Usage
Certification
A Consumer API integration must be certified before production credentials are made available.
Process
To initiate the certification process, a build (app or web) should be submitted to the Thanx Developer Support team (developer.support@thanx.com). Once a build is submitted for certification, feedback will be delivered within two weeks. If no critical feedback is provided, the build will be certified and production API credentials will be issued. If critical feedback is provided, integration partners should address the feedback and resubmit a new certification candidate build, after which the two-week cycle will begin again.
Legal Requirements
- User must agree to the Thanx Privacy Policy and Terms of Service when
creating a loyalty account. The language should read
By signing up you agree to our privacy policy and our terms of service
- User must be able to navigate to the Thanx Privacy Policy and Terms of service from both App and Web experiences when logged in (may also be mentioned in another document that’s readily available in the app, e.g. the brand’s Terms)
- Any screen where the user is enrolling their credit card for loyalty tracking
must have the correct legal text (see
enrollment best practices)
- There must be 2 buttons
- One button must include “Register card”
- The other allow to skip enrolling the card
- Legal content should be visible at all times
- Links must be visible and clickable
- There must be 2 buttons
General
- API requests must include all required headers
- API requests must not be unnecessarily duplicated
- API requests should only be issued on a reasonable frequency and in response to end-user interactions (e.g. rapidly polling API for changes)
Account Creation & Authentication
- Thanx must be the only authentication provider available for users
- Thanx tools do not work when other authentication mechanisms are in place (eg. Google SSO, email/password)
- User can create account via the create user endpoint
- User can authenticate via passwordless email following Thanx SSO guidelines
Account Management
- User can view and update account details (email, first name, last name, etc)
- User can submit a request for account closure
- User can view and update communication settings
Card Management
- SDK-based enrollment
- This enrollment mechanism is now deprecated and will be retired on January 31st, 2024. The API-based enrollment mechanism should be used going forward.
- API request should include properly formed
encrypted_pan
for all supported card types (visa, mastercard, american express) - Card signature should be fetched with each card enrollment
- e.g. card signatures must not be cached
- API-based enrollment
- User can enroll a credit card
- User can archive a credit card
Purchases
- User can view recent purchases
Reward Redemption
- User can view available rewards
- User can activate and finalize a reward
- Reward type support
- Only in-use reward types need to be supported
manual
- redemption conducted manually (e.g. in-store, showing server/cashier)automatic
- cash-back pushed directly to a user’s credit card once a qualifying purchase is made
- Supported coupon code formats:
- Only in-use coupon code types need to be supported
raw
qrcode
barcode39
barcode39extended
barcode93
barcode128
barcode_upc_a
barcode_ean_8
barcode_ean_13
barcode25interleaved
Expression of Loyalty
- The following expressions of loyalty are optional and the usage of these can be determined by an integration partner’s creative/marketing teams.
- That said, a requirement of the card networks is that a user must be able to receive value in exchange for enrolling their card and authorizing Thanx for automated data capture. Support for points, tiers, or both is required to satisfy this requirement.
- Points
- User can see their current points balance
- User can view info of how they earn points
- User can view configured rewards in the marketplace (points products)
- User can exchange points for points products
- Tiers
- User can see tier info, including thresholds and a description of tier perks
- User can view their current tier status
Push Notifications (Mobile Only)
- For custom app builds, push notification certificates (Apple APNS and Google FCM) must be provided to Thanx developer support
- User can register for push notifications
Feedback (Optional)
- This functionality is optional and will only be validated if implemented
- User can get feedback prompts (created post purchase creation)
- User can submit feedback (rating and review)
Receipt Submission (Optional)
- This functionality is optional and will only be validated if implemented
- User can view pending receipts
- User can upload and submit a receipt