"
}
}