Debit Solutions
-
Client Create -
Account Create -
Card Create -
Card Activate -
Card Set Pin -
Card Pin Verification -
Card Pin Change - CardPinChange POST
-
Pin Tries Counter Reset -
Get CVV2 -
Lookup Card Identifier -
Cards List -
Accounts List -
Card Details Enquiry -
Customer Details -
Card Status Change -
Card Replacement -
Client Update -
Account Update -
Card Update -
Get Limits -
Switch Restrictions -
Update Limits -
Get Restrictions -
Bulk Card Create -
Bulk List Of Cards -
Bulk Card Summary -
Bulk Move Cards -
OnlineEmbossing -
Account Status Change -
Switch MCC -
Release Pending Authorization -
Get MCC Controls -
Get Account Transactions -
Get Dictionaries MCC -
Set FXRates -
Get FXRates -
Card Contact Details
Credit Solutions
Overview
Prepaid card services in NI allow users to access and use prepaid cards in the payment processing system. Prepaid cards are a type of payment card that are loaded with a specific amount of funds, which can be used to make purchases or withdraw cash at locations that accept the card.Users of prepaid card services in a payment processing company can typically:
Activate prepaid cards
Users can activate prepaid cards when they are first issued or after they have been deactivated for any reason.
Check card balances
Users can check the balance on a prepaid card in real-time or on a scheduled basis.
View transaction history
Users can view a detailed record of all transactions made with a prepaid card, including the date, time, amount, and location of each transaction.
Reload cards
Users can add funds to a prepaid card, either by transferring money from another account or by purchasing a reload card.
Resolve disputes
Users can access a process for resolving disputes or issues that may arise with prepaid card transactions.
Protect against fraud
Users can access measures to detect and prevent fraudulent activity on prepaid cards, such as monitoring for suspicious activity or requiring additional authentication for certain transactions.
Manage card accounts
Users can view and manage their prepaid card accounts, including the ability to set spending limits, view transaction history, and update personal information.
Debit Solutions
Card Pin Change
Status:
Production
Version:
V2
Product:
Debit Solutions
Card PIN Change
Overview
This API allows for the updating of a Personal Identification Number (PIN) on a card. This is typically used when a cardholder believes their current PIN may have been compromised, or for added security. In order to change the PIN, the API requires the cardholder to provide their current or old PIN to validate their identity.
If the validation fails, the request will be declined. Once the PIN has been successfully updated, it will be the new PIN expected for any Point of Sales (POS) purchases. To ensure the secure exchange of sensitive information, this API utilizes cryptography techniques. For more information on the encryption methods used, please refer to the "Get Encryption Certificate" API.
Security
The API uses asymmetric encryption to secure the exchange of sensitive PIN information.
PCI-DSS compliance
The PIN exchange strategy has been certified by the Payment Card Industry Data Security Standard (PCI-DSS), ensuring compliance with industry standards.
No Hardware Security Module (HSM) required
he API uses software encryption and PIN block algorithms, eliminating the need for an HSM.
How It Works
This API allows for the changing of a PIN on a card by validating the old PIN and setting the new one. The PIN is used for Point of Sales purchases. In order to use this API, the 'Get Encryption Certificate' API must be used to securely prepare the PIN before transport. This will provide an X509 Certificate containing a public key linked to the institution.
The process of communicating the PIN with the system involves the following steps:
- Retrieve the encryption certificate using the 'Get Encryption Certificate' API.
- Capture both the old and new PIN from the cardholder through the appropriate channels. It is important to note that these operations should not be logged or stored.
- If the Card PAN is not available, use the Card Lookup API to retrieve it. This is necessary to form the Pinblock using the ISO 9564 Pinblock format-0 Algorithm.
- Form the Pinblock for both the old and new PIN and encrypt them under the certificate.
- Use the resulting values of both the old and new PIN in this API.
- It is important to note that the Pinblock must be in a Hexstring format when being encrypted.
Overall, this API uses cryptography to ensure the secure exchange of sensitive information, such as the cardholder's PIN, and requires strict adherence to certain procedures and protocols to maintain the security of this information.
Process 1
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.
Process 1
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.
Process 1
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.
Status:
Production
Version:
V2
Product:
Debit Solutions
| Node | Child Node | Type | Length | Description |
|---|---|---|---|---|
| Authorization | Bearer xxxx | string | Authorization Header (Bearer Token) | |
| Content-Type | application/json | string | Content Type |
| Node Type | Type | Length | Description | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| NISrvRequest | request_card_pin_change | header | msg_id | string | 12 | Message ID, this field should be unique id for each Api call. This will be generated from client side. If the same message ID is used the system will decline the API call with Error Description “Duplicate Message ID” | ||||
| msg_type | string | 12 | Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “ENQUIRY” | |||||||
| msg_function | string | 50 | Message functions: Should be “REQ_CARD_PIN_CHANGE” | |||||||
| src_application | string | 10 | Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems | |||||||
| target_application | string | 10 | The target_application can hold any value from FI side, this can be used by FI to check the target system of the API call | |||||||
| timestamp | string | 30 | Timestamp of the response Date & time Format DD/MM/YYYY HH:MM:SS | |||||||
| tracking_id | string | 15 | Transaction Tracking Id | |||||||
| bank_id | string | 4 | Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC” | |||||||
| instance_id | string | 10 | instance_id | |||||||
| body | card_identifier_id | string | 32 | 454545XXXXXX1234 | ||||||
| card_identifier_type | string | 20 | CONTRACT_NUMBER is used for clear card number or EXID which is a unique identifier for the card generated by CMS | |||||||
| card_expiry_date | string | 4 | YYMM Ex: 2310 | |||||||
| encrypted_old_pin | string | 20 | Encrypted old Pin block under ZPK Ex: 7B47D3321D4A5F63 | |||||||
| encrypted_new_pin | string | 20 | Encrypted New Pin block under ZPK Ex: 7B47D3321D4A5F63 | |||||||
| encryption_method | string | 20 | Encryption Method to be used for the encryption of the pin | |||||||
{
"NISrvRequest": {
"request_card_pin_change": {
"header": {
"msg_id": "12345",
"msg_type": "ENQUIRY",
"msg_function": "REQ_CARD_PIN_CHANGE",
"src_application": "IVR",
"target_application": "WAY4",
"timestamp": "2020-07-20T10:49:02.366+04:00",
"bank_id": "NIC"
},
"body": {
"card_identifier_id": "99984100148297467162",
"card_identifier_type": "EXID",
"card_expiry_date": "2711",
"encrypted_old_pin": "9C74D3321D4A5E36",
"encrypted_new_pin": "7B47D3321D4A5F63",
"encryption_method": "SYMMETRIC"
}
}
}
}| Node | Child Node | Type | Length | Description | |
|---|---|---|---|---|---|
| Content-Type | application/json | string | Content Type | ||
| Node Type | Type | Length | Description | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| NISrvResponse | response_card_pin_change | header | msg_id | string | 12 | Unique Source Message ID eg ada123456fdsf | ||||
| msg_type | string | 12 | Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “ENQUIRY” | |||||||
| msg_function | string | 50 | Default RES_CARD_PIN_CHANGE | |||||||
| src_application | string | 10 | Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems | |||||||
| tracking_id | string | 15 | Transaction Tracking Id | |||||||
| bank_id | string | 4 | Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC” | |||||||
| instance_id | string | 10 | instance_id | |||||||
| exception_details | application_name | string | 20 | Application Name | ||||||
| date_time | string | 30 | Timestamp of the response Format “YYYY-MM-DD HH:MM:SS” | |||||||
| status | string | 1 | Status of the request (S/F) | |||||||
| error_code | string | 4 | EAI Internal Error Code (Check error codes section for the complete list of error codes and error code descriptions) | |||||||
| error_description | string | 100 | Error Description (Check error codes section for the complete list of error codes and error code descriptions) | |||||||
| transaction_ref_id | string | 20 | The tracking_id sent in the request will be sent back in response in this field. | |||||||
{
"NISrvResponse": {
"response_card_pin_change": {
"header": {
"msg_id": "236001",
"msg_type": "TRANSACTION",
"msg_function": "RES_CARD_PIN_CHANGE",
"src_application": "IVR",
"target_application": "CMS",
"timestamp": "2020-07-20T10:49:02.366+04:00",
"bank_id": "NIC",
"instance_id": "InstanceID"
},
"exception_details": {
"application_name": "TCC-ADP",
"date_time": "2023-02-01T16:39:47.314+04:00",
"status": "S",
"error_code": "000",
"error_description": "Success"
}
}
}
}| Code | Description |
|---|---|
| 200 | Sample Description |
| 400 | Bad Request |
| 401 | Unauthorized |
| 403 | Forbidden |
| 500 | Internal Server Error |
| 502 | Bad gateway |
| 503 | Scheduled Maintenance |
| 504 | Gateway Timeout |
| 596 | Service Not Found |
