Acquiring Overview
Highnote gives you full control over accepting and disbursing payments, regardless of payment method. Whether you want to accept one-time payments online, set up recurring payments, or process digital wallet payments, the Highnote API enables seamless and dependable payment processing directly from your website or mobile application.
To accept online payments, you must create a payment form for your website or application that lets customers input their sensitive data securely.
To maintain PCI SAQ-A compliance, we recommend building your payment form with the Highnote Secure Inputs SDK, which uses client tokens for its GraphQL API requests.
To maintain PCI SAQ-A compliance, you must tokenize customer data.
Tokenizing customer data ensures that PCI data does not cross your server. Highnote's Secure Inputs SDK handles the input of customer PCI payment card data and submits it to Highnote’s API directly. This workflow keeps you PCI SAQ-A compliant.
The following graphic outlines the acquiring sequence flow with tokenization:
Merchants that are PCI SAQ-D compliant and securely store PCI data already, can choose to bypass tokenization by directly charging payment card data.
The following graphic outlines the acquiring sequence flow without tokenization:
Highnote acquiring APIs use the following foundational objects to manage your payments:
| Concept | Definition |
|---|---|
| Acquiring Bank | Financial institution that sponsors Bank Identification Numbers (BIN), handles money movement, underwriting, and facilitates communication in electronic payment transactions |
| Merchant Settlement Financial Account | Type of Highnote Ledger account that tracks all of your organization’s acquiring transaction funds. |
| Merchant Identification Number (MID) | 15-digit numerical value defined by Highnote that uniquely identifies your business for facilitating credit and debit card payments |
| Merchant Acceptor | Defines the device and/or method that accepts the details necessary to initiate a payment transaction (e.g., POS or virtual terminal). |
| Payment Transaction | Object that captures the intent of a transaction and its details, including the relevant amounts, line items of products/services, and instructions. Transactions are either purchase or credit events. |
| Financial Transaction Event | Events corresponding to each step in the payment transaction lifecycle. Events are immutable, meaning they can't be changed. But events can be compensated--e.g., if a CardPaymentAuthorizedEvent occurs, you can cancel the event, resulting in a CardPaymentReversedEvent. |
| Financial Instrument | Object that defines the mechanism used for the payment transaction, such as card payments and ACH |
| Disbursement | Step in the payment transaction lifecycle where funds due to a merchant account are calculated and paid out, including fees and reserve amounts |
| Payout | Step in the payment transaction lifecycle where available funds are moved from Highnote to a Merchant Account. |
| Descriptor | Highnote-defined alphanumeric value that identifies your business in each payment transaction. |
Highnote's Acquiring product follows a payment transaction lifecycle that provides information about each step. For each step in the payment transaction lifecycle, there are corresponding financial transaction events that take place.
The following graphic outlines the payment transaction states in Highnote's acquiring flow:
A typical card payment transaction has the following steps. Financial transaction events associated with each step are done synchronously in the Highnote platform:
| Payment Transaction Step | Financial Transaction Event | Description |
|---|---|---|
| CardAuthorizationStep | Record of a payment transaction authorizing an amount using a PaymentMethod | |
| CardPaymentAuthorizedEvent | Represents a card payment authorization event within the Highnote platform. | |
| CardIncrementalAuthorizationStep | Record of a payment transaction authorizing an additional amount beyond the initial authorized amount using a PaymentMethod. | |
| CardPaymentIncrementalAuthorizedEvent | Represents a card payment incremental authorized event within the Highnote platform. | |
| CardReversedStep | Record of a payment transaction authorization being canceled. | |
| CardPaymentReversedEvent | Represents a card payment reversal event within the Highnote platform. | |
| CardCapturedStep (first partial capture) | Record of a payment transaction capturing an amount with a payment method. | |
| CardPaymentIncrementalAuthorizedEvent (Optional) | Represents a card payment incremental authorized event within the Highnote platform. | |
| CardPaymentPartialReversedEvent (Optional) | Represents a card payment partial reversal event within the Highnote platform. | |
| CardPaymentCapturingEvent | Represents a card payment capturing event within the Highnote platform. | |
| CardPaymentCaptureProcessingEvent | Represents a card payment capture processing event within the Highnote platform. | |
| CardPaymentSettledEvent | Represents a card payment settled event within the Highnote platform. | |
| CardPaymentDisbursedEvent | Represents a card payment disbursement event within the Highnote platform. |
To keep Highnote's Acquiring API response time low, we return Summary objects from our mutations. These summary objects contain simplified data about your request. Refer to the Card transaction lifecycle.
To get a full version of a summary object, you can query for the CardAuthorizationStepSummary and then query for the CardAuthorizationStep.
Use the following query to return a CardAuthorizationStepSummary:
Use the following query to return a CardCaptureStepSummary:
The Highnote GraphQL API supports idempotency to ensure platform reliability and consistency. Idempotency acts as a guardian, ensuring that API requests with identical parameters don’t trigger the same action twice if a connection error occurs.
Our Highnote API idempotency key lets you reattempt failed API requests, without creating duplicates or provoking conflicts.
Key specs
To enable idempotency, add an idempotency key to all Highnote API mutations with the following specifications:
- V4 UUID format
- 255 character limit
After receiving the request, the Highnote platform stores the provided UUID with your Organization ID and query. With the idempotency key stored, the Highnote API tracks the parameters of incoming requests to determine if a request is new or a retry.
Key expiration
Idempotency keys expire after 24 hours. If needed, the Highnote team can configure alternate expiration timing for your organization. Contact support@highnote.com.
Key example
The following code snippet is an example of a mutation sent to the API with an idempotency key provided as an input variable:
The Highnote Acquiring Amount object is more precise than that of Highnote Issuance. For example, transactions have an interchange fee of 1.5%. Given a transaction of $1.10, the interchange fee is $0.0165.
To properly express this particular value, Amount should display with 4 decimal places.
Highnote Acquiring’s Amount object provides a decimalPlaces value that can be used to determine how many significant digits should be displayed.
Amount precision example
In this example, 4 decimal places are configured so the value to display should be 0.0165