> ## Documentation Index > Fetch the complete documentation index at: https://docs.caibo.digital/llms.txt > Use this file to discover all available pages before exploring further. # FAQ > Frequently asked questions about Caibo H2H integration # Frequently Asked Questions Common questions and answers for Caibo Host-to-Host payment integration. ## Getting Started ### Q: How do I get API keys for testing? **A:** Sign up for a Caibo merchant account and access your dashboard to retrieve sandbox API keys. Production keys are available after account verification. ### Q: What's the difference between sandbox and production? **A:** * **Sandbox**: Testing environment with simulated responses, test cards, and fake transactions * **Production**: Live environment processing real payments with actual money ### Q: How long does account verification take? **A:** Typically 1-3 business days. You can start testing with sandbox immediately while verification is in progress. ## Integration ### Q: Which programming languages are supported? **A:** Caibo H2H is a REST API that works with any language that can make HTTP requests. We provide examples in: * JavaScript/Node.js * Python * PHP * cURL ### Q: Do I need to store card details? **A:** No, Caibo H2H is designed for server-to-server payments without storing sensitive card data on your servers. Card details are handled securely by our payment processors. ### Q: Can I use H2H for mobile apps? **A:** H2H is designed for server-to-server communication. For mobile apps, use our mobile SDKs or implement H2H on your backend server. ## Payment Methods ### Q: Which payment methods are supported? **A:** * Credit/Debit Cards (Visa, Mastercard, Amex, Discover) * UPI (India) * Google Pay * Apple Pay * Alternative payments (bank transfers, BNPL) ### Q: How do I add new payment methods? **A:** Contact our support team to enable additional payment methods for your account. Some methods may require additional verification. ### Q: Are there country restrictions? **A:** Payment method availability varies by country. Check our payment methods guide for specific regional support. ## Webhooks ### Q: Are webhooks required? **A:** While not mandatory, webhooks are strongly recommended for real-time payment status updates and better user experience. ### Q: What happens if my webhook endpoint is down? **A:** We retry webhook deliveries with exponential backoff for up to 24 hours. You can also poll the payment status endpoint. ### Q: How do I verify webhook authenticity? **A:** Use HMAC SHA512 signature verification with your webhook secret: ```javascript theme={null} const crypto = require('crypto'); function verifyWebhook(payload, signature, secret) { const expectedSignature = crypto .createHmac('sha512', secret) .update(payload) .digest('hex'); return signature === expectedSignature; } ``` ## Security ### Q: How secure is the H2H API? **A:** * PCI DSS Level 1 compliant * TLS 1.2+ encryption * API key authentication * Webhook signature verification * Fraud detection and prevention ### Q: Should I validate payments on my server? **A:** Yes, always verify payment status using our API or webhooks. Never rely solely on client-side confirmation. ### Q: How do I handle sensitive data? **A:** * Never log API keys or webhook secrets * Use environment variables for credentials * Implement proper access controls * Follow PCI DSS guidelines ## Testing ### Q: What test cards should I use? **A:** Use our provided test cards: * Success: `4111111111111111` * Declined: `4000000000000002` * 3DS Required: `4000000000003220` See our [Testing Guide](/h2h/testing-sandbox) for complete test data. ### Q: How do I test webhooks locally? **A:** Use ngrok to expose your local server: ```bash theme={null} ngrok http 3000 # Use the HTTPS URL as your webhook endpoint ``` ### Q: Can I test 3D Secure flows? **A:** Yes, use specific test cards that trigger 3DS authentication in sandbox mode. ## Errors & Troubleshooting ### Q: Why am I getting 401 Unauthorized? **A:** Check that: * API key is correct * `X-API-Key` header is included * Using the right environment (sandbox/production) ### Q: Payment shows as pending but never completes **A:** * Check webhook delivery * Verify webhook signature handling * Poll payment status endpoint * Review error logs ### Q: How do I handle rate limits? **A:** Implement exponential backoff and respect the `Retry-After` header: ```javascript theme={null} async function retryWithBackoff(fn, maxRetries = 3) { for (let i = 0; i < maxRetries; i++) { try { return await fn(); } catch (error) { if (error.status === 429 && i < maxRetries - 1) { const delay = Math.pow(2, i) * 1000; await new Promise(resolve => setTimeout(resolve, delay)); continue; } throw error; } } } ``` ## Payments & Transactions ### Q: What's the maximum transaction amount? **A:** Limits vary by payment method and region: * Credit Cards: Typically \$10,000 USD * UPI: ₹1,00,000 INR per transaction * Contact support for higher limits ### Q: How long do payments take to process? **A:** * Credit Cards: Instant (few seconds) * UPI: Instant * Bank transfers: 1-3 business days * Alternative payments: Varies by method ### Q: Can I refund payments? **A:** Yes, use the refund endpoint or contact support. Refund availability depends on the payment method and processor. ### Q: How do I handle partial payments? **A:** H2H processes full amounts only. For partial payments, create multiple payment requests or implement split payments in your application logic. ## Business & Billing ### Q: What are the transaction fees? **A:** Fees vary by payment method, transaction volume, and region. Contact our sales team for detailed pricing. ### Q: When do I get paid? **A:** Settlement schedules depend on your merchant agreement, typically: * Daily settlements for established merchants * Weekly settlements for new merchants ### Q: Can I use multiple currencies? **A:** Yes, we support multiple currencies. Available currencies depend on your account configuration and payment methods. ## Development ### Q: Is there a Postman collection? **A:** Yes, we provide a Postman collection with pre-configured requests and environments. Contact support for access. ### Q: How do I handle timeouts? **A:** Set appropriate timeouts and implement retry logic: ```javascript theme={null} const axios = require('axios'); const client = axios.create({ timeout: 30000, // 30 seconds retry: 3, retryDelay: 1000 }); ``` ### Q: Can I customize the payment flow? **A:** H2H provides server-to-server payment processing. For custom UI flows, combine H2H with our frontend SDKs or build your own interface. ### Q: How do I migrate from another payment provider? **A:** 1. Set up Caibo account and test integration 2. Run parallel processing during transition 3. Gradually migrate traffic 4. Contact our migration team for assistance ## Support ### Q: How do I contact support? **A:** * **Email**: [support@caibo.com](mailto:support@caibo.com) * **Documentation**: Browse our guides * **Emergency**: [emergency@caibo.com](mailto:emergency@caibo.com) (production issues) ### Q: What information should I include in support requests? **A:** * Error codes and messages * Request IDs * Timestamps * Steps to reproduce * Code samples (remove sensitive data) ### Q: Do you offer implementation support? **A:** Yes, we provide technical support during integration. Premium support packages are available for complex implementations. ## Compliance ### Q: Are you PCI compliant? **A:** Yes, Caibo is PCI DSS Level 1 compliant. Your H2H integration doesn't handle card data directly, reducing your PCI scope. ### Q: What about GDPR compliance? **A:** We're GDPR compliant and provide data processing agreements. Ensure your implementation follows GDPR requirements for customer data. ### Q: Do you support Strong Customer Authentication (SCA)? **A:** Yes, we support 3D Secure 2.0 for SCA compliance in European markets. ## Still Have Questions? Get help from our technical team Troubleshoot common issues Test your integration Complete API documentation