production
development
https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext
Paths
/v1/cards/cvv2/information/retrieve
post /v1/cards/cvv2/information/retrieve
retrieve-dynamic-CVV2-2FA-information
To retrieve the digitally generated CVV2 and 2FA using debit or credit card parameters and store the information in Teradata.
This API is used to retrieve the digitally generated CVV2 and 2FA (Second Factor of Authentication) using debit or credit card parameters and store the information in Teradata. It returns the digitally generated CVV2 from ECS backend for Credit card and S045 for Debit card.
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
The client ID you received during application registration in the developer portal
Authorization
Required in header
string
Bearer token aquired from APIM token endpoint
uuid
Required in header
string
Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send.
sid
Required in header
string
Sessionid value from E2EE Key Exchange response.
Accept
Required in header
string
Content-Types that are acceptable for the response
Accept-Language
Optional in header
string
Language to be send to the backend systems must be 'es' for spanish and 'en' for english
{
"default": "es"
}ChannelId
Required in header
string
channel ID used by the user, it is required for the first call in a new session.
countryCode
Required in header
string
2 character ISO country code
{
"default": "MX"
}businessCode
Required in header
string
3 character business code
{
"default": "GCB"
}Content-Type
Required in header
string
Content-Types that are sent in the request
{
"default": "application\/json"
}dynamicCvvRequest
Required in body
object
This request is to retrieve dynamically generated CVV2 and 2FA.
200
CVV2 and 2FA retrieved successfully
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
| error | cannotDecryptData | 620-Cannot decrypt, please re-check the encrypted value |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details |
| error | accessNotConfigured | The request operation is not configured to access this resource |
| error | productNotAllowed | The card is not allowed to issue CVV2 and 2FA. |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| error | backendError | Failed during a call to backend service |
| error | timeoutError | Time to complete a transaction is over |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/cards/cvv2/information/retrieve
/v1/cards/usage-info/encrypted/retrieve
post /v1/cards/usage-info/encrypted/retrieve
retrieve-encrypted-card-usage-info
To retrieve the encrypted card information, once a 2FA (Second Factor of Authentication) is validated
This API is used to retrieve the encrypted card information, once a 2FA (Second Factor of Authentication) is validated. The 2FA could be an OTP/HardToken/SoftToken/JWT
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
The client ID you received during application registration in the developer portal
Authorization
Required in header
string
Bearer token aquired from APIM token endpoint
uuid
Required in header
string
Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send.
sid
Required in header
string
Sessionid value from E2EE Key Exchange response.
Accept
Required in header
string
Content-Types that are acceptable for the response
Accept-Language
Optional in header
string
Language to be send to the backend systems must be 'es' for spanish and 'en' for english
{
"default": "es"
}ChannelId
Required in header
string
channel ID used by the user, it is required for the first call in a new session.
countryCode
Required in header
string
2 character ISO country code
{
"default": "MX"
}businessCode
Required in header
string
3 character business code
{
"default": "GCB"
}Content-Type
Required in header
string
Content-Types that are sent in the request
{
"default": "application\/json"
}retrieveEncryptedCardRequest
Required in body
object
200
Sensitive Card Information encrypted
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
| error | cannotDecryptData | 620-Cannot decrypt, please re-check the encrypted value |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details |
| error | accessNotConfigured | The request operation is not configured to access this resource |
| error | productNotAllowed | The card is not allowed to issue CVV2 and 2FA. |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| error | backendError | Failed during a call to backend service |
| error | timeoutError | Time to complete a transaction is over |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://perf.api.externalapib2b.wlb.lac.nsroot.net:7100/mx-gcgapi/perfext/api/v1/cards/usage-info/encrypted/retrieve
Definitions
{
"type": "object",
"properties": {
"accountId": {
"description": "Unique ID used by front end to indentify the account",
"type": "string",
"example": "123456"
},
"cardAuthorization": {
"$ref": "#/definitions/CardAuthorization"
}
},
"required": [
"accountId",
"cardAuthorization"
]
}
{
"type": "object",
"properties": {
"authenticationType": {
"description": "Authetication type used by the customer. 1 - UserId and Password, 2 - Softtoken, 3 - HardToken",
"type": "string",
"example": "1"
},
"encryptedDevice": {
"$ref": "#/definitions/EncryptedDevice"
}
},
"required": [
"authenticationType",
"encryptedDevice"
]
}
{
"type": "object",
"properties": {
"osId": {
"description": "The Id of the operating system",
"type": "string",
"example": "10"
},
"osName": {
"description": "Device operating system name",
"type": "string",
"example": "Android"
},
"osVersion": {
"description": "Version of the operating system that is running on the device",
"type": "string",
"example": "1.0.11"
},
"deviceModel": {
"description": "Name of the device model. This value is set by the device manufacturer and may be different across versions of the same device",
"type": "string",
"example": "SM-G935F"
},
"ipAddress": {
"description": "Ip address of the device",
"type": "string",
"example": "100.200.102.500"
}
},
"required": [
"osId",
"osName",
"osVersion",
"deviceModel",
"ipAddress"
]
}
{
"type": "object",
"properties": {
"encryptedDigitalCvvNumber": {
"type": "string",
"format": "string",
"example": "123345fygfugui357353",
"description": "Dynamically generated CVV2. This value will be returned encrypted with previously shared AES key, so once decrypted the max length is 3 digits."
},
"encryptedAuthenticationFactor": {
"type": "string",
"example": "12346dhfje537474gd",
"description": "Second factor of authentication. This value will be returned encrypted with previously shared AES key, so once decrypted the max length is 6 digits."
}
},
"required": [
"encryptedDigitalCvvNumber"
]
}
{
"type": "object",
"properties": {
"accountId": {
"description": "Unique ID used by front end to indentify the account",
"type": "string",
"example": "123456"
},
"security": {
"$ref": "#/definitions/Security"
},
"cardAuthorization": {
"$ref": "#/definitions/CardAuthorizationInfo"
}
},
"required": [
"accountId",
"security",
"cardAuthorization"
]
}
{
"type": "object",
"properties": {
"challengeQuestion": {
"type": "string",
"example": "87295410",
"description": "Challenge previously received (must be same as the given from get challenge service), composed by 8 digit numbers."
},
"oneTimePasswordToken": {
"description": "One time password Text that is generated and sent to User's registered communication device.",
"type": "string",
"example": "17364892"
},
"jwtToken": {
"type": "string",
"example": "kkhljsdf87sdifskjfsdhkf8fsdf",
"description": "JWT to be validated when customer has being migrated to transmit platform"
},
"grantType": {
"description": "Id of the token, used for identifying the kind of functional Id also known as applicationId for calling the transmit JWT validator service tokenId Details 1 SMS-OTP functional Id 2 binding functional Id 3 New Online Transaction functional Id 4 Avatar Transaction functional Id 5 IVR Transaction functional ID 6 AcciTrade Transaction functional ID 7 Directo Transaction functional ID
",
"type": "string",
"example": "2"
}
}
}
{
"type": "object",
"properties": {
"authenticationType": {
"description": "Authetication type used by the customer. 1 - UserId and Password, 2 - Softtoken, 3 - HardToken",
"type": "string",
"example": "1"
},
"encryptedDevice": {
"$ref": "#/definitions/EncryptedDeviceInfo"
}
},
"required": [
"authenticationType",
"encryptedDevice"
]
}
{
"type": "object",
"properties": {
"osId": {
"description": "The Id of the operating system",
"type": "string",
"example": "10"
},
"osName": {
"description": "Device operating system name",
"type": "string",
"example": "Android"
},
"osVersion": {
"description": "Version of the operating system that is running on the device",
"type": "string",
"example": "1.0.11"
},
"deviceModel": {
"description": "Name of the device model. This value is set by the device manufacturer and may be different across versions of the same device",
"type": "string",
"example": "SM-G935F"
},
"ipAddress": {
"description": "Ip address of the device",
"type": "string",
"example": "100.200.102.500"
}
},
"required": [
"osId",
"osName",
"osVersion",
"deviceModel",
"ipAddress"
]
}
{
"type": "object",
"properties": {
"encryptedCardPlastic": {
"$ref": "#/definitions/EncryptedCardPlasticInfo"
}
}
}
{
"type": "object",
"properties": {
"cardNumber": {
"description": "Card number that is visible in the plastic",
"type": "string",
"maxLength": 16,
"example": "6758968312457638"
},
"expiryDate": {
"description": "The date on which the card becomes invalid/expired.",
"type": "string",
"format": "date",
"example": "09-21"
}
},
"required": [
"cardNumber",
"expiryDate"
]
}
{
"required": [
"code",
"details",
"location",
"moreInfo",
"timestamp",
"type"
],
"properties": {
"type": {
"type": "string",
"description": "Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again",
"enum": [
"error",
"warn",
"invalid",
"fatal"
]
},
"code": {
"type": "string",
"description": "Error code which qualifies the error"
},
"details": {
"type": "string",
"description": "Human readable explanation specific to the occurrence of the problem"
},
"location": {
"type": "string",
"description": "The name of the field that resulted in the error"
},
"moreInfo": {
"type": "string",
"description": "URI to human readable documentation of the error"
},
"timestamp": {
"type": "string",
"description": "Timestamp of the error"
}
}
}