Changelog

• PRODUCTION RELEASE DATE: 15/09/2025
• SANDBOX RELEASE DATE: 03/09/2025

Go to Release notes 104

API Enhancements:

• Fixed error when creating a charge without a cardholder name charge fails

Fixed the error that the charge failed when it was created without a cardholder name

Impacted Functionality: Charges

• Regex errors appearing in Console log on Firefox when cardholder name is entered into widget

Fixed the issue that when entering the cardholder’s name in the card form on the Firefox browser, errors appeared in the console log.

Impacted Functionality: Charges

• Improved permission options for Checkout Templates

Updated the Checkout permission process to use separate, permission-based API endpoints for creating, updating, and deleting configuration and customisation templates. This change ensures that merchants can only interact with the appropriate template type through the UI and API.

Impacted Functionality: Checkout

• Implemented version-based filtering for Checkout Templates

Enabled URL filtering for the type and version fields in the GET /v1/checkouts/templates endpoint. This resolves an issue where the API was not correctly filtering templates by version, ensuring that requests now return only templates that match the specified type and version parameters.

Impacted Functionality: Checkout

• Implemented a fix for Apple Pay Express Checkout to ensure shipping information accuracy

Implemented a fix to ensure that when consumers update shipping address during checkout (ApplePay Express), the amount displayed in the Apple popup also reflects the new shipping cost instead of the order and shipping amount. Also fixed the non-updating of shipping address in the logs after a successful charge creation

Impacted Functionality: Apple Pay Express, Charge

.

UI Enhancements:

• Updated the “Transaction Id” and “Order Id” labels in Apply New Filter

Updated the labels for "Transaction Id" to “Custom Transaction Id” and "Order Id" to “Custom Order Id” with explanatory tooltips on the Charge page filters.

Impacted Functionality: Charge (Apply New Filter)

• Addressed the non-display of the Company Phone Number and Website fields

Implemented a fix to address the non-display of the Company Phone Number and Website fields in Company Profiles and when editing a Company from the Brand level.

Impacted Functionality: Company & Brand

.

Widget Enhancements:

No enhancements this release.

• PRODUCTION RELEASE DATE: 26/08/2025
• SANDBOX RELEASE DATE: 12/08/2025

Go to Release notes 103

API Enhancements:

• Restricted webhook notifications to be sent only by HTTPS

Change POST https://<api-url>/v1/notifications and PUT https://<api-url>/v1/notifications/:nid to require HTTPS protocol when the DTO field destination is a URL. This will ensure that Notifications with type webhook deliver messages via secure communication channels.

Impacted Functionality: Notifications

• Fixed issue that the message is not mapped into the transaction object when sent from Forter

Fixed issue that the message returned in Forter’s response was not set to the transaction “specific_message“.

Impacted Functionality: Forter

.

UI Enhancements:

• As a stakeholder I want all webhook notifications to be sent by HTTPS

Change the notification creation and edit forms such that they prevent submissions of HTTP URLs when the notification type is webhook.

Impacted Functionality: Notifications

• Implemented filter by transactions.type = fraud in the Dashboard

Implemented ability to filter transactions by transactions.type = fraud enabling merchants view all fraud transactions.

Impacted Functionality: Charge reporting

.

Widget Enhancements:

No enhancements this release.

• PRODUCTION RELEASE DATE: 05/08/2025
• SANDBOX RELEASE DATE: 24/07/2025

Go to Release notes 102

API Enhancements:

• Added support for customer.payment_source.card_funding_method & card_issuer (EFTPOS)

Enhanced EFTPOS Charge object with customer.payment_source.card_funding_method and customer.payment_source.card_issuerfields based on BIN data. Enabled merchants to see new fields as part of reporting.

Impacted Functionality: Charges

• Introduced AccountType field in charge and account verify requests (EFTPOS)

Introduced the ability to pass AccountType field for EFTPOS when making an account verify or payment request, to allow merchants to specify the type of account rather than always sending the default value. The AccountType field has possible values: savings, cheque, default.

Impacted Functionality: Charges

• Introduced support for passing order.certainty field for Authorization Request

Introduced the ability for merchants to pass order.certainty parameter for Authorization request (charges?capture=false) as an optional parameter. The order.certainty field has possible values: ESTIMATED, FINAL.

Impacted Functionality: Charges

• Fixed Incorrect storedOnFile Value in Subscription Refunds via MPGS gateway

This ticket addresses a bug where MPGS subscription refunds incorrectly send the storedOnFile value as NOT_STORED instead of STORED. Ensuring compliance with MPGS expected behavior

Impacted Functionality: Subscription, MPGS

.

UI Enhancements:

• Corrected Message for Deleted Standalone 3DS Service on UI

Resolved an issue where an incorrect "is a required property" message was displayed under the GPayments dropdown in the Checkout configuration when a previously selected Standalone 3DS service was deleted. The system now correctly shows "Archived service selected" in such instances, providing clearer user feedback.

Impacted Functionality: Checkout

.

Widget Enhancements:

• Click to Pay Performance Optimization & remote-app enhancement

Enhanced the optimization pattern for the Click to Pay SDK, enabling background loading and deferred customer data injection. This means merchants can now load the SDK concurrently with other checkout processes, leading to noticeably improved perceived performance and a smoother user experience for your customers.
This enhancement includes:

1. Optimized Click to Pay Initialization: The underlying initialization process for Click to Pay has been refined to boost its loading speed.
2. Background Loading using hold_for_customer_data: This new parameter enables the Click to Pay SDK to load in the background, allowing merchants to parallelize SDK initialization with their checkout flow.
3. Deferred Customer Data Injection using injectCustomerData: This method allows for customer data to be injected later in the Click to Pay flow, supporting the new optimization pattern.

Also, implemented an enhancement to further simplify Click to Pay merchant developer experience and ensure we have only one approach for our iframe instead of two separate iframe rendition methods

Impacted Functionality: Click to Pay, Client SDK

• PRODUCTION RELEASE DATE: 14/07/2025
• SANDBOX RELEASE DATE: 03/07/2025

Go to Release notes 101

API Enhancements:

• Updated EFTPOS routing rules to enforce card type validation

Adjusted routing logic to ensure only debit cards with both global and EFTPOS processing networks are eligible for EFTPOS CNP routing. This prevents incorrect routing of credit cards and ensures compliance with EFTPOS standards.

Impacted Functionality: Rules, EFTPOS

• Implemented COF Standing Instruction Type support for Secure Pay

Implement mapping for COF in Secure Pay Gateway to adopt Secure Pay Release Changes. Paydock will automatically pass COF indicators to Gateway for subscriptions and one-off payments according to the schemes' rules.

Impacted Functionality: Charges

• Fixed issue that is not possible to complete e2e charge flow with customer_id

Fixed an issue that is not possible to complete the e2e charge flow with customer_id when 3DS is part of the payment flow.

Impacted Functionality: Charges

• Introduced network_token_service_id for On Fly flows

Enabled merchants to explicitly pass network_token_service_id into the Charges API for On Fly flow, so that merchants who don’t have a default network token service enabled can benefit from On Fly flows as well.

Impacted Functionality: Charges

• Fixed issue that authorization (Capture=false) is going through, but then fails on capture (EFTPOS)

Fixed issue that authorization (Capture=false) is going through, but then fails on capture for EFTPOS Gateway.

Impacted Functionality: Charges

• Implemented storing of Correlation ID for all charges sent (EFTPOS)

Implemented logic to store Correlation ID for all EFTPOS Charges to simplify the troubleshooting process.

Impacted Functionality: Charges

• Enhanced MPGS 3DS to ensure the required data is retrieved and sent to Forter in the Order Status api call

Enhanced the MPGS 3DS authentication to retrieve additional data elements from MPGS and ensured that the required data is sent to Forter in the Forter Order Status call.

Impacted Functionality: MPGS 3DS and Forter

• Added Support for PayPal Vault Indicator Flags (Payment Initiator, Usage Pattern, and Usage)

Implemented support for merchants to be able to pass the newly introduced Paypal indicator flags (Payment Initiator, usage_pattern, and usage) for charges created with paypal vaulting as payment source

Impacted Functionality: Paypal Vaulting

.

UI Enhancements:

• Aligned validation for Capture between UI and API

Aligned validation rules between API and UI for Capture request, enabling merchants to capture the amount they choose to capture.

Impacted Functionality: Charges

• Added ‘Merchant Name’ field for Forter registration

Introduced a dedicated “Merchant Name” field in the Forter registration flow to ensure accurate business identification in Forter’s API, separate from the internal “Label” used for merchant reference.

Impacted Functionality: Forter service

• Merchant name character limit validation does not match API

Changed the maximum character limit to 256 up from 128 on the web-application when giving names to companies (merchants). This change was made to reflect the actual limit on backend servers.

Impacted Functionality: Merchant creation page

As a user being notified by email of successful transactions I want to know the gateway type and the transaction type

Added {{ GATEWAY_TYPE }} and {{ TRANSACTION_TYPE }} handlebar variables which enable users to know what gateway type and what transaction type is associated with the transaction, when these values are available.

Impacted Functionality: Email notification template forms

.

Widget Enhancements:

No enhancements in this release.

• PRODUCTION RELEASE DATE: 14/07/2025
• SANDBOX RELEASE DATE: 16/06/2025

Go to Release notes 100

API Enhancements:

• As an administrator I want to be able to integrate with multiple SSO providers regardless of their IdP Metadata format

Enhance SAML/SSO flow such that integration with identity providers whose IdP metadata contains name-spaced XML tags is possible (e.g., PingID).

Impacted Functionality: Authentication

• Per role permissions are causing the creation of access tokens to fail

Fixed an issue where roles and tfa permissions were missing purpose, occasionally leading to Forbidden Errors in the web-app when accessing the create access tokens page.

Impacted Functionality: Permissions, Permission Policies and Roles

• Search notification-templates: created_at.to filter ignores milliseconds, excluding records at the upper boundary

Allow notification templates to be filtered to the millisecond using the ISO 8601 - yyyy-mm-ddThh:mm:ss.sssZ standard on GET {{url}}/v1/notifications/templates and ensure documents on the upper boundary are included in the response. This change was made to streamline experience with respect to other similar functionalities.

Impacted Functionality: Notification Templates

• Implemented the ability to perform Standalone Fraud Check using Network Tokens with Forter

Enhanced standalone fraud check API to support network tokens with Forter, enabling merchants to leverage the security benefits of network tokenisation. Paydock will prioritise Network Tokens over raw card details when possible.

Impacted Functionality: Standalone Fraud

• Implemented the ability to perform a Standalone Fraud Check with Forter using Customer ID

Enhanced our standalone fraud check API to support passing the Customer ID with Forter. This enhancement will allow merchants to select their preferred way of integration, providing flexibility.

Impacted Functionality: Standalone Fraud

• Implemented the ability to perform Automatic Reversals in partial capture scenarios (MPGS)

Enabled merchants to Automatically Reverse the outstanding authorized amount after capture if the captured amount is less than the originally authorized amount, enabling release of the unused portion of the authorization back to the customer.

Impacted Functionality: Charges

• Fixed the issue of ApplePay transactions stuck in “in progress” status

Implemented a fix to address the issue of ApplePay wallet sale transactions processed via MPGS gateway being stuck in “in progress” to ensure seamless processing

Impacted Functionality: ApplePay via MPGS

• Removed support for the update of acquirer data for Mastercard SCOF NT registrations

Enhanced the Mastercard SCOF Network Token Registration Update by removing support for the update of acquirer data fields (ica, bin, merchant_id) to align with Mastercard's latest changes which blocked the update of the fields

Impacted Functionality: Mastercard SCOF NT registration

• Fixed the Overlap of EFTPOS service label above status and actions

Implemented a fix to address the overlapping of long EFTPOS service names across "status" and "actions" on the Rule page

Impacted Functionality: Rule page

• Enhanced the Paypal Charge log with the addition of the shipping.contact.store_name field

Uplifted the Paypal Charge log with inclusion of the shipping.contact.store_name as an additional field in the Charge log

Impacted Functionality: Paypal, Charges

.

UI Enhancements:

• As a user I want to know how many gateway services are connected on my account

Changed a card title from “Connected Services” to “Connected Gateway Services” to accurately reflect the number displayed on the card body.

Impacted Functionality: Dashboard statistics page

• As a user I want permission policies to be read-only when open in view-mode

Changed the modal used Company Users / View User / Role Permissions (read-only modal) such that it is not possible to move permission policies around, to clearly indicate that this a read-only modal. This change also includes a header message in the modal to explain why changes are not possible.

Impacted Functionality: Role permissions modal

• Merchant name character limit validation does not match API

Changed the maximum character limit to 256 up from 128 on the web-application when giving names to companies (merchants). This change was made to reflect the actual limit on backend servers.

Impacted Functionality: Merchant creation page

• As a User I want the Audit Action dropdown list is be sorted correctly and consistently

Changed Audit log action names (e.g., Create fetch) to have a consistent capitalization strategy (Create Fetch), improving scanning and sorting in “Choose Action” dropdown component within the “Audit” page.

Impacted Functionality: Audit page

• Improved Resilience When Loading Companies to ensure backward compatibility

The web-app now gracefully handles failures from the getAvailableCompanyAttributes endpoint due to missing permissions. Previously, such failures prevented companies from loading. With this enhancement, the app no longer depends on this endpoint to display companies, ensuring continued functionality even if the attribute request fails.

Impacted Functionality: Company permission

.

Widget Enhancements:

• Fixed the inability of Checkout Widget to render card scheme on autofill

Implemented a fix to ensure that the checkout widget can display the card scheme when using the autofill on browsers to populate card information

Impacted Functionality: Checkout Widget