> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/3d-secure/get-started/manage-cards/create-virtual-cards.md).

# Create virtual cards

Virtual cards are used exclusively for e-commerce payments and tokenization use cases.

## Domain controls for virtual cards

The domain controls that you can configure for a virtual card are limited to:

* International payment control
* Denied currency list
* Forbidden merchant category list (MCC list)

## Use dynamic CVV (dCVV2)

You can configure the virtual card product to enable dynamic CVV (also referred to as DCVV or dCVV2).

When DCVV is enabled:

* A new dynamic CVV is generated each time the virtual card is displayed with the D1 SDK.
* The dynamic CVV is valid only for a limited period, which you configure in the card product.

This reduces the risk of card-on-file (COF) data being misused, as the CSC / CVV2 value frequently changes.

## Virtual card renewal

The virtual card renewal process is transparent for the end user.

When renewal is enabled for the virtual card product:

* D1 automatically renews the virtual card before its expiration date.
* D1 automatically activates the renewed card.
* D1 generates a new expiry date but keeps the same PAN.
* D1 keeps the same `cardId` for the renewed card.
* The renewed card is automatically displayed the next time it is shown through the D1 SDK.
* D1 updates existing digital cards with the new expiry date.

As a result, the end user can continue to use the virtual card for e-commerce payments and Tokenization without any manual action.

## Sequence diagram

<figure><img src="/spaces/62lLFDcmLCeqqwmy4Fee/files/Fylj27cqPUUHWLZuSqNq" alt="Virtual card creation flow diagram"><figcaption><p>Virtual card creation and activation flow</p></figcaption></figure>

If the virtual card is created with state `active`, it is immediately ready for a first payment.

When the card is created:

* D1 returns a `cardId`.
* The `cardId` is not the PAN; it is a technical unique identifier for the card.
* The `cardId` is used with the D1 API and the D1 SDK to reference the card for any subsequent operation.
* If the consumer referenced in Create Card is not yet register in D1 then D1 register it from the `consumerId`&#x20;

Once created, you can use the same virtual card across different D1 Digital services, for example:

* [Transaction control](https://docs.payments.thalescloud.io/transaction-control/)
* [Secure card display](https://docs.payments.thalescloud.io/secure-card-display/)
* [Tokenization](https://docs.payments.thalescloud.io/tokenization/)
* [Push provisioning](https://docs.payments.thalescloud.io/push-provisioning/)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.payments.thalescloud.io/3d-secure/get-started/manage-cards/create-virtual-cards.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.