Payment automation
Last updated
Was this helpful?
Last updated
Was this helpful?
This section describes how to use automated payments processing. We also provide links to information on Mews PCI compliance, including current certification. For connecting to Mews Payment Terminals to take payments from customers, please refer to .
PCI Compliance
If the user interface of your solution involves the collection and storage of credit card details in a secure manner against the customer's profile in Mews, you can use and then to securely take and post a payment into Mews. The workflow mimics the result of a user manually in Mews Operations and then .
'How to' use case
API Operations
How to add a credit card to the guest profile
How to charge a guest credit card using Mews Payments
To check if a user's credit card is already attached to their customer profile, call to search for credit cards by the CreditCardId
or CustomerId
. The credit cards tokenized via the Mews Payment Gateway (PCI Proxy) can be identified by the property, with the corresponding value being "Gateway".
'How to' use case
API Operations
How to check if a credit card is stored against a guest profile
'How to' use case
API Operations
How to get the merchant ID for the Mews Payment Gateway
Obfuscated number:
ObfuscatedNumber
should only contain at most the first six digits and last four digits of a credit card. Alternatively replacing the entire string value with 16 asterisks*
is also acceptable.
The credit card will now be visible in the customer profile in Mews, under the Payments > Credit cards section. Note that while customer profiles are shared across all properties in a chain, credit card details are not.
As an integration partner, you will not need to set up your own Payment Gateway account. Rather, when automating payments via the Mews Connector API, you should work with Mews' own account. To do so, call to obtain the PublicKey
value, found within the object. This value will be used as the merchantId
with the Mews Payment Gateway (PCI Proxy).
Refer to the for collecting card number, CVV and expiration date* through the Secure Fields payment form. Implement Quick Start Step 1 and follow the Secure Fields Form recipe. As part of this process, you will use the Mews PublicKey
(obtained in the step above) as the merchantId
. Take note of data.transactionId
in the response, which looks like a series of numbers (e.g. 201028230732590232
). For further assistance, see . Note you do not need to follow Step 2 , this step is performed instead by the Mews back-end.
Expiration date: Though not required by PCI Proxy, credit card expiration date is listed as a mandatory parameter on the endpoint so that it can be displayed within the customer profile in Mews. This can also be used as an additional validation method for the property to know if there is an expired card on file. To handle this, we recommend that the payment form includes a field for users to input their credit card expiration date, which need not be sent to PCI Proxy, but should be cached, so that the information can be included in the API request.
Add the tokenized credit card to a customer profile in Mews by calling . Enter the transactionId
and obfuscated credit card details in the object. Take note of the CreditCardId
in the API response.
Now that you have the CreditCardid
, you can use the endpoint to charge the customer.
Charge credit card: Note the operation actually charges the customer's credit card, whereas the operation does NOT. The latter simply records a credit card payment in Mews and does not trigger any additional action beyond Mews - suitable for when the customer's credit card has already been charged from your solution.