5. Creating a card

Creating a new card for your customer.

You can create a debit or a credit card for customers who have passed either the KYC verification or the KBAKBA - Knowledge Based Authentication. A form of identity validation done by prompting the user to answer questions based on their private information. Performed in the event that the KYC process fails. Generally KBA is interchangeable with OOW. For example, "Out of these 4 addresses, in which have you resided previously?". process. The card creation process automatically generates a card account at the same time. The card account is closely coupled to the card, but is logically distinct.

The card contains information relating to the physical or virtual card, while the card account contains broader information, such as what bank accounts it's connected to.

You specify whether a card is a debit or credit card when you make the API request to create the card.

The card configuration is determined by the program_id which is provided by the Bond platform based on your requirements. There are three card configurations:

  • Virtual
  • Physical
  • Dual

For details, see Card program ID.

Upon creation, your customer can immediately use the virtual card. If they've been issued with a physical card, they can only use it once it's been activated. See activating a physical card.

Creating a card and card account

A card and card account are simultaneously created from a single POST request that must contain both the program_id and customer_id. The program ID references the details about your card program with the Bond platform.

program_id is a primary key reference to all information related to your brand’s card program. It is visible in Bond Portal and contains information such as:

  • The KYC provider
  • Whether it is a debit/credit program
  • The card processor
  • The BINBIN - Bank Identification Number. The initial four to six digits that appear on a payment card, identifying the bank or entity that issued the card, that issuer’s location, and the card type (for example, credit, debit, gift). A BIN may also be referred to as an Issuer Identification Number (IIN) provider

To create a card and card account, use the POST /cards operation and provide the customer_idandcard_program_id` as detailed in the cards API.

curl --request POST \
  --url https://sandbox.bond.tech/api/v0/cards \
  --header 'Identity: YOUR-IDENTITY' \
  --header 'Authorization: YOUR-AUTHORIZATION' \
  --header 'Content-Type: application/json' \
  --data '{"customer_id":"094cd49b-6412-429f-a396-314097a6c3b9", 
import requests

url = "https://sandbox.bond.tech/api/v0/core/cards"

payload = {
headers = {
  "Content-Type": "application/json",
  "Identity": YOUR-IDENTITY,
  "Authorization": YOUR-AUTHORIZATION

response = requests.request("POST", url, json=payload, headers=headers)

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://sandbox.bond.tech/api/v0/core/cards")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/json'
request["Identity"] = YOUR-IDENTITY
request["Authorization"] = YOUR-AUTHORIZATION
request.body = "{\"customer_id\":\"094cd49b-6412-429f-a396-314097a6c3b9\",\"program_id\":\"2742ff6a-7455-4066-8b45-ae12d3acca34\"}"

response = http.request(request)
puts response.read_body
const data = JSON.stringify({

const xhr = new XMLHttpRequest();

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {

xhr.open("POST", "https://sandbox.bond.tech/api/v0/core/cards");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Identity", YOUR-IDENTITY);
xhr.setRequestHeader("Authorization", YOUR-AUTHORIZATION);

var client = new RestClient("https://sandbox.bond.tech/api/v0/core/cards");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Identity", YOUR-IDENTITY);
request.AddHeader("Authorization", YOUR-AUTHORIZATION);
request.AddParameter("application/json", "{\"customer_id\":\"094cd49b-6412-429f-a396-314097a6c3b9\",\"program_id\":\"2742ff6a-7455-4066-8b45-ae12d3acca34\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"customer_id\":\"094cd49b-6412-429f-a396-314097a6c3b9\",\"program_id\":\"2742ff6a-7455-4066-8b45-ae12d3acca34\"}");
Request request = new Request.Builder()
  .addHeader("Content-Type", "application/json")
  .addHeader("Identity", YOUR-IDENTITY)
  .addHeader("Authorization", YOUR-AUTHORIZATION)

Response response = client.newCall(request).execute();

A successful response returns the card_id and card_account_id similar to the example shown below.

    "card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
    "last_four": 6169,
    "status": "Active",
    "card_account_id": "8d8b0aa0-5eec-4eab-923d-2bd777c9a07d",
    "customer_id": "094cd49b-6412-429f-a396-314097a6c3b9"

Did this page help you?