Verification card mapping notification

Introduction

Verification card mapping notification is initiated through HTTPS POST request by using URLs and the parameters.
Card mapping notification is used to allow Consumer credentials (phone, email, billing address, twitter name, etc) for mapping to card data. Card mappings can be used later in transfer or sale transactions instead of card numbers and other cardholder information. GoldenApple sends Verification card mapping notification request to Connecting Party’s server/proxy with created on its side card reference - {serverCardId}.
Connecting Party’s server maps this {serverCardId} to {clientCardId}, created on its side. This {clientCardId} can then be mapped in Connecting Party’s app or on Connecting Party’s server to any Consumer’s data from the initial Perform validation request. This allows Connecting Party’s app to process sale or transfer transactions by Consumer’s email, phone number, etc.
{uniqueReferenceCardId} remains the same if Consumer makes another verification with the same card number but different expiry date, for example. It can be used by Connecting Party for loyalty programs or fraud control.

API URLs

Connecting Party Server

https://proxy.connectingpartyserver.com/verification/notification

Request Parameters

Parameter Name

Description

Value

consumer

Type: Object

consumer.device

Type: Object

consumer.device.serialNumber

Consumer’s device serial number.

Type: String
Length: 1-50

reference

Type: Object

reference.serverCardId

The card reference identifier (on server side).

Type: String
Length: 1-64

reference.uniqueReferenceCardId

The card identifier (on server side).

Type: Integer

session

Type: Object

session.accessToken

Consumer’s access token key.

Type: String
Length: 32-128

session.token

The session token of verification transaction.

Type: String
Length: 16-36

sourceCard

Type: Object

sourceCard.bin

The Source card BIN.

Type: Integer

Success Response Parameters

Parameter Name

Description

Value

invoiceId

Verification transaction identifier.

Type: String

session

Type: Object

session.checkSignature

Checksum generated by hmac-sha1 (see Signature computation) from the concatenation of the session.nonce, the endpointId and the invoiceId.

Type: String

session.nonce

Unique random string generated by Connecting Party’s server.

Type: String

session.token

The session token of verification transaction.

Type: String

Fail Response Parameters

Parameter Name

Description

Value

error

Type: Object

error.cause

Cause of the error. Possible values: FILTERED, INVALID_REQUEST, SERVER_FAILED, SERVER_UNAVAILABLE.

Type: Enum

error.code

The unique error code.

Type: String

error.message

Description of the error.

Type: String

invoiceId

Verification transaction identifier.

Type: String

Request Example

{
  "consumer": {
    "device": {
      "serialNumber": "string"
    }
  },
  "reference": {
    "serverCardId": "string",
    "uniqueReferenceCardId": "integer"
  },
  "sourceCard": {
    "bin": "integer"
  },
  "session": {
    "accessToken": "string",
    "token": "string"
  }
}

Success Response Example

{
  "invoiceId": "string",
  "session": {
    "checkSignature": "string",
    "nonce": "string",
    "token": "string"
  }
}

Fail Response Example

{
  "error": {
    "cause": "enum",
    "code": "string",
    "message": "string"
  },
  "invoiceId": "string"
}