Trader Information
Back to topOverview
Back to topFiserv's Carat Global Platform is a payment service processor, providing secure payment collection and management across all of a business's channels. Carat was formerly First Data Merchant Services, and replaces the Payeezy brand and offering.
This extension brings Carat enterprise payment services to Magento 2. This gives you and your customers the convenience of payments and stored credit cards within Magento, with all the security and protection of Carat services.
Account & Pricing
A separate service account with Fiserv Carat is required to use this extension. Carat is a paid service, and will charge monthly and per-transaction fees separate from this extension. Fiserv's fees will vary by your contract, features, and payment processor.
Your Fiserv account must be created outside of the extension installation process. Please contact Fiserv for more information on Carat pricing and to sign up for Carat payment services.
No additional service fees are required to use this extension itself, other than the purchase cost and optional annual extension support renewal.
Features
- Pay by credit card, processed by Fiserv Carat and the CommerceHub API
- Save credit cards (tokens) for reuse
- PCI SAQ A eligibility: Carat collects all credit card data for you
- Add, edit, and delete saved payment data
- Edit orders and reorder without having to ask the customer for CC info again
- Authorize, Capture, or Save CC Info (without charging) at time of checkout
- Capture funds even after the authorization expires
- Partially invoice orders (including reauthorization on partial invoice)
- Partially refund (online credit memo)
- Send billing address, shipping address, and more with transactions
- Card Verification Number (CVN) Validation
- Address Verification (AVS)
- Integrate your systems with Magento REST and GraphQL API support
- Use a different Carat account for each website (multi-website support)
- Supports standard, admin, and multi-shipping checkout
- Supports ParadoxLabs Adaptive Subscriptions extension
This module supports all standard payment actions in Magento. It also allows customers to save their payment info for future use. This gives returning customers the convenience of stored credit cards and rapid checkout, without breaking PCI compliance.
The first time a customer checks out, they are given an advanced form to enter their credit card details. If they choose to save the card, next time they check out they can reuse that card with a single click. Your customers can also view, add, edit, and delete any of their stored payment info through a 'Manage My Cards' interface in their account. All frontend features are also available in the Magento Admin Panel.
Convenient
Stored payment info is good for your business and customers.
- It simplifies checkout.
- It encourages customer loyalty.
- It streamlines order management and integrations.
- It lets your staff quickly process orders and billing changes, without needing customers to repeat their credit card info.
All frontend features are available in the admin panel. This means admins can view, add, edit, and delete customers' stored cards, and place orders using them.
When editing an order, you can reuse the payment info, even for guests.
Secure
Security is everything. We know this. Customer confidence can take years to build up, and a stolen credit card can shatter that in a moment. Nevermind the legal ramifications or fees--your customers are your business. You can't afford to risk losing them. Using this extension will protect you from many forms of credit card scraping hacks.
All communication with Carat is performed using TLS encryption, and no confidential cardholder data ever touches your server (even for a moment). Using secure Hosted Checkout, all credit card forms for this extension are contained within an iframe hosted by Carat.
This means all credit card data is sent directly from your customers to Carat, and none of it is exposed to your website or server at any time. Carat gives us a token to use in place of the actual credit card data, and we use that token for all payment processing. This lets your customers pay with a 'saved' card while the actual card is not on your server at all.
This extension implements Carat iframe payments for all credit card forms, and does not support collecting credit card data by any other means. That makes this payment method eligible for PCI v3.2 Self-Assessment Questionnaire A (PCI SAQ A), the simplest possible form and process.
Note that you must have SSL enabled on all checkout and login forms, and that this eligibility only applies to this specific payment method. Any other payment methods or credit card handling your business may perform will have its own SAQ eligibility, and may require you to complete a more stringent SAQ form.
For details on the SAQ types and what eligibility means, see "Self-Assessment Questionnaire Instructions and Guidelines (3.2)" (PDF, by PCI Standards Security Council).
In addition, Fiserv offers a PCI Rapid Comply solution as part of their Merchant Services, which includes guidelines and support to help you complete the annual SAQ.
PWA-Ready
This extension fully supports GraphQL and guest/customer REST APIs, allowing you to build out checkout and customer card management interfaces within your PWA, mobile app, or other 'headless' architecture. Note that adding or updating cards outside of Magento will require fully implementing the secure iframe payment form, or an equivalent solution.
Extensive API documentation and how-tos are available in our user manual.
Technical Specifications
Back to topSeller profile
Seller contact
Integrator
Current Version
1.1.1
Adobe Commerce platform compatibility
Adobe Commerce (cloud): 2.4 (current)
Adobe Commerce (on-prem): 2.4 (current)
Magento Open Source: 2.4 (current)
Type
Stable Build
Updated
23 April, 2025
Categories
Extensions, Payments & Security, Payment Integration
Quality Report
Back to topAll tests were conducted on the latest versions of Adobe Commerce that existed for the compatible release lines at the moment of the extension submission. Latest versions of all other software were used, as applicable.
Release Notes
Back to top1.1.1:
- Compatible with Adobe Commerce (cloud) : 2.4
- Compatible with Adobe Commerce (on-prem) : 2.4
- Compatible with Magento Open Source : 2.4
- Stability: Stable Build
-
Description:
- Added support for Magento 2.4.8.
- Fixed customer payment options address input validation.
- Fixed CVV tooltip rendering.
- Fixed PHP 7.1-7.2 compatibility.
- Fixed PHP 8.4 compatibility.
1.1.0:
- Compatible with Adobe Commerce (cloud) : 2.4
- Compatible with Adobe Commerce (on-prem) : 2.4
- Compatible with Magento Open Source : 2.4
- Stability: Stable Build
-
Description:
WARNING: Any customized extension templates or JS in your theme must be updated for compatibility with Magento's new strict CSP blocking on checkout.
- Added CSP/SRI secure mode support for 2.4.0+ (2.4.7 checkout compatibility).
- Fixed card edit duplicating the card record.
- Fixed payment extension attributes holding tokenbase_id values improperly.
- Fixed reorder applying the original payment method if a new card was entered.
- Fixed undeclared property for PHP 8.2.
1.0.1:
- Compatible with Adobe Commerce (cloud) : 2.4
- Compatible with Adobe Commerce (on-prem) : 2.4
- Compatible with Magento Open Source : 2.4
- Stability: Stable Build
-
Description:
- Added Instant Purchase support.
1.0.0:
- Compatible with Adobe Commerce (cloud) : 2.4
- Compatible with Adobe Commerce (on-prem) : 2.4
- Compatible with Magento Open Source : 2.4
- Stability: Stable Build
-
Description:
Initial release for Magento 2.3 and 2.4
Support
Back to topThe best place to start if you need help with a specific extension is to contact the developer. All Adobe Commerce developers have both a contact email and a support email listed.
Contact Vendor