Token Payment

Token Payment Benefits

Token payment allows merchants to process payments using previously tokenized card information without handling sensitive card data again. This approach:

1. Reduces PCI DSS compliance scope for recurring transactions
2. Improves the customer experience by eliminating the need to re-enter card details
3. Enhances security by minimizing exposure of sensitive card data
4. Streamlines the checkout process for returning customers
5. Enables subscription and recurring payment scenarios

Integration Prerequisites

Before implementing token payments, ensure you have:

• A valid Onerway merchant account with tokenization enabled
• Successfully completed the card tokenization process and stored the tokenId
• Access to the Onerway payment gateway API
• Implemented proper security measures for storing and handling token data
• Technical capability to handle potential 3DS verification flows

Token Security Requirements

While token payments reduce PCI scope compared to direct card payments, merchants must still:

1. Implement proper security measures to protect tokenId values
2. Use HTTPS/TLS 1.2+ for all API communications
3. Implement proper access controls for token storage
4. Follow secure coding practices for payment processing

API Request Parameters

POST

Key Parameters for Token Payment

When integrating token payments, you need to set these key parameters:

1. subProductType: Must be set to TOKEN for all token payment transactions.

2. tokenInfo: JSON format string containing tokenization details, required for all token payment transactions.

Note

• All JSON fields must be stringified before submission
• Nested objects must be serialized to JSON string format
• JSON fields must not contain unescaped special characters
• Arrays in JSON should be properly formatted
• Example of JSON string field:

{
    "object": "{\"obj-key1\":\"v1\",\"obj-key2\":\"v2\"}",
    "complex": "{\"k1\":\"v1\",\"array\":\"[{\\\"obj-key3\\\":\\\"v3\\\",\\\"obj-key4\\\":\\\"v4\\\"}]\"}"
}

Parameter	Type	Length	Required	Signed	Description
billingInformation	String	/	Yes	Yes	Billing information in JSON string format. See TransactionAddress
merchantNo	String	20	Yes	Yes	Merchant number assigned by Onerway, obtained from Onerway dashboard
merchantTxnId	String	64	Yes	Yes	Unique transaction identifier for each customer payment. Must be unique for each transaction request.
merchantTxnOriginalId	String	128	No	Yes	Master transaction ID generated by merchant. IDs can be duplicate but only one transaction with the same ID can succeed
merchantTxnTime	String	/	No	Yes	Transaction timestamp (Format: yyyy-MM-dd HH:mm:ss)
merchantTxnTimeZone	String	64	No	Yes	Transaction timezone
mpiInfo	String	/	Conditional	Yes	3DS verification result information in JSON string format. See MpiInfo
orderAmount	String	19	Yes	Yes	Order amount in units of currency with max 2 decimal places
orderCurrency	String	8	Yes	Yes	Order currency code. See ISO 4217
productType	String	16	Yes	Yes	See ProductTypeEnum
risk3dsStrategy	String	16	Conditional	Yes	3DS risk control strategy. See Risk3dsStrategyEnum
shippingInformation	String	/	Yes	Yes	Shipping information in JSON string format. See TransactionAddress
sign	String	/	Yes	No	Digital signature string for request verification. Please refer to Signature for signature generation method.
subProductType	String	16	Yes	Yes	See SubProductTypeEnum
tokenInfo	String	/	Conditional	Yes	Token information in JSON string format. See TokenInfo
txnOrderMsg	String	/	Yes	Yes	Transaction business information in JSON string format. See TxnOrderMsg
txnType	String	16	Yes	Yes	Transaction type. See TxnTypeEnum

TokenInfo

When making token payments, you must include tokenization information in the tokenInfo parameter

Name	Type	Length	Required	Description
tokenId	String	/	Yes	Token ID obtained after binding a payment method. For Google Pay and Apple Pay scenarios, the provided token content needs to be converted to a JSON format string
provider	String	/	Conditional	Token provider, defaults to Onerway when value is empty, generally used in Token payment scenarios; for other scenarios, please refer to TokenProviderEnum

The tokenInfo parameter must be provided as a JSON string:

{
  "tokenInfo": "{\"tokenId\":\"f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b\"}" // payment token
}

TransactionAddress

Name	Type	Length	Required	Signature	Description
firstName	String	64	No	No	First name
lastName	String	64	No	No	Last name
jpFirstName	String	64	No	No	(Japanese Katakana) First name
jpLastName	String	64	No	No	(Japanese Katakana) Last name
phone	String	32	No	No	Phone number
email	String	256	Yes	No	Email address
postalCode	String	32	No	No	Postal code
address	String	256	No	No	Address
country	String	64	Yes	No	Country. Please refer to ISO_3166.
province	String	64	Conditional	No	Province/State. Required when country is US or CA. Please refer to ISO_3166.
city	String	64	No	No	City
street	String	64	No	No	Street
number	String	64	No	No	House/Building number
identityNumber	String	64	No	No	ID number
birthDate	String	64	No	No	Birth date, format is yyyy-MM-dd

TxnOrderMsg

Name	Type	Length	Required	Signature	Description
returnUrl	String	256	Yes	No	Synchronous return address. After the customer completes payment, the Onerway hosted page will redirect back to the merchant's specified page through this address
products	String	1024	Yes	No	List of product information purchased by the customer, please refer to the Products object
transactionIp	String	64	Conditional	No	Cardholder transaction IP
appId	String	20	Yes	No	Store ID. When a merchant registers a website/application with Onerway, a unique ID is generated for that website/application. This ID can be obtained from the Onerway dashboard.
javaEnabled	Boolean	/	Conditional	No	Whether the cardholder's browser has java enabled, retrieved via: window.navigator.javaEnabled()
colorDepth	String	64	Conditional	No	Cardholder screen color depth, retrieved via: window.screen.colorDepth
screenHeight	String	64	Conditional	No	Cardholder's screen resolution, retrieved via: window.screen.height
screenWidth	String	64	Conditional	No	Cardholder's screen resolution, retrieved via: window.screen.width
timeZoneOffset	String	64	Conditional	No	Cardholder browser's time zone, retrieved via: ((new Date()).getTimezoneOffset()).toString()
accept	String	2048	Conditional	No	Cardholder browser's Accept request header
userAgent	String	2048	Conditional	No	Cardholder's browser type, retrieved via: window.navigator.userAgent
contentLength	String	64	Conditional	No	Content length of the cardholder's browser content beyond the headers
language	String	64	Conditional	No	Cardholder's browser language, retrieved via: window.navigator.language
periodValue	String	/	Conditional	No	Installment payment period.
notifyUrl	String	256	Yes	No	Notification URL. See Notifications

Products

Name	Type	Length	Required	Description
name	String	256	Yes	Product name
price	String	1024	Yes	Product unit price
num	String	20	Yes	Product quantity
desc	String	1024	No	Product description
currency	String	256	Yes	Currency code following ISO 4217 standard
type	String	256	No	Product classification. See StoreProductTypeEnum

products must be in JSON string format

Examples:

If type is discount, the discount amount should be passed as a negative number

General case

\"[{\\\"name\\\":\\\"Pro1\\\",\\\"price\\\":\\\"50.00\\\",\\\"num\\\":\\\"2\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"Pro2\\\",\\\"price\\\":\\\"100\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\"}]\"

With discount

\"[{\\\"name\\\":\\\"Pro1\\\",\\\"price\\\":\\\"50.00\\\",\\\"num\\\":\\\"2\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"Pro2\\\",\\\"price\\\":\\\"100\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"discount\\\",\\\"price\\\":\\\"-10\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\",\\\"type\\\":\\\"discount\\\"}]\"

With shipping fee

\"[{\\\"name\\\":\\\"Pro1\\\",\\\"price\\\":\\\"50.00\\\",\\\"num\\\":\\\"2\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"Pro2\\\",\\\"price\\\":\\\"100\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"shipping fee\\\",\\\"price\\\":\\\"10\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\",\\\"type\\\":\\\"shipping_fee\\\"}]\"

With discount and shipping fee

\"[{\\\"name\\\":\\\"Pro1\\\",\\\"price\\\":\\\"50.00\\\",\\\"num\\\":\\\"2\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"Pro2\\\",\\\"price\\\":\\\"100\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\"},{\\\"name\\\":\\\"shipping fee\\\",\\\"price\\\":\\\"10\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\",\\\"type\\\":\\\"shipping_fee\\\"},{\\\"name\\\":\\\"discount\\\",\\\"price\\\":\\\"-10\\\",\\\"num\\\":\\\"1\\\",\\\"currency\\\":\\\"USD\\\",\\\"type\\\":\\\"discount\\\"}]\"

Note that price * num (product amount) + price * num (discount amount) - price * num (shipping fee) = orderAmount (order transaction amount)

Response

Name	Type	Description
respCode	String	Response code from Onerway
respMsg	String	Response message from Onerway
data	Object	Response data. Refer to object data

data

Name	Type	Description
transactionId	String	Transaction order number created by Onerway
responseTime	String	Interface response time Format: yyyy-MM-dd HH:mm:ss
txnTime	String	Transaction completion time Format: yyyy-MM-dd HH:mm:ss
txnTimeZone	String	Transaction time zone Format: +/-HH:mm
orderAmount	String	Order amount
orderCurrency	String	Transaction order currency Refer to ISO 4217 currency codes
txnAmount	String	Order amount after conversion to settlement currency
txnCurrency	String	Settlement currency Refer to ISO 4217 currency codes
status	String	Transaction processing result Refer to TxnStatusEnum
redirectUrl	String	Redirection URL for 3D Secure verification
contractId	String	Subscription contract number
tokenId	String	Payment token
eci	String	Electronic Commerce Indicator
periodValue	String	Installment payment number of periods
codeForm	String	Code form for specific payment methods See CodeFormEnum
presentContext	String	Context information for presentation layer
actionType	String	Action type for the transaction See ActionTypeEnum
subscriptionManageUrl	String	Subscription management URL
sign	String	Signature string Refer to the Signature interface

Token Payment Integration Process

The Token Payment integration process consists of two main phases: payment initiation and payment processing with potential 3DS authentication.

Key Integration Points

1. Token Retrieval: The merchant system must securely retrieve the stored tokenId associated with the customer's saved card
2. Payment Request Structure:
   • Set subProductType to TOKEN
   • Include tokenInfo parameter with the tokenized card data
   • Provide same transaction details as regular payments (amount, currency, etc.)
3. Risk-based Authentication:
   • Low-risk transactions may complete without 3DS verification
   • High-risk or high-value transactions typically require 3DS verification
4. Result Notification: The final payment result is delivered via webhook to the notifyUrl specified in the request
5. Status Tracking: Merchants must implement proper transaction status tracking, especially for 3DS flows

3DS Handling

Token payments may require 3DS verification, especially for high-value transactions or when risk factors are identified. The 3DS flow for token payments is identical to the flow for direct card payments.

3DS Authentication Flow

When the response contains status=R and actionType=RedirectURL, merchants must redirect the customer to complete 3DS verification:

{
    "respCode": "20000",
    "respMsg": "Success",
    "data": {
        "transactionId": "1919781070732402688", 
        "status": "R", // 3DS verification required
        "redirectUrl": "https://sandbox-gw-dmz.onerway.com/3dsSecure/direct/RDT_3DS_DDC_8002091919781076595769344", // 3DS verification URL
        "actionType": "RedirectURL", // Indicates a redirect is required
        // other fields...
    }
}

Upon receiving this response:

1. Store the transactionId for tracking
2. Redirect the customer to the redirectUrl for 3DS authentication
3. Wait for the webhook notification with the final transaction result
4. The customer will return to your site via the returnUrl specified in your request

Important

The returnUrl parameter in txnOrderMsg is critical for 3DS flows:

• It must be a valid URL on your website that can handle returning customers
• After 3DS verification completes, the customer's browser will be redirected to this URL
• Transaction status parameters will be appended to the URL as query parameters
• Your return page should be prepared to handle both successful and failed 3DS
  verifications

Best Practice

Implement a transaction status tracking mechanism to handle asynchronous payment completion after 3DS verification. Your returnUrl endpoint should:

• Extract the transaction ID and status from the URL parameters
• Show an appropriate message to the customer
• Update the transaction status in your system when the webhook notification is received

Example 3DS Return URL

When a customer completes 3DS verification, they will be redirected to your returnUrl with parameters:

https://your-return-url.com/?transactionId=1919652057678479360&status=S&...

Your return page should handle this redirect appropriately.

API Usage Examples

Standard Token Payment (No 3DS Required)

Request

{
    "billingInformation": "{\"address\":\"447 Russel Roads\",\"city\":\"West Lyricburgh\",\"country\":\"US\",\"email\":\"Kitty57@hotmail.com\",\"firstName\":\"Shaina\",\"identityNumber\":\"53944707018\",\"lastName\":\"Bradtke\",\"phone\":\"14569294471\",\"postalCode\":\"81219\",\"province\":\"CO\"}",
    "merchantCustId": "CustId-H75D-56R9",
    "merchantNo": "800209",
    "merchantTxnId": "011aecd7-82fd-412b-9bc0-27d72344eead",
    "merchantTxnTime": "2025-05-09 17:21:40",
    "orderAmount": "2",
    "orderCurrency": "USD",
    "productType": "CARD",
    "shippingInformation": "{\"address\":\"32827 Considine Parkways\",\"city\":\"Schinnerside\",\"country\":\"US\",\"email\":\"Yvonne85@yahoo.com\",\"firstName\":\"Cassidy\",\"identityNumber\":\"10840034705\",\"lastName\":\"Windler\",\"phone\":\"15725834466\",\"postalCode\":\"24386\",\"province\":\"CO\"}",
    "sign": "6bc968c109e91aad9f1322492563f120a7c3253d1878eb0acc740d4e719d4216",
    "subProductType": "TOKEN", // Indicates a token payment
    "tokenInfo": "{\"tokenId\":\"f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b\"}", 
    "txnOrderMsg": "{\"accept\":\"*/*\",\"appId\":\"1727880846378401792\",\"colorDepth\":\"24\",\"contentLength\":\"65536\",\"javaEnabled\":true,\"language\":\"en-US\",\"products\":\"[{\\\"currency\\\":\\\"USD\\\",\\\"name\\\":\\\"date\\\",\\\"num\\\":\\\"69\\\",\\\"price\\\":\\\"186.49\\\",\\\"type\\\":\\\"labore et sit minim voluptate\\\"}]\",\"returnUrl\":\"https://docs.onerway.com/\",\"notifyUrl\":\"https://docs.onerway.com/apis\",\"screenHeight\":\"844\",\"screenWidth\":\"393\",\"timeZoneOffset\":\"-420\",\"transactionIp\":\"25.151.36.65\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36\"}",
    "txnType": "SALE"
}

Response

{
    "respCode": "20000",
    "respMsg": "Success",
    "data": {
        "transactionId": "1921386580359380992",
        "responseTime": "2025-05-11 10:07:17",
        "txnTime": "2025-05-11 10:07:13",
        "txnTimeZone": "+08:00",
        "orderAmount": "2.00",
        "orderCurrency": "USD",
        "txnAmount": null,
        "txnCurrency": null,
        "status": "S", // Immediate success (no 3DS required)
        "redirectUrl": null,
        "contractId": null,
        "tokenId": "f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b",
        "eci": null,
        "periodValue": null,
        "codeForm": null,
        "presentContext": null,
        "actionType": null,
        "subscriptionManageUrl": null,
        "sign": "237437087a515f554d3eb5e62e0b61b10b5263bc187004e8408c820f5cd25fac"
    }
}

Webhook

{
    "notifyType": "TXN",
    "transactionId": "1921386580359380992",
    "txnType": "SALE",
    "merchantNo": "800209",
    "merchantTxnId": "011aecd7-82fd-412b-9bc0-27d72344eead",
    "responseTime": "2025-05-11 10:07:17",
    "txnTime": "2025-05-11 10:07:13",
    "txnTimeZone": "+08:00",
    "orderAmount": "2.00",
    "orderCurrency": "USD",
    "status": "S",
    "tokenId": "f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b", 
    "cardBinCountry": "US",
    "reason": "{\"respCode\":\"20000\",\"respMsg\":\"Success\"}",
    "sign": "f603260143a27df6067aa648ec6c26aab5bc7e1392ae725ca182dd14e14a9cf1",
    "paymentMethod": "VISA",
    "channelRequestId": "8002091921386584238858241"
}

Token Payment with 3DS Authentication

Request

{
    "billingInformation": "{\"address\":\"13342 Pfannerstill Plaza\",\"city\":\"Lake Margareteborough\",\"country\":\"US\",\"email\":\"Tyrell.Wyman@gmail.com\",\"firstName\":\"Sibyl\",\"identityNumber\":\"05609191836\",\"lastName\":\"Ullrich\",\"phone\":\"15189238430\",\"postalCode\":\"99256\",\"province\":\"CO\"}",
    "merchantCustId": "CustId-UUL3-2H47",
    "merchantNo": "800209",
    "merchantTxnId": "5ddbee02-908f-44f9-a7a8-ac1c391f00b5",
    "merchantTxnTime": "2025-05-11 10:08:35",
    "orderAmount": "500", // Higher amount typically triggers 3DS
    "orderCurrency": "USD",
    "productType": "CARD",
    "shippingInformation": "{\"address\":\"6805 Deangelo Camp\",\"city\":\"Buddyfield\",\"country\":\"US\",\"email\":\"Orpha_Tillman87@hotmail.com\",\"firstName\":\"Ian\",\"identityNumber\":\"90358886252\",\"lastName\":\"Cronin\",\"phone\":\"13668341505\",\"postalCode\":\"62799-1650\",\"province\":\"CO\"}",
    "sign": "bd39ad0f498c6f64f133e5e9ba987405a2d8dcb39cdb859d3fb99c1bfd842926",
    "subProductType": "TOKEN", // Indicates a token payment
    "tokenInfo": "{\"tokenId\":\"f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b\"}", 
    "txnOrderMsg": "{\"accept\":\"*/*\",\"appId\":\"1727880846378401792\",\"colorDepth\":\"24\",\"contentLength\":\"65536\",\"javaEnabled\":false,\"language\":\"en-US\",\"products\":\"[{\\\"currency\\\":\\\"USD\\\",\\\"name\\\":\\\"prune\\\",\\\"num\\\":\\\"56\\\",\\\"price\\\":\\\"508.10\\\",\\\"type\\\":\\\"non\\\"}]\",\"returnUrl\":\"https://docs.onerway.com/\",\"notifyUrl\":\"https://docs.onerway.com/apis\",\"screenHeight\":\"1024\",\"screenWidth\":\"1536\",\"timeZoneOffset\":\"360\",\"transactionIp\":\"76.0.55.254\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36\"}",
    "txnType": "SALE"
}

Initial Response

{
    "respCode": "20000",
    "respMsg": "Success",
    "data": {
        "transactionId": "1921386970375127042",
        "responseTime": "2025-05-11 10:08:50",
        "txnTime": "2025-05-11 10:08:46",
        "txnTimeZone": "+08:00",
        "orderAmount": "500.00",
        "orderCurrency": "USD",
        "txnAmount": null,
        "txnCurrency": null,
        "status": "R", // 3DS verification required
        "redirectUrl": "https://sandbox-gw-dmz.onerway.com/3dsSecure/direct/RDT_3DS_DDC_8002091921386975378677761", // 3DS verification URL
        "contractId": null,
        "tokenId": "f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b",
        "eci": null,
        "periodValue": null,
        "codeForm": null,
        "presentContext": null,
        "actionType": "RedirectURL", // Indicates a redirect is required
        "subscriptionManageUrl": null,
        "sign": "e5294216dc40e5a42f7a77513ee8151f4fc8573e7b2b2da0a4e9031dc382abe2"
    }
}

Webhook After 3DS

{
    "notifyType": "TXN",
    "transactionId": "1921386970375127042",
    "txnType": "SALE",
    "merchantNo": "800209",
    "merchantTxnId": "5ddbee02-908f-44f9-a7a8-ac1c391f00b5",
    "responseTime": "2025-05-11 10:09:02",
    "txnTime": "2025-05-11 10:08:46",
    "txnTimeZone": "+08:00",
    "orderAmount": "500.00",
    "orderCurrency": "USD",
    "status": "S", // Final status after 3DS verification
    "tokenId": "f7d54297b989d2acf4eb6791213cf2bd9d2c842ea05b0a91c8dd85f4f9e4915b",
    "eci": "05", // ECI value indicates 3DS authentication result
    "cardBinCountry": "US",
    "reason": "{\"respCode\":\"20000\",\"respMsg\":\"Success\"}",
    "sign": "5f654896436263215a0dea3798e67d5c714f3e54f57f9bf55fd08568db1d1b63",
    "paymentMethod": "VISA",
    "channelRequestId": "8002091921386975378677761"
}

Common Error Scenarios and Solutions

Error Code	Description	Solution
40002	Invalid token	Verify the tokenId is correct and has not expired
70002	Unknown decline	Contact Onerway support

Invalid Token

{
    "respCode": "40002",
    "respMsg": "Invalid token",
    "data": null
}

Solution

1. Verify that the tokenId being used is correct and properly formatted
2. Check if the token has expired (tokens may have a validity period)
3. Ensure the token is associated with your merchant account
4. If the token is invalid, initiate a new tokenization process

Declined Transaction

{
    "respCode": "30002",
    "respMsg": "Transaction declined by issuer",
    "data": {
        "transactionId": "1921386970375127042",
        "status": "F",
        "reason": "Insufficient funds"
    }
}

Solution

1. Inform the customer that their transaction was declined by their bank
2. Suggest using a different payment method
3. Provide clear instructions for retrying the payment
4. For recurring payments, implement a retry strategy with appropriate backoff

3DS Authentication Failure

{
    "respCode": "30005",
    "respMsg": "3DS Authentication failed",
    "data": {
        "transactionId": "1921386970375127042",
        "status": "F",
        "eci": "07"
    }
}

Solution

1. Inform the customer that their bank declined the 3DS authentication
2. Suggest the customer contact their bank to authorize online payments
3. Offer an alternative payment method
4. For recurring payments, consider implementing a fallback payment method

Implementation Best Practices

1. Token Security
   Store tokenId values securely using encryption and proper access controls. Even though tokens cannot be used for payments without your merchant credentials, they should be treated as sensitive data.

2. Token Lifecycle Management
   Implement proper token lifecycle management, including monitoring token expiration and refreshing tokens when needed. Consider implementing a token rotation strategy for long-term recurring payments.

3. 3DS Handling
   Properly handle 3DS redirects and verify the final payment status via webhook. Design your user experience to handle the 3DS flow smoothly, especially for mobile devices.

4. Error Handling
   Implement robust error handling mechanisms with user-friendly messages. Categorize errors to provide appropriate guidance to customers (e.g., payment declined vs. system error).

5. Webhook Verification
   Always verify webhook signatures to prevent tampering. Process webhook notifications idempotently to handle potential duplicates.

6. Transaction Tracking
   Maintain a comprehensive transaction log for reconciliation and troubleshooting. Include all relevant transaction details, especially for recurring payments.

7. Customer Communication
   Implement clear communication for payment status, especially for asynchronous 3DS flows. Consider sending email or SMS notifications for payment confirmation.

8. Transaction Retry Strategy
   For recurring payments, implement a smart retry strategy with appropriate backoff for failed transactions. Monitor success rates to identify problematic tokens.

Merchant Integration Checklist

Before going live with token payment integration, ensure you have:

• Successfully implemented and tested card tokenization
• Secure token storage system with appropriate encryption and access controls
• Proper 3DS redirect handling implementation
• Webhook handling and signature verification
• Transaction status tracking system
• User-friendly error messaging for declined transactions
• Token lifecycle management (expiration handling, rotation strategy)
• Thorough testing in sandbox environment with various amounts and scenarios
• Comprehensive logging for troubleshooting (excluding sensitive data)
• Proper retry strategy for recurring payments