During the Authorize transaction request (Payment API v2) or Payment Request (Payment API v1). The decision may be accept, decline, or require OTP.
B2C: Full name, date of birth (when required), email, phone, billing address; shipping address if different; and for direct debit: IBAN. B2B: Company name, email, phone, billing address, VAT ID (if available); shipping address if different; and for direct debit: IBAN.
Common reasons: address mismatch, insufficient data, risk rules, credit constraints, product or country restrictions, or contract limits.
Yes - depending on contractual agreements.
Ensure proper data quality for buyer inputs (e.g. address validation), consider the contractually agreed basket limits and check logs for technical correct transmission.
For B2C transactions, a date of birth is required to assess eligibility and identity.
B2B may require company name and VAT ID. Risk rules can differ from B2C.
A one‑time passcode sent via SMS for additional verification during the Authorize transaction request. Triggered based on product/risk logic. Depends on contractual agreement.
Using the Ratepay payment methods with baskets, where the purchase of gift cards are intended, are not allowed. In case an already bought gift card should be redeemed, it should be transmitted as separate discount item during the Authorize transaction request (Payment API v2) or Payment Request (Payment API v1), so the amount will be reduced.
Ratepay applies its own risk logic and fraud indicators. Merchants can additionally layer their own screening before calling the Authorize transaction request (Payment API v2) or Payment Request (Payment API v1).
Depending on contractual agreements, you are allowed to share your positive customer history with us, so Ratepay can consider it during the risk assessment. See here for more details.