Using blacklist tokens

Building up a set of blacklisted cards (using blacklist tokens) can help you avoid fraud and financial losses.

To verify a card against your database of blacklisted cards

Create a payment request. If the payment request succeeds, a unique <BlacklistToken> value is returned.
Verify the blacklist token against your database, and if there is a match, release or refund the payment.

Alternatively, you can use the verify order page (callback_verify_order) to verify the blacklist token. If the credit card is blacklisted, you can abort the transaction. For information about setting up the verify order page, see Payment Verify Order Page (callback_verify_order).

The difference between a blacklist token and a credit card token is that the blacklist token only represent the card number, whereas the credit card token represents both the card number and the expiry date.

Related information

For more information about XML response parameters, see API Response structure (XML).