Building Your Powered By Marqeta Card Program
With Powered By Marqeta (PxM) card program configuration, Marqeta assists with certain configuration elements, then enables you to use the platform independently.
This page summarizes the processes and requirements for hosting a Powered By Marqeta program.
Launching a PxM program
Copy section link
With Powered By Marqeta configuration, you and Marqeta share responsibilities throughout the lifetime of your card program. The table below lists the primary tasks related to launching a Powered By card program.
| What You Are Responsible For | What Marqeta Is Responsible For |
|---|---|
|
|
During your integration with Marqeta, you or a third party need(s) to stand-up and build infrastructure to process notifications and interactions with the Marqeta API. The minimum requirements for an integration with Marqeta are outlined below.
-
A webhook endpoint that receives and parses all events and responds with a 200 response within five seconds of acknowledging an event receipt. Data sent to the endpoint supports direct reconciliation and ledger management.
-
A SSH File Transfer Protocol (SFTP) server that Marqeta’s SSH key can access, which allows Marqeta to place an encrypted settlement file on the server. You must provide a GNU Privacy Guard (GPG) key to complete reconciliation. Settlement files are sent to the server on a daily basis.
-
A platform that manages your card program through Marqeta’s APIs, such as card products, velocity controls, and Commando Mode (if applicable).
-
If your program includes Just-in-Time (JIT) Funding, a gateway endpoint that receives Gateway JIT requests and provides responses that approve or decline authorizations within a three-second time window.
Sales process
Copy section link
Your contact with Sales begins with the Marqeta Sales Development representative who inquires about your use case to determine if there is a fit with the Marqeta platform.
Sales Process Step 1 — Sales engagement
Copy section link
You will be introduced to a Business Development representative who will start a pricing and feasibility assessment.
Sales Process Step 2 — Sales engineering consultation
Copy section link
Engaging with a Sales Engineer provides a solid starting point for integrating with the Marqeta platform.
The level of detail your Sales Engineer goes into here depends on the nature and complexity of the card program you are developing. Typical outcomes include:
-
Understanding and scoping your card program to provide you with an overview of how Marqeta’s products and capabilities can best serve you.
-
Being your development team’s initial point of contact for all technology and product questions.
This is a great opportunity to benefit from Marqeta’s in-depth expertise and established best practices while getting started.
A final agreed-upon card program configuration is documented in a Statement of Work in Sales Process Step 3 as you move through the onboarding process.
Sales Process Step 3 — Proposal / SOW
Copy section link
Marqeta generates a proposal or Statement of Work (SOW) that provides clarity and transparency to the engagement. The SOW describes the card program configuration, as well as the responsibilities of both parties, the associated pricing, and the project timeline.
Sales Process Step 4 — Signed contract
Copy section link
Marqeta prepares a Master Service Agreement (MSA) based on the SOW. After you and Marqeta have signed the MSA, the due diligence and integration verification processes begin.
Due diligence
Copy section link
Before you can operate in the payments space with Marqeta, Marqeta must collect information about your business to assess your company’s practices and overall health in a process known as due diligence. The due diligence process gives Marqeta context about your company and your program, including legal documents (e.g., articles of incorporation), financial statements, and policies/procedures (e.g., information security policy). Your Marqeta Delivery representative will elaborate on your due diligence documentation requirements during the onboarding process.
Integration verification
Copy section link
Marqeta drives your integration by gathering key data points about your program that describe how you will leverage the Marqeta platform to build your card program and serve your customers. It’s vital that you review these data points to confirm their accuracy.
Marqeta provides best practices and ways to resolve potential issues so you can configure the Marqeta platform to best solve your business needs.
Integration Verification Step 1 — Technical advisement
Copy section link
As you set up your integration with the Marqeta platform, your Marqeta Delivery representative will provide customized recommendations for your card program.
Integration Verification Step 2 — Private sandbox access
Copy section link
Marqeta provisions your private sandbox environment, provides you with access keys, and adds your system’s IP addresses to the allow list. If you need to use Payment Card Industry (PCI) compliant widgets or the Marqeta.js library, Marqeta provisions them for you at this time.
Integration Verification Step 3 — Onboarding checkpoints
Copy section link
Throughout the early stages of the development process, your Marqeta Delivery representative holds weekly onboarding checkpoint meetings with you and other stakeholders. In addition, you will be invited to a private Slack channel where your questions will be answered by directing you to relevant documentation.
During this time, you should be creating the basic components of your card program. You are responsible for the following common tasks:
-
Creating and configuring card products
-
Creating and managing users
-
Creating and managing cards
-
Creating and managing spend controls at the card product level
-
Creating and managing controls at the user and card level
Integration Verification Step 4 — Simulating transactions
Copy section link
Marqeta expects you to be able to simulate core transaction endpoints within the simulation suite and provide evidence that you can appropriately approve and decline transactions through Just-in-Time (JIT) Funding.
For more information, see Users, Cards, and Simulating Transactions.
Integration Verification Step 5 — Just-in-Time (JIT) Funding review
Copy section link
Note
A JIT Funding review is only required for card programs that include JIT funding.After you successfully pass your first card program review, you are ready to start migrating your code to your production environment.
Integration Verification Step 6 — Go live
Copy section link
Marqeta has provided you with production credentials to transition your card program configuration to a live environment.
As referenced in the signed contract, your card program configuration is now considered to be in "go live" state.
Integration Verification Step 7 — Live testing
Copy section link
Your Marqeta Delivery representative will assist you with performing User Acceptance Testing in your live environment, focusing on authorizing and clearing transactions. Once both parties are adequately satisfied, your card program configuration will be ready for launch.
Security verification
Copy section link
For all Marqeta customers, security is viewed as an ongoing relationship rather than a one-time check. As part of the integration verification, Marqeta’s Security Team scans your environment to confirm a secure connection and to highlight any risks that need to be resolved. You supply the Marqeta Security Team with production IP addresses. The Marqeta Security Team performs a security scan of your environment within two business days.
-
If the scan is successful, your production IP addresses are added to the Marqeta firewall.
-
If vulnerabilities are discovered, Marqeta will provide you with corrective measures and guidance on the specific changes you need to make to secure your environment. Contact Marqeta to repeat the security scan after applying these measures.
Launch
Copy section link
Your card program is live, and you are ready for launch. In preparation for launch, customers typically opt for testing with a friend or family member, or with limited beta, as they start to see real cardholders use the system. After a successful beta period, customers ramp to their wider target market. Once you are in production, you can look to scale and extend your offerings with risk control and 3D Secure.