Payment Safety
Payment Safety
The core safety rule is simple: transport retry is allowed only while the protocol exchange itself is still controlled; business retry of a financial command is not automatic.
Never blindly retry a financial command
If a payment-like command may have reached the terminal, replaying it can duplicate money movement. Recover the result with sendLastResult().
Financial commands
Treat these as non-idempotent:
paypayExtendedreversepreAuthincrementalAuthpreAuthClosure
Safer commands
Read-only or control commands such as status, totals, sendLastResult, and ECR-printing toggles are safer to run after reconnect, subject to your application flow.
Application policy
- Persist a local payment attempt before calling
pay. - Store the amount and sale identifier outside the terminal result.
- On success, attach
stan,onlineId,authCode, andresultCode. - On disconnect, call
sendLastResult(). - Reconcile unresolved attempts before allowing another charge for the same sale.
Last updated:
Edit this page
Recent commits
