Skip to content
APIs/Payments/
Sequence diagrams

Payments API - sequence diagrams

Last updated: 16 June 2026 | Change log

Below are some common flows when using the Payments API.

For greater control of the payment flow, view the sequence diagrams for our Modular APIs.

Guest card payment

A basic card payment with no additional features such as 3DS or FraudSight enabled.

IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserOrder receipt pageClick PayPayPayment requestAuthorization requestAuthorization responsePayment responseSettlement requestSettlement responseTransaction complete
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserOrder receipt pageClick PayPayPayment requestAuthorization requestAuthorization responsePayment responseSettlement requestSettlement responseTransaction complete

FraudSight

Card payment with FraudSight enabled that results in a highRisk assessment outcome that stops the payment.

Payments APIMerchant BackendMerchant FrontendBrowserPayments APIMerchant BackendMerchant FrontendBrowseroutcome: highRisk Payment stoppedTransaction failedClick PayPayPayment requestFraud assessmentPayment responseTransaction failed
Payments APIMerchant BackendMerchant FrontendBrowserPayments APIMerchant BackendMerchant FrontendBrowseroutcome: highRisk Payment stoppedTransaction failedClick PayPayPayment requestFraud assessmentPayment responseTransaction failed

3DS - Integrated

Card payment with 3DS authentication enabled, resulting in a frictionless issuer response.

IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserOrder receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData requestAuthorization requestAuthorization response3dsDeviceData responseSettlement requestSettlement responseTransaction complete
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserOrder receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData requestAuthorization requestAuthorization response3dsDeviceData responseSettlement requestSettlement responseTransaction complete

3DS - External

Card payment with External 3DS, where authentication is completed by your own MPI or 3DS provider before the payment request is submitted.

IssuerPayments APIExternal 3DS ProviderMerchant BackendMerchant FrontendBrowserIssuerPayments APIExternal 3DS ProviderMerchant BackendMerchant FrontendBrowserAuthentication completeOrder receipt pageClick PayInitiate paymentInitiate 3DS authenticationAuthentication requestFrictionless authentication responseReturn ECI, authValue, dsTransactionIdPayment request (threeDS.type: "external")Authorization requestAuthorization responsePayment responseSettlement requestSettlement responseTransaction complete
IssuerPayments APIExternal 3DS ProviderMerchant BackendMerchant FrontendBrowserIssuerPayments APIExternal 3DS ProviderMerchant BackendMerchant FrontendBrowserAuthentication completeOrder receipt pageClick PayInitiate paymentInitiate 3DS authenticationAuthentication requestFrictionless authentication responseReturn ECI, authValue, dsTransactionIdPayment request (threeDS.type: "external")Authorization requestAuthorization responsePayment responseSettlement requestSettlement responseTransaction complete

SCA Exemptions

Exemption granted with a placement of authorization and is honored by the issuer (payment authorized)

IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserExemption granted Placement: authorization Type: lowRisk or lowValueExemption honored payment authorizedOrder receipt pageClick PayPayPayment requestExemption assessmentAuthorization requestAuthorization ResponsePayment responseSettlement requestSettlement responseTransaction complete
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserExemption granted Placement: authorization Type: lowRisk or lowValueExemption honored payment authorizedOrder receipt pageClick PayPayPayment requestExemption assessmentAuthorization requestAuthorization ResponsePayment responseSettlement requestSettlement responseTransaction complete

Storing credentials for future CIT / Store a card only

Setup a customerAgreement to store credentials for future CIT payments.

  • Set the customerAgreement.type to cardOnFile and storedCardUsage to first
  • Set tokenCreation.type to worldpay in order to store the credentials.
  • The example includes 3DS for SCA or 3DS mandated countries
  • If no initial payment is to be made (e.g. free trial), set the value.amount to 0. A card verification is performed instead.
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: cardOnFile storedCardUsage: firstSet tokenCreation.type: worldpayFor `store a card only` (no payment) Set value.amount: 0payment authorizedWorldpay Token providedalt[For payment without autosettlement]Order receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData request3dsDeviceData responseChallenge JWT/URL3DS challenge formForm postReturn to merchant site3dsChallenges requestAuthorization RequestAuthorization Response3dsChallenges responseSettlement requestSettlementTransaction complete
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: cardOnFile storedCardUsage: firstSet tokenCreation.type: worldpayFor `store a card only` (no payment) Set value.amount: 0payment authorizedWorldpay Token providedalt[For payment without autosettlement]Order receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData request3dsDeviceData responseChallenge JWT/URL3DS challenge formForm postReturn to merchant site3dsChallenges requestAuthorization RequestAuthorization Response3dsChallenges responseSettlement requestSettlementTransaction complete

Subsequent CIT

Using a previously stored card to make a payment

IssuerIssuersPayments APIMerchant BackendMerchant FrontendBrowserIssuerIssuersPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: cardOnFile storedCardUsage: subsequentUse Network Token or Worldpay Tokenpayment authorizedOrder receipt pageClick PayPayPayment requestAuthorization RequestAuthorization ResponsePayment responseSettlement requestSettlement responseTransaction complete
IssuerIssuersPayments APIMerchant BackendMerchant FrontendBrowserIssuerIssuersPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: cardOnFile storedCardUsage: subsequentUse Network Token or Worldpay Tokenpayment authorizedOrder receipt pageClick PayPayPayment requestAuthorization RequestAuthorization ResponsePayment responseSettlement requestSettlement responseTransaction complete

Storing credentials for future MIT

Setup a customerAgreement to store credentials for future MIT payments.

  • Set the customerAgreement.type to subscription and storedCardUsage to first
  • Set tokenCreation.type to worldpay in order to store the credentials.
  • The example includes 3DS for SCA or 3DS mandated countries and has the threeDS.challenge.preference set to challengeMandated.
  • If no initial payment is to be made (e.g. free trial), set the value.amount to 0. A card verification is performed instead.
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: subscription storedCardUsage: firstSet threeDS.challenge preference: challengeMandatedSet tokenCreation.type: worldpayFor no initial payment Set value.amount: 0payment authorizedWorldpay Token and schemeReference providedalt[For payment without autosettlement]Order receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData request3dsDeviceData responseChallenge JWT/URL3DS challenge formForm postReturn to merchant site3dsChallenges requestAuthorization requestAuthorization response3dsChallenges responseSettlement requestSettlementTransaction complete
IssuerPayments APIMerchant BackendMerchant FrontendBrowserIssuerPayments APIMerchant BackendMerchant FrontendBrowserSet customerAgreement type: subscription storedCardUsage: firstSet threeDS.challenge preference: challengeMandatedSet tokenCreation.type: worldpayFor no initial payment Set value.amount: 0payment authorizedWorldpay Token and schemeReference providedalt[For payment without autosettlement]Order receipt pageClick PayPayPayment requestPayment responseDeviceData - BIN/JWT/URL3DS Device Data formForm postPostMessage: dfReferenceId3dsDeviceData request3dsDeviceData responseChallenge JWT/URL3DS challenge formForm postReturn to merchant site3dsChallenges requestAuthorization requestAuthorization response3dsChallenges responseSettlement requestSettlementTransaction complete

Subsequent MIT

Send a Merchant Initiated Transaction (MIT) request for subsequent recurring transactions.

IssuersPayments APIMerchant BackendMerchant FrontendBrowserIssuersPayments APIMerchant BackendMerchant FrontendBrowserSet `customerAgreement.type = subscription` `customerAgreement.storedCardUsage = subsequent`Order receipt pageClick PayPayPayment requestPayment responseSettlement requestSettlement responseTransaction complete
IssuersPayments APIMerchant BackendMerchant FrontendBrowserIssuersPayments APIMerchant BackendMerchant FrontendBrowserSet `customerAgreement.type = subscription` `customerAgreement.storedCardUsage = subsequent`Order receipt pageClick PayPayPayment requestPayment responseSettlement requestSettlement responseTransaction complete