A card is a Helix-issued debit card tied to one or more savings or checking accounts. To correlate a specific card in Helix to a specific card record in your system, store your system's unique key in the tag property. Or store Helix's cardId in your system.

Creating a physical card and shipping it to the customer is a multi-day process. The standard production workflow is:

  • Call /card/initiate
  • Wait for physical card to be printed and shipped to the customer.
  • Prompt the customer (via your site/app) to activate their card - or in Helix terms, "verify" the card via /card/verify
  • Customer can now use the card

📘

Note

When reissuing a card in the sandbox environment, if a card is currently in PendingVerification or ReissuePendingVerification status, the new status will be ReissuePendingVerification. Otherwise, the new status will be Verified.


card Object

Represents a single card. A single customer can have multiple cards. A single card can be tied to multiple accounts (4 checking, and 4 savings). A single account can be tied to multiple cards.

PropertyData Type (length)Description
accountsarrayAn array of partially populated account objects. Properties that are populated on each account object:
- accountBalance
- accountId
- accountNumberMasked
- availableBalance
- balanceLastModifiedDate
- customerId
- lastModifiedDate
- name
- pendingBalance
- cardPriority: values will be between 1 and 4 inclusive
- status
- tag
- type
archivedDatedatetimeDate the card was set to status=Archived via /card/archive
binIdintegerSpecifies which bin a card will be assigned to. Defaults to first bin created for your program .
cardHolderCustomerIdintegerThe unique identifier of the customer who typically has the card in their possession. If 0 or null, defaults to value in customerId. This customer must have status=Verified and accessTypeCode of FULL, ACCT or CARD. Assumes customer was already created and verified.
cardIdintegerHelix-assigned unique ID for the card
cardNumberMaskedstringThe masked value of the PAN (Primary Account Number) for the card.
Example: *************1234 .
Note: This property returns all asterisks until the card has been verified.
createdDatedatetimeDate the card was created
customerIdintegerThe Helix-assigned unique ID for the customer who actually created the card (the customer who called /card/initiate). This customer must have status=Verified and accessTypeCode=FULL.
deniedDatedatetimeDate the card was set to status=Denied
digitalWalletTokensarrayOptional array of Digital Wallet Tokens if the card has been provisioned into a Digital Wallet
expireMonthintegerThe month the card expired or will expire
expireYearintegerThe 4-digit year the card expired or will expire
expiredDatedatetimeDate the card was set to status=Expired due to the customer never verifying the card.
firstNamestring (64)The card holder's first name as it should appear on the card
verbatim. See /card/initiate for restrictions.

See card name allowed special characters for more details
isDigitalOnlybooleantrue when created through /card/createDigital or /card/initiate and isCreateDualIssuanceSinglePAN = true and IsPhysicalCardOrdered = false' endpoints. A physical card shipped to the customer when true`.
isDualIssuanceSinglePANbooleantrue when created through /card/initiate endpoint with isCreateDualIssuanceSinglePAN set to true.
This type of a card will be functional as a digital card for use with mobile wallets and will have a physical card shipped to the customer if IsPhysicalCardOrdered was set to false' at card order and isDigitalOnlyis set tofalse`.
lastModifiedDatedatetimeDate when the object was last altered in any way. Note: This property updates when a card is locked or unlocked.
lastNamestring (128)The card holder's last name as it should appear on the card verbatim. See /card/initiate for restrictions.

See card name allowed special characters for more details
limitsarrayReserved for future use
lockReasonTypeCodeenumThe reason the lock was applied to the card. Possible values:
- UNK: Unknown
- STL: Stolen *
- LST: Lost *
- FRD: Suspected Fraud
- DMG: Physical Damage
- ADM: Administrative **
- TMP: Temporary
- PIN: PIN Retries Exceeded **

* Can be set via /card/hotlist API route only. Cannot be subsequently unlocked.

** Can be set via Admin Console or background processing only.
lockTypeCodeenumThe type of lock applied to the card. Possible values:
- UNL: Unlocked
- CST: Customer Locked (locked via the API, or, if a user of the Admin Console specifies the lock can be unlocked by the customer via the API)
- SYS: System Locked (locked via the Admin Console or an automated process; the Admin user specified customer should not be able to unlock it via the API or the network provider deemed the card is locked on their end so it was reflected as such in Helix) Note: customers can unlock most CST locks but none
of the SYS locks. See /card/unlock matrix for more details
middleNamestring (64)The card holder's middle name as it should appear on the card
verbatim. See /card/initiate for restrictions.

See card name allowed special characters for more details
nameOnCardstringThe name of the cardholder as it appears on the card
newPinstringThe new 4-digit (0-9 only) value to assign to the PIN. Must be encrypted using this public key and converted to base64 per RFC 4648. For example, if the new PIN is 1234 , the value for newPin would look something like the following:
ahbL0fFx/do4mBEpURziDUEJftK5OZKhIts5yThxDgHcmvC56vX/GGrnAenz an3PuO9ZYm353KB/jYqupR0/3UDs0i0PNoeFro3fE5eZZuB3UZzO3HGaf8dJ XSg63CDeqDnuSFCMOhMciZwolgx+jGrSncTt3wWvwysreQ9RFN0+pgJsD8TZ LqZ5oWG/sdUG1yQej8Q/S3HOMmmPou9FIh4H7ZPeQGnkydCxpOKhfuLXKjW8 gc5yhaKA8lmTio+rQ1nA+zDaG/TeNx8FYIBX2TwB8HBkLe1vfQNpVEE8A/H4 SvhxmHrajrZmg2BA9xP/f/JoFTk7mwgeOWYwSC7VnA==

This value will never be returned from the API.

Note: OAEP must be enabled during the encryption process. See program.publicKeyAlgorithms for language-specific details.
nickNamestring (50)A display-friendly name that applies to the card itself.
primaryAccountIdintegerThe accountId of the default account for this card. Should
be an account with type=Checking
qualifierCodestring (3)Optional property. Accepts any alphanumeric characters. Valid values are defined by Visa DPS at the time of bin creation.
reissuedDatedatetimeDate the card was set to a Reissued status due to calling
/card/reissue
requestedDatedatetimeDate the request to create the card was sent to the card provider
statusenumPossible values:
- Initiated
- Pending
- PendingVerification
- Verified
- Denied
- Expired
- Archived
- Reissued
- Hotlisted
- ReissuedPendingVerification
- AutoReissuedPendingVerification
- DigitalActivePhysicalInitiated
- DigitalActivePhysicalPending

See card.status for more details
tagstring (50)A caller-specified, unique identifier for this card. Must be unique within your program.
typeCodeenumPossible values:
- DBT: Debit (default value)
vendorTypeCodestringPossible values:
- VS: Visa (default value)
verifiedDatedatetimeDate the card was set to status=Verified via /card/verify