Guides
API Reference
Start typing to search…

🗄️DataOnly

DataOnly – Visa & Mastercard

📋 Overview

DataOnly is an authentication-like data pass‑through available for Visa and Mastercard that lets merchants send rich cardholder and device information to issuers without a customer challenge. It can be used with both credit and debit cards and typically improves approval rates for e‑commerce transactions.

⚠️

Important: Because there is no challenge, there is no liability shift. Fraud and chargeback risk remains with the merchant.

⚠️

Important Notice To send a transaction using the DataOnly flow, you must include the attribute:

"data_only": true

When using DataOnly, do not send the threeds_authentication object for 3DS — a transaction can be either 3DS or DataOnly, not both.

🎯 Benefits

  • Debit & Credit: works for Visa and Mastercard
  • Higher approval rate by sharing richer data with issuers
  • Frictionless: no 3DS challenge for the customer

⚠️ Risks & Considerations

  • No liability shift: chargeback liability remains with the merchant
  • ❌ Issuer behavior may vary for debit; some issuers may decline without a challenge
  • ❌ Requires a complete, accurate payload (payer data, address, device_info, description, items) to maximize approval

🧭 How it works (High‑level flow)

sequenceDiagram
  autonumber
  participant C as Customer
  participant M as Merchant Backend
  participant A as A55 API
  participant I as Issuer/Network

  C->>M: Initiates checkout
  M->>A: POST /bank/wallet/charge (with full payer + device_info)
  A->>I: DataOnly authorization (no challenge)
  I-->>A: Approve/Decline decision
  A-->>M: Status (confirmed/error)
  M-->>C: Show result

Pro‑tip: Pair DataOnly with Device Data Collection (DDC) to strengthen issuer risk signals and approval odds.

🔌 Request (example)

Use this payload to create a charge. Make sure to send complete payer_*, address, items and device_info`.

Note: card_number must be Visa or Mastercard for DataOnly.

{
  "wallet_uuid": "00000000-0000-0000-0000-000000000000",
  "merchant_id": "11111111-1111-1111-1111-111111111111",
  "payer_name": "John Doe",
  "payer_email": "[email protected]",
  "payer_tax_id": "38899334821",
  "payer_cell_phone": "+5511999999999",
  "items": [
    {
      "name": "Sample Product",
      "description": "Description of the sample product",
      "quantity": 1,
      "total_amount": 100,
      "unit_amount": 100,
      "sku": "SAMPLE-SKU-123",
      "code": "SAMPLE-CODE-456"
    }
  ],
  "payer_address": {
    "street": "Sample Street",
    "address_number": "123",
    "complement": "Apt 101",
    "neighborhood": "Sample Neighborhood",
    "city": "Sample City",
    "state": "SP",
    "postal_code": "00000-000",
    "country": "BR"
  },
  "currency": "BRL",
  "installment_value": 100,
  "installment_count": 1,
  "due_date": "2025-12-31",
  "description": "Sample transaction description",
  "type_charge": "credit_card",
  "card_name": "John Doe",
  "card_number": "4111111111111111",
  "card_expiry_month": "12",
  "card_expiry_year": "2030",
  "card_cvv": "123",
  "data_only": true, // This will send your transaction through the DataOnly flow
  "device_info": {
    "session_id": "18e9905d-a5d1-49ee-95bc-fa06c3f4f44f", // Use the SDK in your frontend to retrieve this information.
    "ip_address": "192.168.0.1",
    "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.0.0 Safari/537.36",
    "http_accept_content": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8",
    "http_browser_language": "en-US",
    "http_browser_java_enabled": true,
    "http_browser_javascript_enabled": true,
    "http_browser_color_depth": "24",
    "http_browser_screen_height": "1080",
    "http_browser_screen_width": "1920",
    "http_browser_time_difference": "-180",
    "http_accept_browser_value": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
  },
  "webhook_url": "https://webhook-test.com/sample-webhook"
}

🔎 Required fields for DataOnly (summary)

GroupField(s)Notes
data_onlyTrueThis will send your transaction through the DataOnly flow
Payerpayer_name, payer_email, payer_cell_phone, payer_tax_idContact details used by issuer risk systems
Addressstreet, address_number, neighborhood, city, state, postal_code, countryFull, valid address improves approval
Orderitems[] (name, description, quantity, unit_amount, total_amount, sku/code)Provide SKU/code for clarity
Cardcard_name, card_number, card_expiry_month, card_expiry_year, card_cvvVisa/Mastercard only
DeviceAll device_info.* shown aboveCritical for issuer decisioning
Routingwebhook_urlFinal status is delivered here

🧩 Using the SDK (payV2) with DataOnly

You can use A55Pay SDK to automate DDC and device fingerprinting. Unlike 3DS, no challenge/modal is expected in DataOnly.

Load the SDK

<script src="https://cdn.jsdelivr.net/npm/a55pay-sdk"></script>

Minimal call

<script>
  A55Pay.payV2({
    charge_uuid: "<your-charge-uuid>",
    userData: {
      payer_name: "John Doe",
      payer_email: "[email protected]",
      payer_tax_id: "38899334821",
      holder_name: "JOHN DOE",
      number: "4111 1111 1111 1111",
      expiry_month: "12",
      expiry_year: "2030",
      ccv: "123",
      postal_code: "00000-000",
      street: "Sample Street",
      address_number: "123",
      neighborhood: "Sample Neighborhood",
      city: "Sample City",
      state: "SP",
      country: "BR"
    },
    onReady: () => console.log('Collecting device data (DDC)...'),
    onSuccess: (result) => console.log('Approved:', result),
    onError: (err) => console.error('Error:', err)
  });
</script>

📬 Responses (typical)

Approved

{
  "status": "confirmed",
  "currency": "BRL",
  "charge_uuid": "..."
}

Declined

{
  "status": "error",
}

You will always receive the final status via your webhook_url.

✅ Best Practices

  • Provide complete data: payer, address, items, description, and device_info
  • Use HTTPS everywhere; avoid mixed content and blocked signals
  • Pair with DDC (via SDK) to strengthen issuer signals
  • Monitor your webhook for final status transitions

❓ FAQ

Is DataOnly the same as 3DS?
No. DataOnly is a frictionless data pass‑through with no challenge and no liability shift.

Which brands are supported?
Visa and Mastercard.

What happens with debit cards?
Issuer behavior varies. Some issuers may decline without a challenge.

Can I enable DataOnly and 3DS together?
No. Only one can be active at a time for your account.

Do I still need device_info?
Yes. Rich device and browser data is essential for issuer risk decisioning.

Updated 23 days ago