Developer
  • Getting started keyboard_arrow_down

    Discover

    • arrow_forward
      EV Charging

      Discover our unattended POS solution for the ev market

    Our solutions

    • arrow_forward
      CCV Terminal

      Integrate with a CCV Terminal

    • arrow_forward
      SoftPOS

      Turn your own device into a payment terminal

    • arrow_forward
      CCV Online Payments

      Accepting online payments in your platform without technical knowledge

    • arrow_forward

    • arrow_forward

    Connect to the CCV Platform

    Integrate our products into your software. Let's make payment happen together!

    Look at all the possibilities
  • Documentation
  • API Reference
menu
    • expand_less Payment API
      • expand_less General
        • Communication
        • Environments
        • Authentication
        • Idempotency
        • Transaction Types
        • Webhooks
        • Notifications
        • Error Handling
        • Security & Privacy
        • Return URL
      • expand_more Online Payments
        • expand_more Quick Start
          • Initial Setup
          • Create Payment
        • expand_more Basic Operations
          • Create A Payment
          • Refund A Payment
          • Authorise & Capture Payments
          • Query The Payment Status
        • expand_more Payment Features
          • expand_more 3D-Secure 2
            • SCA And 3D-Secure 2
            • Compliance Guide
            • Out Of Scope Transactions
            • Exemptions
          • Payment Links
          • Merchant Initiated Payments
          • Embedded Card Payments
          • Mandates
          • Customers & Loyalty
          • Partial Payment
        • expand_more Payment Methods
          • American Express
          • Apple Pay
          • Google Pay
          • expand_more Bancontact
            • Bancontact Walled Initiated Payments (WIP)
            • Bancontact Deferred Sales
          • Bancontact Mobile
          • Banktransfer
          • IDEAL
          • Klarna
          • Landingpage
          • Maestro
          • Mastercard
          • Payconiq
          • Paypal
          • Visa
        • expand_more Payouts
          • Split Payout
          • Test Payout
        • expand_more Developer Resources
          • Currencies
          • Languages
          • Payment Testing
          • Test Cards
      • expand_more In-person Payments
        • expand_more SoftPOS
          • expand_more General
            • Getting Started
            • Device Requirements
            • SoftPOS TerminalIds
            • SoftPOS Errors
            • Currencies
            • Languages
            • Network And Connectivity
            • Release Notes
          • expand_more Basic Operations
            • Install A Terminal
            • Make A Payment
            • Handling Receipts
          • expand_more API Reference
            • SoftPOS - API Reference
    • expand_more Board Your Merchants At CCV
      • expand_more General
        • Getting Started
        • Authentication
      • expand_more Boarding API
        • StartOrder
        • AddSalesPackage
        • AddProductPSPStandalone
        • AddProductPSPSubmerchant
        • AddTerminalPackage
        • SetShoppingCartPricingDetails
        • SubmitOrder
        • Boarding
      • API Reference
    • expand_more Android Rest Beta API
      • expand_more General
        • Getting Started
        • Brands
        • Supported Languages
      • expand_more Basic Operations
        • Make A Payment
        • Cancel A Payment
        • Handling Receipts
        • Show Display Messages
        • Recover A Payment
      • expand_more Payment Features
        • Authorise & Capture
        • Capture
      • expand_more Terminal Features
        • Transaction Overview
        • Brands
        • Period Closing
        • Terminal - Status
      • expand_more Tokenization
        • Tokenization - Get A Card Token
        • Read A Mifare Card
        • Custom Text On Terminal
      • expand_more API Reference
        • API Reference
    • expand_more Android SDK
      • expand_more General
        • Getting Started
        • Demo Application - Android SDK
        • Result States
        • Language Codes
        • Error Handling
        • Logging
        • EP2
        • Download SDK
        • Release Notes
      • expand_more Basic Operations
        • Make A Payment
        • Stop Ongoing Payment
        • Recover A Payment - Android SDK
      • expand_more Payment Features
        • Account Selection - Android SDK
        • Additional Receipt Text - Android SDK
        • Allow Or Deny Card Brands - Android SDK
        • Authorisation By Voice - Android SDK
        • Authorise - Android SDK
        • Capture - Android SDK
        • Card Detection - Android SDK
        • Card Detection Deprecated - Android SDK
        • Card Token - Android SDK
        • Card Validation - Android SDK
        • Customer Display - Android SDK
        • E-Receipt - Android SDK
        • Manual Card Information Entry - Android SDK
        • Payment Reversal - Android SDK
        • Refund - Android SDK
        • Request Transaction Information - Android SDK
        • Reservation - Android SDK
        • German Eichrecht - Android SDK
      • expand_more SDK Guides
        • Activate Terminal - Android SDK
        • Card Circuits - Android SDK
        • Card Reader Status - Android SDK
        • Card Reader Status - Android SDK
        • Check Password - Android SDK
        • Factory Reset - Android SDK
        • Get Config - Android SDK
        • Get Status - Android SDK
        • Mobile Phone Prepaid - Android SDK
        • Online Agent - Android SDK
        • Partial Period Closing - Android SDK
        • Period Closing - Android SDK
        • Possible Transaction Types - Android SDK
        • Retrieve Last Ticket - Android SDK
        • Retrieve Open Pre Authorisations - Android SDK
        • Startup - Android SDK
        • Taxfree - Android SDK
        • Terminal Administration - Android SDK
        • Terminal Discovery - Android SDK
        • Ticket Reprint Period Closing - Android SDK
        • Transaction Overview - Android SDK
        • Check Password - Android SDK
      • expand_more Hardware Access
        • Getting Started
        • NFC - Android SDK
        • Printing - Android SDK
        • QR And Barcode Scanner - Android SDK
      • expand_more API Reference
        • API Documentation
    • Android App Requirements
    • expand_more Certification
      • Introduction
      • expand_more Attended Certification Tests
        • expand_more Aborting
          • F1A - Regular Abort By Merchant
          • F1B - Failing Abort By Merchant
          • F1D - Hammering Abort By Merchant
        • expand_more Allowed Amounts
          • S1A - Transaction With Amount Of EUR 0,00
          • S1B - Transaction With Negative Amount
          • S1C - Transaction With Highest Possible Amount
          • S1D - Over-Amount Transaction
        • expand_more Connection Lost
          • Q1B - Manual Transaction Recovery
          • Q1C - Ethernet Connection With ITS Fails
          • Q1F - Device Unavailable
          • Q1G - Terminal Not Responding
          • T1A - Automatic Transaction Recovery
        • expand_more E Journal
          • M1A - Store E-Journal
          • M2A - ECR/POS Print Journal Receipts
          • M3A - ECR/POS Storing Journal Receipts
        • expand_more Reprint Ticket
          • L1A - Reprint Ticket
          • L1B - Reprint Ticket Declined Transaction
          • L2A - Reprint Ticket No Printer Available
          • L2B - Reprint Ticket Declined Transaction No Printer Available
        • expand_more Tickets
          • U1A - Request For Identification
          • U1B - Request For Signature
          • U1C - Request For Signature And Identification
          • U1D - Failing Transaction No Receipt
          • U1E - Split Payment
        • expand_more Time Out
          • R1A - Time Out On Presenting A Card
          • R1B - Time Out During Pin Entry
        • expand_more Transactions
          • C1A - Happy Flow
          • C1B - Happy Flow Contactless
          • C1D - Happy Flow Magnetic Stripe
          • C1E - Declined Transaction By Host
          • C1E - Transaction Aborted By Cardholder
          • C1F - Absence Of Thousand Separator
          • C1G - Cashier Display Messages
        • expand_more Validation
          • H1A - Too Many Fingers
          • H1B - Not Removing Card
          • H2A - Power Loss Or Closing Of ECR/POS During Transaction
      • expand_more Unattended Certification Tests
        • expand_more User Guidance
          • C1 - Successful Payment
          • C2 - Next Cardholder
          • C3 - Abort On PIN Entry
          • C4 - Time Out During PIN Entry
          • C5 - No Amount Entered
          • C6 - Language Selection
          • C7 - Amount To Authorise
          • C8 - Available Funds
        • expand_more Device Selection
          • D1 - Device Selection
          • D2 - Invalid Device
          • D3 - Charger Selection Abort
          • D4 - No Charger Selected
          • D5 - Authorisation With No Free Devices
        • expand_more Product Delivery
          • E1 - Product Selection
          • E2 - Enabled Products
          • E3 - Invalid Product Entered
          • E4 - Product Selection Aborted
          • E5 - No Product Selected
          • E6 - Max Delivery Time
          • E7 - Abort Session
          • E7 - Abort By POS
          • E9 - Not Started Charging In Time
          • E10 - Take More Fuel Than AVF
          • E10 - Multiple Sessions Mixed
          • E12 - Postpone Card Financial Advice On New Cardholder Card
          • E13 - Abort Session On Card Reinsert
        • expand_more Receipts
          • F1 - Cardholder Retrieve Receipt Info
          • F2 - Cardholder Receipt Retrieval
          • F3 - Reprint Ticket
          • F4 - F8 - Ticket Printing And Content
          • F9 - TrackingToken Deleted
          • F10 - Printer Paper Low
          • F11 - CardPayment Erased From Storage
          • F12 - E-Receipt Received By Cardholder
          • F13 - E-Receipt Failure
        • expand_more Transaction Limit Handeling Maestro
          • G1 - Maestro CardPayment 1 Euro
          • G2 - Maestro CardPayment 30 Euro
          • G3 - Maestro CardPayment 60 Euro
          • G4 - Maestro CardPayment 500 Euro
        • expand_more Transaction Limit Handeling Mastercard
          • H1 - Mastercard CardPayment 1 Euro
          • H2 - Mastercard CardPayment 30 Euro
          • H3 - Mastercard CardPayment 60 Euro
          • H4 - Mastercard CardPayment 500 Euro
        • expand_more Mifare Handling
          • I1 - Happy Flow Mifare
          • I2 - Unknown Mifare Card
          • I3 - No Mifare Card Presented
          • I4 - Mastercard Presented
        • expand_more Card Circuits
          • L1 - Available Card Circuits
        • expand_more Reconciliation
          • M1 - Reconciliation As Function
          • M2 - Reconciliation By New Shiftnumber
          • M3 - POS Auto Triggers Reconciliation With Closure
        • expand_more Journal
          • N1 - Journal Accessible By Authorized Employees
          • N2 - Journal Cannot Be Altered
        • expand_more Exception Flows
          • O1 - Unknown Card Session
          • O2 - Maximum Time Out
          • O3 - Device Unavailable
          • O4 - Time Out Card-Type Fallback
          • O5 - Time Out On Presenting Card
          • O6 - App Stability
          • O7 - Automatic Startup
          • O8 - Sleep Mode Not Supported
          • O8 - Sleep Mode Supported
        • expand_more Recovery
          • X1 - Recovery After Communication Failure
          • X2 - Recovery After CCV Component Update
          • X3 - Recovery After 24 Hour Reboot
          • X4 - Recovery After CCV-Fusion Client Restart
          • Y1 - Recovery After Power Failure With No Battery Backup
          • Y2 - Recovery After Power Failure With Battery Backup
      • expand_more SoftPOS Certification Tests
        • expand_more Success Scenarios
          • Installation Success - SoftPOS Certification Test
          • Payment Success - SoftPOS Certification Test
        • expand_more Failed Scenarios
          • Installation Failed - CCV SoftPOS App Not Installed - SoftPOS Certification Test
          • Payment Failed - Declined - SoftPOS Certification Test
          • Payment Failed - CCV SoftPOS App Is Closed During Payment - SoftPOS Certification Test
          • Payment Failed -CCV SoftPOS App Is Killed During Payment - SoftPOS Certification Test
          • Payment Failed - SoftPOS App Not Installed Anymore - SoftPOS Certification Test
        • expand_more Other Scenarios
          • Other Scenario - Data Cleared Of The CCV SoftPOS App - SoftPOS Certification Test
    • expand_more Development Kits
      • SoftPOS Dev Kit
      • IM30 Dev Kit
    • Glossary

Payment API

  • General
    • Communication
    • Environments
    • Authentication
    • Idempotency
    • Transaction Types
    • Webhooks
    • Notifications
    • Error Handling
    • Security & Privacy
    • Return URL
  • Online Payments
    • Quick Start expand_more
      • Initial Setup
      • Create Payment
    • Basic Operations expand_more
      • Create A Payment
      • Refund A Payment
      • Authorise & Capture Payments
      • Query The Payment Status
    • Payment Features expand_more
      • 3D-Secure 2 expand_more
        • SCA And 3D-Secure 2
        • Compliance Guide
        • Out Of Scope Transactions
        • Exemptions
      • Payment Links
      • Merchant Initiated Payments
      • Embedded Card Payments
      • Mandates
      • Customers & Loyalty
      • Partial Payment
    • Payment Methods expand_more
      • American Express
      • Apple Pay
      • Google Pay
      • Bancontact expand_more
        • Bancontact Walled Initiated Payments (WIP)
        • Bancontact Deferred Sales
      • Bancontact Mobile
      • Banktransfer
      • IDEAL
      • Klarna
      • Landingpage
      • Maestro
      • Mastercard
      • Payconiq
      • Paypal
      • Visa
    • Payouts expand_more
      • Split Payout
      • Test Payout
    • Developer Resources expand_more
      • Currencies
      • Languages
      • Payment Testing
      • Test Cards
  • In-person Payments
    • SoftPOS expand_more
      • General expand_more
        • Getting Started
        • Device Requirements
        • SoftPOS TerminalIds
        • SoftPOS Errors
        • Currencies
        • Languages
        • Network And Connectivity
        • Release Notes
      • Basic Operations expand_more
        • Install A Terminal
        • Make A Payment
        • Handling Receipts
      • API Reference expand_more
        • SoftPOS - API Reference

What's on this page

  • Webhooks
    • Status changes
  • Authentication
  • Security
  • Communication
    • Request
    • Response
  • Retries
  • Best practices
  • Configuration
    • Global
    • Per transaction
  • Common mistakes
    • Replying with a redirect
    • Using localhost in your webhook
    • Not using a secure endpoint
General / Webhooks

Webhooks

A webhook is a callback mechanism to inform you of changes occurring to your transaction in our system. We accomplish this by making an HTTP call to an endpoint in your system when these changes occur. The webhook only contains our transaction reference. The merchant system should make a status call to retrieve the transaction status.

Status changes

We call your webhook when the transaction changes status or requires immediate attention. These status changes can be triggered by, for instance, successful or failed completion of the payment, a time out, fraud detection, and so on.

When you receive the webhook, we strongly recommend that you query the transaction and inspect the status before making any decisions.

Authentication

We can not guarantee that we, the PSP, called the webhook. It is possible an attacker accessed the URL. For that reason we insist that you request the status of the payment once you have received the webhook.

If you require identification of the caller, you can use notifications as an alternative.

Security

Due to security restrictions, we only support secure URLs (https://). If you are technically not able to provide this, contact us.

For a more secure internet, you can look at services like Let's Encrypt that provide you free certificates issued by a free and trusted Certificate Authority!

Communication

Request

  • Method: POST
  • Content-Type: application/json
  • Parameters
Name Description
id The unique reference of the transaction

Example

{
    "id" : "AC130090D6C19A09CD4B8B3EECCE199AD895B6E0"
}

The webhook request does not contain any additional information. We expect the merchant system to query the transaction to retrieve the transaction status. It ensures that we will not disclose (possible) sensitive data to an attacker.

If you need more information in the webhook, you can define a webhook URL per transaction and add additional data in the URL.

We’re using HTTP/2, where sending the Content-Length header is optional. Ensure your system can handle requests without relying on this header.

Response

We expect an HTTP 2xx Success code and ignore any content in the response body. If you do not return a 2xx code, we will retry the webhook request.

Retries

We will keep trying the webhook 10 times until we get an HTTP response code 2xx, which would indicate success at your end. Any other HTTP status code is a failure resulting in a retry.

Retrying will be done in increasing intervals until it reaches the final time out, after which we will no longer try to call the webhook for this status change. Should the transaction change state again, we will retry until the final time out is reached.

Best practices

It is strongly recommended to answer the webhook with a 2xx HTTP status code as fast as possible. We recommend that you do not perform any heavy processing in your webhook handler synchronously. Our system only sends a limited amount of parallel webhooks to your system. If you block your webhook handler by doing some processing, you might miss other webhooks. Instead, we suggest to use a queue system to process the webhook asynchronously and to answer the webhook immediately after receiving it.

Configuration

Global

The Merchant Backoffice can configure a global Webhook URL. We support one URL per merchant. We will send all status changes to this URL.

Per transaction

We support the overriding of the global configuration by specifying a different webhook URL in the payment, refund, or token request. If the request specifies this URL, we will call this URL instead.

It is useful when you include additional parameters per webhook, for example, the merchant order reference. For example, it would result in a webhook URL like https://shop/webhook?order=123456&foo=bar

Common mistakes

Replying with a redirect

CCV does not follow redirects. If you responds with a HTTP code that is less than 200 or greater than 299, CCV will retry the webhook.

Using localhost in your webhook

CCV does not send webhooks to localhost. A webhook must be a public endpoint that CCV can access.

Not using a secure endpoint

CCV does not send webhooks to insecure endpoints. See Security for more information

Go to

Home
Documentation




Cookies Privacy Statement