Virtual Cards
Create and manage virtual cards for your customers using the Weavr Multi API. Virtual cards are created instantly and can be used for e-commerce and online purchases.
Onboard an Identity
You must assign a virtual card to a corporate or consumer identity before the card can be used. This identity can also be described as the card owner.
Onboard corporate identities by following the corporate identity onboarding guide and consumer identities by following the consumer identity onboarding guide.
Create a card assignee as an Authorised User
Weavr does not support anonymous cards. All cards must be linked to a card assignee. Therefore, for a card to be used, it must be linked to a card assignee that has been created in the system as an Authorised User.
Follow the steps in the Authorised User section to create the user, set their credentials, and verify their mobile number by enrolling them for an authentication factor.
At the point of creating a virtual card, you will be required to enter the id of the Authorised User who will be assigned the card. At this point, it will be validated that the following information has been provided for the Authorised User card assignee:
- name
- surname
- date of birth
- verified mobile number (enrolled for an SCA factor)
- country of residence
Log in an End-User
To create a card for an identity, you must log in an end-user belonging to the identity. You need your API key and an active end-user authentication token to create a card. Read more about authentication in the authentication guide.
Stepped-up Token
Creating a managed card requires the end-user to perform two-factor authentication, therefore your active end-user token is required to be stepped-up. For more information read step-up authentication.
If you are using a one-time password via text message authentication method, then use the below endpoints.
the logged-in user must have enrolled their mobile device for strong customer authentication.
This will trigger an SMS to be sent to the end-user. Your application must have a page available where the user can enter the verification code provided in the text message. You must provide the code to the below endpoint.
If you are using a push notification mechanism like Twilio Authy, then you can use the below endpoint to send a push notification to the end-user's enrolled device.
Create a Virtual Card
Create a card for the logged-in identity.
To create a card, you need to provide the profileId. You can find your card profile IDs in the Multi Portal > API Credentials section. Card profiles contain configuration that determines the behaviour and properties of the card.
When creating the card, provide the id of the Authorised User that will be the card assignee. Whenever there are actions related to the card that require two-factor authentication (such as 3DS for online transactions, or manually provisioning a card to a digital wallet) the enrolled SCA channel of the user will be used. See also corporate and consumer authentication configuration.
nameOnCard is a separate field in the create a virtual card endpoint. This is because cards can only accommodate fewer characters than are allowed in the name fields of the Authorised User. Wherever possible, the nameOnCard should match the name of the card assignee/Authorised User. When this is not possible, a shortened version of the name should be used
You can create virtual cards in prepaid or debit mode. This determines the funds that the card has access to. Read more about the different modes in the card modes guide.
In the API response, Weavr returns the card details of the newly created card.
The card number and CVV are considered PCI-sensitive data and therefore will be returned to you tokenised. Read more about how to handle card sensitive data in the card sensitive data guide.