Upcoming changes

Legend

info there is no concrete release date yet, please get in contact with us to get more details

soon these changes will be released within the next 2-4 weeks

next these changes will be released within the next days

List of Upcoming changes

Date

Description

Adjustments to API integration

Adjustments to business process 

soon

Adjustments for credit card handling, to meet new PCI-DSS requirements.

You should whitelist the domain https://sppf.secupay.com/ if your application is using the credit card checkout process. This new domain will replace the https://cc.secupay.com/ and we are redirecting the calls from the old url to the new one, in the near future.


soon

Handling of push notifications of TWINT, for a better transaction processing.



next

Upcoming certificate change of our domains, including the live and testing environment of our APIs:

  • connect.secucard.com / connect-testing.secuconnect.com
  • api.secupay.ag / api-testing.secuconnect.com



Latest changes

Date

Description

Adjustments to API integration

Adjustments to business process 

 

Integration of Pay by Bank (aiia) via Smart Transaction: https://openbankingeu.mastercard.com/use-cases/e-commerce/

 


 

Smart-ZVT timeout value was increased from 90 to 180 seconds.

 


 

Improvements for a faster sync process.

 


 

Adjustments for credit card handling, to meet new PCI-DSS requirements.

As of end of May 2024 you cannot create Payment Containers with type credit_card via POST
/Payment/Containers
anymore. Your application needs to create these Payment Containers implicitly with 
POST /Smart/Transactions/{id}/prepare/creditcard.


 

Reporting feature for secuOffice.





2024

Date

Description

Adjustments to API integration

Adjustments to business process 

 

Improvements in the push notification logic, to avoid delayed push notifications.



 

The endpoint GET /Payment/Transactions/{paymentTransactionId}/shippingUrl was removed, as it was not in use anymore.



 

Enabled the generation of CSV file for avis with more than 2000 entires.



 

New testing environment, to improve the stability for your tests.

The outgoing IP of the testing environment is now: 91.195.151.4

No change is needed, if you already accept the recommended range of IPs:

91.195.150.0 - 91.195.151.255


 

A new terminal app is available.



 

Improvements in the push notification logic, to avoid delayed push notifications.



 

Adjustments in handling input data of the endpoint POST Payment/Contracts/.../requestId



 

Adjustments for credit card handling, to meet new PCI-DSS requirements.



 

Improved Push-Notification system

 (The change is backward compatible)

  • It's possible to provide push notifications for Payment/Payouts objects.
  • It's possible to provide customized push notifications, which f.e. contains the changed data directly.
  • It's possible to setup different push urls (one for each object type).
  • It's possible to setup custom conditions, f.e. only push completed credit card transactions.

 

 Removed deprecated / unused endpoints in PublicWebsite.



 

The callback_urls parameter is now optional for the POST Smart/Transactions/STX_.../prepare/creditcard endpoint if payment_context.merchant_initiated is enabled.



 

Improved file type detection for the endpoint /Loyalty/transactions/DUP_.../BulkTransaction/MRC_...



2023

Date

Description

Adjustments to API integration

Adjustments to business process 

 

The POST Payment/Transactions/{id}/Capture endpoint allows to capture a pre-authorized credit card transaction with a smaller amount, without having to adjust the amount beforehand.



 


The credit card frame ( https://cc.secupay.com/?view=compact ) now supports small screens/inline-frames.



 


New property payment_config in GET General/Contracts/GCR_.../IframeOptions



 


New property project_name for endpoint GET General/Accounts .



 


Invoice payment transactions with demo were accepted without confirmation, this is now fixed.



 


The masking method for IBAN was unified.

In some cases the data was masked to "DE91 XXXX XXXX 7700" and now to "DE91 XXXX XXXX XXXX XX77 00" for all cases.


 


Integration of a new payment acquirer for GooglePay and ApplePay.



 


The property payment_context.merchant_initiated in the Smart Transactions object needs to be enabled in the contract.



 


New property invoice_reference for the endpoint POST Payment/Contracts/.../requestId



 


New method POST Smart/Transactions/STX_.../start/cashless_direct to be able to create POS payment transactions without smartZVT.



 


Customer data from PayPal is fetched and the payment customer is created and added to smart transaction after successful authorisation (/prepare call). This allows to show a summary before final confirmation by the buyer.



 


API adjustments for managing (external) SEPA mandates.

New endpoints GET/POST Payment/Mandates.


 


Improvements for TWINT: If the payer opens the redirect URL a second time, they are redirected to the given success or failure page, depending on the status of the TWINT transaction. Before, the payer was always redirected to the failure page.



 


API adjustments for a new self on-boarding process of merchants by broker.

  • New endpoint GET General/Merchants/me/Merchantcategories

  • New properties for the endpoint POST Payment/Contracts/.../requestId

    • merchant_category

    • tid

    • notes

    • account_statement_text

  • New field description in GET General/Contracts endpoint.


 


The endpoints of Smart/Transactions validate the parameter is_demo more strictly.

Sending this parameter as string is no longer allowed. Only boolean is accepted.


 


The endpoint Smart/Transactions/STX_.../prepare and Smart/Transactions/STX_.../start validate if all sub-contracts have the payment product enabled.

If you are using mixed baskets you could get an error if the sub-contract does not allow this payment method.


 


The property application_context.language of the Smart/Transactions endpoint will be transmitted to PayPal and Sofort.

It's also possible to transmit "de_DE", "de-DE" or "de". So you can use the language of your application directly.


 


The Smart/Transaction endpoint uses the PayPal intent AUTHORIZE if the property payment_context.auto_capture is set to false.



This allows to capture the payment up to 29 days, instead of 3 hours after the confirmation.

Please note that we are not doing a re-authorize on PayPal. After the three-day honor period, the original authorized payment expires and a capture could fail.

 


Internal update of the TWINT integration.

The property iframe_url of the endpoint POST Payment/Transactions contains the direct URL to Saferpay/TWINT.


The process for the payer is now faster and there are less redirects in the browser.

 


The parent element/object is included on each merchant element in the API response.




 


Live-Sync of Card Processing transactions.


New card processing transactions will now be visible within minutes instead of 2 days.

 


More refund transaction types (product id: 93) are available via GET Payment/Transactions endpoint.



 


The reference between Payout (POU_...) and Refund transactions (PCI_...) at payment transaction object includes now "related_transactions" with "ref_type_id": 14 ("Abzug von Auszahlung").



 


New release of secuconnect/secuconnect-java-sdk

see https://github.com/secuconnect/secuconnect-java-sdk/releases/tag/3.14.0

or https://github.com/secuconnect/secuconnect-java-sdk/blob/3.14.0/CHANGELOG.md


 


Introducing "prepayments for API payouts":

  • New endpoints

    • GET General/Contracts/GCR_.../getTransferBalance

    • POST Payment/Transactions/PCI_.../assignTransferBalance

  • New product IDs

  • New relation types in payment.transactions



 


Internal update of the TWINT integration.



 


New password policy for secuOffice.



 


New release of secucard/secucard-connect-php-sdk

see https://github.com/secucard/secucard-connect-php-sdk/releases/tag/1.25.0

or https://github.com/secucard/secucard-connect-php-sdk/blob/master/CHANGELOG.md


 


Introducing "debit collecting without payment guarantee":

  • New product IDs

    • debit collecting (ID 459)

    • Returned debit (ID 501)

  • New relation types in payment.transactions

    • ID 19

    • ID 125

It will behave similar to the other debit products in the Smart/Transactions and Payment/Transactions endpoints.


 


New release of secuconnect/secuconnect-php-sdk

see https://github.com/secuconnect/secuconnect-php-sdk/releases/tag/2.19.0

or https://github.com/secuconnect/secuconnect-php-sdk/blob/master/CHANGELOG.md


 


The endpoint GET /api/v2/Payment/Transactions/PCI_.../checkStatus will return 3 new properties:

  • status_text

  • status_simple

  • status_simple_text



 


In order to solve the inaccurate purpose of the amount parameter in the endpoint POST Payment/Transactions/{paymentTransactionId}/cancel this parameter is marked as deprecated. Please use the new reduce_amount_by parameter instead.

Use the new parameter reduce_amount_by, which will deduct the payment by this value.

An empty value will (still) cancel/refund the complete transaction.


 


The validation of the endpoint PUT Smart/Transactions/STX_... is extended to avoid invalid transaction data.

Make sure that every time you are updating the smart transaction, the data you send is up to date.


 


New release of secuconnect/secuconnect-php-sdk

see https://github.com/secuconnect/secuconnect-php-sdk/releases/tag/2.18.0

or https://github.com/secuconnect/secuconnect-php-sdk/blob/master/CHANGELOG.md


 


The validation of the endpoint PUT Smart/Transactions/STX_... was extended. Changing the basket of a payed transaction is no longer possible.



 


New release of secucard/secucard-connect-php-sdk to support new PHP versions.

see https://github.com/secucard/secucard-connect-php-sdk/releases/tag/1.24.0

or https://github.com/secucard/secucard-connect-php-sdk/blob/master/CHANGELOG.md


 


New release of secucard/secucard-connect-javascript-sdk to remove unneeded dependencies.

see https://github.com/secucard/secucard-connect-javascript-sdk/releases/tag/0.7.0

or https://github.com/secucard/secucard-connect-javascript-sdk/blob/master/CHANGELOG.md