Version 3.57.0
Option to deduct excess authorisation amounts from next card virtual budget cycle
We have added a feature to cover edge cases in card spend controls where a card’s availableToSpend has gone into the negative, and this negative amount can be optionally applied to (deducted from) the spend limit in the next interval.
This feature can be configured by setting rolloverPolicy.rolloverNegative to TRUE when creating or updating a card’s spend rules:
POST /managed_cards/{id}/spend_rules
PATCH /managed_cards/{id}/spend_rules
For API documentation as well as general documentation on spend controls.
Please contact Weavr support to get help testing out this new spend controls feature.
Card spend controls now allow zero-value authorisation for Google Wallet
We've improved how we handle verification requests when end customer card assignees add their card to Google Wallet, which is done by a zero-value authorisation request. Previously, these verification checks could be incorrectly declined by the spend rules.
Now, legitimate account verification requests will process smoothly, making it easier for end users to add their card to Google Wallet while maintaining security for other types of transactions.
Improved matching of incremental authorisations to settlement
We've improved our system to automatically link payment authorisations to their corresponding settlements with greater accuracy. This enhancement makes it easier for corporate customers to track and reconcile transactions, streamlining the reconciliation process and reducing manual effort.
Ability to send a new SMS OTP for confirming a transaction
When performing Strong Customer Authentication (SCA) on Account-to-account payments (OWTs and Sends) using POST /challenges/otp/sms , if the end-user does not receive the SMS, our system now allows for a second SMS with a new OTP to be sent (as long as 15 seconds have passed since the first request). This is the same as previously implemented on POST /stepup/challenges/otp/SMS
The end-user already has up to four attempts to input the correct OTP from the SMS (via POST /challenges/{scaChallengeId}/otp/{channel}/verify) before it returns CHALLENGE_LIMIT_EXCEEDED.
Details are available in the documentation here.
SMS OTP for enrolment of a mobile device for use of SMS OTPs, and SMS OTP for card purchase 3-D Secure are not included in the scope of this update.
End Customer ID included in OWT webhook
In the Managed Account update webhook we are now providing an additional owner field to show which End Customer the Managed Account belongs to. This may help by removing the need to perform an API call to determine this information.