Pay with Points BETA

Enable your customers to make purchases using their credit card loyalty points using the Pay with Points payment method. This guide walks you through the payment flow and details on how to implement.

Citi Rewards Points is the only credit card loyalty program currently supported.

How To Enable

Pay with Points is currently in closed beta. If you are interested in accepting payments via this payment method, please leave your details in this form. We will provide updates as we open the service to more merchants.

To enable Pay with Points, send an email requesting this feature to support@omise.co. You will need to review and accept new terms and conditions.

  • Supported Countries: Thailand
  • Minimum API version: 2017-11-02

Payment Flow

Customers paying via loyalty points go through a redirect payment flow using their personal account details and a one-time password (OTP) to authorize payment. After creating the charge, the customer is redirected twice: once leaving your site for charge authorization and once returning to your site upon charge completion.

The following screenshots illustrate this flow. First, the customer selects the payment method Pay with Points ❷ and confirms the payment amount ❸.

Points Select

After confirming, the customer is redirected to a form to enter their mobile number and the last four digits of their credit card ❹. An OTP will be sent to the provided mobile number. After entering the OTP ❺, the customer will be prompted to authorize the point deduction amount (along with their remaining balance) and confirm ❻. Upon completion, the customer will be redirected back to your website ❼ and Omise will send a webhook event (if enabled) stating that the charge is complete.

Payment Flow

Implementation

To create a Pay with Points charge, make the following API requests.

  1. Create a new payment source using Omise.js or one of the mobile SDKs (iOS and Android)
  2. Create a new charge using the identifier of the source created in Step 1.
  3. After receiving the charge completion webhook event, retrieve the charge to verify its status (optional, but recommended).

Use your public key to create the Pay with Points source on the client (a customer's browser or mobile phone). Use your secret key to create the Pay with Points charge on the server.

If both the creation and charge of a source must happen server-side, you can create and charge the source in a single API request using your secret key.

Creating a Source

The loyalty points payment method is implemented as a source. When the customer confirms that they wish to pay with this payment method, create a new source specifying the type (use points_citi), amount, and currency ❸.

The following examples demonstrate the creation of a new loyalty points source for 1000 THB. Replace the omise_public_key and $OMISE_PUBLIC_KEY variables with your test public key found on the dashboard: https://dashboard.omise.co/test/keys

Using Omise.js, the type parameter is supplied as the first argument to the createSource method.

Omise.setPublicKey(omise_public_key);

Omise.createSource('points_citi', {
  "amount": 100000,
  "currency": "THB"
}, function(statusCode, response) {
  console.log(response)
});

For testing, you can create the same request using curl.

curl https://api.omise.co/sources \
  -X POST \
  -u $OMISE_PUBLIC_KEY: \
  -d "amount=100000" \
  -d "currency=THB" \
  -d "type=points_citi"
{
  "object": "source",
  "id": "src_test_5hsmzglio2jpanrr3sy",
  "livemode": false,
  "location": "/sources/src_test_5hsmzglio2jpanrr3sy",
  "created_at": "2019-11-05T04:47:25Z",
  "type": "points_citi",
  "flow": "redirect",
  "amount": 100000,
  "currency": "THB",
  "mobile_number": null,
  "phone_number": null,
  "references": null,
  "name": null,
  "email": null,
  "barcode": null,
  "store_id": null,
  "store_name": null,
  "terminal_id": null,
  "installment_term": null,
  "zero_interest_installments": null,
  "scannable_code": null
}

The id attribute is the source identifier.

Creating a Charge

Create a charge specifying the parameters source, return_uri, amount, and currency.

  • source specifies the source identifier
  • return_uri specifies the location on your website to which the customer should be redirected after completing the payment authorization step ❼.
  • amount and currency must match amount and currency of the source.

The following example demonstrates how to create a new charge using curl. Replace $OMISE_SECRET_KEY with your test secret key found on the dashboard: https://dashboard.omise.co/test/keys. Replace $SOURCE_ID with the id of the source.

curl https://api.omise.co/charges \
  -u $OMISE_SECRET_KEY: \
  -d "amount=100000" \
  -d "currency=THB" \
  -d "return_uri=http://example.com/orders/345678/complete" \
  -d "source=$SOURCE_ID"
{
  "object": "charge",
  "id": "chrg_test_5hsmzgoxly9uesb0zys",
  "livemode": false,
  "location": "/charges/chrg_test_5hsmzgoxly9uesb0zys",
  "created_at": "2019-11-05T04:47:25Z",
  "amount": 100000,
  "currency": "THB",
  "funding_amount": 100000,
  "funding_currency": "THB",
  "fee": 3650,
  "fee_vat": 256,
  "interest": 0,
  "interest_vat": 0,
  "net": 96094,
  "description": null,
  "metadata": {},
  "status": "pending",
  "capture": true,
  "authorized": false,
  "schedule": null,
  "reversed": false,
  "reversed_at": null,
  "expires_at": "2019-11-12T04:47:25Z",
  "expired": false,
  "expired_at": null,
  "voided": false,
  "paid": false,
  "paid_at": null,
  "transaction": null,
  "refunded_amount": 0,
  "refunds": {
    "object": "list",
    "from": "1970-01-01T00:00:00Z",
    "to": "2019-11-05T04:47:25Z",
    "offset": 0,
    "limit": 20,
    "total": 0,
    "order": "chronological",
    "location": "/charges/chrg_test_5hsmzgoxly9uesb0zys/refunds",
    "data": []
  },
  "link": null,
  "return_uri": "http://example.com/orders/345678/complete",
  "failure_code": null,
  "failure_message": null,
  "card": null,
  "customer": null,
  "ip": null,
  "dispute": null,
  "source": {
    "object": "source",
    "id": "src_test_5hsmzgded8a2631086u",
    "livemode": false,
    "location": "/sources/src_test_5hsmzgded8a2631086u",
    "created_at": "2019-11-05T04:47:23Z",
    "type": "points_citi",
    "flow": "redirect",
    "amount": 100000,
    "currency": "THB",
    "mobile_number": null,
    "phone_number": null,
    "references": null,
    "name": null,
    "email": null,
    "barcode": null,
    "store_id": null,
    "store_name": null,
    "terminal_id": null,
    "installment_term": null,
    "zero_interest_installments": null,
    "scannable_code": null
  },
  "platform_fee": {
    "percentage": null,
    "fixed": null,
    "amount": null
  },
  "disputable": false,
  "capturable": false,
  "reversible": false,
  "refundable": false,
  "authorize_uri": "https://pay.omise.co/payments/pay2_test_5hsmzgp1fg7du0j7a7i/authorize"
}

Creating a Source and Charge

Alternatively, you can create and charge a source in a single API request.

curl https://api.omise.co/charges \
  -X POST \
  -u $OMISE_SECRET_KEY: \
  -d "amount=100000" \
  -d "currency=THB" \
  -d "return_uri=http://example.com/orders/345678/complete" \
  -d "source[type]=points_citi"

Completing the Charge

At this point, you have created a new charge with status==pending. The following sections detail how to authorize a charge, receive its completion webhook event, and check its status.

Authorizing the Charge

Redirect the customer to the location specified in authorize_uri. At this location, the customer enters their mobile number, last four digits of their credit card, and, once it arrives, the OTP ❹-❻. You can simulate this authorization phase in test mode by visiting the authorize_uri to manually mark the charge as Successful or Failed. After the customer has completed the authorization phase, they will be redirected to the location you specified in return_uri ❼.

Receiving the Charge Completion Event

The best way for you to be notified of the completion of a charge is using webhook events. Set up a location on your server to receive webhook events, and add this location as a webhook endpoint on the dashboard.

Once a charge is completed, a POST request will be sent to this endpoint with the charge response embedded.

The key attribute for the event object contains charge.complete and the data attribute contains the charge object. See Events API for event object structure.

Verifying the Charge Status

After receiving this event, independently verify the charge status using the Charge API. Possible values for charge.status are pending, successful, failed, and expired.

curl -s https://api.omise.co/charges/$CHARGE_ID \
  -u $OMISE_SECRET_KEY: | jq -M .status
"pending"

If the value of charge.status is successful, you got paid. If the value of charge.status is failed, check the failure_code and failure_message in the charge object for an explanation. Possible failure codes are listed below.

Failure Code Description
payment_rejected The payment was rejected by the bank for an unspecified reason
failed_processing Payment processing has failed
insufficient_fund The customer's loyalty points balance is not sufficient to make a payment

Voids and Refunds

Credit card loyalty points charges cannot be voided or refunded through Omise. Please advise customers to contact their bank directly.

Limits

  • Minimum: 2000 (฿20)
  • Maximum: 100000000 (฿1,000,000)

Next Steps