Transaction enrichment library for iOS
Use TxnKit as a transaction enrichment API from iOS. This page shows the safe request shape, a short code snippet, and the boundary for keeping sensitive data out of the integration.
Target intent
iOS apps that need transaction enrichment through a backend or carefully controlled service boundary.
TxnKit should not receive customer PII or full statement text from mobile clients.
Raw descriptor
SPOTIFY USA 877-7781161Short iOS API snippet
var request = URLRequest(url: URL(string: "https://api.txnkit.dev/v1/enrich")!)
request.httpMethod = "POST"
request.setValue("Bearer \(txnkitApiKey)", forHTTPHeaderField: "Authorization")
request.setValue("application/json", forHTTPHeaderField: "Content-Type")
request.httpBody = try JSONSerialization.data(withJSONObject: [
"raw_description": "SQ *JOES COFFEE 0421 TORONTO",
"country": "CA"
])
let (data, _) = try await URLSession.shared.data(for: request)Keep API keys out of browser bundles. For frontend stacks, call a backend route or serverless function that owns the TxnKit request.
API-shaped output
{
"input": {
"descriptor": "SPOTIFY USA 877-7781161",
"country": "CA"
},
"output": {
"merchant_name": "Spotify",
"category": "Streaming subscription",
"confidence": "medium",
"signals": [
"processor_pattern",
"merchant_alias",
"category_hint"
],
"warnings": [
"review_low_confidence_matches_before_showing_logo"
],
"logos": []
}
}Low-confidence results should keep fallback labels and warnings visible instead of forcing a guessed logo or website.
When to use
- You are building in iOS and need one-descriptor merchant cleanup through an HTTP API.
- Your app can keep the TxnKit API key on the server side or inside a trusted serverless function.
- You need merchant display names, categories, confidence, signals, warnings, and logo-ready metadata.
When not to use
- TxnKit should not receive customer PII or full statement text from mobile clients.
- Do not use TxnKit to process card numbers, account numbers, full statements, bank credentials, emails, phone numbers, addresses, customer names, or customer PII.
- Do not use TxnKit when the product requirement is guaranteed merchant identity, every-merchant resolution, or contracted uptime terms.
Proof surfaces
The public contract is POST /v1/enrich, backed by the OpenAPI file, benchmark examples, privacy rules, and deterministic request-path tests.