Changing the card status
How to change the status of a card, for example to activate a physical card or to declare it as stolen.
If a dual card (both virtual and physical cards) was issued and you try to change the status of the physical card before it's been activated, the status change takes effect on the virtual card.
To change the status of a card, use the PATCH /cards/change_status/{card_id}
operation and provide the required status parameter from the table below.
Note
You can only change the status of a physical card after you have activated it.
Parameter | Type | Description |
---|---|---|
status required | string | One of: Active , Lost , Stolen , No_withdrawals , Inactive , Fraud .See the table below for descriptions. |
The enums for status
are described in the table below.
status enum | Description |
---|---|
Active | The card can be used to make transactions. |
Lost | The cardholder has reported the card lost. The card is blocked from making new transactions. Lost cards can be unblocked when the cardholder reports them recovered. |
Stolen | The cardholder has reported the card stolen. The card is permanently blocked from making new transactions. |
No_withdrawals | The card can be used for purchases but cannot be used to withdraw money. |
Inactive | The card cannot be used to make transactions. |
Fraud | The card is compromised but still in the cardholder’s possession. The card is permanently blocked. |
For a complete specification and interactive examples, see Change card status in the Bond API Reference.
Activating a physical card
A physical card is always issued as inactive and must be activated before use.
To activate a card, use the PATCH /cards/{card_id}/activate_physical_card
operation.
An example of a request to activate a card is shown below.
curl --request PATCH \
--url https://sandbox.bond.tech/api/v0/cards/931e2341-c3eb-4681-97d4-f6e09d90da14/activate_physical_card \
--header 'Content-Type: application/json' \
--header 'Identity: YOUR-IDENTITY'
--header 'Authorization: YOUR-AUTHORIZATION' \
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://sandbox.bond.tech/api/v0/cards/931e2341-c3eb-4681-97d4-f6e09d90da14/activate_physical_card")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Patch.new(url)
request["Content-Type"] = 'application/json'
request["Identity"] = 'YOUR-IDENTITY'
request["Authorization"] = 'YOUR-AUTHORIZATION'
response = http.request(request)
puts response.read_body
const options = {
method: 'PATCH',
headers: {Accept: 'application/json', Identity: 'YOUR-IDENTITY', Authorization: 'YOUR-AUTHORIZATION'}
};
fetch('https://sandbox.bond.tech/api/v0/cards/card_id/activate_physical_card', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import requests
url = "https://sandbox.bond.tech/api/v0/cards/931e2341-c3eb-4681-97d4-f6e09d90da14/activate_physical_card"
headers = {
"Content-Type": "application/json",
"Identity": "YOUR-IDENTITY",
"Authorization": "YOUR-AUTHORIZATION"
}
response = requests.request("PATCH", url, json=payload, headers=headers)
print(response.text)
var client = new RestClient("https://sandbox.bond.tech/api/v0/cards/931e2341-c3eb-4681-97d4-f6e09d90da14/activate_physical_card");
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Identity", "YOUR-IDENTITY");
request.AddHeader("Authorization", "YOUR-AUTHORIZATION");
IRestResponse response = client.Execute(request);
OkHttpClient client = new OkHttpClient();
Request request = new Request.Builder()
.url("https://sandbox.bond.tech/api/v0/cards/card_id/activate_physical_card")
.patch(null)
.addHeader("Accept", "application/json")
.addHeader("Identity", "YOUR-IDENTITY")
.addHeader("Authorization", "YOUR-AUTHORIZATION")
.build();
Response response = client.newCall(request).execute();
An example of a response to a successful request to activate a card is shown below.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Active"
}
For a complete specification and interactive examples, see Activating a card in the Bond API Reference.
Set Active status
{"status": "Active"}
Once a card has been issued, it must be activated by setting the status to Active
before it can be used to make purchases.
A successful request to activate a card response is shown in the example below.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Active"
}
For a complete specification and interactive examples, see Change card status in the Bond API Reference.
Set Lost status
{"status": "Lost"}
Set the status to Lost
when the cardholder no longer has access to their physical card but does not think it was stolen. The card is blocked for new purchases and can be unblocked at any time.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Lost"
}
Set Stolen status
{"status": "Stolen"}
Set status to Stolen
when the cardholder reports the card as stolen. The card is blocked for new purchases and cannot be unblocked.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Stolen"
}
Set No Withdrawals status
{"status": "No_withdrawals"}
Set the status to No_withdrawals
to prevent the card from being used to make withdrawals.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "No_withdrawals"
}
Set Inactive status
{"status": "Inactive"}
Set the status to Inactive
to prevent transactions on the card.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Inactive"
}
Set Fraud status
{"status": "Fraud"}
Set the status to Fraud
when the card has been compromised but is still in the physical possession of the cardholder. The card is blocked for new purchases and should be reissued with a new PAN and CVV.
fraud
is similar to stolen
, but with `fraud, the cardholder still has physical possession of the card.
{
"card_id": "2742ff6a-7455-4066-8b45-ae12d3acca34",
"last_four": "6169",
"status": "Fraud"
}
Updated over 2 years ago