- Managed JIT Funding – The Marqeta platform applies spend controls to make authorization decisions.
- Gateway JIT Funding – The Marqeta platform applies spend controls to make authorization decisions and forwards funding requests to your system (the gateway) to make funding decisions.
- The available types of JIT Funding.
- The role of JIT Funding in transactions on the Marqeta platform.
- The requirements for implementing JIT Funding.
Standard funding
This section explains the standard funding model for the purpose of contrasting it with the following JIT Funding models. The standard funding model requires you to preload funds into the cardholder’s general purpose account (GPA) and to ensure that the GPA balance is sufficient to cover the transactions made by that cardholder.Transaction process
The Marqeta platform evaluates the transaction, then verifies that the cardholder’s GPA contains sufficient funds to cover the transaction.
If the authorization is valid, the Marqeta platform returns an authorization response to the card network.
Managed JIT Funding
Managed JIT Funding simplifies the funding task by handling all authorization decisions on the Marqeta platform, but limits the level of control you have over the funding approval process. For example, you can create spend controls on the Marqeta platform to limit when, where, and how much a cardholder can spend with their card, but you cannot allow or deny individual transactions. For more information on spend controls, see Controlling Spending. For a tutorial that walks you through the enablement process for Managed JIT Funding, see Configuring Managed JIT Funding.Transaction process
If the authorization is valid, the Marqeta platform moves funds from the funding source into the cardholder’s account.
Gateway JIT Funding
With Gateway JIT Funding, your system participates in the funding approval process, enabling you to have a high level of control over which transactions are successfully approved. When a cardholder with a JIT-funded account attempts to spend, the Marqeta platform sends a funding request message containing details about the transaction to the gateway endpoint on your system. Your system makes a decision to allow or deny the funds based on your own business rules and returns the appropriate response to the Marqeta platform. For example, you could block international transactions based on the country of the card acceptor, or block online transactions by requiring that the card be present at the point of sale.Note
The gateway endpoint on your system must respond to every JIT Funding request, whether you intend to allow or deny the transaction.
The gateway endpoint on your system must respond to every JIT Funding request, whether you intend to allow or deny the transaction.
Transaction process
If the authorization is valid, the Marqeta platform sends a funding request to your gateway endpoint.
Your system returns a funding response to the Marqeta platform. If the transaction indicates support for partial approval, your response can approve an amount less than or equal to the amount in the funding request.
If the funding request is approved by your system, the Marqeta platform moves funds from the funding source into the cardholder’s account.
The Marqeta platform returns an authorization response to the card network and sends an authorization notification to your webhook endpoint for validation.
Actionable vs. informative messages
The Marqeta platform sends funding requests to your gateway endpoint only if they are actionable (such as authorizations). For the remainder, the Marqeta platform sends a non-actionable notification to your webhook endpoint. You can use this data to update your account balances according to the transaction type–some transactions impact account balances and some do not. For more information, see Event Types.Partial approval
For most requests, you must allow or deny the entire funding amount. However, some requests enable you to approve only a partial amount of the requested funds. Each JIT Funding request contains apartial_approval_capable field; when set to true, your JIT Funding response can allow an amount less than the requested amount.
Metadata
Gateway JIT Funding also enables you to add metadata to your gateway’s response that populates the transaction record with additional details, such as an order number. This metadata can facilitate correlation between records on your system and the Marqeta platform, and simplify reconciliation.Managed vs. Gateway JIT Funding
In most cases, you should choose Managed JIT Funding for single-use cards, and Gateway JIT Funding for multi-use cards. The following table compares Managed JIT Funding with Gateway JIT Funding:| Managed JIT Funding | Gateway JIT Funding | |
|---|---|---|
| Authorization decisions | Handled by the Marqeta platform, based on spend controls. | Handled by the Marqeta platform, based on spend controls and your system’s authorization logic. |
| Partial approval capable | No | Yes (transaction-dependent) |
| Metadata injection | No | Yes |
| Sample use cases | Single-use cards; virtual cards for e-commerce. | Multi-use cards; additional access to funds available to cards not issued by Marqeta; additional controls on top of those supported by the Marqeta platform. |
Additional considerations
These additional considerations may help when considering which card type and JIT Funding method is right for your card product: Regulatory compliance Multi-use cards often require Know Your Customer (KYC) verification and PCI-Level 1 compliance, as do card programs that allow cash withdrawals and international spending. If your business is not PCI-Level 1 compliant, Marqeta enables you to create a multi-use card program that may reduce or remove these regulatory considerations. For more information on Marqeta’s PCI-Level 1 compliant card management components and how they can enable you to safely store, transmit, or process sensitive cardholder card data, see About UX Toolkit and Card management components. Single-use virtual cards often fall outside the scope of KYC and PCI compliance. Pending Marqeta approval, such single-use virtual cards using Managed JIT Funding may allow you to avoid implementing UX Toolkit for PCI compliance, as well as KYC verification. Funding source For Managed JIT Funding, the funding source is created and managed directly by Marqeta. Marqeta holds the account and manages ledger balances for you. For Gateway JIT Funding, you must certify and implement your gateway funding source as specified in JIT Funding implementation, and you must manage your own ledger balances.JIT Funding implementation
You will work with Marqeta to enable JIT Funding for your program. Whether you use Managed or Gateway JIT Funding, Marqeta handles the creation of the following required objects on your behalf:- A funding source configured for JIT Funding; when using Gateway JIT Funding, the funding source also defines the endpoint on your system where the Marqeta platform sends funding requests.
- A card product configured for JIT Funding associated with the above funding source.
- Spend controls that define which transactions are approved or denied by the Marqeta platform.
- An endpoint on your system for receiving and responding to actionable funding requests from the Marqeta platform. Communication between the Marqeta platform and your system requires TLS v1.2 or greater. Your endpoint must not allow communication using unencrypted HTTP or accept connections on port 80.
- One or more funding-decision algorithms on your system that decides whether to approve or deny the request and returns the appropriate response to the Marqeta platform.
- An endpoint on your system for receiving informative event notifications; the Marqeta platform sends webhook notifications to your endpoint within seconds of each transaction that enable you to track requests, maintain balances, and resolve time-out issues.
Gateway JIT Funding certification
When you use Gateway JIT Funding, you directly participate in the card network’s authorization process. For this reason, it is essential for your gateway to respond both promptly and correctly in every supported transaction scenario. Before enabling Gateway JIT Funding in your production environment, a Marqeta representative works with you in your private sandbox environment to ensure your gateway endpoint responds appropriately in each scenario. The private sandbox environment provides real-time simulations of the transaction scenarios encountered in a production environment and provides the feedback necessary for resolving issues of accuracy and responsiveness. Contact your Marqeta representative for more information on Gateway JIT Funding certification.Handling failures
There are multiple fallback measures for ensuring that cards continue to function in the event of a system failure during the transaction process. You can check thestandin_by field of a transaction record to see if Stand-in Processing (STIP) was necessary and who handled the transaction instead. The presence of the standin_approved_by field indicates that the transaction was approved.
If the card network cannot connect to the Marqeta platform, it performs STIP. The card network makes authorization decisions as necessary and notifies the Marqeta platform later with information about transactions that occurred while STIP was enabled. The standin_by field of the transaction will have a value of NETWORK.
If your system cannot respond to a Gateway JIT Funding request, the Marqeta platform uses Commando Mode to make a decision in your place based on defined business rules. The Marqeta platform stores any unsent webhooks for later transmission, ensuring that card state and account balances on your system correspond with activity that occurred while Commando Mode was in effect. The standin_approved_by field of the transaction will have a value of COMMANDO_AUTO or COMMANDO_MANUAL, depending on what triggered Commando Mode to be enabled.