Operation results
Processing payments is a complex and long chain of interactions between many actors involved, and there's a long list of things that can go wrong there. Thankfully, our team at Payrails has seen a lot in their years of experience and is here to help you navigate this complex field.
One of the main challenges we have is to understand exactly what happened in a payment transaction. Unfortunately, there's not yet a standard of responses from PSPs, and each of them has its own way to inform you about these results. For example, some of them opt for a numeric list of possible responses, others choose to inform you through HTTP status codes, others through a string field, and a big etcetera.
Payrails comes to your help here! Every time we integrate a new PSP, we work together with them to map from their list of response codes to ours, so that we can provide you with only one list of possible results regardless of which PSP was used for processing the transaction.
These response codes can be found in the result field of each of your Payment Operations. For example, here's how the Get an execution by ID response would look for a failed execution because of blocked instrument:
{
"id": "fe67fc45-ce47-4fc8-a283-22d03ae68b77",
"status": [
...
{
"code": "authorizeFailed",
"time": "2022-04-22T17:53:36.814Z",
"errors": [
{
"id": "a24bc325-3929-4d9d-9c08-b3aa532685b7",
"code": "workflow.action.failed",
"detail": "The execution of the requested workflow action failed",
"docUrl": "https://docs.payrails.com/docs/error-codes#workflow.action.failed",
"reason": {
"category": "Instrument",
"result": "BlockedInstrument",
"source": "Customer",
"detail": "LostInstrument"
}
}
]
}
],
...
}
And here's the notification for the same execution:
{
"event": "executionActionCompleted",
"time": "2022-04-22T17:53:36.814Z",
"details": {
"action": "authorize",
"execution": {
"workflowCode": "d5454c2f-ae5e-44f3-8edf-f6dad64f005f",
"id": "fe67fc45-ce47-4fc8-a283-22d03ae68b77",
"merchantReference": "order_3573894940903"
},
"success": false,
"errors": [
{
"id": "a24bc325-3929-4d9d-9c08-b3aa532685b7",
"code": "workflow.action.failed",
"detail": "The execution of the requested workflow action failed",
"docUrl": "https://docs.payrails.com/docs/error-codes#workflow.action.failed",
"reason": {
"category": "Instrument",
"result": "BlockedInstrument",
"source": "Customer",
"detail": "LostInstrument"
}
}
]
}
}
Result Categories
Before listing down the list of all possible result codes, you must know that the fields source and detail under the reason struct are optional, meaning they will be filled/provided based on the result itself. Below is a list of all possible result codes from Payrails, grouped by category with their descriptions and possible optional fields:
Success
Since successful payments are by definition not encountering errors, you'll usually find the results under the Success category listed in the operationResult field as there won't be an error struct attached. In such cases the success flag will be set to true in the response you receive.
result | description |
|---|---|
| Success | The requested operation was performed successfully. |
| Accepted | The operation was requested but not executed yet, it was scheduled for execution on the provider side. This is usually followed by waiting for a notification callback or a status querying with some waiting policy. |
Pending
Next, also a type of happy path but with some type of pending action before they can be completed.
result | description |
|---|---|
| Pending | The operation is waiting for an action to be completed. Could be the user receiving a push notification on their phone, the bank reviewing a transaction, etc. |
Redirect
Next, also a type of happy path but with some type of pending action, namely redirection, before they can be completed.
result | description |
|---|---|
| HTTPRedirectRequired | This is a special type of Pending, where there's an HTTP redirection that needs to be made for the user to complete the process, i.e. 3DS, external wallets, etc. This result always comes with redirection data in the response body, i.e., a redirect URL and a set of parameters. |
| FormRedirectRequired | Same as HTTPRedirectRequired, but with a Form redirection. |
Unknown
Let's discuss the most worrying ones next, the ones where we don't know what actually happened. Any of these results should be considered a high priority to alert and analyze as soon as possible.
result | source | description |
|---|---|---|
| Unknown | Received a response, but could not be interpreted by us. Could be caused by a change in implementation on any side. | |
| UnexpectedProviderResponse | Provider | Received a response, but it was not any of the ones that we expected for the type of operation being executed. |
| ProviderUnknownError | Provider | Same as Unknown but from the provider's side calling another party, i.e. acquirer. |
Connection
Next, equally important to analyze and optimize if possible, are the connection and timeout-related codes.
result | source | description |
|---|---|---|
| ProviderConnectionError | Provider | There was a problem reaching the provider services. Could be caused by an actual connection problem, or that the provider is down or not responding. |
| Timeout | Provider | There was a timeout waiting for a response from the provider. In this case, the connection could actually be established, but there was no timely response. |
| ProviderTimeout | Provider | Same as Timeout but the connection that failed was between the provider and another actor, i.e. acquirer. |
Operation
Next, let's look at the payment rejection results, which depending on the provider and other factors, may go from completely generic to very specific.
result | source | detail | description |
|---|---|---|---|
| GenericRejection | The provider (or any of the actors in the chain) rejects the transaction but does not specify a specific reason. This code is often referred to as "do not honor". | ||
| FraudRisk | Customer Provider Acquirer Issuer | FraudRiskBlockList FraudRiskScore FraudRiskRule FraudRiskSuspectedFraud FraudRiskSecurity | The transaction is rejected because there's a risk of fraud. The check could have been done by any of the players in the chain. |
| DuplicateOperation | Merchant | Payment is rejected because it would be a duplicate of another one. We should check if we were actually retrying it or if it was a mistake. | |
| OperationNotAllowed | Merchant | TransactionNotPermitted NetworkTransactionReferenceRejected | Operation is not allowed, usually related to the current status of the transaction, i.e. trying to capture an already canceled payment. |
| PayerCanceled | Customer | When operation is cancelled by customer before the payment was made. | |
| LimitExceeded | Customer | LimitExceededAmount LimitExceededCount LimitExceededPinAttempts LimitExceededTime | Some limit was exceeded by the provider or the issuer. Usually a configurable value on their systems for preventing fraud. |
| ParamsError | Merchant | FormatError InvalidAmount InvalidCurrencyCode InvalidCountryCode InvalidRegionCode InvalidInstallments | Payment is rejected due to some wrong payment parameters being provided. |
Instrument
Next, a special type of payment rejections, the payment instrument related rejections.
result | source | detail | description |
|---|---|---|---|
| InstrumentNotAllowed | Customer | Operation is not allowed for the instrument, i.e. trying to use a debit card when it should be credit. | |
| InvalidInstrument | Customer | InvalidInstrumentSecurityCode InvalidInstrumentNumber InvalidInstrumentExpiryDate InvalidInstrumentAVS InvalidInstrumentToken | The instrument is not valid for any reason not specified. In some cases the provider groups other responses into this one (insufficient balance, expired, blocked, etc.) |
| InsufficientBalance | Customer | The selected instrument doesn't have enough balance to perform the operation. | |
| BlockedInstrument | Customer | StolenInstrument LostInstrument PickUpInstrument ClosedAccount ContactIssuer CanceledSubscription | The instrument is currently blocked. Could be a temporary state because it's pending approval for example, but could be permanent like when cards are blocked because they were stolen. |
| ExpiredInstrument | Customer | The instrument is expired. In case it was a card, it reached the expiration date. In case it was a token, it may have been revoked or was initially issued for a short time. |
Configuration
Next, we have the parameter or configuration errors. These could be similar to the rejections but could be caused by a problem with formatting, missing required parameters, etc.
result | source | description |
|---|---|---|
| ValidationError | Merchant | Before sending the transaction to the provider, we performed a parameter validation and it failed. This code comes together with a list of errors specifying the fields and problems. |
| ParamsError | Merchant | After sending the transaction to the provider, they decided not to execute it because of a problem with the parameters we sent. Could be a required field is missing, incorrectly formatted, etc. |
| ProviderConfigError | Payrails | When sending the transaction to the provider, they refused to process it because we are missing something required for the operation, e.g. merchant ID, client secret, etc. |
| InvalidSignature | Payrails | For providers that require a signature in the requests, there's a specific result for when the signature was actually invalid. |
| InternalServerError | Payrails | There was an error in our system while trying to process the operation. This will trigger an alert for the Payrails team to act immediately. |
| AuthenticationError | Payrails | A special case of ParamsError, but specifically about an error when authenticating on the provider services. |
| PaymentMethodNotSupported | Merchant | Payment method is not supported by the Provider. Probably not configured correctly or missing credentials or approvals. |
PayerAuthentication
Next, we have the payer authentication error, which can either arise from a missing or incorrect PIN or a 3DS check that didn't occur. It's important to distinguish these ones, that are payer specific, from the server credentials authentication errors.
result | source | detail | description |
|---|---|---|---|
| PayerAuthenticationRequired | Merchant | The payment requires payer authentication (e.g. 3DS) but the merchant didn't ask for authentication or forced not to execute it. | |
| PayerAuthenticationFailed | Customer | PayerAuthenticationCanceled PayerAuthenticationAbandoned PayerAuthenticationNotSupported PayerAuthenticationIdentityCardMismatch | The payment failed payer authentication (e.g. failed 3DS) due to payer abandoning or canceling the authentication flow, or the required authentication is not supported. |
Updated 2 months ago