Operations
API operations overview
Before exploring the features provided by the API, it’s important to understand the key concepts involved in processing credit card transactions. These operations are fundamental to ensure a secure and efficient checkout flow in your e-commerce.
Core operations
The table below highlights the main available operations and their descriptions:
| Propriedade | Descrição |
|---|---|
| Payment | The primary e-commerce operation—this is how a sale is completed. |
| Cancellation | Used to void/refund a sale on the same day it was captured. |
| Authentication | A process that adds an extra security layer to the sale by validating it in the Payment Gateway. |
| Tokenization | Enables secure transactions by replacing the card number with a token. |
Return code table
When using our API, you’ll receive JSON responses with detailed information about the status of each operation. The table below highlights the main return codes and their descriptions:
| Código | Descrição |
|---|---|
| 00 | SUCCESS |
| 01 | TRANSACTION NOT AUTHORIZED BY ISSUER - 01 |
| 03 | TRANSACTION NOT AUTHORIZED BY ACQUIRER - INVALID MERCHANT - 03 |
| 04 | TRANSACTION NOT AUTHORIZED - INVALID CARD - 04 |
| 05 | TRANSACTION NOT AUTHORIZED BY ISSUER - 05 |
| 06 | TRANSACTION NOT AUTHORIZED - UNKNOWN - 06 |
| 07 | TRANSACTION NOT AUTHORIZED - INVALID CARD - 07 |
| 12 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 12 |
| 13 | TRANSACTION NOT AUTHORIZED - INVALID AMOUNT - 13 |
| 14 | TRANSACTION NOT AUTHORIZED - INVALID CARD - 14 |
| 15 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 15 |
| 19 | TRANSACTION NOT AUTHORIZED - TRY AGAIN - 19 |
| 30 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 30 |
| 38 | TRANSACTION NOT AUTHORIZED - INVALID PIN/PASSWORD - 38 |
| 39 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 39 |
| 40 | TRANSACTION NOT AUTHORIZED - INVALID FUNCTION - 40 |
| 41 | TRANSACTION NOT AUTHORIZED - LOST/STOLEN CARD - 41 |
| 43 | TRANSACTION NOT AUTHORIZED - STOLEN CARD - 43 |
| 46 | TRANSACTION NOT AUTHORIZED - ACCOUNT CLOSED - 46 |
| 51 | TRANSACTION NOT AUTHORIZED BY ISSUER - 51 |
| 52 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 52 |
| 53 | TRANSACTION NOT AUTHORIZED - INVALID TRANSACTION - 53 |
| 54 | TRANSACTION NOT AUTHORIZED BY ISSUER - EXPIRED CARD - 54 |
| 55 | TRANSACTION NOT AUTHORIZED - INVALID PIN/PASSWORD - 55 |
| 57 | TRANSACTION NOT AUTHORIZED BY ISSUER - 57 |
| 58 | TRANSACTION NOT AUTHORIZED - NOT PERMITTED FOR MERCHANT - 58 |
| 59 | TRANSACTION NOT AUTHORIZED BY ISSUER - SUSPENDED CARD - 59 |
| 61 | TRANSACTION NOT AUTHORIZED - LIMIT EXCEEDED - 61 |
| 62 | TRANSACTION NOT AUTHORIZED - RESTRICTED CARD - 62 |
| 63 | TRANSACTION NOT AUTHORIZED - INVALID PIN/PASSWORD - 63 |
| 65 | TRANSACTION NOT AUTHORIZED BY ISSUER - 65 |
| 70 | TRANSACTION NOT AUTHORIZED - UNKNOWN - 70 |
| 75 | TRANSACTION NOT AUTHORIZED - INVALID PIN/PASSWORD - 75 |
| 78 | TRANSACTION NOT AUTHORIZED - BLOCKED CARD - 78 |
| 79 | TRANSACTION NOT AUTHORIZED - Card Fraud/Security - 79 |
| 82 | TRANSACTION NOT AUTHORIZED - Card Fraud/Security - 82 |
| 83 | TRANSACTION NOT AUTHORIZED - Card Fraud/Security - 83 |
| 91 | TRANSACTION NOT AUTHORIZED - BRAND/ISSUER UNAVAILABLE - 91 |
| 93 | TRANSACTION NOT AUTHORIZED - INVALID CARD - 93 |
| 94 | TRANSACTION NOT AUTHORIZED - DUPLICATE TRANSACTION - 94 |
| 96 | TRANSACTION NOT AUTHORIZED - PROCESSING ERROR - 96 |
Test cards for the sandbox environment
You can use the cards below to test operations in the sandbox environment:
| Bandeira | Número do Cartão (PAN) | Validade | CVV |
|---|---|---|---|
| Mastercard | 5200 0000 0000 2151 | 25/09 | 123 |
| Visa | 4000 0000 0000 2503 | 25/12 | 123 |
| AMEX | 3400 0000 0000 2534 | 25/10 | 1234 |
| Hipercard | 6062 8288 9854 1988 | 25/09 | 123 |
| ELO | 6505 2900 0000 2190 | 25/11 | 123 |
3DS test cards
Use the cards below to simulate different 3DS authentication scenarios in the sandbox environment:
| Brand | Card Number (PAN) | Scenario |
|---|---|---|
| VISA | 4000 0000 0000 2503 | Traditional challenge authentication completed successfully |
| VISA | 4000 0000 0000 2370 | Traditional challenge authentication failed because the cardholder provided an incorrect response. |
| VISA | 4000 0000 0000 2420 | Challenge authentication is currently unavailable |
| VISA | 4000 0000 0000 2644 | Challenge authentication system failed during the process |
| VISA | 4000 0000 0000 2701 | Frictionless authentication succeeded, representing that the cardholder was authenticated by the issuer. |
| VISA | 4000 0000 0000 2925 | Authentication failed by the card issuer without challenge |
| VISA | 4000 0000 0000 2719 | The cardholder is enrolled in 3DS, but the issuer does not support the program, resulting in an alternative authentication experience. |
| VISA | 4000 0000 0000 2313 | Authentication is currently unavailable |
| VISA | 4000 0000 0000 2537 | Authentication rejected by the issuer without requiring a challenge. |
| VISA | 4000 0000 0000 2990 | Authentication unavailable during lookup due to a system error. |
| VISA | 4000 0000 0000 2446 | An unexpected error occurred during the later phase of authentication processing. |
| VISA | 4000 0000 0000 2354 | Timeout exceeded while processing the cmpi_lookup message, resulting in a transaction error. |
Developer tips
- Always use secure connections (HTTPS) when consuming the API.
- Handle authentication tokens carefully, avoiding exposure in logs or clients.
- Keep up with our updates to stay compliant with the latest industry standards.
For questions or issues, visit the support section in