RDP Direct API

Overview

Description and Requirements

Red Dot Payment (RDP)’s Direct API (DAPI) allows a non ‘3-D Secure’ transaction to be made through server to server communication. A non ‘3-D Secure’ transaction will cause there is no requirements to redirect cardholder to their issuing bank’s OTP page.

Some requirements for Direct API (DAPI):

  • For this ‘Direct API’ (DAPI), RDP server will be only allowing connection via TLS 1.2 or above.
  • For transaction request in ‘card mode’, merchant must comply with payment security standard industry, such as PCI-DSS (Payment Card Industry – Data Security Standard).

Direct API (DAPI) Process Flow

It consists of several steps, as per below:

    1. Merchant prepares their transaction request in JSON format.
    2. Merchant sends the corresponding transaction request to RDP’s service end-point by allocating the JSON-formatted transaction-request inside the BODY of its HTTP.
    3. Merchant should wait for a direct response from RDP payment gateway.
    4. RDP payment gateway will then establish a secure connection to particular or specific bank or acquirer; and process the transaction accordingly.
    5. RDP will return the result of transaction in a JSON-formatted response.

to determine

  1. Merchant should use the result from RDP their next business process and as a record of all history transactions.
  2. Result can also be retrieved via Query Phase (Query Result Handling)
  3. Result can also be retrieved via Notification result (Push Notification Result)

DAPI process flow.

Fig 3-1. DAPI process flow.