Verify card type (API)


It is possible to place restrictions on your site reference(s) to prevent a payment from being processed when the card number submitted is not thought to match the payment type selected by the customer. This feature is called verify card type, and there are two supported configurations:



0 – Auto-correct (Default)

By default, when a request is processed, we will use the IIN found at the start of the card number to automatically determine the payment type, which are stored in our records.



1 – Fail if PAN doesn’t match

Under this configuration, you are required to submit a paymenttypedescription in the request. Like with the “Auto-correct” configuration described above, we will automatically determine the payment type of the card number submitted, however if the detected payment type does not match the submitted paymenttypedescription, a 10103 error will be returned in the response. In this scenario, the authorisation will not be processed successfully.


The following is an example of an AUTH request that contains the additional field paymenttypedescription:

import securetrading

stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

auth = {
  "sitereference": "test_site12345",
  "requesttypedescriptions": ["AUTH"],
  "accounttypedescription": "ECOM",
  "currencyiso3a": "GBP",
  "baseamount": "1050",
  "orderreference": "My_Order_123",
  "paymenttypedescription": "VISA",
  "pan": "4111111111111111",
  "expirydate": "12/2020",
  "securitycode": "123"

strequest = securetrading.Request()
stresponse = st.process(strequest) #stresponse contains the transaction response

if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
  throw new Exception('Composer autoloader file could not be found.');

$configData = array(
  'username' => '[email protected]',
  'password' => 'Password1^',

$requestData = array(
  'sitereference' => 'test_site12345', 
  'requesttypedescriptions' => array('AUTH'),
  'accounttypedescription' => 'ECOM',
  'currencyiso3a' => 'GBP',
  'baseamount' => '1050',
  'orderreference' => 'My_Order_123',
  'paymenttypedescription' => 'VISA',
  'pan' => '4111111111111111',
  'expirydate' => '12/2020',
  'securitycode' => '123'

$api = \Securetrading\api($configData);
$response = $api->process($requestData);

curl --user [email protected]:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias":"[email protected]",
"version": "1.00",
"request": [{
  "currencyiso3a": "GBP",
  "requesttypedescriptions": ["AUTH"],
  "sitereference": "test_site12345",
  "baseamount": "1050",
  "orderreference": "My_Order_123",
  "accounttypedescription": "ECOM",
  "paymenttypedescription": "VISA",
  "pan": "4111111111111111",
  "expirydate": "12/2020",
  "securitycode": "123"
{"alias":"[email protected]","version":"1.00","request":[{"currencyiso3a":"GBP","requesttypedescriptions":["AUTH"],"sitereference":"test_site12345","baseamount":"1050","orderreference":"My_Order_123","accounttypedescription":"ECOM","paymenttypedescription":"VISA","pan":"4111111111111111","expirydate":"12\/2020","securitycode":"123"}]}
<requestblock version="3.67">
  <alias>[email protected]</alias>
  <request type="AUTH">
      <payment type="VISA">
      <amount currencycode="GBP">1050</amount>

Replace <DOMAIN> with a supported domain. Click here for a full list.


Field specification

Field Format Description
XPath: /billing/payment/@type
Alpha (20) Payment method (e.g. “VISA” or “MASTERCARD”).

With verify card type set to “1”, if the card number submitted by the customer does not match this payment method, the AUTH will not be completed and a 10103 error will be displayed.




To change your verify card type configuration, please contact our Support team.