Change Log

New PaymentsOS API features and fixes are released from time to time. All new features and fixes are listed in the change log.

Upgrading to the Latest API Version

When upgrading to the latest API version, you should be aware that there are two types of changes: breaking changes and non-breaking changes:

  • Breaking changes are changes that could potentially break your existing API requests, if your requests don’t include an api-version header. A breaking change can be introduced, for example, when we add a new mandatory request parameter to an existing API request. We increase the api-version number when we release these type of API changes. For this reason, you should always include an api-version header in your requests, so as to ensure that the changes we introduce will not break your code.

  • Non-breaking changes are changes do not break your existing API requests. Non-breaking changes include new API resources, optional request parameters or new response objects. Note that we reserve the right to introduce non-breaking changes without prior notice. Make sure that your integration does not treat the presence of unexpected non-breaking-attributes in responses, as an error condition.

Fixes and New Features

January 2024

Provider Integrations Added support for Google Pay in integrations with PayU Brazil.
Provider Integrations Added support for partial captures in integrations with PayU Single Platform.

November 2023

Provider Integrations Updated the integration with PayU iyzico to support passing the language in which to display the Pay with iyzico hosted payment page.
Control Center Updated the information shown in the Control Center Payment Search to also show 3DS lookup information returned by PayU Africa providers.
Control Center Added support for searching payments based on amount range.

October 2023

Provider Integrations Updated the integration with PayU India to only return redirect URLs for entering a one-time password if the shopper's card BIN is eligible for zero-redirect authentication. For more information, see Handling Zero-redirect Authentication Responses.
Provider Integrations Added support for Capitec Pay in a direct API integration with PayU South Africa.

July 2023

Provider Integrations Added support for passing an indicator to enable payments in instalments for payment page integrations with PayU South Africa.
Provider Integrations Added support for Apple Pay and Google Pay for integrations with Finaro.

June 2023

Provider Integrations Added support for a shopping credit flow for integrations with PayU iyzico by passing a shopping category in a Create Charge request.
Provider Integrations Deprecated the integrations with PayU Russia, Alfa-Bank, Sberbank and RSB
Payments API Added support for passing a shopper's identity details in the card_identity object for untokenized alternative payments.
Control Center Added support for viewing account balance and payout details Available for specific providers only. See Balances and Payouts.

May 2023

Payments API Updated the identification of a card's properties such as the issuer name and card brand, to support BINs (Bank Identification Numbers) with a length of 8 digits and higher. Important note: This change may result in some properties showing a slightly different value (for instance, the issuer name may be spelled differently). If you created a Decision Engine rule based on a card's properties, make sure to verify that the properties used in your rule still match the desired values.

April 2023

Provider Integrations Added the Mobicred Virtual Credit payment method to the payment page integrations with PayU South Africa.

March 2023

Payments API Added support for non-repudiation API authentication. See Non-repudiation API Authentication for more information.
Payments API Added support for restricting requests to the Payments API to a specific set of IP addresses. See IP Address Restriction for more information.
Payments API Added PaymentsOS-handled 3D Secure authentication flow.

January 2023

Provider Integrations Added Integration with PayU Honduras.
Provider Integrations Added Integration with PayU Guatemala.
Provider Integrations Updated the integration with Alipay to support the latest Alipay API.
Provider Integrations Added Integration with PayU El Salvador.

December 2022

Payments API Added support for passing multi-seller (marketplace) information in Create Payment , Create Capture and Create Refund requests. Note: this functionality is currently available for integrations with PayU Single Platform and PayU iyzico only.
Provider Integrations Added Integration with PayU Costa Rica.
Provider Integrations Added support for ApplePay with Payeezy.
Provider Integrations Removed 3DS 1.0 support with PayU Single Platform.
Provider Integrations Removed integration with Diem.

November 2022

Payments API Added email and phone fields within the sub_merchant object of a Create Charge or Create Authorization request.
Provider Integrations Added the Capitec Pay payment method to the payment page integrations with PayU South Africa.

October 2022

Payments API Added PayU Risk evaluation service for PayPal-based transactions, and for card and APM transactions with LATAM providers.
Control Center Added new Alternative Payment Methods to the routing condition list in the Decision Engine.

September 2022

Payments API Added support for viewing 'split' transaction information, for transactions in which the shopper chose to split the payment amount between multiple payment methods. This information is visible both in the settlement reports and in the transaction_split object returned in the response of the Create Charge , Create Authorization and Create Refund requests.
Provider Integrations Added support for multiple partial capture capability, for LATAM providers with no previous support of the feature. This allows you to invoke multiple partial capture requests for a single authorization. Refer to the relevant Provider topic for more information.
Provider Integrations Added support for passing a bank_application_reference_key in the Create Authorization call when integrating BLIK payments. This allows you to offer shoppers the ability to pay from different devices using the same banking app. For more information, see integrating BLIK.
Provider Integrations Deprecated integration with PayU Turkey.

August 2022

Payments API The Create Token API no longer validates a card's expiration date. Validation of card's expiration date is now handled by the providers your're transacting against. Note that the result of the expiration date validation is returned in the response of the Create Authorization or Create Charge request.
Mock Provider Updated Capture and Void requests using the Mock Provider, to support a status transition from pending to succeed after a period of 24 hours. Also added the option to pass an amount in Void requests, allowing you to simulate partial Voids. See the Mock Provider reference for details.

Important note: the amount for simulating a status of succeed for Capture and Void requests has been changed to 50 or higher.

Payments API Added the option to pass an amount in a Void request, enabling partial Voids with providers that support it.
Payments API Included a QR code page URL in the Charge response for redirecting the shopper to a hosted QR code page on which shoppers can scan the QR code to complete a payment.
Provider Integrations Added support for the 'Pay with iyzico' payment method when integrating with PayU iyzico.

July 2022

Payments API Passing api-version within the header is now required when creating requests.
Payments API Added support for performing an embedded risk analysis using an external risk provider.
Reporting API Settlement reports can now also be generated for transactions processed by PayU Latam.

June 2022

Payments API Added support for creating a payment method with network token.
Payments API Added support for deleting the Primary Account Number(PAN) of a payment method.
Payments API Added support for Webhooks for payment methods.

May 2022

Provider Integrations Added support for refunds with EFT PRO transactions when integrating with PayU South Africa.

March 2022

Provider Integrations Added support for the PIX payment method when integrating with PayU Brazil.
Provider Integrations Added support for the following payment methods with PayU Ghana payment page integrations: Airtel Money, TigoPesa and Vodafone Cash.
Provider Integrations Added support for Authorize and Capture requests on payment page transactions when integrating with all PayU Africa providers.
Provider Integrations Added support for Google Pay with PayU Romania integrations.
Provider Integrations Added support for Google Pay with PayU Russia integrations.

February 2022

Control Center Refund confirmation voucher is now available for refunded transactions (via the control center's Payment Search). This feature is refund-transaction-specific and can only be accessed by users assigned with the Personal Data Viewer Role.
Provider Integrations Added support for payment page transactions when integrating with PayU India.
Provider Integrations Added support for Authorize and Capture requests when integrating with PayU India.

January 2022

Provider Integrations Added the option of passing a statement soft descriptor integrations with PayU Single Platform.

December 2021

Provider Integrations Added support for payment page transactions when integrating with PayU Russia.
Control Center Added support for generating payment links.
Control Center Added support for resending the latest webhook event directly from the PaymentsOS Control Center.
Payments API Added support for passing network tokens requested by a third-party token provider.
Payments API Added support for passing network tokens requested by ApplePay (only supported in integrations with specific providers).

November 2021

Provider Integrations Added support for integrations with PayU Ghana.
Provider Integrations Added support for processing 3DS 2 exemption reasons in an external 3DS flow when integrating with Credorax.
Provider Integrations Added support for payment page transactions when integrating with PayU Romania.
Provider Integrations Added the option of passing payment facilitator information in integrations with PayU Single Platform.

October 2021

Payments API Added new response subcategory additional_customer_authentication_required.

September 2021

Provider Integrations Added support for the Challan bank transfer payment method in integrations with PayU India.
Provider Integrations Added support for passing a cof_consent_transaction_id field in integrations with PayU India.
Provider Integrations Added support for passing a custom_eft_reference reference number for reconciliation purposes, with EFT transactions passed to PayU South Africa.
Provider Integrations Added support for passing a custom mark_off reference number for reconciliation purposes, in integrations with PayU South Africa. Supported for card transactions only.

August 2021

Control Center Reports can now also be stored on the PaymentsOS SFTP Server when generating a report on-the-fly (previously this was only possible when scheduling a report).
Provider Integrations Added support for 3D Secure version 2 Internal for integrations with Nuvei.

July 2021

Reporting API Added the option to include the card_holder_name in a transaction report. This option has been added to both the PaymentsOS Control Center and the API. Note that you must be assigned the Personal-data Viewer role to include this column in a report.
Provider Integrations Added support for passing a pre-authorization indicator in integrations with Credorax and Nuvei.
Provider Integrations Added support for passing 3D secure external authentication data for integrations with PayU South Africa.
Reporting API Added the option to include report_id in the first row (header) or last row (footer) of a transaction and settlement report. This option has been added to both the PaymentsOS Control Center and the API.
Provider Integrations Added support for passing additional provider-specific information in integrations with PayU India.
Provider Integrations Added support for passing 3D secure external authentication data for integrations with PayU Asia Pacific.
Provider Integrations Added support for the M-Pesa payment method in integrations with PayU Kenya.

June 2021

Provider Integrations Added support for passing 3D secure external authentication data for integrations with PayU Brazil and PayU Colombia.
Payments API Added the option to pass the hashed card number in the Perform a Risk Analysis request for an untokenized partial credit card request.
Provider Integrations Merchants can now pass a customer's company_name, fiscal_code and tax_id in integrations with PayU Romania.
Provider Integrations Deprecated integration with Wirecard and Payease CUP.
Reporting API Added provider_configuration_name to the columns that can be included in a transaction report.
Control Center The Control Center UI is now also available in Polish.
Provider Integrations Added support for passing a Subvention EMI amount for installment payments passed to PayU India.

May 2021

Provider Integrations Added support for passing company name and tax ID for integrations with PayU Romania.
Provider Integrations Added support for fetching supported plans (such as installment plans) from PayU iyzico using the Retrieve Supported Plans API.
Reporting API Added the option to pass the date_format that should be applied to the dates in the generated report data. You pass the date_format when creating a report template.
Control Center The Control Center UI is now also available in Spanish (Latin America) and Portuguese.
Reporting API Added the option to filter the report data on a transaction_type of dispute.
Control Center Added support for showing dispute information in the Payment Search results. Note: this functionality is currently available for integrations with PayU Latam providers only.
Payments API Added the Disputes resource for fetching information about disputed payments. Note: this functionality is currently available for integrations with PayU Latam providers only.
Management API You can now also exclude fields from the Disputes resource when returned in the data object of the webhook event body. Use the Retrieve Blacklist Fields API request to fetch the list of fields that you can exclude.
Provider Integrations Added support for the WIRE payment method in integrations with PayU Romania.

April 2021

Secure Fields The Secure Fields form has been enhanced to support Chrome auto-complete for card numbers, and to return the card's BIN in the callback that is fired when an event is triggered on a form's field.
Control Center PaymentsOS users that are assigned the developer role can now also create, update or delete SFTP credentials for storing reports on the PaymentsOS SFTP Server.
Control Center PaymentsOS users that are assigned the developer role can now only invoke Refund requests in a test environment when doing so manually.
Provider Integrations Added support for passing SCA exemption reasons in integrations with Dalenys.
Payments API The following two additional sca exemption reasons fields have been added to the three_d_secure_attributes.sca_exemptions object in the Payments API: anonymous_prepaid_card, one_leg_out.

March 2021

Provider Integrations Added support for passing card on file indicators for integrations with PayU South Africa.
Provider Integrations Added support for passing card on file indicators for integrations with PayU India.
Provider Integrations Added support for passing 3D secure external authentication data and requests for SCA exemptions for integrations with Chase Paymentech.
Provider Integrations Integrations with Vantiv now support both external 3DS 1 and external 3DS 2 authentication flows.
Provider Integrations Added support for passing 3D secure external authentication data for integrations with Braintree.
Provider Integrations Added support for the Svyaznoy cash payment method for integrations with PayU Russia.

February 2021

Payments API PaymentsOS now supports network tokens (tokens generated through tokenization services offered by the card networks, such as Visa and Mastercard). See Network Tokens for more information.
Provider Integrations Integrations with PayU Argentina, PayU Brazil, PayU Chile, PayU Mexico and PayU Peru now support partial captures.
Management API You can now delete all sessions of the logged in user.
Management API You can now manually resend the latest webhook event. See Manually Resending the Latest Webhook Event for more information.

January 2021

Provider Integrations Integrations with PayU India now support additional transaction currencies. See PayU India Currencies for a list of supported currencies.

December 2020

Control Center You can now configure Decision Engine conditions for transactions using alternative payment methods. For more information, see Rules for Alternative Payment Methods.
Provider Integrations Integrations with PayU India now support recurring bank transfers through Netbanking (powered by e-NACH).
Provider Integrations Integrations with PayU iyzico now support a two-step (Authorize - Capture) payment flow. Use the Bodybuilder to generate a sample request.
Provider Integrations You can now pass data received from an external 3DS provider, with transactions routed to Nuvei (formerly SafeCharge). Use the Bodybuilder to generate a sample request. Note: internal 3DS 1 has been deprecated for integrations with Nevei (formerly SafeCharge)
Payments API If you operate as a payment facilitator, you can now pass the details of the merchant for which you facilitate transactions in the Create Authorization or Create Charge requests. Note: This is currently only supported for integrations with PayU Brazil.

November 2020

Reporting API Added the option of exporting additional data about a settlement report to the first row (header) or last row (footer) of the generated .csv file. This option has been added to both the PaymentsOS Control Center and the API.
Secure Fields Secure Fields Form version 3 is now available. This version introduces additional functionality (such as enhanced validation on user input) and offers more granular control over styling the input elements.
Reporting API Added new report column: instant_retry_attempts. This column holds the number of attempted transaction retries triggered by an instant retry rule.

October 2020

Control Center The Decision Engine's Instant Retry feature now also allows you to define error and error subcategory filters, allowing an instant retry rule to be fired off based on a generic (error category) or more specific (error subcategory) decline reason. For more information, see Configuring Instance Retry Rules.
Payments API Added support for passing a device_id (the unique ID of the device the purchase was made from) in a Create Authorization and Create Charge request.
Provider Integrations Fixed an issue in which the status of refunds was not always in sync with the refund status as registered with the PayU Latam providers.
Reporting API Added support for storing reports on the PaymentsOS SFTP Server.
Provider Integrations Added support for passing 3D Secure version 1 data received from an external MPI in payment requests routed to PayU India.
Provider Integrations Added support for Dynamic QR Code payments in transactions routed to PayU India.
Provider Integrations Added support for a UPI Intent transaction flow for payments routed to PayU India See Implementing a UPI Flow for more information.
Provider Integrations Fixed an issue in which the result and provider_data response objects were not populated with the correct response error, in the event of an asynchronous 3D secure flow via PayU Romania, PayU Turkey and PayU Russia
Provider Integrations Transaction requests routed to PayU Single Platform now also return a network_transaction_id in theprovider_data object, following a consent transaction for storing a customer’s card information.
Provider Integrations Transaction requests routed to PayU Single Platform now also return 3D Secure results in the provider_data.three_d_secure_result.internal object.
Provider Integrations Added support to PaymentsOS for handling authorized transactions that were manually captured through the PayU Single Platform management panel.
Provider Integrations Fixed an issue in which transaction requests routed to PayU Single Platform that were declined due to a CARD_INVALID_NUMBER error, returned an HTTP 400 response code. Now a resource is created in PaymentsOS and an HTTP 201 response code is returned.
Provider Integrations PaymentsOS now supports 3D Secure version 2 Internal with PayU Romania.
Reporting API Added support for generating settlement reports.

September 2020

Payments API The Payments API now returns a 429 HTTP response code in the event that too many requests hit the API too quickly.
Payments API The addendums.airline_passenger_itinerary.airline_designator_code field now also accepts digits.
Management API When downloading a Key PEM File after generating a RSA JSON Web Key (JWK), you can now specify whether to download it as file holding the JWK public key properties, or as a certificate that is self-signed by PayU as the certificate authority.

August 2020

Provider Integrations PaymentsOS now supports 3D Secure version 1 Internal with PayU Asia Pacific.
Provider Integrations PaymentsOS now supports BT24 Internet Banking and BCR Click 24 bank transfer payment methods with PayU Romania.

July 2020

Payments API PaymentsOS now allows you to perform a fraud risk analysis on a payment that was initiated, by invoking the Perform a Risk Analysis request.
Management API PaymentsOS now supports End-to-End Encryption (E2EE), allowing you to pass encrypted card data in an authorization request. You can use the Encryption Keys endpoints for generating a RSA JSON Web Key (JWK) to be used for encrypting the card data. For more information, see End to End Encryption.
Payments API PaymentsOS now provides a Retrieve Supported Plans endpoint for fetching details of plans (such as installment plans) configured in your provider account.
Provider Integrations Added support for domestic Chinese merchants who want to integrate with AliPay.
Provider Integrations Added support for credit card transactions with PayU Asia Pacific.
Provider Integrations Added support for passing a statement soft descriptor in payment requests routed to PayU South Africa.
Provider Integrations PaymentsOS now supports fast refunds for refund requests routed to PayU Romania, allowing a refund amount to be paid to the customer within 30 minutes after the refund has been processed. Fast refunds are supported for payments done in RON, EUR or USD with MasterCard or Visa.
Provider Integrations The provider_data returned in the response of transaction requests routed to PayU Romania, PayU Turkey and PayU Russia now also includes an rrn (retrieval reference number) field. The rrn can be used to track transactions at the issuer bank of the customer and the card scheme networks.
Provider Integrations Added support for installments with transactions routed to PayU India. This includes the ability to pass a code representing the number of allowed installments, as defined in your PayU India payment plan.
Provider Integrations You can now pass an invoice_id issued for transactions routed to PayU India. Use the Bodybuilder to generate a sample request.

June 2020

Provider Integrations Added support for automatic captures with PayU Single Platform.

April 2020

Payments API PaymentsOS now provides a 3D Secure Authentication service that handles the entire 3D secure authentication flow, with support for both 3D Secure version 1 and version 2.
Management API Added the authentication resource fields that can be excluded from a webhook's data object. See the Provider Retrieve Blacklist Fields API request.
Management API Added Features endpoints for fetching feature information from an account, and enabling or disabling a feature per Business Unit.
Reporting API Added new report columns: transaction_authentication_type, transaction_authentication_id, transaction_return_partial_result

November 2019

Reporting API Added new report columns: payment_statement_soft_descriptor, cof_transaction_indicators_card_entry_mode, cof_transaction_indicators_consent_transaction_id, transaction_three_d_secure_auth_status, transaction_three_d_secure_result_version, transaction_three_d_secure_result_eci, transaction_three_d_secure_result_type, provider_cvv_verification_code
Payments API The API now includes support for passing SCA (Strong Customer Authentication) exemption data in the three_d_secure_attributes.sca_exemptions object.
Payments API The three_d_secure_attributes.internal.product_code field is now required in an internal 3DS transaction flow when transacting against Credorax.

August 2019

Reporting API Introduced in version: 1.1.0 You can now Create a Report Schedule to automatically generate a report each day, week or month. Note: As part of this change, the timezone field was renamed to display_timezone.
Payments API The API now includes support for initiating a 3DS 2 internal and external transaction flow. The three_d_secure_attributes.external and three_d_secure_attributes.internal objects include all additional fields that should be passed as part of an internal or external 3DS 2 transaction flow.

July 2019

Payments API The provider_data object holding the response returned from a provider, now also includes a transaction_cost object. This object holds information about the fees that the provider applied to the transaction.

April 2019

Payments API Introduced in version: 1.3.0. If you are SAQ D compliant, you can now pass full credit card details in a Create Authorization, Create Charge and Create Credit request without using our tokenization service.
Payments API Introduced in version: 1.3.0. The three_d_secure_attributes object (passed in a Create Authorization , Create Charge and Create Credit request) has been modified to include a nested external object for passing data received from an external MPI.
Payments API Introduced in version: 1.3.0. The following fields/objects were added to the response of the Create Token request: holder_name,expiration_date,last_4_digits,billing_address (only applicable to a token_type of credit_card) and shipping_address.
Payments API Introduced in version: 1.3.0. The Create Token request now also returns a HTTP 503 status code in the event of a Service Unavailable error.
Payments API Introduced in version: 1.3.0. Instead of creating multiple Create Payment Method requests, you can now also pass an array of payment methods in a Create Customer request.
Payments API Introduced in version: 1.3.0. The eci_flag indicator (passed in the three_d_secure_attributes.external object of a Create Authorization, Create Charge and Create Credit request) now only accepts one of the values that can be returned by the card processing networks.
Payments API Introduced in version: 1.3.0. The provider response data (returned in the provider_data object) now also includes a cvv_verification_code field, holding the result of the CVV verification check performed by the card issuer.
Payments API Introduced in version: 1.3.0. The Payments API now strictly validates the data types you pass. If your data does not meet the API specification, an error will be returned.
Management API You can now retrieve the availability status of your providers. For more information, see the Provider Health API requests.

March 2019

Payments API The bank_code field was added to the response of the Retrieve Supported Payment Methods request.
Management API You can now exclude fields from the data object returned in the webook event body. See the Webhooks topic for more information.

September 2018

Webhooks Introduced in version: 1.2.0. The webhook body now also returns the complete transaction resource related to the Webhook event. Important: changes have been made to the structure of both the event body and the event header. See the Webhooks topic for more information.

January 2018

Payments API Introduced in version: 1.2.0. You can now save a token, so that customers do not need to re-enter their payment details each time they want to initiate a transaction on your site. The token object has been extended to include a state attribute whose value reflects the token's usage.
Webhooks An order_id (if available) has been added to the `resource` object.

November 2017

Payments API Introduced in version: 1.1.0. All amounts and unit_prices have been changed to minor currency units format, and their field types have been changed from double to integer (for details see the Minor Units Format guide.)
Payments API Introduced in version: 1.1.0. The type attribute was renamed to token_type, and a new type attribute was added. This change affects the token resource and the payment-method resource.
Payments API Introduced in version: 1.1.0. The country_code format, in the payment-method resource changed from 2 to 3 letter ISO 3166-1 alpha-3 format.
Payments API Introduced in version: 1.1.0. The payment_method object is now mandatory for the POST Authorize and POST Charge methods.
The payment_method_token and credit_card_cvv attributes were moved from the body of these methods, into the new mandatory payment_method object.
Payments API Introduced in version: 1.1.0. HTTP error code 504 was replaced by error code 503.
Payments API Introduced in version: 1.1.0. If the x-client-ip-address is not sent in POST Authorize or POST Charge methods, then we will no longer substitute the server ip_address as the default value.

October 2017

Payments API The following Response Sub-categories were added: insufficient_funds and lost_stolen_card.

July 2017

Webhooks Introduced in version: 1.0.1. The structure of the POST request body has been modified to include a resource object. You will not receive the new structure, unless you upgrade to this version.

Previous API Versions

Still on a previous API version? If so, you can find older references here:

Last modified March 15, 2024