API Change Logs

Learn about the latest updates to our Transaction API:


July 2024

11th July


API Version 6.21.3

API version 6.21.3 released to support:

  • Removal for OneUseToken authentication.

  • Updates to the Production Sandbox environment ONLY, with the following changes (in line with the Platform Update comms):

    • The deviceIdentifier attribute will return kDeviceId in receipts.

    • cardScheme, cardCategory and bank attributes, will be returned in upper case.

    • The following attributes have been removed from requests and responses:

      • line1

      • line2

      • city

  • IssuerNumber is no longer included in transaction requests, following the deprecation of Maestro cards.

Please note, API Version 6.21.2 has been skipped.

For more information, see Transaction API.


June 2024

10th June


API Version 6.21.1

API version 6.21.1 released to support:

  • Improved handling of Step Up flow.

    • This ensures consumers are presented with a challenge in all cases of a soft decline.

  • Configurations introduced in preparation for API updates to support the Shodan platform migration.


April 2024

24th April


API Version 6.21.0

API version 6.21.0 released to support:

  • The removal of consumer.consumerToken from receipts.

  • The Introduction of the incremental authorisation feature.

    • The ability to set allowIncrement flag in preAuth and Payment Session requests.

    • The Introduction of the new incrementalAuth endpoint.

      • This is used to increment a preAuth amount.



May 2023

API Version 6.20 updated January 2024:

  • Added card scheme:

    • Diners Club

  • The result and message attributes updated in transaction receipts. This is to be consistent after 3D Secure has been performed.

API Version 6.20 updated December 2023:

  • Added support for currency:

    • EGP (Egyptian Pound)

  • Introduced support for 3D Secure 2 Step Up Flow.

  • Support for 3D Secure 1 dropped.

  • Introduced Overcapture feature:

    • (Cybersource-Barclays merchants only).

11th May


API Version 6.20

API version 6.20 released to support:

  • The introduction of the shortReference field for GET /webpayments/{reference} response model.

  • The introduction of the delayedAuthorisation flag for POST /paymentsession and POST /webpayments/preauths requests.

    • The delayedAuthorisation flag should not be specified on:

      • POST /webpayments/payments or,

      • POST/webpayments/checkcard

  • The introduction of the delayedAuthorisation flag returned on GET /webpayments/{reference} and GET /transactions/{receiptId}/webpayment response models.

  • When the Judo Shield fraud rules are triggered after performing the 3DS2 authentication:

    • A card decline response is returned

    • The following “message” string is returned in the decline receipt: “Card declined due to fraud rules applied”.

Changes applicable for all API versions:

  • The currency field removed from the request model for POST:

    • /transactions

    • /collections

    • /refunds

    • /voids

  • When specifying a threeDSecureMpi request attribute block, the threeDSecure block is now populated for POST:

    • /transactions

    • /checkcard

    • /registercard

      receipt response.

  • GET /webpayments/{reference} will return status Expired, if the associated paymentSession was used for an unsuccessful transaction attempt more than 30 minutes ago.

  • Making a GooglePay transaction with an incomplete googlePayWallet request block, will now return the name of the missing attribute in the model error.

For more information, see Transaction API.


February 2023

16th February


API Version 6.19

API version 6.19 released to support:

  • The introduction of the following new values in transaction receipts in the risks.cv2Check response attribute:



  • The yourPaymentMetaData block is now returned on immediate receipts if supplied in the following transaction requests:

    • payments

    • preauths

    • checkcard

    • registercard

For more information, see Transaction API.



November 2022

23rd November


API Version 6.18

API version 6.18 released to support:

  • The introduction of delayedAuthorisation flag in /transactions/preauths request.

    For more information, see Transaction API.


September 2022

27th September


API Version 6.17

API version 6.17 released to support:

  • The introduction of cardHolderName in /transactions/savecard request and response.

    For more information, see Transaction API /savecard.


May 2022

25th May


API Version 6.16

API version 6.16 released to support:

  • The introduction of the following fields in the receipt response:

    • paymentNetworkTransactionId

    • recurringPaymentType


For more information, see Transaction API.


April 2022

25th April


API Version 6.15

API version 6.15 released to support:

  • Merchants with the ability to chose the pages to be displayed during the 3DS 2 journey when using Judopay’s Web Payments solution, with:

    • The introduction of the following optional flags on /webpayments/payments, /webpayments/preauths, /webpayments/checkcard endpoints:

      • hideBillingInfo

      • hideReviewInfo


  • Validation on the cardAddress block containing the following attributes:

    • address

    • town

    • state

    • countryCode

    on /paymentSession creation request and /webpayments/payments, /webpayments/preauths, /webpayments/checkcard endpoints: (from API Version 6.14).


For more information, see Transaction API.


6th April


API Version 6.14

API version 6.14 released to support:

  • Calls to create paymentSessions will now validate:

    • cardAddress

    • mobileNumber

    • phoneCountryCode

    • emailAddress

For more information on validation rules, see Transaction API.


March 2022

10th March


API Version 6.13

API version 6.13 released to support:

  • For 3DS 2 transactions:

    • emailAddress is no longer mandatory.

  • All enums are now case insensitive.

  • The introduction of the relatedPaymentNetworkTransactionId field which can be submitted with MIT and Recurring transactions.

  • The Judopay Portal:

    • Re-introduction of yourPaymentMetaData in CSV downloads.

Please note, API Version 6.12 has been skipped.

For more information, see Transaction API.


February 2022

14th February


API Version 6.11

API version 6.11 released to support:

  • Merchants with the ability to specify custom redirect URLs for:

    • successUrl and cancelUrl attributes in:

      • POST /paymentsession

      • POST /webpayments/payments

      • POST /webpayments/preauths

      • POST /webpayments/checkcard


  • Cards registered in the USA and Canada:

    • Added the state attribute to cardAddress in the request and receipt models.


For more information, see Transaction API.


January 2022

27th January


API Version 6.10

API version 6.10 released to support:

  • New endpoint that can be used to cancel open paymentSessions:

    • PUT /paymentsession/{reference}/cancel

    • Empty body sent on request.


  • POST /transactions/savecard

    • Now allows cardToken request attributes to contain:

      • - (hyphen)

      • _ (underscore)

  • Attributes in the cardAddress request object cannot contain:

    • \ (backslash)

  • For 3DS 2 transactions:

    • mobileNumber is no longer mandatory.

For more information, see Transaction API.



October 2021

21st October



API Version 6.8

API version 6.8 released to support:

threeDSecureMpi block for the following endpoints:

  • /payments

  • /preauths

  • /checkcard

  • /registercard

If 3D Secure 2 authentication is performed outside of Judopay, the threeDSecureMpi block allows for the authentication results to be passed into the request.

    "threeDSecureMpi": {
        "dsTransId": "string",
        "cavv": "string",
        "eci": "string",
        "threeDSecureVersion": "string"

For more information, see Transaction API.


September 2021

9th September



API Version 6.7

API version 6.7 released to support:

  • The cardHolderName attribute as supplied on the request is now included in the cardDetails block for the following receipt responses:

    • Initial receipts for 3DS2 and no 3DS transactions.

    • Receipts returned with GET /transactions/{receiptId} for 3DS2 transactions.

  • Receipts returned with GET /transactions/{receiptId} now include the risks block as returned in the initial receipts:

"risks": {
"postCodeCheck": "PASSED",
"cv2Check": "PASSED",
"merchantSuggestion": "Allow"

For more information, see Transaction API.


July 2021

20th July



API Version 6.6

API version 6.6 released to support:

  • Electronic Commerce Indicator (ECI) returned in the PaymentReceipt model (ThreeDSecure Object) for the following endpoints:

    • /payments

    • /preauths

    • /checkcard

    • /resume3ds

    • /complete3ds

The ECI value indicates the level of authentication that was performed on the transaction by the issuer.

For more information, see Transaction API.


June 2021

28th June



API Version 6.6

API version 6.6 released to support:

  • The primaryAccountDetails block. This can be set on requests when creating a Payment-Session.

  • This is intended for use by MCC 6012 merchants.

    • The following information can be submitted using primaryAccountDetails:

      • Name

      • AccountNumber

      • DateOfBirth

      • PostCode

For more information, see Transaction API.


April 2021

21st April



API Version 6.4

API version 6.4 released to support the additional authentication requirements and reduce friction in the 3D Secure 2 payment flow:

  • Mobile Authentication

    • Judopay's Mobile SDK for 3D Secure 2 will be coming soon.

  • Exemption Flags

    • Merchants can request specific customer initiated transactions be exempt from Strong Customer Authentication.

    • Adding exemption flags reduces friction for your customers and associated checkout dropouts.

    • For more information on exemptions to SCA and exemption flags, see Exemptions to Strong Customer Authentication


March 2021

16th March



API Version 6.3

API version 6.3 released to support:

  • The transaction authCode is returned in the:

    • Initial transaction receipt (If this is returned by the Gateway).

    • GET /transactions/{receiptId} call response.

  • GET /transactions/{receiptId} returns the:

    • acquirer

  • For Web Payment Transactions:

    • GET /transactions/{receiptId} returns the:

      • webPaymentReference

All API Versions

Optional Parameters:

  • The amount parameter is now optional on the following calls:

    • POST /transactions/refunds

    • POST /transactions/voids

    • POST/transactions/collections

  • When the amount is not specified, the full value of the auth amount will be used.

  • The CV2 parameter is now optional on the following calls:

    • POST /transactions/checkcard

    • POST /transactions/registercard

  • When the API Token is set to: cv2 optional

New Parameter for 3D Secure 2:

  • The phoneCountryCode parameter is added to:

    • POST /transactions/checkcard

    • POST /transactions/registercard

For more information, see Transaction API.


February 2021

1st February



API version 6.1

API Version 6.1 released to support the new payment methods added to Judopay's Hosted Payments Page:

  • POST /webpayments/checkcard

    • Verify your consumer's card without reserving funds on their account.

    • Performs a zero amount pre-authorisation (0 Auth).

    • Supported for Web Payments - Version 2


  • Maestro Cards For calls to:  

    • POST /transactions/payments   

    • POST /transactions/preauths

    • the startDate parameter is no longer mandatory for Maestro cards.


25th February



API Version 6.2

API version 6.2 released to support:

  • POST /transactions/registercard


  • POST /transactions/checkcard

    • The attribute yourPaymentReference is now


    • If yourPaymentReference is set it will be used. Otherwise a reference will be internally generated.

For more information, see Transaction API.


All API Versions


  • POST /transactions/registercard


  • POST /transactions/checkcard

    • These endpoints now support the same 3D Secure 2 and MIT request body attributes as POST /transactions/preauths:

"initialRecurringPayment": false, 
"recurringPayment": true, 
"recurringPaymentType": "MIT", 
"relatedReceiptId": "651775758628454400", 
"cardHolderName": "John Doe", 
"mobileNumber": "07999999999", 
"emailAddress": "example@domain.com" 
     "authenticationSource": "BROWSER",   
     "methodNotificationUrl": "https://api.judopay.com/order/3ds/methodNotification",   
     "challengeNotificationUrl": "https://api.judopay.com/order/3ds/challengeNotification" 


For 3D Secure 2 Transactions

  • methodNotificationUrl

  • challengeNotificationUrl

    • These attributes within the threeDSecure object are now optional.

    • If these URLs are not set, then default Judopay-hosted URLs will be used.

    • The default URLs will trigger calls to the:

    • POST /transactions/{receiptId}/resume3ds

    • POST/transactions/{receiptId}/complete3ds



January 2021

19th January



API Version 6.0

  • API Version 6.0 released to advertise support for payment requests using 3DSecure 2 authentication.

  • For 3DSecure 2, new attributes are required on:

    • POST /transactions/payments

    • POST /transactions/preauths

"cardHolderName": "John Doe", 
"mobileNumber": "07999999999", 
"emailAddress": "example@domain.com" 
        "authenticationSource": "BROWSER",   
        "methodNotificationUrl": "https://api.judopay.com/order/3ds/methodNotification",   
        "challengeNotificationUrl": "https://api.judopay.com/order/3ds/challengeNotification",   
        "methodCompletion": "No" 


After the device details check:


PUT /transactions/{receiptid}/resume3ds

"cV2": "xxx", 
"threeDSecure": {   
"methodCompletion": "Yes", 


After the challenge is completed:

PUT /transactions/{receiptid}/complete3ds


Using 3DSecure 2 in Sandbox (non production) environments, a GlobalPayments test card will be selected for authentication using the supplied CardHolderName:

|| CardHolderName || Test Card Number || Transaction Result ||
| FL-FAILED | 4012001037461114 | AUTHENTICATION_FAILED |
| CHALLENGE | 4012001038488884 | CHALLENGE_REQUIRED |


See, Sandbox Environment.