NAV
PEX Marketplace
Available apps Build your app Developer documentation Additional Services

Developer documentation (Beta)

Realtime Funding using the PEX account balance

Spending ruleset options include a feature to use the PEX Account balance rather than card balance to evaluate transaction authorization requests. If this feature is on, the authorization decisioning process will use your PEX Account balance as depicted in the Workflow diagram.

Spending rulesets with this feature can be applied to as few as one card account or as many as all card accounts in your program. Any card account that doesn’t have a spending ruleset assigned with the feature will continue to use the card account balance in the authorization decisioning process.

Workflow

The below diagram illustrates a decision control workflow using realtime funding from the PEX Account Balance PEX Account Balance Workflow

Configuration

IMPORTANT: Realtime funding is an advanced feature. PEX must enable this feature for your account before you can use it. If you wish to use this feature, please contact your PEX Account Manager or PEX Client Services for set up.

To assign the PEX Account balance feature for a given card account, you will first create a spending ruleset with “Use PEX Account balance instead of card balance” enabled. All transactions for this card will use this ruleset. The ruleset can also include MCC restrictions or time-based spend limits to use in conjunction with realtime funding.

The second step is to assign the appropriate ruleset to the cardholder(s) for whom you wish to use realtime funding.

Via the dashboard

  • Log in to the Admin portal.
  • Navigate to the Cards/Spending rulesets page.
  • Choose “Create new ruleset”.
  • The default setting of the PEX Account balance check is “off.” Check the box to turn this feature on. Adding this spending ruleset to a card account will result in any card balance being ignored during the authorization decisioning process. If the spending ruleset that’s added to the card account is expected to be associated with the card account long-term, it’s recommended that any card balances are defunded to allow the funds to be used for authorizations or to fund other cards and to avoid reconcilement issues (see Transaction authorization and other offset transfers above). Cards that are assigned spending rulesets that have the PEX Account balance feature enabled will be automatically defunded once Phase II Decision Control features are completed.
  • The PEX Account balance check feature can also be turned on for an individual card by:
    • Find card using Card Search or Card List.
    • Click on cardholder name.
    • Select spend rules.

Via the API

{
    "CardholderGroupId": 0,
    "SpendRulesetId": 0,
    "Phone": "",
    "ShippingPhone": "",
    "DateOfBirth": "",
    "Email": "",
    "FirstName": "",
    "LastName": "",
    "NormalizeProfileAddress": false,
    "ProfileAddress": {
        "AddressLine1": "",
        "AddressLine2": "",
        "City": "",
        "State": "",
        "PostalCode": "",
        "Country": ""
    },
    "NormalizeShippingAddress": false,
    "ShippingAddress": {
        "ContactName": "",
        "AddressLine1": "",
        "AddressLine2": "",
        "City": "",
        "State": "",
        "PostalCode": "",
        "Country": ""
    }
}

Configure the PEX Account Balance Check as part of a spending ruleset

  1. Use the POST /SpendingRuleset/Advanced to create a new spending ruleset or PUT/SpendingRuleset/Advanced endpoint to revise an existing ruleset.
  2. Set the UsePexAccountBalanceForAuths field to true.
  3. To add PEX Account balance check to a single card account, use the Card/SpendRules/{id} endpoint and set the UsePexAccountBalanceForAuths field to true.

Assign the spending ruleset with the PEX Account Balance Check to the appropriate cardholder

  1. Use GET /SpendingRuleset/Advanced to retrieve the Ruleset ID for the spending ruleset that you created with PEX Account balance check.
  2. Use PUT/Card/Profile/{id} and change the ruleset ID to the ID you retrieved in step #1

Managing accounts

There are 2 ways to find out which accounts are assigned a spending ruleset that includes the PEX account balance check option.

Via the dashboard

  • Log in to the dashboard portal.
  • Navigate to the Cards/Search page.
  • Search by Ruleset.

Via the API

Preauthorization

The transaction will be declined and the PEX Account balance check will not be performed if any of the following checks fail:

  • valid card number
  • valid card number/expiration date combination
  • valid card number/CVV code combination
  • transaction amount is equal to or less than $25,000 (fails if >$25,000)
  • merchant is on PEX blacklist of known fraudulent merchants
  • prohibited transaction type including cash back transactions
  • Card status not active
  • PIN validation (if applicable)
  • address verification (if requested by merchant)
  • These Pre-authorization Checks are a standard part of authorization processing and are also applied when PEX Account balance is not enabled.

Reserve Balance

Note: Assigning a spending ruleset to a card account that has the PEX Account balance option enabled will result in any card balance being automatically removed by the system and all funding features for that card will be disabled.

A reserve balance will be assigned to each customer who is configured for the PEX Account balance option. Reserve balances are maintained to offset the risk of unanticipated settlement amounts, unsuccessful chargebacks or other events beyond PEX’s control. The reserve balance is the dollar amount that is subtracted from your PEX Account balance prior to the comparison of the transaction amount to the balance in your PEX account:

Condition Outcome
TRANSACTION AMOUNT <= (PEX ACCOUNT BALANCE LESS RESERVE BALANCE) TRANSACTION APPROVED
TRANSACTION AMOUNT > (PEX ACCOUNT BALANCE LESS RESERVE BALANCE) TRANSACTION DECLINED

Transaction Authorization

In order to prevent a negative balance on the card account as a result of a transaction authorization request approval and to provide a funds flow trail for each transaction, each approved authorization request will be followed by a system generated balance transfer from your PEX Account in the same amount when the PEX Account balance option is used

  • When a transaction authorization request is approved for a card account that has a spending ruleset assigned to it with PEX Account balance turned on, the authorization hold will post to the card account just as it does when the card account balance is used in the transaction authorization decisioning process.
  • When a matching settlement transaction is identified and posts, a hold reversal will also post - just as it does when card account balance is used.

Resetting the balance

  • Fees that post to the card account (currently the ISA fee assessed for international transactions) will result in a system generated balance transfer that will adjust the card balance to zero. Net Effect: transferring fee debit from card account to business account.
  • Merchant Credits that post to the card account (representing refunds for goods or services) will result in a system generated balance transfer that will adjust the card balance to zero. Net Effect: transferring merchant credits from card account to business account.
  • Reversals that post to the card account will result in a system generated balance transfer that will adjust the card balance to zero. Net Effect: transferring balance that is created by the reversal from card account to business account.
  • Settlement Amounts that don’t match the authorization amount that post to the card account will result in a system generated balance transfer that will adjust the card balance to zero. Net Effect: funding the difference from the business account in order to offset the negative balance that was created on the card account.

Customer decisioning

IMPORTANT: Decision Control is not a standard feature. PEX must turn on each feature, including customer decisioning, in order for it to be visible and useable. If you wish to use this feature, please contact your PEX Account Manager or PEX Client Services for set up.

Spending ruleset options now include the ability for the customer to receive and decision the transaction authorization request. If the customer decisioning option is on, upon receipt of a transaction authorization request from the card network, PEX will send an authorization decision request to the customer’s URL and wait for a response.

  • If the customer responds within 2 seconds, PEX will use the customer’s decision to respond to the card network. Any spending ruleset controls that are in place will be ignored.
  • If the customer doesn’t respond within 2 seconds, PEX will apply any spending controls that are applied to the card account, render the authorization decision, and then respond to the network. The card or business account balance will be used to determine whether or not the transaction should be approved based on the configuration in the spending ruleset.
  • To use the customer decisioning feature on any card account, you must create a spending ruleset that includes customer decisioning as enabled. Any other spending controls that are enabled will be ignored unless you do not respond to a PEX authorization decision request within 2000 milliseconds, in which case they will be used by PEX to make the authorization decision.
  • Note that if you are also using business balance account authorization and have not set a daily spend limit in the spending ruleset assigned to the card account, the cardholder will be able to spend up to the amount available in your PEX Account and won’t be limited in terms of the number of transactions they can complete. You can minimize this risk by setting Max purchase amounts on each standard or custom merchant category that you include in the spending ruleset assigned to a card account.
  • For customers using the Customer Decisioning feature, PEX highly recommends creating a spending ruleset that matches authorized spending patterns and setting a daily spend limit at a level that represents slightly greater than maximum expected spending for a cardholder during a calendar day (daily spend limits are enforced from midnight thru 11:59:59pm.
  • The default PEX spend ruleset does not include a daily limit and allows spending in any merchant category, thus it will allow your cardholders to spend without restrictions as to amount or merchant category if you aren’t responding to authorization decision requests.
  • Note that the daily spend limit is checked during pre-authorization processing, so if set too low it may result in transactions being declined prior to being sent to your service for decisioning.
  • The daily spend limit is applied to all transactions processed by the PEX system- whether they are decisioned by your service or PEX if your service is not responding.

Benefits

  • Eliminate the need to fund and defund card accounts.
  • Create spend controls that allow the cardholder to make purchases as often as needed, but only in a specific merchant category and only up to a maximum transaction amount.
  • Make authorization decisions yourself in real time, taking into consideration the most current available data regarding the status of the cardholder and the spending that they are authorized to perform.

Configuration

Via the dashboard

  • Log in to the Admin portal.
  • Navigate to the Cards/Spending rulesets page.
  • Choose “Create new ruleset”.
  • The default setting of the Use Customer Authorization Decision is “off.” Check the box to turn this feature on. Adding this spending ruleset to a card account will result in authorization requests being forwarded to you. If the spending ruleset that’s added to the card account is expected to be associated with the card account long term, it’s recommended that any card balances are defunded to allow the funds to be used for authorizations or to fund other cards and to avoid reconcilement issues (see Transaction authorization and other offset transfers).
  • The customer authorization decision feature can also be turned on for an individual card by:
    • Find card using Card Search or Card List.
    • Click on cardholder name.
    • Select spend rules.

Via the API

Spending Ruleset Assignment

Via the dashboard

  • Log in to the Admin portal.
  • Navigate to the Cards/Search page.
  • Locate the card account(s) you wish to set to customer decisioning.
    • If one card, use the drop down to select the appropriate spending ruleset.
    • If multiple cards, check each or all cards in the search result and then use the Assign ruleset batch function to assign.

Via the API

{
    "CardholderGroupId": 0,
    "SpendRulesetId": 0,
    "Phone": "",
    "ShippingPhone": "",
    "DateOfBirth": "",
    "Email": "",
    "FirstName": "",
    "LastName": "",
    "NormalizeProfileAddress": false,
    "ProfileAddress": {
        "AddressLine1": "",
        "AddressLine2": "",
        "City": "",
        "State": "",
        "PostalCode": "",
        "Country": ""
    },
    "NormalizeShippingAddress": false,
    "ShippingAddress": {
        "ContactName": "",
        "AddressLine1": "",
        "AddressLine2": "",
        "City": "",
        "State": "",
        "PostalCode": "",
        "Country": ""
    }
}

Managing Accounts

Via the dashboard

  • Log in to the Admin portal.
  • Navigate to the Cards/Search page.
  • Search by Ruleset.

Via the API

Preauthorization

Prior to sending an authorization decision request to the customer, PEX will perform a number of checks to assure that the transaction is legitimate and permitted on the PEX product. If the transaction fails any of these checks, PEX will send a decline to the card network and the authorization request will not be forwarded to the customer.

  • Check card number, expiration date, CVC (fail = decline by PEX)
  • Check transaction code (no cash transactions permitted)
  • Check card status (inactive, blocked, closed result in decline)
  • PIN validation (if applicable -PIN POS)
  • Available balance check. The transaction amount will be compared to the available PEX Account balance or card balance depending on the configuration of any spending ruleset assigned to the card account. (business account balance is recommended for customer decisioning).
  • Cardholder billing address verification (if requested by the merchant)
  • Daily spend limit check (the only spending ruleset spending control applied prior to the authorization request being forwarded to your service)
  • Fraud merchant blacklist check
  • Check restricted MCC list
  • OFAC check

Remote Decisioning

NOTE: PEX supports TLS 1.2 and higher versions.

Customers will create a RESTful web service which PEX will call during the remote authorization process.

PEX's request will timeout if a response is not received from the customer application within 2000 milliseconds. A response time of 500 milliseconds is desirable.

{
    "AcctId": 0,
    "BusinessAcctId": 0,
    "NetworkTransactionId": 0,
    "TransactionAmount": 0.00,
    "MerchantLocalTime": "2017-01-17T22:16:23",
    "LocalCurrencyCode": "USD",
    "Last4CardNumber": "string",
    "MCCCode": "0000",
    "MerchantId": "string",
    "TerminalId": "string",
    "AvailableBalance": 0.00,
    "TotalOutstandingAuthAmount": 0.00,
    "TransactionTime": "2017-01-17T22:16:23",
    "MerchantNameLocation": "string",
    "MerchantName": "string",
    "MerchantCity": "string",
    "MerchantState": "string",
    "MerchantZip": "string",
    "MerchantCountry": "string",
    "IsInternational": false,
    "IsCardNotPresent": false,
    "IsPin": false,
    "IsUsingPexAccountBalanceForAuths": false,
    "ISAFee": 0.00
}

HTTP 200 Response – Approve & 400 Response – Decline

{
    "NetworkTransactionId": 0,
    "Decision": 0,
    "Note": "string"
}

In order to use Customer Decisioning, you must have a REST service which will be able to receive and respond to authorization requests sent by PEX. For details on the requirements your service must meet, please see this section.

Headers

PEX will include the following headers in the decisioning request. PEX will generate a SharedSecret which will be sent to you on request when you register your application.

  • Field name: Authorization, Value: Basic {Base64Encoded SharedSecret} Example: “Basic MUMyMEE1MkIwNjMwNDFGREI1RDExODI0Njk0MDhBM0I=”
  • Field name: Content-Type, Value: application/json
  • Field name: Date, Value: UTC DateTime (used for 2000 milliseconds)

Every call to your service will include the SharedSecret as a Base64 encoded value in the Authentication header. Your application should compare a decoded copy of this value against the SharedSecret to ensure that the request is authentic.

Models

  • Upon receipt of a transaction authorization request from the Visa or MasterCard network, a request containing authorization data will be sent to the customer's application. The definition of fields included in the request are the same as those defined in the transaction details API response, webhooks or ISO 8583 (Visa/MasterCard network messages). Please see the linked documents for details.
  • IsPin property is only true for ‘0200’ message types. Because only ‘0100’ and ‘0200’ message types are sent in Decision Control, the IsPin property differentiates the two.
  • IsUsingPexAccountBalanceForAuths is true when ‘Use Pex Account balance’ is enabled in the spend rule. For additional details, see "Configuring Customer Decisioning for a Specific Card using the Admin portal" and "Configuring Customer Decisioning for a Specific Card using the API"
  • IsCardNotPresent is currently derived from CardEntryMode (DE-22) as included in the network message
  • MerchantName, MerchantCity, MerchantState, and MerchantCountry derived from MerchantNameLocation and provided for convenience.

All DateTime fields contain dates in ISO 8601 format of YYYY-MM-DDThh:mm.

No Response

If PEX does not receive a response from the customer within 2000 milliseconds, the system will "fall back" to the spending controls as defined in the spending ruleset assigned to the card account. These will be used to process the authorization and respond with an approve or decline message to the merchant.

Ping endpoint

HTTP 200 Response - OK

{
    "ResponseDateTime": "2017-04-10T22:16:00.00Z"
}

A /Ping endpoint will be implemented by customers for the purposes of monitoring reachability of their Remote Auth service. A response time of 500 milliseconds is desirable.

Implementation of /Ping is optional. If a Ping endpoint is not implemented by the customer, PEX will not create a monitoring agent.

The service exposed will be a GET resource type. PEX will include the following headers in the ping request. Field name: Content-Type, Value: application/json Field name: Date, Value: UTC DateTime Authentication No authentication is required. Response Customers will respond to calls from PEX with the following JSON response.