Card
Activate Physical Card
POST
Activates a physical card. The card status must be
ToActivate; after successful activation, it becomes Activated. The cvv must be encrypted with AES/ECB/PKCS5Padding + Base64 before being passed in. Transmitting plaintext CVV in the request body is strictly prohibited.
- Plaintext CVV must be 3 digits only.
card_last_nomust match the last four digits of the card number recorded on the platform.cardholder_nomust belong to the cardholder associated with this card.- For encryption algorithm details, see the “Code Utilities” section.
Request Headers
apiKey (merchant credential, bound to IP whitelist)
Unix timestamp in milliseconds. The deviation from the server time must be within 60 seconds, and future timestamps are not accepted.
Login token (required for all interfaces except Get Token).
Fixed to
application/jsonRequest Body
Cardholder order number.
Card order number.
Encrypted CVV (Base64 ciphertext).
Last four digits of card number.
Response Parameters
Response status code.
0 indicates success.Response message.
Response data.
