Card Present — Regional API Overview
The Card Present (CP) solution within the Single Entry Point (SEP) enables merchants to process physical card transactions inserted, tapped, or swiped using secure hardware devices integrated directly into the Getnet Regional API ecosystem.
By utilizing the same API endpoints as e-commerce but switching to hardware-secured data strings (EMV Tags and Track Data), developers can achieve a true omnichannel reconciliation experience. This integration shifts the security burden from the merchant to the hardware and the issuer, leveraging Liability Shift protection.
The Unified SEP Architecture
The Card Present flow is part of the Regional API, meaning it shares the same base URLs, authentication mechanisms, and core logic as digital payments. However, the integration focus shifts from customer-entered data to hardware-generated payloads.
Key Technical Pillars
- Terminal Identity: Every request must include a
terminal_numberwithin theterminalobject to identify the specific registered physical device. - Hardware-Generated Payloads: Instead of raw card numbers, the API expects encrypted EMV (TLV) strings, Track 2 data, and PIN Blocks.
- Direct Payment Methods: Integration requires specific "Direct" enums (
DIRECT_CREDIT,DIRECT_DEBIT) to trigger hardware-specific processing logic. - DUKPT Encryption: PIN-based transactions utilize Derived Unique Key Per Transaction (DUKPT), requiring the transmission of a
pin_blockand aksn(Key Serial Number).
Connectivity Topologies
Your integration strategy depends on how your hardware communicates with the Regional API:
| Topology | Connectivity Path | Primary Responsibility |
|---|---|---|
| Direct Integration | Terminal → Getnet API | The terminal firmware acts as the API client, handling OAuth and JSON construction. |
| Merchant Host | Terminal → Merchant Server → Getnet API | The terminal captures data; the merchant's backend server manages the API request and business logic. |
Core Transaction Models
The Card Present API supports four primary business flows across the region:
- Single-Step (Sale): A direct transaction where authorization and capture happen simultaneously. Uses
DIRECT_CREDITorDIRECT_DEBITpayment methods. - Two-Step (Pre-authorization): Funds are reserved on the physical card using
DIRECT_CREDIT_AUTHORIZATIONand captured later via a separate API call. - Installments: The purchase total is split into multiple payments, with options for merchant-financed (
INSTALL_NO_INTEREST) or issuer-financed (INSTALL_WITH_INTEREST) plans. - QR Code: A contactless payment flow where the terminal generates a QR code for the customer to scan and pay via their banking app.
Regional Availability Matrix
Card Present features are available across the Getnet Regional footprint, supporting localized requirements such as Chile (CLP) and Mexico (MXN).
| Feature | Mexico | Argentina | Chile |
|---|---|---|---|
| Chip + PIN | ✅ | ✅ | ✅ |
| Contactless (NFC) | ✅ | ✅ | ✅ |
| Magnetic Stripe | ✅ | ✅ | ✅ |
| Installments | ✅ | ✅ | ✅ |
Security and Compliance
Integrating via Card Present significantly reduces your PCI-DSS scope through hardware encryption:
- Liability Shift: Transactions processed via EMV Chip or Contactless protect the merchant against fraud-related chargebacks.
- End-to-End Encryption: Sensitive card data is encrypted within the hardware reader before it ever reaches your network.
- PCI-DSS Scope Reduction: Because the hardware handles encryption, your servers never process raw card data, significantly reducing your compliance burden.
Next Steps
- Introduction to Card Present: Understand the four fundamental concepts of Card Present integration.
- Quickstart Guide: Create your first Card Present payment in Sandbox.
- Terminal Requirements: Hardware and API configuration requirements.
- Regional Requirements: Country-specific currencies, installment plans, and regulations.