Availability:

  • CB_VISA_MASTERCARD only

A registered card must be validated within 24 hours of registration, otherwise its Validity is permanently set to INVALID and the card must be registered again.

Cards can be validated by a successful card flow:

  • Direct card pay-in or recurring card pay-in (MIT) (authorization and debit)
  • Preauthorization or deposit preauthorization (authorization and deferred debit)
  • Card validation (authorization and no debit)

The card validation is a request for authentication only. It does not request capture of funds, and it is therefore not a Transaction.

Note - Card validation only available for CB_VISA_MASTERCARD The card validation feature is only available for cards with the CardType CB_VISA_MASTERCARD

Benefits

For the platform:

  • Verifying that the card belongs to the user who registered it
  • Checking that the issuer authorizes the use of the card (for example, that it’s not blocked)

Because a card must be validated within 24 hours, the card validation feature allows greater flexibility in the user’s payment experience than a pay-in or preauthorization.

For the cardholder:

  • Proving to platforms the card is theirs and is fit for use
  • No trace of the validation on their bank statement

3DS and card validation

A card validation may require 3DS authentication. It does not change the likelihood of SCA being required again later at the moment of payment with the card.

Like with other card flows, the SecureMode parameter is available on card validation, which allows the platform to indicate a preference for 3DS authentication.

You can also use the ValidationUsage parameter to indicate the intended usage of the card. It has the values:

  • CIT – For customer-initiated transactions (CITs), meaning 3DS is less likely to be required on the card validation.
  • MIT – For merchant-initiated transactions (MITs), meaning 3DS is more likely to be required on the card validation.

You can set the ValidationUsage parameter to CIT to decrease the likelihood of SCA when the SecureMode value is DEFAULT or NO_CHOICE.

If the SecureMode value is FORCE, explicitly requesting SCA, then the ValidationUsage is set to MIT even if you send CIT.