m2pfintech
API LibraryCard Lifecycle

Card Upgrade

Upgrades an existing card to a higher tier or different product variant. The existing card identified by kitNo will be replaced with a new card of the specified tier type and product. The kitInfo array specifies the desired card characteristics including alias name, card type, plastic code, and tier type for the upgrade.

POST
/kit-manager/upgradeCard

Authorization

tenantAuth
tenant<token>

The DCMS tenant name for multi-tenant isolation. Every API call must include this header to identify the client organization.

In: header

Header Parameters

tenant*string

The DCMS client or tenant name for multi-tenant isolation.

Request Body

application/json

entityId*string

Customer entity identifier who owns the card being upgraded.

kitNo*string

Kit number of the existing card to upgrade.

deliveryAddress?string

Address type for delivery of the upgraded physical card.

Value in"PERMANENT" | "COMMUNICATION"
kitInfo?

Details of the desired upgraded card.

Response Body

application/json

curl -X POST "https://api.dcms.example.com/v1/kit-manager/upgradeCard" \  -H "tenant: ACME_BANK" \  -H "Content-Type: application/json" \  -d '{    "entityId": "676165",    "kitNo": "4561789",    "deliveryAddress": "PERMANENT",    "kitInfo": [      {        "aliasName": "sample",        "cardType": "PHYSICAL",        "plasticCode": "4566",        "tierType": "SILVER"      }    ]  }'
{
  "result": {
    "entityId": "672765",
    "kitInfo": [
      {
        "accountNo": 8642135,
        "bin": "608040",
        "cardCategory": "DEBIT",
        "cardNumber": "608040XXXXXX6384",
        "cardStatus": "ASSIGNED",
        "cardType": "PHYSICAL",
        "encryptedCardNumber": "44a938afd8c4c062ded334e77d5c5e6275dc6e1422d2d2af370f3a99dfbe7482",
        "entityId": "676765",
        "expDate": "2029-07-31T00:00:00.000+00:00",
        "kitNo": "4240181595",
        "networkType": "RUPAY",
        "productId": "2003_PHYSICAL",
        "productName": "2003_PHYSICAL"
      }
    ]
  },
  "exception": null,
  "pagination": null
}

Set PIN V2 POST

Enhanced version of Set PIN that uses AES-GCM encryption for the PIN block. The PIN must be encrypted using a three-step process. Step 1 - PIN Block Generation using ISO 9564 Format 0 encoding where the PIN is XORed with the PAN (card number). Step 2 - AES-GCM Encryption where the PIN block from step 1 is encrypted using the shared set-PIN key with a random 16-byte IV and 128-bit authentication tag. Step 3 - The final encrypted PIN block is Base64 encoded containing the IV prepended to the ciphertext. The expiryDate must match the card expiry date in MMYY format.

Cancel Card Order POST

Cancels a card order that is in a cancellable state such as RECEIVED. Both the orderId and branchId must match the original order for the cancellation to succeed. Orders that have already been processed or are in PENDING state at CMS may not be cancellable.