Debit Solutions

Overview

Our one-stop, centralised solution for Debit Card processing is designed to provide you with a seamless and secure payment experience. Whether you are a small business or a large enterprise, our solution is cost-effective, easily configurable and scalable to meet your specific needs.

With our Debit Card processing solution, you can easily accept payments from your customers and enjoy faster access to your funds. Our platform supports all major debit card networks, so you can accept payments from customers regardless of their bank.

Activate Debit cards

Users can activate debit cards when they are first issued or after they have been deactivated for any reason.

Check card balances

Users can check the balance on a debit card in real-time or on a scheduled basis.

View transaction history

Users can view a detailed record of all transactions made with a debit card, including the date, time, amount, and location of each transaction.

Reload cards

Users can add funds to a debit card, either by transferring money from another account or by purchasing a reload card.

Resolve disputes

Users can access a process for resolving disputes or issues that may arise with debit card transactions.

Protect against fraud

Users can access measures to detect and prevent fraudulent activity on debit cards, such as monitoring for suspicious activity or requiring additional authentication for certain transactions.

Manage card accounts

Users can view and manage their debit card accounts, including the ability to set spending limits, view transaction history, and update personal information.

Download

Client Create(Post)

This API is used to create a new cardholder within a financial institution. It can be used to register a new customer and issue them with a card.

Account Create(Post)

The Account Create API allows for the creation of new customer accounts. Parameters include customer ID, card type, branch code, Product code, currency, and custom fields.

Card Create(Post)

A card creation API in a payment processing company allows users to add a credit or debit card to their account on the payment platform.

Card Activate(Post)

This API is used for activating newly issued cards or ones that have been renewed. Enables transactions on a new or replaced card by activating it.

Card Set Pin(Post)

This API enables the setting of a personal identification number (PIN) for a specific card, which can then be used for point of sale or ATM transactions.

Card Pin Verification(Post)

This API is used to check if a PIN provided by the cardholder matches the one associated with the card, in order to confirm the identity of the cardholder.

Card Pin Change(Post)

This API allows a cardholder to change their PIN by verifying their current PIN and setting a new one. The new PIN will be used for Point of Sales or ATM transactions.

Pin Tries Counter Reset(Post)

This API allows to reset the number of attempts a user has made to enter the correct PIN, in case the user has entered the incorrect PIN multiple times.

Get CVV2(Post)

This API allows consumers to retrieve the CVV2 (Card Verification Value 2) for a specific card.

Lookup Card Identifier(Post)

This API allows you to obtain an alternative identifier for a given card by using its identifier as input, the API will then return a different type of identifier such as tokenized card identifier.

Cards List(Post)

This API obtains a comprehensive listing of all the cards linked to a specific cardholder, including prepaid, credit, and debit cards.

Accounts List(Post)

The List of Accounts API is a useful tool for payment processing companies that offer a range of financial products, such as credit cards, debit cards, and bank accounts. This API allows customers to easily view a list of all their accounts with the payment processing company, providing a convenient way to manage their finances and keep track of their spending.

Card Details Enquiry(Post)

This API is used to retrieve information about a specific card such as the primary account number, the product the card is associated with, the status of the card, and any balances associated with the card.

Customer Details(Post)

A customer details enquiry API allows a payment processing company to retrieve information about a customer's account. This could be used, for example, by a merchant to get information about a customer's billing address or by a customer service representative to verify account details.

Card Transaction(Post)

This API posts a financial transactions on card or account by debiting or crediting the account balance with provided amount and currency.

Card Statement Summary(Post)

This API is used to Retrieve past transactions made using a specific card.

Card Status Change(Post)

This API is used to change the status of a card or account, such as blocking or unblocking it. It is used primarily for security purposes.

Get Card Transactions(Post)

This API is used to Retrieve past transactions made using a specific card.

Card Replacement(Post)

This API is used to request a new card to replace a lost, stolen, damaged, or expired card.

Client Update(Post)

A client update API in a payment processing company allows users to update information for an existing client account in the payment processing system.

Account Update(Post)

This API allows for the updating of an existing account for a cardholder.

Card Update(Post)

The API facilitates the modification of an existing card associated with a specific account and cardholder.

Get Limits(Post)

This API allows customers to easily view a summary of their limit usage, providing a convenient way to keep track of their spending and manage their finances.

Card Balance Enquiry(Post)

Obtains information about the card's available funds and balances related to the product type.

Switch Restrictions(Post)

This API allows customers to seamlessly switch restrictions on their credit or debit cards, helping them to make decisions about their spending.

Update Limits(Post)

This API enables customers to quickly and easily view any limits on their credit or debit cards, helping them to make informed decisions about their spending.

Get Companies(Post)

This API enables customers to Get the details of the companies

Get Restrictions(Post)

This API enables customers to quickly and easily view any restrictions on their credit or debit cards, helping them to make informed decisions about their spending.

Bulk Card Create(Post)

Bulk card create can generate a pool of no-name plastic cards ready for instant issuance.

Bulk List Of Cards(Post)

Bulk list of cards can be used to check the status of bulk card create requests or to access the list of pre-embossed cards.

Bulk Card Summary(Post)

Bulk card summary can be used to check summary of the cards available in stock.

Bulk Move Cards(Post)

Bulk move cards can be used to move card/list of cards or batches from one client to another.

OnlineEmbossing(Post)

This API is used to immediately send a request for card embossing.

Card Direct Debit(Post)

This API retrieves direct debit details of specific account details.

Card Direct Debit Update(Post)

This API receives updates on direct debit details of specific accounts used by the bank.

P2P Transfer(Post)

This API facilitates debiting from the "source identifier" and crediting to the "target identifier" for the requested amount within the same financial institution.

Account Transaction(Post)

This API retrieves all accounts within a commercial or multi-currency hierarchy under a specific client ID or account number.

Account Status Change(Post)

This API updates block codes on the account level for an account identifier.

Switch MCC(Post)

This API enables or disables MCC groups/codes for a card.

Release Pending Authorization(Post)

This API cancels pending authorizations. It will only search for pending authorizations.

Get MCC Controls(Post)

This API retrieves all blocked and/or allowed MCC groups and codes.

Account Balance Enquiry(Post)

The Account Balance API receives balance details of account numbers.

Account Hierarchy Enquiry(Post)

This API retrieves all accounts within a commercial or multi-currency hierarchy under a specific client ID or account number.

Get Account Transactions(Post)

This API pulls transactions which are authorized, time_based/posted, or statemented to account.

Get Dictionaries MCC(Post)

This API retrieves all blocked and/or allowed MCC groups and codes.

Set FXRates(Post)

This service is used by an FI to set FX rates for a currency.

Get FXRates(Post)

This service is used by an FI to get FX rates for a currency.

Account Transfer(Post)

This API is used to transfer account and its sub accounts and cards from one product to another.

Get Eligible Transactions(Post)

This API retrieves a list of transactions that qualify for conversion into an installment plan.

Refinance Transaction(Post)

This API allows the conversion of a specific transaction into an installment plan.

Get Plan List(Post)

This API allows fetching the list of active instalment plans.

Get Plan Details ById(Post)

This API allows fetching all the details related to active instalment plan.

Card Contact Details(Post)

This API allows fetching the customer contact details.

Card Pin Change

Status:

Production

Version:

V2

Product:

Credit Solutions

Card PIN Change

Overview

This API allows for the updating of a Personal Identification Number (PIN) on a card. This is typically used when a cardholder believes their current PIN may have been compromised, or for added security. In order to change the PIN, the API requires the cardholder to provide their current or old PIN to validate their identity.

If the validation fails, the request will be declined. Once the PIN has been successfully updated, it will be the new PIN expected for any Point of Sales (POS) purchases. To ensure the secure exchange of sensitive information, this API utilizes cryptography techniques. For more information on the encryption methods used, please refer to the "Get Encryption Certificate" API.

Security

The API uses asymmetric encryption to secure the exchange of sensitive PIN information.

PCI-DSS compliance

The PIN exchange strategy has been certified by the Payment Card Industry Data Security Standard (PCI-DSS), ensuring compliance with industry standards.

No Hardware Security Module (HSM) required

he API uses software encryption and PIN block algorithms, eliminating the need for an HSM.

How It Works

This API allows for the changing of a PIN on a card by validating the old PIN and setting the new one. The PIN is used for Point of Sales purchases. In order to use this API, the 'Get Encryption Certificate' API must be used to securely prepare the PIN before transport. This will provide an X509 Certificate containing a public key linked to the institution.

The process of communicating the PIN with the system involves the following steps:

Retrieve the encryption certificate using the 'Get Encryption Certificate' API.
Capture both the old and new PIN from the cardholder through the appropriate channels. It is important to note that these operations should not be logged or stored.
If the Card PAN is not available, use the Card Lookup API to retrieve it. This is necessary to form the Pinblock using the ISO 9564 Pinblock format-0 Algorithm.
Form the Pinblock for both the old and new PIN and encrypt them under the certificate.
Use the resulting values of both the old and new PIN in this API.
It is important to note that the Pinblock must be in a Hexstring format when being encrypted.

Overall, this API uses cryptography to ensure the secure exchange of sensitive information, such as the cardholder's PIN, and requires strict adherence to certain procedures and protocols to maintain the security of this information.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Node	Child Node	Type	Length	Description
Authorization* required	Bearer xxxx* required	string		Authorization Header (Bearer Token)
Content-Type* required	application/json* required	string		Content Type

Node Type				Type	Length	Description
NISrvRequest	request_card_pin_change	header	msg_id* required	string	12	Message ID, this field should be unique id for each Api call. This will be generated from client side. If the same message ID is used the system will decline the API call with Error Description “Duplicate Message ID”
			msg_type* required	string	12	Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “ENQUIRY”
			msg_function* required	string	50	Message functions: Should be “REQ_CARD_PIN_CHANGE”
			src_application* required	string	10	Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems
			target_application* required	string	10	The target_application can hold any value from FI side, this can be used by FI to check the target system of the API call
			timestamp* required	string	30	Timestamp of the response Date & time Format DD/MM/YYYY HH:MM:SS
			tracking_id	string	15	Transaction Tracking Id
			bank_id* required	string	4	Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC”
			instance_id	string	10	instance_id
		body	card_identifier_id* required	string	32	454545XXXXXX1234
			card_identifier_type* required	string	20	CONTRACT_NUMBER is used for clear card number or EXID which is a unique identifier for the card generated by CMS
			card_expiry_date* required	string	4	YYMM Ex: 2310
			encrypted_old_pin* required	string	20	Encrypted old Pin block under ZPK Ex: 7B47D3321D4A5F63
			encrypted_new_pin* required	string	20	Encrypted New Pin block under ZPK Ex: 7B47D3321D4A5F63
			encryption_method* required	string	20	Encryption Method to be used for the encryption of the pin

{"NISrvRequest":{"request_card_pin_change":{"header":{"msg_id":"12345","msg_type":"ENQUIRY","msg_function":"REQ_CARD_PIN_CHANGE","src_application":"IVR","target_application":"WAY4","timestamp":"2020-07-20T10:49:02.366+04:00","bank_id":"NIC"},"body":{"card_identifier_id":"99984100148297467162","card_identifier_type":"EXID","card_expiry_date":"2711","encrypted_old_pin":"9C74D3321D4A5E36","encrypted_new_pin":"7B47D3321D4A5F63","encryption_method":"SYMMETRIC"}}}}

{
    "NISrvRequest": {
        "request_card_pin_change": {
            "header": {
                "msg_id": "12345",
                "msg_type": "ENQUIRY",
                "msg_function": "REQ_CARD_PIN_CHANGE",
                "src_application": "IVR",
                "target_application": "WAY4",
                "timestamp": "2020-07-20T10:49:02.366+04:00",
                "bank_id": "NIC"
            },
            "body": {
                "card_identifier_id": "99984100148297467162",
                "card_identifier_type": "EXID",
                "card_expiry_date": "2711",
                "encrypted_old_pin": "9C74D3321D4A5E36",
                "encrypted_new_pin": "7B47D3321D4A5F63",
                "encryption_method": "SYMMETRIC"
            }
        }
    }
}

Node	Child Node		Type	Length	Description
Content-Type	application/json		string		Content Type

Node Type				Type	Length	Description
NISrvResponse	response_card_pin_change	header	msg_id* required	string	12	Unique Source Message ID eg ada123456fdsf
			msg_type* required	string	12	Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “ENQUIRY”
			msg_function* required	string	50	Default RES_CARD_PIN_CHANGE
			src_application* required	string	10	Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems
			tracking_id	string	15	Transaction Tracking Id
			bank_id* required	string	4	Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC”
			instance_id	string	10	instance_id
		exception_details	application_name* required	string	20	Application Name
			date_time* required	string	30	Timestamp of the response Format “YYYY-MM-DD HH:MM:SS”
			status* required	string	1	Status of the request (S/F)
			error_code* required	string	4	EAI Internal Error Code (Check error codes section for the complete list of error codes and error code descriptions)
			error_description* required	string	100	Error Description (Check error codes section for the complete list of error codes and error code descriptions)
			transaction_ref_id	string	20	The tracking_id sent in the request will be sent back in response in this field.

{"NISrvResponse":{"response_card_pin_change":{"header":{"msg_id":"236001","msg_type":"TRANSACTION","msg_function":"RES_CARD_PIN_CHANGE","src_application":"IVR","target_application":"CMS","timestamp":"2020-07-20T10:49:02.366+04:00","bank_id":"NIC","instance_id":"InstanceID"},"exception_details":{"application_name":"TCC-ADP","date_time":"2023-02-01T16:39:47.314+04:00","status":"S","error_code":"000","error_description":"Success"}}}}

{
    "NISrvResponse": {
        "response_card_pin_change": {
            "header": {
                "msg_id": "236001",
                "msg_type": "TRANSACTION",
                "msg_function": "RES_CARD_PIN_CHANGE",
                "src_application": "IVR",
                "target_application": "CMS",
                "timestamp": "2020-07-20T10:49:02.366+04:00",
                "bank_id": "NIC",
                "instance_id": "InstanceID"
            },
            "exception_details": {
                "application_name": "TCC-ADP",
                "date_time": "2023-02-01T16:39:47.314+04:00",
                "status": "S",
                "error_code": "000",
                "error_description": "Success"
            }
        }
    }
}

Code	Description
200	Sample Description
400	Bad Request
401	Unauthorized
403	Forbidden
500	Internal Server Error
502	Bad gateway
503	Scheduled Maintenance
504	Gateway Timeout
596	Service Not Found