Retrieve payment details
Retrieve information about a specific payment, based on the payment's ID.
Use this endpoint to track a payment's lifecycle, for example:
- When you develop a 1-click checkout process
- When you build a subscription management system
Request
The ID of the Payment object.
Example: "Bearer sk_1234567890ABCdefGHIjklMNOpqrSTUvwxYZ_1234567890-Ab_cdeFGHijkLMNopq"
This parameter accepts the Merchant API Secret key to authorise requests coming from the merchant's backend.
It ensures that ensures that each request is authenticated and authorised by verifying the secret key. The secret key should be included in all request headers as a Bearer token.
For more information, see: Authentication
Possible values: [2023-09-01, 2024-05-01, 2024-09-01, 2025-10-16, 2025-12-04, 2026-03-12, 2026-04-20]
Example: "2026-04-20"
The version of the Merchant API, specified in YYYY-MM-DD format.
For more information about API versioning, see: API versions.
Response
Payment details
The ID of the associated order.
The ID of the payment.
Possible values: [pending, authentication_challenge, authentication_verified, authorisation_started, authorisation_passed, authorised, capture_started, captured, refund_validated, refund_started, cancellation_started, declining, completing, cancelling, failing, completed, declined, soft_declined, cancelled, failed]
The status of the payment.
Possible values: [3ds_challenge_abandoned, 3ds_challenge_failed_manually, cardholder_name_missing, customer_challenge_abandoned, customer_challenge_failed, customer_name_mismatch, do_not_honour, expired_card, high_risk, insufficient_funds, invalid_address, invalid_amount, invalid_card, invalid_country, invalid_cvv, invalid_email, invalid_expiry, invalid_merchant, invalid_phone, invalid_pin, issuer_not_available, pick_up_card, rejected_by_customer, restricted_card, suspected_fraud, technical_error, transaction_not_allowed_for_cardholder, unknown_card, withdrawal_limit_exceeded]
The reason for a failed or declined payment.
A failed or declined payment can result from multiple reasons. To learn more, check our failure reasons.
The reason for a failed or declined payment, sent by the financial institution processing the payment.
The date and time the payment was created.
The date and time the payment was last updated.
Temporary token of the payment used to fetch the reward offer during checkout and link user registrations to the given offers.
The token is only valid for a limited time.
Example: 600
The payment amount in minor units (e.g., cents). The value of this field depends on the payment type and state.
| Payment type | State | Amount value |
|---|---|---|
| Standard payment | Any | Total payment amount |
| Pre-authorised payment | authorisation_started | New amount being authorised (during increment processing) |
| Pre-authorised payment | authorised | Currently authorised amount (equals authorised_amount) |
For pre-authorised payments, see the authorised_amount field for tracking the currently authorised amount separately.
Example: 600
The currently authorised amount for this payment (in minor units).
For pre-authorised payments with incremental authorization:
- Initially equals the
amountfield - Remains unchanged during increment processing
- Updates to new amount upon successful increment
- Remains at original amount if increment is declined
For standard payments, this field may not be present or will equal the amount field.
Possible length: >= 3 characters and <= 3 characters
ISO 4217 currency code in upper case.
For more information about the supported currencies, see: Help Center.
The amount of the settled payment (minor currency unit). For example, 7034 stands for €70.34.
The currency of the settled payment. ISO 4217 currency code in upper case.
For more information about the supported currencies, see: Help Center.
The details of the payment method used to make the payment.
Object containing details of a card used via Apple Pay.
ID of the saved payment method.
The id parameter is only returned when the payment method is saved.
Possible values: [apple_pay, card, google_pay, revolut_pay_card, revolut_pay_account, sepa_direct_debit]
The type of payment method used to pay for the order.
Available values:
Payment method type | Description |
|---|---|
apple_pay | The customer paid the order using Apple Pay. |
card | The customer paid the order using their credit or debit card. |
google_pay | The customer paid the order using Google Pay. |
revolut_pay_card | The customer paid the order via Revolut Pay using their credit or debit card. |
revolut_pay_account | The customer paid the order via Revolut Pay using their Revolut account. |
sepa_direct_debit | The customer paid the order using SEPA Direct Debit. |
Possible values: [visa, mastercard, american_express]
The type of the card.
Possible values: [credit, debit, prepaid]
The type of card funding.
The 2-letter country code of the country where the card was issued.
Possible length: >= 6 characters and <= 6 characters
The BIN of the card.
Possible length: >= 4 characters and <= 4 characters
The last four digits of the card number.
The expiry date of the card in the format of MM/YY.
The name of the cardholder.
The details of the check for card payment. Only for orders with successful payments.
The details of the 3D Secure check. Only for orders with successful payments.
Not returned for Apple Pay and Google Pay payments.
The Electronic Commerce Indicator (ECI) value corresponds to the authentication result and indicates the level of security used when the payment information was provided.
Possible values: [verified, failed, challenge]
The result of 3D Secure check.
The 3D Secure version.
Possible values: [match, not_match, incorrect, not_processed]
The result of CVV verification.
| Parameter value | Description |
|---|---|
match | CVV matches the card's CVV |
not_match | CVV does not match the card's CVV |
incorrect | CVV format is incorrect for this type of card |
not_processed | CVV verification was not performed |
Possible values: [match, not_match, n_a, invalid]
The result of address verification.
Possible values: [match, not_match, n_a, invalid]
The result of postcode verification.
Possible values: [match, not_match, n_a, invalid]
The result of cardholder verification.
Possible length: >= 2 characters and <= 6 characters
Pattern: Value must match regular expression ^[a-zA-Z0-9]{2,6}$
Example: "T483XF"
The authorisation code (or auth code) is a short, alphanumeric code returned by the cardholder's issuing bank to the merchant's terminal or payment gateway.
It serves as confirmation that the transaction has been approved and funds are available.
Possible length: >= 23 characters and <= 23 characters
Example: "74839572049583726403928"
Acquirer Reference Number (ARN) of the payment.
Only returned for refund payments made by a card.
The date and time by which the payment must be captured.
After this deadline, the authorised funds may be automatically released by the card issuer.
Possible length: >= 44 characters and <= 44 characters
Example: "1JAllfQY4POhBV8DaddAQ4LC5RbMP8LMLvUdJW4s5JY="
A unique identifier for a payment method, always 44 characters long. This fingerprint can be used to uniquely identify various payment methods.
Fingerprint generation
| Payment method | Description |
|---|---|
| All payment methods | A fingerprint is generated for all payment methods, including cards, Revolut Pay (card, account-to-account payments), Apple Pay, and Google Pay. |
| Cards (Revolut Pay & Card Gateway) | For cards, the fingerprint is based on the PAN. Cards processed via Revolut Pay and our card gateway will share the same fingerprint. Renewed cards (new expiry/CVV) retain the same fingerprint for efficient blocking. |
| Apple Pay & Google Pay | Since Apple Pay and Google Pay provide us Device PANs (DPAN), the fingerprint is based on the DPAN provided by Apple/Google, not the connected card's PAN. This means that a new DPAN (and fingerprint) is generated for cards in case they are re-added to the customer's digital wallet, or added to different devices. |
Detecting duplicate payment methods
Fingerprints are a valuable tool for detecting duplicate payment methods by identifying if a payment method has been seen before. This capability, in turn, helps in preventing various types of misuse (e.g., exploitation of free trials, or association with known problematic accounts, which can be a form of fraud). To effectively use fingerprints for this purpose, you will need to create and maintain your own lists (e.g., blocklists of known problematic fingerprints, allowlists for trusted customers, or tracking frequently used fingerprints).
The ideal way to utilise fingerprints is by combining them with a manual capture process. While automatic capture with subsequent refunds for problematic payments is possible, manual capture based on fingerprint validation is recommended.
During your manual capture workflow, after a payment was authorised:
- Check the fingerprint status by comparing it against your maintained lists and internal business rules.
- If you decide to proceed with the payment (e.g., the fingerprint is not on a blocklist, or matches a trusted customer's previous payment method): Capture the order.
- If you decide not to proceed with the payment (e.g., the fingerprint matches a known fraudulent fingerprint, or exhibits suspicious patterns): Cancel the order.
The Network Transaction ID (NTI) is a unique identifier assigned by the card scheme (e.g., Visa or Mastercard) to a card transaction.
It can be used to trace the transaction across the payment network, link recurring or instalment payments to the original authorisation, and support dispute resolution.
Details about the authentication challenge that should be performed to complete the authentication process. For more information about Revolut's 3DS solution, see: 3D Secure overview.
Only returned if the payment's state is authentication_challenge.
Information about the 3DS challenge.
Possible values: [three_ds, three_ds_fingerprint]
Type of the authentication challenge the payment triggers.
The URL of the authentication challenge.
Object containing address details.
Possible length: <= 100 characters
Street line 1 information.
Possible length: <= 100 characters
Street line 2 information.
Possible length: <= 100 characters
The region associated with the address.
Possible length: <= 100 characters
The city associated with the address.
Possible length: <= 2 characters
The 2-letter country code of the country associated with the address.
Possible length: <= 100 characters
The postcode associated with the address.
Possible values: [low, high]
The risk level of the card.
If the risk level is high, the payment might be declined.
The details of the order fee.
Possible values: [fx, acquiring]
The type of the order fee.
The amount of the payment fee (minor currency unit). For example, enter 7034 for €70.34 in the field.
The currency of the payment fee. ISO 4217 currency code in upper case.
For more information about the supported currencies, see: Help Center.
The person who made the payment. This object is present when an email or phone number is provided during the payment flow.
Capturing payer details lets you identify exactly who authorised the charge, reach the right person for receipts or refund queries, and support compliance or fraud-review workflows where the paying identity matters.
The email address of the customer.
The phone number of the customer in E.164 format.