What is jCard?

/by apr/

As a follow-up to the initial post about jCard and jPTS, I’d like to explain what is jCard after all. jCard is an interface between the ISO-8583 world and a double-entry accounting system. -- or better yet – jCard is an interface between the ISO-8583 v2003 based jPOS-CMF world and a multi-layer, multi-currency general purpose double-entry accounting system (miniGL). Here is an the initial ER diagram of the core components that we used at design time, although somehow changed to support customer’s requirements, it still gives you the idea of how the pieces fit together: You can see here that an Issuer has CardProducts which in turn has Cards. A Card is our handle to the CardHolder which in turn can have multiple GL Accounts (think Checking, Savings, Stored Value accounts). Imagine this little chart of accounts for a pre-paid card: As seen from jCard’s perspective, a deposit transaction will debit our ‘Received money’ account (an asset) and credit the Cardholder’s SV account (it’s a liability now for us). So a deposit transaction will look like this: USD 100 goes to the ‘Received Money’ account and 100 to the Cardholder’s account. If you enlarge the picture, you’ll see a little ‘840’ number to the right of the account code, i.e. 11.001.00840, that’s our layer (in this case the accounting USD layer, 840 is the ISO-4217 currency number). Here is a purchase transaction that involve some fees, followed by a reversal: You can see we just change who we owe to, instead of owing this money to the cardholder, we owe it now to the acquirer (or merchant/branch, depending on the situation). The ISO-8583 side honors the jPOS CMF, so this purchase transaction looks like this:

This particular CardProduct has a flat fee of USD 3.50 plus a 3.25% for CashAdvance transactions, this is configured like this:

mysql> select * from cardproduct_fees where id = 1;
+—-+——–+———————-+
| id | fee | type |
+—-+——–+———————-+
| 1 | 3.2500 | CashAdvance.%.840 |
| 1 | 3.5000 | CashAdvance.flat.840 |
+—-+——–+———————-+

that’s why we ended-up charging USD 24.65. For those of you familiar with jPOS, looking at its TransactionManager main configuration may give you an idea of what we are talking about here:

So the previous transaction was a 200.01 (MTI=200, Processing code 013000), so we processed the following groups:

  • financial
  • prepareresponse
  • logit
  • sendresponse

The financial group looks like this: First, we perform some sanity checks, we verify that the mandatory fields are present, we allow some optional fields too.

Then we create a TranLog record (that’s our master transaction log file)

We check that the card exists, it’s valid, belongs to a CardHolder, etc. We do this in a PCI compliant way, that ‘KID’ configuration there is the DUKPT BDK Key ID.

The terminal has to be valid too:

And so is the acquirer (we’ll have to pay them at some point)

We know the Card, so we know the CardHolder. We know the CardHolder has accounts, and based on the processing code (data element 3), we choose which account to use (checking, saving, credit, stored value, loyalty, whatever)

It can happen under certain scenarios (mostly due to small network outages) that we could receive a reversal for a given transaction before or almost at the same time as the transaction itself, so we check if this transaction was previously reversed:

Then, based on the CardProduct, we can perform multiple velocity checks:

And now we are ready to generate the GL transaction and compute the balances after that.

Here is the source code for org.jpos.jcard.Financial

public class Financial extends Authorization {
public int prepare (long id, Serializable context) {
return super.prepare (id, context);
}
protected short getLayerOffset() {
// financial transactions goes to the main layer for the
// given currency
return 0;
}
protected String getTransactionName() {
return “Financial”;
}
}

Pretty simple, huh? Please pay attention to that ‘getLayerOffset()’ method that returns 0. The Authorization participant is slightly more complex:

public class Authorization extends JCardTxnSupport {
public static final String FEE_PREFIX = “CashAdvance”;

public Authorization() {
    super();
}
public int prepare (long id, Serializable context) {
    Context ctx = (Context) context;
    try {
        ctx.checkPoint ("authorization-start");
        TranLog tl  = (TranLog) ctx.get (TRANLOG);
        GLSession gls = getGLSession(ctx);
        ISOMsg m = (ISOMsg) ctx.get (REQUEST);
        Card card = (Card) ctx.get (CARD);
        CardHolder cardHolder = (CardHolder) ctx.get (CARDHOLDER);
        Issuer issuer = (Issuer) ctx.get (ISSUER);

        String accountType = ctx.getString (PCODE\_ACCOUNT\_TYPE);
        BigDecimal amount = (BigDecimal) ctx.get (AMOUNT);
        BigDecimal acquirerFee = getAcquirerFee (m);
        BigDecimal issuerFee = ZERO;

        assertNotNull (issuer, INVALID_REQUEST, "Invalid Issuer");
        assertNotNull (card, INVALID_REQUEST, "Invalid Card");
        assertNotNull (card.getCardProduct(), INVALID_REQUEST, "Invalid CardProduct");
        assertNotNull (
             card.getCardProduct().getIssuedAccount(), INVALID_REQUEST, 
            "Invalid CardProduct Issued Account"
        ); 
        assertNotNull (cardHolder, INVALID_REQUEST, "Invalid CardHolder");
        assertNotNull (amount, INVALID_AMOUNT);
        assertFalse (ZERO.equals (amount), INVALID_AMOUNT, "Zero amount not valid");
        assertNotNull (accountType,
            INVALID_REQUEST, "Invalid processing code"
        );
        assertFalse(REFUND\_ACCOUNT\_TYPE.equals (accountType),
            INVALID_REQUEST, "Refund account not allowed"
        );
        String acctid = accountType+"."+ctx.getString(CURRENCY);
        FinalAccount acct = (FinalAccount) 
            cardHolder.getAccounts().get (acctid);

        assertNotNull (acct, 
            ACCOUNT\_NOT\_FOUND, 
            "Account type '"+acctid+"' is not defined");

        Journal journal = issuer.getJournal();
        assertNotNull (
            journal, SYSERR_DB, 
            "Journal not found for issuer " + issuer.getId() + " ("
            \+ issuer.getName() + ")"
        );

        ctx.checkPoint ("authorization-pre-lock-journal");
        gls.lock (journal, acct);
        ctx.checkPoint ("authorization-post-lock-journal");

        short currency = getCurrency (ctx.getString(CURRENCY));
        short\[\] realAndPending = new short\[\] {
            currency, (short) (currency + PENDING_OFFSET)
        };
        BigDecimal balance = gls.getBalance (journal, acct, realAndPending);
        ctx.checkPoint ("authorization-compute-balance");
        BigDecimal amountPlusFees = amount.add(acquirerFee);

        ctx.put (ACCOUNT, acct);
        String surchargeDescription = null;
        if (amountPlusFees.compareTo (balance) > 0) {
            BigDecimal creditLine = gls.getBalance (
                journal, acct, 
                new short\[\] { (short)(currency+CREDIT_OFFSET) }
            );
            ctx.checkPoint ("authorization-get-credit-line");
            if (acct.isDebit())
                creditLine = creditLine.negate();

            StringBuilder sb = new StringBuilder();
            issuerFee = issuerFee.add(calcSurcharge (ctx, card, amount, FEE_PREFIX, sb));
            if (sb.length() > 0)
                surchargeDescription = sb.toString();
            amountPlusFees = amountPlusFees.add (issuerFee);
            if (!isForcePost() && amountPlusFees.compareTo
                (balance.add(creditLine)) >= 0) 
            {
                throw new BLException (NOT\_SUFFICIENT\_FUNDS, 
                    "Credit line is " + creditLine 
                   +", issuer fee=" + issuerFee); 
            }
        }
        Acquirer acquirer = (Acquirer) ctx.get (ACQUIRER);

        GLTransaction txn = new GLTransaction (
            getTransactionName() + " " + Long.toString(id)
        );
        txn.setPostDate ((Date) ctx.get (CAPTURE_DATE));
        txn.createDebit (
            acct, amountPlusFees, null, 
                (short) (currency + getLayerOffset())
        );
        txn.createCredit (
            acquirer.getTransactionAccount(), amount, 
            null, (short) (currency + getLayerOffset())
        );
        if (!ZERO.equals(issuerFee)) {
            txn.createCredit (
                card.getCardProduct().getFeeAccount(), issuerFee, 
                surchargeDescription, (short) (currency + getLayerOffset())
            );
            ctx.put (ISSUER_FEE, issuerFee);
        }
        if (!ZERO.equals(acquirerFee)) {
            txn.createCredit (
                acquirer.getFeeAccount(), acquirerFee, 
                null, (short) (currency + getLayerOffset())
            );
            ctx.put (ACQUIRER_FEE, acquirerFee);
        }
        gls.post (journal, txn);
        ctx.checkPoint ("authorization-post-transaction");
        tl.setGlTransaction (txn);
        ctx.put (RC, TRAN_APPROVED);
        ctx.put (APPROVAL_NUMBER, getRandomAuthNumber());
        return PREPARED | NO_JOIN;
    } catch (ObjectNotFoundException e) {
        ctx.put (RC, CARD\_NOT\_FOUND);
    } catch (GLException e) {
        ctx.put (RC, NOT\_SUFFICIENT\_FUNDS);
        ctx.put (EXTRC, e.getMessage());
    } catch (BLException e) {
        ctx.put (RC, e.getMessage ());
        if (e.getDetail() != null)
            ctx.put (EXTRC, e.getDetail());
    } catch (Throwable t) {
        ctx.log (t);
    } finally {
        checkPoint (ctx);
    }
    return ABORTED;
}
public void commit (long id, Serializable context) { }
public void abort  (long id, Serializable context) { }

protected short getLayerOffset() {
    return PENDING_OFFSET;
}
protected String getTransactionName() {
    return "Authorization";
}
protected BigDecimal calcSurcharge 
    (Context ctx, Card card, BigDecimal amount, StringBuilder detail) 
{
    BigDecimal issuerFee = ZERO;
    Map fees = card.getCardProduct().getFees();
    BigDecimal flatFee = fees.get(
        FEE\_PREFIX + FEE\_FLAT + ctx.getString(CURRENCY)
    );
    BigDecimal percentageFee = fees.get(
        FEE\_PREFIX + FEE\_PERCENTAGE + ctx.getString(CURRENCY)
    );
    if (flatFee != null) {
        issuerFee = issuerFee.add (
            flatFee.setScale(2, ROUNDING_MODE)
        );
        detail.append ("Surcharge: $");
        detail.append (flatFee);
    }
    if (percentageFee != null) {
        issuerFee = issuerFee.add (
            amount.multiply(
                percentageFee.movePointLeft(2)
            ).setScale(2, ROUNDING_MODE)
        );
        if (flatFee != null)
            detail.append ('+');
        else
            detail.append ("Surcharge: ");
        detail.append (percentageFee);
        detail.append ('%');
    }
    return issuerFee;
}
protected boolean isForcePost () {
    return false;
}

}

In this case getLayerOffset() returns PENDING_LAYER (a constant set to 1000). So what happens here is that when we perform an authorization, we impact the PENDING layer (i.e. 1840 if the transaction was in USD) instead of the ACCOUNTING layer (840). When we compute the USD ACCOUNTING BALANCE, we check for transactions on the 840 layer, but when we check for the available balance, we take into account layer 840 merged with layer 1840 (this is why miniGL has layers). So to recap, this is a financial transaction (MTI 200): And here is an interesting sequence:

  • Pre-Auth USD 100
  • Void of the preauth
  • Reversal of the previous void (authorization becomes active again, if available funds permit)
  • Partial completion for USD 90

If you pay attention to the layers involved, you can see that the pre-auth works on layer 1840 while the completion works on 840, the accounting layer (offset=0). We use that layers scheme to handle overdrafts and credit account (offset is 2000), so for a credit account, we pick the balances from 840,1840,2840 (provided the transaction is performed in USD). jCard was developed in paralell with the jPOS CMF and the jCard selftest facility, based on jPOS-EE’s clientsimulator. Whenever we touch a single line of it, we automatically run an extensive set of transactions that gives us some confidence that we are not introducing any major issue, i.e:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
77: Card 6009330000000020 - savings balance is 102     \[OK\] 50ms.
78: Card 6009330000000020 - $1 from checking to savings with $0.50 fee \[OK\] 126ms.
79: Card 6009330000000020 - savings balance is 104 \[OK\] 48ms.
80: $95.51 from checking to savings with no fee (NSF) \[OK\] 78ms.
81: $95.01 from checking to savings with $0.50 fee (NSF) \[OK\] 75ms.
82: $95.00 from checking to savings with $0.50 fee - GOOD \[OK\] 70ms.
83: Card 6009330000000020 - savings balance is now 199 \[OK\] 111ms.
84: Reverse previous transfer \[OK\] 57ms.
85: Reverse previous transfer (repeat) \[OK\] 70ms.
86: savings balance after reverse is 104 \[OK\] 58ms.
87: Withdrawal $20 from credit account with 0.50 fee \[OK\] 85ms.
88: credit balance check \[OK\] 59ms.
89: Reverse withdrawal \[OK\] 57ms.
90: credit balance check - should be back to 1000 \[OK\] 50ms.
91: $100.00 from credit to checking with $0.75 fee - GOOD \[OK\] 138ms.
92: Reverse transfer \[OK\] 52ms.
93: credit balance check - should be back to 1000 \[OK\] 57ms.
94: POS Purchase $20 from credit account with 0.50 fee to be voided \[OK\] 107ms.
95: Void previous transaction \[OK\] 51ms.
96: Void repeat \[OK\] 24ms.
97: Auth for $100 from savings account, no fees \[OK\] 82ms.
98: Void completed auth \[OK\] 51ms.
99: Void repeat \[OK\] 29ms.
100: Invalid completion for USD 90.00 (previously voided) \[OK\] 34ms.
101: Reverse void \[OK\] 56ms.
102: Reverse void retransmission \[OK\] 32ms.
103: completion for USD 90.00 (void has been reversed) \[OK\] 48ms.
104: completion for USD 90.00 retransmission \[OK\] 38ms.
105: check savings balance - should be $14.00 \[OK\] 110ms.
106: Refund for $16 \[OK\] 70ms.
107: Reverse previous refund \[OK\] 47ms.
108: refund reversed, balance back to 0.00 \[OK\] 67ms.

I hope that this post can give you an idea of what jCard is and why we are sometimes quiet on the blog, we are having fun developing all this.