Card Control enables the cardholder to manage his card in real-time. Cards can be managed via the banking app or online banking through our APIs

The cardholder knows best his habits and preferences for card usage. Card Control allows him/her to customize a card in different aspects. Some examples: set card limits on different channels – in-store/online/contactless payments, cash withdrawals at ATM. As well it is possible to block chosen payment channels or certain merchant categories (e.g., casinos, liquor store, etc.). Geographical reach can also be controlled: countries can be blocked or enabled for card payments. All the mentioned features can be set for a specific period of time. Altogether, a variety of features and its combination provide a detailed customization.

Thanks to a comprehensive customization, Card Control becomes a first step towards risk mitigation. Through spending limit management, country and merchant category blocks, spend notifications, etc. the cardholder gets alert about fraudulent activities and can prevent it. Next to this, extensive card self-management options lead to fewer disputes and a lower number of calls to the customer care center.

How it works

Card Control allows the cardholder to personalize his card overriding the issuer specific standard settings. The customization is achieved by updating and overriding cards authorization restrictions and velocity limits.

Each authorization restriction override is  based on an existing authorization restriction. First step is to retrieve the authorizationRestrictionReference through the list of existing authorization restriction by calling the API List of authorization restriction for account. Second step is to modify the authorization restriction using the API Create authorization restriction override. The override created could be then updated using the appropriate API. 

Similar process applies to velocity limits. A default velocity limit could be overwritten by Velocity limit overrides API that allows to modify number and amount of authorizations allowed for a specific time period.  The override created could be then updated and deleted using the appropriate API.