Implementation Phases and Timeline Structure
Let’s look at the implementation timelines and phased rollout structure DECTA uses to onboard new clients.
Phase 1: Pre-Implementation and Documentation (Days 1–14)
DECTA's first step for implementation post-initial communication/integration is a review of documentation and a questionnaire to determine which functionalities of DAPI (DECTA API) functionalities will be required per unique business needs. This avoids implementing features that aren't necessary, creates less confusion, and expedites implementation.
DECTA provides its detailed documentation as well as the Test and production environment credentials including URLs and certificates required for integration. The Certificate-based authentication process happens once on behalf of each client in both test and production environments to simplify one's attention to security across the board while still maintaining adequate, PCI DSS compliance security.
This step also requires the setting up of Legal entity structures in the DECTA system. These entities need to be established prior to Merchant and terminal configurations and should be registered with respective authorities. DECTA API works to manage legal entities with the creation, edition, and assignment of rate plans.
Phase 2: Core System Integration (Days 15–45)
During this phase, all necessary card and client transactions come into play due to business operations. Clients only connect required functionalities, thereby enabling integration to be less complex.
Through DECTA's Merchant Management API, the payment acceptance infrastructure can be carded immediately. Merchant ID assignments take place at the merchant premise level, meaning the same ownership can have various Merchant IDs for alternate preferences or transaction types.
If an on-premise POS is required, Terminal ID creation takes place during this phase as well. DECTA boasts various types of terminals, all of which receive a Terminal ID upon carding. Terminal devices must be Level 3 certified terminals, complying with both Mastercard and Visa.
Phase 3: Testing and Validation (Days 46–75)
Ensure everything necessary works before production by utilizing DECTA's testing environment. The testing environment utilizes the same DAPI (DECTA API) functionalities as production, meaning it's used for discovering integration points and business logic.
EMV 3DS (3D Secure) implementations must be validated for all businesses, meaning every version of EMV 3DS (3D Secure) works as necessary for both Mastercard and Visa. The system will assign Strong Consumer Authentication (SCA) exemptions while determining multiple device channels—both should be tested exhaustively.
Testing integration with Tokenized payments like Apple Pay, Google Pay, Samsung Pay, and Garmin Pay is also required. These payment processors empower Contactless NFC payments while maintaining PCI DSS compliance for eCommerce. Each token flow and acceptance security requires validation to ensure proper functionality across channels.