Digital Wallets
Nowadays digital wallets are widely accepted payment instruments nowadays. The CoreCard system has been built with capabilities to accept and process the transactions initiated by digital wallets. Digital wallets are offered by wallet service providers such as Google Pay, Samsung Pay & Apple Pay.
When a card is registered with any digital wallet, it initiates a token request to the token manager of the affiliated card network (i.e., MDES for Mastercard, VTS for VISA) to obtain a digital token against the card PAN. The card network then verifies whether or not the card number is within the allowed account ranges for tokenization to the digital wallet in context. Additionally, the card network asks CoreCard to verify that the card account is in good standing and can be provisioned and used to perform transactions. Once the CoreCard system grants approval, the token manager allocates a digital token against the card PAN and the token details are shared with the CoreCard system. Tokens can be allocated in the active state, or they may require other activation methods as per issuer terms and agreements with the affiliated card network. The process of getting a digital token is also called digitalization.
Once a digital token is allocated to the card PAN, CoreCard stores the information related to the digital token. This information can be retrieved and the token status modified at the cardholder's request or due to card PAN replacement or reissue.
MasterCardPushProvisioning
Action: POST
Endpoint: /api/MasterCardPushProvisioning
Use this API to generate encrypted payload for Push provisioning of a Mastercard Card details in the Payment APP(Google pay, Apple pay etc.).
Request Fields Detail
Fields | Description |
---|---|
APIVersion string Mandatory |
Version of the API to be invoked Example: 1.3 Allowable Values: 10 |
IPAddress string Mandatory |
IP Address of sender Example: 10.206.0.204 Allowable Values: 15 |
Source string Mandatory |
Source from where API Call is initiated. CoreCard have multiple value of source for internal system (CoreMoney, SelfService, IVR, MobileSelfService) For external system expected source will be WEB. Allowable Values: 50 |
CallerID string Optional |
Caller Id of source from where API is initiated. It is End User phone number. Example: 7204454214 Condition - applicable in Case of IVR Allowable Values: 20 |
CalledID string Optional |
Called Id of destination for which API is initiated. It is Corecard IVR number. Example: 7314145404 Condition - applicable in Case of IVR Allowable Values: 20 |
SessionID string Optional |
Reserved for future use Allowable Values: 50 |
ANI string Optional |
Reserved for future use Allowable Values: 0 |
DNS string Optional |
Reserved for future use Allowable Values: 0 |
Language string Optional |
Flag to retrieve error message in specific language Example: 'en' for English Allowable Values: 2 |
RequestDate string Optional |
Request Date Time of API Format: MM-DD-YYYYTHH:MM:SS Example:- 11-12-2021T13:05:10 Allowable Values: 19 |
CardNumber string Conditional |
Clear Card Number of the cardholder Valid values: 0-9 Example: 123456******0001 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 16 |
ProxyNumber string Conditional |
Proxy Number of the cardholder Valid values:0-9 Example:1005 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 19 |
AccountExpiry string Mandatory |
Expiration Date of the Card. Valid Values: 0-9 DateFormat : MMYY Example : 0925 Allowable Values: 4 |
WalletApplication string Mandatory |
Type of Wallet Valid Values: 01=Google 02=Samsung 03=Apple Example:01 Allowable Values: 2 |
TavVersionNumber string Mandatory |
Token Authentication Value Format Valid Value : 3 Allowable Values: 1 |
DataValidUntilTimestamp string Mandatory |
ISO 8601 format of the date and time (with Time Zone) the TAV expires and will no longer be honored Allowable Values: 29 |
FinancialAccountInformation string Optional |
Financial account being tokenized Allowable Values: 64 |
TokenUniqueReference string Optional |
Token Unique Reference associated with the token. Allowable Values: 64 |
PANUniqueReference string Optional |
PAN Unique Reference associated with the token. Allowable Values: 64 |
CardholderName string Optional |
Full Name of Cardholder. Format: lastname/firstname or firstname lastname. Example: Jacob B Jonas Allowable Values: 27 |
BillingAddress
Optional |
BillingAddress |
Sample Request Body
{ "APIVersion": "1.3", "IPAddress": "10.206.2.197", "Source": "WEB", "CallerID": "", "CalledID": "", "SessionID": "", "ANI": "", "DNS": "", "Language": "en", "RequestDate": "", "CardNumber": "4066846120001101", "ProxyNumber": "1310358", "AccountExpiry": "0122", "WalletApplication": "02", "TavVersionNumber": "3", "DataValidUntilTimestamp": "2017-01-19T10:05:45-05:00", "FinancialAccountInformation": "ACC123456789JL", "TokenUniqueReference": "DWSP1234567890", "PANUniqueReference": "PLSP1234567890", "CardholderName": "", "BillingAddress": { "Line1": "Link road", "Line2": "abc", "City": "Chicago", "CountrySubdivision": "", "PostalCode": "12452", "Country": "USA" } }
Response Fields Detail
Fields | Description |
---|---|
ProxyNumber string |
Proxy Number of the cardholder Valid values:0-9 Example:1005 |
CardInfo string |
Mandatory for WalletApplication =01 and 02. For walletapplication =03 Card info will not be delivered. |
TAV string |
Digital signature calculated over a concatenated string of the included field values separated by a | delimiter, in the same order as specified in the IncludedFieldsInOrder field. |
Sample Response Body
{ "Message": "Push Provisioning data generated successfully", "Status": true, "ErrorCode": "70202", "ResponseData": { "ProxyNumber": "1310358", "CardInfo": "eyJwYW5VbmlxdWVSZWZlcmVuY2UiOm51bGwsInRva2VuVW5pcXVlUmVmZXJlbmNlRm9yUGFuSW5mbyI6IkRXU1AxMjM0NTY3ODkwIiwicHVibGljS2V5RmluZ2VycHJpbnQiOiI0QzRFQUQ1OTI3RjBERjgxMTdGMTc4RUVBOTMwOERBQTU4RTI3QzJCIiwiZW5jcnlwdGVkS2V5IjoiQUQ2MUIyODg4RTY1RDE3QzYwQjg5NjREMEEzMENDQkYwMDJEMDgzN0U4RjNBNzRGNjgxRURBMEI1NDQ5NjA4M0U1Q0Q5MjA5QTkwOEI0NjJEREI2MTVEODI1MjI4REQyQjBBMjhBRUFDRjQ0OUUwRDJGRkI1MzczNUZEMUUyQTlCQTc4RDAwNzk5NTZGN0IyMjQ0M0YzRTcwOUNDNTNENzBEOEJCODNFMzM3ODgyMjZGRjY5ODU2NTk4OEZERTM4MzBCQUE1MjczMzRGM0ZBREI1RUI2NDkyQThEOEMwODgzNzkwNzdENEJGMUZGNzk5Rjc5RUQ0RjkzRjA0NTczRDU1RjQ5OEEwNUUwNTFFOTI1QjFGNDJGM0RGMjkxRTQ2N0Y5OUY4NTAyQTFDMEIzRUUxRTBGNkZBODA0QzI1MjY1QzU2ODg4RDE5ODFCOTA3RjIwMDg5OEU2Nzc5NzREMTlENUIwMjlGODgzRTM4RDQyNzc5QjZBNjRFMzIzMjIzODU2OTA3OTExQTIzMzE0NzZDNjA3NzU5NTVEODQyMjY4RDU0NDRBM0VGMEY0M0MxMTIxRkJDQjBGRTZCRjVDQjk4NDg0QkFGRDk5Nzg0ODJENEI0NjI4Rjc5NEYzMEFBNjM1NTBCRUJERUE0MjY3NEIzQzc1NDZFMERCQzg3REMiLCJvYWVwSGFzaGluZ0FsZ29yaXRobSI6IlNIQTI1NiIsIml2IjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAiLCJlbmNyeXB0ZWREYXRhIjoiQUEzQTM4NEMyOUY4RTc1NTQ1NjVBRUFDN0RCRDBBOTMwMjU2Nzc2RUZBQ0JBMzIwREMzODYxOTM1NEU3QjM4NzlBQjI0QUE5MzcwRDExM0Y3OTBFQkI3RDc1MDU2OTI0MEFEQzEyODhCRkI0NDk1QzRFQThBRjE1N0NEQzJGMkVEMzQyODBCQjlERjU0MDFFQTg0MDhEOEVDMjhCMTNFQUEzNTI5OTM5OEIzRkZBODhEN0FBNEEzOUQ4MDM2MTAwQzg4Nzg4MjhFQUMxQTI2MkM3RkE4NUM0NzUyMDczNjI0MkQ5MTNCNEIxODM3OEJBODUxRTQ5MkQyQTRDRjkzRCJ9", "TAV": "eyJ2ZXJzaW9uIjoiMyIsInNpZ25hdHVyZUFsZ29yaXRobSI6IlJTQS1TSEEyNTYiLCJkYXRhVmFsaWRVbnRpbFRpbWVzdGFtcCI6IjIwMTctMDEtMTlUMjA6MzU6NDUrMDU6MzAiLCJpbmNsdWRlZEZpZWxkc0luT3JkZXIiOiJkYXRhVmFsaWRVbnRpbFRpbWVzdGFtcHx0b2tlblVuaXF1ZVJlZmVyZW5jZSIsInNpZ25hdHVyZSI6IkdIdzduU1Q3RzhTY3RuSkcrZDNwTnRFM0FiR3diSnpIa2NsOWU4UlJIcTlndEltb2JNNy95VENtMHk2NkdwbTdPczVmMnZiWERGamN0bEs3aWQrZ2tZU1hGeEhyR1dpVWlmL0JhL0N6UmY1Ym5pWFloanNyMHFEL0l5NVliUEFOQWhVbGlKSUhqcnUwZVlpWEk0T2JBeVpOeUJWMTROR0d4TkJFTDJkL3Rmamw4aGRZMnB3Q1NzWVZ5NnY0Z0pDT2xxd3Z5c2Y5cHhaQkdUTGUvS0lMNkRJSThUQmRLWEx1MTlaSFQvNWMvSjVFQWxPUnUwbDBpSGJpdnNxY2NhcFY4bVI3ZytINUNuQXpzSis5cTBTWmlCejdZRXFyWFhQWnJBMEZvbmRLdXppT0pxQVNRVGdRVE12OVVmVkxxQ0JzdE1SVHhJUDE1NmFMZGFZZ2RUQVRFUT09In0=" } }
VISAPUSHProvisioning
Action: POST
Endpoint: /api/VISAPUSHProvisioning
Use this API to generate encrypted payload for Push provisioning of a Visa Card details in the Payment APP(Google pay, Samsung pay etc.).
Request Fields Detail
Fields | Description |
---|---|
APIVersion string Mandatory |
Version of the API to be invoked Example: 1.3 Allowable Values: 10 |
IPAddress string Mandatory |
IP Address of sender Example: 10.206.0.204 Allowable Values: 15 |
Source string Mandatory |
Source from where API Call is initiated. CoreCard have multiple value of source for internal system (CoreMoney, SelfService, IVR, MobileSelfService) For external system expected source will be WEB. Allowable Values: 50 |
CallerID string Optional |
Caller Id of source from where API is initiated. It is End User phone number. Example: 7204454214 Condition - applicable in Case of IVR Allowable Values: 20 |
CalledID string Optional |
Called Id of destination for which API is initiated. It is Corecard IVR number. Example: 7314145404 Condition - applicable in Case of IVR Allowable Values: 20 |
SessionID string Optional |
Reserved for future use Allowable Values: 50 |
ANI string Optional |
Reserved for future use Allowable Values: 0 |
DNS string Optional |
Reserved for future use Allowable Values: 0 |
Language string Optional |
Flag to retrieve error message in specific language Example: 'en' for English Allowable Values: 2 |
RequestDate string Optional |
Request Date Time of API Format: MM-DD-YYYYTHH:MM:SS Example:- 11-12-2021T13:05:10 Allowable Values: 19 |
CardNumber string Conditional |
Clear Card Number of the cardholder Valid values: 0-9 Example: 123456******0001 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 16 |
ProxyNumber string Conditional |
Proxy Number of the cardholder Valid values:0-9 Example:1005 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 19 |
provider
Optional |
|
billingAddress
Optional |
Billing address associated with the payment instrument. |
name string Optional |
Full Name of Cardholder. Format: lastname/firstname or firstname lastname. Example: Jacob B Jonas Allowable Values: 28 |
expirationDate
Optional |
Group with details of Expiration of Card |
Sample Request Body
{ "APIVersion": "1.3", "IPAddress": "10.206.2.197", "Source": "WEB", "CallerID": "", "CalledID": "", "SessionID": "", "ANI": "", "DNS": "", "Language": "en", "RequestDate": "", "CardNumber": "", "ProxyNumber": "1319647", "provider": { "clientAppID": "MyApp", "clientDeviceID": "ed6abb56323ba656521ac476", "clientWalletProvider": "40000000047", "clientWalletAccountID": "walletid", "intent": 0, "IdentityVerificationRequired": "false" }, "billingAddress": { "line1": "801Metro Center Blvd", "line2": "801Metro2", "city": "Foster City", "state": "CA", "postalCode": "94404", "country": "US" }, "name": "Your Name", "expirationDate": { "month": "02", "year": "2021" } }
Response Fields Detail
Fields | Description |
---|---|
ProxyNumber string |
Proxy Number of the cardholder Valid values:0-9 Example:1005 |
EncryptedData string |
Encrypted Payload calculated over a the field values of Input. |
Sample Response Body
{ "Message": "Encrypted payload generated successfully.", "Status": true, "ErrorCode": "90057", "ResponseData": { "ProxyNumber": "1319647", "EncryptedData": "eyJhbGciOiJBMjU2R0NNS1ciLCJlbmMiOiJBMjU2R0NNIiwia2lkIjoiODNGNEVFQjIiLCJjaGFubmVsU2VjdXJpdHlDb250ZXh0IjoiU0hBUkVEX1NFQ1JFVCIsInR5cCI6IkpPU0UiLCJpYXQiOjE2MjE5NDg2NzgsIml2IjoickhzUG5QMEZqazB4MXV5ViIsInRhZyI6IncxeFIyRGx0SGR1YWdNa090SFBEMVEifQ.UkUxwwakAMAybneKghkHsNP36E5wVubfOuxqXT-2Ol4.ltxKRYuFSFGlJxpP.5MUBLhfG6Og4GVamW4ifLTUJVF0TbCgGxe_eeBANDQ3N1O_m_WMiohujfRRzRsMdDL3iFzfPAtbGb_8QT_oDkzv1Not2PQCYYcnobn-3j3cT2qNE-v6jtdSUtUhMPbe4cHdFFEdZBWhVftZSAv41bDTxgi7W1YVM_73IL__OtkEAFIEoDhHSbwWSidgFZawSRSB9QykMj92TsUl0zlDworpjt1QVGoQcziFt0FqJTt7b9FXHoEfO2KCBBJhanwpQ2VUrCMOFwyDSdJjrjpjChYXtUkRGucxxJDLDlj9kL4OL1GDtuF5ZpbUksy2Fbi60QrbC07ce8yFiDFNj9yfNYQy9rnFm_VqjDS2FZAUcx8qHKfTUFpmDL-dDeEO_WrXnWLe7sArekcNAxremjOOpiCxE2It34V50zrrcqdwvd-LCUttp01Wur3wG5x6QVLuBeYLr-MWf9QXQv72hM_hqNN6YA4LvlbNrIXo8-6EhK7jVeH6UdoUNU1C0LyUhIFTKyosPM7RNAgb3hOa_Vb0rdfYMiM5bW3_rujNTK_lNqr8upUCBV5tB_bfGr_Lblct-c9CuJyfq-2E.eWwtbRyP2vKNIQMtk97atA" } }
VISAPUSHProvisioningMBPAC
Action: POST
Endpoint: /api/VISAPUSHProvisioningMBPAC
Use this API to generate encrypted payload for Push provisioning of a Visa Card Activation data in the Payment APP(Apple pay).
Request Fields Detail
Fields | Description |
---|---|
APIVersion string Mandatory |
Version of the API to be invoked Example: 1.3 Allowable Values: 10 |
IPAddress string Mandatory |
IP Address of sender Example: 10.206.0.204 Allowable Values: 15 |
Source string Mandatory |
Source from where API Call is initiated. CoreCard have multiple value of source for internal system (CoreMoney, SelfService, IVR, MobileSelfService) For external system expected source will be WEB. Allowable Values: 50 |
CallerID string Optional |
Caller Id of source from where API is initiated. It is End User phone number. Example: 7204454214 Condition - applicable in Case of IVR Allowable Values: 20 |
CalledID string Optional |
Called Id of destination for which API is initiated. It is Corecard IVR number. Example: 7314145404 Condition - applicable in Case of IVR Allowable Values: 20 |
SessionID string Optional |
Reserved for future use Allowable Values: 50 |
ANI string Optional |
Reserved for future use Allowable Values: 0 |
DNS string Optional |
Reserved for future use Allowable Values: 0 |
Language string Optional |
Flag to retrieve error message in specific language Example: 'en' for English Allowable Values: 2 |
RequestDate string Optional |
Request Date Time of API Format: MM-DD-YYYYTHH:MM:SS Example:- 11-12-2021T13:05:10 Allowable Values: 19 |
CardNumber string Conditional |
Clear Card Number of the cardholder Valid values: 0-9 Example: 123456******0001 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 16 |
ProxyNumber string Conditional |
Proxy Number of the cardholder Valid values:0-9 Example:1005 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 19 |
nonce string Mandatory |
Required for Issuer mobile banking app initiated provisioning requests to Apple. Contains the data of the nonce field, in hexBinary, received by the issuer from Apple's servers. This is used to verify that the same device is used with the issuer's mobile banking app and the provisioning request sent to Visa and helps prevent replay. Allowable Values: 256 |
authcode string Mandatory |
Contains a 6-character code generated by the issuer that is specific to the current provisioning request. Used by Issuer and Visa to identify specific activation codes in problem resolution or authentication related questions. Format is alphanumeric (allowed characters include: '0' through '9'and 'A' through 'Z',characters must be in uppercase, must not contain all zeros or all spaces). Allowable Values: 6 |
Sample Request Body
{ "APIVersion": "1.3", "IPAddress": "10.206.2.197", "Source": "WEB", "CallerID": "", "CalledID": "", "SessionID": "", "ANI": "", "DNS": "", "Language": "en", "RequestDate": "", "CardNumber": "4066846120001101", "ProxyNumber": "1310358", "nonce": "fkhejgjjkd", "authcode": "E4ER67" }
Response Fields Detail
Fields | Description |
---|---|
ActivationData string |
Activation data formatted in below format. type-version-keyscheme-keysetidentifier-ephemeralkey-algorithm-encryptedinformation. E.g. MBPAC-1-FK-123456.1-TDEA-7AF291C91F3ED4EF92C1D45EFF127C1F9ABC12347E |
ProxyNumber string |
Proxy Number of the cardholder Valid values:0-9 Example:1005 |
Sample Response Body
{ "Message": "Encrypted payload generated successfully.", "Status": true, "ErrorCode": "90057", "ResponseData": { "ActivationData": "TUJQQUMtMS1GSy00MDY2ODUuMS0tVERFQS1BNTg1NTAyQkUwQTA5N0FDM0IxQTU5NUQwQUNCOEVBNEVCQzA2ODFFRDU2OUVGRjJGMzlDMTc1MTY0RjZDMzFDRDk0MzVCQ0NBODQ4NzBCRA==", "ProxyNumber": "1310358" } }
VISAPUSHProvisioningMBPAD
Action: POST
Endpoint: /api/VISAPUSHProvisioningMBPAD
Use this API to generate encrypted payload for Push provisioning of a Visa Card Authentication data in the Payment APP(Apple pay).
Request Fields Detail
Fields | Description |
---|---|
APIVersion string Mandatory |
Version of the API to be invoked Example: 1.3 Allowable Values: 10 |
IPAddress string Mandatory |
IP Address of sender Example: 10.206.0.204 Allowable Values: 15 |
Source string Mandatory |
Source from where API Call is initiated. CoreCard have multiple value of source for internal system (CoreMoney, SelfService, IVR, MobileSelfService) For external system expected source will be WEB. Allowable Values: 50 |
CallerID string Optional |
Caller Id of source from where API is initiated. It is End User phone number. Example: 7204454214 Condition - applicable in Case of IVR Allowable Values: 20 |
CalledID string Optional |
Called Id of destination for which API is initiated. It is Corecard IVR number. Example: 7314145404 Condition - applicable in Case of IVR Allowable Values: 20 |
SessionID string Optional |
Reserved for future use Allowable Values: 50 |
ANI string Optional |
Reserved for future use Allowable Values: 0 |
DNS string Optional |
Reserved for future use Allowable Values: 0 |
Language string Optional |
Flag to retrieve error message in specific language Example: 'en' for English Allowable Values: 2 |
RequestDate string Optional |
Request Date Time of API Format: MM-DD-YYYYTHH:MM:SS Example:- 11-12-2021T13:05:10 Allowable Values: 19 |
CardNumber string Conditional |
Clear Card Number of the cardholder Valid values: 0-9 Example: 123456******0001 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 16 |
ProxyNumber string Conditional |
Proxy Number of the cardholder Valid values:0-9 Example:1005 Condition : At least one of Card Number/Proxy Number is required. Allowable Values: 19 |
expiry string Mandatory |
Expiration Date of the card. Valid Values: 0-9 DateFormat : MMYY Example : 0925 Allowable Values: 4 |
datetime string Mandatory |
Date and Time in GMT when issuer constructs the Provisioning Authentication Data. Format:yyyymmddhhmmss Example:20191204224500 Allowable Values: 16 |
Sample Request Body
{ "APIVersion": "1.3", "IPAddress": "10.206.2.197", "Source": "WEB", "CallerID": "", "CalledID": "", "SessionID": "", "ANI": "", "DNS": "", "Language": "en", "RequestDate": "", "CardNumber": "", "ProxyNumber": "1319647", "expiry": "0220", "datetime": "20191204224500" }
Response Fields Detail
Fields | Description |
---|---|
AuthenticationData string |
Authentication data formatted in below format. type-version-keyscheme-keysetidentifier-ephemeralkey-algorithm-encryptedinformation. E.g. MBPAD-1-FK-123456.1-TDEA-7AF291C91F3ED4EF92C1D45EFF127C1F9ABC12347E |
ProxyNumber string |
Proxy Number of the cardholder Valid values:0-9 Example:1005 |
Sample Response Body
{ "Message": "Encrypted payload generated successfully.", "Status": true, "ErrorCode": "90057", "ResponseData": { "AuthenticationData": "TUJQQUQtMS1GSy00MDY2ODMuMS0tVERFQS03NTI4MjI0OTEzOEQ2ODMwNUFBNTk3QUJCMkU3OEZENENFOTQ4RkY1MkY1RjNEQUY0MjY4ODM3NTY3N0M0QjgxRjBCQTkxRUY2NEY4NTJDMDUzQ0I0NzcyMzcyRTc4MDlGMUZBODRGMTk0QzA5NDNCODQ2NzIwRTlDRDA5MTY3MUFBNTQ3NUZERTdGMEE1NUQ=", "ProxyNumber": "1319647" } }