Prepaid Solutions

Overview

With our prepaid solution, you can extend prepaid products to customers without constraints such as credit rating, income, or bank account ownership. The solution includes issuer, branch, corporate, or cardholder web-based portals, enabling effortless sales, maintenance, load, and card or customer lifecycle management. These features empower non-banked customers to manage their finances like seasoned professionals, making financial management more accessible and straightforward.

Activate prepaid cards

Users can activate prepaid cards when they are first issued or after they have been deactivated for any reason.

Check card balances

Users can check the balance on a prepaid card in real-time or on a scheduled basis.

View transaction history

Users can view a detailed record of all transactions made with a prepaid card, including the date, time, amount, and location of each transaction.

Reload cards

Users can add funds to a prepaid card, either by transferring money from another account or by purchasing a reload card.

Resolve disputes

Users can access a process for resolving disputes or issues that may arise with prepaid card transactions.

Manage card accounts

Users can view and manage their prepaid card accounts, including the ability to set spending limits, view transaction history, and update personal information.

Download

Client Create(Post)

This API is used to create a new cardholder within a financial institution. It can be used to register a new customer and issue them with a card.

Account Create(Post)

The Account Create API allows for the creation of new customer accounts. Parameters include customer ID, card type, branch code, Product code, currency, and custom fields.

Card Create(Post)

A card creation API in a payment processing company allows users to add a credit or debit card to their account on the payment platform.

Card Activate(Post)

This API is used for activating newly issued cards or ones that have been renewed. Enables transactions on a new or replaced card by activating it.

Card Set Pin(Post)

This API enables the setting of a personal identification number (PIN) for a specific card, which can then be used for point of sale or ATM transactions.

Card Pin Verification(Post)

This API is used to check if a PIN provided by the cardholder matches the one associated with the card, in order to confirm the identity of the cardholder.

Card Pin Change(Post)

This API allows a cardholder to change their PIN by verifying their current PIN and setting a new one. The new PIN will be used for Point of Sales or ATM transactions.

Pin Tries Counter Reset(Post)

This API allows to reset the number of attempts a user has made to enter the correct PIN, in case the user has entered the incorrect PIN multiple times.

Get CVV2(Post)

This API allows consumers to retrieve the CVV2 (Card Verification Value 2) for a specific card.

Lookup Card Identifier(Post)

This API allows you to obtain an alternative identifier for a given card by using its identifier as input, the API will then return a different type of identifier such as tokenized card identifier.

Cards List(Post)

This API obtains a comprehensive listing of all the cards linked to a specific cardholder, including prepaid, credit, and debit cards.

Accounts List(Post)

The List of Accounts API is a useful tool for payment processing companies that offer a range of financial products, such as credit cards, debit cards, and bank accounts. This API allows customers to easily view a list of all their accounts with the payment processing company, providing a convenient way to manage their finances and keep track of their spending.

Card Details Enquiry(Post)

This API is used to retrieve information about a specific card such as the primary account number, the product the card is associated with, the status of the card, and any balances associated with the card.

Customer Details(Post)

A customer details enquiry API allows a payment processing company to retrieve information about a customer's account. This could be used, for example, by a merchant to get information about a customer's billing address or by a customer service representative to verify account details.

Card Transaction(Post)

This API posts a financial transactions on card or account by debiting or crediting the account balance with provided amount and currency.

Card Statement Summary(Post)

This API is used to Retrieve past transactions made using a specific card.

Card Status Change(Post)

This API is used to change the status of a card or account, such as blocking or unblocking it. It is used primarily for security purposes.

Get Card Transactions(Post)

This API is used to Retrieve past transactions made using a specific card.

Card Replacement(Post)

This API is used to request a new card to replace a lost, stolen, damaged, or expired card.

Client Update(Post)

A client update API in a payment processing company allows users to update information for an existing client account in the payment processing system.

Account Update(Post)

This API allows for the updating of an existing account for a cardholder.

Card Update(Post)

The API facilitates the modification of an existing card associated with a specific account and cardholder.

Get Limits(Post)

This API allows customers to easily view a summary of their limit usage, providing a convenient way to keep track of their spending and manage their finances.

Card Balance Enquiry(Post)

Obtains information about the card's available funds and balances related to the product type.

Switch Restrictions(Post)

This API allows customers to seamlessly switch restrictions on their credit or debit cards, helping them to make decisions about their spending.

Update Limits(Post)

This API enables customers to quickly and easily view any limits on their credit or debit cards, helping them to make informed decisions about their spending.

Get Companies(Post)

This API enables customers to Get the details of the companies

Get Restrictions(Post)

This API enables customers to quickly and easily view any restrictions on their credit or debit cards, helping them to make informed decisions about their spending.

Bulk Card Create(Post)

Bulk card create can generate a pool of no-name plastic cards ready for instant issuance.

Bulk List Of Cards(Post)

Bulk list of cards can be used to check the status of bulk card create requests or to access the list of pre-embossed cards.

Bulk Card Summary(Post)

Bulk card summary can be used to check summary of the cards available in stock.

Bulk Move Cards(Post)

Bulk move cards can be used to move card/list of cards or batches from one client to another.

OnlineEmbossing(Post)

This API is used to immediately send a request for card embossing.

P2P Transfer(Post)

This API facilitates debiting from the "source identifier" and crediting to the "target identifier" for the requested amount within the same financial institution.

Account Transaction(Post)

This API retrieves all accounts within a commercial or multi-currency hierarchy under a specific client ID or account number.

Account Status Change(Post)

This API updates block codes on the account level for an account identifier.

Switch MCC(Post)

This API enables or disables MCC groups/codes for a card.

Release Pending Authorization(Post)

This API cancels pending authorizations. It will only search for pending authorizations.

Get MCC Controls(Post)

This API retrieves all blocked and/or allowed MCC groups and codes.

Account Balance Enquiry(Post)

The Account Balance API receives balance details of account numbers.

Account Hierarchy Enquiry(Post)

This API retrieves all accounts within a commercial or multi-currency hierarchy under a specific client ID or account number.

Get Account Transactions(Post)

This API pulls transactions which are authorized, time_based/posted, or statemented to account.

Get Dictionaries MCC(Post)

This API retrieves all blocked and/or allowed MCC groups and codes.

Set FXRates(Post)

This service is used by an FI to set FX rates for a currency.

Get FXRates(Post)

This service is used by an FI to get FX rates for a currency.

Card Contact Details(Post)

This API allows fetching the customer contact details.

Card Set Pin

Status:

Production

Version:

V2

Product:

Prepaid Solutions

Card Set PIN

Overview

This API is used to set a PIN on a card. This is typically done for newly created cards or replaced ones, and is necessary for making Point of Sales (POS) purchases. The API can also be used in the event that the cardholder forgets their PIN, but it is important to note that strong verification of the cardholder's identity should be performed before enabling this feature (e.g. through the use of biometrics, security questions, or one-time passwords).

The PIN provided through this API will be the one required for all POS purchases made with the card. To ensure the secure exchange of sensitive information, the API uses cryptography to protect the PIN. Two modes of encryption are supported: symmetric encryption and asymmetric encryption.

Symmetric encryption relies on a key exchange ceremony and requires the use of a Hardware Security Module (HSM) or a signed waiver from the bank for key handling. Asymmetric encryption, on the other hand, relies on dynamic key exchange.

For more information on encryption, refer to the 'Get Encryption Certificate' API.

Security

The API uses asymmetric encryption to secure the exchange of sensitive PIN information.

PCI-DSS compliance:

The PIN exchange strategy has been certified by the Payment Card Industry Data Security Standard (PCI-DSS), ensuring compliance with industry standards.

Secure storage of card information

The API uses software encryption and PIN block algorithms, eliminating the need for an HSM.

How It Works

This API allows for the secure configuration of a PIN on a card for Point of Sales (POS) purchases. In order to ensure the security of the PIN, the API requires the use of another API, known as the 'Get Encryption Certificate' API, to prepare the PIN before it is transported.

To use this API, the following steps must be followed:

Retrieve the encryption certificate by calling the 'Get Encryption Certificate' API. This will provide a X509 certificate containing a public key specific to your institution. Obtain the raw PIN from the cardholder through your own channels. It is important to note that this process should not be logged or stored in any way.

If you do not have access to the Card PAN, use the Card Lookup API to retrieve it. The Card PAN is required to form the Pinblock using the ISO 9564 Pinblock format Algorithm.

Form the Pinblock and encrypt it using the certificate obtained in step 1. It's important to note that the Pinblock must be in a Hexstring format before encryption. Use the encrypted Pinblock in this API to configure the PIN on the card.

This API uses a combination of software encryption (RSA 4096) and the PIN Block algorithm to ensure the secure exchange of sensitive information. Furthermore, it does not require the use of Hardware Security Modules (HSM) and can be integrated within your own applications. Additionally, the API is PCI-DSS certified, meaning that it has been certified as compliant with the Payment Card Industry Data Security Standard, and thus you don't have to worry about the security of this API.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Process 1

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Amet, sed at amet cras fringilla adipiscing nunc, in pulvinar. Sagittis pellentesque leo et proin convallis justo vitae in.

Node	Child Node	Type	Length	Description
Authorization* required	Bearer xxxx* required	string		Authorization Header (Bearer Token)
Content-Type* required	application/json* required	string		Content Type

Node Type				Type	Length	Description
NISrvRequest	request_card_set_pin	header	msg_id* required	string	12	Message ID, this field should be unique id for each Api call. This will be generated from client side. If the same message ID is used the system will decline the API call with Error Description “Duplicate Message ID”
			msg_type* required	string	12	Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “TRANSACTION”
			msg_function* required	string	50	Static Value - REQ_CARD_SET_PIN
			src_application* required	string	10	Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems
			target_application* required	string	10	The target_application can hold any value from FI side, this can be used by FI to check the target system of the API call
			timestamp* required	string	30	Timestamp of the request - Format YYYY-MM-DDtHH:MM:SS.SSS+04:00
			bank_id* required	string	4	Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC”
		body	card_identifier_id* required	string	32	Card Identifier Id
			card_identifier_type* required	string	20	CONTRACT_NUMBER is used for clear card number or EXID which is a unique identifier for the card generated by CMS
			card_sequence_number	string	2	Card sequence number Example 01
			card_expiry_date* required	string	4	2605
			encrypted_pin* required	string	20	Encrypted Pin block under ZPK Ex: 7B47D3321D4A5F63
			encryption_method* required	string	20	Encryption Method to be used for the encryption of the pin

{"NISrvRequest":{"request_card_set_pin":{"header":{"msg_id":"236001","msg_type":"TRANSACTION","msg_function":"REQ_CARD_SET_PIN","src_application":"IVR","target_application":"WAY4","timestamp":"2020-07-20T10:49:02.366+04:00","bank_id":"NIC"},"body":{"card_identifier_id":"99984100148297467162","card_identifier_type":"EXID","card_sequence_number":"01","card_expiry_date":"2704","encrypted_pin":"F41AB9C3974FE7A9","encryption_method":"SYMMETRIC"}}}}

{
    "NISrvRequest": {
        "request_card_set_pin": {
            "header": {
                "msg_id": "236001",
                "msg_type": "TRANSACTION",
                "msg_function": "REQ_CARD_SET_PIN",
                "src_application": "IVR",
                "target_application": "WAY4",
                "timestamp": "2020-07-20T10:49:02.366+04:00",
                "bank_id": "NIC"
            },
            "body": {
                "card_identifier_id": "99984100148297467162",
                "card_identifier_type": "EXID",
                "card_sequence_number": "01",
                "card_expiry_date": "2704",
                "encrypted_pin": "F41AB9C3974FE7A9",
                "encryption_method": "SYMMETRIC"
            }
        }
    }
}

Node	Child Node		Type	Length	Description
Content-Type	application/json		string		Content Type

Node Type				Type	Length	Description
NISrvResponse	response_card_set_pin	header	msg_id* required	string	12	Message ID, this field should be unique id for each Api call. This will be generated from client side. If the same message ID is used the system will decline the API call with Error Description “Duplicate Message ID”
			msg_type* required	string	12	Message Type – This can have either “TRANSACTION” or “ENQUIRY” As for this API the value expected is “TRANSACTION”
			msg_function* required	string	50	Static value - REP_CARD_SET_PIN
			src_application* required	string	10	Source Application: This is a free Text and the client can populate the source system from where the API is Initiated Example: IVR, IB, MB No Validations of these are kept at Network Systems
			target_application* required	string	10	The target_application can hold any value from FI side, this can be used by FI to check the target system of the API call
			timestamp* required	string	15	Timestamp of the response - Format YYYY-MM-DDtHH:MM:SS.SSS+04:00
			bank_id* required	string	4	Bank Id is Unique Id 4 digit code for each client and the same will be provided once the client setup is completed in our core system. For sandbox testing – Please use “NIC”
		exception_details	application_name* required	string	20	Application Name
			date_time* required	string	30	Timestamp of the response Format “YYYY-MM-DD HH:MM:SS”
			status* required	string	1	Status of the request (S/F)
			error_code* required	string	4	EAI Internal Error Code (Check error codes section for the complete list of error codes and error code descriptions)
			error_description* required	string	100	Error Description (Check error codes section for the complete list of error codes and error code descriptions)
			transaction_ref_id	string	20	The tracking_id sent in the request will be sent back in response in this field.

{"NISrvResponse":{"response_card_set_pin":{"header":{"msg_id":"236001","msg_type":"TRANSACTION","msg_function":"REP_CARD_SET_PIN","src_application":"IVR","target_application":"WAY4","timestamp":"2020-07-20T10:49:02.366+04:00","bank_id":"NIC"},"exception_details":{"application_name":"TCC-ADP","date_time":"2023-02-01T16:39:47.314+04:00","status":"S","error_code":"000","error_description":"Success"}}}}

{
    "NISrvResponse": {
        "response_card_set_pin": {
            "header": {
                "msg_id": "236001",
                "msg_type": "TRANSACTION",
                "msg_function": "REP_CARD_SET_PIN",
                "src_application": "IVR",
                "target_application": "WAY4",
                "timestamp": "2020-07-20T10:49:02.366+04:00",
                "bank_id": "NIC"
            },
            "exception_details": {
                "application_name": "TCC-ADP",
                "date_time": "2023-02-01T16:39:47.314+04:00",
                "status": "S",
                "error_code": "000",
                "error_description": "Success"
            }
        }
    }
}

Code	Description
200	Sample Description
400	Bad Request
401	Unauthorized
403	Forbidden
500	Internal Server Error
502	Bad gateway
503	Scheduled Maintenance
504	Gateway Timeout
596	Service Not Found

Prepaid Solutions

Prepaid Solutions

Overview

Activate prepaid cards

Check card balances

View transaction history

Reload cards

Resolve disputes

Manage card accounts

Client Create(Post)

Account Create(Post)

Card Create(Post)

Card Activate(Post)

Card Set Pin(Post)

Card Pin Verification(Post)

Card Pin Change(Post)

Pin Tries Counter Reset(Post)

Get CVV2(Post)

Lookup Card Identifier(Post)

Cards List(Post)

Accounts List(Post)

Card Details Enquiry(Post)

Customer Details(Post)

Card Transaction(Post)

Card Statement Summary(Post)

Card Status Change(Post)

Get Card Transactions(Post)

Card Replacement(Post)

Client Update(Post)

Account Update(Post)

Card Update(Post)

Get Limits(Post)

Card Balance Enquiry(Post)

Switch Restrictions(Post)

Update Limits(Post)

Get Companies(Post)

Get Restrictions(Post)

Bulk Card Create(Post)

Bulk List Of Cards(Post)

Bulk Card Summary(Post)

Bulk Move Cards(Post)

OnlineEmbossing(Post)

P2P Transfer(Post)

Account Transaction(Post)

Account Status Change(Post)

Switch MCC(Post)

Release Pending Authorization(Post)

Get MCC Controls(Post)

Account Balance Enquiry(Post)

Account Hierarchy Enquiry(Post)

Get Account Transactions(Post)

Get Dictionaries MCC(Post)

Set FXRates(Post)

Get FXRates(Post)

Card Contact Details(Post)

Card Set Pin

Status:

Production

Version:

V2

Product:

Prepaid Solutions

Card Set PIN

Overview

Security

PCI-DSS compliance:

Secure storage of card information

How It Works

Process 1

Process 1

Process 1

Card Set Pin

Status:

Production

Version:

V2

Product:

Prepaid Solutions

Header Request Parameters

Request Parameters