💳

Card

Issue, activate, and manage physical and virtual cards for your customers. View encrypted card details, retrieve transaction history, control card access, and raise disputes — all through a unified API.

🪙 Single & bulk issuance🔒 Block / unblock🛡️ AES-256 encrypted details⚖️ Dispute management

Card Journey

1

🪙 Issue a card

Call Request Card for a single customer or Bulk Card Request for multiple customers in one call. Each request returns an id to track the issuance status.

2

✅ Activate the card

Once issued, use Activate Card with the card id and the customer's chosen PIN to bring the card into an active, usable state.

3

📊 Monitor usage

Retrieve encrypted card details via Card Details and review spend history with Card Transactions. Sensitive fields are AES-256-CBC encrypted — decrypt them server-side with your key.

4

🛡️ Manage and protect

Block a card instantly if suspicious activity is detected and Unblock it once cleared. Let customers update their PIN via Change Card PIN, and raise a Dispute for any queried transaction.

Important Notes

Encrypted card details

The Card Details endpoint returns expiryYear, expiryMonth, firstSix, and lastFour as AES-256-CBC encrypted hex strings. You must decrypt these server-side using your secret key before displaying or processing them.

Bearer token required

All endpoints require a valid Bearer token. Obtain one from the Access Token endpoint and pass it as Authorization: Bearer <token>.

Endpoints

Issuance

POST

Request Card

Submits a card issuance request for a single customer. Returns a request id for tracking the issuance status.

v1 legacy docs →

POSTBeta

Bulk Card Request

Submits card issuance requests for multiple customers in one call. Each record is processed independently with per-item success or failure in the response.

v1 legacy docs →

Lifecycle Management

POST

Activate Card

Activates an issued card. Requires the card id and the customer's PIN to authorise the operation.

v1 legacy docs →

POST

Block Card

Immediately blocks a card to prevent further transactions. Requires the card id and PIN.

v1 legacy docs →

POST

Unblock Card

Restores a blocked card to active status. Requires the card id and PIN.

v1 legacy docs →

POST

Change Card PIN

Updates the card PIN. Requires the current PIN (oldPin) for authorisation and the new PIN (newPin).

v1 legacy docs →

Information

GET

Card Details

Retrieves card metadata. Sensitive fields (expiryYear, expiryMonth, firstSix, lastFour) are returned AES-256-CBC encrypted — decrypt server-side with your key.

v1 legacy docs →

GETBeta

Card Transactions

Retrieves the full transaction history for the specified card.

v1 legacy docs →

Disputes

POSTBeta

Create Dispute

Raises a dispute for a queried transaction. Provide the transaction ID, reason code, optional proof URL, and a free-text explanation.

v1 legacy docs →