Card

These APIs are designed for you to be able to manage your consumer's cards easily, allowing you to set spending limits, modify the status of the cards, or view a list of cards that belong to a specific profile.

The Card resource

The primary resource that you will be interacting with when managing your user's cards.

tokentext

Token

profileIdnumber

Profile ID

clientIdtext

Client ID

status.valuetext

Status Text

status.allowedTransitions[n] (Deprecated)text

Transitionable Status
Deprecation Notice:
Will be removed from response starting 1st December 2023 and there will be no replacement.

cardHolderNametext

Name of the card holder

expiryDatetext

Date when the card will expire

lastFourDigitstext

Last 4 digits of the card number

bankIdentificationNumbertext

Bank identification number of the card

phoneNumbertext

Phone number of the card

cardProgram.nametext

Name of the card program

cardProgram.schemetext

Scheme of the card program. E.g. VISA or MASTERCARD

cardProgram.defaultCurrencytext

Default currency of the card. E.g. GBP

cardProgram.cardTypetext

Type of the card. E.g. PHYSICAL or VIRTUAL

creationTimetext

Time when the card is created

modificationTimetext

Time when the card was last modified

Table of available card status and descriptions

CodeDescription
ACTIVECard is active and can be used
INACTIVEPhysical card has not been activated
BLOCKEDCard is blocked and cannot be reversed back to any state
FROZENCard is “blocked” but temporarily
PARTNER_SUSPENDEDCard is suspended by Wise temporarily due to e.g. fraud reasons
EXPIREDCard is expired
PURGEDThe cardhoder data (e.g. PAN, PIN) have been purged after exceeds the retention period (540 days after the card is blocked or expired)
Card Resource
{
"token": "ca0c8154-1e14-4464-a1ce-dcea7dc3de52",
"profileId": 123456,
"clientId": "wise_api_docs",
"status": {
"value": "ACTIVE",
"allowedTransitions": [ // deprecated - no replacement
"FROZEN",
"BLOCKED"
]
},
"cardHolderName": "John Smith",
"expiryDate": "2028-05-31T00:00:00Z",
"lastFourDigits": "6320",
"bankIdentificationNumber": "459661",
"phoneNumber": "+441234567890",
"cardProgram": {
"name": "VISA_DEBIT_BUSINESS_UK_1",
"scheme": "VISA",
"defaultCurrency": "GBP",
"cardType" : "VIRTUAL_NON_UPGRADEABLE"
},
"creationTime": "2022-05-31T01:43:24.596321434Z",
"modificationTime": "2022-05-31T01:43:24.596321825Z"
}

The Spending resource

The Spending resource returns a set of limits for each type of transaction that the card can make.

typetext

The type of transaction. One of ATM_WITHDRAWAL, ECOM_PURCHASE, CHIP_WALLET_PURCHASE or GENERAL

limitsarray

A list of limits assigned to each transaction type

Spending Resource
{
"type": "GENERAL",
"limits": [
{
"type": "LIFETIME",
"usage": 2993.76,
"threshold": 5000.00,
"currency": "AUD",
"expiresAt": null
}
]
}

The Limits resource

The Limits resource returns information on the existing spending limits that are configured on your user's cards.

typetext

The type of limit. One of DAILY, WEEKLY, MONTHLY, LIFETIME

usagenumber

The total authorised amount on the card till date

thresholdnumber

The limit configured on the specific transaction type

currencytext

The currency code for the configured limits

expiresAttext

The time when the limit expires. If set to null, the limit is permanent. ISO-8601 timestamp with timezone (Z)

Limits Resource
{
"type": "LIFETIME",
"usage": 2993.76,
"threshold": 5000.00,
"currency": "AUD",
"expiresAt": null
}

The Permissions resource

The Permissions resource returns information on the existing permissions that are configured on your user's cards.

typetext

The type of transaction. One of ECOM, POS_CHIP, ATM_WITHDRAWAL, MOBILE_WALLETS

isEnabledboolean

A flag indicated if the permissions for a specific type are enabled

Permissions Resource
{
"type": "ECOM",
"isEnabled": false
}

Retrieve sensitive card details

The sensitive card details endpoint allows you to retrieve card data such as Primary Account Number, expiry date, CVV and PIN.

Wise is a PCI DSS compliant provider, and stores all of your Cards API data securely. The scope for PCI compliance depends on your use case and will impact how you integrate with Cards API.

Retrieve a list of cards linked to a profile

GET /v3/spend/profiles/{{profileId}}/cards?pageSize=10&pageNumber=1

Returns a list of cards that belong to a specific profileId.

FieldsTypeDefinitionRequired
pageSizeStringThe maximum number of cards to return per page. This number can be between 10 - 100, and will default to 10No
pageNumberStringThe page number to retrieve the next set of cards. The number has to be greater than 1, and will default to 1No
Example Request
curl -X GET https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards?pageSize=10&pageNumber=1 \
-H 'Authorization: Bearer <your api token>'

Response

FieldsTypeDefinition
totalCountIntegerThe total number of cards for this profileId
cardsList<Card>A collection of Cards for this profileId
Example Response
{
"cards": [
{
"token": "ca0c8154-1e14-4464-a1ce-dcea7dc3de52",
"profileId": 123456,
"clientId": "wise_api_docs",
"status": {
"value": "ACTIVE",
"allowedTransitions": [ // deprecated - no replacement
"FROZEN",
"BLOCKED"
]
},
"cardHolderName": "John Smith",
"expiryDate": "2028-05-31T00:00:00Z",
"lastFourDigits": "6320",
"bankIdentificationNumber": "459661",
"phoneNumber": "+441234567890",
"cardProgram": {
"name": "VISA_DEBIT_BUSINESS_UK_1",
"scheme": "VISA",
"defaultCurrency": "GBP",
"cardType": "VIRTUAL_NON_UPGRADEABLE"
},
"creationTime": "2022-05-31T01:43:24.596321434Z",
"modificationTime": "2022-05-31T01:43:24.596321825Z"
}
],
"totalCount": 1
}

Retrieve details for a card

GET /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}

Retrieves a card based on the cardToken provided.

Example Request
curl -X GET https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}} \
-H 'Authorization: Bearer <your api token>'

Response

Returns a Card resource.

Example Response
{
"token": "ca0c8154-1e14-4464-a1ce-dcea7dc3de52",
"profileId": 123456,
"clientId": "wise_api_docs",
"status": {
"value": "ACTIVE",
"allowedTransitions": [ // deprecated - no replacement
"FROZEN",
"BLOCKED"
]
},
"cardHolderName": "John Smith",
"expiryDate": "2028-05-31T00:00:00Z",
"lastFourDigits": "6320",
"bankIdentificationNumber": "459661",
"phoneNumber": "+441234567890",
"cardProgram": {
"name": "VISA_DEBIT_BUSINESS_UK_1",
"scheme": "VISA",
"defaultCurrency": "GBP",
"cardType" : "VIRTUAL_NON_UPGRADEABLE"
},
"creationTime": "2022-05-31T01:43:24.596321434Z",
"modificationTime": "2022-05-31T01:43:24.596321825Z"
}

Set the status of a card

PUT /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/status

Modifies the card status.

FieldsTypeDefinitionRequired
statusStringThe status that you want to update the card to. One of ACTIVE, FROZEN or BLOCKEDYes

The definition for the status values are:

  • ACTIVE - the card is active and usable
  • FROZEN - the card is temporarily frozen resulting in all authorisation requests to be declined
  • BLOCKED - the card is irreversibly blocked and is no longer usable
Example Request
curl -X PUT https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/status \
-H 'Authorization: Bearer <your api token>' \
-H 'Content-Type: application/json' \
-d '{
"status": "ACTIVE"
}'

Response

Returns a Card object.

Example Response
{
"token": "ca0c8154-1e14-4464-a1ce-dcea7dc3de52",
"profileId": 123456,
"clientId": "wise_api_docs",
"status": {
"value": "ACTIVE",
"allowedTransitions": [ // deprecated - no replacement
"FROZEN",
"BLOCKED"
]
},
"cardHolderName": "John Smith",
"expiryDate": "2028-05-31T00:00:00Z",
"lastFourDigits": "6320",
"bankIdentificationNumber": "459661",
"phoneNumber": "+441234567890",
"cardProgram": {
"name": "VISA_DEBIT_BUSINESS_UK_1",
"scheme": "VISA",
"defaultCurrency": "GBP",
"cardType" : "VIRTUAL_NON_UPGRADEABLE"
},
"creationTime": "2022-05-31T01:43:24.596321434Z",
"modificationTime": "2022-05-31T01:43:24.596321825Z"
}

Retrieve spending limits for a card

GET /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits

Retrieves the spending limits set for a specific card.

Example Request
curl -X GET https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits \
-H 'Authorization: Bearer <your api token>'

Response

FieldsTypeDefinition
spendingsList<Spending>A collection of Spending resources
Example Response
{
"spendings": [
{
"type": "GENERAL",
"limits": [
{
"type": "TRANSACTION",
"usage": 0,
"threshold": 100.00,
"currency": "GBP",
"expiresAt": null
},
{
"type": "DAILY",
"usage": 0,
"threshold": 500.00,
"currency": "GBP",
"expiresAt": "2023-07-17T23:00:00Z"
},
{
"type": "MONTHLY",
"usage": 0,
"threshold": 1000.00,
"currency": "GBP",
"expiresAt": "2023-07-31T23:00:00Z"
},
{
"type": "LIFETIME",
"usage": 0,
"threshold": 100.00,
"currency": "GBP",
"expiresAt": null
}
]
}
]
}

Set spending limits for a card

PATCH /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits

Set or change card spending limits. Card limits cannot surpass profile level limits. See Retrieve spending limits for a profile.

FieldsTypeDefinition
cardLimitTypeStringThe type of limit to set. One of TRANSACTION, DAILY, MONTHLY, LIFETIME
maxLimitAmountFloatThe maximum amount allowed to be spent for the chosen type
Example Request
curl -X PATCH https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits \
-H 'Authorization: Bearer <your api token>' \
-H 'Content-Type: application/json' \
-d '{
"cardLimitType": "LIFETIME",
"maxLimitAmount": 5000.00
}'

Response

Returns a 200 - No Content

Delete spending limits for a card

DELETE /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits/{{cardLimitType}}

Delete the limits for a specific card.

FieldsTypeDefinition
cardLimitTypeStringThe type of limit to set. One of TRANSACTION, DAILY, MONTHLY, LIFETIME

Response

Returns a 200 - No Content

Example Request
curl -X DELETE https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-limits/{{cardLimitType}} \
-H 'Authorization: Bearer <your api token>'

Retrieve permissions for a card

GET /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-permissions

Retrieves permissions for a card.

Response

FieldsTypeDefinition
permissionsList<Permissions>A collection of Permissions resources
Example Request
curl -X GET https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-permissions \
-H 'Authorization: Bearer <your api token>'
Example Response
{
"permissions": [
{
"type": "ECOM",
"isEnabled": false
},
{
"type": "POS_CHIP",
"isEnabled": true
},
{
"type": "ATM_WITHDRAWAL",
"isEnabled": false
},
{
"type": "MOBILE_WALLETS",
"isEnabled": true
}
]
}

Modifying permissions for a card

PATCH /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-permissions

Enable or disable permissions on a card.

FieldsTypeDefinition
typeStringOne of ECOM, POS_CHIP, POS_MAGSTRIPE,ATM_WITHDRAWAL, POS_CONTACTLESS,MOBILE_WALLETS
isEnabledBooleanA flag indicating if the permissions for a specific type are enabled

Response

Returns a 200 - No Content

Example Request
curl -X PATCH https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/spending-permissions \
-H 'Authorization: Bearer <your api token>'
--d '{
"type": <permission type>,
"isEnabled": <true or false>
}'

Update phone number associated with a card

PUT /v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/phone-number

Update the phone number of a card. The new phone number must be a valid phone number.

FieldsTypeDefinitionRequired
phoneNumberStringMust be a valid phone number prefixed with + and country code. An example of a valid phone number would be +6588888888Yes
Example Request
curl -X PUT 'https://api.sandbox.transferwise.tech/v3/spend/profiles/{{profileId}}/cards/{{cardToken}}/phone-number' \
--H 'Authorization: Bearer <your api token>' \
--d '{
"phoneNumber": "+6588888888
}'

Response

FieldsTypeDefinition
tokenStringThe card token that you are modifying
profileIdStringThe profile ID that the card is linked to
phoneNumberStringThe new phone number associated with the card
Example Response
{
"token": "12345-12345-12345-12345",
"profileId": 30000000,
"phoneNumber": "+6588888888"
}