Paviate Documentation

EMV Transactions

The EMV transaction process is designed to allow a merchant to enjoy the benefits of EMV transactions without having card information pass through their system. To achieve this, the merchant's POS system creates an EMV session with Payviate. When the session is started, Payviate will generate a LinkId that is used to track the between the POS and the EMV terminal. The EMV process uses the following steps:

  1. The POS system sends a request to Payviate to create an EMV session. Payviate responds with the LinkId.
  2. The EMV terminal sends a request to Payviate for all open EMV sessions.
  3. The EMV terminal presents a list of EMV sessions to the Cashier, and the Cashier selects the EMV session that is being paid.
  4. The EMV terminal gathers the card data and sends it to Payviate using the session's LinkId
  5. Payviate receives the card data and creates a token to represent the card.
  6. The POS system makes a request to Payviate with the LinkId. Payviate responds with the token that was created to represent the card. Since the token does not contain any card data, it can be stored in the merchant's POS.
  7. The POS sends an authorization request to Payviate with the token. Payviate uses the token to look up the card data and send a request to the card processor.
  8. Payviate responds to the POS' authorization request with a either an accept or decline. The EMV session is complete.
Each invoice/transaction in the merchant's system will use a unique EMV session. The LinkId provided should be applied to a single invoice. For the EMV process, the following API calls are made:
  1. The POS makes a post request to https://beta.ahtservices.com/ahtcp/payviate/webid/:webid/emv/links/ to begin the session.
  2. The EMV terminal makes a get request to https://beta.ahtservices.com/ahtcp/payviate/webid/:webid/emv/links/deviceid/:deviceid to retrieve the list of open sessions.
  3. The EMV terminal makes a post request to https://beta.ahtservices.com/ahtcp/payviate/webid/:webid/emv/terminaldata/ to send the card data to Payviate.
  4. The POS makes a get request to https://beta.ahtservices.com/ahtcp/payviate/webid/:webid/emv/tokens/linkid/:linkid to retrieve the token that Payviate created for the card data.