Debit card

A debit card transaction is carried out in the same way as a credit card transaction. It is mandatory, however, to submit it to the authentication process.

All debit transactions must be authenticated as required by the issuing banks and brands, in order to promote greater security. To authenticate a debit transaction, we use the EMV 3DS 2.0 protocol. This protocol is a script integrated into the e-commerce website that verifies the identity of the cardholder while maintaining a good shopping experience and reducing the risk of fraud.

ℹ️

Please refer to 3DS Authentication for information about 3Ds integration.

See below the representation of a standard transactional flow in the creation of a debit transaction, with the authentication and authorization steps:

Mastercard and Hipercard debit card transactions with stored credentials: Mastercard and Hipercard brand requires the Transaction Initiator Indicator for credit and debit card transactions using stored card data. The goal is to indicate whether the transaction was initiated by the cardholder or by the merchant. In this scenario, the node InitiatedTransactionIndicator must be sent with the parameters Category and SubCategory for Mastercard and Hipercard transactions, within the Payment node. Please check the complete list of categories in the Category parameter description and the subcategories tables in Transaction Initiator Indicator (CIT and MIT)

Creating a debit transaction with no authentication

It is possible to process a debit card without having to submit your customer to the authentication process. You will find more details in the Débito sem Senha article, written in Portuguese.