Account Updater Overview
Some changes to credit card account information are unpredictable, such as account closures, upgrades to new card products, and cards that are lost or stolen. Such outdated information can lead to card transactions being declined, resulting in inconvenience for e-commerce merchants, particularly if they are processing recurring, scheduled transactions.
To avoid these situations, and to avoid having to find out from cardholders whether and when their card information has changed, merchants can subscribe to the Paysafe Account Updater service, which enables them to request and receive credit card number and expiry date updates from Visa and Mastercard for customer accounts they have on file.
Note the following:
- Only Visa and Mastercard participate in the Account Updater program. If a card is from a different issuer, a "no match" or an error is returned.
- For Account Updater to work you must boarded at an acquiring bank that supports it:
- OPN (Paysafe Acquiring, formerly known as Optimal Acquiring)
- Banks that use TSYS, including People's Trust, Harris and Merrick
The Account Updater service queries the card issuer, which responds with a decision code that summarizes the status of the card; for example, that the account has been closed, or that the expiry date has changed (the new date is in the response). For a complete list of responses, see Response file decision codes.
Paysafe offers the following Account Updater service options:
- Customer Profile Option, where Paysafe automatically updates the payment card information in the recurring billing customer profiles that it stores. This ensures that none of your scheduled billing records will fail as a result of, for example, an expired credit card. Every merchant is subscribed to this option.
- Customer Vault Option, which uses the Customer Vault API. Vault profiles are accessible through the Paysafe Back Office (Merchant Portal).
- File-based Option, where you, the merchant, securely upload files containing payment card data to Paysafe, which replies with any updated card information (for example, new expiry dates), which you can then use to update your own records.
When you sign up for the Account Updater service, if you have customer profile records stored by Paysafe they are automatically updated. You can then choose whether to use the file-based option, but you cannot opt out of the customer profile option. If you would like to try out the File-based Option in a test environment, contact firstname.lastname@example.org, who will enable this option.
Before you use any of these options you need to set up Secure File Transfer Protocol (SFTP), which you use to transfer files to and from Paysafe. If you are using the File-based option, you also need to get a copy of the PGP encryption key that you use to encrypt your Account Updater files before sending them to Paysafe.
If you choose the File-based option, you must use SFTP to upload your Account Updater files to Paysafe. Whatever option you choose, you also need to use SFTP when you download the results files from Paysafe. For you to be able to use the Paysafe SFTP site, Paysafe must first enable your merchant account; contact Paysafe technical support to enable your account.
After you are set up for SFTP you need an SSH security key generator, such as puttygen.exe, and a secure file transfer client, such as WinSCP.exe, which you can download for free from the internet.
To use SFTP to upload batch files, you must:
- Create a public key (see “Creating your security key” in the document Configuring for SFTP).
Configuring for SFTP instructs you to email your public key to Paysafe. However, for the purposes of connecting to the Paysafe SFTP site, send the public key using the Settings > Manage Keys tab in the merchant back office.
- Upload the public key to Paysafe (see Uploading your SFTP public key below).
- Configure WinSCP to communicate with Paysafe (see “Configuring WinSCP” in the document Configuring for SFTP).
To upload your public key and gain access to the Paysafe SFTP site:
- Generate your security key and copy it to your clipboard.
- In the merchant back office, click the Settings tab.
- Click Manage Keys.
- Paste your security key into the SFTP data field.
- Click Save.
It takes Paysafe 24 hours to process your newly uploaded public key, after which you will have access to your folders at Paysafe.
If you are using the File-based option, you need to use Paysafe's public Pretty Good Privacy (PGP) key to encrypt the random key that is used to encrypt your Account Updater files before you upload them (and the encrypted key) to the SFTP site. Paysafe then uses a private key corresponding to the public PGP key to decrypt the encrypted key, which it then uses to decrypt the Account Updater files. The public key is available here; unzip it after downloading. For how to set up PGP, see Decrypting Response Files.