/

15 minute read

November 10, 2020

Control Center in the Dashboard

The Control center allows you to manage dashboard options and users, including:

Commando Mode

Enable and disable Commando Modes and view Commando Mode control set details.

User Management

Manage Marqeta Dashboard users by controlling access, viewing and editing user information, adding users, and defining roles.

Audit Logs

View audit logs for customer and business records.

ACH management

Enable ACH direct deposit.

PIN Reveal

Display cardholder forgotten PINs to them via mobile application.

3D Secure

Enable and configure 3D Secure options.

Control center

Is this helpful?

Commando Mode

If your system cannot respond to a Gateway JIT Funding request, the Marqeta platform can use Commando Mode to make authorization decisions on your behalf based on defined business rules. The Marqeta platform stores any unsent webhooks for later transmission, so that card states and account balances on your system correspond with activity that occurred while Commando Mode was in effect.

Commando mode

Is this helpful?

Enabling or disabling Commando Mode

To enable or disable Commando Mode:

  1. Go to Control center > Commando mode.

  2. Select Enable or Disable for the token of the Commando Mode control.

  3. In the popup window, enter a reason and select Enable Commando Mode or Disable Commando Mode.

Viewing Commando Mode control information

To view Commando Mode control information:

  1. Go to Control center > Commando mode.

  2. Select View for the token of the Commando Mode control set to view.

Commando mode control information

Field Description

Last Enabled By

The user who most recently enabled the Commando Mode control set.

Last Enabled Reason

The reason that the Commando Mode control set was last enabled.

Last Enabled Channel

The mechanism that most recently changed the Commando Mode control set’s state: API or SYSTEM

Details

This tab shows details for Real Time Stand In Info.

Field Description

Enabled

If true, Commando Mode is automatically enabled by events defined in the real_time_standin_criteria object; if false, Auto Commando Mode is not enabled.

Include Connection Errors

If true, a non-timeout connection error automatically enables Commando Mode when real_time_standin_criteria.enabled is also true.

Include Response Errors

If true, a gateway response slower than 3000 milliseconds automatically enables Commando Mode when real_time_standin_criteria.enabled is also true.

Include Application Errors

If true, an application error (any non-connection, non-timeout error) automatically enables Commando Mode when real_time_standin_criteria.enabled is also true.

Protected Funding Source

Field Description

Name

The name of the funding program.

URL

The URL of the gateway endpoint hosted in your environment, to which POST messages are submitted by Marqeta.

Active

Indicates whether the program gateway funding source is active.

Token

The unique identifier of the funding source.

Timeout Milliseconds

Total timeout in milliseconds for gateway processing.

Account

Funding source account.

Created

A timestamp of when this Commando Mode was created in the Marqeta API.

Last Modified

A timestamp of when this Commando Mode was last updated in the Marqeta API.

Velocity controls

This table provides information on the velocity control set defined for this Commando Mode.

Field Description

Token

The unique identifier of the velocity control set.

Name

The name of the funding program.

Usage Limit

Maximum number of times (between 0 and 100) a card can be used within the time period defined by the velocity_window field.

Approvals Only

If true, only approved transactions are subject to control.

Include Purchases

Indicates whether purchases are subject to control.

Include Withdrawals

Indicates whether ATM withdrawals are subject to control.

Include Transfers

Indicates whether transfers are subject to control.

Include Cashback

Indicates whether cashbacks are subject to control.

Currency Code

The three-character ISO 4217 currency code: USD or CAD.

Amount Limit

The maximum monetary sum that can be cleared within the time period defined by the Velocity Window field.

Velocity Window

Defines the time period to which the amount_limit and usage_limit fields apply:

  • DAY – one day; days begin at 00:00:00.

  • WEEK – one week; weeks begin Mondays at 00:00:00.

  • MONTH – one month; months begin on the first day of month at 00:00:00.

  • LIFETIME – forever; time period never expires.

  • TRANSACTION – a single transaction.

If set to DAY, WEEK, or MONTH, the velocity control takes effect retroactively from the beginning of the specified period. The amount and usage data already collected within the first period is counted toward the limits.

Active

Indicates whether the program gateway funding source is active.

Auth controls

This table describes the authorization controls defined for this Commando Mode control set.

Field Description

Token

The unique identifier of the auth controls.

Name

The name of the auth controls.

Start Time

The starting time for the auth controls.

End Time

The ending time for the auth controls.

Active

Indicates whether the auth controls are active.

Transitions

This tab provides details for each of the transitions for this Commando Mode control set.

Field Description

Enabled

Indicates the current status of the Command Mode control set.

Reason

The reason the current state of the Commando Mode control set was changed.

Channel

The mechanism that changed the Commando Mode control set’s state: API or SYSTEM

Username

Identifies the user who changed the Commando Mode control set’s state.

Token

The unique identifier of the Commando Mode transition.

Type

The type of transition: enabled or disabled.

Commando Mode Token

The unique identifier of the Commando Mode control set.

Created

The date and time that the transition was created.

Name

The name of the transition.

User management

The User Management allows you to manage access to the Marqeta Dashboard. You can:

  • View user information.

  • Add users and edit user information.

  • Define user roles.

  • Enable and disable users.

  • Impersonate users.

User management

Is this helpful?

View user information

To view user information, go to Control Center > User management. The Users tab lists current users along with the following information:

Column Description

Email

The user’s email address. An invitation to join is sent to this address.

Status

The user’s status: Active or Disabled.

Slack handle

The user’s Slack handle, if any.

First name

The user’s first name.

Last name

The user’s last name.

Org name

The user’s organization.

Org type

The type of organization, such as Customer, Bank, or Card Network.

Programs

Programs whose information the user can view.

Role

The user’s role: Viewer or Admin.

Department

The user’s department within in the organization.

Supplements

Supplemental level of data control for the user, if any: Detail or PII.

Date created

The date when the user was added.

Date updated

The most recent date when the user’s information was updated.

Filtering by column

To filter rows by column, enter the sequence of letters you want to filter on in the text box at the top of the column. As you type, the matching rows are filtered dynamically.

Adding users

To add a user:

  1. In the Users tab, select Add user.

  2. In the popup window, enter the user’s information. For Role, choose a one of the roles, as described in Roles below. For Department, choose one or more described in Departments below.

  3. Select Add user. The user receives an email invitation to join.

Note
By default, access to personally identifiable information (PII) is denied. Access can only be granted with accordance to your company and the issuing bank’s privacy and information security policies.

If a user needs access to PII, submit a request to analytics@marqeta.com providing user information along with brief but complete explanation of why PII access is needed. For example, "Customer service rep needs PII access to resolve customer KYC issues." Users should be granted the lowest level of access required to fulfill their job responsibilities. If you have any questions, contact your Marqeta representative or send your question to analytics@marqeta.com.

Resending an invitation

To resend an invitation:

  1. Go to Control center > User management, and select the row for the user.

  2. In the Edit User pane, select Resend Invite.

Editing a user’s information

To edit a user’s information:

  1. Go to Control center > User management, and select the row for the user.

  2. In the Edit User pane, update any of the user’s basic information, or add and remove programs, departments, roles, and supplements as necessary.

  3. Select Save.

Enabling and disabling users

To disable a user:

  1. Go to Control center > User management, and select the row for the user.

  2. To disable an active user, select Disable User in the Edit User pane, and then select Save. The status for that user changes to Disabled in the Status column.

To enable a disabled user:

  1. Go to Control center > User management, and select the row for the user.

  2. To enable a disabled user, select Enable User and then select Save. The status for that user changes to Active in the Status column.

Impersonating a user

If you have the Admin or Support role, you can impersonate some users, as described in Roles below.

To impersonate another user:

  1. In Control center > User management, select the row for the user.

  2. In the Edit User window, select Act as <user_name>. The Dashboard as seen by the selected user is displayed, where you can act as that user.

  3. When you have finished, select End at the bottom.

Roles

Roles define the privileges that are available to dashboard users. Users can be assigned the following roles:

Column Description

Admin

Can create and modify Viewer and Support accounts with the same domain names as their own, revoke their credentials, impersonate users that they have provisioned, and view reports.

Support

Can view reports and impersonate other users with the Viewer privilege in the same program as their own.

Viewer

Can only view reports.

Departments

The Departments reflect the organization for a typical business. You can assign one or more departments to a user. The following departments are available:

Column Description

Analytics

Works with data to interpret patterns and trends to improve business decision-making, reduce fraud, and provide deeper business insights.

Business Development

Creates long-term value by interpreting markets, customers, and business relationships.

Compliance

Ensures that the organization complies with applicable laws and regulations, helping preserve the organization’s integrity and reputation.

Customer Service

Assists customers in making effective use of company products.

Customer Success

Proactively ensures that customers successfully and efficiently use the company’s products.

Engineering

Researches, designs, and implements the technical development of financial products.

Finance - Other

Manages company finances, including financial planning, auditing, accounting, and produces financial statements.

Finance - Settlement

Ensures that funds transferred between the merchant’s and the card user’s bank are successfully concluded. Additionally, the Settlement team reconciles the daily drawdowns from card networks to internal data to ensure appropriate funds movement and identifies exceptions in internal transactional data.

General

Business activities that do not fall within a specific business department.

Human Resources

Responsible for employee well-being, including payroll, benefits, hiring, firing, and staying up to date with tax laws.

Legal

Provides legal advice on business issues, drafting commercial agreements, ensuring the company complies with applicable laws and regulations, and prepares required legal documents.

Marketing

Researches markets and potential customers, promotes the company business, and drives sales of company products and services.

Operations

Manages the strategic and day-to-day production of products and the delivery of services.

Product Management

Manages a product through all stages of the product lifecycle, including the people and processes required to produce the product or service.

Program Management

Manages several projects with the intention of coordinating diverse efforts and improving the company’s performance.

QA

Tests company products and services in order to prevent errors and defects.

Sales

Sells company products by building relationships with customers, matching them with the company’s products and services, and providing a direct link between the company’s product or service and its customers.

Audit logs

As information is modified on the Marqeta platform, such as server names, user names, actions are performed, and data updated, these changes are captured and logged to Marqeta’s central logging service. Audit Logs provides a view of these logs to help you trace the details of these actions.

To view audit logs, go to Control Center > Audit logs. Audit log records are listed, and include the following information:

Column Description

id

Automatically assigned unique ID for the action.

User Name

The user performing the action.

App Name

The application that logged the action, such as the Marqeta Dashboard or GraphQL.

Record id

The record id associated with the call, if any.

Record Operation

The name of the query or mutation (in the case of GraphQL) or rails action (index, show, create, update, or destroy).

Record Type

The primary business object operated on, such as user or business.

Program

The program shortcode.

Created Time

The time that the action was created.

Remote ip Address

The remote IP address where the action was generated.

User Role

The list of roles for the user performing the action.

Http Status Code

The status code returned by the action.

Http Params

The parameters associated with the request, such as {"first_name":"test","last_name":"test"}.

Event Type

The type of event, such as http_request or graphql_request.

App Server Name

The application server that generated the action.

Http Path

The HTTP path, such as /changepassword or /businesses/search.

Http Method

The http method, such as PUT or POST.

Old Value

The value before the action.

New Value

The value after the action.

Notes

Notes related to the action, if any.

Extra Info

Additional information about the action, if any.

ACH management

Use ACH management to enable direct deposit for an account. To enable direct deposit:

  1. Go to Control center > ACH management.

  2. Enter the Routing number and Account number prefix.

  3. Select Enable.

PIN Reveal

Using PIN Reveal you can display a cardholder’s forgotten PIN to them via your mobile application. With PIN Reveal, the online PIN is less likely to fall out of sync with the PIN stored on the chip because cardholders can reveal their existing PIN instead of resetting it to a new value.

Revealing a cardholder’s PIN requires compliance with PCI DSS data security requirements.

Enabling PIN Reveal

You must first request that Marqeta enable this feature for your program, then explicitly provision PIN Reveal for the program.

To provision PIN Reveal:

  1. After Marqeta has enabled PIN Reveal for your program,

  2. Go to Control center > PIN Reveal.

  3. Move the Provision PIN Reveal toggle to the right to activate.

  4. Select Save settings.

Opt in Status shows the current status for the program. Possible values are Disabled, Pending program approval, or Program approved.

Viewing PIN Reveal history

PIN Reveal displays the three most recent events in the upper-right. To view a complete PIN Reveal history for the current program, select View full history.

3D Secure

3D Secure allows you to provide your customers with an added layer of protection against fraudulent online credit and debit card transactions. Supported by most card issuers, 3D Secure requires cardholders to complete an additional verification step with the issuer before a transaction is authorized.

By enabling 3D Secure, you can decrease the number of disputed transactions. 3D Secure boosts customers' confidence and helps you establish greater trust with them. For more information on 3D Secure, see About 3D Secure.

Your customers will verify their transactions using a secure code sent by SMS or email. You can provide a customer support number your customers can call if they have questions or concerns about 3D Secure.

Enabling 3D Secure

Your customers will use a one-time passcode (OTP) to verify their transactions, which requires them to enter a secure code sent by SMS or email.

Home

Is this helpful?

To enable 3D Secure:

  1. Go to Control center > 3D secure.

  2. Select Enable 3D Secure.

  3. Select the messages versions to support for this program. Support for V1.0.2 is required. You can add additional versions to support. Enabling support for versions other than v1.0.2 provides heightened protection against fraudulent transactions, but requires additional integration work to set up. Support of v2.2.0 is for Visa programs only.

  4. To provide a customer support number for your customers to call if they have questions or concerns about 3D Secure, enter a complete number including area code.

  5. If you want to provide a no-reply email address, enter an unmonitored email address such as noreply@yourdomain.com from the domain your customers typically associate with your brand. If none is provided, noreply@marqeta.com will be used. A verification link will be sent to this address during initial setup.

  6. If you would like an issuer logo to appear in the OTP emails your customers receive, select Upload and choose an image file. Supported formats are .png, .jpeg, .tiff, and .bmp. Maximum file dimensions are 47 pixels (height) x 140 pixels (width). Maximum file size is 5 MB.

3D Secure Decision and Result services

Enable this pair of services to allow Marqeta to manage 3DS Strong Customer Authentication (SCA) decisions for your program.

3D Secure Decision service

The 3D Secure Decision Service enables you to configure and implement Marqeta’s 3D Secure decision-making policy instead of developing or hosting your own solution. 3D Secure Decision Service rules determine whether the system applies SCA to an incoming transaction authentication request or exempts it. Enabling this service strikes a balance between your customers' frictionless experience and the risk of fraud.

3D Secure Result service

The 3D Secure Results Service is used to trigger the Marqeta platform to update the result of the cardholder’s SCA challenge. It informs the 3D Secure Decision Service whether or not the Strong Customer Authentication (SCA) has succeeded, which is required to score future transactions by this cardholder more accurately.

To enable 3D Secure Decision and Result services, configure your program attributes by providing a URL and login credentials:

  1. Toggle Enable 3D Secure Decision and Result services to the right.

  2. For 3D Secure Decision service program attributes, enter the fully qualified domain name (FQDN) of the endpoint where you want event notifications to be sent, for example https://www.yourdomain.com/webhook. The URL cannot exceed 200 characters in length.

  3. Enter the username associated with the user authorized to access the endpoint specified in the Endpoint URL field. The username cannot exceed 500 characters in length.

  4. Enter a password for the username used to access the endpoint specified by the Endpoint URL field. The password you choose must be between 8 and 500 characters in length.

  5. To use the same program attributes for 3D Secure Results service program that you entered for 3D Secure Decision service program, select the Use my 3D Secure Decision service program attributes checkbox. Otherwise, enter the endpoint URL, username, and password.

Advanced authentication service

Enable Advanced authentication services to allow Marqeta to manage 3DS Strong Customer Authentication (SCA) decisions for your program.

  1. Toggle Enable Advanced authentication services to the right.

  2. Enter the fully qualified domain name (FQDN) of the endpoint where you want event notifications to be sent, for example https://www.yourdomain.com/webhook. The URL cannot exceed 200 characters in length.

  3. Enter the username associated with the user authorized to access the endpoint specified in the Endpoint URL field. The username cannot exceed 500 characters in length.

  4. Enter a password for the username used to access the endpoint specified by the Endpoint URL field. The password you choose must be between 8 and 500 characters in length.

Have any feedback on this page?

If you feel we can do anything better, please let our team know.

We strive for the best possible developer experience.