JavaScript Payment

The JavaScript Payment interface allows the customer's card data to be collected by Carat Portal on the merchant's page, exempting the virtual store from manipulating sensitive information and leaving this task under the responsibility of Carat Portal's PCI certified environment.

This interface is recommended to merchants who desire to have their own checkout page, while having a high security standard at the same time.

This solution is integrated with Carat Portal's REST payment interface. Learn more about REST Payment.

And to learn more about these nomenclatures (Bin, Software Express, Carat, e-Sitef) Learn more

Flow#

Flow description:

  • 1. The customer sends purchase data and proceeds to the payment screen.
    • 1.1. The Virtual Store creates a payment transaction on Carat Portal, sending additionally the payment_js parameter with the value true. Learn more.
    • 1.2. Carat Portal returns a NIT and a Pay Token to the store.
    • 1.3. The store displays its payment page to the customer, containing Carat Portal's script and the card data fields with the classes specified in Fields with card data.
  • 2. Customer fills their card data and clicks "pay". This click must call Carat Portal's payment script,passing the NIT, the Pay Token, their Merchant ID and callback functions (merchant's procedures that will be called after the payment).
    • 2.1. Carat Portal returns the payment result, including code, message and transaction status.
  • 3. Merchant's callback is called, which then sends Carat Portal's response to the merchant's server.
    • 3.1. The Virtual Store queries the transaction on Carat Portal. Learn more.
    • 3.2. Carat Portal returns the transaction status, as well as authorization information.
    • 3.3. The Virtual Store analyses the received information and redirects the customer to a success or failure screen.