New Feature

Improved Refund Experience for Declined Payments:

We have introduced enhancements to the refund process for declined payments. When a payment is declined with the R01 error code (Insufficient Funds) and a refund is already queued for that payment, the following improvements will take effect:

1. The payment declined will automatically be marked as resolved within the merchant portal.
2. No webhook notification will be sent for the the decline.
3. The user will receive a dedicated email notification informing them that the refund could not be initiated (See example below).

This update ensures a more streamlined experience for users by eliminating unnecessary steps after a declined transaction and offers clear communication about the refund status.

Bugs Fixed

Aeropay SDK

• Fixed bug blocking users from making KindTap credit transactions

Enhancements

Aeropay SDK

• Added ability for users to view and toggle between multiple linked banks.

Features

Merchant Portal

• New tooltips in the merchant portal include additional information about declined transactions and payment statuses.
• New icon added to merchant portal to identify KindTap credit transactions.
• New icon added to merchant portal to identify RTP payouts from standard ACH payouts.

Aeropay SDK & API

• New phone verification process checks for invalid mobile numbers e.g. VOIP, prepaid, landline.

Enhancements

Aeropay SDK

• Updated end user experience to Vue 3 across all SDK and payment links. These changes include updated branding, snappier animations, and faster load times.

On May 2nd 2024, the Aeropay SDK, QR codes, and payment link will migrate from online.aeropay.com to a new URL pay.aero.inc.

This change will not require updates to existing SDK integrations and is unrelated to API integrations.

However, if your integration currently whitelists aeropay.com in your security policy for the SDK, you will need to **update your Content Security Policy to include*aero.inc. This will ensure you do not block our new URL when this is released next week.

If any questions arise, please reach out on Slack or at [email protected]

Enhanced Webhook Security

We will be making an improvement to our webhook security by adding a signing key to securely identify payloads from Aeropay. With this change, there will be a new endpoint POST /createWebhookSigningKey to create a webhook signing key that can compared against the hashed webhook payload.

Generating and using the webhook signing key is optional but highly recommended for security. Further information on how to generate and use a webhook signingKey will be in our documentation soon.

Webhook Payload Change

With this webhook security update, webhook payloads sent from Aeropay will now include a date parameter in addition to topic and data. This additional parameter is necessary to hash the webhook payload, url, and date and validate against your signingkey.

(NEW) Example Webhook Body

"topic": "transaction_declined",
"data": {
   "status": "nsf",
   "createdDate": "1702937461",
   "title": "Online Transaction,
   "amount": "20.00",
   "paymentType": "payout",
   "attributes": [],
   "apFee": "1.00",
   "uuid": "9545fcfb-1479-4db7-98c9-f15c368cb4ee",
   "userId": "1485",
   "merchantId": "1057",
   "id": "21204",
   "locationId": "1147",
   "returnCode": "R01"
},
"date": "2024-04-05 15:25:49" // new payload parameter

Bugs Fixed

Aerosync SDK

• New branding and UI updates to Aerosync landing page and header
  • Landing page moves client name to header and removes cloud graphic
  • Header includes new Aerosync logo

Enhancements

Aeropay SDK & API

• Updated additional error response language to be more detailed and user-friendly

Features

Aerosync SDK

• New NPM Package for WebSDK allows for more seamless updates to Aerosync widget

Enhancements

Aeropay SDK & API

• Updated error response language platform-wide to be more detailed and user-friendly

Aerosync SDK

• Add functionality to show client logo customizations in oAuth bank linking flow

Enhancements

Aerosync SDK

• Flutter SDK version 1.0.5 released. New version removes FILoginAcctId from onSuccess event response.
• Updated error response language for impeded error and incorrect login credentials

Bugs fixed

Aerosync SDK

• Bank logos for OAuth bank connections replaced the generic bank icon

Aeropay API

• Fixed issues slowing down transaction search function

Enhancements

Aeropay API

• Updates to transactionSearch API endpoint
• Cosmetic updates to real time payments (RTP) user email receipts
• Improved transaction queue efficiency & updates to handling of bank partner webhooks

Aeropay Merchant Portal

• Heightened security on merchant portal login

Aerosync SDK

• Updated top banks to match current popular bank list
• Additional security to block bad actors after several unsuccessful bank link attempts

Bugs fixed

Aeropay API

• Fixed bug that disabled MFA confirmation code emails for some existing Aeropay users