Virtual Cards
Create and manage virtual cardsVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode. for your customers using the Weavr MultiMulti Weavr Multi is an embedded finance solution that allows you to integrate financial services into your own application, providing a seamless experience for your customers. It enables you to offer managed accounts, managed cards, and transactions without requiring financial expertise. API. Virtual cardsVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode. are created instantly and can be used for e-commerce and online purchases.
Onboard an Identity
You must assign a virtual cardVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode. to a corporate or consumer identity before the card can be used. This identity can also be described as the card owner.
Onboard corporate identities by following the corporate identity onboarding guide and consumer identities by following the consumer identity onboarding guide.
Create a card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users. as an Authorised User
Weavr does not support anonymous cards. All cards must be linked to a card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users.. Therefore, for a card to be used, it must be linked to a card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users. that has been created in the system as an Authorised User.
Follow the steps in the Authorised User section to create the user, set their credentials, and verify their mobile number by enrolling them for an authentication factor.
At the point of creating a virtual cardVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode., you are required to enter the id of the Authorised User who is assigned the card. At this point, the system validates that the following information has been provided for the Authorised User card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users.:
- name
- surname
- date of birth
- verified mobile number (enrolled for an SCASCA Strong Customer Authentication - a two-factor authentication solution required by PSD2 regulations for when end-users are accessing their payment account sensitive information or initiating transactions. SCA requires at least two of the following: something you know (password), something you have (device), or something you are (biometrics). factor)
- country of residence
Log in an End-User
To create a card for an identity, you must log in an end-user belonging to the identity. You need your API key and an active end-user authentication token to create a card. Read more about authentication in the authentication guide.
Stepped-up Token
Creating a managed cardManaged Card A payment card (virtual or physical) that can be created and managed through the Weavr platform. Cards can operate in prepaid mode (with their own balance) or debit mode (linked to a managed account). All cards must be assigned to a card assignee who is an Authorised User. requires the end-user to perform two-factor authentication, therefore your active end-user token is required to be stepped-up. For more information read step-up authentication.
If you are using a one-time password via text message authentication method, then use the below endpoints.
the logged-in user must have enrolled their mobile device for strong customer authentication.
This triggers an SMS to be sent to the end-user. Your application must have a page available where the user can enter the verification code provided in the text message. You must provide the code to the below endpoint.
Create a Virtual CardVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode.
Create a card for the logged-in identity.
To create a card, you need to provide the profileId. You can find your card profile IDs in the Multi Portal > API Credentials section. Card profiles contain configuration that determines the behaviour and properties of the card.
When creating the card, provide the id of the Authorised User that will be the card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users.. Whenever there are actions related to the card that require two-factor authentication (such as 3DS3DS 3-D Secure - an additional security layer for online credit and debit card transactions. It adds an authentication step where the cardholder verifies their identity with the card issuer during the purchase, reducing fraud and providing liability protection for merchants. for online transactions, or manually provisioning a card to a digital wallet) the enrolled SCASCA Strong Customer Authentication - a two-factor authentication solution required by PSD2 regulations for when end-users are accessing their payment account sensitive information or initiating transactions. SCA requires at least two of the following: something you know (password), something you have (device), or something you are (biometrics). channel of the user will be used. See also corporate and consumer authentication configuration.
nameOnCard is a separate field in the create a virtual cardVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode. endpoint. This is because cards can only accommodate fewer characters than are allowed in the name fields of the Authorised User. Wherever possible, the nameOnCard should match the name of the card assigneeCard Assignee The person that a card is assigned to and who will use the card. For consumers, the card owner and card assignee are the same person. For corporates, the card assignee and card owner are different entities - the corporate is the card owner and the person using the card is the card assignee. Card assignees must be created as Authorised Users./Authorised User. When this is not possible, a shortened version of the name should be used
You can create virtual cardsVirtual Card A payment card that is created instantly and can be used for e-commerce and online purchases. Virtual cards are issued through the Mastercard network and are automatically enrolled in the 3D Secure program for increased security and limited fraud risk. They can be created in prepaid or debit mode. in prepaid or debit modeDebit Mode A card mode where the card does not have a balance of its own. Instead, debit cards are linked to a parent managed account and the system uses the linked account's balance to authorise and settle purchases registered on the card. Spend limits can be specified on the card via spend controls.. This determines the funds that the card has access to. Read more about the different modes in the card modes guide.
In the API response, Weavr returns the card details of the newly created card.
The card number and CVV are considered PCI-sensitive data and therefore will be returned to you tokenised. Read more about how to handle card sensitive data in the card sensitive data guide.