Card Present Integration
The Card Present (CP) solution within the Global API (SEP) enables you to process physical card transactions—including chip-insert (EMV), contactless (NFC), and magnetic stripe (MSR)—using secure hardware integrated directly into our ecosystem.
By utilizing the same API infrastructure as our Ecommerce solution but switching to hardware-secured data strings (EMV Tags and Track Data), you achieve a true omnichannel reconciliation experience. This integration shifts the security burden from your software to the hardware and the issuer, leveraging Liability Shift protections.
The Unified Global API Architecture
The Card Present flow is a core component of the Global API. It shares the same base URLs, authentication mechanisms (OAuth 2.0), and core JSON structures as digital payments. The primary difference lies in the payload: you replace customer-entered card details with hardware-generated, encrypted data.
Key Technical Pillars
To integrate Card Present successfully, you must implement the following:
- Terminal Identity: Include the
terminal_numberwithin theterminalobject for every request to identify the specific registered physical device. - Hardware-Generated Payloads: Provide encrypted EMV (TLV) strings, Track 2 data, or PIN Blocks instead of raw Primary Account Numbers (PAN).
- Direct Payment Methods: Use specific enums, such as
DIRECT_CREDIT, to trigger the hardware-specific processing logic. - DUKPT Encryption: Utilize Derived Unique Key Per Transaction (DUKPT) for PIN-verified payments. You must transmit both the
pin_blockand theksn(Key Serial Number) provided by the hardware reader.
Connectivity Topologies
Choose your integration strategy based on how your hardware communicates with the Global API:
| Topology | Connectivity Path | Primary Responsibility |
|---|---|---|
| Direct Integration | Terminal → Getnet API | The terminal firmware acts as the API client, managing OAuth tokens and JSON construction directly. |
| Merchant Host | Terminal → Merchant Server → Getnet API | The terminal captures raw data; your backend server manages the API request, business logic, and security headers. |
Core Transaction Models
The Card Present API supports three primary business flows to cover all retail and service scenarios:
- Single-Step (Sale): Execute a direct transaction where authorization and capture occur simultaneously.
- Two-Step (Pre-authorization): Reserve funds on a physical card (e.g., during hotel check-in or vehicle rental) and capture the funds later via a separate API call.
- Installments: Split the purchase total into multiple payments. Choose between merchant-financed (
INSTALL_NO_INTEREST) or issuer-financed (INSTALL_WITH_INTEREST) plans.
Global Availability & Features
Card Present features are available across our global footprint, supporting localized requirements such as Chile (CLP), Mexico (MXN), and Argentina (ARS).
| Feature | Mexico | Argentina | Chile |
|---|---|---|---|
| Chip + PIN | ✅ | ✅ | ✅ |
| Contactless (NFC) | ✅ | ✅ | ✅ |
| Magnetic Stripe | ✅ | ✅ | ✅ |
| Installments | ✅ | ✅ | ✅ |
Security and Compliance
Integrating via Card Present significantly reduces your PCI-DSS scope through hardware-level encryption:
- Liability Shift: Protect your business against fraud-related chargebacks by processing via EMV Chip or Contactless interfaces.
- End-to-End Encryption (E2EE): Ensure sensitive card data is encrypted within the hardware reader before it reaches your network or our API.
- PCI-DSS Scope Reduction: Avoid processing raw card data on your servers. Because the hardware handles the encryption, your compliance burden is minimized.
Next Steps
- Card Present Quickstart: Execute your first physical card payment in the Sandbox environment.
- Terminal Requirements: Review hardware specifications and API configuration requirements.
- Regional Requirements: Explore country-specific currencies, installment plans, and local regulations.
On this page
Card Present Integration