Skip to content

Cards

person person person person
System Administrators, Issuer Administrators, Business Administrators, Helpdesk Users

Cards tab

This section is used for registering and maintaining individual cards. You can search for cards; enable or disable cards; view card information (including the enrolment status); update card information; and pre-register new cards.

Info

Please see Upload Registration Files in the Issuers section for uploading card data for bulk registration or pre-registration of cardholders.

Note

This page will not be available for remote issuers.

Cards has the following sub menu options:

  • Find Card - for maintaining cards and card details

  • New Card - for adding new cards

The first Cards page is Find Card.

Find Card

Cards > Find Card

This page allows you to access card related information by searching for cards based on name on card, card number, client ID, authentication method, issuer, BIN, enrolment status, card status, device authentication enabled or disabled, device type, device serial number, card ID and pre-registration or registration date range.

Note

  • Finding a card using a card number is only possible if you enter the full card number. There is no partial number search or wild card search available.
  • Search results display the first 400 cards only.

Use the following fields to search for cards:

  • There are two options when searching for a card: by entering the card number or by entering the cardholder name (exactly as embossed on the card) and selecting the issuer from the drop down list.

  • Enter the cardholder's full Name on Card and select the Issuer of the card from the drop down list to view all matching records. The cardholder name is not case sensitive.

  • Enter the full Card number. Multiple search results are displayed when a card account has more than one cardholder.

  • Enter the Client ID.

  • Enter the full Authentication Method to show cards from only one authentication scheme. J/Secure, ProtectBuy, SafeKey, SecureCode and VbV schemes available.

  • Select the Issuer from the drop down list or select the Group from the drop down list.

  • Select the BIN from the drop down list.

  • Select the card's Enrolment Status from the drop down list. You can choose to search for All, Pre-registered, Registered, or Re-activated cards.

  • Select the card's Status from the drop down list. You can choose to search for enabled, disabled or locked cards.

  • Select to search for card for which Device authentication enabled or disabled. This allows you to limit the results for cards that support two-factor authentication over 3-D Secure or those that do not.

  • Select the Device type that has been registered for the Card from the drop down list. You can choose to search for VASCO, SMS, OOB, Email, Decoupled Authenticator.

  • Enter the Device serial number (unique device identifier) that has been registered for the Card.

  • Enter the card's record identifier (Card ID) to locate a specific record. This is used for advanced diagnostics where the record identifier is obtained directly from the database.

  • Specify an optional date range to limit search results based on the card's Pre-registration Date.

  • Specify an optional date range to limit search results based on the card's Registration Date.

  • Click the Search button.

The Search Result page will be displayed.

Exporting cards

An export function, which allows you to download lists, is available for the following:

  • Pre-registered cardholders for an issuer or issuer group, using the Confirmation Method

  • Cardholders for an issuer or issuer group using the Confirmation Method.

Note

Although the display is limited to the first 400 cards for the selected issuer or issuer group, the full list will be downloaded when the Export link is selected.

Use the following fields to find cards to download a list of pre-registered cards:

  • Select an Issuer or Issuer Group

  • Select Pre-registered as the Enrolment Status.

  • Click the Search button

    The Search Result page will be displayed, showing the pre-registration date, in addition to the standard fields.

  • Click the Export button to download a file containing the relevant cardholder data.

    Note

    • Only Issuers or Issuer Groups that are using the Confirmation Method can download a list of pre-registered cards.
    • Exporting is only available to administrators with System Admin and Issuer Admin access level.

Use the following fields to find cards to download a list of cardholders:

  • Select an Issuer or Issuer Group

  • Select Registered as the Enrolment Status.

  • Click the Search button

    The Search Result page will be displayed, showing the registration date, in addition to the standard fields.

  • Click the Export button to download a file containing the relevant cardholder data.

    Note

    • Exporting is only available to administrators with System Admin and Issuer Admin access level.
    • It is only possible to download a list of cardholders for Issuers or Issuer Groups that are using the Confirmation Method. Cardholders can be filtered by confirmation status and confirmation date.

Card Search Result

Cards > Find Card > Search Result

Cards are listed according to the search criteria you entered on the Find Card page. You can select any card and delete, enable or disable them.

The search result page shows card number, name on card, expiry date, issuer enrolment status and card status. Expiry date is an optional field and is only displayed if it was provided at registration.

The card's enrolment status can be either pre-registered or registered.

The Search Result page may return multiple results for a single card number depending on whether this is an account with multiple cardholders or not. Card numbers with multiple cardholders can be distinguished based on the cardholder name.

Note

The issuer system uses the combination of card number and cardholder name (name on card) as the key identifier for authentication purposes.

Card numbers with different card names are treated independently and as such each cardholder can have their separate authentication data. This also means that enabling/disabling registration are handled separately. For example if you wish to completely remove a card from the issuer system, be sure to select and remove all cardholders.

You can browse to the card details page by following the link under Card Number or Name on Card.

Use the following steps to delete, enable or disable a card:

  • Choose one or more cards by clicking the Select checkbox adjacent to the Card Number

  • Click the appropriate button.

    A confirmation message will be displayed.

Use the following steps to select a card:

  • Click the Card Number hyperlink for the card you wish to view or edit details.

    The Card Details page is displayed.

Use the following steps to select all items that match the search criteria:

  • Click the box under the Select column to select or unselect all items. This allows you to perform the desired task on all selected items.

    You should note that all items matching the search criteria will be affected. This includes items displayed on other pages and even those omitted due to the large number of results (display of search results is limited to a maximum of 400 records).

Note

Important: If you are selecting a large number of records, you should remember that the operation can take a long time to complete and will generate an audit log record per affected item. Use this functionality on large number of records with diligence and where only strictly necessary.

Card Details

Cards > Find Card > Search Result > Card Details

The following card details can be viewed/ edited on this page:

  • Issuer

    Shows card's issuing bank and cannot be changed.

  • BINs - Displays a list of BINs assigned to the issuer. This field is for information only. Issuer BIN can be modified by an administrator with System Admin access level through System Management > Issuers > Issuer Details > BIN Management page.

  • Card ID - Unique card number, which cannot be changed.

  • Status - Can be Enabled, Disabled or Locked. A card is enabled when the cardholder is first enrolled.

    For security reasons, administration staff may temporarily disable a card.

    A card may also be locked by the system if multiple unsuccessful authentication attempts are detected.

    If the cardholder is enrolled and the card is disabled or locked, it cannot be used to make authenticated payments.

    If the cardholder is not enrolled, the enrolment process cannot be completed if the card is disabled.

    Cards that are locked by the system can be unlocked by administration staff or after a time-out period, as specified in the issuer settings. A card cannot be manually locked.

  • BIN status - Shows the BIN status, which is either Enabled or Disabled, indicating the availability of the 3-D Secure service for the card. Cards with a Disabled BIN cannot be enrolled, registered or authenticated.

  • Registration date - Displayed if cardholder is enrolled.

  • Enrolment - Shows the enrolment status, which is either registered or pre-registered, along with the Pre-registration and Registration date. If the Issuer is using the Confirmation method, the Confirmation status and Confirmation date will also appear in this section.

  • Authentication Method - Specifies the card's authentication scheme and cannot be changed. Currently SafeKey, ProtectBuy, J/Secure, SecureCode and Verified by Visa schemes are supported.

  • Card number - Full card number, partially masked.

    Note

    Please note that the card number must comply with the Luhn / mod 10 algorithm.

  • Name on Card - Cardholder name as specified on the card.

  • Client ID - The client ID of the card.

  • Expiry date - Card expiry date (mm/yyyy).

    Note

    The card expiry date is mandatory for Mastercard in 3DS2.

  • Device authentication (if enabled) - Drop down list shows the status of two-factor authentication for 3-D Secure as Enabled. Select Disabled to disable device authentication for this card and the drop down list will be removed once you click Apply.

    A card, for which device authentication is enabled, can use an authentication device in addition to the conventional 3-D Secure password as a second factor of authentication.

  • Number of ADS cancellations - Shows the number of times a cardholder has refused to complete activation during shopping by either opting out of ADS or cancelling the transaction.

  • ADS proof of attempts granted - Shows the number of times a cardholder has been granted proof of authentication attempt without being required to complete the activation during shopping process.

    Note

    Where Business Rules are being used and a rule has matched, this value is set to the maximum automatically and therefore the value may not be a true representation of the number of ADS proof of authentication attempts that have been granted to this cardholder.

  • Extended cardholder information - Each card is also associated with one or more authentication or data fields. The issuer determines the format and number of these fields. Extended cardholder information is only displayed if the system administrator enables this option in the Issuer Management section.

    For example a card may be accompanied by / associated with:

    • A PAM (Personal assurance message or the greeting message as required in VbV, J/Secure, ProtectBuy, SafeKey and SecureCode schemes)

    • An Internet PIN (for secure online transactions). Fields such as Internet PIN are always displayed masked.

    • Question and Answer fields used for challenging cardholder before resetting the password.

    • A card's authentication Password

  • Assigned Devices appears for cards for which device authentication is enabled and links to a Search Results page, which displays authentication devices assigned to this card.

  • Account History links to Account History details page, which shows actions affecting account status or the devices attached to the account.

  • Show Transactions links to the Search Results page, which displays all transactions for this card.

  • Whitelisting links to the cardholder’s whitelisted details page, which displays all whitelisted merchants for this card. This link will be displayed if the Issuer has enabled this option in BIN Management.

  • Generate Activation Code link allows the administrator to generate an activation code for a replacement device. The link is only shown if the card's primary device is marked as lost or damaged. The cardholder requires this activation code before they can complete linking the replacement device with an existing account.

Note

Generate Activation Code is not available for EMV 3DSecure transactions and will not be displayed for OOB devices.

Assigned Devices

Cards > Find Card > Search Result > Card Details > Assigned Devices

Assigned Devices displays all devices attached to the selected card. It enables you to assign a new device to a card, remove an assignment or change the status of assigned devices to Lost, Damaged or Temporarily disabled.

The following fields and links are displayed:

  • Device Management - links to the Device Management page for manually assigning a new or existing device to the card, or deleting an existing device.

The following fields and links are displayed for each assigned device:

  • Select checkbox - for selecting the device to use in conjunction with the Remove Assignment button or Delete button. To remove assignment of all devices, click the select checkbox in the column heading and then click the Remove Assignment button. To completely delete a previously registered device from the system, click the adjacent Select checkbox and then click the Delete button.

    If you select all devices a Warning dialog is displayed asking you to confirm that you want to remove all records that match the search criteria.

  • Device ID links to the Device Details page

  • Assign date - Date and time device was assigned

  • Serial Number - The unique device identifier

  • Device type - The type/make of the device such as VASCO, Email, etc

  • Status - Active/Lost/Damaged/Temporarily disabled/Deactivated device type

    An Active device can be used in device authentication.

    If a device is reported lost, stolen, damaged, or temporarily disabled, it must be flagged accordingly. A Lost or Damaged device can no longer be used for authentication and the cardholder must be issued with a new device.

    A Temporarily disabled device allows administrators to generate a new backup token.

    Deactivated device type indicates that the issuer has disabled support for this device.

  • Mark as -

    • Lost - click to change the status of the selected device to lost.
    • Damaged - click to change the status of the selected device to damaged.
    • Temporarily disabled - click to change the status of the selected device to temporarily disabled.

  • Generate Backup Token link is only shown when the card's primary authentication device is marked as temporarily disabled. Providing the cardholder with a backup token allows the cardholder to continue using the service while they wait for the replacement authentication device to arrive.

    The application currently supports two mechanisms for generating backup tokens: a replacement password (the default) and SMS.

    A replacement password is a static password that can be used as the second factor of authentication for a limited time and for a limited number of times. Using a static password will not be as secure as using an authentication device. Administrators should only issue backup tokens if allowed by the issuer's security policy and if in line with the issuer's requirements for identifying a cardholder.

    A more secure alternative is to use SMS as the backup token, if supported by the issuer device settings. This allows the admin to temporarily switch the cardholder's authentication process to SMS authentication. The cardholder will need to provide a mobile number to which the second factor of authentication will be sent via SMS.

    Note that the first SMS batch is not sent immediately. The SMS is sent when the cardholder attempts to perform their next authentication. They may have to wait a few minutes, once they attempt to login next time, for the batch SMS to arrive. Once they receive the first batch SMS, they will continue to receive replacement batch SMS tokens when they use up all the numbers in their current batch.

Device Management

Cards > Card Details > Assigned Devices > Device Management

Device Management provides the option to manually assign a new or existing device to the card, or delete an existing device. This is useful for call centre assisted registration of cards. The cardholder needs to provide a token generated by their device in order to complete the assignment. You can either find an existing device that is already registered in the system and verify it or specify a new device to assign and activate.

  • Click the appropriate tab to select the following options:
    • Find Device
    • Assign Existing Device
    • Assign New Device.
Find Device

Cards > Card Details > Assigned Devices > Device Management > Find Device

  • Select an Issuer or All from the drop down list

  • Enter a Creation date and time (dd/mm/yyyy HH:MM) or specify a date and time range for the search result by entering dates and times in the From and To fields. The date and time format is dd/mm/yyyy HH:MM. Leave the time field empty if you do not wish to limit your search for a particular time of day.

  • Select a Device type, such as VASCO, SMS, Email, etc

  • Enter a Device Serial number or specify a serial number range for the search result by entering serial numbers in the Start and End fields.

  • Click Search

A list of devices matching the search criteria will be displayed.

  • To remove a device, click the Select radio button, adjacent to the appropriate Device ID, and click the Delete button.

    This will remove the device from the system.

Assign Existing Device

Cards > Card Details > Assigned Devices > Device Management > Assign Existing Device

Use the following fields to find an existing device:

  • Select an Issuer or All from the drop down list

  • Enter a Creation date and time (dd/mm/yyyy HH:MM) or specify a date and time range for the search result by entering dates and times in the From and To fields. The date and time format is dd/mm/yyyy HH:MM. Leave the time field empty if you do not wish to limit your search for a particular time of day.

  • Select a Device type, such as VASCO, SMS, Email, etc

  • Enter a Serial number or specify a serial number range for the search result by entering serial numbers in the Start and End fields.

  • Click Search

    A list of devices matching the search criteria will be displayed.

  • Click the Select radio button, adjacent to the appropriate Device ID, and click the Apply button

    The Verify Device page is displayed

Assign New Device

Cards > Card Details > Assigned Devices > Device Management > Assign New Device

Use the following fields to assign a new device:

  • Select the Assign New Device tab

New SMS Device

  • Select SMS from the Device type drop down list.

  • Click the Apply button.

    The New SMS Device page is displayed.

  • Select an SMS centre from the drop down list.

  • Select the Country calling code for the country that the mobile number is registered to.

  • Enter the Mobile number of the cardholder. Mobile number should be no longer than 20 characters, including the Country code. Allowed characters are 0-9, '(', ')', '-' and space.

    Note

    If the national trunk prefix of the mobile number has been entered (0 or 1), these digits will automatically be removed from the start of the mobile number by ActiveAccess.

  • Click the Apply button

    A token will be sent to the mobile number and the Activate Device page will be displayed.

    Existing devices need to be verified and new devices need to be activated, using the token sent to the cardholder's mobile, which is generated by assigning the device.

  • Enter the token received by the cardholder's mobile in Enter the token sent to your mobile number.

  • Click the Apply button.

New Email Device

  • Select Email from the Device type drop down list.

  • Click the Apply button.

    The New Email Device page is displayed.

  • Enter the Email address of the cardholder.

  • Click the Apply button

    A token will be sent to the email address and the Activate Device page will be displayed.

    Existing email addresses need to be verified and new email addresses need to be activated, using the token sent to the cardholder's email address, which is generated by assigning the email address.

  • Enter the token received by the cardholder's email address in Enter the token sent to you by email.

  • Click the Apply button.

Generate Backup Token

Cards > Card Details > Assigned Devices > Generate Backup Token

When the cardholder's primary authentication device is marked as lost or damaged, you can link from the Card Details > Assigned Devices page to provide the cardholder with a backup token, which all services can use until a replacement device is received.

  • Select the Backup device type:

    • Default - supplies a static password that can be used as the second factor of authentication for a limited time and for a limited number of times.

    • SMS - displayed only if supported by the issuer device settings. This allows the admin user to temporarily switch the cardholder's authentication process to SMS authentication. The cardholder will need to provide the country calling code and a mobile number to which the second factor of authentication will be sent via SMS. Mobile number should be no longer than 20 characters, including the Country Code. Allowed characters are 0-9, '(', ')', '-' and space.

    • Email - displayed only if supported by the issuer's device settings. This allows the admin user to temporarily switch the cardholder's authentication process to Email authentication. The cardholder will need to provide the email address to which the second factor of authentication will be sent via email.

  • Click the Generate button.

    A confirmation message will be displayed.

Show Transactions

Cards > Find Card > Search Result > Card Details > Show Transactions > Show Recent Transactions

Show Transactions allows access to lists of all recent and archived 3-D Secure (payment authentication) transactions matching the selected card.

The following fields and links are displayed:

Show Archived Transactions - links to the Archived Transactions page which displays the archived 3-D Secure transactions matching the selected card.

Use the following steps to select a transaction and view its details:

  • Click the Date (and time) hyperlink for the transaction you wish to view.

  • The Transaction Details page displays the following fields and links:_

  • Show Recent Transactions - links to the Recent Transactions page which displays the recent 3-D Secure transactions matching the selected card.

Use the following steps to select a transaction and view its details:

  • Click the Date (and time) hyperlink for the transaction you wish to view.

    The Transaction Details page is displayed.

Whitelisting

Cards > Find Card > Search Result > Card Details > Whitelisting

Whitelisting allows access to a list of merchants that have been whitelisted by the cardholder.

The following merchant details are displayed:

  • Choose one or more merchants by clicking the Select checkbox
  • Acquirer Merchant ID
  • Merchant Name
  • MCC - Merchant Category Code
  • Merchant Country Code
  • Click the Remove button to remove the selected merchants from the whitelist.

New Card

Cards > New Card

You can use the New Card function to manually register cardholders. This function pre-registers cardholders. Cardholders have to finalise their registration by going through the issuer's standard enrolment process.

Creating a new card:

  • Select an Issuer from the drop down list of available issuers.

    All issuers that your username is assigned to will be listed here.

  • BINs

    Displays a list of BINs assigned to the issuer. This field is for information purposes. When you enter a new card, the card's BIN number must be one of the existing BINs for the selected issuer.

  • Select the Authentication method supported by the card

  • Currently JCB, Discover, American Express, Mastercard and Visa card schemes are supported.

    Note

    Please note that selecting the authentication method alone does not guarantee that the card can be used in the specified authentication scheme. Other pre-arrangements may also be required. For example in Verified by Visa, a card may not be able to participate before a valid card range that entails the card has been sent to the directory service.

  • Select the Status of Enabled or Disabled from the drop down list.

    A card is normally enabled when the cardholder is first enrolled. The administration staff for security reasons may temporarily disable a card. A card may also be automatically locked by the system itself if multiple unsuccessful authentication attempts are detected.

    When a card is disabled or locked, it cannot be used to make authenticated payments if cardholder is enrolled or alternatively if cardholder has not enrolled yet, the enrolment process cannot be completed before this situation is resolved.

  • Enter the full Card number

    Note

    The card number must comply with the Luhn / mod 10 algorithm.

  • Enter the cardholder name as specified on the card as Name on Card

  • Enter the card Expiry date using mm/yyyy format

    Note

    The card expiry date is mandatory for Mastercard in 3DS2.

  • Enter information required for any Extended cardholder information

  • Each card is also associated with one or more authentication or data fields. The issuer determines the format and number of these fields. Extended cardholder information is only displayed if the system administrator enables this option in the Issuer Management section.

    For example, a card may be accompanied by a PAM (Personal assurance message or the greeting message as required in VbV, J/Secure, ProtectBuy, SafeKey and SecureCode schemes) or may be associated with a PIN (for secure online transactions), etc. Fields such as Internet PIN are always displayed masked.