Release Notes

We continually improve Access Worldpay with new features and upgrades. Here's a summary of our latest releases.

Events

Additional Events (20 May 2024)

We have added the following events:

  • settled
  • settlementFailed
  • refunded
  • informationRequested

These events are dependant on certain use cases and we don't always return them. Please speak to your Implementation Manager for further information.


Checkout SDK

React Native Version 3 (15 May 2024)

Support for SAQ-compliance

  • We have added a new UI Component (AccessCheckoutUITextField) dedicated to capturing and encapsulating your customer's card details to minimize your exposure to PCI Data.

Simpler integration with useAccessCheckout() hook

  • introducing a useAccessCheckout() hook where all merchant configuration for sessions and validation is provided

Version 2 functionality that is deprecated in version 3:

  • Support for standard TextInput components has been removed. You must now use AccessCheckoutTextInput components
  • Support for the AccessCheckout class and the useCardValidation / useCvcOnlyValidation has been removed and is replaced by the useAccessCheckout() hook

Card Payments API

Merchant Initiated Transactions (30 April 2024)

We have now added support for Merchant Initiated Transactions (MIT) to Card Payments Version 7.


Card Payments API

Funds transfers (30 April 2024)

You can now submit funds transfers (otherwise known as Account Funding Transactions or AFTs) using the instruction.fundsTransfer object in your authorization request. Non-purchase money movements from a Visa or Mastercard to another account should typically use this.


Checkout SDK

Session without CVC (25 April 2024)

You can now omit CVC when creating a card session with our Web SDK.


APM API

Release of Multibanco (11 April 2024)

You can now start using:


All APIs (except Payouts API)

ELO and EFTPOS support (09 April 2024)

You can now accept ELO and EFTPOS as a payment method.


Card Payments API

Consumer Bill Payment flag (09 April 2024)

You can now submit a consumerBillPayment flag in your authorization request. If you are registered with Visa as a Consumer of the Bill Payment Service (CBPS), you must set this to true for any payments associated with the CBPS.


Card Payments API

Latin America Installments (04 April 2024)

You can now submit Latin America installment payments using the instruction.customerAgreement object in your authorization request. This allows your customers to opt to pay the full value in installments.


Card Payments API

Latin America Document Reference (04 April 2024)

You can now submit the customer.documentReference in your authorization request. This is used in some Latin America regions to verify the identity of the cardholder using a tax or document reference. It is strongly recommended to include this for Brazil domestic processing.


Card Payments API

Recipient fields (MCC 6012) (04 April 2024)

You can now submit the recipient object in your authorization request. If you are using MCC 6012 in Europe, you should include data about the recipient of financial services within this object.


APM API

Release of new APMs (20 March 2024)

You can now start using:

You can now view documentation for:


Account Verifications API

New optional consumerBillPayment field in instruction object (v5) (25 March 2024)

You can now send a consumerBillPayment field in your Verification request. Customer's of Visa's Consumer Bill Payment (CBP) service must set this to true.


Events API

Additional IPs (07 March 2024)

We have added additional IPs for outgoing traffic. You must whitelist all of our IPs on your Web Application Firewall (WAF) to allow webhooks to be received by 8th April 2024.

List of additional IPs
3.11.50.124
3.11.213.43
3.14.190.43
3.121.172.32
3.125.11.252
3.126.98.120
3.139.153.185
3.139.255.63
13.200.51.10
13.200.56.25
13.232.151.127
34.236.63.10
34.253.172.98
35.170.209.108
35.177.246.6
52.4.68.25
52.51.12.88
108.129.30.203

APM API

Release of Bandcontact and Przelewy25 (29 February 2024)

You can now start using:


Verified Token API

New Verified Tokens endpoint (all version) (28 February 2024)

We have added a new oneTime endpoint. You can use this endpoint if PSD2 regulations apply to you (primarily if you are located in the UK, EEA, and Gibraltar). If you intend to keep the token for future payments, proceed to a challengeMandated 3DS flow to remain SCA compliant, before taking a payment.

You can also use this, if you want to take a one-off payment. You must delete the token afterwards.


APM API

Release of Trustly (26 February 2024)

You can now start using:


Card Payments API

Card Payments Version 7 (20 February 2024)

The new Card Payments API introduces new endpoints to simplify your integration.

To upgrade, read through our migration guide which holds a summary of the changes/new features.


APM API

Release of Open Banking (23 January 2024)

You can now start using:


Checkout SDK

Checkout iOS and Android SDK Version 3 (22 January 2024)

We have released Version 3 of our iOS and Android SDKs.

Enhanced card session support

  • The SDKs now return a card session URL in the form of https://access.worldpay.com/sessions/.... Previously, the card session URL looked like this: https://access.worldpay.com/verifiedTokens/sessions/...

The format of the new card session URL supports our new upcoming Payments API, whilst also remaining compatible with our Verified Tokens API.

SAQ-A compliance support

  • We have added a new UI Component (AccessCheckoutEditText) dedicated to capturing and encapsulating your customer's card details to minimize your exposure to PCI Data.

Version 2 functionality that is deprecated in version 3:

  • Support for using EditText(Android)/UITextField (iOS) (planned removal in version 4)
  • Support for directly passing card details to create an instance of CardDetails (planned removal in version 4)
  • Support for using merchantId() in AccessCheckoutClientBuilder to pass your Checkout ID is deprecated and replaced by checkoutId() (planned removal of merchantId() in version 4)

Checkout SDK

Checkout Web and React Native SDK Version 2 (22 January 2024)

We have released Version 2 of our Web and React Native SDKs.

  • The SDKs now return a card session URL in the form of https://access.worldpay.com/sessions/.... Previously, the card session URL looked like this: https://access.worldpay.com/verifiedTokens/sessions/...

The format of the new card session URL supports our new upcoming Payments API, whilst also remaining compatible with our Verified Tokens API.


Account Verifications API

New optional recipient object in Verification request (18 January 2024)

You now have the option to send a recipient object within your Verification request. You should send this if your MCC is 6012 or 6051 to remain PSD2 compliant and avoid acquirers refusing your payment.


3DS API

Network Payment Token support for 3DS authentications (17 January 2024)

You can now authenticate a Network Payment Token using the "card/networkToken" paymentInstrument via the 3DS SDK and Web flow.


3DS and Card Payments API

Added support for Cartes Bancaires in 3DS2 authentications (10 January 2024)

We now provide additional values in the authentication and 3DS verification responses when the card brand is Cartes Bancaires. These additional values must then be applied in the authorization request.


Releases 2023

APM API

Release of Giropay, Konbini, UnionPay and SEPA (12/07/2023)

You can now start using:


All APIs

New rawCode in refused responses (11/28/2023)

You can now receive a rawCode in refusal responses. See raw response codes for more information.


3DS API

Acquirer Id in 3DS request (11/28/2023)

You can now supply the merchant.acquirerId in your authentication request. This flags to the issuer that the following authorization will be done with an external acquirer.


Payments API

Magic values for online refunds (11/27/2023)

Use our magic values to test your online refunds.


Payments API

Apple Pay decrypted support for authorization endpoint (v6) (11/06/2023)

You can now use our card/networkToken+applepay paymentInstrument with our one time authorization endpoint.


Payments API

Additional fields returned in payment response (v6) (11/06/2023)

You now receive a paymentInstrument object in authorized responses to your authorization request, and Sent for Settlement responses to your sale request for card/plain, card/token, and card/checkout.


Payments API

Card network token support in payment request (v6) (11/06/2023)

You can now use our card/networkToken paymentInstrument in our authorization and migrateCardOnFileAuthorize endpoints.


All APIs

New rawCode in refused responses (10/12/2023)

You can now receive a rawCode in refusal responses. See raw response codes for more information.


HPP

New conditional field in HPP request (v1) (10/12/2023)

You can now submit the expiry in a hosted payment pages request. This allows you to configure the duration your customer can access the payment link.

An example of when you might use this, is issuing invoices or putting a hold time on an order.


Verifications API

New rawCode field in Verification response (10/06/2023)

You may now receive the rawCode in our Verification response. This allows merchants with multiple PSPs to have a common retry logic using the raw response code from the card scheme.


Payouts API

Payouts Version 4 (09/11/2023)

  • Version 4 introduces Mastercard Send. This allows you to send funds directly to a consumer's bank account within 30 minutes or less using fastAccess endpoint. This change introduces updates to the Payouts responses.

  • Additionally, Version 4 removes the "queryRequired" value as the outcome, so that the next actions for an inconclusive payout are more clear to you.


All APIs

New optional email and telephone fields in Payment Facilitator merchant block (08/24/2023)

  • You now have the option to send an email and telephone field within your payment facilitator merchant object.

All APIs

Payment Facilitator Sub-Merchant ID max length increased to 15 (08/16/2023)

  • The paymentFacilitator merchantId now has a maximum digit length of 15. The previous limit was 7.

Payments API

New intent for card on file endpoints ("07/06/2023)

  • You can now submit a new intent value of subscription in your card on file request.

Events

New public certificate for Events service (06/29/2023)


HPP/ Docs

Hosted Payment Pages/ Doumentation landing page update (06/15/2023)

  • We have released our Hosted Payment Pages API documentation. Alongside, we have redesigned our landing page to make the decision, which integration is for you, easier.

ALL APIs

Updated security best practices (05/31/2023)


Tokens API

Added PAR support for Network Tokens (05/18/2023)


Payments API


Payments API

New Mastercard test values (04/20/2023)

  • We have added a new set of Mastercard refusalAdvice magic values. This enables to you to test the different refusal outcomes in your Payment response.

Verifications API

New optional refusalAdvice field in refusal response (04/20/2023)

  • You will now receive a Merchant Advice Code (MAC) as overrideName in the not verified response, if you have requested to receive this.

APMs API

Optional billing address and email address for Paypal (04/03/2023)


Tokens API

Increase allowed Token updates (03/15/2023)

  • We have increased the number of updates you can make to a token in a rolling 30 day period, from 10 updates to 50.

Payments API

New Payment Facilitator fields (03/14/2023)


Payments API

Payment Facilitator field state validation change (03/14/2023)


Tokens API

New fundingType field in Token response (03/08/2023)

  • You now receive a new fundingType field in your token response with possible values of:

    • debit
    • credit
    • unknown

Verifications API

Additional fundingType values in response (v4 + v5) (03/01/2023)

  • The field fundingType in the paymentInstrument object of your Verification response can now have the following additional values:

    • chargeCard
    • prepaid
    • deferreddebit
  • We have added these to the already existing values of debit and credit.


Verifications API

New optional category field in response (v4 + v5) (03/01/2023)

  • You now have an additional field of category in the card section of your oneTime response if you have opted in to receive it.

Checkout SDK

Release of React Native SDK (02/28/2023)

  • You can now integrate our React Native SDK into your native app to create uniquely styled and branded checkout forms.

## FraudSight

Optional IP address field in fraud assessment request (02/15/2023)

  • You now have the option to send the IP address of your customer's device in the fraud asssessment request.

  • If you are not supplying device data via ThreatMetrix, you can send the IP address in this field and create manual fraud rules.


3DS API

Optional override field for authentication requests (02/15/2023)

  • You now have the option to send overrideName in your authentication request with our 3DS Web API. This field allows you to override the merchant name sent to the issuer.

3DS API

Optional shipping address fields in 3DS authentication request (v2/v3) (02/15/2023)

  • You now have the option to send the shipping address in the authentication request for our 3DS Web API and Android-iOS SDKs.
Tip:

We recommend you send these details, if the shipping address is different to the billing address.


Verified Tokens API

Extended expiry for tokens and verified tokens (01/31/2023)

  • The default expiry date/time of a token is 7 days in Try and 4 years in the Live environment. This expiry is extended by 7 days or 4 years after any use of the token, if under half of the time remains on the token.

Docs

New documentation menu (01/30/2023)

  • We have changed the left hand navigation of our documentation. This will help you to find the right API documentation quicker.

ALL APIs

Updated security best practice (01/23/2023)

  • We have updated our "certificate handling" page to a security best practices guide.

  • We have now included a set of our latest secure set of ciphers. Additionally, you will find information on our Client Authority. Our certificates will switch from presenting certificates signed by DigiCert to Sectigo.


Payments API

Network tokens (v3) (01/06/2023)

  • You can now create network tokens and cryptograms with our Tokens API. You can use these for card on file sale payments.

  • You can also use these tokens across other service providers or payment gateways.


Releases 2022

Optional shopperId field in fraud assessment request (12/15/2022)

  • You now have the option to send a shopperId field with account risk data in the fraud assessment request.

  • Use shopperId to create manual fraud rules and identify your customers.


Money Transfers (12/07/2022)


MOTO payments (v6) (11/29/2022)


Caret color customization and numeric keypad (Web Checkout SDK) (11/07/2022)

  • You can now customize the caret color in PAN, Expiry date and CVC input fields with the new version of our Web SDK 1.11.0.

  • On mobile devices, these input fields now display a numeric keypad as the customer enters their card details.


ACH verification (v5) (11/07/2022)

  • You can now verify the accounts of your US-based customers with our ACH verification service.

3DS API

3DS1 test values unavailability (10/18/2022)

  • 3DS1 test values are no longer available by default as 3DS1 has been decommissioned by the card schemes. We can enable these test values if required.

Optional shipping address field in PayPal sale request (10/12/2022)

Sending shipping address details is now optional in PayPal sale request.


Optional cardholder name field in 3DS authentication request (10/12/2022)

Sending the cardholder name is now optional in 3DS authentication request.


Optional CVC field in the verification request (v5) (10/11/2022)

You now have the option to submit the CVC in the one-time and card on file verification requests with a token.

Providing the CVC value can improve the verification acceptance rate.


Optional device data fields in 3DS authentication request (v2/v3) (10/10/2022)

You now have the option to send the browser language and IP address details of your customer's device in the authentication request for our 3DS Web API and our Android-iOS SDKs.

In case of unsuccessful device data collection, providing these values increases the chances of successful authentication.


riskProfile in card on file (with verification) payment requests (v6) (07/04/2022)

You can now submit your riskProfile to our card on file (with verification) endpoint in your payment requests. You then receive an exemption result and reason in the response.

Use it to apply the SCA exemption in the payment request and update the FraudSight data model to benefit future payments.


Optional field in verification requests for cardOnFile resource (06/20/2022)

You can now supply storedCredentials.reason as an optional field in the cardOnFile intelligent verification request and dynamicCardOnFile verification request.

This optional field in the verification request allows you to indicate the reason for merchant initiated transactions using stored credentials.


Swift package manager support (version 2.4.0 onwards) (06/15/2022)

Swift package manager support is now available for our iOS SDK version 2.4.0 onwards.


Partial refund for iDEAL payments (05/31/2022)

You can now take partial refunds for iDEAL payments.


Partial refund for PayPal payments (05/25/2022)

You can now take partial refunds for PayPal payments


Refund request URI update (iDEAL) (05/06/2022)

We have updated the refund request URI for you to process the full refund for iDEAL payments.


Release of iDEAL (03/17/2022)

You can now take payments using iDEAL.


Release of PayPal (03/08/2022)

You can now take payments using PayPal.


Additional elements for not verified token response (all versions) (03/08/2022)

  • In version 3, we now create unverified tokens in case of account verification failure and return code and description as part of the "not verified" token response.

  • In version 2, we now create a unverified token href in case of account verification failure and return code and description as part of the "not verified" token response.

  • In version 1, we now create a unverified token href in case of account verification failure as part of the "not verified" token response.


React.js integration example for our Web SDK (02/24/2022)

We have added an integration example using a React.js application to our Web SDK documentation.


New remove feature for our Web SDK (02/24/2022)

We have added a feature allowing you to remove the Web SDK from a page.


Releases 2021

Tokens version 3 (12/28/2021)

Version 3 is introduced to successfully process entity based billing. You must now supply the new mandatory field merchant.entity in your create token request.


Vue.js integration example for our Web SDK (12/08/2021)

We have added an integration example using a Vue.js application to our Web SDK documentation.


Network token for card on file sale requests (11/09/2021)

You can now use our card/networkToken paymentInstrument in our `payments:migrateCardOnFileSale endpoint.

A network token uses a 16-digit token number, provided by the schemes, to replace an original card number.


Scheme reference for card on file token requests (09/10/2021)

You can now submit the scheme reference in your migrateCardOnFile token and migrateCardOnFileSale token requests.

This request parameter allows you to take a repeat payment with our APIs, linking to an agreement established with a different PSP.


PAN formatting feature for Checkout SDK (09/06/2021)

You can now use PAN formatting for our Android, iOS and Web SDK. The card number formats as the customer types when you implement this feature.


Payouts to wallets (06/11/2021)

You can now make a payout to a wallet.


Release of Canadian EFT (05/25/2021)

You can now take payments using Canadian Electronic Funds Transfer (EFT).


Exemption result for one time auth (05/25/2021)

You now receive an exemption result result and reason in your authorization response if you have provided a riskProfile in your request. v6


3DS version 3 (05/12/2021)

Version 3 of our 3DS API has a new set of magic values used by the Cardinal Sandbox. It also comes with an improved look for the challenge display.


Risk factor results (04/09/2021)

You now receive a verificationFailed result in your authorization response if the issuer identifies a conflict.


Optional narrative field in verified token request (03/19/2021)

You now have the option to supply a narrative in your verified token request, allowing your customers to clearly see where the verified token request is coming from and helping to avoid confusion.


Card brand configuration for our iOS and Android SDK (03/15/2021)

You can now customize your checkout further by configuring your card brands. This new and optional feature allows you to restrict the cards that you accept on your checkout form for our android and iOS SDK.


Optional narrative field in verified token request (03/09/2021)

Sending the cardholder name is now optional for our Payments, Verifications and Payouts service. Whilst we still recommend that you send this information, you now have the option to omit it.


Card brand configuration for our Web SDK (02/15/2021)

Control the cards you want to accept on your checkout form with our card brand configuration feature for our Checkout Web SDK.


Optional statement narrative for verifications (02/15/2021)

We've made the statement narrative element for our Verification service optional. This now defaults to 'Active Card Check' if you don't supply a narrative.


Payouts to a Wallet with Apple Pay decrypted (01/27/2021)

Send funds to your customers' Apple Pay accounts using our Apple Pay decrypted payment instrument for Payouts.


Customization for our Checkout iOS SDK validator (01/11/2021)

We have released a new version of the iOS SDK - 2.1.0. This version allows for UITextFields in the validation feature.


Releases 2020

Apple Pay decrypted for recurring payments (11/27/2020)

Use the decrypted model for Apple Pay Merchant Initiated Transactions to submit a payment request using Network Token details - useful if you're using tokens across multiple providers.


Apple Pay decrypted verifications (11/23/2020)

Use the decrypted model for Apple Pay to verify accounts and submit a payment request using Network Token details - useful if you're using tokens across multiple providers.


Release of our first APM - ACH/ eCheck (11/19/2020)

We've created a new APM (Alternative Payment Methods) section in our docs under the 'pay' product category which contains individual guides for each APM as we release them. With that comes our first APM guide for ACH, also known as eCheck payments - a popular credit transfer and Direct Debit payment method for our US customers.


Apple Pay decrypted for card on file payments (11/17/2020)

Use the decrypted model for Apple Pay Customer Initiated Transactions to submit a payment request using Network Token details - useful if you're using tokens across multiple providers


Accessibility feature for Web SDK (11/10/2020)

Set your accessibility configuration to set the language of an element for screen readers and help ensure your checkout meets an AA rating against WCAG standards.


Clear form feature Web SDK (11/10/2020)

Use clear form on our Checkout Web SDK to input multiple sets of card details without reloading the SDK.


CVC session lifespan increase (10/19/2020)

The lifespan of the CVC session for our Checkout SDK has increased to 15 minutes, giving you longer to take a payment.


Optional billing address in Mobile Wallet requests (10/06/2020)

You now submit your customer's billing address details in your requests for Mobile Wallet payments.


AVS results in Mobile Wallet responses (09/22/2020)

You now get AVS results returned in our responses for Mobile Wallet payments. This helps your business understand risk factors where your customer's AVS is unchecked, unmatched, or unsupplied.


Querying Mobile Wallet tokens (09/01/2020)

We've included instructions on how to query card network tokens in our Tokens documentation - Use this to show the tokenized card details to your customer on a payment page, or if you need a next available action link to update your customer's details.


Verified Tokens version 3 (08/18/2020)

We've released Version 3 of our Verified Tokens service, helping you analyse transactions with card data returned in our Verified Token responses.


Checkout SDK version 2 (07/30/2020)

You can now create a CVC session for iOS and Android when submitting a payment alongside a new or card on file Verified Token. This provides extra security and is required for MCC 7995, 7800, 7801, 7802 and 9406, if you are not authenticating your customer.


Verifications version 5 (06/18/2020)

You must now submit narrative in your intelligent and dynamic verification requests.


Tokens version 2 (06/08/2020)

Our new Tokens version 2 API gives you improved analytics - returning the BIN and card brand extra data alongside the token content.


Scheme reference submission (05/28/2020)

You can now submit the scheme reference in your repeat payment requests. This allows you to take a repeat payment with our APIs, linking to an agreement established with a different PSP.


3DS version 2 (05/26/2020)

We have introduced a new error for invalid card numbers and have changed the formatting of all our error messages within the 3DS service. Our authentication responses now also include a payload, ready in support for a native mobile integration. And, useful for tracing, we are now sending the transactionId in our signatureFailed outcome response.


We'll now send you a cancel link for a partially settled payment to let you release funds.


Payouts version 3 (05/11/2020)

Version 3 introduces updates to the merchant response. The curies array block now only lives inside the _links JSON block.


Payouts response format changes (5/11/2020)

The curies array block has been updated to live inside the _links JSON block as well as outside.


New character for transactionReference (05/05/2020)

You can now accept + as a character in the transactionReference field. Click here to see more information on our formatting rules.