Entrada (del emisor)
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
getCardInfo response payload
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
Bad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
Identifier of the virtual card to update
getTokenInfo response payload
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
Identifier of the virtual card to update
Wallet funding card unique identifier Conditional: If provided by Wallet provider.
Wallet Provider identifier, defined by Thales
When TSH acts as OEM Pay broker for Domestic scheme:
| walletProviderId | Description |
|---|---|
| APPLE_PAY | Apple Pay Wallet |
| SPAYHCE | Samsung Pay Wallet |
| ANDROID_PAY | Google Pay Wallet |
When TSH acts as ITSP:
| walletProviderId | Description |
|---|---|
| APPLE_PAY | Apple Pay Wallet |
| SAMSUNG_PAY | Samsung Pay Wallet |
| GOOGLE_PAY | Google Pay Wallet |
| GARMIN_PAY | Garmin Pay Wallet |
| FITBIT_PAY | Firbit Pay Wallet |
| Facebook eCom Wallet | |
| VISA_CHECKOUT | Visa Checkout eCom Wallet |
| NETFLIX | Netflix eCom Wallet |
For other wallet (such as HCE Wallet), id is provided during on-boarding phase
Wallet virtual card unique identifier Conditional: If provided by Wallet provider.
Last 4 digits of the token
Additional information about the token of the virtual card This field is conditional to the TSP and provided only during enrolment. The tokenInfo is the json (cf http://www.json.org/ ) representation of the Token.
This value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:
-
The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.
-
The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.
The key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.
It is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new issuers. -
The encryption result is then encoded using base64.
-
The public key length in the certificate can be 2048-bit or 4096-bit.
Once deciphered, the cardInfo contains the following information:
| JSON field parameter name | description | MOC | Length |
|---|---|---|---|
| pan | The token PAN | M | Up to 19 |
| exp | The token expiry date in the format MMYY. It is not provided for UPI scheme. | C | 4 |
| fpan | The funding PAN. It is provided for Domestic scheme. | C | Up to 19 |
| fpanExpiryDate | The card expiry date in the format MMYY. It is provided for Domestic scheme. | C | 4 |
| paymentAccountReference | The payment account reference. It can be provided for Domestic scheme. | O | 58 |
| originalToken | The device-based token used to request the digitization | O | Up to 19 |
| originalTokenReferenceID | The unique reference of the original Token | O | Up to 32 |
| originalTokenAssuranceLevel | The assurance level of the orginal Token - RFU | O | 2 |
NOTE
originalToken,originalTokenReferenceID and originalTokenAssuranceLevel are provided ONLY by VISA in case of a Token for Token digitization flow.
The type of token the TSP has created or for which the request is sent. It applies to VISA, MasterCard and UPI. Following values are supported:
- SE (token for a secure element)
- HCE (token for Host Card Emulated device)
- COF (token for a card on file)
- ECOM (token for ecommerce)
- QRC (token for QRCode)
Unique identifier of the card product associated to the token. Provided for domestic scheme.
Identifier of the publick key used to secure the tokenDetails
If available, the provisioning time the Virtual card. In format ISO 8601 YYYY-MM-DDThh:mm:ssTZD
If available, the last replenishment time of the Virtual card credentials. In format ISO 8601 YYYY-MM-DDThh:mm:ssTZD
If available, the time of the last change occured on the token state. In format ISO 8601 YYYY-MM-DDThh:mm:ssTZD
Current status of the token
The token assurance level indicates the level of assurance of the token. This is given by the ID&V method that has been used to authenticate the consumer on the specific token for example when the token is created (during the digitization flow) or, in case of a COF token, when a binding flow is executed.
Following values are supported:
- 00 (ID&V not performed)
- 10 (Card Issuer Account Verification)
- 11 (Card Issuer Interactive Verification - 1 Factor)
- 12 (Card Issuer Interactive Verification - 2 Factor)
- 13 (Card Issuer Oriented Non-Interactive Cardholder Authentication)
- 14 (Card Issuer Asserted Authentication)
NOTE: applies only to VISA
Boolean Flag indicating whether the token is primary or auxiliary.
trueBad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
New issuerCardRefId to be updated, provided only if the issuerCardRefId change after a PAN,exp or productId replacement.
Note, the newIssuerCardRefId is not mandatory and it is preferable to keep the same issuerCardRefId after updateCard
This field has been added to the API for issuers that are not able to manage the same identifier following a PAN/exp date update.
Old and new FPAN details (for example in case of card renewal)
This value is encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:
- The content encryption algorithm used is AES256/CBC/PKCS7Padding
- The key encryption algorithm is RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) using the TSH certificate provided during onboarding.
- The encryption result shall be provided as hexadecimal string.
The format of the data is:
{
"oldFPAN": "[0-9]{16,19}",
"oldExpDate": "MMYY",
"oldPSN": "[a-fA-F0-9]{2}",
"newFPAN": "[0-9]{16,19}",
"newExpDate": "MMYY",
"newPSN": "[a-fA-F0-9]{2}"
}
NOTE1: all fields are MANDATORY...
NOTE2: oldPSN and newPSN apply ONLY to AMEX
^[a-fA-F0-9]+Identifier of the key used to encrypt fpanDetails.
Provided by Thales to Issuer during onboarding.
New ProductId to be used for digital card (for example: product upgrade).
This field is mutually exclusive to "fpanDetails" AND "metadata".
NOTE:
- UPI: not applicable.
- Mastercard: the supported range is 0-10
Successful (no response body)
Sin contenido
Bad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Sin contenido
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
The unique identifier of the funding card state to update.
If provided, it update the state of all active or suspended tokens that belongs to the funding card identified by issuerCardRefId
mandatory if virtualCardId is not provided
The unique identifier of the virtual card state to update.
mandatory if issuerCardRefId is not provided
reference of the device binding process/link to the Virtual Card.The deviceBindingReference is used only with action UNBIND_DEVICE and APPROVE_DEVICE_BINDING (VTS only. Note that this field corresponds to the deviceIndex)
action to update the state Note: ERASE aims to be use in the context of GDPR compliancy, TSH will take care of erasing everything related to the given card/tokens when receiving this action.
Reason of the token(s) state update
Here is the possible values:
- 11 : User decision
- 21 : Issuer decision
- 31 : Device lost
- 32 : Device stolen
Successful (no response body)
Sin contenido
Bad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Sin contenido
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
Identifier of the virtual card to update
The unique identifier of the funding card.
This value is generated and manage by the issuer.
This value can be updated in case of funding PAN replacement by the issuer.
The value for this language localization code is an IETF Language (https://en.wikipedia.org/wiki/IETF_language_tag) Tag, such as “en-us”. Region Designator should be one of the valid ISO 3166-1 alpha-2 codes, which can be found in this link: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 Language Designator should use the two-letter ISO 639-1 standard (preferred) or the three-letter ISO 639-2 standard, which can be found in this link : https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes
Textual message that must be sent to end user
An optional value provided in case the issuer mobile application support deep link If messageToken is provided, the wallet application will enable the deep link feature for this particular message
Expiration date of the message RFC3339 format.
sendMessage response payload
Sin contenido
Bad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Sin contenido
Unique identifier of a give session (enrolment session or Life Cycle Management session), used to link inbound and outbound requests of the same session together
Unique identifier used to identify the issuer
succesfull
Bad Request, Invalid request URI or header, or unsupported nonstandard parameter
Internal Server Error
Sin contenido
Última actualización
¿Te fue útil?