Issuer & processor integration

How to consult DTP inside the authorization window: where the call sits, what it costs in latency, what comes back, and how production deployment works.

Where the call sits

Your authorization flow today: network delivers the auth request → your decision engine evaluates → you respond inside the network window. DTP adds one parallel or inline consultation:

Network auth → Processor / decision engine → DTP consult (agent txns) → combine signals → network response

The response is an advisory input to your decisioning — KYA Score, risk score, fired gates, and up-to-four reason codes structurally compatible with Mastercard DE 48.75 mapping. Your engine keeps final authority (and liability allocation reflects that — see MSA §1.3, §10).

Latency budget

Issuer authorization windows are tight and your existing decisioning already consumes most of the budget. Plan DTP consultation with explicit bounds:

Component	Guidance
DTP engine decision	23ms typical engine time; see the status page for live latency and current SLOs by tier
Network round-trip	Co-locate or peer where possible; measure from your decision engine, not from a workstation
Client timeout	Set an explicit timeout in your DTP client below your remaining window headroom
On timeout / unavailability	Fail policy applies — see below. Your auth flow never blocks on us

Fail policy

Default is FAIL_CLOSED: if DTP cannot be consulted, the advisory response is a decline recommendation for agent-initiated transactions. You may configure fail-open below a maximum amount threshold per principal — transactions approved during unavailability under that configuration are at your risk, and SLA credits exclude client-side causes. Decide this before certification, not during an incident.

Integration sequence

1. Scoping call — production issuer deployments are sales-led: book a demo. We map your auth flow, agent transaction identification, and volume tiers.
2. Sandbox integration — your team integrates against the sandbox (self-serve from here): agent registration, mandate configuration, authorization calls, webhooks.
3. MCI certification — Mandate Certified Integration: conformance across all six transaction types, intent_context implementation review, fail-policy verification, latency validation at your contracted volume, UAT sign-off.
4. Production cutover — soft-gate first (advisory logging without decision influence), then progressive enforcement as your risk team calibrates thresholds.

What your compliance team gets

Every decision carries the full explainability trail: which gates fired, the KYA Score and zone at decision time, and the agent's attested intent — exportable as SAR/STR narratives in FinCEN BSA and Panama UAF Law 23 formats. Decision records double as evidence packages for agent-transaction disputes — the full intent, scoring, and gate trail attached to each authorization supports chargeback representment and dispute lifecycle workflows. See What we verify vs. what agents attest for the verification model your auditors will ask about.